admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-08 20:36:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/Alibaba otter manager分布式数据库同步系统信息泄漏 CNVD-2021-16592.md
Threekiii 772a085cfa 更新漏洞
2023-08-28 15:55:36 +08:00

22 lines
742 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Alibaba otter manager分布式数据库同步系统信息泄漏 CNVD-2021-16592
## 漏洞描述
Alibaba otter manager分布式数据库同步系统是基于数据库增量日志解析准实时同步到本机房或异地机房的mysql/oracle数据库一个分布式数据库同步系统。阿里巴巴otter manager分布式数据库同步系统存在信息泄露漏洞攻击者可利用漏洞获取zookper信息。
参考链接:
* https://www.cnvd.org.cn/flaw/show/CNVD-2021-16592
* https://forum.ywhack.com/thread-115309-1-8.html
## 网络测绘
```
title="Otter Manager"
```
## 漏洞复现
默认口令:`admin/admin`
进入后直接f12查看元素修改password为text即可查看数据库等敏感信息密码。
Reference in New Issue View Git Blame Copy Permalink