当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-085424

漏洞标题:咕咚网某平台Redis未授权访问(泄漏部分用户信息)

相关厂商:咕咚网

漏洞作者: 龍 、

提交时间:2014-12-01 10:49

修复时间:2014-12-04 11:19

公开时间:2014-12-04 11:19

漏洞类型:未授权访问/权限绕过

危害等级:中

自评Rank:6

漏洞状态:厂商已经修复

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-12-01: 细节已通知厂商并且等待厂商处理中
2014-12-04: 厂商已经确认,细节仅向厂商公开
2014-12-04: 厂商已经修复漏洞并主动公开,细节向公众公开

简要描述:

主页:http://www.codoon.com

详细说明:

121.199.16.9
 6379

2.jpg


1.png


(lp1
(dp2
S'is_target'
p3
I01
sS'vtype'
p4
Vhome
p5
sS'title'
p6
V\u6b27\u6d32\u9633\u5149style\u516c\u76ca\u8dd1
p7
sS'_state'
p8
ccopy_reg
_reconstructor
p9
(cdjango.db.models.base
ModelState
p10
c__builtin__
object
p11
NtRp12
(dp13
S'adding'
p14
I00
sS'db'
p15
S'default'
p16
sbsS'herf'
p17
Vhttp://www.codoon.com/activity/kelisa
p18
sS'rank'
p19
L-2L
sS'state'
p20
I01
sS'create_time'
p21
cdatetime
datetime
p22
(S'\x07\xde\x08\x07\x12,5\x00\x00\x00'
tRp23
sS'img_src'
p24
Vhttp://img3.codoon.com/backenda2ab49188b974964be28d0bf7ceea062!650m0
p25
sS'id'
p26
L47L
sa(dp27
g3
I01
sg4
Vhome
p28
sg6
V\u65b0\u9e3f\u57fa\u5730\u4ea7\u9080\u4f60\u5168\u7403\u8dd1
p29
sg8
g9
(g10
g11
NtRp30
(dp31
g14
I00
sg15
g16
sbsg17
Vhttp://cd.qq.com/zt2014/qqp/index.htm
p32
sg19
L-1L
sg20
I01
sg21
g22
(S'\x07\xde\x07\x19\x100*\x00\x00\x00'
tRp33
sg24
Vhttp://img3.codoon.com/backend8b68ba1067754f18ae9b5c13f787dac0!650m0
p34
sg26
L46L
sa(dp35
g3
I01
sg4
Vhome
p36
sg6
V\u6234\u5c14\u7075\u8d8a-\u591f\u7626\u624d\u578b
p37
sg8
g9
(g10
g11
NtRp38
(dp39
g14
I00
sg15
g16
sbsg17
Vhttp://www.codoon.com/misc/dell_slim/
p40
sg19
L0L
sg20
I01
sg21
g22
(S'\x07\xde\x06\x14\x0e9\x01\x00\x00\x00'
tRp41
sg24
Vhttp://img3.codoon.com/backend924c340dd3444178b80e6fd534e94921!650m0
p42
sg26
L44L
sa(dp43
g3
I01
sg4
Vhome
p44
sg6
V\u591c\u8dd1\u6700\u676d\u5dde
p45
sg8
g9
(g10
g11
NtRp46
(dp47
g14
I00
sg15
g16
sbsg17
Vhttp://weibo.com/1665450974/B7AYQvgKK
p48
sg19
L0L
sg20
I01
sg21
g22
(S'\x07\xde\x07\x04\x10\x03\r\x00\x00\x00'
tRp49
sg24
Vhttp://img3.codoon.com/backend9e4cb9ea52f94555929b4c419bfb65b8!650m0
p50
sg26
L45L
sa.


