映客某处信息泄露多个数据库服务器沦陷

漏洞标题 映客某处信息泄露多个数据库服务器沦陷 相关厂商 ingkee.com 漏洞作者 ago 提交时间 2016-06-24 06:30 公开时间 2016-06-29 09:50 漏洞类型 重要…

漏洞标题 盈科在某处泄露了来自多个数据库服务器的信息 相关制造商 Ingkee.com 漏洞作者 之前 提交时间 2016-06-24 06: 30 公共时间 2016-06-29 09: 50 漏洞类型 重要的敏感信息泄露 危险等级 高 自我评估等级 20 漏洞状态 该漏洞已通知供应商,但供应商忽略了该漏洞 标签标签 内部敏感信息泄漏 漏洞详细信息 https://github.com/jiagh/inkestreaming/blob/f47045ce6214d5adb963f380e9f55fb37be9f6c7/inke-streaming/.idea/%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%BF%A1%E6%81%AF 。文本

简单证明

漏洞证明: 跳到内容 这个存储库 搜索 拉请求 问题 要旨 @海神 观看1 明星0 叉0 jiagh/inkestreaming 代码问题0拉取请求0 Wiki Pulse Graphs 树: f47045ce62查找文件复制pathinkestreaming/inke-streaming/.idea/Server Information.txt F47045c 3天前 @jiagh jiagh流媒体 1个贡献者 RawBlameHistory 273行(177 sloc)5.58 KB Hadoop集群列表: 42.62.88.99 hadoop01 42.62.88.100 hadoop02 42.62.88.101 hadoop03 42.62.88.102 hadoop04 42.62.88.103 hadoop05 42.62.88.104 hadoop06 42.62.88.105 hadoop07 42.62.88.106 hadoop08 42.62.88.107 hadoop09 42.62.88.108 hadoop10 42.62.88.109 hadoop11 42.62.88.110 hadoop12 42.62.88.114 hadoop13 42.62.88.115 hadoop14 42.62.88.116 hadoop15 42.62.88.117 hadoop16 卡夫卡 42.62.88.118 hadoop17 42.62.88.119 hadoop18 42.62.88.120 hadoop19 42.62.88.121 hadoop20 根/ zumdkz2xm0Zb ^镨 Cloudera经理 http://42.62.88.106: 7180/cmf/home [电子邮件 保护]/* 机房网络流量监控 Alarm.lenet.com.cn [电子邮件 保护]/* Smartbi_MYSQL_BI 42.62.88.121 hadoop20db_name: smartbi 用户名/密码: smartbi/smartbi SmartBI http://hadoop02: 8080/xquery/vision/index.jspadmin/manager 管理 http://hadoop02: 8080/xquery/vision/config.jsp [email  protected]/*

