当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0137608

漏洞标题:朋伊网服务配置不当导致信息泄露

相关厂商:亚艺互动广告(北京)有限公司

漏洞作者: 7dscan

提交时间:2015-09-01 11:35

修复时间:2015-10-18 17:00

公开时间:2015-10-18 17:00

漏洞类型:系统/服务运维配置不当

危害等级:中

自评Rank:10

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-09-01: 细节已通知厂商并且等待厂商处理中
2015-09-03: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开
2015-09-13: 细节向核心白帽子及相关领域专家公开
2015-09-23: 细节向普通白帽子公开
2015-10-03: 细节向实习白帽子公开
2015-10-18: 细节向公众公开

简要描述:

朋伊网服务配置不当导致信息泄露

详细说明:

http://**.**.**.**/.svn/entries
主站就有,目录里面的东西没翻,随便看了一个,认真看的话估计可以翻出一些东西。。。。
http://**.**.**.**/demo/mysql/

array(1) { [0]=> array(87) { ["id"]=> string(6) "225100" ["login"]=> string(5) "cyber" ["email"]=> string(15) "cyber75@**.**.**.**" ["email_public"]=> string(1) "1" ["locale"]=> NULL ["crypted_password"]=> string(40) "5062a12fb29699a255037e09eab637e5cb722997" ["salt"]=> string(40) "b2c5431d5203e13a21797f340e357b423999616d" ["created_at"]=> string(19) "2008-07-09 17:37:17" ["updated_at"]=> string(19) "2014-10-09 08:58:25" ["remember_token"]=> string(40) "ffbfa3554c29ff1157c05eaef9922c3ffd03df99" ["remember_token_expires_at"]=> string(19) "2015-10-09 00:00:00" ["image"]=> string(36) "MjI1MTAwMjAwOTAyMTIzODQ1LmpwZw==.jpg" ["nickname"]=> string(0) "" ["sex"]=> string(1) "2" ["title"]=> NULL ["description"]=> NULL ["role"]=> string(1) "0" ["status"]=> string(1) "0" ["body"]=> string(6) "微胖" ["marital"]=> string(6) "已婚" ["clothes"]=> string(4) "T恤" ["personality"]=> string(6) "稳重" ["eats"]=> string(15) "梅干菜炖肉" ["occupation"]=> string(8) "Internet" ["listen"]=> string(10) "bressanone" ["bloodtype"]=> string(1) "o" ["sign"]=> string(6) "水瓶" ["mood"]=> string(6) "饿了" ["tonight"]=> NULL ["latestactive"]=> NULL ["visitors"]=> NULL ["popularity"]=> NULL ["city"]=> NULL ["birthday"]=> string(19) "1970-01-01 00:00:00" ["age_public"]=> string(1) "1" ["image_approved"]=> string(1) "0" ["constellation"]=> string(1) "1" ["new_visitors"]=> string(1) "0" ["new_gbs"]=> string(1) "0" ["new_msgs"]=> string(1) "0" ["new_friends"]=> string(1) "0" ["count_visitors"]=> string(1) "0" ["registered_by"]=> NULL ["invited_by"]=> NULL ["activation_code"]=> string(40) "a81043a88610086870df502ecb867f93ac1bca3f" ["activated_at"]=> string(19) "2008-07-09 17:37:17" ["realname"]=> string(9) "陈永斌" ["mobile"]=> string(11) "13910759218" ["age"]=> NULL ["is_online"]=> string(1) "0" ["attachment_id"]=> string(1) "0" ["send_at"]=> NULL ["activation_step"]=> string(1) "3" ["counts"]=> string(1) "0" ["counts_24h"]=> string(1) "0" ["customize"]=> string(255) "nl179_11_08_15,nl180_11_08_22,nl181_11_08_29,nl182_11_09_05,nl183_11_09_12,nl184_11_09_19,nl185_11_09_26,nl179_11_10_03,nl186_11_10_17,nl189_11_10_24 ,nl190_11_10_31,nl191_11_11_07,nl192_11_11_15,nl193_11_11_21,nl195_11_11_28,nl195_11_12_05,nl196_11_12_12" ["privacy"]=> string(155) "{"my_guestbook_view"=>"1", "show_login"=>"1", "leave_trace"=>"0", "notify_on"=>nil, "my_blog_view"=>"1", "my_guestbook_write"=>"1", "limited_profile"=>"1"}" ["position"]=> string(39) "l,m,f,b,p,c,g,t,d,1,1,1,1,1,1,1,1,1,1,1" ["city_id"]=> string(1) "1" ["content_location"]=> string(35) "{"content"=>["1"], "people"=>["1"]}" ["ip_address"]=> string(13) "**.**.**.**" ["lastlogin_at"]=> string(19) "2014-10-09 08:58:25" ["district_id"]=> string(1) "8" ["taken_by"]=> NULL ["approved_status"]=> NULL ["approved_by"]=> NULL ["approved_at"]=> NULL ["rating_count"]=> string(2) "19" ["address"]=> string(9) "回龙观" ["id_type"]=> string(1) "1" ["id_number"]=> string(18) "342901197502175618" ["canone1_area"]=> string(1) "1" ["skip_upload_picture"]=> string(1) "1" ["mobile_code"]=> string(4) "7504" ["mobile_code_created_at"]=> string(19) "2009-11-09 14:58:17" ["mobile_confirmed_at"]=> string(19) "2009-11-09 14:59:01" ["mobile_tried_times"]=> string(1) "3" ["mobile_code_blocked_at"]=> string(19) "2009-11-09 14:58:28" ["logintimes"]=> string(3) "687" ["username"]=> string(5) "cyber" ["trading_area_id"]=> NULL ["profile_style"]=> string(1) "1" ["is_private"]=> NULL ["email_notice"]=> string(1) "5" ["come_from"]=> string(1) "5" ["open_app_status"]=> NULL ["grade"]=> string(1) "3" } }

