当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0146212

漏洞标题:中国东方航空某系统SQL注射一枚(时间盲注/34个库)

相关厂商:中国东方航空股份有限公司

漏洞作者: Xmyth_夏洛克

提交时间:2015-10-12 17:25

修复时间:2015-11-27 21:00

公开时间:2015-11-27 21:00

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-12: 细节已通知厂商并且等待厂商处理中
2015-10-13: 厂商已经确认,细节仅向厂商公开
2015-10-23: 细节向核心白帽子及相关领域专家公开
2015-11-02: 细节向普通白帽子公开
2015-11-12: 细节向实习白帽子公开
2015-11-27: 细节向公众公开

简要描述:

RT

详细说明:

上航旅游分站
http://bus.satrip.com/Login.aspx

登陆页面.png


爆破出一账号

爆破.jpg


登陆
其中一处查询页面存在注入

注入点.png


POST /CCWeb/DocInfo.aspx HTTP/1.1
Host: bus.satrip.com
Content-Length: 18533
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://bus.satrip.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://bus.satrip.com/CCWeb/DocInfo.aspx
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Cookie: ASP.NET_SessionId=2p4s5t45opi50055ehxgqm45
__onceClickBtn=&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=dDwxMTE5NjU4Mzk5O3Q8cDxsPFVzZXJOYW1lO0RlcGFydG1lbnQ7R3JvdXBfSW5mbztDb21wYW55Oz47bDzlvKDls7A75YWl5aKD5pel5pys6L
%2BR55W%2F6JCl5Lia6YOoO%2Bi1hOaWmeS4reW%2Fg%2BafpeivojvlhaXlooPml4XmuLjliIblhazlj7g7Pj47bDxpPDE%2BOz47bDx0PDtsPGk8MT47aTwzPjtpPDU
%2BO2k8Nz47aTw5PjtpPDExPjtpPDEzPjtpPDE3PjtpPDE5PjtpPDIxPjtpPDIzPjtpPDI2PjtpPDI4PjtpPDMwPjtpPDM0PjtpPDQxPjtpPDQyPjtpPDQzPjs
%2BO2w8dDx0PHA8cDxsPERhdGFUZXh0RmllbGQ7RGF0YVZhbHVlRmllbGQ7PjtsPE5vcm1hbF9Db2RlO05vcm1hbENvZGVfSUQ7Pj47Pjt0PGk8ND47QDxcZTvlhazlkYrmiJbpgJrnn6U75Zu%2B54mHO%2BaWh%2Bahozs
%2BO0A8XGU7MjcyOzI1NDsyNTU7Pj47Pjs7Pjt0PHQ8cDxwPGw8RGF0YVRleHRGaWVsZDtEYXRhVmFsdWVGaWVsZDs%2BO2w8Tm9ybWFsX0NvZGU7Tm9ybWFsQ29kZV9JRDs
%2BPjtwPGw8b25jaGFuZ2U7PjtsPEdldENvcnJlc3BvbmRUeXBlKClcOzs%2BPj47dDxpPDEwPjtAPFxlO%2BaKpeWQjeaEj%2BWQkeS5pjvlhazlkYrmiJbpgJrnn6U75Zu95a62O%2BaZr
%2BeCuTvphZLlupc76YWS5bqX5Y2P6K6uO%2BWGhemDqOe9kTvnrb7or4E755yB5biC5Y6%2F5oiW5pmv5Yy6Oz47QDxcZTs4MTk7Mjc3OzI1NjsyNTc7MjYwOzI3MzsyNjE7Mjc0OzI1OTs%2BPjs%2BOzs
%2BO3Q8dDxwPHA8bDxEYXRhVGV4dEZpZWxkO0RhdGFWYWx1ZUZpZWxkOz47bDxDb3VudHJ5X0NuYW1lO0NvdW50cnlfSUQ7Pj47cDxsPG9uY2xpY2s7PjtsPEdldFBhZ2VQcm92aW5jZSgpXDs7Pj4%2BO3Q8aTwyMDY
%2BO0A8XGU76Zi%2F5bCU5be05bC85LqaO%2BmYv%2BWwlOWPiuWIqeS6mjvpmL%2Flr4zmsZc76Zi%2F5qC55bu3O%2BmYv%2BiBlOmFizvpmL%2Fmm7w76Zi%2F5aGe5ouc55aGO%2BWfg
%2BWPijvln4PloZ7kv4Tmr5Tkupo754ix5bCU5YWwO%2BeIseaymeWwvOS6mjvlronpgZPlsJQ75a6J5ZOl5ouJO%2BWuieaPkOeTnOWSjOW3tOW4g%2Bi%2BvjvlpaXlnLDliKk75r6z5aSn5Yip5LqaO%2Ba%2Bs
%2BmXqDvlt7Tlt7TlpJrmlq875be05biD5Lqa5paw5Yeg5YaF5LqaO%2BW3tOWTiOmprDvlt7Tln7rmlq%2FlnaY75be05ouJ5ZytO%2BW3tOWLkuaWr%2BWdpjvlt7Tmnpc75be05ou%2F6amsO
%2BW3tOilvzvnmb3kv4TnvZfmlq875L%2Bd5Yqg5Yip5LqaO%2BWMl%2BaegTvotJ3lroE75q%2BU5Yip5pe2O%2BWGsOWymzvms6LlpJrpu47lkIQ75rOi5YWwO%2BazouaWr
%2BWwvOS6muWSjOm7keWhnuWTpee7tOmCozvnjrvliKnnu7Tkupo75Lyv5Yip5YW5O%2BWNmuiMqOeTpue6szvkuI3kuLk75biD5Z%2B657qz5rOV57SiO%2BW4g%2Bmahui%2FqjvmnJ3pspw76LWk6YGT5Yeg5YaF5LqaO
