破壳企业应急安全(防御方向)课程 应急响应 勒索病毒 挖矿木马 DDOS 日志分析

ShopEx某站点zabbix注入导致主节点命令执行

编号93026
Urlhttp://www.wooyun.org/bug.php?action=view&id=93026
漏洞状态厂商已经确认
漏洞标题ShopEx某站点zabbix注入导致主节点命令执行
漏洞类型系统/服务运维配置不当
厂商ShopEx
白帽子路人甲
提交日期2015-01-21 09:37:00
公开日期2015-03-07 09:38:00
修复时间(not set)
确认时间2015-01-21 00:00:00
Confirm Spend0
漏洞标签安全意识不足 安全意识不足
关注数0
收藏数0
白帽评级
白帽自评rank15
厂商评级
厂商评rank10
漏洞简介
从注入到主节点命令执行,以一种你想不到的方式。
漏洞细节

#1
问题来了
站点1:http://121.196.43.143/

13.jpg


居然提示没有zabbix.users这个表。
心想,是不是运维人员手贱改了表名吧,咱试试zabbix1.users,不行,那试zabbix2.users这个表名,咦,还真猜中了。

14.jpg


好了,管理名为xuqinyong,md5也有了,去破解,得到密码。
#2
该去登录站点了

15.jpg


我去,肿么回事,没权限??
难道就这样放弃了?
不行。
偶然机会,得到shopex主节点地址:http://master1.zabbix.shopex.cn
想想,xuqinyong可能也是该节点的管理员~~~~
#3

