某自治区审计厅gov邮箱大量弱口令 | wooyun-2015-0139473| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0139473

漏洞标题：某自治区审计厅gov邮箱大量弱口令

漏洞作者：班尼路

提交时间：2015-09-09 12:22

修复时间：2015-10-26 13:56

公开时间：2015-10-26 13:56

漏洞类型：设计缺陷/逻辑错误

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-09-09：细节已通知厂商并且等待厂商处理中
2015-09-11： cncert国家互联网应急中心暂未能联系到相关单位，细节仅向通报机构公开
2015-09-21：细节向核心白帽子及相关领域专家公开
2015-10-01：细节向普通白帽子公开
2015-10-11：细节向实习白帽子公开
2015-10-26：细节向公众公开

简要描述：

无验证码可爆破

详细说明：

内蒙古自治区审计厅gov邮箱大量弱口令
内蒙古自治区审计厅邮件系统登录口

http://**.**.**.**:8000/

审计厅网站上有人事信息一览表，将表中的邮箱提取整理作为用户名字典，123456作为弱密码字典，因邮件系统设计不当，无验证码，burpsite抓包，导入字典爆破。
**.**.**.**/zwgk/rsxx/6423.shtml

副厅长邮箱

用爆破成功的账号登陆邮箱，然后提取全局通讯录，用同样的步骤爆破。

审计厅邮箱共有2600个账号，经测试发现，存在弱口令的有2201个，范围包括审计厅、各盟市审计局、旗县审计局。
存在弱口令的账号列表如下

xlgl_xiaowrqmg
als_duanaltbg
xlgl_buheedn
xlgl_wuydlge
xlgl_altbbg
cf_aotgbye
byne_huoehdl
xlgl_aodqmg
xlgl_wangxiaoling
xlgl_wuljnr
hlbe_buhbye
byne_morggw
erds_hascgt
xlgl_wurqmg
als_hegjlt
hlbe_hgjlt
hlbe_yingchun
hs_zhangjianying
bt_zhangyongfeng
bt_zhangxiaohong
hlbe_dhbye
sjt_bgs
cf_nasblg
cf_sarckt
hlbe_jianjun
el_sudgrl
xa_buhbye
hs_zhanglanying
wlcb_zhangwu
byne_yanmeiying
wlcb_pengfei
wlcb_qiaozhu
wlcb_sunguodong
xlgl_mengkbt
xlgl_zhaorlt
wlcb_wangshe
byne_wangchaoyu
wlcb_tianying
wlcb_zhouying
byne_duanjiang
byne_hushiping
bt_wangjungang
hlbe_chenli
xlgl_zhangjing
hs_lichongming
tl_aldet
cf_liujinglong
tl_zhangxinhua
sjt_wangyingzi
wlcb_baoyou
wlcb_saijrh
byne_wangliang
wlcb_wuying
hs_zhangxueyun
hlbe_liwenlong
xlgl_daormk
erds_guanghong
byne_dingliang
wlcb_yanghai
xlgl_aodgw
xlgl_aodty
xlgl_delge
byne_liucheng
byne_zhangxin
bt_guoyunting
wlcb_shiguang
wlcb_tongpeng
hlbe_honggang
erds_huanglan
erds_yangyong
hlbe_bates
hlbe_fengping
hlbe_hasgw
hs_liuhuiying
hlbe_badrh
hlbe_tugml
wlcb_guoqiang
tl_wangzhiguo
tl_wangxiying
cf_wangyunhai
wlcb_dengfeng
wlcb_likai
xlgl_wulty
tl_zhangyujun
byne_zhangjun
byne_zhangyan
wlcb_zhaoning
xlgl_gerlm
xlgl_saqrg
xlgl_sargw
xlgl_jirmt
xlgl_bayxl
xlgl_caojiang
xlgl_hascl
xlgl_wuygw
xlgl_zhenggui
xlgl_bayte
xlgl_dabxm
xlgl_gerlt
erds_wulys
erds_yinxiong
erds_zhaofeng
erds_zhaoming
byne_wangrong
hs_chenyong
wlcb_xufeng
xlgl_zhengll
xlgl_zhongwy
cf_baolcl
hlbe_jiangwz
hlbe_panying
hlbe_zhongzh
als_hugjl
als_wulty
byne_decheng
byne_denghui
byne_gongyue
byne_kangmei
byne_tiangjf
byne_qianhui
byne_renhong
byne_wangbin
byne_wangsen
byne_zhanggr
byne_zhangxy
byne_zhaojie
wlcb_liangxg
wlcb_zhangxh
wlcb_zhengzw
wlcb_changcl
wlcb_zhangzc
hlbe_menggen
erds_liangyq
erds_zhanglj
erds_zhangxiong
xlgl_changxd
xlgl_zhangxp
xlgl_zhangyq
hlbe_xiaofei
hlbe_zhangyq
hlbe_zhangzm
erds_guoping
erds_kangmei
erds_wanggui
erds_zhangjj
erds_zhangjh
erds_zhangsf
hlbe_zhanghw
hlbe_zhengjj
erds_changsq
erds_gaoping
erds_yangmin
erds_zhangyj
hlbe_huangjr
hlbe_xianghj
wlcb_zhangls
wlcb_zhangsr
hlbe_zhanghy
hlbe_zhangqiang
hlbe_zhangxz
bt_qiangfeng
hlbe_liqiang
hlbe_zhanggc
byne_huangpj
byne_zhanghj
byne_zhangrb
byne_zhangxh
erds_huanggj
erds_wangshu
erds_zhangcf
erds_zhanghy
hs_zhangying
hs_mandrw
hs_yujing
hs_zhangling
hlbe_changyj
hlbe_huangeg
hlbe_jianglf
hlbe_zhanggz
wlcb_zhangmw
bt_liuxianli
tl_zhuyunhua
wlcb_yangfan
wlcb_zhanghp
byne_zhangyx
hlbe_zhanghb
sjt_libingyu
hs_yunxia
wlcb_zhanggl
wlcb_zhangsw
wlcb_zhangwp
wlcb_zhangwt
wlcb_zhangzf
xlgl_zhanghk
bt_liuxiaoli
bt_qijinlong
hs_baomlg
hs_yunzhuoru
hs_wanglixia
byne_zhangxf
wlcb_huanglj
wlcb_liuying
wlcb_zhangrp
wlcb_zhangzq
erds_zhaojun
xlgl_zhangwr
xlgl_erhm
xlgl_wangwei