%2BS4uem6pjvlvrflm7075Lic5bid5rG2O%2BWkmuWTpTvlpJrnsbPlsLzliqA75aSa57Gz5bC85YWLO%2BS%2FhOe9l%2BaWrzvljoTnk5zlpJrlsJQ75Y6E56uL54m56YeM5LqaO%2BazleWbvTvms5XlsZ7ms6LliKnlsLzopb
%2FkuprnvqTlsps75qK16JKC5YaIO%2BiPsuW%2Bi%2BWuvjvmlpDmtY476Iqs5YWwO%2BS9m%2BW%2Bl%2BinkiA75YaI5q%2BU5LqaO%2BWImuaenDvliJrmnpzmsJHkuLvlhbHlkozlm7075ZOl5Lym5q%2BU5LqaO
%2BWTpeaWr%2Bi%2Bvum7juWKoDvmoLzmnpfnurPovr475qC86bKB5ZCJ5LqaO%2BWPpOW3tDvlnK3kuprpgqM75ZOI6JCo5YWL5pav5Z2mO%2Ba1t%2BWcsDvpn6nlm7076I235YWwO%2Bm7keWxsTvmtKrpg73mi4nmlq875Z
%2B66YeM5be05pavO%2BWQieW4g%2BaPkDvlkInlsJTlkInmlq%2Fmlq%2FlnaY75Yeg5YaF5LqaO%2BWHoOWGheS6muavlOe7jTvliqDmi7%2FlpKc75Yqg57qzO%2BWKoOiTrDvmn6zln5Tlr6g75o235YWLO%2Ba0peW3tOW4g
%2BmfpjvlloDpuqbpmoY75Y2h5aGU5bCUO%2BW8gOabvOe%2BpOWymzvnp5HmkannvZc756eR54m56L%2Bq55OmO%2BenkeWogeeJuTvlhYvnvZflnLDkupo76IKv5bC85LqaO%2BW6k%2BWFi%2Be
%2BpOWymzvmi4nohLHnu7Tkupo76I6x57Si5omYO%2BiAgeaMnTvpu47lt7Tlq6k756uL6Zm25a6bO%2BWIqeavlOmHjOS6mjvliKnmr5Tkupo75YiX5pSv5pWm5aOr55m7O
%2BWNouajruWgoTvljaLml7rovr47572X6ams5bC85LqaO%2BmprOi%2BvuWKoOaWr%2BWKoDvpqazlsJTku6PlpKs76ams6ICz5LuWO%2BmprOaLiee7tDvpqazmnaXopb
%2Fkupo76ams6YeMIDvpqazlhbbpob876ams57uN5bCU576k5bKbO%2Bavm%2BmHjOaxguaWrzvmr5vph4zloZTlsLzkupo7576O5Zu9O%2Be%2BjuWbveWMl%2BeOm%2BWIqeWuiee6s%2Be
%2BpOWymzvokpnlj6Q75a2f5Yqg5ouJ5Zu9O%2BenmOmygTvlr4blhYvnvZflsLzopb%2FkuprogZTpgqY757yF55S4O%2BaRqeWwlOWkmueTpjvmkanmtJvlk6U75pGp57qz5ZOlO%2BiOq%2BahkeavlOWFizvloqjopb
%2Flk6U757qz57Gz5q%2BU5LqaO%2BWNl%2BmdnjvljZfmnoHmtLI75Y2X5pav5ouJ5aSrO%2BeRmemygTvlsLzms4rlsJQ75bC85Yqg5ouJ55OcO%2BWwvOaXpeWwlDvlsLzml6XliKnkupo75oyq5aiBO
%2BW4leWKszvokaHokITniZk75pel5pysO%2BeRnuWFuDvnkZ7lo6s76JCo5bCU55Om5aSaO%2BiQqOaRqeS6mjvloZ7lsJTnu7Tkupo75aGe5ouJ5Yip5piCO%2BWhnuWGheWKoOWwlDvloZ7mtabot6%2Fmlq875aGe6IiM5bCUO
%2BaymeeJuemYv%2BaLieS8rzvlnKPlpJrnvo7lkozmma7mnpfopb%2Fmr5Q75Zyj5Z%2B66Iyo5ZKM5bC857u05pavO%2BWco%2BWNouilv%2BS6mjvlnKPpqazlipvor7o75Zyj5paH5qOu54m55ZKM5qC85p6X57qz5LiB5pavO
%2BaWr%2BmHjOWFsOWNoTvmlq%2FmtJvkvJDlhYs75pav5rSb5paH5bC85LqaO%2BaWr%2BWogeWjq%2BWFsDvoi4%2FkuLk76IuP6YeM5Y2XO%2BaJgOe9l%2BmXqOe%2BpOWymzvntKLpqazph4w75aGU5ZCJ5YWL5pav5Z2mO
%2BWPsOa5vjvms7Dlm7075Z2m5qGR5bC85LqaO%2BaxpOWKoDvnibnnq4vlsLzovr7lkozlpJrlt7Tlk6U756qB5bC85pavO%2BWbvueTpuWNojvlnJ%2FogLPlhbY75Zyf5bqT5pu85pav5Z2mO%2BeTpuWKqumYv
%2BWbvjvljbHlnLDpqazmi4k75aeU5YaF55Ge5ouJO%2BaWh%2BiOsTvkuYzlubLovr475LmM5YWL5YWwO%2BS5jOaLieWcrTvkuYzlhbnliKvlhYvmlq%2FlnaY76KW%2F54%2Bt54mZO
%2BW4jOiFijvpppnmuK875paw5Yqg5Z2hO%2BaWsOilv%2BWFsDvljIjniZnliKk75Y%2BZ5Yip5LqaO%2BeJmeS5sOWKoDvkuprnvo7lsLzkupo75Lmf6ZeoO%2BS8iuaLieWFizvkvIrmnJc75Lul6Imy5YiXO%2BaEj%2BWkp
%2BWIqTvljbDluqY75Y2w5bqm5bC86KW%2F5LqaO%2BiLseWbvTvnuqbml6Y76LaK5Y2XO%2Bi1nuavlOS6mjvkuY3lvpc75pm65YipO
%2BS4remdnjvkuK3lm707PjtAPFxlOzE4NDsyMjI7MTgxOzE4NzsxODA7Mjk3OzE5MDsxODM7MjI2OzI0NTsyMjQ7MTc5OzE4NjsxODI7MTg4OzE4OTsyODA7MTkxOzMwMDsyMDI7MzAyOzMwNTsxNTU7MTk2OzI5ODsyMDE7MjA0Oz
