1.http://tv.sina测试数据.hk/cgi-bin/subindex.cgi?id=259 萝卜检测截图: 获取表信息时,提示: FCan not get Length of 'Table Name' It seems information_schema table does not exist! Trying to guess tables! 做了一定的防范,不过通过guess tables可能猜解出表名,字段名.... 修复方案: 对新人来说,还得学习如何在攻防对抗中抢占先机.... 作者 upload 2.http://basketball.sina测试数据.hk/cgi-bin/team/main.cgi?id=26 Analyzing http://basketball.sina测试数据.hk/cgi-bin/team/main.cgi?id=26 Host IP: 218.213.85.148 Keyword Found: West Injection type is Integer DB Server: MySQL >=4.1 Selected Column Count is 2 Valid String Column is 2 Current DB: basketball 3.http://ent.sina测试数据.hk/cgi-bin/music/album/main.cgi?id=10227 Analyzing http://ent.sina测试数据.hk/cgi-bin/music/album/main.cgi?id=10227 Host IP: 218.213.85.141 Keyword Found: 6 Injection type is Integer DB Server: MySQL >=4.1 Selected Column Count is 1 Valid String Column is 1 Current DB: ent Table found: member 4.http://eladies.sina测试数据.hk/cgi-bin/column/content.cgi?main=2760&cat=2769&id=478354 Host IP: 218.213.85.136 Keyword Found: Injection type is Integer Keyword corrected: Like DB Server: MySQL >=5 Selected Column Count is 2 Valid String Column is 1 Current DB: ladies 修复方案: 内射,口爆。 作者:zeracker
查看更多关于新浪的几个分站注射 - 网站安全 - 自学php的详细内容...