Cronhub http://hadoop01: 8080 / 阿里云测试服务器 117.121.50.244 2222 bo.chen/bo.chen!@# -------------------------------------------------- ------------------------------ BI业务MYSQL 1.数据库地址:rm-2zey3j5d26s8i68x8o.mysql.rds.aliyuncs.com帐号:hadoop密码:7rLfptWs0 2.hadoop 6uXWyqisg5 101.201.80.222: 3307 3. 123.56.246.98 hadoop,hadoop_2016 -------------------------------------------------- ------------------------------ 已将Log_base历史数据库20150420-20160505导入Hiveinke.log_base Mysql -h123.56.84.161 -uhadoop -p7rLfptWs0 -Dlive_log Mysql -h123.56.179.222 -uhadoop -pgGfXhsx71 -Dlive_log Mysql -uying.wang -pying.wang123 -h101.201.36.27 -Dlive_log -------------------------------------------------- ------------------------------ Inke_tv Web访问日志: Ali_bj_web31101.201.106.6910.25.94.141 Ali_bj_web30101.201.106.7210.25.94.145 Ali_bj_web29101.201.105.6110.25.94.176 Ali_bj_web28101.201.105.11210.25.94.166 Ali_bj_web27101.201.106.7610.25.94.151 Ali_bj_web26101.201.105.17210.25.94.159 Ali_bj_web13101.201.37.21010.24.192.39 Ali_bj_web12101.201.40.30 10.24.192.58 Ali_bj_web11101.201.37.10310.24.189.74 Ali_bj_web10101.201.37.94 10.24.189.63 Ali_bj_web04101.201.212.7110.46.176.44 Ali_bj_web03101.201.212.9 10.46.176.1 Ali_bj_web02101.201.212.4 10.46.176.28 Ali_bj_web01101.201.212.6710.46.176.37 Web服务帐户已打开hadoop:hadoop#123 /a8root /日志/nginx的 -------------------------------------------------- ------------------------------ Maidian_recv/maidian_common_log 埋藏日志服务器列表 10.24.195.93 common_log 10.24.195.117 common_log 10.24.200.69 common_log 10.24.201.36 common_log 10.24.201.41 common_log 10.46.177.126 10.46.161.96 10.47.210.207 common_log 10.47.208.106 common_log 10.44.19.97 10.172.219.33 Hadoop: 14UlnZ +做 视频埋藏日志数据源为2 /a8root/logs/live_common_log/common_log/live_common_log_business-20160510.log /a8root/logs/crash_recv/recv_business-20160510.log /a8root /日志/live_common_log/common_log /a8root/logs/crash_recv这两个路径 -------------------------------------------------- ------------------------------ 用户帐号 101.201.36.250 101.201.37.27 101.201.37.4 Bo.chen bo.chen123 用户需要转到/a8root/logs/live_user_account/common_log目录以查看业务日志。业务日志命名格式:例如,2016年5月4日15点,名为: business-2016050415.log -------------------------------------------------- ------------------------------ SERVICE_INFO 101.201.36.253 101.201.36.216 101.201.36.159 101.201.48.37 101.201.48.6 101.201.37.8 帐号:hadoop密码:npfqO28: vU access.log的-20160502.gz /a8root/logs/live_serviceinfo/access.log-20160502.gz -------------------------------------------------- ------------------------------ Log_base /礼物 增量数据同步计划如下: Ps:live_back服务器列表: 101.200.12.116 101.200.2.210 123.56.229.161 123.56.180.204 123.56.181.129 123.56.181.188 123.56.182.141 123.56.183.33 123.56.183.11 123.56.188.175没有礼物 Hadoop hadoop123 Ssh -p 2222 [电子邮件 保护]/* 事件402日志路径是 - > /a8root/logs/live_gift_backend/gift_business-20160510.log 其他事件是: /a8root/logs/live_backend/back_business-20160510.log -------------------------------------------------- ------------------------------ API Api.busi.inke.tv服务器列表 Ali_bj_web21101.201.40.14010.24.192.83 Ali_bj_web20101.201.48.21510.24.201.109 Ali_bj_web19101.201.40.11110.24.192.141 Ali_bj_web18101.201.40.15210.24.192.149 Hadoop hadoop#123 /a8root/logs/nginx/api.busi.log -------------------------------------------------- ------------------------------ 工资 旧的三台机器(以后都会被淘汰,对这台机器的请求数量很少): 1,10.46.176.234 2,10.45.37.20 3. 10.45.37.17

新三款付款机: 1,101.201.44.8 2,101.201.49.122 3,10.24.196.25

二,日志路径:/a8root/logs/live_user_payment/payment_business-xxxxxxxx.log,除以日,例如文件/a8root/logs/live_user_payment/payment_business-20160519.log Hadoop的#123 -------------------------------------------------- ------------------------------ User_phone_login 10.45.37.28 10.46.176.247 10.45.37.5 /a8root /日志/user_phone_login/common_log / 日志名称如下:user_phone_login_business-2016051901.log Hadoop hadoop#123 -------------------------------------------------- ------------------------------ 手机登录服务器ip: 101.201.28.63 123.56.189.219 123.56.190.45 日志所在的目录/a8root/logs/user_phone_login/common_log / 日志名称如下:user_phone_login_business-2016051901.log 10.46.176.234 10.45.37.20 10.45.37.17 10.24.196.25 10.24.201.250 10.24.196.59 10.45.37.28 10.46.176.247 10.45.37.5 Hadoop hadoop#123 弹性集群地址信息如下,您可以导入数据进行测试: 10.10.1.31: 9300 10.10.1.31: 9301 10.10.1.31: 9302

10.10.1.30: 9304 10.10.1.30: 9305 修理计划: 删除邮件 版权声明:请注明出处前@乌云