E5NTszNjg7MTk4OzE5MzsyNTA7MzczOzMwMzsxNTQ7MjAwOzIwNTsyMDM7MTUzOzE5NDsxOTc7MjU4OzE1NjsyMjA7MjE4OzE1ODszMjY7MjIxOzE1OTszMDg7MjIzOzE2MDsyMjk7MzY5OzE2MjszMDE7MjI4OzIyNzsxNjE7MjM2O
zIwODsxNTc7MjEzOzIxNDsyMzI7MjMzOzIxNTsyMzQ7MjYxOzI0MjsyNTk7MjkyOzM3NDsyNDE7MTYzOzIxOTsyNTY7MjM3OzE2NDsyMDY7MjM1OzIzMDsyNTc7MjE3OzM0ODsyMTE7MzA2OzM3MDsxNjY7MTY3OzI2MDsxNjU7MjU1
OzM3MTsyNzE7MjY4OzI2MjsyNjM7MjY5OzI2NzsyNzI7MjY1OzI3MDsxNjg7MzA3OzI3NjsyODM7MjgxOzI4NDsyODY7Mjc3OzE3MTsxNzI7MjgyOzE3MDszMzg7MzY1OzI3OTsxOTI7Mjk5OzE2OTsyNzg7Mjc1OzI3MzsyNzQ7Mjg
3OzI4NTsyODg7MzQ2OzM2NjszNDU7Mjk1OzI5NDsyOTE7Mjg5OzI5MDsyOTM7MTczOzMwNDsyNTQ7MzEzOzIwOTszMjI7MTc2OzM3NTszMTc7MzE4OzIxNjszMTE7MzA5OzMyMTsxNzQ7MjY0OzE3NTszNDE7MjY2OzMxNjszMTU7Mz
I0OzMxMjszMjA7MzEwOzMxOTszMjg7MzM0OzMyNzszMzU7MzMxOzMzMzszMzA7MTc3OzMzMjszMjk7MTc4OzIzOTszNDI7MTk5OzMzNzszMzY7MzM5OzM0MDsyMjU7MjM4OzI0MDszMTQ7Mjk2OzI0MzszMjM7MjUyOzE4NTszNDQ7M
jQ4OzI0OTsyNDY7MjUxOzI0NzsyNDQ7MjMxOzI1MzszNDM7MzQ3OzMyNTsyMTA7MjA3OzIxMjs%2BPjs%2BOzs%2BO3Q8dDxwPDtwPGw8b25jbGljazs
%2BO2w8e0dldFBhZ2VDaXR5KClcO0dldFBhZ2VTaWdodCgpXDtHZXRQYWdlSG90ZWwoKVw7fTs
%2BPj47Oz47Oz47dDx0PHA8cDxsPEVuYWJsZWQ7PjtsPG88Zj47Pj47cDxsPG9uY2xpY2s7PjtsPEdldFBhZ2VTaWdodCgpXDtHZXRQYWdlSG90ZWwoKVw7R2V0UGFnZUNpdHlJbmZvKClcOzs
%2BPj47Oz47Oz47dDx0PHA8cDxsPEVuYWJsZWQ7PjtsPG88Zj47Pj47cDxsPG9uY2xpY2s7PjtsPEdldFBhZ2VTaWdodEluZm8oKVw7Oz4%2BPjs7Pjs7Pjt0PHQ8cDxwPGw8RW5hYmxlZDs%2BO2w8bzxmPjs
%2BPjtwPGw8b25jbGljazs%2BO2w8R2V0UGFnZUhvdGVsSW5mbygpXDs7Pj4%2BOzs%2BOzs
%2BO3Q8dDxwPHA8bDxEYXRhVGV4dEZpZWxkO0RhdGFWYWx1ZUZpZWxkOz47bDxOb3JtYWxfQ29kZTtOb3JtYWxDb2RlX0lEOz4%2BOz47dDxpPDQ%2BO0A8XGU75YaF572R5aSW5Y%2BRO
%2BWQjOihjOWkluWPkTvlpJbnvZHlpJblj5E7PjtAPFxlOzI1MjsyNTM7MjUxOz4%2BOz47Oz47dDx0PHA8cDxsPERhdGFUZXh0RmllbGQ7RGF0YVZhbHVlRmllbGQ7PjtsPE5vcm1hbF9Db2RlO05vcm1hbENvZGVfSUQ7Pj47Pjt0
PGk8Mz47QDxcZTvlhoXpg6g75aSW6YOoOz47QDxcZTsyNzY7MjU4Oz4%2BOz47Oz47dDx0PHA8cDxsPERhdGFUZXh0RmllbGQ7RGF0YVZhbHVlRmllbGQ7RW5hYmxlZDs%2BO2w8RGVwdF9uYW1lO0RlcHRfbmFtZTtvPGY
%2BOz4%2BOz47dDxpPDE2Nz47QDxcZTvmgLvnu4%2FnkIblrqQ76ZuG5Zui5Yqe5YWs5a6kO%2BS6uuWKm%2Bi1hOa6kOmDqDvorqHliJLotKLliqHpg6g75L%2Bh5oGv566h55CG6YOoO%2BWFpeWig
%2BaXhea4uOWFrOWPuDvlhaXlooPmgLvnu4%2FnkIblrqQ75YWl5aKD5Yqe5YWs5a6kO%2BWFpeWig%2BaXpeacrOS4reW%2FgzvlhaXlooPml6XmnKzmgLvnu4%2FnkIblrqQ75YWl5aKD5pel5pys57u85ZCI6YOoO%2BWFpeWig
%2BaXpeacrOaXheihjOmDqDvlhaXlooPml6XmnKzov5Hnlb%2FokKXkuJrpg6g75YWl5aKD5pel6Iiq6JCl5Lia6YOoO%2BWFpeWig
%2BWFqOaXpeepuuiQpeS4mumDqDvlhaXlooPnvo7lpKfkuK3lv4M75YWl5aKD576O5aSn5aSW6IGU6YOoO%2BWFpeWig%2Be%2BjuWkp
%2Be7vOWQiOS4muWKoemDqDvlhaXlooPmrKfmtLLkuK3lv4M75YWl5aKD5qyn5rSy5b636K%2Bt6YOoO%2BWFpeWig%2Basp%2Ba0suazleivremDqDvlhaXlooPmrKfmtLLlpJbogZTpg6g75YWl5aKD5qyn5rSy6KW%2F6K
%2Bt6YOoO%2BWFpeWig%2BS6muWkquS4reW%2FgzvlhaXlooPkuprlpKrlpJbogZTpg6g75YWl5aKD5Lqa5aSq57u85ZCI5Lia5Yqh6YOoO%2BWFpeWig%2Biuoeiwg%2BWvvOa4uOeuoeeQhuS4reW