xlgl_zhangjl
xlgl_zhanglx
xlgl_zhangxh
xlgl_zhengml
xlgl_zhengtj
hlbe_hongyan
hlbe_zhangbl
wlcb_changxt
hlbe_chenghm
hlbe_liangzs
hlbe_zhangfm
hlbe_zhangyg
erds_jiangjs
erds_maqiang
erds_sungang
erds_wangjun
erds_zhangli
xlgl_zhanggm
erds_cuidong
erds_haoming
erds_liujian
erds_qiaohui
erds_wangqin
erds_zhangjs
wlcb_zhanght
byne_huangwt
byne_lisheng
byne_taojing
byne_zhangrx
byne_zhengjx
byne_zhangyun
xlgl_kangdx
xlgl_wangky
xlgl_wangyx
xa_zhengshm
als_zhangzh
als_huangtg
hlbe_chenjy
hlbe_chenyj
hlbe_zhaolj
hlbe_zhaosl
als_zhanggl
als_changjh
als_jianggf
als_zhanghq
als_zhanglp
byne_cangzy
byne_dingmf
byne_fangcl
byne_fengyh
byne_liming
byne_wangac
byne_wangbh
byne_wangcz
byne_wangfq
byne_wangjm
byne_wangkr
byne_wangxy
byne_wangzp
byne_yanghj
byne_yangyp
byne_yujing
wlcb_yangpw
wlcb_fengqs
wlcb_qianfy
wlcb_wanggt
wlcb_wangyf
wlcb_xingls
wlcb_bianbp
hlbe_chaokt
erds_hangxb
erds_wangpz
erds_wangzg
erds_yangmy
bt_hasty
bt_jirgl
erds_fangwl
erds_qiaofl
erds_qinggl
erds_yangcl
erds_yanglh
xlgl_wangyj
xlgl_wangwk
xlgl_yangyn
xlgl_wangjg
hlbe_chenxm
hlbe_menglw
hlbe_qiaowt
hlbe_wanglq
hlbe_wangwb
hlbe_zhaoaz
hlbe_zhaogw
als_shangaz
erds_chenzj
erds_mengke
erds_tianli
erds_wangyl
erds_xuetao
erds_yangby
erds_yangwl
hlbe_fengyj
hlbe_gengcx
hlbe_guanxp
hlbe_liancb
erds_chenyx
erds_zhaoxm
erds_liping
erds_penglh
erds_wangsy
erds_wangxy
hlbe_wangcp
wlcb_kanggb
wlcb_pangfy
wlcb_qiaojy
wlcb_wangls
wlcb_wangwb
wlcb_wangxh
wlcb_yanghm
wlcb_yangyn
hlbe_chenwm
hlbe_qiaosm
hlbe_tianfw
hlbe_wangcr
hlbe_yangyt
hlbe_yuanks
bt_shiliang
hlbe_gaojun
hlbe_liuyan
hlbe_wanghb
hlbe_yangzy
hlbe_zhaolz
byne_chengr
byne_fanggy
byne_fengzj
byne_gongxc
byne_wangdm
byne_yanglf
byne_zhaohy
erds_qiaoap
erds_tianfy
erds_wangws
erds_wangzj
erds_zhaojq
hs_siqin
hlbe_kangzz
hlbe_longyz
hlbe_sangyp
hlbe_wangrf
hlbe_wangys
hlbe_zhangping
hlbe_zhaoyh
wlcb_qiaoxf
wlcb_songqm
wlcb_wangdm
wlcb_wangxl
bt_songdong
tl_sirgl
tl_burbt
bt_wangying
wlcb_duanzx
wlcb_penghy
wlcb_qiaoxl
wlcb_zhaojj
byne_chenfs
byne_fengyz
byne_tanglj
byne_wangyl
byne_yangcp
byne_yanglb
byne_zhaoxj
hlbe_dongcy
hlbe_dongdj
hlbe_guanay
hlbe_menghw
hlbe_wanglh
hlbe_zhangjing
sjt_chengsj
sjt_chengyh
sjt_liangde
sjt_zhanged
sjt_zhanghf
sjt_zhangwb
sjt_zhangyf
sjt_zhangzy
sjt_zhengzy
hs_liuxiang
wlcb_songyj
wlcb_yangwx
xlgl_chenwj
xlgl_songjm
xlgl_wanghy
xlgl_wangxl
xlgl_wangyz
xlgl_yangcz
xlgl_yangsy
tl_wangkuan
tl_zhangzhi
wh_yuanpeng
wh_zhanghui
byne_chenzy
byne_qiqige
byne_qianhx
byne_wanghj
byne_wangjz
byne_yangbl
byne_zhaoyf
byne_zhaozz
byne_danglr
byne_guotao
byne_guoxia
byne_maping
byne_qiaohl
byne_wangli
byne_yangjc
byne_yangyf
byne_changfeng
byne_gengsr
byne_guaneg
byne_wangbz
byne_wanglx
byne_zhaott
wlcb_dongwh
wlcb_duanyj
wlcb_liping
wlcb_mengrx
wlcb_qiaoxj
wlcb_zhaocg
wlcb_zhoujs
erds_caoxin
erds_miaojj
erds_siqing
erds_wangcm
erds_wanghm
erds_wanghy
erds_wangjq
erds_wangme
erds_xiaoxi
erds_xiaojh
byne_chagan
byne_chenyh
byne_sujian
byne_wangle
byne_wangcy
byne_wanghp
byne_yangsj
byne_zhouhy
xlgl_liangying
xlgl_xiaojk
xlgl_yangyh
xlgl_chenac
xlgl_kongxk
xlgl_chenwh
xlgl_pengsl
xlgl_qianwh
xlgl_zhaoqw
xlgl_zhaoxm
xlgl_dengjt
xlgl_dongxl
xlgl_pengyp
xlgl_wangyl
xlgl_zhaosg
hlbe_gonglj
hlbe_guihua
hlbe_dongtz
hlbe_dongyc
hlbe_wangyz
hlbe_zhaozk
wlcb_donghl
wlcb_jingjc
wlcb_pengfb
wlcb_songrx
wlcb_zhaoby
hlbe_wanghj
hlbe_wangxl
hlbe_zengxk
erds_shancl
erds_zhaiwy
erds_fengsh
erds_heying
erds_wangpu
erds_wangsj
hs_wangying
hlbe_lingzt
hlbe_wangym
hlbe_wangyq
