安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

admin
admin
admin
140350
文章
117
评论
2017年3月26日15:43:19评论540 views字数 269阅读0分53秒阅读模式
摘要

2016-03-21: 细节已通知厂商并且等待厂商处理中
2016-03-21: 厂商已查看当前漏洞内容,细节仅向厂商公开
2016-03-26: 厂商已经主动忽略漏洞,细节向公众公开

漏洞概要 关注数(7) 关注此漏洞

缺陷编号: WooYun-2016-187038

漏洞标题: 安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

相关厂商: axatp.com

漏洞作者: 路人甲

提交时间: 2016-03-21 07:51

公开时间: 2016-03-26 08:00

漏洞类型: 命令执行

危害等级: 高

自评Rank: 20

漏洞状态: 漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系

Tags标签: 远程命令执行 补丁不及时

2人收藏

漏洞详情

披露状态:

2016-03-21: 细节已通知厂商并且等待厂商处理中
2016-03-21: 厂商已查看当前漏洞内容,细节仅向厂商公开
2016-03-26: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

不小心又发现一个。

详细说明:

之前提交了一个 WooYun: 安盛天平汽车保险系统Getshell可泄露大量车主用户信息(车主姓名/电话/车牌号/发动机号/品牌型号/车架号/保单号...) ,接着上次的继续再来一个。

http://180.168.192.19:80/

同一个网段的系统180.168.192.19也存在JBoss反序列化漏洞。上个系统可以查看2014~2016年的保单信息。180.168.192.19系统可以查看2012~2013年的所有用户保单信息。

漏洞证明:

系统IP地址是:180.168.192.19

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

又是反序列化漏洞:

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

code 区域 
root:x:0:0:root:/root:/bin/bash
 bin:x:1:1:bin:/bin:/sbin/nologin
 daemon:x:2:2:daemon:/sbin:/sbin/nologin
 adm:x:3:4:adm:/var/adm:/sbin/nologin
 mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
 ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
 nobody:x:99:99:Nobody:/:/sbin/nologin
 dbus:x:81:81:System message bus:/:/sbin/nologin
 avahi:x:70:70:Avahi daemon:/:/sbin/nologin
 nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
 mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
 smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
 vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
 rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
 ntp:x:38:38::/etc/ntp:/sbin/nologin
 rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
 nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
 sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
 pcap:x:77:77::/var/arpwatch:/sbin/nologin
 haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
 rpm:x:37:37::/var/lib/rpm:/sbin/nologin
 xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
 sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
 gdm:x:42:42::/var/gdm:/sbin/nologin
 jboss:x:500:500::/home/jboss:/bin/bash
 zhuxuehua:x:539:500::/home/zhuxuehua:/bin/bash
 fengpeng:x:540:502::/home/fengpeng:/bin/bash
 chengxm:x:541:502::/home/chengxm:/bin/bash
 chenshijing:x:542:502::/home/chenshijing:/bin/bash
 shijh:x:543:500::/home/shijh:/bin/bash
 juan1.jiang:x:544:500::/home/juan1.jiang:/bin/bash
 oujun:x:545:502::/home/oujun:/bin/bash
 meiping.wu:x:546:500::/home/meiping.wu:/bin/bash
 jinqiu.xu:x:547:502::/home/jinqiu.xu:/bin/bash
 pengyk:x:548:502::/home/pengyk:/bin/bash
 hui.teng:x:549:500::/home/hui.teng:/bin/bash
 kunyan.ye:x:550:500::/home/kunyan.ye:/bin/bash

接下来就是上传shell,但是根据上个系统的漏洞,知道保单信息在reportFile目录下(绝对路径在/opt/tpapp/ecsale/server/ecsale/reportFile)

就直接找到该目录

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

随便打开一个文件看看,里面的XML文件全是用户的车险保单详细信息

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

下面详细看一个示意下:

保单号、车主姓名、保单期限

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

车牌号、车型信息

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

车主身份证号、电话、邮箱、详细地址..

