映客某处信息泄露多个数据库服务器沦陷
漏洞标题 映客某处信息泄露多个数据库服务器沦陷 相关厂商 ingkee.com 漏洞作者 ago 提交时间 2016-06-24 06:30 公开时间 2016-06-29 09:50 漏洞类型 重要…
漏洞标题
盈科在某处泄露了来自多个数据库服务器的信息
相关制造商
Ingkee.com
漏洞作者
之前
提交时间
2016-06-24 06: 30
公共时间
2016-06-29 09: 50
漏洞类型
重要的敏感信息泄露
危险等级
高
自我评估等级
20
漏洞状态
该漏洞已通知供应商,但供应商忽略了该漏洞
标签标签
内部敏感信息泄漏
漏洞详细信息
https://github.com/jiagh/inkestreaming/blob/f47045ce6214d5adb963f380e9f55fb37be9f6c7/inke-streaming/.idea/%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%BF%A1%E6%81%AF 。文本
简单证明
漏洞证明:
跳到内容
这个存储库
搜索
拉请求
问题
要旨
@海神
观看1
明星0
叉0 jiagh/inkestreaming
代码问题0拉取请求0 Wiki Pulse Graphs
树: f47045ce62查找文件复制pathinkestreaming/inke-streaming/.idea/Server Information.txt
F47045c 3天前
@jiagh jiagh流媒体
1个贡献者
RawBlameHistory 273行(177 sloc)5.58 KB
Hadoop集群列表:
42.62.88.99 hadoop01
42.62.88.100 hadoop02
42.62.88.101 hadoop03
42.62.88.102 hadoop04
42.62.88.103 hadoop05
42.62.88.104 hadoop06
42.62.88.105 hadoop07
42.62.88.106 hadoop08
42.62.88.107 hadoop09
42.62.88.108 hadoop10
42.62.88.109 hadoop11
42.62.88.110 hadoop12
42.62.88.114 hadoop13
42.62.88.115 hadoop14
42.62.88.116 hadoop15
42.62.88.117 hadoop16
卡夫卡
42.62.88.118 hadoop17
42.62.88.119 hadoop18
42.62.88.120 hadoop19
42.62.88.121 hadoop20
根/
zumdkz2xm0Zb ^镨
Cloudera经理
http://42.62.88.106: 7180/cmf/home
[电子邮件 保护]/*
机房网络流量监控
Alarm.lenet.com.cn
[电子邮件 保护]/*
Smartbi_MYSQL_BI
42.62.88.121 hadoop20db_name: smartbi
用户名/密码: smartbi/smartbi
SmartBI
http://hadoop02: 8080/xquery/vision/index.jspadmin/manager
管理
http://hadoop02: 8080/xquery/vision/config.jsp [email protected]/*
Cronhub
http://hadoop01: 8080 /
阿里云测试服务器
117.121.50.244 2222 bo.chen/bo.chen!@#
-------------------------------------------------- ------------------------------
BI业务MYSQL
1.数据库地址:rm-2zey3j5d26s8i68x8o.mysql.rds.aliyuncs.com帐号:hadoop密码:7rLfptWs0
2.hadoop 6uXWyqisg5 101.201.80.222: 3307
3. 123.56.246.98 hadoop,hadoop_2016
-------------------------------------------------- ------------------------------
已将Log_base历史数据库20150420-20160505导入Hiveinke.log_base
Mysql -h123.56.84.161 -uhadoop -p7rLfptWs0 -Dlive_log
Mysql -h123.56.179.222 -uhadoop -pgGfXhsx71 -Dlive_log
Mysql -uying.wang -pying.wang123 -h101.201.36.27 -Dlive_log
-------------------------------------------------- ------------------------------
Inke_tv
Web访问日志:
Ali_bj_web31101.201.106.6910.25.94.141
Ali_bj_web30101.201.106.7210.25.94.145
Ali_bj_web29101.201.105.6110.25.94.176
Ali_bj_web28101.201.105.11210.25.94.166
Ali_bj_web27101.201.106.7610.25.94.151
Ali_bj_web26101.201.105.17210.25.94.159
Ali_bj_web13101.201.37.21010.24.192.39
Ali_bj_web12101.201.40.30 10.24.192.58
Ali_bj_web11101.201.37.10310.24.189.74
Ali_bj_web10101.201.37.94 10.24.189.63
Ali_bj_web04101.201.212.7110.46.176.44
Ali_bj_web03101.201.212.9 10.46.176.1
Ali_bj_web02101.201.212.4 10.46.176.28
Ali_bj_web01101.201.212.6710.46.176.37
Web服务帐户已打开hadoop:hadoop#123