{"data":[{"mobilenumber":"I1413124743498","domain":"~g12b5jp","certificatename":"","realname":" ","emailverified":false,"address":"","birthday":{"y":1990,"m":8,"d":1},"verify_code":"bd2b05b3286a481b999bb79ad37e3f7c","fighting_level":1,"hobby":"\u8dd1\u6b65","portrait":" ","id":"1ed37ba2-a7c4-485b-aad0-94eb8c7f5180","_updated":1414765476,"certificateid":"","group_ids":"","is_newuser":true,"gender":"1","followings":0,"_auto_id":5062378,"installed_apps":"","nick":"cu_1413124743495","descroption":"","followers":0,"location":"\u5317\u4eac","mobileverified":false,"last_login":0,"mobile_portraits":[],"email":"1413124743497@ncodoon.com","certificateinfo":"","tmp_portrait":""},1414765476,5062378],"sql":"UPDATE `user_profile` SET `object`=%s,`updated`=%s WHERE `auto_id`=%s"}


漏洞证明:

(lp1
(lp2
Vcc74610f-53a2-419a-945d-806b9cae7c24
p3
aL9425L
aa(lp4
V1b22f4ee-99e0-4f9c-a5f3-da987e98ccd1
p5
aL5476L
aa(lp6
V0e8599b1-7f49-43e4-a17b-50fd3272f3d8
p7
aL5000L
aa(lp8
Va7151216-6be8-4283-9922-743ecff3845f
p9
aL3571L
aa(lp10
V78f61c41-4320-40d5-ba8c-b1dae609a6b6
p11
aL3001L
aa(lp12
V60a76004-4da6-45d9-80d8-1a7159b2fa5d
p13
aL3000L
aa(lp14
Vbc2117b4-b2da-4024-9dae-8db2bcf08eb6
p15
aL2868L
aa(lp16
V9d209f76-7867-4670-a095-49103e6bae0f
p17
aL2834L
aa(lp18
V9ab9d3c7-a5d7-4022-99c6-0f1750e10fff
p19
aL2521L
aa(lp20
Vabd82156-2003-4f15-8a17-f3121264e4b4
p21
aL2120L
aa(lp22
Ve8d0dafd-ec60-4d45-82aa-2416f3b40d67
p23
aL2075L
aa(lp24
V06859cea-f160-47af-867d-6cda8894e8ea
p25
aL2001L
aa(lp26
V375b2135-38aa-47be-8280-ab2f3e8ffd76
p27
aL2000L
aa(lp28
V3a3be5cb-5973-4852-9ab7-60f1ac82c652
p29
aL2000L
aa(lp30
V841c15d2-646e-4dd2-9fa1-5b422df5a498
p31
aL1989L
aa(lp32
Vc34a5f65-bd35-4d43-b851-98b1d00b0fe5
p33
aL1875L
aa(lp34
V210335a4-a490-4a19-971a-32735c92b754
p35
aL1820L
aa(lp36
V92b92562-9a2f-47c2-971d-4675684c1859
p37
aL1810L
aa(lp38
V5caf5ec0-6e14-4ad2-8e66-d0180060518b
p39
aL1800L
aa(lp40
V107ff7af-e8b7-4121-b3bb-d2d610d82617
p41
aL1767L
aa(lp42
Vcef386bd-9edd-4021-b831-83ad56525fd1
p43
aL1659L
aa(lp44
Va99c3e40-158a-4501-a9b9-b29aabeff1d4
p45
aL1637L
aa(lp46
Vac3cdbb8-1c7d-4012-85a9-b6d2af056e53
p47
aL1600L
aa(lp48
Va5f325f1-ab41-4940-88a6-05f80bd43814
p49
aL1557L
aa(lp50
V80ad9140-aee4-471d-83c5-3e89a9bfc4c4
p51
aL1521L
aa(lp52
V0bd1a94e-39e0-4b70-a91a-b5251c44490b