%2FgzvlhaXlooPorqHosIPpg6g75YWl5aKD5a%2B85ri46YOoO%2BWFpeWig%2Be%2BjuWbvemDqDvlhaXlooPmrKfnvo7kuK3lv4M75YWl5aKD5Lqa5aSq5LiA6YOoO%2BWFpeWig
%2BS6muWkquS6jOmDqDvlhaXlooPnvo7lpKfpg6g75YWl5aKD5qyn5rSy6YOoO%2BWFpeWig%2Be7vOWQiOS4muWKoemDqDvlh7rlooPlhazlj7g75Ye65aKD5oC757uP55CG5a6kO%2BWHuuWig%2Biuoeiwg
%2BmDqDvlh7rlooPkuJzljZfkuprkuK3lv4M75Ye65aKD5rOw5paw6ams6YOoO%2BWHuuWig%2BaZruWQiemDqDvlh7rlooPkuJzljZfkuppNSUNFO%2BWHuuWig%2Ba4r%2Ba%2Bs%2BWPsOS4reW%2Fgzvlh7rlooPmuK
%2FmvrPpg6g75Ye65aKD5Y%2Bw5rm%2B6YOoO%2BWHuuWig%2BaXpemfqeS4reW%2Fgzvlh7rlooPml6XmnKzpg6g75Ye65aKD6Z%2Bp5Zu96YOoO%2BWHuuWig%2BWhnuePremDqDvlh7rlooPml6Xpn6lNSUNF6YOoO
%2BWHuuWig%2BiQpemUgOS4reW%2Fgzvlh7rlooPplIDllK7kuIDpg6g75Ye65aKD6ZSA5ZSu5LqM6YOoO%2BWHuuWig%2Ba%2Bs%2BaWsOmDqDvlh7rlooPmrKfmtLLkuK3lv4M75Ye65aKD5qyn5rSy6YOoO%2BWHuuWig%2BS
%2FhOe9l%2BaWr%2BmDqDvlh7rlooPlkIzooYzpg6g75Ye65aKD5qyn5rSyTUlDRemDqDvlh7rlooPmrKfmtLLorqHosIPpg6g75Ye65aKD5qyn5rSy562%2B6K%2BB5p2Q5paZ6YOoO%2BWHuuWigzgwMOS4reW
%2Fgzvlh7rlooPlpYfoiKrkuYvml4XkuK3lv4M75Ye65aKDZ29sZumDqDvlh7rlooPoh6rpqb7ml4XmuLjmnI3liqHpg6g75LiW5Y2a5LyaO%2BWHuuWig
%2BWbveWGhemUgOWUrjvlh7rlooPnvo7mtLLkuK3lv4M75Ye65aKD576O5rSy6YOoO%2BWHuuWig%2BS4reWNl%2Be%2Bjua0sumDqDvlh7rlooPnvo7mtLJNSUNF6YOoO%2BWHuuWig%2Be
%2Bjua0suaegeWcsOaXhea4uOmDqDvlh7rlooPotKjnm5HkuK3lv4M75Ye65aKD6YKu6L2u5Lit5b%2BDO%2BWHuuWig%2BmCrui9ruS4gOmDqDvlh7rlooPpgq7ova7kuozpg6g75Ye65aKD5Lit5Lic6YOoO%2BWHuuWig
%2Bmdnua0sue6vzvlh7rlooPnm7TlsZ7nvZHngrk75Ye65aKD6KGh5bGx6Lev6JCl5Lia6YOoO%2BWHuuWig%2BWVhuaXheS4reW%2Fgzvlh7rlooPlrqLmiLfkuIDpg6g75Ye65aKD5Zu95YaF6ZW%2F57q%2FO%2BWHuuWig
%2BWbveWGheefree6vzvlh7rlooPnrb7or4Hpg6g75Ye65aKD5ZWG5peF5Yqe5YWs5a6kO%2BWHuuWig%2BWuouaIt%2BS6jOmDqDvlh7rlooPllYbml4Xpg6g75Ye65aKD5a6i5oi35LiJ6YOoO%2BWHuuWig%2BW6puWBh
%2BS4reW%2Fgzvlh7rlooPluqblgYfkuIDpg6g75Ye65aKD5be05Y6Y57q%2FO%2BWHuuWig%2BaWh%2BiOseaymeW3tOe6vzvlh7rlooPluqblgYfkuozpg6g75Ye65aKD6ams5p2l6KW%2F5Lqa57q%2FO%2BWHuuWig
%2BmprOWwlOS7o%2BWkq%2Be6vzvlh7rlooPluqblgYfkuInpg6g75Ye65aKD6KGM5pS%2F5Lit5b%2BDO%2BWHuuWig%2BWKnuWFrOWupDvlh7rlooPluILlnLrpg6g75Ye65aKD5py65Zy65pyN5Yqh6YOoO%2BWHuuWig
%2BeUteWVhuWQjOihjOS4reW%2Fgzvlh7rlooPljZfkuprkuK3lv4M75Ye65aKD5Y2X5Lqa6YOoO%2BWHuuWig%2Bi2iuafrOmDqDvkuIroiKrkvJrlsZU75LiK6Iiq5Lya5bGV5Yqe5YWs5a6kO
%2BS4iuiIquS8muWxleWlluWKseaXhea4uOmDqDvkuIroiKrkvJrlsZXllYbliqHml4XooYzpg6g75LiK6Iiq5Lya5bGV5Lya5bGV5peF5ri46YOoO
%2BS4iuiIquS8muWxleW4guWcuuiQpemUgOmDqDvkuIroiKrkvJrlsZXphZLlupfpooTorqLpg6g76aOe6bmk6Iiq56m6O
%2Bmjnum5pOiIquepuuWKnuWFrOWupDvpo57puaToiKrnqbrkuqflk4HnoJTlj5Hpg6g76aOe6bmk6Iiq56m65biC5Zy66JCl6ZSA6YOoO
%2Bmjnum5pOiIquepuuWbvemZheS4muWKoemDqDvpo57puaToiKrnqbrml4XmuLjpg6g76aOe6bmk6Iiq56m657u85ZCI5Lia5Yqh6YOoO
%2Bmjnum5pOiIquepuuWVhuWKoeaXheihjOmDqDvpo57puaToiKrnqbrliIbplIDnvZHnu5zpg6g76aOe6bmk6Iiq56m656Wo5Yqh6YOoO%2Bmjnum5pOiIquepuue7k%2Beul
