当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0171406

漏洞标题:青海省电信某系统(涉及海量信息/涵盖03-16年所有用户电信套餐信息/涉及大量用户信息)

相关厂商:中国电信

漏洞作者: 路人甲

提交时间:2016-01-20 19:30

修复时间:2016-03-07 10:49

公开时间:2016-03-07 10:49

漏洞类型:命令执行

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-01-20: 细节已通知厂商并且等待厂商处理中
2016-01-22: 厂商已经确认,细节仅向厂商公开
2016-02-01: 细节向核心白帽子及相关领域专家公开
2016-02-11: 细节向普通白帽子公开
2016-02-21: 细节向实习白帽子公开
2016-03-07: 细节向公众公开

简要描述:

@狗哥 @浩天 斗胆要个雷!!!!

详细说明:

**.**.**.**:8080/mpi/ 青海省电信某系统,看界面是承包门户客户端APP,其实就是代理商用的呗,通过长时间写shell,配置数据库,发现近30亿信息,前面的log占了10亿,后面的重头来了,找了几个比较敏感的表,其中发现。从03年到16年电信套餐办理用户信息,宽带信息。座机信息。还有2000W代理商个人详细信息,
我们能从这个洞找到什么? 03年,(其实还有01年的。)到现在你在青海省,办卡的信息,以及你家宽带,座机信息,电信宽带涵盖大部分是政府教育单位,下文中也提到大量的政府和教育单位的名称,教育单位的宽带维修以及固定号码。大量的代理商信息信息,以及从这个代理商手中走的数据,
随便拿出条便是千万单位的。还有部分代码和数字数据应该是某些业务办理情况代码,这个不做深究。
在这里斗胆要个雷,不知道这个危害够不够。

漏洞证明:

1111.png

db1.png

xinxi.png

xinxi1.png

xinxi2.png

xinxi3.png

xinxi4.png

xinxi5.png

xinxi6.png

xinxi7.png

xinxi8.png

xinxi9.png

xinxi10.png

xinxi11.png

xinxi12.png

xinxi13.png

xinxi14.png

xinxi15.png

xinxi16.png

xinxi17.png

<name>jndi/bigScreen</name>
  <jdbc-driver-params>
    <url>jdbc:oracle:thin:@**.**.**.**:1521:ods1</url>
    <driver-name>oracle.jdbc.xa.client.OracleXADataSource</driver-name>
    <properties>
      <property>
        <name>user</name>
        <value>pu_dmdata</value>
      </property>
    </properties>
    <password-encrypted>{AES}O7LRDTNPCvQi4WX6vflyPqHqZy5CJJ7OKF0Lf6kek3M=</password-encrypted> pub_qhods

