乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-20: 细节已通知厂商并且等待厂商处理中 2015-10-25: 厂商已经确认,细节仅向厂商公开 2015-11-04: 细节向核心白帽子及相关领域专家公开 2015-11-14: 细节向普通白帽子公开 2015-11-24: 细节向实习白帽子公开 2015-12-09: 细节向公众公开
RT..
http://61.144.241.87:8080/login/Login.jsp
通过jboss 直接 getshell
shell:http://61.144.241.87:8080/myname/footer.jsp
root权限,内网配置文件:好多oracle
<connection-url>jdbc:oracle:thin:@192.168.101.187:1521:orcl</connection-url> <connection-property name="defaultRowPrefetch">50</connection-property> <driver-class>oracle.jdbc.driver.OracleDriver</driver-class> <user-name>rainbow1</user-name> <password>password</password> <prefill>false</prefill> <min-pool-size>50</min-pool-size> <max-pool-size>1300</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <PreparedStatementCache>512</PreparedStatementCache> <blocking-timeout-millis>60000</blocking-timeout-millis> <track-statements>true</track-statements> <validate-on-match>false</validate-on-match> <background-validation>true</background-validation> <background-validation-minutes>15</background-validation-minutes> <new-connection-sql>select 1 from dual</new-connection-sql> <check-valid-connection-sql>select 1 from dual</check-valid-connection-sql> <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter </exception-sorter-class-name>
<jndi-name>B2BAPP_DataSource</jndi-name> <connection-url>jdbc:oracle:thin:@192.168.101.241:1521:orcl</connection-url> <connection-property name="defaultRowPrefetch">50</connection-property> <driver-class>oracle.jdbc.driver.OracleDriver</driver-class> <user-name>rainbow</user-name> <password>password</password> <prefill>false</prefill> <min-pool-size>50</min-pool-size> <max-pool-size>1000</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <PreparedStatementCache>512</PreparedStatementCache> <blocking-timeout-millis>60000</blocking-timeout-millis> <track-statements>true</track-statements> <validate-on-match>false</validate-on-match> <background-validation>true</background-validation> <background-validation-minutes>15</background-validation-minutes> <new-connection-sql>select 1 from dual</new-connection-sql> <check-valid-connection-sql>select 1 from dual</check-valid-connection-sql> <exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter </exception-sorter-class-name>
修复jboss
危害等级:低
漏洞Rank:5
确认时间:2015-10-25 09:47
感谢提交。
暂无