乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-20: 细节已通知厂商并且等待厂商处理中 2015-05-20: 厂商已经确认,细节仅向厂商公开 2015-05-30: 细节向核心白帽子及相关领域专家公开 2015-06-09: 细节向普通白帽子公开 2015-06-19: 细节向实习白帽子公开 2015-07-04: 细节向公众公开
http://bbs.iqianjin.com/config/config_global.php.bak
$_config = array();// ---------------------------- CONFIG DB ----------------------------- //$_config[\'db\'][\'1\'][\'dbhost\'] = \'192.168.100.13\';$_config[\'db\'][\'1\'][\'dbuser\'] = \'iqianjin_bbs\';$_config[\'db\'][\'1\'][\'dbpw\'] = \'Ke83HsLH\';$_config[\'db\'][\'1\'][\'dbcharset\'] = \'utf8\';$_config[\'db\'][\'1\'][\'pconnect\'] = \'0\';$_config[\'db\'][\'1\'][\'dbname\'] = \'bbs\';$_config[\'db\'][\'1\'][\'tablepre\'] = \'pre_\';$_config[\'db\'][\'slave\'] = \'\';$_config[\'db\'][\'common\'][\'slave_except_table\'] = \'\';// -------------------------- CONFIG MEMORY --------------------------- //$_config[\'memory\'][\'prefix\'] = \'GGMjSj_\';$_config[\'memory\'][\'redis\'][\'server\'] = \'\';$_config[\'memory\'][\'redis\'][\'port\'] = 6379;$_config[\'memory\'][\'redis\'][\'pconnect\'] = 1;$_config[\'memory\'][\'redis\'][\'timeout\'] = \'0\';$_config[\'memory\'][\'redis\'][\'requirepass\'] = \'\';$_config[\'memory\'][\'redis\'][\'serializer\'] = 1;$_config[\'memory\'][\'memcache\'][\'server\'] = \'\';$_config[\'memory\'][\'memcache\'][\'port\'] = 11211;$_config[\'memory\'][\'memcache\'][\'pconnect\'] = 1;$_config[\'memory\'][\'memcache\'][\'timeout\'] = 1;$_config[\'memory\'][\'apc\'] = 1;$_config[\'memory\'][\'xcache\'] = 1;$_config[\'memory\'][\'eaccelerator\'] = 1;$_config[\'memory\'][\'wincache\'] = 1;// -------------------------- CONFIG SERVER --------------------------- //$_config[\'server\'][\'id\'] = 1;// ------------------------- CONFIG DOWNLOAD -------------------------- //$_config[\'download\'][\'readmod\'] = 2;$_config[\'download\'][\'xsendfile\'][\'type\'] = \'0\';$_config[\'download\'][\'xsendfile\'][\'dir\'] = \'/down/\';// -------------------------- CONFIG OUTPUT --------------------------- //$_config[\'output\'][\'charset\'] = \'utf-8\';$_config[\'output\'][\'forceheader\'] = 1;$_config[\'output\'][\'gzip\'] = \'0\';$_config[\'output\'][\'tplrefresh\'] = 1;$_config[\'output\'][\'language\'] = \'zh_cn\';$_config[\'output\'][\'staticurl\'] = \'static/\';$_config[\'output\'][\'ajaxvalidate\'] = \'0\';$_config[\'output\'][\'iecompatible\'] = \'0\';// -------------------------- CONFIG COOKIE --------------------------- //$_config[\'cookie\'][\'cookiepre\'] = \'Cbq6_\';$_config[\'cookie\'][\'cookiedomain\'] = \'\';$_config[\'cookie\'][\'cookiepath\'] = \'/\';// ------------------------- CONFIG SECURITY -------------------------- //$_config[\'security\'][\'authkey\'] = \'1072a8mBp4McSNqB\';$_config[\'security\'][\'urlxssdefend\'] = 1;$_config[\'security\'][\'attackevasive\'] = \'0\';$_config[\'security\'][\'querysafe\'][\'status\'] = 