乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-05: 细节已通知厂商并且等待厂商处理中 2015-01-09: 厂商已经确认,细节仅向厂商公开 2015-01-19: 细节向核心白帽子及相关领域专家公开 2015-01-29: 细节向普通白帽子公开 2015-02-08: 细节向实习白帽子公开 2015-02-19: 细节向公众公开
江苏联通门户网站安全问题可造成大量信息泄露,用户信息,替换app,短信接口暴露
http://www.js165.com/iportaladmin5/Res/App/tt.asp webshell一枚,上次官方修复了shell,导致菜刀无法连接,没想到目录迁移了,shell又活了
在webshell里面发现了app,去网站上看了一下,果然存在链接,如果替换app。。如图
那个火龙战机和shell里面的一样,还有很多
短信接口暴露
短信日志
2015-01-05 08:51:43,741 [3] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:13611573259, Ip:192.200.154.212015-01-05 08:51:44,819 [3] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:13611573259,strMessage:欢迎登录江苏联.通统一营销平台,您的动态密码是:977113,有效期为15分钟。【Axon】2015-01-05 08:57:39,912 [22] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:13611573259, Ip:192.200.142.132015-01-05 08:57:59,241 [22] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:13611573259,strMessage:欢迎登录广东联.通统一营销平台,您的动态密码是:978532,有效期为15分钟。【Axon】2015-01-05 09:04:04,694 [11] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:15092412297, Ip:112.231.23.2542015-01-05 09:04:25,022 [11] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:15092412297,strMessage:验证码为:883553 ,有效期为5分钟。【流量红包】2015-01-05 09:07:04,959 [16] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:18182672715, Ip:192.200.154.212015-01-05 09:07:05,272 [16] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:18182672715,strMessage:欢迎登录江苏联.通统一营销平台,您的动态密码是:791187,有效期为15分钟。【Axon】2015-01-05 09:08:32,225 [7] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:18795885556, Ip:192.200.142.132015-01-05 09:08:32,537 [7] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:18795885556,strMessage:欢迎登录浙江联.通统一营销平台,您的动态密码是:828702,有效期为15分钟。【Axon】2015-01-05 09:26:11,991 [11] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:15715551513, Ip:221.6.15.2182015-01-05 09:26:31,256 [11] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:15715551513,strMessage:欢迎登录用户画像查询平台,您的动态密码是:037230有效期为15分钟【安讯用户画像】2015-01-05 09:26:41,147 [12] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:15715551513, Ip:221.6.15.2182015-01-05 09:26:41,459 [12] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:15715551513,strMessage:欢迎登录用户画像查询平台,您的动态密码是:764425有效期为15分钟【安讯用户画像】2015-01-05 09:39:59,694 [20] INFO SendSMSByWebChinese.Service1 - 【调用SendSmsExtend()】:Mobile:15326387109, Ip:124.160.193.952015-01-05 09:40:19,116 [20] INFO SendSms.SMSHttpService - SMSHttpService.sendSms :strmob:15326387109,strMessage:验证码为:672771 ,有效期为5分钟。【流量红包】
内部文档泄露
还有好多不一一列举
。。
危害等级:中
漏洞Rank:10
确认时间:2015-01-09 18:23
CNVD确认并复现所述情况,已经转由CNCERT下发给江苏分中心,由其后续协调网站管理单位处置。
暂无