当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-096701

漏洞标题:时趣重某服务器弱口令导致重要信息泄漏之二

相关厂商:social-touch.com

漏洞作者: 看什麼看

提交时间:2015-02-11 10:12

修复时间:2015-03-28 10:14

公开时间:2015-03-28 10:14

漏洞类型:重要敏感信息泄露

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-02-11: 细节已通知厂商并且等待厂商处理中
2015-02-11: 厂商已经确认,细节仅向厂商公开
2015-02-21: 细节向核心白帽子及相关领域专家公开
2015-03-03: 细节向普通白帽子公开
2015-03-13: 细节向实习白帽子公开
2015-03-28: 细节向公众公开

简要描述:

挖些什么好呢,这家公司和我一样,这么小气,一毛不拔,一直忽略。
我只是要来乌云练级的。。。

详细说明:

WooYun: 时趣互动敏感信息泄露

Selection_020.png


Selection_021.png


Selection_022.png


Selection_022.png


漏洞证明:

mysql> show tables;
+---------------------------+
| Tables_in_sps |
+---------------------------+
| dashboards |
| keyword_groups |
| keywords |
| matrix_weibo |
| mp_ebusiness |
| mp_wechat |
| notices |
| options |
| user_combination_keywords |
| user_keywords |
| user_weibo |
| users |
| warning_weibos |
| warning_weibos_0 |
| warning_weibos_1 |
| warning_weibos_10 |
| warning_weibos_11 |
| warning_weibos_12 |
| warning_weibos_13 |
| warning_weibos_14 |
| warning_weibos_15 |
| warning_weibos_16 |
| warning_weibos_17 |
| warning_weibos_18 |
| warning_weibos_19 |
| warning_weibos_2 |
| warning_weibos_20 |
| warning_weibos_21 |
| warning_weibos_22 |
| warning_weibos_23 |
| warning_weibos_24 |
| warning_weibos_25 |
| warning_weibos_26 |
| warning_weibos_27 |
| warning_weibos_28 |
| warning_weibos_29 |
| warning_weibos_3 |
| warning_weibos_4 |
| warning_weibos_5 |
| warning_weibos_6 |
| warning_weibos_7 |
| warning_weibos_8 |
| warning_weibos_9 |
| warning_words |
| warnings |
+---------------------------+
45 rows in set (0.01 sec)
mysql> select count(*) from users;
+----------+
| count(*) |
+----------+
| 35 |
+----------+
1 row in set (0.01 sec)
mysql> select * from users;
+----+----------------------------------+----------------------------------+---------+------------------------+-------------+-------------+-------------+---------+-------------+
| id | username | password | isAdmin | note | login_count | create_time | expire_time | sso_uid | new_notices |
+----+----------------------------------+----------------------------------+---------+------------------------+-------------+-------------+-------------+---------+-------------+
| 1 | spsadmin@social-touch.com | e44f8cf63970db5c2df0a18153bcdf49 | 1 | 0 | 0 | 1409034343 | 1535212800 | -1 | 0 |
| 2 | wangpeng@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 0 | 0 | 1409107726 | 1451491200 | 533 | 0 |
| 3 | yuandi@social-touch.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1409107881 | 1443283200 | 534 | 0 |
| 4 | zhangyufei@social-touch.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1409116818 | 1409414400 | 535 | 0 |
| 5 | wangpan@social-touch.com | d437df002f7a5c8555c107af8a643977 | 0 | 0 | 0 | 1409122070 | 1440604800 | 536 | 0 |
| 6 | sps@social-touch.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1409192201 | 1440691200 | 539 | 0 |
| 7 | SocialTouch@social-touch.com | 070e666d5ec987b496ab2780ea9e2ce8 | 0 | 0 | 0 | 1409647476 | 1441123200 | 554 | 0 |
| 8 | xhh881108@126.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1409900711 | 1412438400 | 565 | 0 |
| 9 | AXI@ECCO.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 0 | 0 | 1411355129 | 1414771200 | 588 | 0 |
| 10 | ximenzi@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 西门子 王攀添加 | 0 | 1411369201 | 1442851200 | 589 | 3 |