数据库配置

DM_PRD_PRD_INST_ARRIVE	1138412662
DM_SEG_BIL_ACCT_OWE_MONTH	479321659
DM_SEG_EVT_CALL_MB_EVENT	213738347
DM_EVT_BUSI_ORDER_DAY_160118	203100183
DM_EVT_BUSI_ORDER_DAY_151231	200931416
DM_EVT_BUSI_ORDER_DAY_151130	194736336
DM_TB_PTY_CUST_CN_MON	152800376
DM_SEG_EVT_DATA_MB_EVENT	137780631
DM_OVER_NET_BILL	126813471
DM_EVT_MOBILE_DATA_EVENT_MON	94215171
DM_SEG_PRD_BIL_USER	78386026
DM_PRD_PO_MEM_DAY_160118	74439673
DM_PRD_PO_MEM_DAY_151231	73714214
DM_PRD_PO_MEM_DAY_151130	71932814
DM_PRD_PO_INFO_DAY_160118	70832708
DM_PRD_INST_IPHONE5S_GRADE_BAK	70540215
DM_PRD_PO_INFO_DAY_151231	70037645
DM_PRD_PO_INFO_DAY_151130	68429475
DM_OVER_NET_BILL_VOICE	53494207
PROD_ITEM	45170679
DM_PRD_PO_MEM_DAY_EXTENT	36033784
DM_PRD_PO_INFO_DAY_EXTENT	35921136
DM_OVER_NET_BILL_SMS	33614537
DM_SEG_OFFER_ORDER_INFO	32938178
SEG_AGT_SHIYOU_FLOW_INFO	28947401
DM_PRD_USER_INST_DAY	28604191               2000W个人信息
DM_OFFER_PRD_C_META_DAY	26834446
DM_MB_CALL_VISIT_OTHER_AREA	24783901
TB_PRD_TAOCAN_NEW_ARRIV_SMS_01	23754102
DM_PRD_PO_INFO_DAY_EXTENT_S1	22293865
TIF_MOBILE_DATA_EVENT_DETAIL	21353898
TB_PRD_1X_SIXMONTH2	21142106
TB_PRD_1X_SIXMONTH3	21028708
TEMP_ACCT_ITEM_201107	21020870
TB_PRD_1X_SIXMONTH4	20857582
DM_TARGET_ITEM	20390988
DM_SEG_OFFER_TO_DEFAULE_PRD	18819236
TB_PRD_1X_SIXMONTH5	18708092
DM_PTY_CN_CUST_MON	18669688
TB_AGENT_SETT_ARPU_MONTH_USER	17837357
TB_PRD_1X_SIXMONTH01	17758759
DM_OFFER_META_NEW_DAY_DATA	17658400
DM_MB_DATA_VISIT_OTHER_AREA	17336986
CUST_ORDER	16730575
SEG_DM_OVER_NET_BILL	15908872
DMT_PRD_META_NEW_DATA	15801354
DM_SEG_10000_3	15353628
DM_SEG_OFFER_TO_DEFAULE_PR	14713068
CUST_ORDER_CHL	14684913
DM_SEG_USER_DATA_INFOLAST	14660255
TEMP_BAICD_CRM_0108	14256672
DM_SEG_OFFER_TO_DLE_PRD_1210	13950172
DM_SEG_USER_DATA_INFOBEFORE	13497374
DM_PRD_USER_INST_TAX_TMP7	12902370
TB_SEG_SHIYOU_SERV_BRAND_MB	11353943
DM_SERV_INST	11311975
DM_FIN_PD_INCOM_INFO_EDM_MON	11290998
DM_PRD_OFFER_META_DAY_DATA	11241681
PRODUCT_PP	10994337
DM_TB_BIL_MONRECORD_MM	10472755
DM_TARGET_PACKAGE_ITEM	10154071
DM_TARGET_PRODUCT_ITEM	10080795
TEMP_BAICD_BIL_0108	9803604
STORE_INOUT_DETAIL	9206828
TB_MOBILE_3G_FLOW_IN_INFO_M	9206580
DM_SEG_EVT_CALL_EVENT_NEW	9105016
DM_PRD_PRD_C_META_DAY	8976771
DM_SEG_10000_2	8630076
DM_TB_EVT_BI_WO	8582625
DM_PRD_META_NEW_DAY_DATA	8524425
DM_SEG_ALL_PRD_PRD_INST	8467169
SERV	8209489
DM_PRD_USER_INST_DAY_FLOW_DB	8130346
DM_SEG_PRD_INST_ORDER_INFO	7710977
SERV_SUBSRIBER	7556410
SERV_LOCATION	7543951
SERV_SUBSRIBERA	7464679
SERV_LOCATIONA	7452220
DM_PTY_CN_CUST_MON_BAK	7325245
DM_BIL_OWE_DAY	7321304
DM_PRD_MBL_INFO_EDM_MON	7159563
DM_AGENT_SETT_FEE_TAIL_MONTH	7026023
DM_SEG_PRD_PAYMENT_DATE	7007326
DM_PRD_USER_INST_DAY_FLOW_DAY	6835474
DM_PRD_INFO_DAY_160118	6723994
DM_PRD_INFO_DAY_151231	6683665
DM_PRD_INFO_MON_20160105	6683665
DM_PRD_INFO_MON	6683665
DM_SEG_PRD_OFFER_INST_DETAIL	6681920
DM_PRD_INFO_DAY_1230	6665153
SEG_DM_OVER_NET_BILL_SUM	6662353
SEG_USER_COUNT_RT	6378398
DM_PRD_INFO_DAY_150630	6176562
SEG_TAOCAN1	6102726
SEG_PRD_OFFER_INST	6094552
DM_SEG_NSA_USER_INST1	6056204
DM_SERV_USER_TAX_INST	6016313
DM_SEG_NSA_USER_INST	5875858
SEG_DM_OVER_NET_BILL_JC	5827824
A_SERV_EX_0310	5815372
PRODUCT	5790336
TB_PRD_PROD_STATUS_TREAT_RES	5778773
SEG_DM_OVER_NET_BILL_2	5716447
DM_SEG_ALL_PRD_USER	5680664
TEMP_PROD_STATUS_TREAT_RES	5679764
TEMP_PRD_INST_FEE_TYPE	5671251
TEMP_PRD_INST_ACCOUNT	5670586
DM_SEG_USER_PRD_INST_NSA2	5146281