%2Be7hDvkuIroiKrml4Xmsb075LiK6Iiq5peF5rG95Yqe5YWs5a6kO%2BS4iuiIquaXheaxveiQpei%2FkOmDqDvkuIroiKrml4Xmsb3nu7Tkv67pg6g75LiK6Iiq5peF5rG95a6J5YWo5pyN5Yqh6YOoO
%2BS4iuiIquaXheaxvemUgOWUruiwg%2BW6pumDqDvkvIHkuJrlj5HlsZXpg6g75LiK6Iiq5peF5ri4572RO%2BS4iuiIquaXhea4uOe9keWRvOWPq%2BS4reW%2FgzvkuJbljZrlip7lhazlrqQ75YWa576k5Yqe5YWs5a6kO
%2BWboOengeWHuuWFpeWigzvnuqrmo4Dnm5Hlr5%2FvvIjlrqHorqHvvInpg6g75LiK6Iiq5YGH5pyfO%2BS4iuiIquWBh%2Bacn%2Bm5sOS5i%2BaXhTvkuIroiKrlgYfmnJ
%2FmgLvnu4%2FnkIblrqQ75LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B4O%2BS4iuiIquWBh%2Bacn%2BWbm%2BW3neWFrOWPuOaAu%2Be7j%2BeQhuWupDvkuIroiKrlgYfmnJ
%2Flm5vlt53lhazlj7jlm73pmYXpgq7ova7nu4Q75LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B45Zu96ZmF5pmu5ZCJ57q%2FO%2BS4iuiIquWBh%2Bacn%2BWbm%2BW3neWFrOWPuOWbvemZhei2iuafrOe6vzvkuIroiKrlgYfmnJ
%2Flm5vlt53lhazlj7jnm7TlrqLplIDllK7lrqLmnI075LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B45ZCM5Lia6ZSA5ZSu6YOo5Zub5bed5biC5Zy6O%2BS4iuiIquWBh%2Bacn%2Ba1t%2BWNl%2BWFrOWPuDvkuIroiKrlgYfmnJ
%2FmtbfljZflhazlj7jmgLvnu4%2FnkIblrqQ75LiK6Iiq5YGH5pyf5rW35Y2X5YWs5Y%2B45ZWG5peF5Lya5aWW6YOoO%2BS4iuiIquWBh%2Bacn%2BWMl%2BS6rOWFrOWPuDvkuIroiKrlgYfmnJ
%2FljJfkuqzlhazlj7jlh7rlooPokKXplIDkuK3lv4M75LiK6Iiq5YGH5pyf5YyX5Lqs5YWs5Y%2B45aSn5a6i5oi36YOoO%2Bilv%2BWuieS4nOe%2Bjjvopb%2FlronkuJznvo7lh7rlooPkuK3lv4M76KW%2F5a6J5YWs5Y
%2B4O%2Bilv%2BWuieWFrOWPuOe7hOWbouS4reW%2Fgzvopb%2Flronlhazlj7jlnLDmjqXkuK3lv4M76KW%2F5a6J5YWs5Y%2B46LSi5Yqh6YOoO%2BS4nOiIquaXhea4uDvkuJzoiKrml4XmuLjluILlnLrpg6g75Y
%2BW5raI5YWl5aKD5Lic5Y2X5Lqa6YOoO%2BWPlua2iOWFpeWig%2Basp%2Be%2BjuS4reW%2FgzvnprvlspfkurrlkZg75LiK6IiqOzEwMTA1ODU4Oz47QDxcZTvmgLvnu4%2FnkIblrqQ76ZuG5Zui5Yqe5YWs5a6kO
%2BS6uuWKm%2Bi1hOa6kOmDqDvorqHliJLotKLliqHpg6g75L%2Bh5oGv566h55CG6YOoO%2BWFpeWig%2BaXhea4uOWFrOWPuDvlhaXlooPmgLvnu4%2FnkIblrqQ75YWl5aKD5Yqe5YWs5a6kO%2BWFpeWig%2BaXpeacrOS4reW
%2FgzvlhaXlooPml6XmnKzmgLvnu4%2FnkIblrqQ75YWl5aKD5pel5pys57u85ZCI6YOoO%2BWFpeWig%2BaXpeacrOaXheihjOmDqDvlhaXlooPml6XmnKzov5Hnlb%2FokKXkuJrpg6g75YWl5aKD5pel6Iiq6JCl5Lia6YOoO
%2BWFpeWig%2BWFqOaXpeepuuiQpeS4mumDqDvlhaXlooPnvo7lpKfkuK3lv4M75YWl5aKD576O5aSn5aSW6IGU6YOoO%2BWFpeWig%2Be%2BjuWkp
%2Be7vOWQiOS4muWKoemDqDvlhaXlooPmrKfmtLLkuK3lv4M75YWl5aKD5qyn5rSy5b636K%2Bt6YOoO%2BWFpeWig%2Basp%2Ba0suazleivremDqDvlhaXlooPmrKfmtLLlpJbogZTpg6g75YWl5aKD5qyn5rSy6KW%2F6K
%2Bt6YOoO%2BWFpeWig%2BS6muWkquS4reW%2FgzvlhaXlooPkuprlpKrlpJbogZTpg6g75YWl5aKD5Lqa5aSq57u85ZCI5Lia5Yqh6YOoO%2BWFpeWig%2Biuoeiwg%2BWvvOa4uOeuoeeQhuS4reW
%2FgzvlhaXlooPorqHosIPpg6g75YWl5aKD5a%2B85ri46YOoO%2BWFpeWig%2Be%2BjuWbvemDqDvlhaXlooPmrKfnvo7kuK3lv4M75YWl5aKD5Lqa5aSq5LiA6YOoO%2BWFpeWig
%2BS6muWkquS6jOmDqDvlhaXlooPnvo7lpKfpg6g75YWl5aKD5qyn5rSy6YOoO%2BWFpeWig%2Be7vOWQiOS4muWKoemDqDvlh7rlooPlhazlj7g75Ye65aKD5oC757uP55CG5a6kO%2BWHuuWig%2Biuoeiwg