hlbe_zhaojx
tl_shenjing
xa_sirgl
xlgl_mengke
xlgl_qiqige
xlgl_wanglx
xlgl_yangjl
erds_lijing
erds_renrui
erds_wangld
erds_wangyf
erds_yangxl
wlcb_fengyx
wlcb_yanggx
wlcb_yangmg
wlcb_yangxs
wlcb_zhaoyb
byne_mengxf
byne_zhaohf
byne_zhoulp
xlgl_kangpc
sjt_wangdsh
hs_haofei
xlgl_banyl
xlgl_liuly
xlgl_niuxl
xlgl_sunxm
xa_zhanglg
als_tangxh
als_wangjp
als_wangxh
als_yangjt
als_yanglh
cf_jiangyj
cf_zhanghw
cf_zhanglm
hlbe_bailc
hlbe_gaoff
hlbe_guows
hlbe_hanrq
hlbe_sunxj
als_wangss
als_zhailp
als_pengjx
als_wangzg
als_wangzy
als_zhaoxl
cf_huangwc
cf_huangrm
cf_zhanggw
cf_zhangjy
cf_zhangzz
byne_cuijg
byne_gaowa
byne_gaojh
byne_guozx
byne_xiesx
byne_libin
byne_liuzy
byne_liuzh
byne_nieym
byne_suohr
byne_taogs
byne_yunqf
byne_yanhx
bt_jiangyx
bt_liangsl
bt_zhangfp
bt_zhanghy
bt_zhangry
bt_zhangth
bt_zhangwg
bt_zhangxj
bt_zhangxh
bt_zhangyf
bt_zhangyg
bt_zhangzp
wlcb_guohz
wlcb_guoyp
wlcb_houlp
wlcb_jiasq
wlcb_wangfeng
wlcb_xietw
wlcb_yanfm
wlcb_yanhy
wlcb_caoxf
wlcb_gaoqm
wlcb_jiaye
wlcb_liuzg
wlcb_caoly
wlcb_liucf
wlcb_liuml
wlcb_luomx
wlcb_yulin
hlbe_baijf
hlbe_baixj
hlbe_naren
hlbe_yuexx
cf_zhangdc
cf_zhangjh
cf_zhangxs
erds_baihl
erds_gaoxq
erds_guosm
erds_houft
erds_liuzq
erds_xueyx
erds_cuilh
erds_guowl
erds_liangjun
erds_liujx
erds_liuwz
erds_liuyj
erds_niuzy
erds_peizh
erds_qinlj
erds_wangjuan
erds_weixb
erds_zhangwei
erds_shecm
xlgl_liurp
xlgl_renzx
xlgl_sunjf
xlgl_fengy
xlgl_guojz
xlgl_niuwd
xlgl_tanlz
xlgl_caoqm
xlgl_haoxx
xlgl_jiaym
xlgl_liuwg
xlgl_yanhq
hlbe_caopz
hlbe_gaohr
hlbe_liuls
hlbe_liuyj
als_chengq
als_yanghf
erds_cuiyl
erds_guory
erds_haolh
erds_haoxy
erds_liucl
erds_xueca
erds_sheyp
erds_zhuym
hlbe_baiyi
hlbe_guosm
hlbe_liuyl
erds_daobz
erds_langteng
erds_hanqi
erds_hewei
erds_lubin
erds_taogh
erds_xieys
erds_sheyf
erds_yanfq
hlbe_sunfx
wlcb_bailz
wlcb_guohw
wlcb_hougp
wlcb_qiaoyong
wlcb_sungd
wlcb_zhangjin
hlbe_gaotc
hlbe_liukm
hlbe_liulp
bt_zhangls
hlbe_guobq
hlbe_lihua
hlbe_liuxf
hlbe_qinhr
hlbe_sunmo
hlbe_xiejm
hlbe_youjy
byne_liuzr
byne_weigw
byne_yaolx
byne_zhengxia
byne_yanmy
erds_baixy
erds_liuxw
erds_shimx
erds_suyun
erds_weixr
hs_jingyao
hs_zhangym
hs_zhangzm
cf_zhanglh
cf_zhangwx
hs_changsm
hs_huangzm
hs_lili
hs_zhangbp
hs_zhangcf
hs_zhangdx
hs_zhangjy
hs_zhangly
hs_zhangll
hs_zhangsz
hs_zhangsm
hs_zhangxy
hs_zhangxd
hs_zhaohui
hlbe_baiyl
hlbe_caojy
hlbe_sanjf
hlbe_gaoym
hlbe_liudz
hlbe_liujj
hlbe_liuwj
hlbe_liuxt
hlbe_qinyf
hlbe_shilq
hlbe_sunlm
hlbe_sunsf
hlbe_yanjs
hlbe_yaoxw
hlbe_yingm
hs_feidong
tl_zhangbs
tl_zhengxh
wlcb_liuld
bt_fangbin
bt_zhangjg
bt_zhangxd
cf_jiangsy
cf_zhangby
tl_zhangfj
tl_zhangxh
tl_jinfeng
tl_xiongdx
bt_chenglm
bt_fanglin
bt_haoyuan
bt_langyan
bt_zhanggp
bt_zhangsb
bt_zhangyl
wlcb_guoht
wlcb_guoxq
wlcb_guozy
wlcb_sunxy
wlcb_yanhw
cf_chenghz
cf_zhangxr
byne_baixl
byne_gaojx
byne_hanss
byne_liung
byne_sunyw
byne_wanggang
byne_yandz
mzl_zhouxl
hlbe_gaojb
hlbe_liuxc
hlbe_sunxf
tl_zhanglp
tl_zhangyj
sjt_chengd
sjt_chenjf
sjt_chenjx
sjt_chenlj
sjt_chenzc
sjt_dongfc
sjt_fangxt
sjt_fengcl
sjt_fenghx
sjt_gengsl
sjt_jiaosy
sjt_tangyl
sjt_wanggl
sjt_wangjg
sjt_wanglh
sjt_wangqm
sjt_wangrj
sjt_wangsc
sjt_wangsp
sjt_wangsy
sjt_wangyd
sjt_wangys
sjt_wangzy
sjt_wangzhong
sjt_xiaolh
sjt_xingly
sjt_yangzk
sjt_zengyl
sjt_zhaocq
sjt_zhaohy
sjt_zhaohc
sjt_zhaorl
sjt_zhaoxp
sjt_zhaoyw
sjt_zhouql
cf_zhanggy
cf_zhanggj
cf_zhangxz
cf_zhangyl
hs_hanrong
hs_liufang
hs_zhanggy
hs_zhangjd
hs_zhangsq
hs_zhaohua
hs_zhangrq
hs_zhangzy
wlcb_jinjm