DM_USER_PRD_INST_NSA	5146281
DM_PTY_CUST_INFO_DAY_160118	5059234
DM_PTY_CUST_INFO_DAY_151231	5039633
DM_PTY_CUST_TYPE	5030491
DM_TB_BIL_ACCT_ITEM	4753156
DM_BI_WO_RPT	4728314
DM_SEG_10000_1	4645066
SEG_DM_OVER_NET_BILL_JC_LOSE	4611382
DM_SEG_CUST_INET_TIME	4604808
DM_SEG_CUAT_ATTR	4600037
TB_BIL_FREE_SERV	4582533
DM_SEG_PRD_PAYMENT_USER_INFO	4518681
DM_PRD_INFO_DAY_EXTENT	4469386
DM_FIN_PD_OWE_MON	4432749
DM_PRD_VAS_INFO_EDM_MON	4429632
DM_PRD_VAS_INFO_EDM_MON01	4429632
DM_NETELEMENT_LIST_EQUAL	4424133
SEG_CHECK_CUST_CN_MON	4419172
TB_FIN_USER_VALUE_MON	4401394
DM_BEH_PD_EDM_MON	4382130
DM_BEH_VAS_EDM_MON	4382130
DM_PRD_ACTIVE_USER_MON	4335976
DM_PTY_CUST_INFO_MON	4323993
ACCT_ITEM_AGGR	4264562
SEG_DM_OVER_NET_BILL_LOC_07	4193015
DM_TB_PRD_INST_PP	4066802
DM_TB_CUST_ORDER	4046861
DM_TB_PRD_PRD_INST_EXPAND	4001099
DM_SEG_PRD_INST_2_CHANNEL	3980218
DM_PRD_INST_NSA	3971486
DM_PTY_CUST_INFO_DAY_EXTENT	3967926
DM_PTY_CUST_DAY_ACTIVE_FLAG	3951413
DM_PRD_MBL_INFO_DAY_160118	3874044
DM_PRD_MBL_INFO_DAY_151231	3848219
DM_SEG_PRD_ORDER_INFO	3807809
DM_TB_PRD_SERV	3790245
DM_CRM_FWKT_LIST	3705567
TEMP_BIACD_1213_OFFER	3675606
DM_SEG_PRD_INST_2_OFFER	3653061
TEMP_BIACD_121301_OFFER	3630133
DM_SEG_PRD_INST_2_SIGN_OFFER	3563537
DM_SEG_PRD_INST_2_OFFER_130531	3499901
DM_SEG_PARTY_ID_IDENTITY	3460748
DM_TB_PRD_2_CHANNEL	3427440
DM_SEG_OFFER_TO_DEFAULE_PRD_B	3427338
TEMP_FANGCH_CRM	3392609
DM_FIN_PD_OWE_EDM_MON	3321722
DM_PRD_MBL_INFO_DAY	3310949
TB_EVT_SNCDMACODE_SNUIMCARDBK1	3241813
DM_ODS_168_DATA_ALL	3233428
TB_LARGE_SCREEN_PACKAGE_RT1	3209936
DM_DIFF_OVER_NET_COM_LCL_MON	3202044
DM_DIFF_MIN_CALL_DATE_MON	3201698
DM_DIFF_OVER_NET_USER_NEW	3200310
DM_PRD_PD_OT_MON	3198698
DM_DIFF_OVER_NET_LAST_DT_NEW	3197281
DM_DIFF_MAX_CALL_DATE_MON	3197209
DM_DIFF_OVER_NET_USER_MON	3191514
DM_BEH_PD_BEH_OT_MON	3191292
DM_BEH_PD_BEH_OT_EDM_MON	3191292
DM_PRD_PD_OT_MON_TB	3189467
DM_PRD_PD_OT_EDM_MON	3189303
DM_PRD_OFFER_UPDATA_DAY	3188621
DM_PRD_PD_OT_MON_TP	3187626
DM_ISMP_DATA_DAY	3157893
DM_PTY_CUST_CN_MON	3104566
TEMP_BIACD_121401_OFFER	3014421
TEMP_BIACD_1214_OFFER	3006382
DM_DIFF_OVER_NET_T_MON	2859535
DM_DIFF_OVER_NET_T_LCL_MON	2857561
TB_AGENT_SETT_ARPU_MONTH_TMP	2818622
DM_PTY_CUST_TYPE_NEW_HIS	2720435
DM_PTY_CUST_TYPE_REL_NEW	2719154
DM_PTY_CUST_TYPE_NEW	2718987
DM_PRD_PO_201510	2686299
DM_PRD_PRD_INST_USER_HIS	2683379
DM_PRD_PRICE_DAY_ALL	2679829
DM_PRICE_PLAN	2677091
DM_PRD_PO_201507	2673422
DM_PRD_PO_201511	2667950
DM_PRD_PO_201509	2662469
DM_PRD_PO_201508	2658296
DM_PRD_PO_201512	2648468
DM_PRD_META_DATA	2617331
DM_SEG_PRD_PRD_INST_STATUS	2614121
DM_DIFF_OVER_NET_O_DUR_MON	2581959
DM_DIFF_OVER_NET_O_NEW	2554777
DM_TB_PRD_SERV_LEN	2531863
DM_TB_PRD_CUST	2509149
DM_SEG_PROD_ORDER_INFO	2493392
DM_PRD_CRM_USER	2471413
DM_PRD_CRM_USER_ACCT	2471406
DM_PRD_BILL_USER_ACCT	2471146
DM_PRD_BILL_USER	2471139
DM_LOC_OVER_NET_LAST_DT	2436563
DM_LOC_OVER_NET_FIRST_DT	2416141
TEMP_BAICD_0504	2386583
DM_PRD_INST_ACCT	2383209
DM_TB_SERV_DURATION	2358519
TEMP_PRD_INST_ADDR	2349932
DM_SERV_NUM_DAY	2330001
DM_PRD_OFFER_META	2324293
TB_EVT_SNCDMACODE_SNUIMCARD	2304171
DM_PRD_ACTIVE_USER_MONTH	2286988
TB_PTY_CUST_INFO_MON	2272774
DM_PRD_INFO_01_MON	2271893
DM_PRD_BILL_USER_ACCT_1	2271325
DM_AGENT_SERV_INCOME_1	2219070
DM_BUSI_ORDER_EXTENT_S1	2179668
DM_SEG_DISM_USER_BAK	2154287
DM_SEG_DISM_USER	2154287
DM_SEG_DISM1_USER	2145534
DM_PRD_ACTIVE_USER_MON_0514	2140360
