乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-12: 细节已通知厂商并且等待厂商处理中 2015-04-17: 厂商已经主动忽略漏洞,细节向公众公开
百合网某站getshell#可获用户充值等信息包含多处数据库信息与服务器信息
涉及服务器:http://117.41.240./49/50/51网址:http://117.41.240.50:8080/BaiHeTwoPortal/baihe/sendMessage.action描述:站点存在Struts2命令执行漏洞,导致Getshell
数据库信息一:
#Remote server configurationAPIKey=139982M03V8W3EIL4AKL9BRO8KM2WTG9SecretKey=WE0X1Z29B8TF39IG1NCEOUTX31DQ94S4domain=http://open1.baihe.com/api/#localUrl=http://117.41.240.50:8089/BaiHeTwoPortal/#Database connection configurationjdbc_driver=com.mysql.jdbc.Driverjdbc_url=jdbc:mysql://117.41.240.49:3306/BAIHE_V2jdbc_user=sajdbc_password=asdf123#Default country-85-CHINA and province-8634-AnhuiDEFAULT_COUNTRY=86DEFAULT_PROVINCE=8636#Order information-Anhuianhui_order_url=http://61.191.44.221:8090/aaa/authorization.doanhui_sp_code=sp_njxjanhui_key=4cf2f83410081cf2anhui_service_code=service_dshl#order priceorder_price=9.9#JX Web ServiceJX_Web_Service=http://117.41.240.73:8080/jxiptv/iptv/ws/UpcWebService?wsdlJX_Web_Service_NameSpace=http://ws.iptv.cndatacom.com/#Account InfoBUSINESS_CODE=BAIHEBUSINESS_TYPE=1USERNAME=njxjCODE=12345678SP_ID=23189971PRODUCT_ID=123307001200191013689########################MemCached setting########################mem_servers=117.41.240.49:11211
二
#Remote server configurationAPIKey=139982M03V8W3EIL4AKL9BRO8KM2WTG9SecretKey=WE0X1Z29B8TF39IG1NCEOUTX31DQ94S4domain=http://open1.baihe.com/api/#Database connection configurationjdbc_driver=com.mysql.jdbc.Driverjdbc_url=jdbc:mysql://117.41.240.49:3306/BAIHE_V2jdbc_user=sajdbc_password=asdf123
三
datasource.jdbc.driverClassName=com.mysql.jdbc.Driver#datasource.jdbc.url=jdbc:mysql://localhost:3306/APPSTORE?useUnicode=true&characterEncoding=utf-8#datasource.jdbc.username=root#datasource.jdbc.password=123456datasource.jdbc.url=jdbc:mysql://117.41.240.49:3306/APPSTORE?useUnicode=true&characterEncoding=utf-8datasource.jdbc.username=sadatasource.jdbc.password=asdf123datasource.jdbc.initialSize=3datasource.jdbc.maxActive=10datasource.jdbc.maxIdle=5datasource.jdbc.minIdle=1datasource.jdbc.maxWait=1000datasource.jdbc.maxIdleTime=25000datasource.jdbc.preferredTestQuery=select id from test where id=1datasource.jdbc.testConnectionOnCheckout=truedatasource.slave.driverClassName=com.mysql.jdbc.Driverdatasource.slave.url=jdbc:mysql://117.41.240.49:3306/APPSTORE?useUnicode=true&characterEncoding=utf-8datasource.slave.username=sadatasource.slave.password=asdf123#datasource.slave.url=jdbc:mysql://192.168.1.184:3306/APPSTORE?useUnicode=true&characterEncoding=utf-8#datasource.slave.username=sa#datasource.slave.password=asdf123datasource.slave.initialSize=3datasource.slave.maxActive=10datasource.slave.maxIdle=5datasource.slave.minIdle=1datasource.slave.maxWait=1000datasource.slave.maxIdleTime=25000datasource.slave.preferredTestQuery=select id from test where id=1datasource.slave.testConnectionOnCheckout=true#File and image server connection addressimageServerIpAddress=http://117.41.240.50:8021/filemanage/#imageServerIpAddress=http://192.168.2.108:8080/img/#Synchronization system connection addresssysServerIpAddress=http://192.168.2.182:8078/ClientSysData/#Currently connected to the system address, send e-mail when a registered user, the system displays the login link addressserverIpAddress=http://localhost:8888/BTOP/#Register with the mailboxfromEmail=Managesystem#mail.host=smtp.263xmail.commail.host=smtp.163.com[email protected]mail.password=xiaojian00#memcacheIP#"192.168.11.98:11211", "192.168.11.98:11212"memCacheIp = 117.41.240.49:11211# limti upload file sizelimitUploadPicSize=102400#System identificationsign=clientottSign=#Resolve the apk command path#/media/30387FB3387F7726/demouploadfileapk/android-sdk-linux/platform-tools/ linux extracting androidSDK path corresponding to the configuration according to the SDK path#aapt d badging Unzip commandparseApkCommand=/usr/local/platform-tools/aapt d badgingfrom_path=/home/btop/pay/ftpfile/back_path =/home/btop/pay/ftpfile/backback_path_false =/home/btop/pay/ftpfile/falseftp.ip=172.24.23.150ftp.port=21ftp.username=bestftpftp.password=bestvwinftp.localpath=/usr/ftp.ftppath=/usr/bestftp/
四