wlcb_liugr
wlcb_liuyj
hb_chengjy
hb_chengsj
wlcb_gaotf
wlcb_lanrp
wlcb_xuelm
cf_liangyj
cf_zhangfj
cf_zhanggx
cf_zhangjj
cf_zhangxl
cf_zhengyf
xlgl_jiayh
xlgl_liubf
xlgl_rensy
tl_cuirong
tl_jiangcf
tl_zhanglj
tl_zhengdw
xa_chengxc
xa_panming
bt_zhangxy
hs_zhangcw
hs_zhanggf
hs_zhangpj
hs_zhangzs
hs_zhengwl
hs_jiangwh
hs_liangzl
hs_zhangmq
cf_chengha
wh_zhangxy
wh_wangzhe
wh_xuefeng
wh_zhanggh
wh_zhanglp
wh_zhangmj
wh_zhangrj
wh_zhangwf
wh_zhangyl
wh_zhangzf
byne_donggang
byne_guocr
byne_liusj
byne_liuxl
byne_shiht
byne_wangjing
byne_zhangkai
byne_baijy
byne_haona
byne_helin
byne_shixr
byne_wangr
byne_xincp
byne_baohw
byne_haoql
byne_houcp
byne_liuap
byne_liuhb
byne_liuys
byne_qinwh
wlcb_fangh
wlcb_guolx
wlcb_guozq
wlcb_hansp
wlcb_lanzj
wlcb_leizb
wlcb_lijie
wlcb_limao
wlcb_liuyp
wlcb_luomh
wlcb_niush
wlcb_wuren
wlcb_yanlx
wlcb_yangf
xa_zhanghx
erds_caohs
erds_gaoyx
erds_liuxl
erds_majun
erds_sifei
erds_zhujm
hs_zhanggb
hs_zhangwg
byne_baimx
byne_liujp
byne_zhuwl
byne_zuodm
byne_hanxy
byne_yanhg
xlgl_haoyq
xlgl_liujr
xlgl_renxq
xlgl_sundj
xlgl_gaoch
xlgl_gaohy
xlgl_hansh
xlgl_haohc
xlgl_haosy
xlgl_jinjx
xlgl_liugb
xlgl_liujj
xlgl_liuxy
xlgl_liuyj
xlgl_tuoya
xlgl_fengying
xlgl_wanghong
xlgl_xiaoying
xlgl_yaoxx
hlbe_baoys
hlbe_cuilj
hlbe_baoyl
hlbe_hanyx
hlbe_weisy
wlcb_fanrq
wlcb_jiaxj
wlcb_sunlz
hlbe_baoyx
hlbe_chenchao
hlbe_houxh
hlbe_liuyh
hlbe_renchong
hlbe_sunzy
hlbe_yangquan
hlbe_zhenying
erds_caomh
erds_cuijl
erds_hanyj
erds_leijb
erds_liufc
erds_niegl
erds_yanxz
hs_huangru
hs_liuyong
cf_jiangkj
cf_zhanglq
hlbe_baowf
hlbe_gaogc
hlbe_jinlj
hlbe_liufc
hlbe_liuwb
hlbe_nianping
hlbe_xinxw
hlbe_yanhy
hlbe_yanph
tl_wangwei
tl_zhanggz
xa_zhangqg
xa_zhangxh
xlgl_haoku
xlgl_siqin
xlgl_taizh
xlgl_guohx
xlgl_liuyh
erds_haocl
erds_jinsl
erds_liupb
erds_liusx
erds_liuzh
erds_renjj
erds_sunlp
wlcb_hanzh
wlcb_jinsm
wlcb_yanzq
byne_caofh
byne_caorq
byne_cuiyz
byne_houwy
byne_lijie
byne_wenzh
hs_chenzhh
mzl_zhangyuan
hs_epeng
xlgl_migm
als_guojx
als_luoyj
als_weiyg
als_jiasl
als_liuxg
als_luoxz
als_xiezz
cf_xingmy
cf_zhaoxh
hlbe_liwt
hlbe_lvsh
hlbe_lvzb
hlbe_mayc
hlbe_yubj
als_weisf
als_weiyh
als_guojw
als_houhy
als_liudw
als_liujh
als_zhaoling
cf_chenjy
cf_fengzh
cf_songyl
cf_tiansm
cf_xinggh
cf_qingbr
cf_songzx
cf_songzq
cf_wangxl
cf_wangly
cf_zhaoyb
cf_mengyj
cf_shaolj
cf_tianlg
cf_tianzh
cf_xinggc
cf_xingsq
cf_zhaoyd
cf_zhaozq
byne_helm
byne_libh
byne_liyw
byne_lizs
byne_lutj
byne_qixl
byne_qisl
byne_wujj
byne_wujq
byne_wuzj
byne_hepj
bt_xiaogh
bt_dongjp
bt_duanyc
bt_jingga
bt_lianyk
bt_tianzy
bt_wangch
bt_wanggz
bt_wangrw
bt_wangwp
bt_wangyp
bt_yanghm
bt_yangjy
bt_yangkq
bt_zhaodz
bt_zhaomx
bt_zhaosj
bt_zhaoxl
bt_zhaoxh
wlcb_lilp
wlcb_lirf
wlcb_liugong
wlcb_majz
wlcb_wangyan
wlcb_weiying
wlcb_wuxl
wlcb_hewb
wlcb_hezj
wlcb_lixd
wlcb_liuming
wlcb_ansm
wlcb_hewy
hlbe_hurc
hlbe_qiuzy
cf_chenyh
cf_zhaiam
cf_fengxq
cf_kongxw
cf_menglx
cf_wangsm
cf_wangyh
cf_wangzx
cf_yangdp
cf_yangsy
cf_yangxt
cf_zhanghong
cf_zhaozj
erds_lixj
erds_liyl
erds_suhu
erds_wupf
bt_wangxw
bt_dingxc
bt_hanyan
bt_wangsl
bt_xiaozm
erds_hulz
erds_liys
erds_xikl
xlgl_harh
xlgl_lihf
xlgl_lixq
xlgl_liym
xlgl_maqj
hlbe_liyh
hlbe_liym
als_baixr
als_baowz
als_hanxq
als_houhs
als_leijl
als_liufb
als_maozh
als_tanjh
als_weijc
erds_hudc
erds_lijp
erds_luce
erds_qixl
erds_quch
erds_wuzc
hlbe_duyj
hlbe_heqh
hlbe_lixm
hlbe_qipf
hlbe_xulq
erds_sadi
erds_wuzg
erds_aocx
erds_lihx
erds_lisz
erds_manh
erds_wagn
erds_xuaz
hlbe_huiying
hlbe_najl