16.jpg


好家伙几百台设备,大概看了下,基本覆盖ShopEx所有线上主机、数据库、mem、网络设备等。

17.jpg


命令执行~~

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3310 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN
tcp 0 0 192.168.0.32:63965 192.168.0.191:3310 ESTABLISHED
tcp 0 1 192.168.0.32:64371 192.168.0.191:3310 LAST_ACK
tcp 0 0 192.168.0.32:7835 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4849 192.168.0.191:3310 ESTABLISHED
tcp 1 0 192.168.0.32:3223 192.168.0.191:3310 CLOSE_WAIT
tcp 0 0 192.168.0.32:7849 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7856 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7841 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7843 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7836 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:10051 192.168.0.46:22262 ESTABLISHED
tcp 0 0 60.191.141.203:10051 122.144.135.154:58848 ESTABLISHED
tcp 0 0 192.168.0.32:56905 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7838 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7855 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7834 192.168.0.191:3310 ESTABLISHED
tcp 0 0 60.191.141.203:10051 121.196.43.143:6043 CLOSE_WAIT
tcp 0 0 192.168.0.32:7840 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4463 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4723 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:59649 192.168.0.191:3310 ESTABLISHED
tcp 0 122 192.168.0.32:7837 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:60746 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4721 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7832 192.168.0.191:3310 ESTABLISHED
tcp 0 0 60.191.141.203:10051 121.196.43.143:7353 ESTABLISHED
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 164052985 /tmp/mysqld3310.sock
unix 2 [ ACC ] STREAM LISTENING 232550146 @/var/run/hald/dbus-vA45u4luJL
unix 2 [ ACC ] STREAM LISTENING 7333 @/com/ubuntu/upstart
unix 2 [ ] DGRAM 7502 @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 9759 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 9822 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 10395 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 10402 private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 10408 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 10412 private/bounce
unix 2 [ ACC ] STREAM LISTENING 10416 private/defer
unix 2 [ ] DGRAM 232550173 @/org/freedesktop/hal/udev_event
unix 2 [ ACC ] STREAM LISTENING 10420 private/trace
unix 2 [ ACC ] STREAM LISTENING 10424 private/verify
unix 2 [ ACC ] STREAM LISTENING 10428 public/flush
unix 2 [ ACC ] STREAM LISTENING 10432 private/proxymap
unix 2 [ ACC ] STREAM LISTENING 10436 private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 10440 private/smtp
unix 2 [ ACC ] STREAM LISTENING 10444 private/relay
unix 2 [ ACC ] STREAM LISTENING 10448 public/showq
unix 2 [ ACC ] STREAM LISTENING 10452 private/error
unix 2 [ ACC ] STREAM LISTENING 10456 private/retry
unix 2 [ ACC ] STREAM LISTENING 10460 private/discard
unix 2 [ ACC ] STREAM LISTENING 10464 private/local
unix 2 [ ACC ] STREAM LISTENING 10468 private/virtual
unix 2 [ ACC ] STREAM LISTENING 10473 private/lmtp
unix 2 [ ACC ] STREAM LISTENING 10477 private/anvil
unix 2 [ ACC ] STREAM LISTENING 10481 private/scache
unix 2 [ ACC ] STREAM LISTENING 10540 /var/run/abrt/abrt.socket
unix 4 [ ] DGRAM 317189542 /dev/log
unix 2 [ ACC ] STREAM LISTENING 232550151 @/var/run/hald/dbus-VvzTfvg7bK
unix 2 [ ] DGRAM 319288195
unix 2 [ ] DGRAM 317190315
unix 2 [ ] DGRAM 315803311
unix 3 [ ] STREAM CONNECTED 232550356 /var/run/acpid.socket
unix 3 [ ] STREAM CONNECTED 232550355