DM_AGENT_SERV_INCOME_2	2131874
DM_SERV_USER_INST	2127395
DM_SEG_EVT_BUSI_ORDER	2118422
DM_AGENT_SERV_INCOME_3	2108685
DM_AGENT_SERV_INCOME_4	2103668
DM_SEG_EVT_CALL_EVENT201501ZQM	2098679
ACCT_ITEM_AGGR_150812	2089046
TEMP_PRD_INST_UNAME	2067135
DM_SAME_NET_USER	2029839
DM_SEG_BUSI_ORDER_71	2020046
DM_SEG_BUSI_ORDER_7	2018173
DM_PREPROCESS_DATA_BIL	1996088
DM_BIL_ACCT_MON_DATA	1974342
DM_ADSL_RMS_LIST	1963956
DM_ODS_168_DATA	1963688
DM_PRD_HLR_XINING	1936441
DM_SEG_EVT_MB_CALL_EVENT_NEW_2	1911026
DM_TB_EVT_CUST_ORDER	1905384
DM_LOC_OVER_NET_TX_COUNT_MON	1893751
DM_LOC_OVER_NET_FIRST_DT_MON	1891680
DM_LOC_OVER_NET_LAST_DT_MON	1891236
DM_TB_PRD_ACCT_ITEM	1888236
DM_TB_PRD_ACCT_ITEM_ONE	1828082
DM_TIANYI_NUM_NEW	1825184
DM_TB_PRD_ACCT_ITEM_TWO	1796786
DM_EVT_FAULT_CMPLNT_MONTH	1793408
DM_SEG_REGION_DEPART1	1791574
DM_PRD_168_OCS_0319	1788424
TEMP_USER_1211	1748041
TEMP_USER_1212	1746372
TB_EVT_SNCDMACODE_SNUIMCARDBAK	1716717
DM_PRD_USER_INST	1713563
DM_PRD_PD_OT_DAY_TB	1712739
DM_PRD_PD_OT_DAY_160118	1708712
DM_PRD_PD_OT_DAY	1701947
DM_PRD_PD_OT_DAY_151231	1698284
TB_EVT_SNCDMACODE_SNUIMCARD_B	1696996
DM_SEG_USER_INFO_TER_01	1695647
DM_SEG_SNCDMACODE_RESOURCE	1694419
DM_LOC_OVER_NET_MIN_CMC_DT_MON	1677228
DM_LOC_OVER_NET_MAX_CMC_DT_MON	1672976
DM_PRD_BRD_INFO_EDM_MON	1667708
TB_PRD_CRM_CDMA_INST	1634045
DM_PRD_ACC_CAILING	1633052
DM_JITU_ACCT_ITEM	1617914
DM_OVER_NET_BILL_CSMS	1615780
COMP_PROD	1586261
DM_PROD_MAIN_PLAN_N	1572375
TEMP_FANGZH_AAA	1569500
DM_PROD_MAIN_PLAN	1560931
TB_AGENT_VALUE_DEVELOP_01	1551236
SEG_DM_OVER_NET_BILL_DAY	1550798
TB_BIL_BESTPAY_TRANREC_INFO	1497123
DM_TB_PRD_PRD_MONTHOWE	1475652
DM_SWITCH_CRBT_LIST	1457368
TB_PRD_CRMBIL_BIL_INST	1456024
TB_PRD_CRMBIL_CRM_INST	1454396
TMP_CUST_CONTACT_PHONE	1450757
DM_TB_BIL_ACCT_ITEM_TWO	1436850
DM_PRD_OFFER_META_CHL	1434997
DM_TB_PRD_PRD_OWE	1433017
DM_TB_BIL_ACCT_ITEM_ONE	1431153
DM_TB_OFFER_PP	1419464
PROD_CRM_QF_0430	1417600
DM_BIL_A_SERV_EX	1415935
PROD_JF_QF_0430	1415668
DM_SWITCH_CID_LIST	1413156
DM_TB_COMP_PRD	1413119
SERV_HIS	1402918
DM_PRD_PO_201601	1389930
DM_DIFF_OVER_NET_MIN_CALL_DATE	1386044
DM_DIFF_OVER_NET_COM_LCL_CNT	1382519
DM_DIFF_OVER_NET_MAX_CALL_DATE	1382221
DM_DIFF_OVER_NET_LAST_DT	1381126
DM_DIFF_OVER_NET_USER	1378760
DM_BEH_PD_BEH_OT_DAY	1378699
DM_USER_AMOUNT_INFO	1369698
DM_SEG_USER_CELL_ORDER	1339548
DM_BEH_PD_BEH_CT_EDM_MON	1335359
DM_BEH_PD_BEH_CT_MON	1335359
DM_PRD_PD_CT_MON_TP	1333036
DM_PRD_PD_CT_MON	1331208
DM_PRD_PD_CT_EDM_MON	1330168
DM_LOC_OVER_NET_USER_MON	1327503
DM_PRD_PD_CT_MON_TB	1326912
DM_SEG_PRD_INST_2_STAFF	1319946
DM_AGENT_DAISHOU_CHARGE	1300422
DM_ORDER_TYPE_NUM_DAY	1299004
DM_TB_PRD_SERV_DURATION	1296178
SEG_TAOCAN_CHAIJI1	1283645
DM_PRD_CDMA_DEVELOP_BAK	1279035
DM_DIFF_NET_USER_OLD	1247306
TEMP_BAICD_0111	1245772
DM_PRD_PRD_DATA	1243877
OFFER_PROD_2_ACC_NBR	1241560
DM_LOC_OVER_NET_MIN_CUC_DT_MON	1226512
DM_LOC_OVER_NET_MAX_CUC_DT_MON	1220972
DM_BIL_IMSI_NUMBER	1207300
SEG_DM_OVER_NET_USER_DAY	1205917
DM_CRM_RMS_LIST	1204801
DM_LOC_OVER_NET_T_CMC_LCL_MON	1193033
DM_LOC_OVER_NET_T_CMC_DUR_MON	1190338
PROD_ORDER	1186276
SEGFANGZH	1147815
DM_DIFF_OVER_NET_O_SMS_MON	1147308
DM_LOC_NET_O_CMC_LCL_MON	1125613
DM_LOC_NET_O_CMC_LCL__MON	1122581
DM_DIFF_OVER_NET_T_SMS_MON	1116750
DM_LOC_NET_O_CMC_LCL_DUR_MON	1114973
DM_BUSI_ORDER_EXTENT_C1	1093625
TB_AGENT_FEE_INST	1083545
DM_SEG_EVT_DATA_MB_EVENT_NEW	1058349