hlbe_sulh
hlbe_wangzhu
el_chenlb
el_genghl
el_wangjh
el_zhaozz
wlcb_hucl
wlcb_liyq
wlcb_wangsen
wlcb_wuyq
wlcb_wugy
wlcb_xugx
wlcb_xuhx
wlcb_yudh
wlcb_zhangli
hlbe_lirg
bt_hushui
bt_lilong
bt_miaoml
bt_wangjg
bt_wangyw
bt_zhaozj
wh_wanglq
hlbe_ancz
hlbe_liwh
hlbe_liwl
hlbe_lixq
hlbe_surq
hlbe_wuzl
byne_lixf
byne_lixx
byne_surq
byne_suyf
byne_wuym
byne_wujp
erds_gaow
erds_heyf
erds_husy
erds_lijx
erds_lirm
erds_lixr
erds_sudu
hs_fengjs
hs_guotao
hs_tianfy
hs_tianyw
cf_miaohb
cf_pangcq
cf_shengw
cf_wangdm
cf_zhaogq
cf_zhaowz
cf_zhaozc
hs_chenhw
hs_chensp
hs_chenzl
hs_chengjing
hs_chengpeng
hs_dongjt
hs_hanshuang
hs_tangjf
hs_wangbl
hs_wanggl
hs_wanghj
hs_wangjb
hs_wanglp
hs_wangxy
hs_yangjf
hs_zhaofs
hs_zhaoyj
hlbe_bicp
hlbe_hejz
hlbe_heqd
hlbe_hucz
hlbe_lifm
hlbe_lihl
hlbe_lizg
hlbe_lvgb
hlbe_lvzj
hlbe_maly
hlbe_qiqg
hlbe_qudh
hlbe_wujj
hlbe_xuxb
hlbe_zhouyan
hs_wangzg
tl_dongsx
tl_wanggq
wlcb_lixl
wlcb_lixr
wlcb_ludy
bt_qinmin
cf_changzhen
cf_chenjr
cf_xingyx
tl_wangqy
tl_yangzw
tl_gongcs
tl_hongcf
tl_songwm
tl_wangzb
tl_yanglg
tl_zhaojh
xa_dongcz
xa_liushp
xa_tangsy
xa_wangxl
xa_wangyy
xa_yangfl
xa_zhuzhh
tl_bianyj
tl_tianhj
tl_zhaodj
tl_tonghm
tl_luancf
cf_chenxl
cf_dengdh
cf_tianby
cf_wangeq
cf_xingyl
tl_wangfr
tl_wangmc
tl_wangxj
bt_chentx
bt_wangzj
bt_zhaowd
wlcb_dicc
wlcb_hugq
wlcb_huxg
wlcb_liyj
wlcb_wusf
cf_dongyc
cf_fengqs
cf_tianss
cf_wangrm
byne_gerl
byne_lijc
byne_lijh
byne_lijl
byne_lixw
byne_lizq
byne_liubing
byne_mawb
byne_mazw
byne_wucl
hlbe_baijing
hlbe_jiangbo
hlbe_ligc
hlbe_wutz
hlbe_xuch
tl_fengxy
tl_yangfy
sjt_caoam
sjt_gaogq
sjt_guozx
sjt_hanfh
sjt_haogr
sjt_haosz
sjt_haoym
sjt_houjg
sjt_huosx
sjt_jiaoying
sjt_jinsp
sjt_liucg
sjt_liuhw
sjt_liuwl
sjt_liuzl
sjt_liuzw
sjt_liuzy
sjt_sunlw
sjt_sunyf
sjt_wanfr
sjt_wangyong
sjt_weihh
sjt_xiaoping
sjt_xiezw
sjt_yaolh
sjt_yinqf
sjt_yunyl
sjt_zhanglei
sjt_zhaosong
sjt_zhongqiu
sjt_zhouhuan
sjt_yanln
cf_dongfl
cf_fengjl
cf_wangcy
cf_wangye
cf_yuancy
cf_zhaoxd
cf_zhoulm
bt_wangjm
bt_wangzl
hs_zhaiyb
hs_fangjp
hs_wangcl
hs_liaoyy
hs_ronghy
hs_wangcy
hs_wangfr
hs_wangrb
hs_wangwj
hs_wangzy
wlcb_dujf
wlcb_licy
wlcb_xujh
cb_wangzf
hb_dongjf
hb_fengqiang
hb_xiaoyj
hb_zhaofc
hb_zhaogj
wlcb_dujl
wlcb_dulz
wlcb_liwk
wlcb_sihm
wlcb_yuxz
cf_chenxh
cf_duanhb
cf_hongjh
cf_miaosq
cf_tengtn
xlgl_liwh
xlgl_lvjj
xlgl_lvwj
xlgl_qijc
xlgl_wulh
tl_chenfm
tl_congrx
tl_fengyl
tl_liuzhi
tl_menglc
tl_miaoyt
tl_qiling
tl_shenjj
tl_songxj
tl_wangwj
tl_wangxy
tl_wangyp
tl_wangzg
tl_wangxz
tl_yanglj
tl_yangyj
tl_zhaoxy
tl_zhenyh
tl_zhenfz
tl_zhouhh
xa_chendw
xa_chengl
xa_donggm
xa_wangyf
xa_wangyq
bt_chensf
bt_tiancs
hs_dangzq
hs_dingxd
hs_donghb
hs_rongxl
hs_wangjl
hs_zhaoxt
hs_wanglx
hs_wangwb
hs_zhaoxl
cf_donggl
cf_sangyw
cf_tianlj
cf_wangfm
cf_wangsq
cf_wangym
cf_yanghy
cf_yuanlj
cf_zhouhf
wh_chaolm
wh_chenyb
wh_dongaj
wh_fengwb
wh_liujie
wh_liujun
wh_luolan
wh_tianlf
wh_wanggp
wh_wanghc
wh_wangje
wh_wangrx
wh_wangrl
wh_wangsq
wh_wangsz
wh_wangwd
wh_wangxm
wh_wangxc
wh_wangzj
wh_xingaz
wh_yangwl
wh_yangzj
wh_yaolei
wh_zhaold
byne_dufq
byne_husp
byne_lilp
byne_liyj
byne_wuht
byne_wujf
byne_wujh
byne_fugs
byne_jims
byne_masy
byne_xuyl
byne_bagn
byne_dufx
byne_gongxia
byne_hebj
byne_limj
byne_lixg
byne_qiqg
byne_wangrui
byne_wuyf
byne_zhangli
wlcb_fuys
wlcb_hudl
wlcb_marh
wlcb_siqt
xa_fangmj
xa_songym
xa_songyt
xa_tianlj
xa_wanggh
xa_wangjb
xa_wangxc
xa_wangzw
xa_yangyd
xa_zhaoxm
erds_qiqg
erds_tuya
erds_wune
hs_gongxy
hs_tianch
hs_wangxm
