nginx
tcp/443 tcp/80
The Redis instance is open to the public.
This could result to data leak and code execution.
Severity: medium
Fingerprint: d606b92f1b5fdf18218cad2d218cad2d218cad2d218cad2d218cad2d218cad2d
Redis is open
Open service 39.106.197.215:443 · console.mooplus.com.cn
2024-03-24 14:42
HTTP/1.1 200 Server: nginx Date: Sun, 24 Mar 2024 14:42:14 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Language: en-US Page title: 牧家智能零售云平台 <!DOCTYPE html> <html> <head> <meta charset="UTF-8"/> <title>牧家智能零售云平台</title> <!-- <title th:text="${js_version}"></title>--> <link rel="icon" href="/res/mujia_favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="/res/mujia_favicon.ico" type="image/x-icon"/> <!-- 引入样式 --> <link rel="stylesheet" href="/res/css/element-ui.css"> <!-- 先引入 Vue --> <script type="text/javascript" src="/webjars/vue/2.5.3-1/vue.js"></script> <!-- 引入组件库 --> <script src="/res/js/axios.min.js"></script> <script src="/res/js/element/element-ui.js" ></script> <!--下<script th:src="@{/res/js/element/element-ui.js(${js_version})}" ></script> 面在你要的页面 引入这个片段就行<head th:include="theme/fragments::header" /> 他就相当于jsp 中我们常用的 <%@ include file="/WEB-INF/jsp/public/header.jspf"%>--> </head> <body style="margin: 0px;"> <div id="app" style="background:url(/res/image/bj2.jpg) center center #0f1a38"> <div class="mian"> <div class="logo"></div> <!-- 登录 --> <div class="logo-content" @keyup.enter="onSubmit"> <div class="logo2" style="background:url(/res/image/mujia_logo.png) no-repeat center center"></div> <el-form ref="form" :model="form" :rules="rules"> <el-form-item prop="userAccount"> <el-input v-model="form.userAccount" auto-complete="off" placeholder="账号"></el-input> </el-form-item> <el-form-item prop="password"> <el-input type="password" v-model="form.password" auto-complete="off" placeholder="密码"></el-input> </el-form-item> <el-form-item prop="verifyCode"> <el-row :gutter="20"> <el-col :span="12" ><el-input v-model="form.verifyCode" auto-complete="off" placeholder="验证码"></el-input></el-col> <el-col :span="12"> <img v-bind:src="vcodeimg" class="vcodeimg" v-on:click="vcodeimgFun"/> </el-col> </el-row> </el-form-item> <el-form-item> <el-button type="primary" v-on:click="onSubmit" :loading="logining" class="login-btn">登录</el-button> </el-form-item> </el-form> </div> </div> </div> </body> <script> var vue = new Vue({ el: "#app", data:function(){ var userNameValue = getCookieValue("userAccount"); return { vcodeimg:"/vcodeimg", logining: false, form: { userAccount: userNameValue, password: '', verifyCode:'' }, rules: { userAccount: [ { required: true, message: '请输入账号', trigger: 'blur' }, ], password: [ { required: true, message: '请输入密码', trigger: 'blur' }, ], verifyCode:[ { required: true, message: '请输入验证码', trigger: 'blur' }, ] } } }, methods: { onSubmit:function(ev){ var _this = this; this.$refs.form.validate(function(valid){ if(valid) { this.logining = true; axios({ method: 'post', url: '/loginIn', params: vue.form }).then(function (response) { _this.logining = false; if(response.data.code != '000000'){ _this.$message({ showClose: true, message: response.data.message, type: 'error' }); _this.vcodeimgFun(); }else { setCookie("userAccount",_this.form.userAccount,125,"/"); window.location.href = "/home.user"; } }).catch(function (error) { console.log(error); _this.$message({ showClose: true, message: error.message, type: 'error' }); }); } }); }, vcodeimgFun:function(ev){ var timestamp = Date.parse(new Date());
Open service 39.106.197.215:80 · console.mooplus.com.cn
2024-03-24 14:42