%2BmDqDvlh7rlooPkuJzljZfkuprkuK3lv4M75Ye65aKD5rOw5paw6ams6YOoO%2BWHuuWig%2BaZruWQiemDqDvlh7rlooPkuJzljZfkuppNSUNFO%2BWHuuWig%2Ba4r%2Ba%2Bs%2BWPsOS4reW%2Fgzvlh7rlooPmuK
%2FmvrPpg6g75Ye65aKD5Y%2Bw5rm%2B6YOoO%2BWHuuWig%2BaXpemfqeS4reW%2Fgzvlh7rlooPml6XmnKzpg6g75Ye65aKD6Z%2Bp5Zu96YOoO%2BWHuuWig%2BWhnuePremDqDvlh7rlooPml6Xpn6lNSUNF6YOoO
%2BWHuuWig%2BiQpemUgOS4reW%2Fgzvlh7rlooPplIDllK7kuIDpg6g75Ye65aKD6ZSA5ZSu5LqM6YOoO%2BWHuuWig%2Ba%2Bs%2BaWsOmDqDvlh7rlooPmrKfmtLLkuK3lv4M75Ye65aKD5qyn5rSy6YOoO%2BWHuuWig%2BS
%2FhOe9l%2BaWr%2BmDqDvlh7rlooPlkIzooYzpg6g75Ye65aKD5qyn5rSyTUlDRemDqDvlh7rlooPmrKfmtLLorqHosIPpg6g75Ye65aKD5qyn5rSy562%2B6K%2BB5p2Q5paZ6YOoO%2BWHuuWigzgwMOS4reW
%2Fgzvlh7rlooPlpYfoiKrkuYvml4XkuK3lv4M75Ye65aKDZ29sZumDqDvlh7rlooPoh6rpqb7ml4XmuLjmnI3liqHpg6g75LiW5Y2a5LyaO%2BWHuuWig
%2BWbveWGhemUgOWUrjvlh7rlooPnvo7mtLLkuK3lv4M75Ye65aKD576O5rSy6YOoO%2BWHuuWig%2BS4reWNl%2Be%2Bjua0sumDqDvlh7rlooPnvo7mtLJNSUNF6YOoO%2BWHuuWig%2Be
%2Bjua0suaegeWcsOaXhea4uOmDqDvlh7rlooPotKjnm5HkuK3lv4M75Ye65aKD6YKu6L2u5Lit5b%2BDO%2BWHuuWig%2BmCrui9ruS4gOmDqDvlh7rlooPpgq7ova7kuozpg6g75Ye65aKD5Lit5Lic6YOoO%2BWHuuWig
%2Bmdnua0sue6vzvlh7rlooPnm7TlsZ7nvZHngrk75Ye65aKD6KGh5bGx6Lev6JCl5Lia6YOoO%2BWHuuWig%2BWVhuaXheS4reW%2Fgzvlh7rlooPlrqLmiLfkuIDpg6g75Ye65aKD5Zu95YaF6ZW%2F57q%2FO%2BWHuuWig
%2BWbveWGheefree6vzvlh7rlooPnrb7or4Hpg6g75Ye65aKD5ZWG5peF5Yqe5YWs5a6kO%2BWHuuWig%2BWuouaIt%2BS6jOmDqDvlh7rlooPllYbml4Xpg6g75Ye65aKD5a6i5oi35LiJ6YOoO%2BWHuuWig%2BW6puWBh
%2BS4reW%2Fgzvlh7rlooPluqblgYfkuIDpg6g75Ye65aKD5be05Y6Y57q%2FO%2BWHuuWig%2BaWh%2BiOseaymeW3tOe6vzvlh7rlooPluqblgYfkuozpg6g75Ye65aKD6ams5p2l6KW%2F5Lqa57q%2FO%2BWHuuWig
%2BmprOWwlOS7o%2BWkq%2Be6vzvlh7rlooPluqblgYfkuInpg6g75Ye65aKD6KGM5pS%2F5Lit5b%2BDO%2BWHuuWig%2BWKnuWFrOWupDvlh7rlooPluILlnLrpg6g75Ye65aKD5py65Zy65pyN5Yqh6YOoO%2BWHuuWig
%2BeUteWVhuWQjOihjOS4reW%2Fgzvlh7rlooPljZfkuprkuK3lv4M75Ye65aKD5Y2X5Lqa6YOoO%2BWHuuWig%2Bi2iuafrOmDqDvkuIroiKrkvJrlsZU75LiK6Iiq5Lya5bGV5Yqe5YWs5a6kO
%2BS4iuiIquS8muWxleWlluWKseaXhea4uOmDqDvkuIroiKrkvJrlsZXllYbliqHml4XooYzpg6g75LiK6Iiq5Lya5bGV5Lya5bGV5peF5ri46YOoO
%2BS4iuiIquS8muWxleW4guWcuuiQpemUgOmDqDvkuIroiKrkvJrlsZXphZLlupfpooTorqLpg6g76aOe6bmk6Iiq56m6O
%2Bmjnum5pOiIquepuuWKnuWFrOWupDvpo57puaToiKrnqbrkuqflk4HnoJTlj5Hpg6g76aOe6bmk6Iiq56m65biC5Zy66JCl6ZSA6YOoO
%2Bmjnum5pOiIquepuuWbvemZheS4muWKoemDqDvpo57puaToiKrnqbrml4XmuLjpg6g76aOe6bmk6Iiq56m657u85ZCI5Lia5Yqh6YOoO
%2Bmjnum5pOiIquepuuWVhuWKoeaXheihjOmDqDvpo57puaToiKrnqbrliIbplIDnvZHnu5zpg6g76aOe6bmk6Iiq56m656Wo5Yqh6YOoO%2Bmjnum5pOiIquepuue7k%2Beul
%2Be7hDvkuIroiKrml4Xmsb075LiK6Iiq5peF5rG95Yqe5YWs5a6kO%2BS4iuiIquaXheaxveiQpei%2FkOmDqDvkuIroiKrml4Xmsb3nu7Tkv67pg6g75LiK6Iiq5peF5rG95a6J5YWo5pyN5Yqh6YOoO
%2BS4iuiIquaXheaxvemUgOWUruiwg%2BW6pumDqDvkvIHkuJrlj5HlsZXpg6g75LiK6Iiq5peF5ri4572RO%2BS4iuiIquaXhea4uOe9keWRvOWPq%2BS4reW%2FgzvkuJbljZrlip7lhazlrqQ75YWa576k5Yqe5YWs5a6kO
