当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0156427

漏洞标题:我爱购物网全部用户数据泄漏(100W+用户信息\含密码可解密登录)

相关厂商:55bbs.com

漏洞作者: 香烟

提交时间:2015-11-28 09:31

修复时间:2015-12-03 09:32

公开时间:2015-12-03 09:32

漏洞类型:用户资料大量泄漏

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-11-28: 细节已通知厂商并且等待厂商处理中
2015-12-03: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

详细说明:

1079884	sunnyweixiang	sunnyweixiang	7250a86d8cf0d6f62dd9ae19efc6269b		0	0	12	0		122.96.147.38	1234254927	122.96.147.38	1234254927	1234255114	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$08$fa6103b74659b7b2853a1u0UkOMLuPLFChUIQcu0xVsSXYIXfeG0S	0	0
1079883	brenda83	brenda83	8d008eaf6a3c804b879a5e6c0cf4ba39		0	0	11	0		202.106.102.142	1234254924	124.65.196.6	1439281824	1439281824	1351070482	72	0	0	200	88	81	3	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$09$0689a53be692f1b8ba5aauTIcWSTfQMzNtBDBhUUXn4e2lK6Uz7fG	0	0
1079882	wangleienjoy	wangleienjoy	50e028c41bcf4466f0e1f8a84b675076		0	0	12	0		202.38.153.190	1234254919	202.38.153.190	1234254954	1234577089	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$09$e4bbdf47026d5ee93a8c7OGwCMXYe6M0XuAUAKDkzUbLv6R5F7acq	0	0
1079881	ÑöÍû£¬±±Î³	ÑöÍû£¬±±Î³	35571dcd94847d77a9195be5dd1333b4		0	0	15	0		218.107.128.60	1234254903	218.107.128.60	1234262885	1234318919	1234262920	2	0	0	0	2	2	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$09$53b9037e9392b30700390u/lbN4e8K9xiupMBllOtbSdCHcu..vNO	0	0
1077146	vono	vono	1b33494611ad7ed536e656c01d8d4e3f		0	0	12	0		222.130.248.210	1234106999		1234106999	1234106999	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$06$7b20f3e4dfb139a5c28adOu8mbzHrdkGio9.3kQgYKhkR/z63BAIe	0	0
1077147	°®ÇéÇÉ¿ËÁ¦	°®ÇéÇÉ¿ËÁ¦	e10adc3949ba59abbe56e057f20f883e		0	0	16	0		222.131.25.218	1234107018	222.131.221.92	1269601941	1270815910	1268985452	293	0	0	200	296	292	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$09$554f410219c5a47e5e2d1uGb1n.pE0qAqMce0Cvp.d6t/I/ZrqvAy	0	0
1077148	±¦¶ùÎÞµÐ	±¦¶ùÎÞµÐ	d528b6a56df55e9fd9810062af658945		0	0	12	0		124.64.227.197	1234107313		1234107313	1234107313	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$08$d149f0552f1f2812d7baduOkmZIbM/fwqt7SbxJDU/cUPmE8qnthu	0	0
1077149	cecilia_yezi	cecilia_yezi	d67d2aa9b37f005201b8e6ac07c3740b		0	0	12	0		124.200.18.178	1234107323	60.28.165.198	1244267312	1283749894	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$10$8d3d7b9962818c7b44232umC2ok2CdCbS9iE0tq53noLD2EFDQuxS	0	0
1079880	yingzi9131	yingzi9131	670b14728ad9902aecba32e22fa4f6bd		0	0	12	0		221.218.218.115	1234254883	101.51.38.144	1423297870	1234254883	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$10$c92950bc7931630683489usj0oXBeB6zMttYMqqh7n2UMJhLYCvle	0	0
1079879	Ʈѩ÷ÈÓ°	Ʈѩ÷ÈÓ°	ce036f105ff51133960fee1cd62b5e27		0	0	12	0		211.94.73.188	1234254834	124.205.101.34	1320803847	1320831034	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$09$9696a0dad732b97811357uyu6eWzZVNZqVg/3/feuNKKG61KyQ9mi	0	0
1079878	coolbul	coolbul	fba291e76fae2c606f2028967ac05576		0	0	12	0		61.51.196.91	1234254800		1234254800	1234254800	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$08$738bce7ae167d276f8fe5uNcc53bEj0otOFGsfxiyCN2YAzcOIPkK	0	0
1079877	»ªÄêËÆË®	»ªÄêËÆË®	f089f03b6a30db0a95008b2a8a20c501		0	-1	5	0		123.118.120.76	1234254736	123.118.127.153	1246241756	1246338437	1246245022	10	0	0	0	13	13	0	0	0	0	0	0	0	[email protected]	0000-00-00	1	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$09$78a210467a94bf2fc2e5cuGMNeWnT7PMYGd2eovRtrShrPROHL1nO	0	0
1079876	³µÐÐÌìÏÂ	³µÐÐÌìÏÂ	5b1b68a9abf4d2cd155c81a9225fd158		0	0	12	0		125.34.44.203	1234254610		1234254610	1234254610	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$10$bfc95b3fb686a9961548beyEhzanqBvDDcWFH0Yf7yuOjKn1KMhiq	0	0
