当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-073421

漏洞标题:我貌似干到服务器群组了150个网站后台密码

相关厂商:cncert国家互联网应急中心

漏洞作者: 陆由乙

提交时间:2014-08-22 10:17

修复时间:2014-10-06 10:18

公开时间:2014-10-06 10:18

漏洞类型:服务弱口令

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-08-22: 细节已通知厂商并且等待厂商处理中
2014-08-27: 厂商已经确认,细节仅向厂商公开
2014-09-06: 细节向核心白帽子及相关领域专家公开
2014-09-16: 细节向普通白帽子公开
2014-09-26: 细节向实习白帽子公开
2014-10-06: 细节向公众公开

简要描述:

今天随便找了个站C段CMS识别+EXP爆账号。结果一堆账号密码暴漏。有100个PHPweb。

详细说明:

今天随便找了个站C段CMS识别+EXP爆账号。结果一堆账号密码暴漏。有100个PHPweb。

漏洞证明:

1 http://qhdaml.com phpweb :admin:8d1c6c34734f75c8dfe1a2d3f3ff6553:
2 http://kuli168.com phpweb :admin:ca315645eef020f3a448683533e339cf:
3 http://www.cdlxqx.com phpweb :admin:48392e4e3342596112c7eaa4c5553b23:
4 http://www.bjymyx.net phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
5 http://cdbashi.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
6 http://gxjianding.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
7 http://chaoyuhb.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
8 http://www.qzcfdc.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
9 http://tjlexian.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
11 http://shimozaliang.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
12 http://www.sqzixingche.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
13 http://dimsbeauty.com phpweb :admin:e10adc3949ba59abbe56e057f20f883e:
14 http://www.jilinjingcheng.com phpweb :admin:baefd4be481bb8facb41c4ac52490b0d:
15 http://www.heating-film.cn phpweb :admin:3a6d27a2d9c23c3ec94e12cd41cf215b:
16 http://82000280.com phpweb :admin:14dac154193672a5381f83685ee0b9a9:
17 http://zysp2012.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
18 http://www.yufeifc.com ecshop 1admind361cbc88d3889dcc7eb163dd69da640
19 http://www.zysp2012.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
20 http://jlkstz.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
21 http://www.csjldz.com phpweb :admin:fd4b7eaacde48e1f644145ab0400258b:
22 http://www.novolotus.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
23 http://www.ldjtgs.com phpweb :admin:05e4f4ce96909f357a4c782c4eac2067:
24 http://yilinfood.com.cn phpweb :admin:703f68232332a090a21fdc0bbe13ea0f:
25 http://shbgjjhs.net phpweb :admin:915b764d054f5c4c43d4403f674c459f:
26 http://www.ccyingdasi.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
27 http://ccyingdasi.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
28 http://www.ccjddz.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
29 http://www.yihangcc.com phpweb :admin:915b764d054f5c4c43d4403f674c459f:
30 http://www.dlbxzc.com phpweb :admin:83eb1d8b2ad657a0a93589ed13e86b8a:
31 http://www.anruiyide.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
32 http://csrfsbc.com phpweb :admin:8551e0027ff3a8de9662eb3b8a16c23e:
33 http://slnjs.com phpweb :admin:5347ccca7fb5cccdd51310027d9bc0c6:
34 http://www.fjdswyh.com phpweb :admin:4a87194ef9fce5ffc111a571a773a4b8:
35 http://yunqueedu.com phpweb :admin:763f6c040cc04b6d1928982ebab1a4c5:
36 http://www.bscx.com.cn phpweb :admin:4297f44b13955235245b2497399d7a93:
37 http://qhdgsfm.com phpweb :admin:4e2c4da72d82c6460878a0cc3227b4a7:
38 http://chengyide.com phpweb :admin:5416d7cd6ef195a0f7622a9c56b55e84:
39 http://bjhaixianchi.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
40 http://www.cdxhnp.com phpweb :admin:91755524497130321659c377152ab8a6:
41 http://www.sczcyy.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
42 http://meifengji518.com phpweb :admin:b770dd00b8b859521743e6d68abd6fd1:
43 http://jjcy77.com phpweb :admin:f5fef156a8d311d0d151a5df0a357a56:
44 http://www.ccjsgl.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
45 http://qhdlbjs.com phpweb :admin:55b6c36760d60aaa5eb43d1957a6fb9d:
46 http://www.huifengmingzhu.com phpweb :admin:4297f44b13955235245b2497399d7a93:
47 http://www.scclean2014.com phpweb :admin:7f3fe3eb78bc16635d8a1992477099bb:
48 http://meifengji666.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
49 http://www.lancol.com phpweb :admin:59f2443a4317918ce29ad28a14e1bdb7:
50 http://www.meifengji666.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
52 http://www.btxrdp.com phpweb :admin:915b764d054f5c4c43d4403f674c459f:
53 http://www.qdygyj.com phpweb :admin:bd4e0528344d383e7492903f1c3d9e0a:
54 http://rqstlc.com phpweb :admin:321efc544991bd99fb7247be10d7fdee:
55 http://ndmbxh.com phpweb :admin:3af06560d6f3e721c48b41d6750fe63f:
56 http://njysrhy.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
57 http://www.tianjinsolar.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
58 http://guxing-cd.com phpweb :admin:07929214cbc42cb1cf722bbd3d2b98d4:
59 http://www.hhb188.com phpweb :admin:fa61db9a31f047795b62b65ac357cb14:
60 http://www.jiajiahuwai.com phpweb :admin:af1a8e73187e8864f969457d0e1b69f1:
62 http://www.dongxuange.com phpweb :admin:b73ded19c81386f0119ce018a81b882f:
63 http://www.ndamzs.com phpweb :admin:bbfc21e86b47f8be9e75f6d8dd4f2724:
64 http://www.shyijie.com phpweb :admin:915b764d054f5c4c43d4403f674c459f:
65 http://hongdejiaoyu.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
66 http://www.haoshicd.com phpweb :admin:b0b85c919e6cdb8bd180a1865c87799b:
68 http://haoshicd.com phpweb :admin:b0b85c919e6cdb8bd180a1865c87799b:
69 http://huatongsujiao.com phpweb :admin:fe8dfa71e50c3e927850cfa67b2a637a:
70 http://www.sglll.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
71 http://cdzhbgjj.com phpweb :admin:3571777825b096f242c7e625042e977b:
72 http://tyhwjj.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
73 http://www.cdyinghui.com phpweb :admin:ea3c725f5f83065d85888c94d2831263:
74 http://www.ruifuchun.com phpweb :admin:dcfe27b9ca946d01d9f760b1f1f821f1:
75 http://www.cdhxbgjj.com phpweb :admin:a9044cb342bc58f2924b44e6fefbcb9c:
76 http://www.donghuakang.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
77 http://hebeiboyi.com phpweb :admin:2ec3cb113482d1da1c45211fc72dbffd:
78 http://www.ndtdch.com phpweb :admin:fde919fc8bafab734f3e2d84dae6d2fa:
79 http://www.taiquandaoguan.cn phpweb :admin:3eb5e9da1bb9dd0e83d1e88b60021416:
80 http://www.liangpinart.com phpweb :admin:64a98d28132ca38f90cb5cecf70713e7:
81 http://www.0shoufu.cn phpweb :admin:fe8dfa71e50c3e927850cfa67b2a637a:
82 http://www.zhmaosheng.com phpweb :admin:b35ebd6c6a86f1f77d430534f450c370:
83 http://www.cdkql.com phpweb :admin:94a2f32e020a388a94d2f8b949149a55:
84 http://cctvxhm.com phpweb :admin:5c1133bc8e44d0778a161e2fc830320e:
85 http://www.tjfeishengda.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
86 http://tjfeishengda.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
87 http://ltcarclub.com phpweb :admin:749eb6665fd1a3dff3cd27384cd4f992:
88 http://www.hebeiboyi.com phpweb :admin:2ec3cb113482d1da1c45211fc72dbffd:
89 http://hzxfba.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
90 http://liangpinart.com phpweb :admin:64a98d28132ca38f90cb5cecf70713e7:
91 http://www.shh.net.cn phpweb :admin:202cb962ac59075b964b07152d234b70:
92 http://www.wgzl.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
93 http://www.scsge.com phpweb :admin:46b76af0554e6d8ee30c4efb8463dc90:
94 http://hdwxgs.com 良精南方 hdwxgs|fa34675093369459
95 http://www.ndmbxh.com phpweb :admin:3af06560d6f3e721c48b41d6750fe63f:
102 http://tjslqhg.com southidc admin
b59d251571c55a79
107 http://www.lfzsd168.com 良精南方 lfzsd
e2e3349188dc6775
112 http://www.lidukj.com phpweb :admin:7b424d19b57d39d84ab111a0a65dbe8e:
114 http://tjlzjc.com southidc admin
b59d251571c55a79
116 http://www.tjdebai.com southidc admin
b59d251571c55a79
119 http://tjdebai.com southidc admin
b59d251571c55a79
124 http://tntjiancai.com 良精南方 admin
5fe84ad35fb5f95b
129 http://jpjiance.com 良精南方 admin|7a57a5a743894a0e
130 http://www.tjyzd56.com southidc admin
b59d251571c55a79
137 http://www.tjcyjdwx88.com southidc admin
b59d251571c55a79
138 http://www.jpjiance.com 良精南方 admin|7a57a5a743894a0e
139 http://bchdjx.com southidc admin
b59d251571c55a79
140 http://www.sznjd.cn 良精南方 admin|469e80d32c0559f8
145 http://tjyhwygc.com southidc admin
7e25fc36173f6206
146 http://www.tapwcm.com 良精南方 admin|7a57a5a743894a0e
153 http://tjaoguan.com southidc admin
b59d251571c55a79
155 http://www.zktulong.com 良精南方 <b><fontstyle="font-size:14px;">admin</font></b>
469e80d32c0559f8
166 http://lfzsd66.com 良精南方 lfzsd
e2e3349188dc6775
170 http://shangyixinjiazs.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
171 http://www.shangyixinjiazs.com phpweb :admin:21232f297a57a5a743894a0e4a801fc3:
173 http://tjkcgc.com southidc admin|b59d251571c55a79
184 http://tjenci56.com southidc admin
b59d251571c55a79

