Kwanaki biyu kacal da suka wuce a kan Habré game da yadda sabis na likitancin kan layi na Rasha DOC+ ya gudanar ya bar bayanan bayanai tare da cikakkun bayanan shiga cikin jama'a, daga abin da za a iya samun bayanan marasa lafiya da ma'aikatan sabis. Kuma ga wani sabon lamari, tare da wani sabis na Rasha wanda ke ba marasa lafiya shawarwarin kan layi tare da likitoci - "Doctor Nearby" (www.drclinics.ru).
Zan rubuta nan da nan cewa godiya ga cancantar Doctor yana kusa da ma'aikata, rashin lafiyar ya kasance cikin sauri (2 hours daga lokacin sanarwa da dare!) An kawar da shi kuma mai yiwuwa babu wani ɓoye na bayanan sirri da na likita. Ba kamar abin da ya faru na DOC + ba, inda na san tabbas cewa aƙalla fayil ɗin json guda ɗaya tare da bayanai, 3.5 GB a girman, ya ƙare a cikin "buɗewar duniya", kuma matsayin hukuma yayi kama da wannan: "Ƙananan adadin bayanai sun zama na ɗan lokaci a bainar jama'a, wanda ba zai iya haifar da mummunan sakamako ga ma'aikata da masu amfani da sabis na DOC+ ba.".
Tare da ni, a matsayin mai mallakar tashar Telegram "", wani mai biyan kuɗi da ba a bayyana ba ya tuntuɓi kuma ya ba da rahoton yuwuwar lahani akan gidan yanar gizon www.drclinics.ru.
Asalin raunin shine, sanin URL da kasancewa a cikin tsarin ƙarƙashin asusun ku, zaku iya duba bayanan sauran marasa lafiya.
Don yin rijistar sabon asusu a cikin tsarin Doctor Nearby, a zahiri kuna buƙatar lambar wayar hannu kawai wanda aka aiko da SMS ta tabbatarwa, don haka babu wanda zai iya samun matsala shiga cikin asusunsa na sirri.
Bayan mai amfani ya shiga cikin asusunsa na sirri, zai iya nan da nan, ta hanyar canza URL ɗin da ke cikin mashigin adireshin mai bincikensa, duba rahotannin da ke ɗauke da bayanan sirri na marasa lafiya har ma da binciken likita.
Babbar matsala ita ce sabis ɗin yana amfani da ci gaba da ƙididdige rahotanni kuma ya riga ya samar da URL daga waɗannan lambobin:
https://[адрес сайта]/…/…/40261/…
Saboda haka, ya isa ya saita mafi ƙarancin izinin lambar (7911) da matsakaicin (42926 - a lokacin raunin) don ƙididdige adadin adadin (35015) na rahotanni a cikin tsarin kuma koda (idan akwai mugun nufi) zazzagewa. dukkansu da rubutu mai sauƙi.
Daga cikin bayanan da za a iya dubawa sun hada da: cikakken sunan likita da majiyyaci, kwanakin haihuwar likita da mara lafiya, lambobin wayar likita da mara lafiya, jinsin likita da mara lafiya, adiresoshin imel na likita da majiyyaci, ƙwararrun likita. , kwanan wata shawara, farashin shawarwari kuma a wasu lokuta ma ganewar asali (a matsayin sharhi ga rahoton).
Wannan raunin da gaske yana kama da wanda ya kasance a kan uwar garke na microfinance kungiyar "Zaimograd". Sa'an nan, ta hanyar bincike, an iya samun kwangilar 36763 da ke dauke da cikakkun bayanan fasfo na abokan cinikin kungiyar.
Kamar yadda na nuna tun daga farkon, ma'aikatan da ke kusa da Doctor sun nuna kwarewa ta gaske kuma duk da cewa na sanar da su game da rashin lafiyar a 23: 00 (lokacin Moscow), samun damar shiga asusuna na sirri nan da nan ya rufe ga kowa da kowa, kuma ta 1: 00 (lokacin Moscow) an gyara wannan raunin.
Ba zan iya taimakawa ba sai dai sake buga sashen PR na wannan DOC + (New Medicine LLC). yana bayyana"An ba da ƙaramin adadin bayanai na ɗan lokaci a bainar jama'a", sun rasa gaskiyar cewa muna da bayanan" iko mai mahimmanci " a hannunmu, wato injin bincike na Shodan. Kamar yadda aka gani daidai a cikin sharhin wannan labarin - bisa ga Shodan, ranar da aka fara gyarawa na bude sabar ClickHouse akan adireshin IP na DOC +: 15.02.2019/03/08 00:17.03.2019:09, kwanan wata na ƙarshe na gyarawa: 52/ 00/40/XNUMX XNUMX:XNUMX:XNUMX. Girman bayanan yana kusan XNUMX GB.
Akwai gyare-gyare guda 15 gabaɗaya:
15.02.2019 03:08:00
16.02.2019 07:29:00
24.02.2019 02:03:00
24.02.2019 02:50:00
25.02.2019 20:39:00
27.02.2019 07:37:00
02.03.2019 14:08:00
06.03.2019 22:30:00
08.03.2019 00:23:00
08.03.2019 14:07:00
09.03.2019 05:27:00
09.03.2019 22:08:00
13.03.2019 03:58:00
15.03.2019 08:45:00
17.03.2019 09:52:00Daga bayanin ya bayyana cewa na dan lokaci ya wuce wata daya kadan, amma ƙananan adadin bayanai wannan kusan 40 gigabytes ne. To ban sani ba…
Amma bari mu koma zuwa "Likita yana Kusa."
A halin yanzu, ƙwararrun ƙwararrun ƙaƙƙarfan matsala guda ɗaya ce kawai ke fama da ita - ta hanyar amsawar uwar garken zaku iya gano adadin rahotannin da ke cikin tsarin. Lokacin da kuke ƙoƙarin samun rahoto daga URL ɗin da ba shi da damar (amma rahoton da kansa yana nan), uwar garken zai dawo AN HANA SHIGA, kuma lokacin da kuka yi ƙoƙarin samun rahoton da ba ya wanzu, ya dawo BA'A SAMU. Ta hanyar saka idanu da karuwar yawan rahotanni a cikin tsarin a tsawon lokaci (sau ɗaya a mako, wata, da dai sauransu), za ku iya tantance nauyin aikin sabis da ƙarar ayyukan da aka bayar. Wannan, ba shakka, baya keta bayanan sirri na marasa lafiya da likitoci, amma yana iya zama cin zarafi na sirrin kasuwanci na kamfanin.
source: www.habr.com