安盛天平另一系统可Getshell导致涉及大量用户敏感信息(车主姓名/身份证号/电话/地址/车牌号/发动机号/品牌型号/保单号等)

其他我在列举几个:

车主:童文华

code 区域 
<?xml version="1.0" encoding="UTF-8"?>
 <TXTpaic>
   <TXTpaicRequest>
     <userId />
     <password />
     <rCode />
     <statusCode />
     <message />
   </TXTpaicRequest>
   <body>
     <tempBase>
       <cityCode>310100</cityCode>
       <planDefine>3</planDefine>
       <ecInsureId>10800513041001440988</ecInsureId>
       <departmentCode>5</departmentCode>
       <insuranceBeginTime>2013-04-30</insuranceBeginTime>
       <insuranceEndTime>2014-04-29</insuranceEndTime>
       <insuranceBeginTime_105>2013-04-30</insuranceBeginTime_105>
       <insuranceEndTime_105>2014-04-29</insuranceEndTime_105>
       <checkInsuranceTime>1</checkInsuranceTime>
       <currencyCode>01</currencyCode>
       <businessPremium>3833.61</businessPremium>
       <forcePremium>665</forcePremium>
       <premium>5218.61</premium>
       <registeredName>童文华</registeredName>
       <applyPolicyNo>1000108000079792484,1000105000079792485</applyPolicyNo>
       <policyNo />
       <applyPolicyStatus>5</applyPolicyStatus>
       <orderNo />
       <tpf>1</tpf>
       <lateFeeAmount>0</lateFeeAmount>
       <vehicleTaxAmount>720</vehicleTaxAmount>
       <vehicleTax>02</vehicleTax>
       <personCert>111111197101011111</personCert>
       <payNo>纳税</payNo>
       <certDepartmentCode />
       <certDepartmentName />
       <boroughAndCounty />
       <steerCardVehicleType>K04</steerCardVehicleType>
       <vehicleLossInsuredValue>232100</vehicleLossInsuredValue>
       <rbCode>FTABKD0025</rbCode>
       <vehicle>
         <licenceTypeCode>2</licenceTypeCode>
         <transferDate />
         <checkRuncardCertificateDate>0</checkRuncardCertificateDate>
         <autoModelCode>40288099111fb32601112a105c94037a</autoModelCode>
         <engineNo>C159818</engineNo>
         <firstRegisterDate>2007-04-12</firstRegisterDate>
         <newVehicleFlag>0</newVehicleFlag>
         <fuelType>0</fuelType>
         <remark>轿车,手自一体 2.5S 特别天窗版</remark>
         <vehicleFrameNo>LFMBE22D070072104</vehicleFrameNo>
         <vehicleLicenceCode>浙JFJ723</vehicleLicenceCode>
         <licenseNo1>浙J</licenseNo1>
         <licenseNo>FJ723</licenseNo>
         <power>1</power>
         <vehicleDBFlag>1</vehicleDBFlag>
         <brandChnName>天津一汽丰田</brandChnName>
         <exhaustCapability>2.497</exhaustCapability>
         <vehicleBrand>丰田TV7250S3SP轿车 -     手自一体 2.5S 特别天窗版(2006)</vehicleBrand>
         <vehicleInsuredValue>232100</vehicleInsuredValue>
         <vehicleLossInsuredValue>232100</vehicleLossInsuredValue>
         <vehicleSeats>5</vehicleSeats>
         <vehicleStyle>K33</vehicleStyle>
         <vehicleType>1</vehicleType>
         <weigth>1.54</weigth>
         <tonnages>0</tonnages>
         <companyName>天津一汽丰田</companyName>
         <gearBoxType>手自一体</gearBoxType>
         <autoModelChnName>丰田TV7250S3SP轿车</autoModelChnName>
       </vehicle>
       <insured>
         <personnelName>童文华</personnelName>
         <insuredEmail></insuredEmail>
         <insuredMobilePhone>13916031890</insuredMobilePhone>
         <certificateNo>332623196412011658</certificateNo>
         <payType>3</payType>
       </insured>
       <tempDistribution>
         <receiveName>童文华</receiveName>
         <invoice>童文华</invoice>
         <receiveMobile>13916031890</receiveMobile>
         <receivePhone />
         <receiveAddress>上海市嘉定区宝安公路4435号国际机电五金城方德路200弄 56号店面</receiveAddress>
         <receivePostcode>200000</receivePostcode>
         <provinceCode />
         <cityCode />
         <townCode />
         <provinceName />
         <cityName />
         <townName />
         <sendDate>Thu Apr 11 00:00:00 CST 2013</sendDate>
         <sendTime />
       </tempDistribution>
       <amountTHEFT />
       <allAmount>232100</allAmount>
       <insuredAmount105>122000</insuredAmount105>
       <coverageList>
         <coverage>
           <dutyCode>FEDPC</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>-79.56</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>GLASS</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>199.14</totalActualPremium>
           <seats>1</seats>
         </coverage>
         <coverage>
           <dutyCode>NDNE</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>-307.76</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>OD</dutyCode>
           <dutyName />
           <amout>232100</amout>
           <totalActualPremium>2865.05</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>TP</dutyCode>
           <dutyName />
           <amout>500000</amout>
           <totalActualPremium>1156.74</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>TPF</dutyCode>
           <dutyName />
           <amout>122000</amout>
           <totalActualPremium>665</totalActualPremium>
           <seats>0</seats>
         </coverage>
       </coverageList>
       <tempPring>
         <useType />
         <vehicleCode>FTABKD0025</vehicleCode>
         <usageAttributeCode>1</usageAttributeCode>
       </tempPring>
     </tempBase>
   </body>
 </TXTpaic>
 
