当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-034019

漏洞标题:赛迪网某分站未授权访问(发现疑似后门)

相关厂商:赛迪网

漏洞作者: niliu

提交时间:2013-08-10 09:38

修复时间:2013-08-15 09:38

公开时间:2013-08-15 09:38

漏洞类型:系统/服务运维配置不当

危害等级:中

自评Rank:8

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-08-10: 细节已通知厂商并且等待厂商处理中
2013-08-15: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT。。。

详细说明:

地址:

http://bjjnds2011.ccidnet.com/fckeditor/


Parent Directory
_documentation.html
_samples/
_upgrade.html
_whatsnew.html
editor/
fckconfig.js
fckeditor.afp
fckeditor.asp
fckeditor.cfc
fckeditor.cfm
fckeditor.js
fckeditor.lasso
fckeditor.php
fckeditor.pl
fckeditor.py
fckeditor_php4.php
fckeditor_php5.php
fckpackager.xml
fckstyles.xml
fcktemplates.xml
htaccess.txt
license.txt


http://bjjnds2011.ccidnet.com/data/


Index of /data
Parent Directory
1af339d2d06317bb0a797e31d882d025_safe.txt
admin/
backupdata/
cache/
common.inc.php
config.cache.bak.php
config.cache.inc.php
config.file.inc.php
downmix.data.php
enums/
helper.inc.php
js/
mail/
mark/
mkall_cache_16.php
module/
mysql_error_trace.inc
mysqli_error_trace.inc
payment/
rss/
safe/
safequestions.php
servise.php
sessions/
tag/
template.rand.php
textdata/
time.lock
time.lock.inc
tplcache/
uploadtmp/
vote/
ziptmp/


http://bjjnds2011.ccidnet.com/include/


Index of /include
Parent Directory
Lurd.class.php
arc.archives.class.php
arc.caicai.class.php
arc.freelist.class.php
arc.listview.class.php
arc.memberlistview.class.php
arc.partview.class.php
arc.rssview.class.php
arc.searchview.class.php
arc.sglistview.class.php
arc.sgpage.class.php
arc.specview.class.php
arc.taglist.class.php
archives.func.php
calendar/
channelunit.class.php
channelunit.func.php
charset.func.php
ckeditor/
code/
common.func.php
common.inc.php
common.inc.php.bak
control.class.php
customfields.func.php
data/
datalistcp.class.php
dedeajax2.js
dedeatt.class.php
dedecollection.class.php
dedecollection.func.php
dedehtml2.class.php
dedehttpdown.class.php
dedemodule.class.php
dedesql.class.php
dedesqli.class.php
dedetag.class.php
dedetemplate.class.php
dedevote.class.php
dialog/
diyform.cls.php
downmix.inc.php
enums.func.php
extend.func.php
filter.inc.php
ftp.class.php
helpers/
image.class.php
image.func.php
inc/
js/
json.class.php
mail.class.php
memberlogin.class.php
membermodel.cls.php
model.class.php
oxwindow.class.php
payment/
request.class.php
shopcar.class.php
sitemap.class.php
sphinxclient.class.php
splitword.class.php
taglib/
tpllib/
typelink.class.php
typeunit.class.admin.php
typeunit.class.menu.php
typeunit.class.selector.php
upload.class.php
uploadsafe.inc.php
userlogin.class.php
vdimgck.php
wap.inc.php
zip.class.php


其中发现这个地址疑似后门,爆破为成功,请排查...

http://bjjnds2011.ccidnet.com/data/servise.php


12.jpg


还有大量数据库操作信息

http://bjjnds2011.ccidnet.com/data/1af339d2d06317bb0a797e31d882d025_safe.txt


4444.jpg


5555.jpg

漏洞证明:

1111.jpg


2222.jpg


33333.jpg


4444.jpg


5555.jpg


修复方案:

权限.
排查后门..
及时发放礼物...
O(∩_∩)O

版权声明:转载请注明来源 niliu@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2013-08-15 09:38

厂商回复:

最新状态:

暂无


漏洞评价:

评论

  1. 2013-08-15 10:04 | nauscript ( 普通白帽子 | Rank:291 漏洞数:57 | 我淫荡啊我淫荡)

    无良厂商,居然偷偷修复了!

  2. 2013-08-15 10:21 | niliu 认证白帽子 ( 核心白帽子 | Rank:1542 漏洞数:206 | 逆流而上)

    @nauscript 就是啊,修复了再忽略啊??哎 @赛迪网@赛迪网@赛迪网

  3. 2013-08-15 16:12 | July ( 路人 | Rank:9 漏洞数:8 | 红星闪闪)

    厂商,穷啊!!