hs_wangys
hs_wangyz
byne_gezr
byne_huxf
byne_lifz
byne_ligz
byne_lihy
xlgl_liag
xlgl_lizy
xlgl_qinying
xlgl_chaogao
xlgl_wuch
xlgl_yuqw
xlgl_batu
xlgl_hasi
xlgl_hesg
xlgl_liyw
xlgl_lisf
xlgl_tana
xlgl_tubu
xlgl_wuhs
xlgl_xujc
xlgl_xuyb
xlgl_durs
xlgl_lixw
xlgl_wangjin
xlgl_wuzy
xlgl_qiqg
hs_congym
hs_fenggz
hs_yangzh
hlbe_mabj
hlbe_tuya
hlbe_hexm
hlbe_jinquan
hlbe_ligx
xa_chenxz
xa_wangfj
xa_xuansa
xa_zhangping
wlcb_anpf
wlcb_lihx
hlbe_dusy
hlbe_hubg
hlbe_xuyj
hlbe_yangjie
erds_duxm
erds_lirc
hs_bianja
hs_qichao
hs_shenhz
cf_hongyd
cf_songgy
cf_songzg
cf_yangxr
hlbe_chenxin
hlbe_fengwei
hlbe_wuxj
hlbe_yumy
tl_jingzm
tl_wangzm
tl_wangjq
tl_wangzs
xa_chenhj
xa_guozhy
xa_mengdm
xa_wangcl
xa_wangsh
xlgl_lihx
xlgl_lilj
xlgl_lirl
xlgl_wune
xlgl_wujm
erds_lijj
erds_qich
erds_wujm
erds_xufx
wlcb_jizp
wlcb_magc
byne_huyb
byne_jiyj
byne_mizh
byne_qixw
sjt_jiasp
sjt_jd
xa_lanfang
hs_nala
xa_zhuwz
als_lixj
als_hefl
als_helj
als_hexs
als_lixl
als_penghui
cf_liuyh
cf_niugj
cf_xinbs
als_bagn
als_fusy
als_wugq
als_xuyc
als_huzg
als_liyf
als_luch
als_wanping
cf_jialh
cf_liuxb
cf_liuyq
cf_luoyh
cf_renwf
cf_xuers
cf_zhuzg
cf_zhangyan
cf_fanwh
cf_gaowx
cf_guojh
cf_liuxw
cf_pangh
cf_sunsj
bt_baijx
bt_baiym
bt_fanmr
bt_gailp
bt_gaowd
bt_guogg
bt_guohz
bt_guojf
bt_guosq
bt_haomz
bt_haorm
bt_lanxd
bt_liugl
bt_liujp
bt_liusy
bt_liusm
bt_liuxl
bt_miaoping
bt_shijp
bt_shimm
bt_shixh
bt_songping
bt_xiecl
bt_zhangxin
bt_zhoujing
bt_zhujp
wlcb_liufei
wlcb_zhaofu
cf_baoxl
cf_gaofl
cf_gaojh
cf_gaozh
cf_houxp
cf_jiajj
cf_xiewh
cf_liudc
cf_liuyy
cf_qinsm
cf_weizz
cf_zhangbin
cf_zhangsen
cf_zhujx
bt_hanfy
bt_wangzhen
bt_houyl
bt_panxu
bt_renlj
bt_weixy
bt_yunlp
bt_zhuxy
erds_liuyan
erds_xinqin
xlgl_baohua
xlgl_meihua
lgl_hada
als_dalt
als_dingnan
als_lijm
hlbe_haijun
el_baiyw
el_caodx
el_liufy
el_liugr
wlcb_caoxia
bt_jiahc
bt_tanlf
bt_cuiyp
bt_liuwy
bt_liuzj
bt_wangx
bt_linrl
wh_bailj
wh_hansl
wh_liuyl
wh_lijie
byne_lijing
hs_jiags
hs_liulw
hs_tanlm
hs_wenyy
hs_yunbz
hs_yunsh
cf_baoxs
cf_gaojt
cf_liuwy
cf_liuxt
cf_wangjing
cf_nouyj
hs_guohc
hs_guoyd
hs_hancq
hs_houyy
hs_huozx
hs_huozk
hs_liufy
hs_liusd
hs_liuxy
hs_niejp
hs_sungq
hs_sunym
hs_weisw
hs_xueyh
hs_yunjj
hs_zhumx
hs_zhupf
hlbe_baihua
hlbe_chengr
hlbe_wangqi
hlbe_yushan
tl_baojp
tl_cairq
tl_huocq
tl_qinyp
bt_hanlm
bt_liuyl
bt_wangz
cf_baixh
cf_linyf
cf_liufr
cf_liuzw
cf_zhuzy
cf_zhurb
tl_liuchang
tl_sunlq
tl_luanchen
tl_baibj
tl_liuzj
tl_meixs
tl_yunsj
xa_cuifl
xa_cuixd
xa_gaogf
xa_huanghua
xa_xuqch
tl_baozn
tl_guoliang
cf_baold
cf_jiabj
cf_liuwh
cf_liuzl
cf_luohp
bt_huolg
bt_niusw
bt_wenxl
bt_wuyun
bt_yaobq
cf_daifj
cf_jiazj
cf_liubs
cf_liujl
cf_xiajl
cf_yangjing
cf_zhoujing
cf_zuoxh
byne_gaojie
hlbe_eln
tl_gaogy
tl_guoym
tl_liujd
tl_liuzf
tl_rengj
tl_xiexh
tl_zhugz
sjt_baiying
sjt_dufq
sjt_hezt
sjt_hual
sjt_lihm
sjt_list
sjt_liwh
sjt_liwj
sjt_lilf
sjt_lusj
sjt_lvhj
sjt_mazh
sjt_muxt
sjt_sigx
sjt_sury
sjt_wangbin
cf_gaoyg
cf_hanwd
cf_hanxb
cf_hanzw
cf_liuhy
cf_liulk
cf_sungf
cf_wanrj
cf_wenyb
cf_yaohm
cf_zhujd
cf_zoujc
bt_cuixr
bt_danhf
bt_leihh
bt_lizhi
bt_shijw
bt_shihp
hs_guohl
hs_hanjj
hs_haolx
hs_haosc
hs_jiayl
hs_lihua
hs_liwen
hs_liugm
hs_niurm
hs_niuys
hs_shiqm
hs_yangj
hs_yuyue
hs_gaojw
hs_liurh
cb_houwd
hb_gaoyl
hb_guozq
hb_liucy
hb_liury
hb_liuzx
hb_xieds
hb_yanwl
bt_hanjb
bt_wangyuan
bt_yancr
cf_baowb
cf_guowj
cf_haobb
cf_linxs
cf_liuzm
cf_suisd
cf_sunfy
cf_taoyl
cf_xuesf
tl_heicy
tl_houzg
tl_jiazh
tl_liucx
tl_liuhq
tl_liuql
tl_liuwb
tl_liuyh
tl_shiyx