/a8root /日志/nginx的
-------------------------------------------------- ------------------------------
Maidian_recv/maidian_common_log
埋藏日志服务器列表
10.24.195.93 common_log
10.24.195.117 common_log
10.24.200.69 common_log
10.24.201.36 common_log
10.24.201.41 common_log
10.46.177.126
10.46.161.96
10.47.210.207 common_log
10.47.208.106 common_log
10.44.19.97
10.172.219.33
Hadoop: 14UlnZ +做
视频埋藏日志数据源为2
/a8root/logs/live_common_log/common_log/live_common_log_business-20160510.log /a8root/logs/crash_recv/recv_business-20160510.log
/a8root /日志/live_common_log/common_log
/a8root/logs/crash_recv这两个路径
-------------------------------------------------- ------------------------------
用户帐号
101.201.36.250
101.201.37.27
101.201.37.4
Bo.chen bo.chen123
用户需要转到/a8root/logs/live_user_account/common_log目录以查看业务日志。业务日志命名格式:例如,2016年5月4日15点,名为: business-2016050415.log
-------------------------------------------------- ------------------------------
SERVICE_INFO
101.201.36.253
101.201.36.216
101.201.36.159
101.201.48.37
101.201.48.6
101.201.37.8
帐号:hadoop密码:npfqO28: vU
access.log的-20160502.gz
/a8root/logs/live_serviceinfo/access.log-20160502.gz
-------------------------------------------------- ------------------------------
Log_base /礼物
增量数据同步计划如下:
Ps:live_back服务器列表:
101.200.12.116
101.200.2.210
123.56.229.161
123.56.180.204
123.56.181.129
123.56.181.188
123.56.182.141
123.56.183.33
123.56.183.11
123.56.188.175没有礼物
Hadoop hadoop123
Ssh -p 2222 [电子邮件 保护]/*
事件402日志路径是 - > /a8root/logs/live_gift_backend/gift_business-20160510.log
其他事件是: /a8root/logs/live_backend/back_business-20160510.log
-------------------------------------------------- ------------------------------
API
Api.busi.inke.tv服务器列表
Ali_bj_web21101.201.40.14010.24.192.83
Ali_bj_web20101.201.48.21510.24.201.109
Ali_bj_web19101.201.40.11110.24.192.141
Ali_bj_web18101.201.40.15210.24.192.149
Hadoop hadoop#123
/a8root/logs/nginx/api.busi.log
-------------------------------------------------- ------------------------------
工资
旧的三台机器(以后都会被淘汰,对这台机器的请求数量很少):
1,10.46.176.234
2,10.45.37.20
3. 10.45.37.17
新三款付款机:
1,101.201.44.8
2,101.201.49.122
3,10.24.196.25
二,日志路径:/a8root/logs/live_user_payment/payment_business-xxxxxxxx.log,除以日,例如文件/a8root/logs/live_user_payment/payment_business-20160519.log
Hadoop的#123
-------------------------------------------------- ------------------------------
User_phone_login
10.45.37.28
10.46.176.247
10.45.37.5
/a8root /日志/user_phone_login/common_log /
日志名称如下:user_phone_login_business-2016051901.log
Hadoop hadoop#123
-------------------------------------------------- ------------------------------
手机登录服务器ip:
101.201.28.63
123.56.189.219
123.56.190.45
日志所在的目录/a8root/logs/user_phone_login/common_log /
日志名称如下:user_phone_login_business-2016051901.log
10.46.176.234
10.45.37.20
10.45.37.17
10.24.196.25
