DUMP Исходные коды веб-сервисов "Аэрофлота"

Lowrens

Moderator
Staff member
Verified
Joined
Nov 25, 2015
Messages
11,031
Reaction score
1,365
Exclusive Russian airline Aeroflot has exposed to the public internet the internal blueprints for its website, aeroflot.ru, The Register has learned.

Specifically, the biz has left a Docker registry server open to all the world to see: if asked nicely, with no authentication, it will cough up compressed archives of the confidential Python source code and settings text files that run its website. The files form Docker images that run on Aeroflot's website servers in containers. We have verified that the contents of the containers are present on the public website.

///

Неизвестный опубликовал на GitHub исходные коды веб-приложений «Аэрофлота», включая код, отвечающий за начисление бонусов и создание подарочных сертификатов. Утечка произошла из-за халатности — сервер с реестром контейнеров Docker был доступен всем желающим по протоколу HTTP без авторизации и шифрования.

HC7ZAJo.jpg


Источник:

Download aeroflot sources 09.2018:
 
Top