HTTP/1.1 200 Server: nginx Date: Sun, 24 Mar 2024 14:42:09 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Content-Language: en-US Page title: 牧家智能零售云平台 <!DOCTYPE html> <html> <head> <meta charset="UTF-8"/> <title>牧家智能零售云平台</title> <!-- <title th:text="${js_version}"></title>--> <link rel="icon" href="/res/mujia_favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="/res/mujia_favicon.ico" type="image/x-icon"/> <!-- 引入样式 --> <link rel="stylesheet" href="/res/css/element-ui.css"> <!-- 先引入 Vue --> <script type="text/javascript" src="/webjars/vue/2.5.3-1/vue.js"></script> <!-- 引入组件库 --> <script src="/res/js/axios.min.js"></script> <script src="/res/js/element/element-ui.js" ></script> <!--下<script th:src="@{/res/js/element/element-ui.js(${js_version})}" ></script> 面在你要的页面 引入这个片段就行<head th:include="theme/fragments::header" /> 他就相当于jsp 中我们常用的 <%@ include file="/WEB-INF/jsp/public/header.jspf"%>--> </head> <body style="margin: 0px;"> <div id="app" style="background:url(/res/image/bj2.jpg) center center #0f1a38"> <div class="mian"> <div class="logo"></div> <!-- 登录 --> <div class="logo-content" @keyup.enter="onSubmit"> <div class="logo2" style="background:url(/res/image/mujia_logo.png) no-repeat center center"></div> <el-form ref="form" :model="form" :rules="rules"> <el-form-item prop="userAccount"> <el-input v-model="form.userAccount" auto-complete="off" placeholder="账号"></el-input> </el-form-item> <el-form-item prop="password"> <el-input type="password" v-model="form.password" auto-complete="off" placeholder="密码"></el-input> </el-form-item> <el-form-item prop="verifyCode"> <el-row :gutter="20"> <el-col :span="12" ><el-input v-model="form.verifyCode" auto-complete="off" placeholder="验证码"></el-input></el-col> <el-col :span="12"> <img v-bind:src="vcodeimg" class="vcodeimg" v-on:click="vcodeimgFun"/> </el-col> </el-row> </el-form-item> <el-form-item> <el-button type="primary" v-on:click="onSubmit" :loading="logining" class="login-btn">登录</el-button> </el-form-item> </el-form> </div> </div> </div> </body> <script> var vue = new Vue({ el: "#app", data:function(){ var userNameValue = getCookieValue("userAccount"); return { vcodeimg:"/vcodeimg", logining: false, form: { userAccount: userNameValue, password: '', verifyCode:'' }, rules: { userAccount: [ { required: true, message: '请输入账号', trigger: 'blur' }, ], password: [ { required: true, message: '请输入密码', trigger: 'blur' }, ], verifyCode:[ { required: true, message: '请输入验证码', trigger: 'blur' }, ] } } }, methods: { onSubmit:function(ev){ var _this = this; this.$refs.form.validate(function(valid){ if(valid) { this.logining = true; axios({ method: 'post', url: '/loginIn', params: vue.form }).then(function (response) { _this.logining = false; if(response.data.code != '000000'){ _this.$message({ showClose: true, message: response.data.message, type: 'error' }); _this.vcodeimgFun(); }else { setCookie("userAccount",_this.form.userAccount,125,"/"); window.location.href = "/home.user"; } }).catch(function (error) { console.log(error); _this.$message({ showClose: true, message: error.message, type: 'error' }); }); } }); }, vcodeimgFun:function(ev){ var timestamp = Date.parse(new Date());
Open service 39.106.197.215:443
2024-03-04 03:02
HTTP/1.1 404 Server: nginx Date: Mon, 04 Mar 2024 03:02:11 GMT Content-Type: application/json;charset=UTF-8 Content-Length: 103 Connection: close Set-Cookie: JSESSIONID=87F101FBCF30A33744BD8BEAD127F0AB; Path=/; HttpOnly { "timestamp":"2024-03-04 11:02:11", "status":404, "error":"Not Found", "message":"", "path":"/" }