>新浪微博某站点git泄漏源代码（可登录影响部分业务账号） | 安全盒子

简要描述：

新浪微博某站点git泄漏源代码，可获取数据库邮箱等配置

详细说明：

Git泄漏：

code 区域

 <span class=”pln”>http</span><span class=”pun”>:</span><span class=”com”>//wyxgw.game.weibo.com/.git/</span>

1	<span class=“pln”>http</span><span class=“pun”>:</span><span class=“com”>//wyxgw.game.weibo.com/.git/</span>

测试脚本：

code 区域

 <span class=”pln”>https</span><span class=”pun”>:</span><span class=”com”>//github.com/lijiejie/GitHack</span>

1	<span class=“pln”>https</span><span class=“pun”>:</span><span class=“com”>//github.com/lijiejie/GitHack</span>

漏洞证明：

code 区域

 <span class=”str”>’mysqlDb'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span>  <span class=”pun”>(</span>   <span class=”com”>//线上</span>   <span class=”str”>’site'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span><span class=”pun”>(</span> <span class=”str”>’host'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’10.205.22.181′</span> <span class=”pun”>,</span> <span class=”str”>’port'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>3306</span> <span class=”pun”>,</span> <span class=”str”>’user'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’weiyouxi'</span> <span class=”pun”>,</span> <span class=”str”>’passwd'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’NB4pdzz6d2Q5CMmF'</span> <span class=”pun”>,</span> <span class=”str”>’name'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’wyxwg'</span> <span class=”pun”>)</span> <span class=”pun”>,</span>   <span class=”com”>//’site’ =&gt; array( ‘host’ =&gt; ‘w.rdc.sae.sina.com.cn’ , ‘port’ =&gt; 3307 , ‘user’ =&gt; ‘1wnxko5m11’ , ‘passwd’ =&gt; ‘4mihzx5y4103ii5w1xi2xl12444j0i21i51xkyxx’ , ‘name’ =&gt; ‘app_wyxwg’ ) ,</span>   <span class=”com”>//测试</span>   <span class=”str”>’site_dev'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span><span class=”pun”>(</span> <span class=”str”>’host'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’w.rdc.sae.sina.com.cn'</span> <span class=”pun”>,</span> <span class=”str”>’port'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>3307</span> <span class=”pun”>,</span> <span class=”str”>’user'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’4k41250z2k'</span> <span class=”pun”>,</span> <span class=”str”>’passwd'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’kj1k2ixkkj3hzw32h0mmkmmhljwm51i4m545k20z'</span> <span class=”pun”>,</span> <span class=”str”>’name'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’app_wyxdevelopers'</span> <span class=”pun”>)</span> <span class=”pun”>,</span>   <span class=”str”>’pay'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span><span class=”pun”>(</span> <span class=”str”>’host'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’10.73.89.127′</span> <span class=”pun”>,</span> <span class=”str”>’port'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>3306</span> <span class=”pun”>,</span> <span class=”str”>’user'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’zz'</span> <span class=”pun”>,</span> <span class=”str”>’passwd'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’wyxzzpay'</span> <span class=”pun”>,</span> <span class=”str”>’name'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’app_pay'</span> <span class=”pun”>)</span> <span class=”pun”>,</span>  <span class=”pun”>)</span> <span class=”pun”>,</span>

‘mysqlDb’ => array

(

//线上

‘site’ => array( ‘host’ => ‘10.205.22.181’ , ‘port’ => 3306 , ‘user’ => ‘weiyouxi’ , ‘passwd’ => ‘NB4pdzz6d2Q5CMmF’ , ‘name’ => ‘wyxwg’ ) ,

//’site’ => array( ‘host’ => ‘w.rdc.sae.sina.com.cn’ , ‘port’ => 3307 , ‘user’ => ‘1wnxko5m11’ , ‘passwd’ => ‘4mihzx5y4103ii5w1xi2xl12444j0i21i51xkyxx’ , ‘name’ => ‘app_wyxwg’ ) ,

//测试

‘site_dev’ => array( ‘host’ => ‘w.rdc.sae.sina.com.cn’ , ‘port’ => 3307 , ‘user’ => ‘4k41250z2k’ , ‘passwd’ => ‘kj1k2ixkkj3hzw32h0mmkmmhljwm51i4m545k20z’ , ‘name’ => ‘app_wyxdevelopers’ ) ,

‘pay’ => array( ‘host’ => ‘10.73.89.127’ , ‘port’ => 3306 , ‘user’ => ‘zz’ , ‘passwd’ => ‘wyxzzpay’ , ‘name’ => ‘app_pay’ ) ,

) ,

sae的数据库，我没有帐号。其他接口信息很多。

code 区域

 <span class=”com”>//发送Email的邮箱</span>  <span class=”str”>’mailConfig'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span>  <span class=”pun”>(</span>   <span class=”str”>’app'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array </span><span class=”com”>//后台应用审核通知</span>   <span class=”pun”>(</span>    <span class=”str”>’host'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’smtp.sina.com'</span> <span class=”pun”>,</span>    <span class=”str”>’port'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>25</span> <span class=”pun”>,</span>    <span class=”str”>’encryption'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>8</span> <span class=”pun”>,</span> <span class=”com”>//smtp加密方式（2 =&gt; TLS; 4 =&gt; SSL; 8 =&gt; OFF）</span>    <span class=”str”>’username'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’weiyouxi_app'</span> <span class=”pun”>,</span> <span class=”com”>//smtp账户名</span>    <span class=”str”>’password'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’fiveminutes'</span> <span class=”pun”>,</span> <span class=”com”>//smtp密码</span>    <span class=”str”>’emailAddress'</span> <span class=”pun”>=&gt;</span> <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”0c7b69657563797465536d7c7c4c7f65626d226f6361″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”com”>//smtp邮箱地址</span>   <span class=”pun”>)</span> <span class=”pun”>,</span>  <span class=”pun”>)</span> <span class=”pun”>,</span>

