2015-01-12: 细节已通知厂商并且等待厂商处理中 2015-01-16: 厂商已经确认,细节仅向厂商公开 2015-01-26: 细节向核心白帽子及相关领域专家公开 2015-02-05: 细节向普通白帽子公开 2015-02-15: 细节向实习白帽子公开 2015-02-26: 细节向公众公开
第三方购票机构泄露大量航空公司用户机票订购信息(明文账号密码等信息)
1.某第三方购票机构
*****.130*****
mongodb未授权访问
/* 0 */{ "AduCount" : 2, "AdultFuelTax" : "120", "AgeType" : "ADT|ADT", "AircomCode" : "9C", "AirportTax" : "50", "ArrCode" : "SZX", "ArrTime" : "2014-07-10T12:00:00", "Birthday" : "19860414|19910426", "CabinCode" : "R3", "CardNum" : "3623261986[马赛克]|3301241991[马赛克]", "CardType" : "NI|NI", "Channel" : "web", "ChdCount" : 0, "ChildFuelTax" : "60", "ContactEmail" : "", "ContactMobile" : "", "ContactName" : "刘永[马赛克]", "Cookie" : "", "CreateTime" : ISODate("2014-06-28T06:11:19.728Z"), "DZMember" : "mq93759[马赛克]@126.com", "DZPassWord" : "e988[马赛克]", "DptCode" : "HGH", "DptTime" : "2014-07-10T09:50:00", "EticketNum" : "", "FenxiaoChannel" : "", "FlightDate" : "2014-07-10", "FlightNo" : "9C8553", "InsuranceCount" : 0, "InsuranceSinglePrice" : "", "InsuranceTotlePrice" : "", "IsCreateOrder" : true, "IsError" : false, "IsPay" : false, "IsScan" : true, "LockName" : "李[马赛克]", "OrderCancelStatus" : "false", "OrderNo" : "1052834049", "OrderStatus" : 41, "PNR" : "NBXMYK", "PassengerName" : "刘永[马赛克]|郑燕[马赛克]", "PassengerNum" : 2, "PayPrice" : "1060", "PayType" : "支付宝", "Remark" : "", "RequestJsonStr" : "{\"member\":{\"userName\":\"mq9375[马赛克]@126.com\",\"passWord\":\"e9884[马赛克]\"},\"flight\":{\"dptCode\":\"HGH\",\"arrCode\":\"SZX\",\"flightNo\":\"9C8553\",\"flightDate\":\"20140710\",\"cabinCode\":\"\",\"dptTime\":\"0950\",\"arrTime\":\"12\"},\"passengers\":[{\"passengerName\":\"刘永[马赛克]\",\"passengerType\":\"ADT\",\"cardType\":\"NI\",\"cardNo\":\"36232619860[马赛克]6\",\"birthDate\":\"19860414\"},{\"passengerName\":\"郑燕[马赛克]\",\"passengerType\":\"ADT\",\"cardType\":\"NI\",\"cardNo\":\"330124199104[马赛克]\",\"birthDate\":\"19910426\"}],\"contactName\":\"刘永[马赛克]\",\"contactPhone\":\"18321688248\"}", "TicketSinglePrice" : "374.5", "TotalPrice" : "1089", "_id" : ObjectId("53ae5c87a7598919f0837cad")}
2.可以获得支付宝、身份证、手机、姓名、信用卡等信息
3.更多信息,等你来发现。。。
其中帐号均可登录春秋航空平台,有大量订单、和用户敏感信息、
危害等级:高
漏洞Rank:18
确认时间:2015-01-16 14:02
谢谢,收到.已通知第三方关闭服务器。
暂无
嗯 漏洞中看貌似是利用 携程 和 春秋 进行订票的,但帐号在春秋有效,疑似第三方订票机构,望确认。
好复杂的关系。@疯狗