######################Constranst setting#########################imageServerIpAddress=http://192.168.2.182:8078/filemanage/#synServerIpAddress=http://192.168.2.155:8080/btopsyndata/#interfaceAddress=http://192.168.2.183:8080/btopinterface/#######################DataBase setting##################################### MySql#master db writejdbc.driver=com.mysql.jdbc.Driverjdbc.url=jdbc:mysql://117.41.240.49:3306/APPSTORE?createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=utf-8&autoReconnect=truejdbc.username=sajdbc.password=asdf123#slave db readjdbc.slave.url=jdbc:mysql://117.41.240.49:3306/APPSTORE?createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=utf-8&autoReconnect=truejdbc.slave.username=sajdbc.slave.password=asdf123############# H2#h2 standalone database settings#jdbc.driver=org.h2.Driver#jdbc.url=jdbc:h2:tcp://localhost/~/GAMESYS#jdbc.username=sa#jdbc.password=#hibernate.dialect=org.hibernate.dialect.H2Dialect############# log4jdbc#log4jdbc driver#jdbc.driver=net.sf.log4jdbc.DriverSpy#jdbc.url=jdbc:log4jdbc:h2:tcp://localhost/~/GAMESYS############# oracle#oracle database settings#jdbc.driver=oracle.jdbc.driver.OracleDriver#jdbc.url=jdbc:oracle:thin:@127.0.0.1:1521:XE#jdbc.username=sa#jdbc.password=#hibernate.dialect=org.hibernate.dialect.Oracle10gDialect########################DataBasePool setting#########################dbcp settingsdbcp.maxIdle=5dbcp.maxActive=40#c3p0 settingsdatasource.jdbc.initialPoolSize=3datasource.jdbc.minPoolSize=2datasource.jdbc.maxPoolSize=50datasource.jdbc.acquireIncrement=5datasource.jdbc.maxStatements=100datasource.jdbc.maxIdleTime=25000datasource.jdbc.idleConnectionTestPeriod=18000#default use Pool's#datasource.jdbc.maxWait=0#datasource.jdbc.numHelperThreads=3########################MemCached setting########################mem_servers=117.41.240.49:11211mem_initConn=2mem_minConn=2mem_maxConn=300mem_threshold=10mem_defaultET=300#custome parmater#Cache a day = 1L*24*60*60*1000cache_expire_time=86400000L#exclude_cache_methods=getSlaveVersion_getMasterVersion#include_cache_methods=get*#flush_cache_methods=save_update_delete#######################Hibernate setting########################hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialecthibernate.show_sql=falsehibernate.format_sql=falsehibernate.use_sql_comments=falsehibernate.max_fetch_depth=3hibernate.cache.use_query_cache=falsehibernate.jdbc.batch_size=20hibernate.default_batch_fetch_size=20hibernate.jdbc.fetch_size=20hibernate.query.substitutions=true 1, false 0hibernate.bytecode.use_reflection_optimizer=truehibernate.order_updates=true#DEFAULT none,option(none,create,update,validate...)hibernate.hbm2ddl.auto=update# second_level_cachehibernate.cache.provider_class=org.hibernate.cache.OSCacheProvider#hibernate.cache.use_second_level_cache=true#hibernate.cache.use_query_cache=true#hibernate.cache.region.factory_class=org.hibernate.cache.EhCacheRegionFactory#net.sf.ehcache.configurationResourceName=/ehcache_hibernate.xml#hibernate.cache.use_structured_entries=true#hibernate.generate_statistics=true#spring default / thread / JTA..hibernate.current_session_context_class=org.springframework.orm.hibernate3.SpringSessionContexthibernate.transaction.factory_class=org.hibernate.transaction.JDBCTransactionFactory########################Cookie setting########################cookie_expire_time=86400#######################Mail setting######################### This properties file is used to configure mail settings in # /WEB-INF/classes/logback.xml#\u53D1\u4EF6\u4EBA[email protected]#\u76EE\u6807\u63A5\u6536\u4EBA[email protected]#\u90AE\u4EF6\u670D\u52A1\u5668\u5730\u5740mail.smtphost=smtp.263xmail.com#\u7528\u6237\u540D[email protected]#\u5BC6\u7801mail.password=zhc982?mail.debug=falsemail.transport.protocol=smtp#JX Web ServiceJX_Web_Service=http://117.41.240.73:8080/jxiptv/iptv/ws/UpcWebService?wsdlJX_Web_Service_NameSpace=http://ws.iptv.cndatacom.com/#Account InfoBUSINESS_CODE=BAIHEUSERNAME=njxjCODE=12345678FTP_DIR=/boss/ftp/sp/FTP_IP=10.60.6.246FTP_USER=xjntFTP_PWD=xjnt#http://128.129.99.49:1389/
邮箱:
mail_from [email protected]mail_host =mail.emotte.commail_userName [email protected]mail_password =emotte.com
某办公系统
http://117.41.240.50:8078/meis/ioif/loginAo!doLoginVertify.action admin/123456
贵站漏洞尽快修复,权限以及影响面较广,作为白帽子这是我应该做的,希望正确面对安全问题,更多敏感信息以及危害自己排查!20Rank有木有~$$有木有~
危害等级:无影响厂商忽略
忽略时间:2015-04-17 20:36
漏洞Rank:15 (WooYun评价)
暂无