//发送Email的邮箱

‘mailConfig’ => array

(

‘app’ => array //后台应用审核通知

(

‘host’ => ‘smtp.sina.com’ ,

‘port’ => 25 ,

‘encryption’ => 8 , //smtp加密方式（2 => TLS; 4 => SSL; 8 => OFF）

‘username’ => ‘weiyouxi_app’ , //smtp账户名

‘password’ => ‘fiveminutes’ , //smtp密码

’emailAddress’ => ‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”0c7b69657563797465536d7c7c4c7f65626d226f6361″>[email protected]</a>’ //smtp邮箱地址

) ,

code 区域

 <span class=”com”>//SAE配置</span>  <span class=”str”>’sae'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span>  <span class=”pun”>(</span>   <span class=”str”>’accessKey'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’0yxmzkkzn5′</span> <span class=”pun”>,</span>   <span class=”str”>’secretKey'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’yxkh3zyhwkxyi320wwhx0hxji4km0yyhymzzz3h4′</span> <span class=”pun”>,</span>   <span class=”str”>’storage'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’img'</span> <span class=”pun”>,</span>   <span class=”str”>’resize'</span> <span class=”pun”>=&gt;</span> <span class=”kwd”>true</span> <span class=”pun”>,</span> <span class=”com”>//图片是否根据长宽缩放</span>  <span class=”pun”>)</span> <span class=”pun”>,</span>

//SAE配置

‘sae’ => array

(

‘accessKey’ => ‘0yxmzkkzn5’ ,

‘secretKey’ => ‘yxkh3zyhwkxyi320wwhx0hxji4km0yyhymzzz3h4’ ,

‘storage’ => ‘img’ ,

‘resize’ => true , //图片是否根据长宽缩放

) ,

code 区域

 <span class=”str”>’mail'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span>    <span class=”pun”>(</span>     <span class=”str”>’server'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’smtp.qiye.163.com'</span> <span class=”pun”>,</span>     <span class=”str”>’port'</span> <span class=”pun”>=&gt;</span> <span class=”lit”>25</span> <span class=”pun”>,</span>     <span class=”str”>’user'</span> <span class=”pun”>=&gt;</span> <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”2d43425f485d41546d5a48445442585544034e4240″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”pun”>,</span>     <span class=”str”>’password'</span> <span class=”pun”>=&gt;</span> <span class=”str”>’weiyouxi@qa'</span> <span class=”pun”>,</span>     <span class=”str”>’from'</span> <span class=”pun”>=&gt;</span> <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”0f61607d6a7f63764f786a6676607a7766216c6062″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”pun”>,</span>     <span class=”str”>’to'</span> <span class=”pun”>=&gt;</span><span class=”pln”> array</span>     <span class=”pun”>(</span>      <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”3b5a555f52555c154f54555c7b4c5e5242544e435215585456″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”pun”>,</span>      <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”48242129262f66203d083f2d2131273d3021662b2725″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”pun”>,</span>      <span class=”com”>//                    ‘</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”4a20232b3323642d3f250a3d2f2333253f322364292527″><span class=”com”>[email protected]</span></a><span class=”com”>’ ,</span>      <span class=”com”>//                    ‘</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”1a716f74346b73745a6d7f7363756f627334797577″><span class=”com”>[email protected]</span></a><span class=”com”>’ ,</span>      <span class=”str”>'</span><a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”7a031b15120f1b540d0f3a0d1f1303150f021354191517″><span class=”str”>[email protected]</span></a><span class=”str”>'</span> <span class=”pun”>,</span>     <span class=”pun”>)</span> <span class=”pun”>,</span>

‘mail’ => array

(

‘server’ => ‘smtp.qiye.163.com’ ,

‘port’ => 25 ,

‘user’ => ‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”2d43425f485d41546d5a48445442585544034e4240″>[email protected]</a>’ ,

‘password’ => ‘weiyouxi@qa’ ,

‘from’ => ‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”0f61607d6a7f63764f786a6676607a7766216c6062″>[email protected]</a>’ ,

‘to’ => array

(

‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”3b5a555f52555c154f54555c7b4c5e5242544e435215585456″>[email protected]</a>’ ,

‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”48242129262f66203d083f2d2131273d3021662b2725″>[email protected]</a>’ ,

// ‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”4a20232b3323642d3f250a3d2f2333253f322364292527″>[email protected]</a>’ ,

// ‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”1a716f74346b73745a6d7f7363756f627334797577″>[email protected]</a>’ ,

‘<a href=”http://www.wooyun.org/cdn-cgi/l/email-protection” target=”_blank” data-cfemail=”7a031b15120f1b540d0f3a0d1f1303150f021354191517″>[email protected]</a>’ ,

) ,

修复方案：

删除.git文件夹

xxx

xxx站点

>新浪微博某站点git泄漏源代码（可登录影响部分业务账号） | 安全盒子

详细说明：

漏洞证明：

修复方案：