 <code>
 
 车主:阮梦婕
 <code><?xml version="1.0" encoding="UTF-8"?>
 <TXTpaic>
   <TXTpaicRequest>
     <userId />
     <password />
     <rCode />
     <statusCode />
     <message />
   </TXTpaicRequest>
   <body>
     <tempBase>
       <cityCode>310100</cityCode>
       <planDefine>3</planDefine>
       <ecInsureId>10800513041001439895</ecInsureId>
       <departmentCode>5</departmentCode>
       <insuranceBeginTime>2013-05-07</insuranceBeginTime>
       <insuranceEndTime>2014-05-06</insuranceEndTime>
       <insuranceBeginTime_105>2013-05-07</insuranceBeginTime_105>
       <insuranceEndTime_105>2014-05-06</insuranceEndTime_105>
       <checkInsuranceTime>1</checkInsuranceTime>
       <currencyCode>01</currencyCode>
       <businessPremium>2715.16</businessPremium>
       <forcePremium>665</forcePremium>
       <premium>3830.16</premium>
       <registeredName>阮梦婕</registeredName>
       <applyPolicyNo>1000108000079789171,1000105000079789172</applyPolicyNo>
       <policyNo />
       <applyPolicyStatus>5</applyPolicyStatus>
       <orderNo />
       <tpf>1</tpf>
       <lateFeeAmount>0</lateFeeAmount>
       <vehicleTaxAmount>450</vehicleTaxAmount>
       <vehicleTax>02</vehicleTax>
       <personCert>111111197101011111</personCert>
       <payNo>纳税</payNo>
       <certDepartmentCode />
       <certDepartmentName />
       <boroughAndCounty />
       <steerCardVehicleType>K03</steerCardVehicleType>
       <vehicleLossInsuredValue>169200</vehicleLossInsuredValue>
       <rbCode>SKAAFD0005</rbCode>
       <vehicle>
         <licenceTypeCode>2</licenceTypeCode>
         <transferDate />
         <checkRuncardCertificateDate>0</checkRuncardCertificateDate>
         <autoModelCode>40288099111fb32601112bbd187f058f</autoModelCode>
         <engineNo>026643</engineNo>
         <firstRegisterDate>2009-05-07</firstRegisterDate>
         <newVehicleFlag>0</newVehicleFlag>
         <fuelType>0</fuelType>
         <remark>轿车,手自一体 逸仕版 增压 国Ⅲ不带OBD(原非国Ⅲ 200712)</remark>
         <vehicleFrameNo>LSVAG21Z772340928</vehicleFrameNo>
         <vehicleLicenceCode>沪H92237</vehicleLicenceCode>
         <licenseNo1>沪H</licenseNo1>
         <licenseNo>92237</licenseNo>
         <power>1</power>
         <vehicleDBFlag>1</vehicleDBFlag>
         <brandChnName>上海大众斯柯达</brandChnName>
         <exhaustCapability>1.798</exhaustCapability>
         <vehicleBrand>明锐SVW7186AJi轿车 -     手自一体 逸仕版 增压 国Ⅲ不带OBD(原非国Ⅲ 200712)(200706)</vehicleBrand>
         <vehicleInsuredValue>169200</vehicleInsuredValue>
         <vehicleLossInsuredValue>169200</vehicleLossInsuredValue>
         <vehicleSeats>5</vehicleSeats>
         <vehicleStyle>K33</vehicleStyle>
         <vehicleType>1</vehicleType>
         <weigth>1.42</weigth>
         <tonnages>0</tonnages>
         <companyName>上海大众斯柯达</companyName>
         <gearBoxType>手自一体</gearBoxType>
         <autoModelChnName>明锐SVW7186AJI轿车</autoModelChnName>
       </vehicle>
       <insured>
         <personnelName>阮梦婕</personnelName>
         <insuredEmail></insuredEmail>
         <insuredMobilePhone>13671540346</insuredMobilePhone>
         <certificateNo>310109198011031622</certificateNo>
         <payType>3</payType>
       </insured>
       <tempDistribution>
         <receiveName>阮梦婕</receiveName>
         <invoice>阮梦婕</invoice>
         <receiveMobile>13671540346</receiveMobile>
         <receivePhone />
         <receiveAddress>上海市徐汇区常熟路239号</receiveAddress>
         <receivePostcode>200000</receivePostcode>
         <provinceCode />
         <cityCode />
         <townCode />
         <provinceName />
         <cityName />
         <townName />
         <sendDate>Thu Apr 11 00:00:00 CST 2013</sendDate>
         <sendTime />
       </tempDistribution>
       <amountTHEFT />
       <allAmount>169200</allAmount>
       <insuredAmount105>122000</insuredAmount105>
       <coverageList>
         <coverage>
           <dutyCode>FEDPC</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>-71.4</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>NDNE</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>-201.35</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>OD</dutyCode>
           <dutyName />
           <amout>169200</amout>
           <totalActualPremium>1949.81</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>TP</dutyCode>
           <dutyName />
           <amout>500000</amout>
           <totalActualPremium>1038.1</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>TPF</dutyCode>
           <dutyName />
           <amout>122000</amout>
           <totalActualPremium>665</totalActualPremium>
           <seats>0</seats>
         </coverage>
       </coverageList>
       <tempPring>
         <useType />
         <vehicleCode>SKAAFD0005</vehicleCode>
         <usageAttributeCode>1</usageAttributeCode>
       </tempPring>
     </tempBase>
   </body>
 </TXTpaic>

