Process DMCA request

2024/07/2024-07-22-shenzhen-mofang-security-technology.md

@@ -0,0 +1,88 @@
+Before disabling any content in relation to this takedown notice, GitHub
+- contacted the owners of some or all of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work).
+- provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice).
+
+To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice).
+
+---
+
+Declaration：I have read and understood GitHub's Guidelines for Submitting a DMCA Notice;
+
+Complaint unit: Shenzhen Mofang Security Technology Co., Ltd. (entrusted by China Resource Bank Co., Ltd. );
+
+Person in charge: [private], contact number: [private];
+
+Unit mailbox: [private] ;
+
+Address of the unit: [private] Email: [private];
+
+Requests:
+
+(1) After investigation, our company found that some
+
+users uploaded the internal source code related to China Resource Bank Co., Ltd
+
+ on the open source community Github platform.After internal verification, the source code document was uploaded to Github by an individual without permission, which seriously  infringed on the rights and interests of  China Resource Bank.
+
+(2) Description of specific information:
+
+ leaked addresses :
+
+File Leak Address 1.
+
+1.Posted by user [private] on July 5, 2020, Leaks in the https://github.com/hiphp7/jzweb-sat/blob/master/ccbpay.com.cn/src/Config/config.php warehouse zhuhai cr bank co., LTD., polymerization alipay sources of information, According to the domain name crbank.com.cn and China Resources insiders, the code is indeed the code of China Resources internal products. The 6-line -185 contains the coaggregation configuration information of China Resources Bank Payment CRC, including api interface information, account and password information, remote host address and linked private key information, and server information
+
+[private]
+
+File leak address 2.
+
+[private] July 6, 2019, Leaks in the https://github.com/zachwylde00/uzzz.org.github.io/blob/master/docs/2019/03/19/728591.html The link disclosed the information of the electronic payment system of China Resources Bank of Zhuhai Co., LTD. Lines 12-13 of the document contained the domain name information of China Resources Bank, which disclosed the api interface information of the payment system. Once used by the attacker, the entire business might fail, resulting in serious security time.
+
+[private] 
+
+Leaked file address 3.
+
+cash2one/hhvss on October 15, 2015, In the https://github.com/cash2one/hhvss/blob/master/src/main/webapp/report_vender/crblink.jsp vendor The /crblink.jsp link reveals the source code information of Zhuhai China Resources Bank Co., LTD. Lines 32-46 and 80-88 of the file contain the cooperation agreement information with China Resources Bank, api interface transaction encryption information, and transaction authorization information. After further analysis, it is confirmed that the project was leaked as the internal source code information of China Resources Bank.
+
+[private]
+
+Instructions:
+
+(1) Product Description:
+
+(1) The warehouse and contents complained about seriously violate the rights and interests of Zhuhai China Resources Bank Co., LTD. The content of the complaint is: Zhuhai China Resources Bank Co., Ltd. non-public confidential product configuration information source code, China Resources product summary payment leaked account password. We have complained to the authorities about these items before, but now we find that some branch users have downloaded them, please help Github delete them in time, which poses a great threat to the security of China Resources Bank. Also subject to regulatory requirements, it must be removed this week.
+
+(2) we hope the above users can delete part warehouse：
+
+https://github.com/hiphp7/jzweb-sat   
+https://github.com/zachwylde00/uzzz.org.github.io  
+https://github.com/cash2one/hhvss  
+（3） We can not know the information of the infringer, and please help GitHub official processing!
+
+(4) Since this sensitive information involves the configuration of confidential information, please give timely assistance to Github officials!
+
+Our company has also complained about the removal of sensitive information on the GitHub platform before, and the submitted materials and leaked warehouse addresses are also accurate. Since the leaked content is related to the internal source code information and the private information of internal personnel , please help GitHub to remove the shelf as soon as possible. Thank you very much . Any questions please feel free to contact us .
+
+Statement:
+
+（1）I've considered fair use.
+
+（2）Our company is the legal right holder of the complained content (with a power of attorney attached);
+
+（3）We firmly believe that the use of the above copyrighted material on the infringing web page is not authorized by the copyright owner, its agent, or the law, and I have considered fair use.
+
+（4）"I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law."
+
+"I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed."
+
+Sincerely,
+
+[private]
+
+[private] ( authorized by Zhuhai China Resources Bank Co., Ltd. ) :
+
+Shenzhen Mofang Security Technology Co., Ltd.
+
+Date: July 16, 2024
+
+Applicant's signature: [private]