DM_SWITCH_CRBT_CLEAR_LIST	1058100
DM_DIFF_OVER_NET_T_LCL_DUR	1034300
DM_DIFF_OVER_NET_T_LCL_CNT	1029706
DM_EVT_C_EVENT_DATA	1015796
TEMP_PRD_PRD_PW	1009152
TB_AGENT_SETT_FEE_TAIL_MONTH	1005353
TMP_PRD_INST_VALUE_INFO	971978
SEG_TEMP	950069
DM_LOC_NET_T_CUC_LCL_DUR_MON	936006
DM_PRD_BRD_INFO_DAY_160118	934566
DM_SEG_EVT_CALL_EVENT_NEW_OUT	927106
DMT_OFFER_PRD_C_DAY	926217
DM_SEG_EVT_CALL_EVENT_SERV_ID	926068
DM_LOC_OVER_NET_T_CUC_LCL_MON	924447
TMP_CUST_CONTACT_MAN	924049
DM_PRD_BRD_INFO_DAY_151231	923100
DM_SEG_EVT_MB_CALL_EVENT_NEW_5	922656
DM_PRD_BRD_INFO_DAY_151130	904729
DM_LOC_OVER_NET_TX_COUNT	901382
DM_SEG_EVT_MB_CALL_EVENT_18	898260
TB_EVT_SNCDMACODE_SNUIMCARD3	897079
DM_PRD_BIL_OCS_BIDUI_0217	896738
OCS_BIL_TO_AAA	896599
TB_STATION_FLOW_COUNT	896004
TEMP_BAICD_0217	895716
TEMP_BAICD_0217_03	895716
DM_EVT_SNCDMACODE_SNUIMCARD	895116
DM_PRD_AAA_OCS_BIDUI_0217	886469
DM_SEG_EVT_MB_CALL_EVENT_NEW_1	882180
DM_DIFF_NET_USER_OLD_2	870670
DM_DIFF_NET_USER_OLD_1	869292
DM_DIFF_NET_USER_OLD_3	867424
DM_DIFF_NET_USER_OLD_6	866652
DM_DIFF_NET_USER_OLD_7	865002
DM_USER_CELL_INFO	863107
DM_DIFF_OVER_NET_O_LCL_CNT	859058
DM_DIFF_OVER_NET_O_LCL_DUR	856709
DM_DIFF_NET_USER_4	852730
DM_DIFF_NET_USER_NEW_6	848657
TEST_DIFF_OVER_NET_O_LCL_DUR	847633
DM_DIFF_NET_USER_1	846720
DM_DIFF_NET_USER_7	846705
DM_DIFF_NET_USER_6	844424
DM_DIFF_NET_USER_DRF_NEW	844199
DM_DIFF_NET_USER	842886
DM_DIFF_NET_USER_NEW	842663
DM_DIFF_NET_USER_NEW_1	842660
DM_DIFF_NET_USER_NEW_8	841141
DM_DIFF_NET_USER_2	840852
DM_DIFF_NET_USER_NEW_2	840843
DM_PRD_OT_DAY	840555
DM_DIFF_NET_USER_3	839787
TEST_DIFF_OVER_NET_O_LCL_CNT	838242
DM_DIFF_NET_USER_NEW_7	836054
DM_PRD_HLR_OCS_BIDUI_1025	835431
TEST_DIFF_OVER_NET_LAST_DT	831667
TEST_DIFF_OVER_NET_COM_LCL_CNT	830212
DM_PRD_CRM_OCS_BIDUI_0217	794568
DM_GX_CMP_HD_01_1	791118
OCS_BIL_TO_HLR	791101
DM_LOC_NET_O_CUC_LCL_CNT_MON	789228
TB_LARGE_INDI_VALUE_INFO	788713
DM_CUST_ACCT_POST_INFOMATION	786422
DM_BEH_PD_BEH_CT_DAY	785992
DM_LOC_OVER_NET_USER	785992
DM_PRD_HLR_OCS_BIDUI_0319	785460
DM_PRD_HLR_OCS_BIDUI_0217	785438
DM_LOC_NET_O_CUC_LCL_DUR_MON	784445
DM_LOC_OVER_NET_MIN_CMC_DT	773419
DM_PRODUCT_AGENT_SETTLE	771441
DM_LOC_OVER_NET_MAX_CMC_DT	766383
DM_CRM_VPN_INST_LIST	759964
DM_SEG_PRD_PRD_INST_STATUS_04	750036
DM_PRD_BRD_INFO_DAY	744729
DM_SEG_USER_DATA_USE_LL01	742789
DM_SEG_USER_DATA_USE_LL	717168
DM_TB_ACCT_BALANCE	708718
DM_AGENT_SETT_BIL_FEE_LAST	684279
TEST_LOC_OVER_NET_T_CMC_CNT	673679
TEMP_PRD_INST_STAFF	671450
TEST_LOC_OVER_NET_T_CMC_DUR	667632
DM_PARTICPART_STORAIRTIME_USER	661994
DM_ODS_3A_DATA	656082
DM_3A_DATA	654504
DM_SEG_EVT_MB_CALL_EVENT_NEW_6	650662
OFFER_PROD_2_ACCESS_NUMBER1	649929
DM_SEG_USER_FLOW_DATA	636359
TB_PRD_CRMCRBT_CRBT_INST	627845
TB_PRD_CRMCRBT_CRM_INST	625664
DM_PRD_BIL_OCS_BIDUI_0217BA	625504
DM_PRD_PPC_OCS_BIDUI_0217	621090
OCS_BIL_TO_PPC	617530
DM_SEG_USER_INFO_TER3	616890
DM_PRD_168_OCS_BIDUI_1025	612887
DM_PRD_BIL_OCS_BIDUI_1025	608715
TB_AGENT_VALUE_SERVICE	607123
TEST_LOC_OVER_NET_O_CMC_CNT	605638
OCS_BIL_TO_SMS	603918
OCS_BIL_TO_AAACCG	600689
DM_PRD_CRM_OCS_BIDUI_02172	599438
DM_PRD_BIL_OCS_BIDUI_02172	599212
TEST_LOC_OVER_NET_O_CMC_DUR	598645
DM_TAOCAN_E_M	597390
DM_PRD_BRD_INFO_DAY_131231	596952
DM_PRD_SMS_OCS_BIDUI_0217	596915
TB_AGENT_ORDER_INST_02	596743
DM_PRD_168_OCS_BIDUI_0217	596413
OCS_BIL_TO_168	595842
DM_DAY_TABLE_MONITOR_VALUE	593088
DM_SEG_PRD_COMP_PROD	583449