unix 3 [ ] STREAM CONNECTED 232550350 @/var/run/hald/dbus-vA45u4luJL
unix 3 [ ] STREAM CONNECTED 232550349
unix 3 [ ] STREAM CONNECTED 232550337 @/var/run/hald/dbus-vA45u4luJL
unix 3 [ ] STREAM CONNECTED 232550256
unix 3 [ ] STREAM CONNECTED 232550168 @/var/run/hald/dbus-VvzTfvg7bK
unix 3 [ ] STREAM CONNECTED 232550167
unix 3 [ ] STREAM CONNECTED 232550148 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 232550147
unix 2 [ ] DGRAM 231859187
unix 2 [ ] DGRAM 10675
unix 2 [ ] DGRAM 10546
unix 3 [ ] STREAM CONNECTED 10543 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 10542
unix 3 [ ] STREAM CONNECTED 10484
unix 3 [ ] STREAM CONNECTED 10483
unix 3 [ ] STREAM CONNECTED 10480
unix 3 [ ] STREAM CONNECTED 10479
unix 3 [ ] STREAM CONNECTED 10476
unix 3 [ ] STREAM CONNECTED 10475
unix 3 [ ] STREAM CONNECTED 10472
unix 3 [ ] STREAM CONNECTED 10471
unix 3 [ ] STREAM CONNECTED 10467
unix 3 [ ] STREAM CONNECTED 10466
unix 3 [ ] STREAM CONNECTED 10463
unix 3 [ ] STREAM CONNECTED 10462
unix 3 [ ] STREAM CONNECTED 10459
unix 3 [ ] STREAM CONNECTED 10458
unix 3 [ ] STREAM CONNECTED 10455
unix 3 [ ] STREAM CONNECTED 10454
unix 3 [ ] STREAM CONNECTED 10451
unix 3 [ ] STREAM CONNECTED 10450
unix 3 [ ] STREAM CONNECTED 10447
unix 3 [ ] STREAM CONNECTED 10446
unix 3 [ ] STREAM CONNECTED 10443
unix 3 [ ] STREAM CONNECTED 10442
unix 3 [ ] STREAM CONNECTED 10439
unix 3 [ ] STREAM CONNECTED 10438
unix 3 [ ] STREAM CONNECTED 10435
unix 3 [ ] STREAM CONNECTED 10434
unix 3 [ ] STREAM CONNECTED 10431
unix 3 [ ] STREAM CONNECTED 10430
unix 3 [ ] STREAM CONNECTED 10427
unix 3 [ ] STREAM CONNECTED 10426
unix 3 [ ] STREAM CONNECTED 10423
unix 3 [ ] STREAM CONNECTED 10422
unix 3 [ ] STREAM CONNECTED 10419
unix 3 [ ] STREAM CONNECTED 10418
unix 3 [ ] STREAM CONNECTED 10415
unix 3 [ ] STREAM CONNECTED 10414
unix 3 [ ] STREAM CONNECTED 10411
unix 3 [ ] STREAM CONNECTED 10410
unix 3 [ ] STREAM CONNECTED 10407
unix 3 [ ] STREAM CONNECTED 10406
unix 3 [ ] STREAM CONNECTED 10401
unix 3 [ ] STREAM CONNECTED 10400
unix 3 [ ] STREAM CONNECTED 10398
unix 3 [ ] STREAM CONNECTED 10397
unix 3 [ ] STREAM CONNECTED 10394
unix 3 [ ] STREAM CONNECTED 10393
unix 3 [ ] STREAM CONNECTED 10391
unix 3 [ ] STREAM CONNECTED 10390
unix 2 [ ] DGRAM 10337
unix 3 [ ] STREAM CONNECTED 9771 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9770
unix 3 [ ] STREAM CONNECTED 9764
unix 3 [ ] STREAM CONNECTED 9763
unix 3 [ ] DGRAM 7519
unix 3 [ ] DGRAM 7518
Linux Master-Zabbix-Server.shopex.cn 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT 2011 x86_64 x86_64 x86_64 GNU/Linux
em1 Link encap:Ethernet HWaddr 00:26:B9:4A:EC:EB
inet addr:192.168.0.32 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::226:b9ff:fe4a:eceb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:73683143570 errors:0 dropped:30154 overruns:0 frame:0
TX packets:42343432114 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39009066907375 (35.4 TiB) TX bytes:16408077369508 (14.9 TiB)
Interrupt:36 Memory:da000000-da012800
em2 Link encap:Ethernet HWaddr 00:26:B9:4A:EC:EC
inet addr:60.191.141.203 Bcast:60.191.141.255 Mask:255.255.255.0
inet6 addr: fe80::226:b9ff:fe4a:ecec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1145373190 errors:0 dropped:0 overruns:0 frame:0
TX packets:503615162 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1248257721492 (1.1 TiB) TX bytes:36549974818 (34.0 GiB)
Interrupt:48 Memory:dc000000-dc012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:264968913 errors:0 dropped:0 overruns:0 frame:0
TX packets:264968913 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15383764730 (14.3 GiB) TX bytes:15383764730 (14.3 GiB)

