当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-011910

漏洞标题:100e SQL注入漏洞

相关厂商:100e.com

漏洞作者: hongygxiang

提交时间:2012-09-08 22:52

修复时间:2012-10-23 22:53

公开时间:2012-10-23 22:53

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-09-08: 细节已通知厂商并且等待厂商处理中
2012-09-09: 厂商已经确认,细节仅向厂商公开
2012-09-19: 细节向核心白帽子及相关领域专家公开
2012-09-29: 细节向普通白帽子公开
2012-10-09: 细节向实习白帽子公开
2012-10-23: 细节向公众公开

简要描述:

100e SQL注入,裤子严重不保唉;能不能来个给力的礼物?

详细说明:


注射点:http://passport.100e.com/register/new/zone.aspx?fid=25
这个射入点需要抓一抓,
1、SQL注入,fid过滤不严
2、管理账号密码是明文哦
3、member_是简单的MD5加密、

漏洞证明:


tables有点长;
Active_Love_Order
Admin
Admin_Member
Admin_MemberRight
Admin_Question
Admin_Record
Admin_Right
Article_Media
Article_Notice
Article_UserTip
BenefitCode
CPUErrLog
CS_Phone_Record
CS_Record
CS_Work
CS_Work_Result
Chat_AddFriend
Chat_Friend
City_GuestBook
City_Post
City_RecommendBook
City_ServerInfo
CommendBook
CommendUser
CreditCard_info
Dealer
DealerChargeUser
DealerPayRecord
DealerUser
DownloadParth
EC_Check_Login
EC_MainProduct_Area
EC_MainProduct_Career
EC_MainProduct_Client
EC_MainProduct_Free
EC_MainProduct_UseRelate
EC_MainProduct_Version
EC_Order_Client
EC_Order_Course
EC_Order_Offline
EC_Order_VIPLog
EC_Promotion
EC_Score_Use
EC_SubProduct
EC_SubProduct1
EC_Subproduct_2
EC_UserOrder
EC_swf_FileHeight
ErrTemp
FAQ
FAQ_Category
Flash_Category
Flash_Product
Head_Size
KeyCode
MarketFreeUser
Member_Career
Msg_In
Msg_Out
My100e_Book
My100e_Sentence
OnlineUserCount
PayOut_Record
PayOut_Type
Pay_Agency
Pay_Apply
Pay_CallOrder
Pay_Cart
Pay_ChargeAmountType
Pay_ChargeCode
Pay_ChargeCode_Bak_NoChargeDate
Pay_ChargeCode_Ban
Pay_ChargeCode_Inspirit
Pay_ChargeCode_ServiceDate
Pay_ChargeCode_ServiceTime
Pay_ChargeCode_SubProduct
Pay_Record
Pay_Record_Ambow
Pay_Record_Free
Pay_Record_FreeChargeCode
Pay_Record_JS
Pay_UserType
ProductContent
ProductsCategory
ProductsCategory_Ancestor
ProviderUsers
Provider_Apply
Provider_Member
Provider_Pay
Providers
Seller_AgencyType
Seller_Apply
Seller_City
Seller_Member
Seller_Member_Info
Seller_Order
Seller_Order_Cancel
Seller_Order_True
Seller_Pay
Seller_PayType
Seller_School_Apply
Seller_School_Member
Seller_Service
Table_Noise
Teacher
Teacher_Apply
Teacher_Assign
Teacher_Member
Teacher_Order
Teacher_Video
UpLoadTypes
UserInfoForDisk
UserInfoForDiskSummary
UserInspirit_AdvanceReturn
UserInspirit_Bonus
UserInspirit_Receipt
UserSummary
UserUploads
UserUploadsBBS
VIPUnion
Zone_City
Zone_Country
Zone_Province
mymember
mymember_LogIn

修复方案:

各种过滤;

版权声明:转载请注明来源 hongygxiang@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:20

确认时间:2012-09-09 07:12

厂商回复:

负债太多 正在全面整理 先谢谢

最新状态:

暂无