1079875	theblueeye	theblueeye	d024152ea663127a5fb4e2dbe69fe72e		0	0	12	0		124.126.227.160	1234254602		1234254602	1234254602	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$10$8d98fa440887c6c4577bduI.pBWHXK68GA7dASDhM5VVniNNEikF2	0	0
1079874	º£±ß±¼ÅÜ	º£±ß±¼ÅÜ	ff056a591e0072af284ceb5bbc6bf123		0	0	12	0		123.117.161.178	1234254564		1234254564	1234254564	0	0	0	0	0	0	0	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$09$04c29d60e867c8ca09685eJ1ZAYizFE2SBbfKt/Luk8pwfef26kU.	0	0
1077157	Erica.y	Erica.y	786c120d8fa9892e57d43be5b7265ca4	ebfddeb5	0	0	16	0		61.189.196.55	1234107643	124.64.107.207	1326179481	1327894304	1326173850	205	0	0	0	161	161	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$10$c61db03e6a3670cffbfa2urwJyOFGfvvaziMObI.UiKBRNNiM3B8m	0	0
1079873	nananafuli	nananafuli	695fe9ecc7e0e0e3c866eb861d442117		0	0	9	0		219.237.242.91	1234254544	106.120.245.246	1438321824	1438321824	1438332796	347	0	0	400	104	96	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$09$1c2b33d69715e13db1d92uhfdwBYs3QW7usjvxJ9wc13S.MmDBL1G	0	0
1079872	237809602	237809602	684d0c68b7f85f7f1ae8e924274b0524		0	0	13	0		61.179.153.236	1234254535	222.134.71.53	1242481607	1242732214	1242105890	53	0	0	0	50	50	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	1	0				0	$2a$09$aec7ba1437fbd4ebbb3fbOPjz2bPF4C5klxMfH1rY10s.r1UH8ngi	0	0
1079871	junoesque	junoesque	4dd222ea7ab7f1b762a5285af2f219b2		0	0	13	0		192.11.236.114	1234254519	123.116.40.91	1424950472	1424950472	1387586001	39	0	0	0	35	35	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$06$a172181baa096556af95fufyt.JS9dlZqiT1ixCFztTtzTN7U12MC	0	0
1079870	liuqiantj	liuqiantj	5d3184dcfc74cc8c90aa2872e949b53e		0	0	11	0		221.239.119.242	1234254514	49.204.155.125	1423295643	1336543932	1335427001	55	0	0	1600	88	56	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$10$5929367c96e5af0a0676eumZCfpBwb17I0itnUhQ9ma344KWhM1j.	0	0
1079869	ÐìÒ»Ò»	ÐìÒ»Ò»	30a24f10fa27e8e8e3d17d3b566d8cb9		0	0	15	0		222.171.104.29	1234254450	222.171.104.29	1236243288	1236305902	1234839430	16	0	0	0	2	2	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$08$b9896e2af84db4fc41f63uGTuTFNhru0GIS7zE2L13VsHCA0cE4Di	0	0
1077163	Ì«ÑôÞ±Þ±	Ì«ÑôÞ±Þ±	451dc83e405e7b451d2637b62a6d2e23		0	0	15	0		61.149.129.22	1234107810	61.149.131.52	1234107810	1257510026	1257510113	1	0	0	0	1	1	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$08$8768cec20cf902a5f4010ugu03YsQlLBrxChOc2xXsLuf7gEVCdsW	0	0
1079868	ÎÒÊÇ´ó´ó³ø	ÎÒÊÇ´ó´ó³ø	d93a1dcc2e18374eeff94c7ba3b59380		0	0	14	0		123.122.84.199	1234254399	123.122.80.233	1235957787	1236652026	1236652162	12	0	0	0	15	15	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	1	0	2	26	0	0				0	$2a$10$101bacb539bb6091adb52u3XgaTbJPTspJH17SUYKt9PyTNQystRm	0	0
1079867	25933590	25933590	a047659efee9be473affe4c8ec783c9f		0	0	15	0		210.83.204.114	1234254309	221.218.69.167	1437668479	1437668479	1323271085	3	0	0	0	3	3	0	0	0	0	0	0	0	[email protected]	0000-00-00	0	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$07$77526b1e2f523861e0276uLJqwrI0E5kDNsFrDp6NoKotdZBBFAhe	0	0
1079866	´ó¿ªÉ±½ä	´ó¿ªÉ±½ä	ac7820f1cd06f2e7800d563c0e00ec01		0	-1	5	0		60.208.178.213	1234254284	218.58.14.183	1252217543	1256450359	1252217582	9	0	0	0	4	4	0	0	0	0	0	0	0	[email protected]	0000-00-00	1	0	0	0	0	0	1	1	1	0	9999	0	0	2	26	0	0				0	$2a$06$3637ccab9a5e0f256ede4ePCsQNcp3Khkzl3sIipDbseuZLYL9V1O	0	0
E]S6D_B$GFP8MN77%A}9LIV.png

漏洞证明:

网盘地址:

mask 区域 
1.://**.**.**//pan.baidu.com/s/14xj9G 密码:99hi</code>


a.png

修复方案:

修改密码

版权声明:转载请注明来源 香烟@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-12-03 09:32

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

暂无