POC

#1
问题来了
站点1:http://121.196.43.143/

13.jpg


居然提示没有zabbix.users这个表。
心想,是不是运维人员手贱改了表名吧,咱试试zabbix1.users,不行,那试zabbix2.users这个表名,咦,还真猜中了。

14.jpg


好了,管理名为xuqinyong,md5也有了,去破解,得到密码。
#2
该去登录站点了

15.jpg


我去,肿么回事,没权限??
难道就这样放弃了?
不行。
偶然机会,得到shopex主节点地址:http://master1.zabbix.shopex.cn
想想,xuqinyong可能也是该节点的管理员~~~~
#3

16.jpg


好家伙几百台设备,大概看了下,基本覆盖ShopEx所有线上主机、数据库、mem、网络设备等。

17.jpg


命令执行~~

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3310 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN
tcp 0 0 192.168.0.32:63965 192.168.0.191:3310 ESTABLISHED
tcp 0 1 192.168.0.32:64371 192.168.0.191:3310 LAST_ACK
tcp 0 0 192.168.0.32:7835 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4849 192.168.0.191:3310 ESTABLISHED
tcp 1 0 192.168.0.32:3223 192.168.0.191:3310 CLOSE_WAIT
tcp 0 0 192.168.0.32:7849 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7856 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7841 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7843 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7836 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:10051 192.168.0.46:22262 ESTABLISHED
tcp 0 0 60.191.141.203:10051 122.144.135.154:58848 ESTABLISHED
tcp 0 0 192.168.0.32:56905 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7838 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7855 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7834 192.168.0.191:3310 ESTABLISHED
tcp 0 0 60.191.141.203:10051 121.196.43.143:6043 CLOSE_WAIT
tcp 0 0 192.168.0.32:7840 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4463 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4723 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:59649 192.168.0.191:3310 ESTABLISHED
tcp 0 122 192.168.0.32:7837 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:60746 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:4721 192.168.0.191:3310 ESTABLISHED
tcp 0 0 192.168.0.32:7832 192.168.0.191:3310 ESTABLISHED
tcp 0 0 60.191.141.203:10051 121.196.43.143:7353 ESTABLISHED
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 164052985 /tmp/mysqld3310.sock
unix 2 [ ACC ] STREAM LISTENING 232550146 @/var/run/hald/dbus-vA45u4luJL
unix 2 [ ACC ] STREAM LISTENING 7333 @/com/ubuntu/upstart
unix 2 [ ] DGRAM 7502 @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 9759 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 9822 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 10395 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 10402 private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 10408 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 10412 private/bounce
unix 2 [ ACC ] STREAM LISTENING 10416 private/defer
unix 2 [ ] DGRAM 232550173 @/org/freedesktop/hal/udev_event
unix 2 [ ACC ] STREAM LISTENING 10420 private/trace
unix 2 [ ACC ] STREAM LISTENING 10424 private/verify
unix 2 [ ACC ] STREAM LISTENING 10428 public/flush
unix 2 [ ACC ] STREAM LISTENING 10432 private/proxymap
unix 2 [ ACC ] STREAM LISTENING 10436 private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 10440 private/smtp
unix 2 [ ACC ] STREAM LISTENING 10444 private/relay
unix 2 [ ACC ] STREAM LISTENING 10448 public/showq
unix 2 [ ACC ] STREAM LISTENING 10452 private/error
unix 2 [ ACC ] STREAM LISTENING 10456 private/retry
unix 2 [ ACC ] STREAM LISTENING 10460 private/discard
unix 2 [ ACC ] STREAM LISTENING 10464 private/local
unix 2 [ ACC ] STREAM LISTENING 10468 private/virtual
unix 2 [ ACC ] STREAM LISTENING 10473 private/lmtp
unix 2 [ ACC ] STREAM LISTENING 10477 private/anvil
unix 2 [ ACC ] STREAM LISTENING 10481 private/scache
unix 2 [ ACC ] STREAM LISTENING 10540 /var/run/abrt/abrt.socket
unix 4 [ ] DGRAM 317189542 /dev/log
unix 2 [ ACC ] STREAM LISTENING 232550151 @/var/run/hald/dbus-VvzTfvg7bK
unix 2 [ ] DGRAM 319288195
unix 2 [ ] DGRAM 317190315
unix 2 [ ] DGRAM 315803311
unix 3 [ ] STREAM CONNECTED 232550356 /var/run/acpid.socket