DM_PRD_BIL_OCS_BIDUI_02171	580808
DM_TIANYI_NUM_DAY	573145
DM_PRD_SMS_OCS_BIDUI_0709	568629
DM_SAME_NET_USER_DRF_NEW	567528
DM_SAME_NET_USER_DRF_OLD	564085
DM_PRD_SMS_OCS_BIDUI_0319	562603
CUST_NEW_SEGMENT	560803
DM_SIX_MONTH_PHONE_BILL_05	554099
DM_PRD_ISMP_OCS_BIDUI_0319	552749
DM_SEG_EVT_CALL_EVENT_NEW_2	552028
DM_SMS_CONTENT_DATA0810	552013
DM_PRD_BIL_OCS_BIDUI_0319	551449
DM_PRD_168_OCS_BIDUI_0319	551184
DM_PRD_AAA_OCS_BIDUI_0319	549871
DM_PRD_PPC_OCS_BIDUI_0319	548565
TEMP_BAICD_0118	538301
TEMP_BAICD_011801	536800
DM_SEG_ALLWNC_DATA	532974
DM_LOC_OVER_NET_T_CMC_LCL_DUR	532779
DM_LOC_OVER_NET_T_CMC_LCL_CNT	532778
DM_SEG_SMS_DATA	527030
DM_SIX_MONTH_PHONE_BILL_03	525806
DM_SMS_SEND_CONTENT	524762
DM_ACCT_ITEM_DAY	524524
TB_LARGE_SCREEN_4G_USER_RT1	522864
DM_DIFF_NET_USER_OLD_5	517076
DM_DIFF_NET_USER_NEW_5	500838
TEMP_BAICD_0217_01	500437
DM_DIFF_NET_USER_5	497112
DM_LOC_OVER_NET_O_CMC_LCL_CNT	496117
DM_LOC_OVER_NET_O_CMC_LCL_DUR	496114
DM_SIX_MONTH_PHONE_BILL_01	493694
DM_PRD_OFFER_OFFER_DATA	491541
DM_SEG_EVT_CALL_EVENT_NEW_1	490301
DM_PRD_OFFER_T	482581
DM_PRD_BIL_PP	482195
DM_PRD_CRM_PP	481840
DM_ADSL_IP_DATA	476050
TEST_DM_LOC_OVER_NET_MIN_CMCDT	475179
TEST_DM_LOC_OVER_NET_MAX_CMCDT	473375
DM_DEVELOP_PHONE_MONTH_DATA	472504
DM_SEG_PRD_MBL	470246
DM_SEG_EVT_MB_CALL_EVENT_19	467162
DM_PRD_INST_ATTR	464506
OCS_BIL_TO_ISMP	462480
TB_PRD_CRM_ADSL_INST	459977
DM_BALK_DAY	456697
DM_ACCT_ITEM_CH_DAY	451486
DM_PRD_TERMINAL_SALE_DATA_INFO	449385
DM_ADSL_IP_DATA_END	445367
DM_SEG_USER_FLOW	440822
TB_AGENT_HNERH_OFFER	431794
TEMP_HSS_CRM	430767
DM_SEG_ALLWNC_DATA_04	430666
DM_PRD_BRD_INFO_DAY_121231	430570
DM_SEG_ALLWNC_DATA_05	429012
DM_LOC_NET_O_CMC_SMS_CNT_MON	428745
DM_LOC_NET_T_CMC_SMS_CNT_MON	426779
SEG_LARGE_SCREEN_GWTHY	425734
TEMP_FANGZH_HSS	422678
DM_DIFF_NET_USER_DEVELOP	410094
DM_LOC_OVER_NET_MAX_CUC_DT	405124
DM_LOC_OVER_NET_MIN_CUC_DT	404333
DM_ODS_TABLE_MONITOR_LOG	401787
DM_ADSL_NEW	401040
DM_SEG_EVT_MB_CALL_EVENT_10	397825
TMP_PRD_INST_BASE_INFO_26	385779
DM_PRD_ISMP_OCS_BIDUI_0217	385553
DM_SEG_PRD_INST_STATUS_MORE	383207
SEG_LARGE_SCREEN_4G_ARRIVE1	381368
TB_AGENT_ORDER_INST	377588
DM_DPI_DATA	368121
DMOSS_PRICING_SPEED_DATA	365634
TB_TRADE_ORDER_INFO	365542
DMT_PRD_PRD_C_DAY	362668
TB_AGENT_PRODUCT_INST	355670
DM_CRM_RMS_LIST_NEW	355616
DM_SERV_FIX_INST	354056
DM_PRD_ALLWNC_DATA_INFO	349789
DM_AGENT_SETTLE_PRODUCT	348880
DM_PRD_USER_INST_TMP4	342796
DM_SMS_CONTENT_DATA	340204
DMT_ADSL_NEW_DAY	334273
DM_PRD_OFFER_DEVELOP_BAK	329425
DM_PRD_OFFER_DAY	329229
DM_MOBILE_DATA_VISIT_AERA	327370
DM_PRD_USER_INST_TMP8	321484
DM_PRD_CRM_PP_1	320336
DM_PRD_BIL_PP_1	320251
SEG_LARGE_SCREEN_4G_ARRIVE	320111
TB_PRD_VPN_PROD_INST	320056
DM_SEG_PRD_SERV_INST	320032
SEG_LARGE_SCREEN_4G_ARR	317667
TB_PRD_CRM_PROD_INST_VPN	317131
DM_PRD_USER_INST_TAX_TMP4_01	300386
DM_TB_EVT_DATA	297015
TB_AGENT_ORDER_INST_01	294989
DM_NETELEMENT_LIST_DIFF	294866
DM_SEG_MANCHUSHUJU_MONTH	288808
DM_PRD_USER_INST_TAX_TMP8	288538
DM_MOBILE_CALL_VISIT_AERA	288032
TB_AGENT_VALUE_DEVELOP_04	286292
TEMP_FANGZH_0511	285879
TEMP_BAICD_011804	284994
DM_SEG_USER_SING_OFFER_INFO	284239
TEMP_BAICD_011802	284058
DM_SEG_USER_SING_OFFER_INFO1	283873
DM_ACCT_ITEM_MONTH	283589
DM_SEG_FEE_USER	282467
DM_PRD_ALLWNC_DATA	282227
TB_BIL_BESTPAY_REBATE_INFO	281938
DM_LOC_OVER_NET_T_CUC_LCL_CNT	281490
DM_LOC_NET_O_CUC_SMS_CNT_MON	281372
TB_LARGE_SCREEN_TOP_CHNL_BAK	280589
