漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0112068
漏洞标题:链家丁丁租房敏感信息泄漏(涉及租房双方姓名,身份证,手机号,租房信息等)
相关厂商:homelink.com.cn
漏洞作者: 平凡之路24
提交时间:2015-05-05 06:56
修复时间:2015-06-19 08:50
公开时间:2015-06-19 08:50
漏洞类型:内部绝密信息泄漏
危害等级:高
自评Rank:20
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-05-05: 细节已通知厂商并且等待厂商处理中
2015-05-05: 厂商已经确认,细节仅向厂商公开
2015-05-15: 细节向核心白帽子及相关领域专家公开
2015-05-25: 细节向普通白帽子公开
2015-06-04: 细节向实习白帽子公开
2015-06-19: 细节向公众公开
简要描述:
链家丁丁租房敏感信息泄漏(涉及租房双方姓名,身份证,手机号,租房信息等)
详细说明:
存在问题的url
gms.zufangzi.com/gms/getfile/pdf/contract/20150304/PEK10001523.pdf?orderItemId=1534&contractId=202&agentId=1679
可以通过遍历月份和pdf文件名查看和下载所有合同信息
随便写个字典遍历下试试
1.txt内容
20150301
20150302
20150303
20150304
20150305
20150306
2.txt 内容
PEK10000101
PEK10000102
PEK10000103
PEK10000104
PEK10000105
PEK10000106
PEK10000107
PEK10000108
PEK10000109
PEK10000110
PEK10001510
PEK10001511
PEK10001512
PEK10001513
PEK10001514
PEK10001515
PEK10001516
PEK10001517
PEK10001518
PEK10001519
PEK10001520
PEK10001521
PEK10001522
PEK10001523
PEK10001524
PEK10001525
PEK10001526
PEK10001527
PEK10001528
PEK10001529
PEK10001530
一会儿就爆完了,出来不少
注意这只是我随便写了一点信息,就出来这么多能用的,随便点开一个看看
不深入了
漏洞证明:
存在问题的url
gms.zufangzi.com/gms/getfile/pdf/contract/20150304/PEK10001523.pdf?orderItemId=1534&contractId=202&agentId=1679
可以通过遍历月份和pdf文件名查看和下载所有合同信息
随便写个字典遍历下试试
1.txt内容
20150301
20150302
20150303
20150304
20150305
20150306
2.txt 内容
PEK10000101
PEK10000102
PEK10000103
PEK10000104
PEK10000105
PEK10000106
PEK10000107
PEK10000108
PEK10000109
PEK10000110
PEK10001510
PEK10001511
PEK10001512
PEK10001513
PEK10001514
PEK10001515
PEK10001516
PEK10001517
PEK10001518
PEK10001519
PEK10001520
PEK10001521
PEK10001522
PEK10001523
PEK10001524
PEK10001525
PEK10001526
PEK10001527
PEK10001528
PEK10001529
PEK10001530
一会儿就爆完了,出来不少
注意这只是我随便写了一点信息,就出来这么多能用的,随便点开一个看看
不深入了
修复方案:
这么敏感的信息就不要放在网站上了。
版权声明:转载请注明来源 平凡之路24@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:20
确认时间:2015-05-05 08:49
厂商回复:
一大早就这么劲爆,多谢了。
最新状态:
2015-05-05:
2015-05-05:已经修复