10.24.201.250
10.24.196.59
10.45.37.28
10.46.176.247
10.45.37.5
Hadoop hadoop#123
弹性集群地址信息如下,您可以导入数据进行测试:
10.10.1.31: 9300
10.10.1.31: 9301
10.10.1.31: 9302
10.10.1.30: 9304
10.10.1.30: 9305
修理计划:
删除邮件
版权声明:请注明出处前@乌云
简单证明
漏洞证明:
跳到内容
这个存储库
搜索
拉请求
问题
要旨
@海神
观看1
明星0
叉0 jiagh/inkestreaming
代码问题0拉取请求0 Wiki Pulse Graphs
树: f47045ce62查找文件复制pathinkestreaming/inke-streaming/.idea/Server Information.txt
F47045c 3天前
@jiagh jiagh流媒体
1个贡献者
RawBlameHistory 273行(177 sloc)5.58 KB
Hadoop集群列表:
42.62.88.99 hadoop01
42.62.88.100 hadoop02
42.62.88.101 hadoop03
42.62.88.102 hadoop04
42.62.88.103 hadoop05
42.62.88.104 hadoop06
42.62.88.105 hadoop07
42.62.88.106 hadoop08
42.62.88.107 hadoop09
42.62.88.108 hadoop10
42.62.88.109 hadoop11
42.62.88.110 hadoop12
42.62.88.114 hadoop13
42.62.88.115 hadoop14
42.62.88.116 hadoop15
42.62.88.117 hadoop16
卡夫卡
42.62.88.118 hadoop17
42.62.88.119 hadoop18
42.62.88.120 hadoop19
42.62.88.121 hadoop20
根/
zumdkz2xm0Zb ^镨
Cloudera经理
http://42.62.88.106: 7180/cmf/home
[电子邮件 保护]/*
机房网络流量监控
Alarm.lenet.com.cn
[电子邮件 保护]/*
Smartbi_MYSQL_BI
42.62.88.121 hadoop20db_name: smartbi
用户名/密码: smartbi/smartbi
SmartBI
http://hadoop02: 8080/xquery/vision/index.jspadmin/manager
管理
http://hadoop02: 8080/xquery/vision/config.jsp [email protected]/*
Cronhub
http://hadoop01: 8080 /
阿里云测试服务器
117.121.50.244 2222 bo.chen/bo.chen!@#
-------------------------------------------------- ------------------------------
BI业务MYSQL
1.数据库地址:rm-2zey3j5d26s8i68x8o.mysql.rds.aliyuncs.com帐号:hadoop密码:7rLfptWs0
2.hadoop 6uXWyqisg5 101.201.80.222: 3307
3. 123.56.246.98 hadoop,hadoop_2016
-------------------------------------------------- ------------------------------
已将Log_base历史数据库20150420-20160505导入Hiveinke.log_base
Mysql -h123.56.84.161 -uhadoop -p7rLfptWs0 -Dlive_log
Mysql -h123.56.179.222 -uhadoop -pgGfXhsx71 -Dlive_log
Mysql -uying.wang -pying.wang123 -h101.201.36.27 -Dlive_log
-------------------------------------------------- ------------------------------
Inke_tv
Web访问日志:
Ali_bj_web31101.201.106.6910.25.94.141
Ali_bj_web30101.201.106.7210.25.94.145
Ali_bj_web29101.201.105.6110.25.94.176
Ali_bj_web28101.201.105.11210.25.94.166
Ali_bj_web27101.201.106.7610.25.94.151
Ali_bj_web26101.201.105.17210.25.94.159
Ali_bj_web13101.201.37.21010.24.192.39
Ali_bj_web12101.201.40.30 10.24.192.58
Ali_bj_web11101.201.37.10310.24.189.74
Ali_bj_web10101.201.37.94 10.24.189.63
Ali_bj_web04101.201.212.7110.46.176.44
Ali_bj_web03101.201.212.9 10.46.176.1
Ali_bj_web02101.201.212.4 10.46.176.28
Ali_bj_web01101.201.212.6710.46.176.37
Web服务帐户已打开hadoop:hadoop#123
/a8root /日志/nginx的
-------------------------------------------------- ------------------------------
Maidian_recv/maidian_common_log
埋藏日志服务器列表
10.24.195.93 common_log
10.24.195.117 common_log
10.24.200.69 common_log
10.24.201.36 common_log
