当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-020914

漏洞标题:国家电网某分公司网站被黑导致插入大量非法信息

相关厂商:国家电网公司

漏洞作者: 马燕羊蝎子

提交时间:2013-03-29 18:59

修复时间:2013-05-13 18:59

公开时间:2013-05-13 18:59

漏洞类型:恶意信息传播

危害等级:中

自评Rank:8

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-03-29: 细节已通知厂商并且等待厂商处理中
2013-03-30: 厂商已经确认,细节仅向厂商公开
2013-04-09: 细节向核心白帽子及相关领域专家公开
2013-04-19: 细节向普通白帽子公开
2013-04-29: 细节向实习白帽子公开
2013-05-13: 细节向公众公开

简要描述:

国家电网某分公司网站被黑导致插入大量非法信息,晚上回家再细看。
欢迎入驻.
: )

详细说明:

不多说,直接上图

1.jpg


大量链接跳转至www.556666.com非法站点。


2.jpg

漏洞证明:

whois信息
Visit AboutUs.org for more information about 556666.com
AboutUs: 556666.com

Domain name: 556666.com
Registrant Contact:
-
Li Shaoqin ()

Fax:
Penglai sea Lincuo Temple Lane, No. 24
Town Raoping County, GUANGDONG 515724
CN
Administrative Contact:
-
Li Shaoqin (lishaoqin997@gmail.com)
+1.3423987444
Fax:
Penglai sea Lincuo Temple Lane, No. 24
Town Raoping County, GUANGDONG 515724
CN
Technical Contact:
-
Li Shaoqin (lishaoqin997@gmail.com)
+1.3423987444
Fax:
Penglai sea Lincuo Temple Lane, No. 24
Town Raoping County, GUANGDONG 515724
CN
Status: Locked
Name Servers:
dns1.dnsiyy.com
dns2.dnsiyy.com
dns3.dnsiyy.com
dns4.dnsiyy.com

Creation date: 29 Jun 2011 18:32:00
Expiration date: 29 Jun 2014 18:32:00

Get Noticed on the Internet! Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com
=-=-=-=
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about or
related to a domain name registration record. We make this information
available "as is," and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful
purposes and that, under no circumstances will you use this data to: (1)
enable high volume, automated, electronic processes that stress or load
this whois database system providing you this information; or (2) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via direct mail, electronic
mail, or by telephone. The compilation, repackaging, dissemination or
other use of this data is expressly prohibited without prior written
consent from us.
We reserve the right to modify these terms at any time. By submitting
this query, you agree to abide by these terms.
Version 6.3 4/3/2002


你们那么牛,可以抓人了。

修复方案:

删除非法信息,检查后门,

版权声明:转载请注明来源 马燕羊蝎子@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2013-03-30 08:17

厂商回复:

恩,昨天晚上就看到你在刷漏洞,注册的邮件被当成垃圾邮件了,一直没收到。
周一协调相关单位处置。

最新状态:

暂无


漏洞评价:

评论

  1. 2013-03-29 19:03 | lucky ( 普通白帽子 | Rank:409 漏洞数:81 | 三人行必有我师焉########################...)

    不是吧!动作这么快!

  2. 2013-03-29 19:05 | xsser 认证白帽子 ( 普通白帽子 | Rank:254 漏洞数:17 | 当我又回首一切,这个世界会好吗?)

    .... 冷静

  3. 2013-03-29 19:16 | 淡漠天空 认证白帽子 ( 实习白帽子 | Rank:1113 漏洞数:141 | M:出售GOV STATE NSA CIA NASA DHS Symant...)

    这个不足为奇 嘻嘻 是实话

  4. 2013-03-29 22:28 | 冷静 ( 路人 | Rank:3 漏洞数:2 )

    @xsser 叫我做啥 嘻嘻

  5. 2013-03-30 08:45 | 国家电网公司(乌云厂商)

    @xsser 梳理了一年的流程,真不容易啊。。。

  6. 2013-05-14 15:07 | El4pse ( 路人 | Rank:29 漏洞数:7 | 世界上从来没有不可能这几个字,可不可能完...)

    这是多大的仇啊