破壳企业应急安全(防御方向)课程 应急响应 勒索病毒 挖矿木马 DDOS 日志分析

映客某处信息泄露多个数据库服务器沦陷

编号222609
Urlhttp://www.wooyun.org/bug.php?action=view&id=222609
漏洞状态漏洞已经通知厂商但是厂商忽略漏洞
漏洞标题映客某处信息泄露多个数据库服务器沦陷
漏洞类型敏感信息泄露
厂商ingkee.com
白帽子ago
提交日期2016-06-24 06:30:00
公开日期2016-06-29 09:50:00
修复时间(not set)
确认时间0000-00-00 00:00:00
Confirm Spend-1
漏洞标签内部敏感信息泄漏
关注数0
收藏数0
白帽评级
白帽自评rank20
厂商评级
厂商评rank0
漏洞简介
。。。
漏洞细节

https://github.com/jiagh/inkestreaming/blob/f47045ce6214d5adb963f380e9f55fb37be9f6c7/inke-streaming/.idea/%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%BF%A1%E6%81%AF.txt


1.png


简单证明

2.jpg


3.jpg

POC

Skip to content
This repository
Search
Pull requests
Issues
Gist
@sea-god
Watch 1
Star 0
Fork 0 jiagh/inkestreaming
Code Issues 0 Pull requests 0 Wiki Pulse Graphs
Tree: f47045ce62 Find file Copy pathinkestreaming/inke-streaming/.idea/服务器信息.txt
f47045c 3 days ago
@jiagh jiagh streaming
1 contributor
RawBlameHistory 273 lines (177 sloc) 5.58 KB
hadoop集群列表:
42.62.88.99 hadoop01
42.62.88.100 hadoop02
42.62.88.101 hadoop03
42.62.88.102 hadoop04
42.62.88.103 hadoop05
42.62.88.104 hadoop06
42.62.88.105 hadoop07
42.62.88.106 hadoop08
42.62.88.107 hadoop09
42.62.88.108 hadoop10
42.62.88.109 hadoop11
42.62.88.110 hadoop12
42.62.88.114 hadoop13
42.62.88.115 hadoop14
42.62.88.116 hadoop15
42.62.88.117 hadoop16
kafka
42.62.88.118 hadoop17
42.62.88.119 hadoop18
42.62.88.120 hadoop19
42.62.88.121 hadoop20
root/
zumdkz2xm0Zb^Pr
Cloudera Manager
http://42.62.88.106:7180/cmf/home
admin/[email protected]
机房网络流量监控
alarm.lenet.com.cn
mlw/[email protected]
Smartbi_MYSQL_BI
42.62.88.121 hadoop20 db_name: smartbi
username/password: smartbi / smartbi
SmartBI
http://hadoop02:8080/xquery/vision/index.jsp admin/manager
管理
http://hadoop02:8080/xquery/vision/config.jsp admin/[email protected]
cronhub
http://hadoop01:8080/
阿里云测试服务器
117.121.50.244 2222 bo.chen/[email protected]#
--------------------------------------------------------------------------------
BI 业务 MYSQL
1. 数据库地址:rm-2zey3j5d26s8i68x8o.mysql.rds.aliyuncs.com 账号:hadoop 密码:7rLfptWs0
2. hadoop 6uXWyqisg5 101.201.80.222:3307
3. 123.56.246.98 hadoop,hadoop_2016
--------------------------------------------------------------------------------
log_base 历史数据库 20150420 - 20160505 已导入至Hive inke.log_base
mysql -h123.56.84.161 -uhadoop -p7rLfptWs0 -Dlive_log
mysql -h123.56.179.222 -uhadoop -pgGfXhsx71 -Dlive_log
mysql -uying.wang -pying.wang123 -h101.201.36.27 -Dlive_log
--------------------------------------------------------------------------------
inke_tv
web访问日志:
ali_bj_web31 101.201.106.69 10.25.94.141
ali_bj_web30 101.201.106.72 10.25.94.145
ali_bj_web29 101.201.105.61 10.25.94.176
ali_bj_web28 101.201.105.112 10.25.94.166
ali_bj_web27 101.201.106.76 10.25.94.151
ali_bj_web26 101.201.105.172 10.25.94.159
ali_bj_web13 101.201.37.210 10.24.192.39
ali_bj_web12 101.201.40.30 10.24.192.58
ali_bj_web11 101.201.37.103 10.24.189.74
ali_bj_web10 101.201.37.94 10.24.189.63
ali_bj_web04 101.201.212.71 10.46.176.44
ali_bj_web03 101.201.212.9 10.46.176.1
ali_bj_web02 101.201.212.4 10.46.176.28
ali_bj_web01 101.201.212.67 10.46.176.37
web 服务的账号 开通了 hadoop :hadoop#123
/a8root/logs/nginx
--------------------------------------------------------------------------------
maidian_recv / maidian_common_log
埋点日志服务器列表
10.24.195.93 common_log
10.24.195.117 common_log
10.24.200.69 common_log
10.24.201.36 common_log
10.24.201.41 common_log
10.46.177.126
10.46.161.96
10.47.210.207 common_log
10.47.208.106 common_log
10.44.19.97
10.172.219.33
hadoop : 14UlnZ+do
视频埋点日志 数据来源为2个
/a8root/logs/live_common_log/common_log/live_common_log_business-20160510.log /a8root/logs/crash_recv/recv_business-20160510.log
/a8root/logs/live_common_log/common_log
/a8root/logs/crash_recv 这两个路径
--------------------------------------------------------------------------------
user_account
101.201.36.250
101.201.37.27
101.201.37.4
bo.chen bo.chen123
用户新增相关信息需要到/a8root/logs/live_user_account/common_log 目录下查看business日志。Business日志命名格式:如2016年05月04日15时则命名为: business-2016050415.log
--------------------------------------------------------------------------------
service_info
101.201.36.253
101.201.36.216
101.201.36.159
101.201.48.37
101.201.48.6
101.201.37.8
账号:hadoop 密码:npfqO28:vU
access.log-20160502.gz
/a8root/logs/live_serviceinfo/access.log-20160502.gz
--------------------------------------------------------------------------------
log_base / gift
增量数据同步安排如下:
ps:live_back服务器列表:
101.200.12.116
101.200.2.210
123.56.229.161
123.56.180.204
123.56.181.129
123.56.181.188
123.56.182.141
123.56.183.33
123.56.183.11
123.56.188.175 无 gift
hadoop hadoop123
ssh -p 2222 [email protected]
事件402日志 路径为 -> /a8root/logs/live_gift_backend/gift_business-20160510.log
其他的事件 路径为: /a8root/logs/live_backend/back_business-20160510.log
--------------------------------------------------------------------------------
API
api.busi.inke.tv 服务器列表
ali_bj_web21 101.201.40.140 10.24.192.83
ali_bj_web20 101.201.48.215 10.24.201.109
ali_bj_web19 101.201.40.111 10.24.192.141
ali_bj_web18 101.201.40.152 10.24.192.149
hadoop hadoop#123
/a8root/logs/nginx/api.busi.log
--------------------------------------------------------------------------------
Pay
旧的三台机器(后面会全部淘汰,还有少部分请求到这台机器):
1、10.46.176.234
2、10.45.37.20
3、10.45.37.17