%2BWboOengeWHuuWFpeWigzvnuqrmo4Dnm5Hlr5%2FvvIjlrqHorqHvvInpg6g75LiK6Iiq5YGH5pyfO%2BS4iuiIquWBh%2Bacn%2Bm5sOS5i%2BaXhTvkuIroiKrlgYfmnJ
%2FmgLvnu4%2FnkIblrqQ75LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B4O%2BS4iuiIquWBh%2Bacn%2BWbm%2BW3neWFrOWPuOaAu%2Be7j%2BeQhuWupDvkuIroiKrlgYfmnJ
%2Flm5vlt53lhazlj7jlm73pmYXpgq7ova7nu4Q75LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B45Zu96ZmF5pmu5ZCJ57q%2FO%2BS4iuiIquWBh%2Bacn%2BWbm%2BW3neWFrOWPuOWbvemZhei2iuafrOe6vzvkuIroiKrlgYfmnJ
%2Flm5vlt53lhazlj7jnm7TlrqLplIDllK7lrqLmnI075LiK6Iiq5YGH5pyf5Zub5bed5YWs5Y%2B45ZCM5Lia6ZSA5ZSu6YOo5Zub5bed5biC5Zy6O%2BS4iuiIquWBh%2Bacn%2Ba1t%2BWNl%2BWFrOWPuDvkuIroiKrlgYfmnJ
%2FmtbfljZflhazlj7jmgLvnu4%2FnkIblrqQ75LiK6Iiq5YGH5pyf5rW35Y2X5YWs5Y%2B45ZWG5peF5Lya5aWW6YOoO%2BS4iuiIquWBh%2Bacn%2BWMl%2BS6rOWFrOWPuDvkuIroiKrlgYfmnJ
%2FljJfkuqzlhazlj7jlh7rlooPokKXplIDkuK3lv4M75LiK6Iiq5YGH5pyf5YyX5Lqs5YWs5Y%2B45aSn5a6i5oi36YOoO%2Bilv%2BWuieS4nOe%2Bjjvopb%2FlronkuJznvo7lh7rlooPkuK3lv4M76KW%2F5a6J5YWs5Y
%2B4O%2Bilv%2BWuieWFrOWPuOe7hOWbouS4reW%2Fgzvopb%2Flronlhazlj7jlnLDmjqXkuK3lv4M76KW%2F5a6J5YWs5Y%2B46LSi5Yqh6YOoO%2BS4nOiIquaXhea4uDvkuJzoiKrml4XmuLjluILlnLrpg6g75Y
%2BW5raI5YWl5aKD5Lic5Y2X5Lqa6YOoO%2BWPlua2iOWFpeWig%2Basp%2Be%2BjuS4reW%2FgzvnprvlspfkurrlkZg75LiK6IiqOzEwMTA1ODU4Oz4%2BO2w8aTwxMz47Pj47Oz47dDxwPHA8bDxFOz47bDwyMDs%2BPjs
%2BOzs%2BO3Q8O2w8aTwxPjs
%2BO2w8dDxAMDw7QDA8cDxsPHNlckFjdGl2ZVJvd1N0cmluZztzZXJBY3RpdmVDZWxsU3RyaW5nOz47bDw7Oz4%2BOzs7Ozs7Ozs7Ozs7Ozs7Ozs7OztAMDw7bDxAMDw7Ozs7Ozs7Ozs7Ozs7QDA8O2w8QDA8cDxsPEhpZGRlbjs
%2BO2w8bzx0Pjs%2BPjs7Ozs7Ozs7Oz47Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Pjs7Oz47Ozs7Oz47Oz47Pjs7Ozs7Ozs%2BOz47Oz47Pj47dDxwPHA8bDxFbmFibGVkOz47bDxvPGY
%2BOz4%2BO3A8bDxvbmNsaWNrOz47bDxCZWZvcmVQYWdlQ2hhbmdlKClcOzs%2BPj47Oz47dDx0PHA8O3A8bDxvbmNoYW5nZTs%2BO2w8QmVmb3JlUGFnZUNoYW5nZSgpXDs7Pj4%2BOzs%2BOzs%2BO3Q8cDxwPGw8RW5hYmxlZDs
%2BO2w8bzxmPjs%2BPjtwPGw8b25jbGljazs%2BO2w8QmVmb3JlUGFnZUNoYW5nZSgpXDs7Pj4%2BOzs%2BO3Q8cDxwPGw8VmlzaWJsZTs%2BO2w8bzxmPjs%2BPjtwPGw8b25jbGljazs%2BO2w8cmV0dXJuIGNvbmZpcm0oJ
%2BS9oOehruiupOS%2FneWtmOabtOaWsOWQl%2B%2B8nycpXDs7Pj4%2BOzs%2BO3Q8cDxwPGw8VmlzaWJsZTs%2BO2w8bzxmPjs%2BPjtwPGw8b25jbGljazs%2BO2w8cmV0dXJuIGNvbmZpcm0oJ
%2BS9oOehruiupOWIoOmZpOWQl%2B%2B8nycpXDs7Pj4%2BOzs%2BO3Q8cDxsPFZpc2libGU7PjtsPG88Zj47Pj47Oz47Pj47Pj47bDx0eHRSZWNvcmROdW07d2dEb2M7Pj5DgP0TffCA8y7YfoMjaChwPk87Lw%3D
%3D&ddlDocType=&ddlCorrespondType=&ddlCountry=&txtCName=11111111*&ddlDocSendutside=&ddlDocResource=&txtRecordNum=20&txtRecordNum_p=20&btnQuery=+%E6%9F%A5%E8%AF%A2+&wgDoc=
%253CDisplayLayout%253E%253CStateChanges%253E%253C%2FStateChanges%253E%253C%2FDisplayLayout
%253E&hidSaveLabel=&hidIsChanged=&hidDepartment=&hidUrl=&hidPageContinentID=&hidPageCountryID=&hidPageHotelID=&hidPageProvinceID=&hidPageCityID=&hidPageSightID=&hidGroup=
%E8%B5%84%E6%96%99%E4%B8%AD%E5%BF%83%E6%9F%A5%E8%AF%A2