1;$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'0\'] = \'load_file\';$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'1\'] = \'hex\';$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'2\'] = \'substring\';$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'3\'] = \'if\';$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'4\'] = \'ord\';$_config[\'security\'][\'querysafe\'][\'dfunction\'][\'5\'] = \'char\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'0\'] = \'@\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'1\'] = \'intooutfile\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'2\'] = \'intodumpfile\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'3\'] = \'unionselect\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'4\'] = \'(select\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'5\'] = \'unionall\';$_config[\'security\'][\'querysafe\'][\'daction\'][\'6\'] = \'uniondistinct\';$_config[\'security\'][\'querysafe\'][\'dnote\'][\'0\'] = \'/*\';$_config[\'security\'][\'querysafe\'][\'dnote\'][\'1\'] = \'*/\';$_config[\'security\'][\'querysafe\'][\'dnote\'][\'2\'] = \'#\';$_config[\'security\'][\'querysafe\'][\'dnote\'][\'3\'] = \'--\';$_config[\'security\'][\'querysafe\'][\'dnote\'][\'4\'] = \'\"\';$_config[\'security\'][\'querysafe\'][\'dlikehex\'] = 1;$_config[\'security\'][\'querysafe\'][\'afullnote\'] = \'0\';// -------------------------- CONFIG ADMINCP -------------------------- //// -------- Founders: $_config[\'admincp\'][\'founder\'] = \'1,2,3\'; --------- //$_config[\'admincp\'][\'founder\'] = \'1\';$_config[\'admincp\'][\'forcesecques\'] = \'0\';$_config[\'admincp\'][\'checkip\'] = 1;$_config[\'admincp\'][\'runquery\'] = \'0\';$_config[\'admincp\'][\'dbimport\'] = 1;// -------------------------- CONFIG REMOTE --------------------------- //$_config[\'remote\'][\'on\'] = \'0\';$_config[\'remote\'][\'dir\'] = \'remote\';$_config[\'remote\'][\'appkey\'] = \'62cf0b3c3e6a4c9468e7216839721d8e\';$_config[\'remote\'][\'cron\'] = \'0\';// --------------------------- CONFIG INPUT --------------------------- //$_config[\'input\'][\'compatible\'] = 1;// ------------------- THE END -------------------- //?> <br>网址:http://bbs.iqianjin.com/uc_server/data/config.inc.php.bak <br> 内容:<?php define(\'UC_DBHOST\', \'192.168.100.13\');define(\'UC_DBUSER\', \'iqianjin_bbs\');define(\'UC_DBPW\', \'Ke83HsLH\');define(\'UC_DBNAME\', \'bbs\');define(\'UC_DBCHARSET\', \'utf8\');define(\'UC_DBTABLEPRE\', \'pre_ucenter_\');define(\'UC_COOKIEPATH\', \'/\');define(\'UC_COOKIEDOMAIN\', \'\');define(\'UC_DBCONNECT\', 0);define(\'UC_CHARSET\', \'utf-8\');define(\'UC_FOUNDERPW\', \'ef8b55f6a426165d20e4b9c8891862e0\');define(\'UC_FOUNDERSALT\', \'7cP4T5\');define(\'UC_KEY\', \'WcC455N1zbS0deb8kcd7BbH96fk16dyfj7Yby1P5i1u849y4I2M1A8Y4v6bbKfCb\');define(\'UC_SITEID\', \'VcE4M521LbV0SeE8icb7bbN91fS1cd6f27TbN1P5M1586984m2r1p8H476gbsfDb\');define(\'UC_MYKEY\', \'ucI4S581ab00Heg8Tcr7fbi9cfe1cdLfc7QbY1i5Z1F8j9d4v2R118N4h6Nbefab\');define(\'UC_DEBUG\', false);define(\'UC_PPP\', 20); <br>
可有礼物?
危害等级:低
漏洞Rank:3
确认时间:2015-05-20 23:16
论坛数据库早已迁移,是一个很久的备份文件,无使用价值,但确实不应该以这种形式备份文件,感谢提醒
暂无
