乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-17: 细节已通知厂商并且等待厂商处理中 2015-06-18: 厂商已经确认,细节仅向厂商公开 2015-06-28: 细节向核心白帽子及相关领域专家公开 2015-07-08: 细节向普通白帽子公开 2015-07-18: 细节向实习白帽子公开 2015-08-02: 细节向公众公开
美团网两处鸡肋git代码泄漏
http://services.wifi.meituan.com/.git/confighttp://jc.meituan.net/.git/config
main.py可以http访问,代码泄漏。
http://services.wifi.meituan.com/main.py
# -*- coding: utf-8 -*-import web urls = ( '/api/download?(.*)', 'download_redirect', '/.*', 'FrontPage')app = web.application(urls, globals())wsgi_app = web.application(urls, globals()).wsgifunc()class download_redirect: def GET(self, name): mac = web.input().get('mac','') re_url = "http://portal.wifi.meituan.com/download" if mac: re_url = re_url + "?mac=" + mac raise web.redirect(re_url)class FrontPage(object): def GET(self): web.header('Content-Type', 'application/json; charset=utf-8 ') return """{ \"status\": 2, \"description\": "您当前未连接美团WIFI"} """if __name__ == "__main__": app.run()
<?phpdefine('ROOT','/opt/meituan/webapps/static/');define('CDN_DOMAIN_HOST','meituan.net');define('DOMAIN_HOST','meituan.com');// 静态文件根目录//$options['static_root'] = ROOT . '/static/';$options['static_root'] = ROOT;// 静态服务器$options['static_server'] = array( 'http://s0.'. CDN_DOMAIN_HOST, 'http://s1.'. CDN_DOMAIN_HOST,);$options['static_ssl_server'] = array( 'https://s0.'. DOMAIN_HOST, 'https://s1.'. DOMAIN_HOST,);// 头信息文件类型$options['header'] = array( 'css' => 'text/css', 'js' => 'application/x-javascript', 'properties' => 'text/plain', 'inc' => 'text/plain', 'ftl' => 'text/plain',);// 调试模式,用来判定是否在header打印错误信息$options['debug'] = false;// https协议$options['https'] = false;// 线下环境,用来判定是否缓存文件$options['offline'] = false;// 异常请求头信息$options['bad_request_header'] = 'HTTP/1.0 404 Not Found';// 缓存文件目录$options['cache_root'] = 'cache/';// 日志文件路径$options['log_path'] = '/var/sankuai/logs/combo_log';// 常用文件序列缩写$options['abbr'] = require('config.abbr.php');
删.git文件夹.py文件不允许直接http请求
危害等级:低
漏洞Rank:2
确认时间:2015-06-18 11:58
问题确认,感谢您对美团安全的关注。
暂无