TEMP_LYX_URL	279634
TB_AGENT_SETT_BIL_REG	279484
DM_LOC_OVER_NET_T_CUC_LCL_DUR	278267
DM_LOC_NET_T_CUC_SMS_CNT_MON	277439
DM_PRD_USER_INST_TAX_TMP41	274596
SEG_LARGE_SCREEN_4G_ARRIVE3	274265
TEMP_LYX_APP	273355
SEG_LARGE_SCREEN_4G_ARR3	272059
TB_PRD_CRMSMS_SMS_INST	271775
TB_PRD_CRMSMS_CRM_INST	269958
DM_SEG_EVT_BUSI_ORDER1	269908
DM_PRD_USER_INST_TAX_TMP5	255398
DM_TSP_DEVELOP_SMS_DAY	251777
TB_AGENT_CUST_ADD_LOST_LIST	249292
LARGE_SCREEN_4G_ARRIVE21_WYP	247844
TEST_LOC_OVER_NET_T_CUC_CNT	245983
TEST_LOC_OVER_NET_T_CUC_DUR	245340
TEST_LOC_OVER_NET_O_CUC_DUR	239161
TEST_DM_LOC_OVER_NET_MIN_CUCDT	237843
TEST_DM_LOC_OVER_NET_MAX_CUCDT	237207
TEST_LOC_OVER_NET_O_CUC_CNT	237068
DM_LOC_OVER_NET_O_CUC_LCL_CNT	236797
DM_LOC_OVER_NET_O_CUC_LCL_DUR	234818
DM_OFFER_PRD_C_DAY	228296
DM_PRD_USER_INST_TAX_TMP4	227630
TMP_CUST_CITY_ATTR	224829
TEMP_BAICD_011401	221285
DIANDING_34_AREA1	221037
DM_PRD_ALLWNC_DATA_INFO_Z	216200
DM_DIFF_OVER_NET_T_MMS_MON	214936
DM_PRD_ALLWNC_DATA_INFO1	214892
DM_SEG_PRD_INST_ORDER_INFO_03	208828
SEG_FANGZH_0107	205428
DM_SEG_PRD_ORDER_INFO_01	201904
DM_CUST_DEVELOP_REPORT2	201289
TMP_PRD_INST_BASE_INFO_24	200784
DM_SEG_PRD_ORDER_INFO_001	199728
DM_DIFF_OVER_NET_O_MMS_MON	197932
DM_AGENT_SETT_HIGUSER_MONTH	196401
DM_CUST_DEVELOP_REPORT	192449
DM_JITU_ACCT_ITEM_78	191657
DM_ARREARS_DOWN_3_MONTH_LIST	191585
DM_PRD_USER_INST_OWE	182888
DM_CRM_BIL_LIST_DATA	176788
DM_GO_TO_JICHANG_USER_INFO	176700
DM_SEG_EVT_ORDER_LIST1	176484
DM_TB_PTY_Z_SERV_CUST	175780
PROD_2_COUP	175566
DM_ARREARS_AUDIT_1220_01	173050
SEG_LARGE_SCREEN_4G_ARRIVE2	168832
SEG_LARGE_SCREEN_4G_ARR2	168168
DIANDING_34_AREA2	165840
DM_XIAOLINGTONG_DATA	162060
DM_TB_PTY_SPECIAL_LIST	156956
TMP_CUST_CARD	153600
DM_SEG_PRD_INST_ARRIVE_00	152500
DM_JITU_ACCT_ITEM_PENGYQ1	150360
DM_SERV_FIX_INST_HIS	148732
DM_SEG_PRD_COMP_PROD_UP	147878
DM_GX_CMP_HD_02_1	146720
TB_AGENT_SETT_DEV_MONTH_USER	146536
TB_LARGE_USER_COUNT_RT_BAK	143550
TMP_PRD_MEMBER_DATA	143508
TEM_FANGCH_CRM	142576
TEM_FANGCH_BIL1	141096
DM_SEG_OFFER_INST_DETAIL_03	136410
DM_SEG_EVT_MB_CALL_EVENT_NEW_8	135960
DM_ODS_XLT_DATA	134727
DM_ACCT_ITEM_TYPE_PRD_NUM	134161
DM_CRM_SMS_LIST	133024
TB_LARGE_INDI_VALUE_INFO_BAK	132678
DM_SEG_BUSI_ORDER_DAY_TP1	132544
DM_VISIT_OTHER_AREA	132316
DM_PRICING_PLAN_RATE_LIST	126424
DM_SEG_PRD_ITV_INST	126204
TB_STATION_USER_COUNT	125884
TB_ONNET_INFO	124618
DM_SYS_MONITOR_VALUE	124174
DM_LOC_NET_T_CMC_MMS_CNT_MON	123816
TMP_PRD_INST_BASE_INFO_12	123484
DM_PRODUCT_AGENT_SETTLE_USER2	122916
DM_PRODUCT_AGENT_SETTLE_USER1	122612
PRD_2_COUP	122192
DM_PRODUCT_AGENT_SETTLE_AMOUNT	122096
DM_PRODUCT_AGENT_SETTLE_USER	121612
DM_LOC_NET_O_CMC_MMS_CNT_MON	117784
DMT_ADSL_SPEED_ON_DAY	117672
DM_PRODUCT_AGENT_SETTLE_ACCT2	116137
DM_PRODUCT_AGENT_SETTLE_ACCT1	116137
DM_PRODUCT_AGENT_SETTLE_ACCT	116137
DM_SEG_PRD_OFFER_INST	115688
DM_SEG_RES_FTTH_DATA	112496
DM_BIL_OWE_MONTH	109245
TMP_CUST_GRID_ATTR	108946
DM_ADSL_AAA_DATA	104613
DM_OFFER_META_DATA	104218
DM_CRM_HB_CMP_LIST	103595
TB_RES_SALE	102907
SEG_PRD_USER_INST	102364
SEG_PRD_USER_INST_MONTH	102364
DM_CMP_CRM_VPN_LIST	102299
TB_SHIYOU_SERV_USER	100681
INET_PHS	99267
DM_ODS_SHEEL_MONITOR_LOG	99106
DM_ODS_SHEEL_MONITOR_LOG_01	97095
TB_AGENT_VALUE_DEVELOP_03	94543
TEMP_FANGCH0513	92379
DM_PRD_PRD_C_DAY	91600
DM_TIANYI_DATA	90742
DM_ALL_DELAY_HOUR_VALUE	90540
DMOSS_PRICING_SPEED_0112_1	89734
ADSL_DAY_MSG	89656
OCS_ACCT_ITEM_AGGR	88053