车主:李国勇

code 区域 
<?xml version="1.0" encoding="UTF-8"?>
 <TXTpaic>
   <TXTpaicRequest>
     <userId />
     <password />
     <rCode />
     <statusCode />
     <message />
   </TXTpaicRequest>
   <body>
     <tempBase>
       <cityCode>330100</cityCode>
       <planDefine>3</planDefine>
       <ecInsureId>10801013041001439593</ecInsureId>
       <departmentCode>10</departmentCode>
       <insuranceBeginTime>2013-04-30</insuranceBeginTime>
       <insuranceEndTime>2014-04-29</insuranceEndTime>
       <insuranceBeginTime_105>2013-04-30</insuranceBeginTime_105>
       <insuranceEndTime_105>2014-04-29</insuranceEndTime_105>
       <checkInsuranceTime>1</checkInsuranceTime>
       <currencyCode>01</currencyCode>
       <businessPremium>3439.42</businessPremium>
       <forcePremium>1045</forcePremium>
       <premium>5144.42</premium>
       <registeredName>李国勇</registeredName>
       <applyPolicyNo>1000108000079787909,1000105000079787910</applyPolicyNo>
       <policyNo />
       <applyPolicyStatus>5</applyPolicyStatus>
       <orderNo />
       <tpf>1</tpf>
       <lateFeeAmount>0</lateFeeAmount>
       <vehicleTaxAmount>660</vehicleTaxAmount>
       <vehicleTax />
       <personCert>330106196409043813</personCert>
       <payNo />
       <certDepartmentCode />
       <certDepartmentName />
       <boroughAndCounty />
       <steerCardVehicleType>300</steerCardVehicleType>
       <vehicleLossInsuredValue>215800</vehicleLossInsuredValue>
       <rbCode>BTAALD0010</rbCode>
       <vehicle>
         <licenceTypeCode>2</licenceTypeCode>
         <transferDate />
         <checkRuncardCertificateDate>0</checkRuncardCertificateDate>
         <autoModelCode>I0000000000000000240000000000737</autoModelCode>
         <engineNo>K24A42501996</engineNo>
         <firstRegisterDate>2005-04-01</firstRegisterDate>
         <newVehicleFlag>0</newVehicleFlag>
         <fuelType>0</fuelType>
         <remark>类比价,轿车,自动档 标准型</remark>
         <vehicleFrameNo>LHGCM566452002006</vehicleFrameNo>
         <vehicleLicenceCode>浙A9Y869</vehicleLicenceCode>
         <licenseNo1>浙A</licenseNo1>
         <licenseNo>9Y869</licenseNo>
         <power>1</power>
         <vehicleDBFlag>1</vehicleDBFlag>
         <brandChnName>广汽本田</brandChnName>
         <exhaustCapability>2.354</exhaustCapability>
         <vehicleBrand>雅阁HG7240轿车 -     自动档 标准型(2005)</vehicleBrand>
         <vehicleInsuredValue>215800</vehicleInsuredValue>
         <vehicleLossInsuredValue>215800</vehicleLossInsuredValue>
         <vehicleSeats>5</vehicleSeats>
         <vehicleStyle>K33</vehicleStyle>
         <vehicleType>1</vehicleType>
         <weigth>1.465</weigth>
         <tonnages>0</tonnages>
         <companyName>广汽本田</companyName>
         <gearBoxType>自动档</gearBoxType>
         <autoModelChnName>雅阁HG7240</autoModelChnName>
       </vehicle>
       <insured>