tl_wanyy
tl_xuhua
tl_zhuyh
bt_hanhd
bt_liumx
bt_panwl
hs_hanyl
hs_sungh
hs_sunjx
hs_yunhb
hs_yunqiang
hs_yunzr
hs_baidy
hs_liupf
hs_liuhj
hs_liuzz
hs_weixd
hs_wenyp
hs_zhangjin
hs_zhoufeng
cf_guoyh
cf_handx
cf_haozf
cf_liuxf
cf_liuyj
cf_sunyq
cf_tianyang
cf_zhuyc
cf_yanrj
wh_niuyl
wh_baiyy
wh_hanzl
wh_haosj
wh_haoxh
wh_liuxm
wh_liuzh
wh_liuyy
wh_qindc
wh_sunzy
wh_weice
wh_weicf
byne_alm
byne_baohua
byne_baoyin
byne_baokun
byne_liujun
byne_liuyan
byne_yanxia
xa_gaocz
xa_guozq
xa_yinhp
xa_zhuzw
xa_zoujx
hs_liujc
hs_liuxf
hs_renyh
xlgl_erd
xlgl_xiefei
hs_liuhy
hs_wangjing
hs_zhaofeng
xa_baiyj
xa_baocl
xa_houqd
xa_qinyb
xa_weirs
erds_qqg
hs_yinjf
cf_gaosp
cf_leijx
cf_liurh
cf_sunzy
cf_xuesp
hlbe_wangyu
tl_baihj
tl_baozz
tl_gaowa
tl_liwen
tl_loulh
tl_weiby
xa_baoxl
xa_caohd
xa_guocs
xa_liusy
xa_liuxb
xa_youtm
xa_yangj
xlgl_suhe
tl_sunhai
tl_chenqi
xlgl_naqin
xa_gulb
xa_wangyan
xa_yuxb
als_aodeng
als_linmin
als_luping
cf_lilm
cf_liuyong
cf_wulj
cf_yuzc
als_nashun
cf_hegj
cf_ligp
cf_lihq
cf_liyl
cf_xuzs
cf_yucj
cf_lisy
cf_lixc
bt_shaofei
bt_dulp
bt_huag
bt_leigang
bt_liep
bt_lify
bt_lihz
bt_lisr
bt_liwx
bt_lixh
bt_mayw
bt_majy
bt_mamj
bt_wanfang
bt_wanglei
bt_wangxia
bt_zhaohua
bt_wuxj
bt_huyl
wlcb_wangy
cf_anzq
cf_bixt
cf_lizb
cf_lizj
cf_lvjj
cf_lvyl
cf_mayx
cf_wuxt
cf_xuls
cf_yubz
cf_zhangqi
cf_zhangyu
bt_aowj
xlgl_mengk
erds_ty
el_buhe
wlcb_luhua
bt_fujr
bt_sunrong
hlbe_lijie
wh_jijy
wh_lifz
hs_fubl
hs_lifz
hs_puxw
hs_qiyt
cf_jingxin
cf_liyq
cf_lvzj
cf_yudh
hs_bshg
hs_busg
hs_chenfei
hs_guts
hs_hezh
hs_heys
hs_hucl
hs_jianing
hs_jiaohui
hs_kangbin
hs_kuyh
hs_ligb
hs_ligy
hs_lisg
hs_liwj
hs_lixk
hs_lingbin
hs_lujl
hs_lvsm
hs_lvzk
hs_mahh
hs_maxy
hs_maxp
hs_oujx
hs_suql
hs_tianyun
hs_wangyan
hs_wangwei
hs_wulj
hs_wugw
hs_yangzhi
hlbe_linyu
hs_birl
tl_gehj
cf_liwq
cf_liyh
cf_liyc
cf_wangjun
cf_wuxj
cf_yutr
tl_lisy
tl_liyl
tl_zhangli
tl_huyf
tl_lixz
tl_lixd
tl_lizy
xa_anxy
xa_gell
xa_liqy
xa_panling
xa_wangkui
tl_lihw
tl_lihq
cf_kangkai
cf_lizc
cf_lugh
cf_xiaonan
tl_wuzj
tl_yudz
cf_bich
cf_liql
cf_lugp
cf_lvzg
cf_shangpu
cf_yugz
cf_yuhl
hlbe_gaoyu
tl_magl
tl_mifl
tl_wumx
sjt_guojun
sjt_lishuo
sjt_shijun
sjt_wuzhen
sjt_yuejiu
sjt_yunhao
cf_fuxl
cf_liwj
cf_lizy
cf_lvxd
cf_quzc
bt_lihj
bt_mays
bt_wuwd
hs_liqi
hs_surp
hs_gewg
hs_liah
hs_lilq
hs_wulx
hb_yuxm
cf_cuigang
cf_duyj
cf_lifj
tl_dujs
tl_fuqp
tl_huwm
tl_libj
tl_liyq
tl_lizh
tl_lugy
tl_mayc
tl_tana
tl_tuya
tl_wusj
tl_xuwz
xa_duyz
bt_gaojm
bt_wuxm
hs_liep
hs_liql
hs_lisq
hs_huhy
hs_lirx
hs_lism
hs_shifeng
cf_hexl
cf_wulf
wh_yubz
wh_huml
wh_lvsj
wh_wuyw
wh_diyp
byne_yajie
byne_yaxin
xa_jindian
xa_liubing
hs_lier
hs_lizh
hs_lvzq
hs_yangjun
xlgl_lijie
hs_ducl
hs_luxh
hlbe_yuzhu
hlbe_libin
hlbe_liubo
hs_anhl
hs_ligr
cf_fuyq
cf_lijq
cf_liyp
cf_majx
cf_yixh
hlbe_panxi
tl_batu
tl_buqh
tl_fuzm
tl_hulm
tl_wuzq
xa_gerl
xlgl_buren
xa_mawb
xa_baolei
als_hujie
als_wuwen
als_muren
cf_duanyu
cf_qudong
cf_wlj
bt_gongyi
bt_arh
bt_liumin
bt_xulian
cf_gaowei
cf_wangli
bt_kangli
bt_sunlei
cf_renfei
hs_eed
hs_jyl
hlbe_fuyu
cf_gaimin
sjt_guoxi
sjt_panli
sjt_xuyan
cf_fushan
cf_huoyin
cf_linlin
bt_haojiu
cf_yifeng
cf_yuandi
cf_liying
cf_lintao
byne_huhe
byne_yuhe
hs_qinwen
cf_raokun
cf_zhangq
xa_liuhao
cf_saren
als_batu
bt_liwei
bt_liuyi
bt_sunyu
cf_lijun
hlbe_lib
cf_xulin
tl_lvhua
xa_mandu
cf_hejie
hb_wuren
cf_litie
cf_sunyu
hs_wangj
hs_liuyi
hs_malan
hs_wangy
hlbe_liq
als_nar
bt_guoyt
hs_nana
tl_hasi
bt_lvdi
cf_enhe
xa_zhangll
sjt_qzlx
sjt_jgjw
sjt_sj30