TEMP_FANGZ_0504	87406
TMP_CUST_ATTR	85783
TB_SEG_SCREEN_INCOME_INFO03	84886
DM_CRM_CRBT_LIST	84208
DMT_OFFER_PRD_C_META_DAY	80874
DM_SEG_ALLWNC_DATA_03	78246
TB_AGENT_VALUE_DEVELOP_02	77425
TEMP_FANGZH0724	77025
TB_AGENT_SETT_USER_REG	72892
SEG_LEAVE_USER_WLJ01	71690
DM_PRD_CRBT_OCS_BIDUI_1025	71173
DM_168_DATA	71042
DM_SEG_PRD_PRD_INST_STATUS_05	70021
DM_SEG_PRD_ITV_INST1	69625
OCS_BIL_TO_CRBT	68914
DM_PRD_CRBT_OCS_BIDUI_0217	68819
DM_PRD_CRBT_OCS_BIDUI_0319	67937
DM_0_CALL_EVENT	66976
TB_WAP_ONNET_BSID081214	66177
TB_AGENT_VALUE_INST	65130
DM_TIANYIT_GROUP	65017
TEMP_FANGZH04222	64546
DM_PTY_CUST_CN_CHANGE	63704
DM_SEG_PRD_PRD_INST	63688
DM_LOC_NET_O_CUC_MMS_CNT_MON	63549
DM_AGENT_COMMON_BUSI_ANALYSIS	63455
DM_USER_SMS_SEND_0919	63272
TEMP_FANGZH0422	62383
TEMP_FANGZH04221	61807
TEMP_FANGZH_01271	61631
TEMP_BAICD_0217_02	61596
TEMP_FANGZH_0127	61459
DM_CUST_DEVELOP_REPORT1	61376
DM_LOC_NET_T_CUC_MMS_CNT_MON	61156
DM_USER_SMS_SEND0810	60744
DM_AGENT_HOT_OFFER_ANALYSE	60615
DM_USER_SMS_SEND_0731	60157
TMP_CUST_JOB_TYPE	60029
DM_USER_SMS_SEND_0714	59142
TB_WAP_ONNET_BSID0812033	58605
TB_LARGE_INDI_VALUE_INFO0	57781
DM_USER_SMS_SEND_0603	57029
TB_LARGE_SCREEN_PACKAGE_RT	56945
DM_CRM_HB_CRBT_CMP_LIST	55409
TB_LARGE_INDI_VALUE_INFOBAS	53764
DM_USER_SMS_SEND0330	53746
DM_PRODUCT_AGENT_DAISHOUFEI	53659
DM_USER_SMS_SEND_0327	53604
DM_BIL_RECORD_CMP	53013
DM_USER_SMS_SEND0310	52742
PROD_OFFER_INST	52683
DM_ALL_EVENT_DELAY_VALUE	51426
DM_USER_SMS_SEND0131	50833
DM_USER_SMS_SEND_BAK141222	48909
TB_AGENT_VALUE_SERVICE_GM	47827
DM_USER_SMS_SEND1129	47774
DM_USER_SMS_SEND1031	46355
DM_ACCT_ITEM_DAY_LIU	46081
DM_USER_SMS_SEND1020	45810
DM_ADSL_SPEED_ON_DAY_QJ	44381
DM_AGENT_DAISHOU_CHARGE_GM	43758
DM_GO_TO_JICHANG_USER_INFO1	42958
TB_DPI_URL_AREA_INFO1	42571
DM_USER_SMS_SEND1	42174
TB_BIL_BESTPAY_TRANREC_INFO1	41824
DM_CUST_BRAND_DATA_MONTH	40742
PROD_OFFER_INST1	40512
PROD_MAIN_PLAN_MORE	40453
PROD_MAIN_PLAN_MORE2	40453
TEMP_BAICD_011101	37841
DM_SEG_OFFER_INST_DETAIL_02	36721
DM_USER_SMS_SEND_BAK0324	36370
SEG_FANGZH_0723	36116
DM_SEG_PRD_PRD_INST_STATUS_03	35875
DM_GH_LIMIT_CMP_2	35639
DM_PRD_USER_INST_TMP2	34082
DM_ODS_MONITOR_LOG_02	33693
SEG_SERV_USER_TEMP	33581
DM_PRD_USER_INST_TMP1	33276
DM_ODS_MONITOR_LOG	32978
DM_AGENT_CUST_ADD_LOST_ANALYSE	32902
DM_SEG_EVT_ORDER_LIST	32772
DM_ARREARS_DOWN_DATA_LIST	32638
DM_BIL_ACCT_ITEM_REC	32291
TB_LARGE_SCREEN_PACKAGE_RT0817	32115
DM_SEG_USER_INST_TMP2	32077
DM_SMS_SEND_DATA	31825
DM_ADSL_NEW_DAY	31743
DM_SEG_EVT_MB_CALL_EVENT_NEW_3	31737
DM_PRD_USER_INST_TMP5	31123
DM_GXCL_CMP_1	30115
SMS_CHECK_COUNT_DETAIL	29593
TEMP_BAICD_201511	29382
TEMP_FANGZH_05071	28914
DM_ADVANCE_REPORT_JIFEI	28895
TEMP_BAICD_201506	28885
DM_YCHF_DATA	28558
DM_AGENT_SETT_ARPU_MONTH	28321
DM_SEG_USER_INST_TMP1	28294
DM_SEG_USER_INST_TEMP21	28294
DMT_WXKD_PRD_INST_SS	28245
TB_AGENT_SETT_HIGUSER_TMP	28171
TEMP_BAICD_201505	27953
DM_SEG_OFFER_INST_DETAIL_04	27460
DM_USER_SMS_SEND_BAS	27282
DM_E_MONTH_NEW	27086
TB_AGENT_SETT_HIGUSER_LAST	27022
DM_PCC_CHECK_APPLY	26825
DM_STORE_INFO_COUNT	26694
DMT_WXKD_PRD_INST	26269
TMP_PRD_INST_BASE_INFO_18	26132
DM_SMS_SEND_DATA_BAK	26131
DM_SEG_ALLWNC_DATA_01	26085
DM_SEG_ALLWNC_DATA_02	26074

数据库结构

**.**.**.**:8080/mpi/1.jspx 9635789

修复方案:

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:12

确认时间:2016-01-22 10:43

厂商回复:

CNVD确认所述情况,已经转由CNCERT向中国电信集团公司通报,由其后续协调网站管理部门处置.

最新状态:

暂无