当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(6) 关注此漏洞

缺陷编号: WooYun-2011-02600

漏洞标题: 17173整站源码泄露

相关厂商: 17173游戏

漏洞作者: 路人甲

提交时间: 2011-07-31 19:19

公开时间: 2011-08-05 21:00

漏洞类型: 系统/服务运维配置不当

危害等级: 中

自评Rank: 6

漏洞状态: 漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 help@wooyun.org

Tags标签: webserver设置不当 源码泄漏 webserver服务配置不当

0人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2011-07-31: 细节已通知厂商并且等待厂商处理中
2011-08-05: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

17173分站由于配置不当,导致源码泄露,包括数据库账号密码

详细说明:

漏洞证明:

code 区域
<?php
include_once("../include/config.php");
include_once("../include/db.php");
include_once("inc.php");
?>
<?php
//读取指定数据
$str = filter($_REQUEST["str"]);
$classStr = filter($_REQUEST["classStr"]);

if(!empty($classStr)){
$classStr = substr($classStr,0,-1);
$classStr = split(",",$classStr);
}

if (!is_array($classStr)) {
$classStr = array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10);
}

$conn = new MyAdodb($DbHost,$DbName,$DbUser,$DbPwd);
$conn->OpenDB();

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>17173·天龙八部数据库</title>
<link href="css/master.css" rel="stylesheet" type="text/css" />
<SCRIPT LANGUAGE="JavaScript" src="js/ajax.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" src="js/tkl_pagelist.js"></SCRIPT>
<script type="text/javascript">
function addBookmark(title,url) {
if( document.all ) {
window.external.AddFavorite( url, title);
} else if (window.sidebar) {
window.sidebar.addPanel(title, url,"");
} else if( window.opera && window.print ) {
return true;
}
}
function setValue(){

Obj = getObject("a");
var i = 0;
var strValue = "";
for(var j = 0;j < Obj.length; j++){
//alert(j+"|"+Obj[j].value+"|"+Obj[j].checked);
if(true == Obj[j].checked ){
i++;
strValue += Obj[j].value+",";
}
}

if (i < 1) {
alert("请选择搜索分类!");
return false;
}

document.form1.classStr.value = strValue;
//alert(Obj.length+"|"+strValue);
}

/**检查表单**/
function checkForm(){
setValue();
Obj = document.form1;
if (Obj.str.value.length < 2){
alert("请输入2位以上的关键字!");
Obj.str.focus();
return false;
}

}

//设置指定id的选项
function SetCheckBox(str){
var tempStr,reg;
var ObjectField_1 = getObject("a");
var i=0,len;

len = ObjectField_1.length;
if (len == null) {
len=1;
}

if (len == 1){
reg = eval("/,"+ObjectField_1.value+",/g");
tempStr = str.replace(reg,"");
if (tempStr.length < str.length) {
ObjectField_1.checked = true;
}
}else{

for ( j = 0; j < len; j++){
reg = eval("/,"+ObjectField_1[j].value+",/g");
tempStr = str.replace(reg,"");