         <personnelName>李国勇</personnelName>
         <insuredEmail></insuredEmail>
         <insuredMobilePhone>18058816175</insuredMobilePhone>
         <certificateNo>330106196409043813</certificateNo>
         <payType>1</payType>
       </insured>
       <tempDistribution>
         <receiveName>李国勇</receiveName>
         <invoice>李国勇</invoice>
         <receiveMobile>18058816175</receiveMobile>
         <receivePhone />
         <receiveAddress>杭州市嘉泰馨庭2-2-1302</receiveAddress>
         <receivePostcode>310000</receivePostcode>
         <provinceCode />
         <cityCode />
         <townCode />
         <provinceName />
         <cityName />
         <townName />
         <sendDate>Sat Apr 13 00:00:00 CST 2013</sendDate>
         <sendTime>1</sendTime>
       </tempDistribution>
       <amountTHEFT />
       <allAmount>215800</allAmount>
       <insuredAmount105>122000</insuredAmount105>
       <coverageList>
         <coverage>
           <dutyCode>DL</dutyCode>
           <dutyName />
           <amout>10000</amout>
           <totalActualPremium>19.71</totalActualPremium>
           <seats>1</seats>
         </coverage>
         <coverage>
           <dutyCode>NDNE</dutyCode>
           <dutyName />
           <amout>0</amout>
           <totalActualPremium>-267.81</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>OD</dutyCode>
           <dutyName />
           <amout>215800</amout>
           <totalActualPremium>2444.33</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>PL</dutyCode>
           <dutyName />
           <amout>10000</amout>
           <totalActualPremium>78.84</totalActualPremium>
           <seats>4</seats>
         </coverage>
         <coverage>
           <dutyCode>TP</dutyCode>
           <dutyName />
           <amout>500000</amout>
           <totalActualPremium>1164.35</totalActualPremium>
           <seats>0</seats>
         </coverage>
         <coverage>
           <dutyCode>TPF</dutyCode>
           <dutyName />
           <amout>122000</amout>
           <totalActualPremium>1045</totalActualPremium>
           <seats>0</seats>
         </coverage>
       </coverageList>
       <tempPring>
         <useType />
         <vehicleCode>BTAALD0010</vehicleCode>
         <usageAttributeCode>1</usageAttributeCode>
       </tempPring>
     </tempBase>
   </body>
 </TXTpaic>

差不多了,其他就不看了!

修复方案:

给个20rank,谢谢!

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-03-26 08:00

厂商回复:

漏洞Rank:15 (WooYun评价)

最新状态:

2016-03-28:漏洞已确认

漏洞评价:

对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值

漏洞评价(共0人评价):

登陆后才能进行评分

评价

  1. 2016-03-21 20:04 | 暴走 ( 普通白帽子 | Rank:615 漏洞数:107 | 专心补刀。)

    1

    @安盛天平,就不能给洞主个高分,让他高兴!

  2. 2016-05-08 12:28 | shewey ( 实习白帽子 | Rank:52 漏洞数:16 | 菜鸟也要飞)

    0

    @安盛天平 泄漏这么多用户信息,就这态度。

免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin