乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-15: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-05-30: 厂商已经主动忽略漏洞,细节向公众公开
中国物联网中心getshell#数据库信息可能影响众多系统
网站:中国物联网中心网址:wlwservice.com描述:站点存在Struts2命令执行导致黑客获取webshell权限以及获取多处数据库信息Struts2测试入口:http://vanbao.wlwservice.com/system/goSyslogin.action127.0.0.1 : 21 ................................. Open127.0.0.1 : 80 ................................. Open
获取数据库信息:
jdbc.local.driverClassName=oracle.jdbc.OracleDriverjdbc.local.url=jdbc\:oracle\:thin\:@114.112.53.160\:1521\:orcl#jdbc.local.url=jdbc\:oracle\:thin\:@192.168.1.120\:1521\:orcljdbc.local.username=vbjdbc.local.password=vb#jdbc.local.url=jdbc\:oracle\:thin\:@182.18.4.148\:1521\:ds_db#jdbc.local.username=oracle#jdbc.local.password=123456#jdbc.local.username=vb#jdbc.local.password=vbpool.local.c3p0.minPoolSize=1pool.local.c3p0.maxPoolSize=2pool.local.c3p0.initialPoolSize=1pool.local.c3p0.acquireIncrement=10pool.local.c3p0.maxIdleTime=20 #jdbc.driverClassName=oracle.jdbc.OracleDriver#jdbc.url=jdbc:oracle:thin:@localhost:1521:imagedb#jdbc.username=scott#jdbc.password=tiger#jdbc.remote.driverClassName=oracle.jdbc.OracleDriver#jdbc.remote.url=jdbc\:oracle\:thin\:@130.97.1.170\:1521\:dzqdora#jdbc.remote.username=payment#jdbc.remote.password=chinaunicom#pool.remote.c3p0.minPoolSize=20#pool.remote.c3p0.maxPoolSize=20#pool.remote.c3p0.initialPoolSize=10#pool.remote.c3p0.acquireIncrement=10#pool.remote.c3p0.maxIdleTime=0#jdbc.driverClassName=com.mysql.jdbc.Driver#jdbc.url=jdbc:mysql://localhost:3306/ssh?useUnicode=true&characterEncoding=utf-8#jdbc.username=root#jdbc.password=root
PICC.url=http://202.108.173.172:7003/EbsWebServices/services/JWSFactory?wsdlTPIC.url=http://121.35.249.120:5010/taiPingALSB/ProxyServices/DsInf?wsdlPAIC.url=http://222.68.184.181:8007YGBX.url=http://219.143.230.144:7001/ifp-396/services/applyLiabilityData?wsdlCPIC.url=http://112.64.185.137/freight/zrxservices/RoadCommonService?wsdlCICP.url=http://61.138.246.86:7083/cicdsinterface/services/CICDSService?wsdlsms.url=http\://www.6610086.cn/smsComputer/smsComputersend.aspsms.dxlbid=72sms.zh=1274596922sms.mm=ryxt1234jdbc-0.proxool.alias=dbpooljdbc-0.proxool.driver-class=com.mysql.jdbc.Driverjdbc-0.proxool.driver-url=jdbc:mysql://182.18.4.186:3306/ds_db?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull jdbc-0.user=rootjdbc-0.password=p@ssw0rd
邮件系统:
mail.host=smtp.163.com[email protected]mail.username=vanbaoservicemail.password=aaaa1111
敏感信息:
#商户编号p1_MerId=10001126856#p1_MerId=10012359777#商户密钥keyValue=69cl522AV6q613Ii4W6u8K6XuW8vM1N6bFgyv769220IuYe9u37N4y7rI4Pl#keyValue=7DwwP20569MNDh1UzHEC77i4k74ei121288JW065G71278k2hesID06oP174#交易请求地址onlinePaymentReqURL=https://www.yeepay.com/app-merchant-proxy/nodeyeepayCommonReqURL=https://www.yeepay.com/app-merchant-proxy/node#查询和退款地址queryRefundReqURL=https://www.yeepay.com/app-merchant-proxy/command
补丁+配置,包含平台过多,威胁很大,尽快修复吧,$$有没有?
未能联系到厂商或者厂商积极拒绝