当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0148784

漏洞标题:联动天下某服务器未授权访问涉及大量敏感信息/造成可下载上万网站源码及数据库备份文件

相关厂商:72e.net

漏洞作者: 路人甲

提交时间:2015-10-23 11:09

修复时间:2015-10-28 11:10

公开时间:2015-10-28 11:10

漏洞类型:重要敏感信息泄露

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-23: 细节已通知厂商并且等待厂商处理中
2015-10-28: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

如果正在使用或曾用过他们服务器OR数据库,速度修改网站管理密码AND数据库密码...
请看下面分解

详细说明:

某FTP未授权访问/直接泄露大量敏感信息/造成可下载上万网站源码及数据库备份文件
ftp://14.17.122.200


0.png


先来看看数据库。。

1.png


3.png


2.png


网站备案信息

ba.png


ba1.png


ftp://14.17.122.200/web/Systool/autoftp/task.ini  
//包含大量备份服务器FTP账户密码


task.png


那么我们可以按照列表里一一个登陆看看。。其实账号密码掌握了规律就 很简单,大可以扫扫还有哪些子域名。。利用规律修改登陆/此处略过/精力有限。最主要是多半会被忽略。。
截图长度有限..就截取上面一节..进去FTP 可查看到大量的信息..

h236.png


h236ms.png


h236my.png


h239.png


h251.png


h251mmsql.png


h251mysql.png


h905.png


h906.png


h907.png


h908.png


h909.png


h910.png


h912.png


h913.png


h917.png


11.png


12.png


h251.72dns.net
//一张图来看看有没有你的信息.当然这只是一小部分


my.png


因为是备份服务器,有些用户已经不在使用服务器或数据库了,但服务器仍有保存信息..

漏洞证明:

[h235.72dns.net]
Server = h235.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-235-ipowerbak
[h236.72dns.net-mssql]
Server = h236.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-236-ipowerbak
[h236.72dns.net-mysql]
Server = h236.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-236-ipowerbak
[h236.72dns.net]
Server = h236.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-236-ipowerbak
[h237.72dns.net-mysql]
Server = h237.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-237-ipowerbak
[h237.72dns.net-mssql]
Server = h237.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-237-ipowerbak
[h270.72dns.net-mssql]
Server = h270.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-270-ipowerbak
[h270.72dns.net-mysql]
Server = h270.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-270-ipowerbak
[h270.72dns.net]
Server = h270.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-270-ipowerbak
[h905.72dns.net]
Server = h905.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-905-ipowerbak
[h906.72dns.net]
Server = h906.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-906-ipowerbak
[h907.72dns.net]
Server = h907.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-907-ipowerbak
[h908.72dns.net]
Server = h908.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-908-ipowerbak
[h909.72dns.net]
Server = h909.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-909-ipowerbak
[h271.72dns.net]
Server = h271.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-271-ipowerbak
[h271.72dns.net-mysql]
Server = h271.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-271-ipowerbak
[h271.72dns.net-mssql]
Server = h271.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-271-ipowerbak
[h910.72dns.net]
Server = h910.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-910-ipowerbak
[h911.72dns.net]
Server = h911.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-911-ipowerbak
[h251.72dns.net-mssql]
Server = h251.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-251-ipowerbak
[h251.72dns.net-mysql]
Server = h251.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-251-ipowerbak
[h251.72dns.net]
Server = h251.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-251-ipowerbak
[h239.72dns.net]
Server = h239.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-239-ipowerbak
[h912.72dns.net]
Server = h912.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-912-ipowerbak
[h913.72dns.net]
Server = h913.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-913-ipowerbak
[h917.72dns.net]
Server = h917.72dns.net
FtpUser = ipowerbak
FtpPass = 72dns-917-ipowerbak

修复方案:

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-10-28 11:10

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

暂无