From owner-freebsd-bugs@freebsd.org Fri Jul 24 15:32:42 2020 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 16530369DBD for ; Fri, 24 Jul 2020 15:32:42 +0000 (UTC) (envelope-from gugan1304@gmail.com) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4BCtVx69pwz3Rj5 for ; Fri, 24 Jul 2020 15:32:41 +0000 (UTC) (envelope-from gugan1304@gmail.com) Received: by mailman.nyi.freebsd.org (Postfix) id D3EEA369E1A; Fri, 24 Jul 2020 15:32:41 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D3A12369AE9; Fri, 24 Jul 2020 15:32:41 +0000 (UTC) (envelope-from gugan1304@gmail.com) Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BCtVx190Vz3Rfx; Fri, 24 Jul 2020 15:32:40 +0000 (UTC) (envelope-from gugan1304@gmail.com) Received: by mail-lf1-x135.google.com with SMTP id y18so5393451lfh.11; Fri, 24 Jul 2020 08:32:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=+oqlqAwdc7lLSH3n4/qIyo7VhbBXQt2h0vfk29RELLA=; b=Hbde0k8wxl3BOaYkun8KfTdlPQ6vqONk2mxDzcUMq+cfRYvhdxR96kyaOxa6H/yY3q noKXrnIJfePpJnAjUWjAhvoNP31a4e4RruFB3Ys1Gl3x9Yz7KmSPUVg/dmbHvVH0G7Bh I1+XywGjAf2rTZoyWQSpo+77IJm8vpC9aa5N9zmDvD+Va9NRDsVO0ff31yAmUauIWQKq 8JOLHNBAecVHbWB6k1D74ozpLWvmcHnrqNO39hOrUEnwHn1fZxiIgcKwwhvIZ7zTfP/t OpulTa/kPyhvwgFoUy9+JrKsN31502sixCo5B5/S4LSNApO0u0IjvNRfJtzVjukDj5U1 o22A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=+oqlqAwdc7lLSH3n4/qIyo7VhbBXQt2h0vfk29RELLA=; b=PkS5l3sSBeHbsVH0auTIBiLTXkwUZ82DYi/RE0qdDAbIgyWBvSxjdnueBciVCBhNai 0zvp+EQiOvR3ubxa82c7TU1dIbvKowB3a8dyxC6QMmgNn3dZrkK05WxZ0gijYNM2dKRT c2+ZoVfFoxpTDzg/1eBl6udIJ0dLAsrDO7/PqkPx+bQwyqCJW3Ov9Z0kKq8YysPYZ6dF OdHd42hezKidV7JrB9Mk2CHSXLWbA1h6s/3kZCyuxD8bKMByCHu+6SYTTZdeURPjvTVo qPuClt3AM07gQ9rv4o5Z+dsThN+twLpqFKIvGMEBYE2N6ur1e+4bdSarwgfwcGM2fP8U otqA== X-Gm-Message-State: AOAM53304pMmu7nab58Oe1OGx8pi0fS7v8yTJZxaHdoFVstR0ETFe/jC IO9Ie5UXLtoUvAiW9cYnerJCLTsrxdIjjKcVdZ0D3Nl3/ggDpA== X-Google-Smtp-Source: ABdhPJw3RMlPijznYP/mom0iPI1aPzT42FdOxP4cU3NVOUeI/e4aj63j5eGFraee7tMNFIBBwGLnXSXN6bSJIFoFqO0= X-Received: by 2002:a19:c501:: with SMTP id w1mr5002589lfe.172.1595604758699; Fri, 24 Jul 2020 08:32:38 -0700 (PDT) MIME-Version: 1.0 From: gugan gugan Date: Fri, 24 Jul 2020 21:02:27 +0530 Message-ID: Subject: To: bugs@freebsd.org, bhughes@freebsd.org, cy@freebsd.org, doc@freebsd.org X-Rspamd-Queue-Id: 4BCtVx190Vz3Rfx X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=Hbde0k8w; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of gugan1304@gmail.com designates 2a00:1450:4864:20::135 as permitted sender) smtp.mailfrom=gugan1304@gmail.com X-Spamd-Result: default: False [-1.79 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.90)[-0.904]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-0.95)[-0.953]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; NEURAL_SPAM_SHORT(0.07)[0.067]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::135:from]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; EMPTY_SUBJECT(1.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2020 15:32:42 -0000 While searching on Github about "DB_PASSWORD=".i found some juicy information like a username and password of this subdomain ( https://github.com/freebsd/freebsd-ports-kde/blob/543171d969548daae5b6a3659a633fd7987ebc19/www/rt50/Makefile), internal ip of the database and its username & password In the following link ( https://github.com/freebsd/freebsd-ports-kde/blob/543171d969548daae5b6a3659a633fd7987ebc19/www/rt50/Makefile ) you could find this info XML_URL = https://github.com/freebsd/freebsd-ports-kde/blob/543171d969548daae5b6a3659a633fd7987ebc19/www/rt50/Makefile ----------------------------------------------------------------------------------------------------------------- DB_DBA_PASSWORD?= DB_USER?= rt_user DB_PASSWORD?= rt_pass DB_HOST?= localhost DB_DATABASE?= rt5 WEB_USER?= ${WWWOWN} WEB_GROUP?= ${WWWGRP} LIBS_GROUP?= wheel HAS_CONFIGURE= yes NO_BUILD= yes ------------------------------------------------------------------------------------------------------------------ You should change passwords of the leaked account and remove this info from github Impact any attacker can login to this sub domain and do unauthorized actions If any one was able to be inside the network he would connect to the leaked database ip and steal important information