if (tempStr.length < str.length) {
ObjectField_1[j].checked = true;
}
}
}
}

//读取对像
function getObject(objectId) {
if (document.all && document.all(objectId)) {
return document.all(objectId);
}else if(document.getElementById && document.getElementById(objectId)) {
return document.getElementById(objectId);
}else if(document.getElementsByName && document.getElementsByName(objectId)) {
return document.getElementsByName(objectId);
}else {
return false;
}
}
</script>
</head>
<body>
<div id="wrapper">
<div id="wrapperLeft">
<div id="innerWrapperLeft">
<div id="panelSearch">
<div id="panelSearchTop"><?php include("header.html"); ?></div>
<div id="panelSearchContent">
<table width="95%" border="0" align="center" cellpadding="0" cellspacing="0">
<form name="form1" method="get" action="search.php" onsubmit="return checkForm();">
<tr>
<td align="center">
综合搜索:
<input name="str" type="text" id="str" style="width:200px;" value=""/>
<input type="hidden" value="" name="classStr">
<input type="image" name="imageField" id="imageField"src="http://ue1.17173.itc.cn/tldb/sousuo.jpg" style="width:49px; height:20px; border:none;"/>
</td>
</tr>
<tr>
<td style="padding-bottom:10px; text-align:center;">
<input type="checkbox" name="a" value="1" checked style="width: 20px;"/> 装备
<input type="checkbox" name="a" value="2" checked style="width: 20px;"/> 套装
<input type="checkbox" name="a" value="3" checked style="width: 20px;"/> 珍兽
<input type="checkbox" name="a" value="4" checked style="width: 20px;"/> 技能
<input type="checkbox" name="a" value="5" checked style="width: 20px;"/> 元宝
<input type="checkbox" name="a" value="6" checked style="width: 20px;"/> 任务
<input type="checkbox" name="a" value="7" checked style="width: 20px;"/> 地图
<input type="checkbox" name="a" value="8" checked style="width: 20px;"/> 怪物
<input type="checkbox" name="a" value="9" checked style="width: 20px;"/> NPC
<input type="checkbox" name="a" value="10" checked style="width: 20px;"/> 物品
</td>
</tr>
</form>
</table>
</div>
<div class="clear"></div>
</div>
<?php if(!empty($classStr)){?>
<div id="dh">
<?php
for ($j = 0; $j < count($classStr); $j++){
$a = $classStr[$j];
switch($a){
case 1:
$ItemClass = "&nbsp;装备&nbsp;";
break;
case 2:
$ItemClass = "&nbsp;套装&nbsp;";
break;
case 3:
$ItemClass = "&nbsp;珍兽&nbsp;";
break;
case 4:
$ItemClass = "&nbsp;技能&nbsp;";
break;
case 5:
$ItemClass = "&nbsp;元宝&nbsp;";
break;
case 6:
$ItemClass = "&nbsp;任务&nbsp;";
break;
case 7:
$ItemClass = "&nbsp;地图&nbsp;";
break;
case 8:
$ItemClass = "&nbsp;怪物&nbsp;";
break;
case 9:
$ItemClass = "&nbsp;NPC&nbsp;";
break;
case 10:
$ItemClass = "&nbsp;物品&nbsp;";
break;
}
?>
<div id="content<?=$j+1?>"><?=$ItemClass?></div>
<?php } ?>
</div>
<?php
for ($j = 0; $j < count($classStr); $j++){
$a = $classStr[$j];

switch($a){
case 1:
$table = "tl_eqiupment";
$sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName";
break;
case 2:
$table = "tl_taozhuang";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 3:
$table = "tl_bb";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 4:
$table = "tl_skill";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 5:
$table = "tl_yuanbao";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 6:
$table = "tl_questinfo";
$sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName";
break;
case 7:
$table = "tl_map";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 8:
$table = "tl_monster";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 9:
$table = "tl_npc";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
case 10:
$table = "tl_things";
$sqlWhere = " where ItemName like BINARY '%".$str."%'";
break;
default:
$table = "";
}

