记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

联动天下某服务器未授权访问涉及大量敏感信息/造成可下载上万网站源码及数据库备份文件

2015-10-28 15:10

code 区域
某FTP未授权访问/直接泄露大量敏感信息/造成可下载上万网站源码及数据库备份文件

ftp://14.17.122.200



0.png



先来看看数据库。。

1.png



3.png



2.png



网站备案信息

ba.png



ba1.png



code 区域
ftp://14.17.122.200/web/Systool/autoftp/task.ini  

//包含大量备份服务器FTP账户密码



task.png



那么我们可以按照列表里一一个登陆看看。。其实账号密码掌握了规律就 很简单,大可以扫扫还有哪些子域名。。利用规律修改登陆/此处略过/精力有限。最主要是多半会被忽略。。

截图长度有限..就截取上面一节..进去FTP 可查看到大量的信息..

h236.png



h236ms.png



h236my.png



h239.png



h251.png



h251mmsql.png



h251mysql.png



h905.png



h906.png



h907.png



h908.png



h909.png



h910.png



h912.png



h913.png



h917.png



11.png



12.png



code 区域
h251.72dns.net

//一张图来看看有没有你的信息.当然这只是一小部分



my.png



因为是备份服务器,有些用户已经不在使用服务器或数据库了,但服务器仍有保存信息..

漏洞证明:

code 区域
[h235.72dns.net]

Server = h235.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-235-ipowerbak



[h236.72dns.net-mssql]

Server = h236.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-236-ipowerbak



[h236.72dns.net-mysql]

Server = h236.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-236-ipowerbak



[h236.72dns.net]

Server = h236.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-236-ipowerbak



[h237.72dns.net-mysql]

Server = h237.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-237-ipowerbak



[h237.72dns.net-mssql]

Server = h237.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-237-ipowerbak



[h270.72dns.net-mssql]

Server = h270.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-270-ipowerbak



[h270.72dns.net-mysql]

Server = h270.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-270-ipowerbak



[h270.72dns.net]

Server = h270.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-270-ipowerbak



[h905.72dns.net]

Server = h905.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-905-ipowerbak



[h906.72dns.net]

Server = h906.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-906-ipowerbak



[h907.72dns.net]

Server = h907.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-907-ipowerbak



[h908.72dns.net]

Server = h908.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-908-ipowerbak



[h909.72dns.net]

Server = h909.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-909-ipowerbak



[h271.72dns.net]

Server = h271.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-271-ipowerbak



[h271.72dns.net-mysql]

Server = h271.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-271-ipowerbak



[h271.72dns.net-mssql]

Server = h271.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-271-ipowerbak



[h910.72dns.net]

Server = h910.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-910-ipowerbak



[h911.72dns.net]

Server = h911.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-911-ipowerbak



[h251.72dns.net-mssql]

Server = h251.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-251-ipowerbak



[h251.72dns.net-mysql]

Server = h251.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-251-ipowerbak



[h251.72dns.net]

Server = h251.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-251-ipowerbak



[h239.72dns.net]

Server = h239.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-239-ipowerbak



[h912.72dns.net]

Server = h912.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-912-ipowerbak



[h913.72dns.net]

Server = h913.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-913-ipowerbak



[h917.72dns.net]

Server = h917.72dns.net

FtpUser = ipowerbak

FtpPass = 72dns-917-ipowerbak

修复方案:

知识来源: www.wooyun.org/bugs/wooyun-2015-0148784

阅读:88231 | 评论:0 | 标签:无

想收藏或者和大家分享这篇好文章→复制链接地址

“联动天下某服务器未授权访问涉及大量敏感信息/造成可下载上万网站源码及数据库备份文件”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云