txtCName参数存在注入

漏洞证明:

涉及34个库

34个库.jpg


随便找个库,400多个表

表.jpg


时间太长,就不再深入了

修复方案:

过滤参数

版权声明:转载请注明来源 Xmyth_夏洛克@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-10-13 20:59

厂商回复:

已联系项目经理进行整改。

最新状态:

暂无

漏洞评价:

评论

  1. 2015-10-12 17:29 | king7 ( 普通白帽子 | Rank:630 漏洞数:113 | 收WB~~1:7手续费协商,个位数到三位数量都...)

    表哥你这号是一个人还是一群人?@Xmyth_夏洛克

  2. 2015-10-12 17:30 | Xmyth_夏洛克 ( 普通白帽子 | Rank:1087 漏洞数:122 | 啥都不会)

    @king7 一个。。。。

  3. 2015-10-12 17:30 | Xmyth_Xi2oMin9 ( 普通白帽子 | Rank:400 漏洞数:56 | 人来人往 喜欢却只能欣赏 再见了各位)

    表哥你这号是一个人还是一群人?@Xmyth_夏洛克

  4. 2015-10-12 17:32 | 牛 小 帅 ( 普通白帽子 | Rank:495 漏洞数:125 | 茶凉了,就不要再续了,再续也不是原来的味...)

    表哥你这号是一个人还是一群人?@Xmyth_夏洛克