2014-12-11: 细节已通知厂商并且等待厂商处理中 2014-12-12: 厂商已经确认,细节仅向厂商公开 2014-12-22: 细节向核心白帽子及相关领域专家公开 2015-01-01: 细节向普通白帽子公开 2015-01-11: 细节向实习白帽子公开 2015-01-25: 细节向公众公开
土豆网某分站配置不当 泄露大量铭感信息(多台服务器FTP、SSH密码)
结合提交的这个漏洞,内网伤害很大 WooYun: 土豆网某分站存在远程命令执行漏洞已验证可内网渗透 服务端采用node.js,但是源码泄露了
http://114.80.235.161:8083/v3/tpm-config.jshttp://114.80.235.161:8083/v3/sdm-config.json
"env" : { "beta" : { "users" : ["*"], "domain" : "http://cssbeta.tudouui.com/v3", "upload" : { "host" : "114.80.236.91", "user" : "uibeta", "port" : 21, "pass" : "(*****Fw", "root" : "/UPLOAD", "root2" : "/dispatch" }, "uiversion" : { "host" : "114.80.236.91", "user" : "betacontrol", "port" : 22, "pass" : "PL*****C", "root" : "/home/betacontrol/uiversioning/beta" } }, "wwwtest" : { "users" : ["lhluo", "zhaohd", "nliu", "liuxm", "xqjia", "zrli", "baige", "qianwu", "huhongying", "chuhongyue", "wtzhang", "jyan", "wkli", "cyliu"], "domain" : "http://csstest.tudouui.com/v3", "upload" : { "host" : "114.80.236.91", "user" : "uitest.tudou.com", "port" : 21, "pass" : "Z*****%", "root" : "/UPLOAD", "root2" : "/dispatch" }, "uiversion" : { "host" : "114.80.236.91", "user" : "controlcenter", "port" : 22, "pass" : "8i****L>", "root" : "/home/controlcenter/uiversioning/test" } }, "wwwtest1" : { "users" : ["lhluo", "zhaohd", "nliu", "liuxm", "xqjia", "zrli", "baige", "qianwu", "huhongying", "chuhongyue", "wtzhang", "jyan", "wkli", "cyliu"], "domain" : "http://csstest1.intra.tudou.com/v3", "upload" : { "host" : "114.80.236.91", "user" : "uitest1.tudou.com", "port" : 21, "pass" : "Z****$%", "root" : "/UPLOAD", "root2" : "/dispatch" }, "uiversion" : { "host" : "114.80.236.91", "user" : "controlcenter", "port" : 22, "pass" : "8****L>", "root" : "/home/controlcenter/uiversioning/test1" } },
var Fs = require('fs');exports.root = __dirname;exports.jira_host = 'http://jira.intra.tudou.com';exports.deploy_mail = 'webtest_fabu@tudou.com';exports.useClientMail = false; // 是否使用系统自带email发邮件exports.autoSvnAdd = true; // build、dist目录中新增文件时是否自动执行svn addexports.main = { "js" : [ "lib.js", "g.js", "tui.js", "lite.js", "m.js", "loader.js", "autodomain.js", "lib/xiuxiu.js", "lazy/translate.js", "lazy/history/history.js", "lazy/kindeditor.js", "lazy/play/lintrend.js", "lazy/app-recom.js", "page/play/playerLoader.js", "page/watchlater/main.js", "page/mobile/live/main.js", "page/mobile/play/main.js", "page/mobile/myrec/main.js", "page/mobile/feedback/main.js", "page/ch/music/rank.js", "page/ch/cate/main.js", "page/ch/list/main.js", "page/ch/star/main.js", "page/ch/star/list.js", "page/albumcover/main.js", "page/ch/main.js", "page/ch/index.js", "page/error/v.js", "page/watchlater/oldwl.js", "page/btn/btn.js", "page/pay/v.js", "page/playlist/cover.js", "page/playlist/cover2/main.js", "page/playlist/cover3/main.js", "page/playlist/edit.js", "page/login/mini.js", "page/login/main.js", "page/login/forget.js", "page/play/main.js", "page/mobile/play/main.js", "page/mobile/ch2/index.js", "page/mobile/ch2/list.js", "page/mobile/watch/home.js", "page/mobile/watch/subset.js", "page/mobile/watch/history.js", "page/mobile/watch/watch.js", "page/mobile/watch/favorite.js", "page/home/v2/main.js", "page/home/v2/admin.js", "page/jbp/main.js", "page/stat/stat.js", "page/rss/main.js", "page/rss/history.js", "page/watch/main.js", "page/square/main.js", "page/service/main.js", "page/service/playtudou.js", "page/service/help.js", "page/mytudou/mysetting.js", "page/mytudou/message.js", "page/mytudou/manage.js", "page/mytudou/myprogram.js", "page/mytudou/myplaylist.js", "page/mytudou/msglist.js", "page/mytudou/mycomment.js", "page/mytudou/myprogram-edit.js", "page/mytudou/myprogram-remark.js", "page/verify/index.js", "page/verify/verify.js", "page/verify/sub.js", "page/tdvf/2014/main.js", "page/tdvf/2014/index.js", "page/tdvf/2014/submit.js", "page/tdvf/2014/channel-list.js", "page/tdvf/2014/video-list.js", "page/mobile/tdvf/index.js", "page/mobile/tdvf/channel.js", "page/mobile/tdvf/video.js", "page/activity/index.js", "page/activity/join.js", "page/activity/home.js", "page/app/v.js", "page/albumcover/list.js", "page/member/account.js", "page/member/index.js", "page/member/list.js", "page/member/privilege.js", "page/mobile/rank/rank.js" ], "css" : [ "g.less", "playlist/cover.less", "playlist/edit.less", "playlist/cover2/main.less", "playlist/cover3/main.less", "ch/music/rank.less", "ch/cate/main.less", "ch/list/main.less", "ch/star/list.less", "ch/star/main.less", "albumcover/main.less", "ch/main.less", "ch/index.less", "error/v.less", "square/main.less", "watch/main.less", "watchlater/main.less", "watchlater/global.less", "mobile/play/main2.less", "mobile/feedback/main.less", "mobile/ch/g.less", "mobile/ch2/index.less", "mobile/ch2/list.less", "mobile/ch2/recom.less", "mobile/watch/home.less", "mobile/watch/watch.less", "mobile/watch/history.less", "mobile/watch/subset.less", "mobile/watch/favorite.less", "pay/common.less", "g/btn.less", "g/sidebar.less", "play/play.less", "login/mini.less", "login/main.less", "login/forget.less", "home/main2.less", "jbp/main.less", "rss/main.less", "service/main.less", "service/playtudou.less", "service/help.less", "mytudou/main.less", "mytudou/mysetting.less", "mytudou/message.less", "mytudou/message.less", "mytudou/notify.less", "mytudou/edit.less", "verify/main.less", "tdvf/2014/main.less", "activity/main.less", "activity/home.less", "member/main.less", "cent/main.less", "app/mobile.less", "32/main.less", "rank/main.less", "home/channel/main.less", "mobile/rank/rank.less" ]};exports.libjs = { "lib.js" : ["lib/jquery.js", "lib/fix.js", "lib/oz.js", "lib/config.js"], "lite.js" : ["lib/zepto.js", "lib/zepto-fix.js", "lib/oz.js", "lib/config.js"], "loader.js" : ["lib/fix.js", "lib/oz.js", "lib/config.js"], "page/play/playerLoader.js" : ["page/play/playerLoader.js"], "autodomain.js" : ["autodomain.js"]};exports.globaljs = [ "g.js", "tui.js", "m.js", "page/stat/stat.js", "page/watchlater/oldwl.js"];exports.ftp = { beta : { host : '114.80.236.91', user : 'uibeta', port : 21, pass : '(*******TFw', root : '/UPLOAD' }};exports.project = Fs.existsSync(__dirname + '/project.json') ? JSON.parse(Fs.readFileSync(__dirname + '/project.json', 'utf-8')) : {};exports.server = { wwwtest: { watchlater: { host : 'online-test3', user : 'watchlater', pass : '********', root : '/home/watchlater/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, albumcover: { host : 'playlist-test', user : '********', pass : '********', root : '/home/********/albumcover/apache-tomcat-7.0.40/webapps/albumcover/WEB-INF/tpl/album/' }, tditemview: { host : 'wwwtest', user : 'tditem', pass : '********', root : '/home/tditem/apache-tomcat-7.0.40/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'playlist-test', user : 'listPlay', pass : '********', root : '/home/listPlay/apache-tomcat-5.5.20/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'online-test3', user : 'albumplay', pass : '********', root : '/home/albumplay/apache-tomcat/webapps/ROOT/WEB-INF/tpl/album/' }, webupload: { host : '10.25.10.11', user : 'webupload', pass : '********', root : '/home/webupload/apache-tomcat/webapps/ROOT/WEB-INF/tpl/my/program/' }, myplaylist: { host : 'playlist-test', user : 'play_admin', pass : '********', root : '/home/play_admin/apache-tomcat/webapps/playlist/WEB-INF/tpl/' }, feedback: { host : 'online-test2', user : 'programs', pass : '********', root : '/home/programs/feedback/apache-tomcat-6.0.18/webapps/feedback/WEB-INF/tpl/' }, ********: { host : 'online-test2', user : '********', pass : '********', root : '/home/********/apache-tomcat-6.0.18/webapps/********/WEB-INF/tpl/' }, tdpassport: { host : 'online-test2', user : 'tdpassport', pass : '********', root : '/home/tdpassport/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, homepage: { host : 'online-test7', user : 'homepage', pass : '********', root : '/home/homepage/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, watch: { host : 'online-test6', user : 'watchcenter', pass : '********', root : '/home/watchcenter/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, xpage: { host : 'online-test4', user : 'xpage', pass : '********', root : '/home/xpage/apache-tomcat/webapps/xpage/WEB-INF/tpl/' }, catefront: { host : 'playlist-test', user : 'list', pass : '********', root : '/home/list/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, square: { host : 'playlist-test', user : 'list', pass : '********', root : '/home/list/apache-tomcat/webapps/ROOT/WEB-INF/tpl/square/' }, verify: { host : 'online-test1', user : 'mycenter', pass : '********', root : '/home/mycenter/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' } }, wwwtest1: { tditemview : { host : 'online-test3', user : 'itemview1', pass : '********', root : '/home/itemview1/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'online-test3', user : 'listplay1', pass : '********', root : '/home/listplay1/apache-tomcat-7.0.29/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'online-test3', user : 'albumplay1', pass : '********', root : '/home/albumplay1/apache-tomcat/webapps/ROOT/WEB-INF/tpl/album/' } }, wwwtest2: { tditemview: { host : 'online-test3', user : 'itemview2', pass : '********', root : '/home/itemview2/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'online-test3', user : 'listplay2', pass : '********', root : '/home/listplay2/apache-tomcat/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'online-test3', user : 'albumplay2', pass : '********', root : '/home/albumplay2/apache-tomcat/webapps/ROOT/WEB-INF/tpl/album/' } }, beta: { tditemview: { host : 'beta-app3', user : 'app_admin', pass : '********', root : '/home/app_admin/apache-tomcat-6.0.18/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'beta-app3', user : 'listplay', pass : '********', root : '/home/listplay/apache-tomcat-6.0.18/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'beta-app1', user : 'albumplay', pass : '********', root : '/home/albumplay/apache-tomcat/webapps/ROOT/WEB-INF/tpl/album/' }, ********: { host : 'beta-test2', user : '********', pass : '********', root : '/home/********/apache-tomcat-6.0.18/webapps/********/WEB-INF/tpl/' } }, beta1: { tditemview: { host : 'beta-app4', user : 'itemview1', pass : '********', root : '/home/itemview1/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'beta-app4', user : 'listplay1', pass : '********', root : '/home/listplay1/apache-tomcat-7.0.29/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'beta-app4', user : 'albumplay1', pass : '********', root : '/home/albumplay1/apache-tomcat/webapps/ROOT/WEB-INF/tpl/album/' } }, beta2: { tditemview: { host : 'beta-app4', user : 'itemview2', pass : '********', root : '/home/itemview2/apache-tomcat/webapps/ROOT/WEB-INF/tpl/' }, listplay : { host : 'beta-app4', user : 'listplay2', pass : '********', root : '/home/listplay2/apache-tomcat-6.0.18/webapps/ROOT/WEB-INF/tpl/play/' }, albumplay : { host : 'beta-app4', user : 'albumplay2', pass : '********', root : '/home/albumplay2/apache-tomcat-6.0.18/webapps/ROOT/WEB-INF/tpl/album/' } }};exports.ssh = { beta : { host : '114.80.236.91', user : 'betacontrol', port : 22, pass : '********', root : '/home/betacontrol/uiversioning/beta' }, manage3 : { host : '10.25.251.101', user : 'zhangfeng', pass : '********', root : '/home/zhangfeng/' }}
删除
危害等级:高
漏洞Rank:15
确认时间:2014-12-12 17:55
开发环境被无情透出,已处理,多谢
暂无