10.24.201.41 common_log
10.46.177.126
10.46.161.96
10.47.210.207 common_log
10.47.208.106 common_log
10.44.19.97
10.172.219.33
Hadoop: 14UlnZ +做
视频埋藏日志数据源为2
/a8root/logs/live_common_log/common_log/live_common_log_business-20160510.log /a8root/logs/crash_recv/recv_business-20160510.log
/a8root /日志/live_common_log/common_log
/a8root/logs/crash_recv这两个路径
-------------------------------------------------- ------------------------------
用户帐号
101.201.36.250
101.201.37.27
101.201.37.4
Bo.chen bo.chen123
用户需要转到/a8root/logs/live_user_account/common_log目录以查看业务日志。业务日志命名格式:例如,2016年5月4日15点,名为: business-2016050415.log
-------------------------------------------------- ------------------------------
SERVICE_INFO
101.201.36.253
101.201.36.216
101.201.36.159
101.201.48.37
101.201.48.6
101.201.37.8
帐号:hadoop密码:npfqO28: vU
access.log的-20160502.gz
/a8root/logs/live_serviceinfo/access.log-20160502.gz
-------------------------------------------------- ------------------------------
Log_base /礼物
增量数据同步计划如下:
Ps:live_back服务器列表:
101.200.12.116
101.200.2.210
123.56.229.161
123.56.180.204
123.56.181.129
123.56.181.188
123.56.182.141
123.56.183.33
123.56.183.11
123.56.188.175没有礼物
Hadoop hadoop123
Ssh -p 2222 [电子邮件 保护]/*
事件402日志路径是 - > /a8root/logs/live_gift_backend/gift_business-20160510.log
其他事件是: /a8root/logs/live_backend/back_business-20160510.log
-------------------------------------------------- ------------------------------
API
Api.busi.inke.tv服务器列表
Ali_bj_web21101.201.40.14010.24.192.83
Ali_bj_web20101.201.48.21510.24.201.109
Ali_bj_web19101.201.40.11110.24.192.141
Ali_bj_web18101.201.40.15210.24.192.149
Hadoop hadoop#123
/a8root/logs/nginx/api.busi.log
-------------------------------------------------- ------------------------------
工资
旧的三台机器(以后都会被淘汰,对这台机器的请求数量很少):
1,10.46.176.234
2,10.45.37.20
3. 10.45.37.17
新三款付款机:
1,101.201.44.8
2,101.201.49.122
3,10.24.196.25
二,日志路径:/a8root/logs/live_user_payment/payment_business-xxxxxxxx.log,除以日,例如文件/a8root/logs/live_user_payment/payment_business-20160519.log
Hadoop的#123
-------------------------------------------------- ------------------------------
User_phone_login
10.45.37.28
10.46.176.247
10.45.37.5
/a8root /日志/user_phone_login/common_log /
日志名称如下:user_phone_login_business-2016051901.log
Hadoop hadoop#123
-------------------------------------------------- ------------------------------
手机登录服务器ip:
101.201.28.63
123.56.189.219
123.56.190.45
日志所在的目录/a8root/logs/user_phone_login/common_log /
日志名称如下:user_phone_login_business-2016051901.log
10.46.176.234
10.45.37.20
10.45.37.17
10.24.196.25
10.24.201.250
10.24.196.59
10.45.37.28
10.46.176.247
10.45.37.5
Hadoop hadoop#123
弹性集群地址信息如下,您可以导入数据进行测试:
10.10.1.31: 9300
10.10.1.31: 9301
10.10.1.31: 9302
10.10.1.30: 9304
10.10.1.30: 9305
修理计划:
删除邮件
版权声明:请注明出处前@乌云
- 发表于 2016-07-17 08:00
- 阅读 ( 709 )
- 分类:黑客技术
