有两个分节点可以轻易抓取到大量代码提交者的账号和密码, 可以获取私有Git项目代码。
#KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1 Accept: */* Referer: http://git.oschina.net/teffy/wenjuan/commits/master 节点:117.135.138.169 节点:219.136.249.194
Accept-Encoding: gzip,deflate,sdch Accept-Language: zh-CN,zh;q=0.8 Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3 ??/<?;4~?#?<J?a??d?Ѻ?n??3f****Lǟ'O??A?5****mail=yaowenqiang111%40163.com&pwd=a30ab71d57e85978b05985abe8fe8e9a8bb53588&save_login=1UA?f??n?8???x?\ok%40126.com&pwd=e5bfb0480dcd9fbc0c9071e95730f77671a02e57&save_login=1.9?s****?$x?d 0O0w04HBwBZEzHYRwJY8RJIo0J%2Bu
查看更多关于开源中国某分站两处节点存在SSL漏洞 - 网站安全的详细内容...
声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://haodehen.cn/did15501