$sqlStr = "select * from ".$table.$sqlWhere." limit 0,20";
$rs = $conn->ReadDB($sqlStr);
?>
<div id="ccontent<?=$j+1?>">
<div class="panelRevelation">
<div id="panelRevelationTop">
<div class="p12 cWhite current">显示前 <?=count($rs)?> 条记录</div>
<div class="p12 cWhite pagination"></div>
</div>
<div id="panelRevelationList">
<div id="innerPanelRevelationList">
<?php if($a == 1){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd col13">【装备名称】</div>
<div class=" p14 cBlack backgroundGray dd col16">【装备种类】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【装备类型】</div>
<div class=" p14 cBlack backgroundGray dd col15">【等级】</div>
<div class=" p14 cBlack backgroundGray dd col15">【外功】</div>
<div class=" p14 cBlack backgroundGray dd col15">【内功】</div>
<div class=" p14 cBlack backgroundGray dd col15">【外防】</div>
<div class=" p14 cBlack backgroundGray dd col15">【内防】</div>
<div class=" p14 cBlack backgroundGray dd col15">【命中】</div>
<div class=" p14 cBlack backgroundGray dd col15">【闪避】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd col16"><a href="arms.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="arms.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd col15"><a href="arms.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd col15"><?=$rs[$i]['OATK']>0?$rs[$i]['OATK']:0?></div>
<div class=" p14 cBlack dd col15"><?=$rs[$i]['IATK']>0?$rs[$i]['IATK']:0?></div>
<div class=" p14 cBlack dd col15"><?=$rs[$i]['ODEF']>0?$rs[$i]['ODEF']:0?></div>
<div class=" p14 cBlack dd col15"><?=$rs[$i]['IDEF']>0?$rs[$i]['IDEF']:0?></div>
<div class=" p14 cBlack dd col15"><?=$rs[$i]['Hit']>0?$rs[$i]['Hit']:0?></div>
<div class=" p14 cBlack dd col15"><?=$RS[$i]['Avoid']>0?$RS[$i]['Avoid']:0?></div>
</div>
<?php } ?>
<?php }else if($a == 2){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dd colTwo">【套装名称】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【套装类型】</div>
<div class=" p14 cBlack backgroundGray dd colFour">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colFour">【件数】</div>
<div class=" p14 cBlack backgroundGray dd colEleven">【附加属性】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,2,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="suit.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd colTwo"><a href="suits.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colFour"><a href="suits.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd colFour"><a href="suits.php?Nums=<?=$rs[$i]['Nums']?>"><?=$rs[$i]['Nums']?></a></div>
<div class=" p14 cBlack dd colEleven"><?=$rs[$i]['AdditionalEffects']?></div>
</div>
<?php } ?>
<?php }else if($a == 3){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【珍兽名称】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【战斗类型】</div>
<div class=" p14 cBlack backgroundGray dd colThree">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【食物类别】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【标准寿命】</div>
<div class=" p14 cBlack backgroundGray dd colSix">【自带技能】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd colTwo"><a href="babys.php?Fight=<?=$rs[$i]['Fight']?>"><?=$rs[$i]['Fight']?></a></div>
<div class=" p14 cBlack dd colThree"><a href="babys.php?Lv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="babys.php?Food=<?=$rs[$i]['Food']?>"><?=$rs[$i]['Food']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="babys.php?Age=<?=$rs[$i]['Age']?>"><?=$rs[$i]['Age']?></a></div>
<div class=" p14 cBlack dd colSix"><?=getSkillNameById($rs[$i]['SkillID1'])?><?=getSkillNameById($rs[$i]['SkillID2'])?><?=getSkillNameById($rs[$i]['SkillID3'])?><?=getSkillNameById($rs[$i]['SkillID4'])?><?=getSkillNameById($rs[$i]['SkillID5'])?></div>
</div>
<?php } ?>
<?php }else if($a == 4){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【技能名称】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【技能分类】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【技能类型】</div>
<div class=" p14 cBlack backgroundGray dd colTen">【学习要求】</div>
<div class=" p14 cBlack backgroundGray dd col14">【冷却时间】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd colTwo"><a href="skills.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="skills.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colTen"><?=$rs[$i]['Condition']?$rs[$i]['Condition']:"&nbsp;"?></div>
<div class=" p14 cBlack dd col14">
<?php
if($rs[$i]['ClassType']=='门派战斗技能'){
echo $rs[$i]['CoolTime']?$rs[$i]['CoolTime']."秒":"瞬发";
echo strpos($rs[$i]['CoolTime'],'-')?"(随心法等级提高而减少)":"";
}
else
echo "&nbsp;";
?>
</div>
</div>
<?php } ?>
<?php }else if($a == 5){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd colEight">【物品名称】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【物品类别】</div>
<div class=" p14 cBlack backgroundGray dd colFour">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【使用等级】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【使用期限】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【元宝价格】</div>
<div class=" p14 cBlack backgroundGray dd colTen">【功能属性】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/<?=$rs[$i]['FileName']?>" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,5,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,5,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd colTwo"><a href="golds.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colFour"><a href="golds.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd colTwo"><?=$rs[$i]['UseLv']?></div>
<div class=" p14 cBlack dd colTwo"><?=$rs[$i]['DeadLine']?></div>
<div class=" p14 cBlack dd colTwo"><?=$rs[$i]['Cost']?></div>
<div class=" p14 cBlack dd colTen"><a href="golds.php?Property=<?=$rs[$i]['Property']?>"><?=$rs[$i]['Property']?></a></div>
</div>
<?php } ?>