漏洞证明：

<img src="https://wooyun-img.oss-cn-beijing.aliyuncs.com/upload/201509/07100116f2e7827a9504ad15017d476059c62955.jpg"

修复方案：

1、加验证码。
2、修改密码，严禁弱密码。
3、加强邮箱管理使用人员安全意识。

版权声明：转载请注明来源班尼路@乌云

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：13

确认时间：2015-09-11 13:54

厂商回复：

CNVD确认并复现所述情况，已经转由CNCERT下发给内蒙古分中心，由其后续协调网站管理单位处置。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0139473

漏洞标题：某自治区审计厅gov邮箱大量弱口令

相关厂商：cncert国家互联网应急中心

漏洞作者：班尼路

提交时间：2015-09-09 12:22

修复时间：2015-10-26 13:56

公开时间：2015-10-26 13:56

漏洞类型：设计缺陷/逻辑错误

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源班尼路@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0139473

漏洞标题：某自治区审计厅gov邮箱大量弱口令

相关厂商：cncert国家互联网应急中心

漏洞作者： 班尼路

提交时间：2015-09-09 12:22

修复时间：2015-10-26 13:56

公开时间：2015-10-26 13:56

漏洞类型：设计缺陷/逻辑错误

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0139473"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 班尼路@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

漏洞概要关注数(24) 关注此漏洞

漏洞作者：班尼路

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源班尼路@乌云