新的三台支付机器:
1、101.201.44.8
2、101.201.49.122
3、10.24.196.25

二、日志所在路径:/a8root/logs/live_user_payment/payment_business-xxxxxxxx.log,按天切分,如文件/a8root/logs/live_user_payment/payment_business-20160519.log
hadoop#123
--------------------------------------------------------------------------------
user_phone_login
10.45.37.28
10.46.176.247
10.45.37.5
/a8root/logs/user_phone_login/common_log/
日志名形如:user_phone_login_business-2016051901.log
hadoop hadoop#123
--------------------------------------------------------------------------------
手机登陆 服务器ip:
101.201.28.63
123.56.189.219
123.56.190.45
日志所在目录 /a8root/logs/user_phone_login/common_log/
日志名形如:user_phone_login_business-2016051901.log
10.46.176.234
10.45.37.20
10.45.37.17
10.24.196.25
10.24.201.250
10.24.196.59
10.45.37.28
10.46.176.247
10.45.37.5
hadoop hadoop#123
elastic集群地址信息如下,可导入数据进行测试:
10.10.1.31:9300
10.10.1.31:9301
10.10.1.31:9302

10.10.1.30:9304
10.10.1.30:9305

修复方案

删除信息

状态信息 2016-06-24: 细节已通知厂商并且等待厂商处理中
2016-06-24: 厂商已查看当前漏洞内容,细节仅向厂商公开
2016-06-29: 厂商已经主动忽略漏洞,细节向公众公开
厂商回复None漏洞Rank:15 (WooYun评价)
回应信息危害等级:无影响厂商忽略忽略时间:2016-06-29 09:50
Showing 1-2 of 2 items.
评论内容评论人点赞数评论时间

厂商说,抓到打死

Gnest02016-06-26 23:29:00

厂商说,抓到打死,弹JJ到死。科科

feh02016-06-24 08:00:00