漏洞证明:

http://**.**.**.**/.svn/entries
Folders: ['wallyproject', 'ticker', 'market', 'demo', 'mall', 'group', 'gallery'
, 'browse', 'users', 'mag', 'html', 'events', 'images', 'img', 'js', 'siteadmin'
, 'newsletters', 'piwik', 'sinaBlogAPI', 'forum', 'css', 'common', 'survey', 'sw
f', 'interface', 'profile', 'piaget_api', 's', 'incoming', 'popup', 'swfupload',
'u', 'im', 'class', 'font', 'superadmin', 'api', 'card', 'about', 'userpage']
Files: ['mctest.php', 'crossdomain.xml', 'Vmq9eTyQsmpb3Cv_txtQgM2twIA.txt', 'vco
de.php', 'getp1staticfile.php']
http://**.**.**.**/demo/mysql/

array(1) { [0]=> array(87) { ["id"]=> string(6) "225100" ["login"]=> string(5) "cyber" ["email"]=> string(15) "cyber75@**.**.**.**" ["email_public"]=> string(1) "1" ["locale"]=> NULL ["crypted_password"]=> string(40) "5062a12fb29699a255037e09eab637e5cb722997" ["salt"]=> string(40) "b2c5431d5203e13a21797f340e357b423999616d" ["created_at"]=> string(19) "2008-07-09 17:37:17" ["updated_at"]=> string(19) "2014-10-09 08:58:25" ["remember_token"]=> string(40) "ffbfa3554c29ff1157c05eaef9922c3ffd03df99" ["remember_token_expires_at"]=> string(19) "2015-10-09 00:00:00" ["image"]=> string(36) "MjI1MTAwMjAwOTAyMTIzODQ1LmpwZw==.jpg" ["nickname"]=> string(0) "" ["sex"]=> string(1) "2" ["title"]=> NULL ["description"]=> NULL ["role"]=> string(1) "0" ["status"]=> string(1) "0" ["body"]=> string(6) "微胖" ["marital"]=> string(6) "已婚" ["clothes"]=> string(4) "T恤" ["personality"]=> string(6) "稳重" ["eats"]=> string(15) "梅干菜炖肉" ["occupation"]=> string(8) "Internet" ["listen"]=> string(10) "bressanone" ["bloodtype"]=> string(1) "o" ["sign"]=> string(6) "水瓶" ["mood"]=> string(6) "饿了" ["tonight"]=> NULL ["latestactive"]=> NULL ["visitors"]=> NULL ["popularity"]=> NULL ["city"]=> NULL ["birthday"]=> string(19) "1970-01-01 00:00:00" ["age_public"]=> string(1) "1" ["image_approved"]=> string(1) "0" ["constellation"]=> string(1) "1" ["new_visitors"]=> string(1) "0" ["new_gbs"]=> string(1) "0" ["new_msgs"]=> string(1) "0" ["new_friends"]=> string(1) "0" ["count_visitors"]=> string(1) "0" ["registered_by"]=> NULL ["invited_by"]=> NULL ["activation_code"]=> string(40) "a81043a88610086870df502ecb867f93ac1bca3f" ["activated_at"]=> string(19) "2008-07-09 17:37:17" ["realname"]=> string(9) "陈永斌" ["mobile"]=> string(11) "13910759218" ["age"]=> NULL ["is_online"]=> string(1) "0" ["attachment_id"]=> string(1) "0" ["send_at"]=> NULL ["activation_step"]=> string(1) "3" ["counts"]=> string(1) "0" ["counts_24h"]=> string(1) "0" ["customize"]=> string(255) "nl179_11_08_15,nl180_11_08_22,nl181_11_08_29,nl182_11_09_05,nl183_11_09_12,nl184_11_09_19,nl185_11_09_26,nl179_11_10_03,nl186_11_10_17,nl189_11_10_24 ,nl190_11_10_31,nl191_11_11_07,nl192_11_11_15,nl193_11_11_21,nl195_11_11_28,nl195_11_12_05,nl196_11_12_12" ["privacy"]=> string(155) "{"my_guestbook_view"=>"1", "show_login"=>"1", "leave_trace"=>"0", "notify_on"=>nil, "my_blog_view"=>"1", "my_guestbook_write"=>"1", "limited_profile"=>"1"}" ["position"]=> string(39) "l,m,f,b,p,c,g,t,d,1,1,1,1,1,1,1,1,1,1,1" ["city_id"]=> string(1) "1" ["content_location"]=> string(35) "{"content"=>["1"], "people"=>["1"]}" ["ip_address"]=> string(13) "**.**.**.**" ["lastlogin_at"]=> string(19) "2014-10-09 08:58:25" ["district_id"]=> string(1) "8" ["taken_by"]=> NULL ["approved_status"]=> NULL ["approved_by"]=> NULL ["approved_at"]=> NULL ["rating_count"]=> string(2) "19" ["address"]=> string(9) "回龙观" ["id_type"]=> string(1) "1" ["id_number"]=> string(18) "342901197502175618" ["canone1_area"]=> string(1) "1" ["skip_upload_picture"]=> string(1) "1" ["mobile_code"]=> string(4) "7504" ["mobile_code_created_at"]=> string(19) "2009-11-09 14:58:17" ["mobile_confirmed_at"]=> string(19) "2009-11-09 14:59:01" ["mobile_tried_times"]=> string(1) "3" ["mobile_code_blocked_at"]=> string(19) "2009-11-09 14:58:28" ["logintimes"]=> string(3) "687" ["username"]=> string(5) "cyber" ["trading_area_id"]=> NULL ["profile_style"]=> string(1) "1" ["is_private"]=> NULL ["email_notice"]=> string(1) "5" ["come_from"]=> string(1) "5" ["open_app_status"]=> NULL ["grade"]=> string(1) "3" } }

修复方案:

删除

版权声明:转载请注明来源 7dscan@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-09-03 16:58

厂商回复:

暂未建立与网站管理单位的直接处置渠道,待认领.

最新状态:

暂无