Sogou website divulges information

Vulnerability Details

Disclosure status ：

2010-08-02： The details have been notified to the manufacturer and are waiting for the manufacturer to process
2010-08-02： The manufacturer has confirmed , The details are only disclosed to the manufacturer
2010-08-12： The details are disclosed to the core white hat and experts in related fields
2010-08-22： The details are open to ordinary white hats
2010-09-01： The details are disclosed to the white hat
2010-09-06： The details are made public

A brief description ：

Sogou leaked information

Detailed instructions ：

The login page
http://fenlei.sogou.com/newhot/admin/login.jsp
in addition , Of such machines java The process seems to be dead , Keep the source code directly
http://fenlei.sogou.com/admin/

Vulnerability to prove ：

Intercept part of the source code
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%> <% response.setHeader("Pragma","No-cache"); response.setHeader("Cache-Control","no-cache"); response.setDateHeader("Expires", 0); %> <%@ page import="com.sogou.nav.hot.bean.SetUvItem"%> <%@ page import="com.sogou.nav.hot.dao.SetUvDAO"%> <%@ page import="com.sogou.nav.hot.HotConfig"%> <%@ page import="java.util.List"%> <%@ page import="com.sogou.nav.hot.util.HttpUtil" %> <%response.setCharacterEncoding("utf-8"); %> <% String myconfig = this.getInitParameter("propertyFile"); HotConfig.init(myconfig); SetUvDAO dao = new SetUvDAO(); String action = HttpUtil.getParam("action",request,null); if(action != null && "del".equals(action)){ String webid = HttpUtil.getParam("id",request,null); if(webid != null){ try{ int websiteid = Integer.parseInt(webid); dao.deleteUv(websiteid); }catch(Exception e){ e.printStackTrace(); } } } List items = dao.getAllSetUvItems(); %>

Repair plan ：

Close the management portal to the external network , Check java Whether the operation is normal .

Copyright notice ： Please quote source for reprint  cnyouker@ Dark clouds