<?php }else if($a == 6){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dd colSix">【任务名称】</div>
<div class=" p14 cBlack backgroundGray dd colNine">【任务类别】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【所在地图】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【金钱奖励】</div>
<div class=" p14 cBlack backgroundGray dd colEight">【经验奖励】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class=" p14 cBlack dd colSix"><a href="questinfo.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div>
<div class=" p14 cBlack dd colNine"><a href="questinfos.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="questinfos.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd colTwo"><?=getMapById($rs[$i]['StartMap'])?></div>
<div class=" p14 cBlack dd colTwo"><?=$rs[$i]['Money']?></div>
<div class=" p14 cBlack dd colEight"><?=$rs[$i]['Experience']?></div>
</div>
<?php } ?>
<?php }else if($a == 7){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dd colTwo">【地图名称】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【地图类型】</div>
<div class=" p14 cBlack backgroundGray dd colFive">【地图说明】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class=" p14 cBlack dd colTwo"><a href="map.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="maps.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colFive" title="<?=str_replace("#r"," ",$rs[$i]['DescItem'])?>"><?=substr_cut(str_replace("#r"," ",$rs[$i]['DescItem']),88)?></div>
</div>
<?php } ?>
<?php }else if($a == 8){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd colEight">【怪物名称】</div>
<div class=" p14 cBlack backgroundGray dd colNine">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colNine">【经验】</div>
<div class=" p14 cBlack backgroundGray dd colSeven">【所在地图】</div>
<div class=" p14 cBlack backgroundGray dd col13">【坐标】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?><? if($rs[$i]['ItemClass']=='BOSS怪物') echo "<font color=red>[boss]</font>";?></a></span>
</div>
<div class=" p14 cBlack dd colNine"><?=$rs[$i]['Lv']?></div>
<div class=" p14 cBlack dd colNine"><?=$rs[$i]['Experience']?$rs[$i]['Experience']:"&nbsp;"?></div>
<div class=" p14 cBlack dd colSeven"><?=getMapByName($rs[$i]['Map'])?></div>
<div class=" p14 cBlack dd col13">
<? if($rs[$i]['ItemClass']!='首领头目'){ ?><?=$rs[$i]['Points']?"(".str_replace("&",",",$rs[$i]['Points']).")":"&nbsp;"?><? }else echo "多处"; ?></div>
</div>
<?php } ?>
<?php }else if($a == 9){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【NPC名称】</div>
<div class=" p14 cBlack backgroundGray dd colFour">【类别】</div>
<div class=" p14 cBlack backgroundGray dd colEight">【称号】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【所在地图】</div>
<div class=" p14 cBlack backgroundGray dd colEight">【位置】</div>
<div class=" p14 cBlack backgroundGray dd col12">【职能】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><? if(strlen($rs[$i]['FileName'])){ ?><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="37" height="38" border="0" onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a>
<?php }else echo "&nbsp;"; ?></div>
<div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd colFour"><a href="npcs.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd colEight"><?=$rs[$i]['Title']?$rs[$i]['Title']:"&nbsp;"?></div>
<div class=" p14 cBlack dd colTwo"><?=getMapByName($rs[$i]['Map'])?></div>
<div class=" p14 cBlack dd colEight"><?=$rs[$i]['Place']?></div>
<div class=" p14 cBlack dd col12"><a href="npcs.php?Duty=<?=$rs[$i]['Duty']?>"><?=$rs[$i]['Duty']?$rs[$i]['Duty']:"&nbsp;"?></a></div>
</div>
<?php } ?>
<?php }else if($a == 10){ ?>
<div class="dl">
<div class=" p14 cBlack backgroundGray dt">【图标】</div>
<div class=" p14 cBlack backgroundGray dd col13">【装备名称】</div>
<div class=" p14 cBlack backgroundGray dd col16">【物品分类】</div>
<div class=" p14 cBlack backgroundGray dd colTwo">【物品类型】</div>
<div class=" p14 cBlack backgroundGray dd col15">【等级】</div>
<div class=" p14 cBlack backgroundGray dd colNine">【物品用途】</div>
<div class=" p14 cBlack backgroundGray dd col18">【获取路径】</div>
</div>
<?php for($i=0;$i<count($rs);$i++){ ?>
<div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor">
<div class="p14 dt"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div>
<div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div>
<div class=" p14 cBlack dd col16"><a href="things.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div>
<div class=" p14 cBlack dd colTwo"><a href="things.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div>
<div class=" p14 cBlack dd col15"><a href="things.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div>
<div class=" p14 cBlack dd colNine"><?=$rs[$i]['Uses']?$rs[$i]['Uses']:"&nbsp;"?></div>
<div class=" p14 cBlack dd col18" title="<?=filters($rs[$i]['GetWay'])?>"><?=filters(getMapByName(substr_cut($rs[$i]['GetWay'],32)))?></div>
</div>
<?php }?>
<?php }?><div class="clear"></div>
</div>
<div class="clear"></div>
</div>
<div id="panelRevelationBottom">
<div class="p12 cWhite current"></div>
<div class="p12 cWhite pagination"></div>
</div>
<div class="clear"></div>
</div>
</div>
<?php } ?>
<SCRIPT>
<!--
var tab_config = {"label" :["content1","content2","content3","content4","content5","content6","content7","content8","content9","content10"],
"content":["ccontent1","ccontent2","ccontent3","ccontent4","ccontent5","ccontent6","ccontent7","ccontent8","ccontent9","ccontent10"],
"current":"quhuan",
"normal" :"quhuan1",
"current_label":"content1"
}
var tab2 = new tab_effect(tab_config);
tab2.init("滑过");
//-->
</SCRIPT>
<?php } ?>
</div>
</div>
<?php include("sidebar.html"); ?>
<div class="clear"></div>
</div>
<?php include("footer.html"); ?>
</body>
</html>