p53
aL1500L
aa(lp54
V9c2cf2cb-18f3-462f-8801-be5e6921c9af
p55
aL1500L
aa(lp56
V3db16896-dbb5-4877-8731-be8e612f566f
p57
aL1500L
aa(lp58
Ved9af80d-6e45-42c2-9783-c1996aa031d5
p59
aL1500L
aa(lp60
V85b8f5dc-65a0-496b-b3ad-36391590045b
p61
aL1500L
aa(lp62
Vf1d72e73-57e5-424f-a1f9-cad9be0018bd
p63
aL1500L
aa(lp64
V5cf95cac-0498-4352-847e-3232f43d1b6b
p65
aL1500L
aa(lp66
Ve5ff6f33-582f-429b-abe5-8eeb2e2f2870
p67
aL1400L
aa(lp68
V42a142d1-e933-41d0-936d-465b9c32f412
p69
aL1400L
aa(lp70
Vdb7fa1f7-6100-4307-8f40-bb70bd647b3b
p71
aL1300L
aa(lp72
V7196dde1-f586-4a5a-a918-ef746aaf8ca2
p73
aL1290L
aa(lp74
V9b0741ba-b810-482e-9e36-1bb0ddb00b95
p75
aL1289L
aa(lp76
V88d6a9e4-46a6-47f0-b86b-dec97a190414
p77
aL1200L
aa(lp78
V1c2437e1-321f-4416-9d49-6580992c40e0
p79
aL1200L
aa(lp80
V0c1ed646-f81b-41d2-9f53-c6d5dd7de8da
p81
aL1200L
aa(lp82
Vbbe312fe-52b2-4de0-9868-1549f34a8c4a
p83
aL1200L
aa(lp84
V36f3bf9b-748c-4a0c-b628-b7cff215c545
p85
aL1200L
aa(lp86
V249a232f-bd77-4fad-8e42-ba19eebd4fc6
p87
aL1200L
aa(lp88
Vfbe89397-acaf-4f7d-8e6c-58dd9c57da9c
p89
aL1200L
aa(lp90
V48b88900-6ce4-4e45-89fc-277fa1903189
p91
aL1200L
aa(lp92
Vc219db07-f69e-4406-92f9-bd23fbc6f2a5
p93
aL1173L
aa(lp94
Vd61bf671-d065-4f1c-962d-fd3dd17cdf76
p95
aL1155L
aa(lp96
Vb5afece7-6c31-48ff-9a63-0b4fa42fa60e
p97
aL1140L
aa(lp98
Vdea21a16-33e5-4443-a822-4500efd7a796
p99
aL1113L
aa(lp100
V18b02604-b568-43fe-ba82-92ceafcdafaa
p101
aL1100L
aa(lp102
V589aecf2-681b-4107-9461-58d98c7b9d30
p103
aL1100L
aa(lp104
V354de0a5-06b0-42a2-ad0a-79f2119fcd82
p105
aL1094L
aa(lp106
Vc41e1256-b716-4a42-afea-cd40e6758541
p107
aL1043L
aa(lp108
V29fa44ee-e549-41f1-9ded-5631c84c34ba
p109
aL1042L
aa(lp110
V7a4bec02-8160-43d5-8fc4-e5e7867cd61d
p111
aL1041L
aa(lp112
V431f0a0c-46f7-4951-ab5f-d6f823162147
p113
aL1040L
aa(lp114
V50580629-af0d-47f5-8374-fc5c0009a90c
p115
aL1039L
aa(lp116
V143590a5-4618-4265-a6ed-59ab696094fa
p117
aL1038L
aa(lp118
Vb1c03301-1499-4426-9eab-0f70beba18bb
p119
aL1037L
aa(lp120
V1599fc4a-edc5-4663-88d4-6c21c823404b
p121
aL1036L
aa(lp122
V100ab304-b1d9-4cd7-ab63-423d341b58b5
p123
aL1035L
aa(lp124
Vc512f842-c0e1-472f-9cd6-da23072a8492
p125
aL1034L
aa(lp126
V45167276-de40-47b3-a5c4-5346e785d741
p127
aL1033L
aa(lp128
V351771e1-7d04-44d0-aa92-97df14c21c12
p129
aL1032L