unix 3 [ ] STREAM CONNECTED 232550355
unix 3 [ ] STREAM CONNECTED 232550350 @/var/run/hald/dbus-vA45u4luJL
unix 3 [ ] STREAM CONNECTED 232550349
unix 3 [ ] STREAM CONNECTED 232550337 @/var/run/hald/dbus-vA45u4luJL
unix 3 [ ] STREAM CONNECTED 232550256
unix 3 [ ] STREAM CONNECTED 232550168 @/var/run/hald/dbus-VvzTfvg7bK
unix 3 [ ] STREAM CONNECTED 232550167
unix 3 [ ] STREAM CONNECTED 232550148 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 232550147
unix 2 [ ] DGRAM 231859187
unix 2 [ ] DGRAM 10675
unix 2 [ ] DGRAM 10546
unix 3 [ ] STREAM CONNECTED 10543 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 10542
unix 3 [ ] STREAM CONNECTED 10484
unix 3 [ ] STREAM CONNECTED 10483
unix 3 [ ] STREAM CONNECTED 10480
unix 3 [ ] STREAM CONNECTED 10479
unix 3 [ ] STREAM CONNECTED 10476
unix 3 [ ] STREAM CONNECTED 10475
unix 3 [ ] STREAM CONNECTED 10472
unix 3 [ ] STREAM CONNECTED 10471
unix 3 [ ] STREAM CONNECTED 10467
unix 3 [ ] STREAM CONNECTED 10466
unix 3 [ ] STREAM CONNECTED 10463
unix 3 [ ] STREAM CONNECTED 10462
unix 3 [ ] STREAM CONNECTED 10459
unix 3 [ ] STREAM CONNECTED 10458
unix 3 [ ] STREAM CONNECTED 10455
unix 3 [ ] STREAM CONNECTED 10454
unix 3 [ ] STREAM CONNECTED 10451
unix 3 [ ] STREAM CONNECTED 10450
unix 3 [ ] STREAM CONNECTED 10447
unix 3 [ ] STREAM CONNECTED 10446
unix 3 [ ] STREAM CONNECTED 10443
unix 3 [ ] STREAM CONNECTED 10442
unix 3 [ ] STREAM CONNECTED 10439
unix 3 [ ] STREAM CONNECTED 10438
unix 3 [ ] STREAM CONNECTED 10435
unix 3 [ ] STREAM CONNECTED 10434
unix 3 [ ] STREAM CONNECTED 10431
unix 3 [ ] STREAM CONNECTED 10430
unix 3 [ ] STREAM CONNECTED 10427
unix 3 [ ] STREAM CONNECTED 10426
unix 3 [ ] STREAM CONNECTED 10423
unix 3 [ ] STREAM CONNECTED 10422
unix 3 [ ] STREAM CONNECTED 10419
unix 3 [ ] STREAM CONNECTED 10418
unix 3 [ ] STREAM CONNECTED 10415
unix 3 [ ] STREAM CONNECTED 10414
unix 3 [ ] STREAM CONNECTED 10411
unix 3 [ ] STREAM CONNECTED 10410
unix 3 [ ] STREAM CONNECTED 10407
unix 3 [ ] STREAM CONNECTED 10406
unix 3 [ ] STREAM CONNECTED 10401
unix 3 [ ] STREAM CONNECTED 10400
unix 3 [ ] STREAM CONNECTED 10398
unix 3 [ ] STREAM CONNECTED 10397
unix 3 [ ] STREAM CONNECTED 10394
unix 3 [ ] STREAM CONNECTED 10393
unix 3 [ ] STREAM CONNECTED 10391
unix 3 [ ] STREAM CONNECTED 10390
unix 2 [ ] DGRAM 10337
unix 3 [ ] STREAM CONNECTED 9771 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9770
unix 3 [ ] STREAM CONNECTED 9764
unix 3 [ ] STREAM CONNECTED 9763
unix 3 [ ] DGRAM 7519
unix 3 [ ] DGRAM 7518
Linux Master-Zabbix-Server.shopex.cn 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT 2011 x86_64 x86_64 x86_64 GNU/Linux
em1 Link encap:Ethernet HWaddr 00:26:B9:4A:EC:EB
inet addr:192.168.0.32 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::226:b9ff:fe4a:eceb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:73683143570 errors:0 dropped:30154 overruns:0 frame:0
TX packets:42343432114 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39009066907375 (35.4 TiB) TX bytes:16408077369508 (14.9 TiB)
Interrupt:36 Memory:da000000-da012800
em2 Link encap:Ethernet HWaddr 00:26:B9:4A:EC:EC
inet addr:60.191.141.203 Bcast:60.191.141.255 Mask:255.255.255.0
inet6 addr: fe80::226:b9ff:fe4a:ecec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1145373190 errors:0 dropped:0 overruns:0 frame:0
TX packets:503615162 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1248257721492 (1.1 TiB) TX bytes:36549974818 (34.0 GiB)
Interrupt:48 Memory:dc000000-dc012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:264968913 errors:0 dropped:0 overruns:0 frame:0
TX packets:264968913 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15383764730 (14.3 GiB) TX bytes:15383764730 (14.3 GiB)

修复方案

你们更专业啦!

状态信息 2015-01-21: 细节已通知厂商并且等待厂商处理中
2015-01-21: 厂商已经确认,细节仅向厂商公开
2015-01-31: 细节向核心白帽子及相关领域专家公开
2015-02-10: 细节向普通白帽子公开
2015-02-20: 细节向实习白帽子公开
2015-03-07: 细节向公众公开
厂商回复非常感谢您为shopex信息安全做的贡献
我们将尽快修复
非常感谢
回应信息危害等级:高漏洞Rank:10 确认时间:2015-01-21 09:48