记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

奇虎360核心业务依然存在心脏滴血

2014-10-25 19:55

无意间发现



IP:220.181.150.247:443



存在openssl 信息泄露:



code 区域
220.181.150.247  js.login.360.cn





.@.T /api.php HTTP/1.0..X-QIHOO-IP: 211.138.5.40..X-Forwarded-For: 211.138.5.40..Host: passport.360.cn..Connection: close..Content-Length: 431..Content-Type: application/x-www-form-urlencoded..User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)....parad=ARjz%2BzN55d%2FedKS6NzhXizuh1VrfU7%2BbAp11FCdIKCwdx%2B7c7QITti6TlR6Ow%2FPxRydnfvS4eGoRJgvH9PLVymDGvUhC4iYKWIecg8J3%2Fc9VQ9MpqFHLUB2dhibgXh7PD%2B69cOMGjRRuyW95IRuUKYhCHayBTg0ZMW1cHie8XlmtN7NyrhfL989ijLwedB499CzRvqHFAldWD761NbzP61KHuiPC185n9ABWkKRducVXTI0OL8g7QEz5psLBd5bF3HfbI%2FjtVi8lKsYn7CfkAm6oSL28ztnUamhhm8NmxHzM%2FqLf%2Fxa0UgWVL9xadUtFsje9tyCJatllaoNmS%2BxXhdqAXxK9%2F4kNZIBcCMd4sCFFnb4%2BT01WWg&from=mpl_mobileGuard_and^.j.5Q.....<).8.........................d6%2FvrFym1g%2Ftog%2BauNm6QoHkvwdUwUCJI8KbVMzOIx2SGwunzK58MiRD23yleZ10SDknJRhw0hY7uewvMICimCjt76oC%2B6xia7UEjhOzNtdSa2oBKGltBuI2c5emT5V5MA09q8PjW1Nszs0nZLupc28rAF2f0ZnaT6zwbqkteu4SuZSbGEZ2ffxiJRtiphUa5mvGZFwxIsECOf1zesDf6KPMDpx%2BoKVfW267VUoJbH5%2FSUAgPN3ttDegnTL72GRZIsZ1zSjbaxM&from=mpl_zhushouB%.&*...:.Ndv ..........xNzWTehY6hlE7a29LxvMrRm6Ln2VKKwAg&from=mpl_mobileGuard_and+h.e.'.......k...KB.......{./R1...........T/.HlPD[. ..}<.........A......../<......."h..!@Gq....%.y...M%)VJ..)T.....g3p.>S5..w._.R.?3.,wCr...e&.....5l;dkB.~.gg...}.e....X.%z.K...7O..z.M...L...h'{.9;....7W!....}1........B...........-...............SNJT1xyIXfKgVRltbJ%2FgsO6Os8EXSTFclZkJxZ1NMHGTGJSwS9XaRwlNEX5ZzAAvcypyUArvIWIFyKLKlgv5Lp%2BvkY4frlLDMlH8rdPRvEQV8yshevlA&from=mpl_mobileGuard_and..[..,...p?..E..%..<...........!(7.............OT49H) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 UCBrowser/9.9.3.478 U3/0.8.0 Mobile Safari/533.1..Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,UC/145,plugin/1,alipay/un..X-UCBrowser-UA: dv(G4LTE03);pr(UCBrowser/9.9.3.478);ov(Android 4.4.2);ss(540*922);bt(UM);pm(1);bv(1);nm(0);im(0);sr(0);nt(0);.......`.+.N...f.Y..5..~.............text/html, image/png, image/jpeg, image/gif, */*;q=0.1..Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7..Accept-Encoding: gzip..Cookie: Q=u%3D%25R1%25S7%25P1%25Q4%25P5%25NR%25P9%25S1%25Q6%25NR%25P5%25NQ%26n%3D%25Q4%25QN%25Q3%25QN%25PP%25RP%25O1%25P8%25O8%25QS%26le%3DZwZ3ZGt2BGHjWGDjpKRhL29g%26m%3DZGtmWGWOWGWOWGWOWGWOWGWOZmp1%26qid%3D293233026%26im%3D220255dq9816%26src%3Dmpc_open_ms_201200641%26t%3D1; T=s%3D8ea3b968163aa93bda596fb1e962c721%26t%3D1407220238%26lm%3D%26lf%3D1%26sk%3Dc8e9811b1ad6b1c48a098ca63ef256d2%26mt%3D1410308431%26rc%3D1%26v%3D2.0%26a%3D1; __guid=59808745.1763000124756271400.1403078126964.7295....A#T~L...,......U......................q. .t..@(;.*5.MV.T....C......L$......sp.d*.....`....X;.y].T..w.b.!,.Pk...[....7.[..y.PS6U!.d2E....F.KsA.n...#..RMC6...=

漏洞证明:

xxx.jpg

修复方案:

你们懂得!


知识来源: www.wooyun.org/bugs/wooyun-2014-075680

阅读:114255 | 评论:0 | 标签:无

想收藏或者和大家分享这篇好文章→复制链接地址

“奇虎360核心业务依然存在心脏滴血”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

ADS

标签云