| 11 | bon@zealer.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 王攀开 | 0 | 1411467835 | 1414771200 | 597 | 0 |
| 12 | baidu@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 王攀添加 | 0 | 1411715996 | 1414252800 | 598 | 0 |
| 13 | siemens@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 王攀 开 | 0 | 1411885534 | 1443369600 | 601 | 538 |
| 14 | zhouxiangyu@scoal-touch.com | 0ec173788c65dd08da60575219707632 | 0 | 周祥宇 | 0 | 1412927660 | 1539100800 | 615 | 0 |
| 15 | zhouxiangyu@social-touch.com | 0ec173788c65dd08da60575219707632 | 0 | 周祥宇 | 0 | 1412927762 | 1665331200 | 162 | 0 |
| 16 | zhangxueuan@social-touch.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1413356244 | 1476460800 | 628 | 1 |
| 17 | yizhu@siemens.com | 74993f42c49b81f3a77103bcbb247c2b | 0 | 王攀开 | 0 | 1413554292 | 1417363200 | 630 | 0 |
| 18 | gaowanming@social-touch.com | e10adc3949ba59abbe56e057f20f883e | 0 | 0 | 0 | 1413800757 | 1445270400 | 635 | 0 |
| 19 | shiyong@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 王攀开 | 0 | 1415257438 | 1446739200 | 756 | 0 |
| 20 | landezhi@social-touch.com | c193b40010f0fac20bc869ba50f003e6 | 0 | 大泉开 | 0 | 1415786634 | 1447257600 | 773 | 0 |
| 21 | millwardbrown@social-touch.com | 2795916096c9e6644b73463456cad876 | 0 | 0 | 0 | 1416380766 | 1419523200 | 776 | 0 |
| 22 | ctrip@social-touch.com | 1095d5b2dba9966a9767e9d58fb5fb9b | 0 | 王攀开 | 0 | 1416383741 | 1435680000 | 777 | 203 |
| 23 | Jacklyne.Keomany@cn.ab-inbev.com | ed85e5ddefa3ade80d018178e34331ec | 0 | 王攀开 | 0 | 1416883745 | 1419955200 | 786 | 14 |
| 24 | jianjunwu@pptv.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 逄大伟 | 0 | 1417415621 | 1420041600 | 724 | 0 |
| 25 | chenlitao@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 骊涛开设账号 | 0 | 1417420638 | 1448899200 | 286 | 0 |
| 26 | zhangrui@social-touch.com | 125d0d502244655321fd3c3daf0dc440 | 0 | zhangruikai | 0 | 1417420848 | 1448899200 | 16 | 0 |
| 27 | wangrui@iforce-media.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 振华开 | 0 | 1417747167 | 1419004800 | 806 | 1953 |
| 28 | lorenc@nvidia.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 销售高伟 | 0 | 1418273051 | 1422633600 | 813 | 0 |
| 29 | wangxugang@social-touch.com | 91af8f258f167055281891a379e9fb65 | 0 | 王绪刚 | 0 | 1418630907 | 1427731200 | 168 | 0 |
| 30 | yzp@meizu.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 魅族开设账号 | 0 | 1418637641 | 1454169600 | 300 | 0 |
| 31 | yzp111@meizu.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 0 | 0 | 1418637757 | 1451404800 | 817 | 0 |
| 32 | hanbing@chinadaily.com.cn | 125d0d502244655321fd3c3daf0dc440 | 0 | 武广娟开户 | 0 | 1420622286 | 1421769600 | 233 | 0 |
| 33 | hanbing@chinadaily.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 武广娟 | 0 | 1420622564 | 1421769600 | 855 | 0 |
| 34 | yc_che@hnair.com | 125d0d502244655321fd3c3daf0dc440 | 0 | 海航开设账户 | 0 | 1420697462 | 1422547200 | 861 | 0 |
| 35 | healthcare@social-touch.com | 1c8491a30d62d3d30f1a8c10ea34b30c | 0 | 西门子医疗 | 0 | 1421145177 | 1423756800 | 892 | 27 |
+----+----------------------------------+----------------------------------+---------+------------------------+-------------+-------------+-------------+---------+-------------+
35 rows in set (0.00 sec)

Selection_025.png

修复方案:

给分

版权声明:转载请注明来源 看什麼看@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-02-11 13:58

厂商回复:

多谢,能发一个联系方式给 邮箱吗 送你一份礼物

最新状态:

暂无


漏洞评价:

评论

  1. 2015-02-11 14:58 | 看什麼看 ( 路人 | Rank:16 漏洞数:4 | 知有飄零,畢竟飄零,便是飄零也感卿)

    @时趣科技 补我上面的分