修复方案:

更新吧

版权声明:转载请注明来源 陆由乙@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2014-08-27 10:00

厂商回复:

已经公开漏洞信息,对于所述案例情况,暂不涉及政府和重要部门用户,未列入处置流程。按工具批量案例评分,rank 15

最新状态:

暂无

漏洞评价:

评论

  1. 2014-08-22 10:44 | Xser ( 普通白帽子 | Rank:194 漏洞数:61 | JDSec)

    这种洞也行啊.........这样随便都能上主页了--

  2. 2014-08-22 10:47 | 玉林嘎 ( 普通白帽子 | Rank:758 漏洞数:96 )

    说不一定 是 腾讯服务器群呢

  3. 2014-08-22 10:48 | 大大灰狼 ( 普通白帽子 | Rank:248 漏洞数:53 | Newbie)

    说不一定 是 腾讯服务器群呢

  4. 2014-08-22 11:12 | zhxs ( 实习白帽子 | Rank:32 漏洞数:19 | Jyhack-TeaM:http://bbs.jyhack.com/)

    什么exp 求见识exp

  5. 2014-08-22 12:19 | luwikes ( 普通白帽子 | Rank:512 漏洞数:77 | 潜心学习~~~)

    87

  6. 2014-08-22 12:48 | ′ 雨。 ( 普通白帽子 | Rank:1231 漏洞数:190 | Only Code Never Lie To Me.)

    phpweb。。。。。。。。。。。。

  7. 2014-08-22 13:50 | xiaoshuai ( 路人 | Rank:0 漏洞数:1 | 小白来学习,希望大牛可以教我)

    求见exp

  8. 2014-08-22 13:58 | 大大灰狼 ( 普通白帽子 | Rank:248 漏洞数:53 | Newbie)

    @′ 雨。 同问,哈哈

  9. 2014-08-22 20:56 | 默小建 ( 路人 | Rank:10 漏洞数:1 | 我读书少,你要骗我,我就坑你!)

    只是貌似!

  10. 2014-08-23 21:26 | 兔兔侠 ( 路人 | Rank:2 漏洞数:1 )

    求exp大牛啊!带我装逼带我飞吧!

  11. 2014-10-07 08:01 | 贫道来自河北 ( 普通白帽子 | Rank:1395 漏洞数:423 | 一个立志要把乌云集市变成零食店的男人)

    这漏洞也能上首页???????

  12. 2014-10-07 22:10 | Jumbo ( 普通白帽子 | Rank:111 漏洞数:29 | 猫 - http://www.chinabaiker.com)

    这特么不就是随便找个C段放在椰树里扫了一下?

  13. 2014-10-11 12:39 | roker ( 普通白帽子 | Rank:357 漏洞数:108 )

    。。。。。。。。。。

  14. 2014-10-30 10:19 | 机器猫 ( 普通白帽子 | Rank:1141 漏洞数:253 | 爱生活、爱腾讯、爱网络!)

    这种垃圾漏洞也能审核通过啊- -。卧槽。