Loose Account Control of an important system in Ganji results in leakage of a large amount of internal information (affecting multiple internal sites) and Solutions

Loose Account Control of an important system in Ganji results in leakage of a large amount of internal information (affecting multiple internal sites) and Solutions

There is a donkey,
But never ride.
House searching
Job Search
Find Decoration
Look for a nanny
Pets.
Buy and sell second-hand goods. Go to the market!

However, after testing, it is found that the vulnerability fix does not play a role. Several users and passwords submitted in the vulnerability have been changed. Finally, the manufacturer's reply is to check the default password, in fact, this is a solution for temporary and non-temporary logon. Because the vulnerability in the logon is not a default password, the verification code is not set at the logon, and there is no limit on the number of logins, after packet capture, the data is also transmitted in plaintext-this is where the vulnerability is located (no verification/unlimited/plaintext transmission is shown in the packet capture figure below ...) such an environment directly causes cracking ....

In fact, after a user name is cracked, all the enterprise mail addresses can be exported (for work convenience, there are enterprise mail address book). Originally, I wanted to export all the mail addresses to the new one .. later I found that I was wrong .. because too many email addresses are arranged from the A-Z. he pressed the next page all the time and pressed his hand... it's not finished yet... (This is to fix vulnerabilities, so there is no need to prove it to the Administrator)

1. Check that the default password (ganji @ xxxx) is not equivalent to a weak password similar to 123456.

2. Although the above vulnerability was not explained, it was actually cracked. Each white hat had a different user dictionary, so there was no end to cracking.

Second, a user name can basically log on to all the platforms and internal systems (a large amount of internal information is leaked). This can also be used to fl the Rank value ..

... You can refer to the vulnerability above... and I'll just take a few screenshots to prove it.

Xuweihong ganji @ 2015

The figure is a bit messy ..
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

In fact, you can log on to many sites... I have not posted all of them here... the administrator should know ..

Solution:

1: strengthen the security mechanism at the logon site (set the maximum number of wrong passwords/set the verification code/data transmission should be encrypted)

2: Check the default password (ganji @ xxxx) and weak password.

3: Separate the user database (so that one user name can log on to multiple sites and Systems)

4: Because the email system address is already public, we recommend that you change the IP address or port.