Improper configuration of a certain area of huiping network leads to leakage of all hotel account and password (involving nearly hotels in China)

Improper configuration of a certain area of huiping network leads to leakage of all hotel account and password (involving nearly hotels in China)

This directly results in the disclosure of all the hotel account and password, involving the disclosure of data of nearly hotels nationwide.
 

Vulnerability vendor: Wisdom of numerous hotels
 

http://www.brandwisdom.cn

Shanghai yishang Network Technology Co., Ltd. All Rights Reserved



Attackers can exploit this vulnerability to obtain a password of over for all Hotel accounts.



Manages nearly hotels nationwide



Controllable content includes hotel reputation management, operation quality control, income management, hotel business cards, and management of all hotels under the Group


 

 

The vulnerability is caused by unauthorized access to a mongodb instance, which results in leakage of configuration information such as mysql database and mailbox.


 

42.62.79.115 27017/* 0 */{"_ id": ObjectId ("55b58cc2a23488109c0e8445"), "name": "analyzer_url", "account": {"socketTimeout ": "300000", "connectTimeout": "300000", "reviewKey": "Review", "url ":" http://10.6.26.83:8088/analysis/aspect "}," Description ":" Analysis Service url "}/* 1 */{" _ id ": ObjectId (" 55b58ceda2348812406ba075 ")," name ":" bw_analysis_test ", "account": {"userName": "bw_ana *** is_test", "accessToken": "6bdb48 ￥￥ 41641681b76f1533265248", "socketTimeout": "300000 ", "connectTimeout": "300000", "APIUrl ":" https://10.6.12.152/apis/h_reviews_infos/analysis "}," Description ":" API submission statistics account "}/* 2 */{" _ id ": ObjectId (" 55b58d1 *** 4880f28a3fa77 ")," name ": "email_warning", "account": {"emailTitle": "storm analytics warning email", "email protected": "[email protected]", "socketTimeout": "300000", "connectTimeout": "300000", "APIUrl ":" http://42 . * ***/WarningEmail/"}," description ":" alert email account "}/* 3 */{" _ id ": ObjectId (" 55b6e12aa2348814fc0a4cd2 "), "name": "mysql_config", "account": {"driverName": "com. mysql. jdbc. driver "," userName ":" bwprogram "," accessToken ":" mys ***** r "," maxActive ":" 40 "," maxIdle ":" 5 ", "url": "jdbc: mysql: // 42.62.79.115: 4040/bw_hotel? UseUnicode = true & characterEncoding = UTF-8 "}," description ":" mysql configuration account "}

Mysql database allows external connections to directly cause data leakage of multiple databases


 

Obtain database configuration information


 

3 W + account password


 

Nearly hotels


 

Log onto the test room of an orange Hotel.


 

Management and data analysis of all hotels in the group


 

 

This basically covers most hotels...










 

Solution:

Mongodb Access Control

Mysql password modification, external connection prohibited