aa(lp130
Vaef59f7f-e51d-4488-8863-62c299c31373
p131
aL1031L
aa(lp132
V85ec925a-527c-4d30-84b7-021d3aa8fb08
p133
aL1030L
aa(lp134
V194b2f2c-1e80-41b6-adef-9adb332adac9
p135
aL1029L
aa(lp136
V9aedb9c1-8ab5-4171-9bd7-5815ac53227f
p137
aL1028L
aa(lp138
V964d0c0b-404e-4e9e-93e1-8956828ab84a
p139
aL1027L
aa(lp140
Vc1ae541e-8d24-47de-8497-88bbc464df6e
p141
aL1026L
aa(lp142
V7caf6755-0224-4120-a107-18b2b7cfb353
p143
aL1025L
aa(lp144
Vec55ad95-1634-4fcc-aff7-132bfe453c5d
p145
aL1024L
aa(lp146
V5ed6ee5f-8df3-42d1-95c7-bb82afbd9f42
p147
aL1023L
aa(lp148
V50682292-42ea-456f-8c24-9d5de0f45c36
p149
aL1022L
aa(lp150
Vb89986e7-c0a2-42da-a365-62cd69124226
p151
aL1021L
aa(lp152
Vfa89ce00-5426-46b0-ae4e-75170b23c5b2
p153
aL1020L
aa(lp154
V4f48cf7c-f8ad-4bc3-9b31-ec5649cfbbcb
p155
aL1019L
aa(lp156
V8d29d2bf-3a29-4037-a400-c296f218b9c2
p157
aL1018L
aa(lp158
Vaa6fe937-5367-4a5d-9505-7aaafad29250
p159
aL1017L
aa(lp160
V448e234a-d02a-4aa0-acdd-1f667dc93162
p161
aL1016L
aa(lp162
V928119a5-ff6f-431b-8579-ec3ae25f5eba
p163
aL1015L
aa(lp164
Va930a4d7-a8e8-4f4f-83c9-4019cbaf8340
p165
aL1014L
aa(lp166
V72e2a990-d797-4f36-a43f-82914713914a
p167
aL1013L
aa(lp168
V4b61ce5e-c7ed-45a8-9107-a7e5da845736
p169
aL1012L
aa(lp170
V88e3eab0-8838-4988-99a8-5108221286ba
p171
aL1011L
aa(lp172
V7381e432-7cc0-42fb-a482-a9d28e871fd7
p173
aL1010L
aa(lp174
V29349fe4-471e-4d56-a976-9c1bcfdced80
p175
aL1009L
aa(lp176
V5c4c14b4-2e1c-4281-97a1-34d78bb3e49a
p177
aL1008L
aa(lp178
V65e60a49-f089-4970-8d48-0c3a0106fc32
p179
aL1007L
aa(lp180
Vafc92a64-2d46-4f57-8fcc-d785311b05dd
p181
aL1006L
aa(lp182
Vd6f75ef8-686a-4f94-8e06-1353bf52a0c9
p183
aL1005L
aa(lp184
Vb96146a4-177c-44c3-b4f9-a4933c141944
p185
aL1004L
aa(lp186
V36d75e80-6909-464d-8abf-7900544c5382
p187
aL1003L
aa(lp188
V64e16d21-58ba-426b-aabc-5f0256ec4409
p189
aL1002L
aa(lp190
V27357563-44b0-4f49-a401-cbc812e0c912
p191
aL1001L
aa(lp192
V5dc3f419-f41a-4e05-a280-560366a26829
p193
aL1000L
aa(lp194
V6ae6af9b-f5fe-4341-8095-438e4b6e0f4e
p195
aL1000L
aa(lp196
Vdaace9dd-1755-4cfd-8401-8d613866499b
p197
aL1000L
aa(lp198
V45206877-83df-4c37-ad25-ec252bd1d13a
p199
aL1000L
aa(lp200
V126691fa-5f7f-427e-8cc8-76ef4ddcbe2c
p201
aL1000L
aa(lp202
Vf8ba7365-bdc9-41d3-ac73-a2b1b4005117
p203
aL999L
aa(lp204
V0a5d6e89-5055-4f5c-9d20-c8fefc4e551d
