宝塔面板出现严重数据库漏洞,官方发布紧急安全更新。公告要求所有用户升级到最新版本,但未说明安全事件的任何信息。
根据已知消息,宝塔面板内置可选组件之数据库管理工具phpmyadmin在pma路径下有着可以直接访问的巨大漏洞,建议立刻关闭对应端口或者卸载该工具
已经有人开始对全网888pma进行扫描,哪怕套了cdn也有可能被扫到
目前已知现状参考图
还有人写了个Python脚本扫描器
import sys
import queue
import threading
import requests
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE'
}
results = []
def scanner():
while not que.empty():
target: str = que.get()
if not target.startswith("http"):
target = "http://" + target
if target.endswith('/'):
target = target[:-1] + ":888/pma"
else:
target += ":888/pma"
try:
req = requests.get(target, headers=headers)
except:
print(f"{target} can't reach")
continue
if req.status_code == 200:
results.append(target)
if __name__ == '__main__':
targets_file = sys.argv[1]
threads = int(sys.argv[2])
threads_handler = []
with open(targets_file) as f:
target_list = f.read()
que = queue.Queue()
for target in target_list.split('\n'):
if target:
que.put(target)
for i in range(threads):
th = threading.Thread(target=scanner)
th.start()
threads_handler.append(th)
for i in threads_handler:
i.join()
res_txt = "\n".join(results)
print(res_txt)
with open("res.txt", "w") as f:
f.write(res_txt)