code 区域
<?
/*
系统配置文件
*/

$DbHost="10.59.96.114:3307";
$DbName="wowdb";
$DbUser="wowdb";
$DbPwd ="@!#$%$#$@@@@";

$DbHost1="10.59.96.114:3307";
$DbName1="wow_interface";
$DbUser1="wow_interface";
$DbPwd1 ="@!#$%$#$@@@@";


$sys_config = array(
"list_ip"=>"218.66.59.108|10.5.21.49|127.0.0.1",
"comment_url"=>"http://comment.news.17173.com/makecomment.php",
"comment_identy"=>"newgame@!sc90ke2!cn3gh+*)"
);


$manager_type = array
(
1 => "一般管理员",
9 => "系统管理员"
);

$popedom_type = array
(
1 => "一级",
2 => "二级",
3 => "三级",
4 => "四级",
5 => "五级"
);

$geKey = "1qwerfdsa";

//装备表名
$itemTableArr = array("ge_item_weapon", "ge_item_safe", "ge_item_adorn", "ge_item_other");

//NPC性别
$npcSexArr = array("Both"=>"男/女", "Female"=>"女", "Male"=>"男");
$htmlDir = "/html/";

?>

修复方案:

配置啊 低级问题啊

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2011-08-05 21:00

厂商回复:

漏洞Rank:3 (WooYun评价)

最新状态:

暂无


漏洞评价:

对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值

漏洞评价(共0人评价):
登陆后才能进行评分

评价

  1. 2011-08-02 10:52 | tenzy ( 普通白帽子 | Rank:176 漏洞数:21 | Need not to know)
    1

    这个给力啊!

  2. 2011-08-02 15:40 | P w ( 实习白帽子 | Rank:72 漏洞数:14 | -这家伙很懒,什么都没有留下。其实我真的很...)
    1

    太给力了啊 被脱裤?

  3. 2011-08-04 13:50 | saga ( 路人 | Rank:11 漏洞数:2 | 世界上只有10种人,懂二进制的,和不懂二进...)
    2

    这个玩大了啊~~

  4. 2011-08-05 13:27 | VIP ( 普通白帽子 | Rank:774 漏洞数:100 )
    2

    持续关注中。。。

登录后才能发表评论,请先 登录