p205
aL988L
aa(lp206
V3832fab8-004d-4a86-bb27-d5617a168833
p207
aL897L
aa(lp208
V961cf488-1b2f-4424-8397-ac04793a8798
p209
aL856L
aa(lp210
V8560d108-a71e-4993-941a-4cafae9a07a5
p211
aL851L
aa(lp212
Vfcb64242-0734-42b4-a072-b55ce37c2605
p213
aL769L
aa(lp214
Va26cc9d7-671c-4c43-a23b-d281023058b8
p215
aL738L
aa(lp216
V35b6b0b1-3b84-4c27-beb7-3adffb625c03
p217
aL728L
aa(lp218
V0ce0c2ec-f203-460f-b459-bfea50767af4
p219
aL606L
aa(lp220
V1495c77f-44de-4173-91d5-71fbaf151801
p221
aL585L
aa(lp222
V06e611b2-c27a-4e01-a8c1-c146d59b7acf
p223
aL544L
aa(lp224
Vaca8f7e4-4bc2-4000-a035-00038ccc97d1
p225
aL465L
aa(lp226
V3ef22d37-cd76-4c67-8971-f3dce43342cd
p227
aL449L
aa(lp228
V4d6dfbed-37d6-4b9c-b529-75c6b9216e59
p229
aL429L
aa(lp230
V55834940-3631-47b4-939d-2a66ce3ce120
p231
aL348L
aa(lp232
Vc58ff3d6-316b-416d-a564-eb70daca31df
p233
aL342L
aa(lp234
V5e79fdd7-cf11-4094-857e-a7de3a2b4f99
p235
aL338L
aa(lp236
V953e6438-88c0-498f-b7e5-c6d67b3aecdf
p237
aL322L
aa(lp238
V70af712d-371f-4e17-bedc-322398df3873
p239
aL134L
aa(lp240
V6a350386-5855-4fe8-a20f-526d2448f6b7
p241
aL123L
aa(lp242
V5ab6a290-7edc-41d3-a5a4-666afea3adf4
p243
aL120L
aa(lp244
V08561388-b6d5-4fed-9dc2-350f5a828e2c
p245
aL100L
aa(lp246
V0819bc67-90de-4554-bf39-a9d24bfa5625
p247
aL24L
aa(lp248
Vc184c249-d6f0-4a07-ab76-189e0cc4459d
p249
aL23L
aa(lp250
V1792e1f4-be12-4844-bf05-d9ebf7a4cdd3
p251
aL15L
aa(lp252
Vb1d746be-c1f5-4235-bb7b-6062b996de2f
p253
aL12L
aa(lp254
V8b23c907-5890-443f-bad0-a93f639bc0d8
p255
aL12L
aa(lp256
Va124e594-3396-4598-a274-46e8ce24c42a
p257
aL11L
aa(lp258
V6d162708-39d4-4d9d-b10c-09faf2bbfb8e
p259
aL10L
aa(lp260
Vc48858f4-3e4a-49b8-89f0-4fbe8f4a57e7
p261
aL9L
aa(lp262
V4bda29b9-818f-4edd-a9bb-ab8526fa49dd
p263
aL8L
aa(lp264
V8355a588-bdf7-4b35-a95e-f237a093cb36
p265
aL7L
aa(lp266
V34ea603f-1a16-4349-afd0-26f8a8261bfe
p267
aL6L
aa(lp268
Vbe7c1626-ba10-431f-b244-f783c5ebe10e
p269
aL5L
aa(lp270
V5c68d286-21c9-470f-a05a-84a0dc9a907e
p271
aL4L
aa(lp272
V4c5cb707-9c75-41d8-9e6a-d333c2540399
p273
aL3L
aa(lp274
V3b8e5e82-b7b3-416b-befe-54dd16c39b5f
p275
aL2L
aa(lp276
V7a6f7017-a5a6-487a-85b9-65306e943fa2
p277
aL1L
aa.


1.png

修复方案:

版权声明:转载请注明来源 龍 、@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2014-12-04 11:18

厂商回复:

已经封掉外网IP访问

最新状态:

2014-12-04:已经修复