ShopEx某服务器存在心脏出血

2015-06-08T00:00:00
ID SSV:93548
Type seebug
Reporter Root
Modified 2015-06-08T00:00:00

Description

简要描述:

**

详细说明:

oauth.ishopex.cn openapi.ishopex.cn
id.shopex.cn IP:122.144.135.220

shopex.cnopenapi.ishopex.cn.ishopex.cnAccept: */*Content-Length: 430Content-Type: application/x-www-form-urlencodeddata=%7B%22tid%22%3A%2220150608114237%22%2C%22from_type%22%3A%22local%22%2C%22province%22%3A330000%2C%22from_nodeid%22%3A%22%22%2C%22amount%22%3A%2285.500%22%2C%22prod_nums%22%3A%222%22%2C%22time%22%3A1433734388%2C%22%40class%22%3A%22prodata-order%22%2C%22nodeid%22%3A%22%22%2C%22shopexid%22%3A%22%22%2C%22code%22%3A%22product_0182%22%2C%22product%22%3A%22C-0003%22%7D&routing_key=bnow.stat.fenxiao&content-type=application%2Fjsonc,C@s^8$53Xrr=jafx79-lo<`BFR P+#xn%2Fjson*%@\j5U+gVjXHupM'[u)*u5546%5Cuff0c%5Cu81ea%5Cu5df1%5Cu8d5a%5Cu94b1%5Cu4e0d%5Cu9700%5Cu8981%5Cu9760%5Cu5bb6%5Cu957f%5Cuff0c%5Cu5efa%5Cu8bae%5Cu6ca1%5Cu6709%7E%22%2C%22new_product_cat%22%3A%221027%2C1031%2C1033%2C%22%2C%22customerid%22%3A2299631%2C%22contactuserid%22%3A1418149%7D%7D+:m9K~+\Cu53d1%5Cu8bf7%5Cu8054%5Cu7cfb%5Cu6211+%7E%5Cuff01%22%2C%22new_product_cat%22%3A%221027%2C1031%2C1032%2C%22%2C%22customerid%22%3A2299589%2C%22contactuserid%22%3A1418113%7D%7D^Uvywx2C%22%2C%22customerid%22%3A2299578%2C%22contactuserid%22%3A1418102%7D%7Dm%`q?o%27%2C%271417791%27%2C%271417788%27%2C%271417789%27%2C%271417790%27%2C%271417792%27%2C%271417794%27%2C%271417796%27%2C%271417797%27%29%22%7D%5D%7D>.oGD9e3ea%5Cu662f%5Cu4e2a%5Cu521a%5Cu5f00%5Cu59cb%5Cu505a%5Cu7684%5Cu4e5f%5Cu4e0d%5Cu4f1a%5Cu770b%5Cu4e0d%5Cu8d77%5Cu4f60%5Cuff0c%5Cu4e0d%5Cu7406%5Cu4f60%5Cu4ec0%5Cu4e48%5Cu7684%5Cuff0c%5Cu4e00%5Cu89c6%5Cu540c%5Cu4ec1%5Cuff0c%5Cu800c%5Cu4e14%5Cu8ddf%5Cu4ed6%5Cu4eec%5Cu5728%5Cu4e00%5Cu8d77%5Cuff0c%5Cu771f%5Cu7684%5Cu5b66%5Cu4f1a%5Cu5f88%5Cu591a%5Cu4e1c%5Cu897f%5Cuff01%5Cu652f%5Cu6301%5Cu4f60%5Cu4eec%5Cuff01%5Cu963f%5Cu91cc%5Cu5206%5Cu9500%5Cuff01%5Cuff01%22%2C%22new_product_cat%22%3A%221027%2C1028%2C1029%2C%22%2C%22customerid%22%3A2299108%2C%22contactuserid%22%3A1417683%7D%7DO<p]mBS(Kz>%b,>811DNSTNBYN`NCapplication/rss+xmlrssintxth)O@pPP+ww[~HYI`+ ,{7+p,T+!8,,e`D,@-1#ob--D-server192.168.23.54:8080PQ6192.168.23.54:8080serverq!%CH$@Q0e(SPjwTw/ %(Q `(0h1 HIPvQ-Rp28ZV`)Q67(EPp}xd677*@/@4V@b1h8(P`T(`Y(`dIZ2(Wt`7JX5#@ep P1<H@Hmxrx#OGPwwq W#`1J8!}"(RX)@"/0Y084H(!#3((DPkp/\#(D=3PJ$Pqx7p8zH=tzHh`pz0ka` @ p0c>pc00c@c0`fP0k c@ ` ad `(>@ `(> 00kA 00@ gSSST TPT`TTii0jknqsuwTxy{}}0~`~~~(xXP8vP0b ``_0u0ud"h<@5@@h@=@,!! Np?NNNN{?NNN, @ !1DN$0$$#N ```

漏洞证明:

RT