当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0149695

漏洞标题:全民直播某站点弱口令导致Getshell

相关厂商:全民直播

漏洞作者: 路人甲

提交时间:2015-10-27 10:02

修复时间:2015-12-11 10:02

公开时间:2015-12-11 10:02

漏洞类型:服务弱口令

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-27: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-12-11: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

全民直播

详细说明:

http://182.92.187.7:7001/qmzb/

1.jpg


http://182.92.187.7:7001/console/login/LoginForm.jsp
weblogic/weblogic1
上传war 拿到shell
http://182.92.187.7:7001/ma/ma3.jsp
WEB-INF\classes\jdbc.properties

jdbc_url=jdbc:mysql://localhost:3306/qmzb?useUnicode=true&characterEncoding=utf-8
jdbc_username=qmzb
jdbc_password=FrpQmzb123!


数据库信息

t_user_remote 
user 
t_report 
t_star 
user_s 
INNODB_FT_CONFIG 
INNODB_TRX 
COLUMN_PRIVILEGES 
INNODB_SYS_TABLESPACES 
TABLESPACES 
PLUGINS 
INNODB_BUFFER_PAGE_LRU 
INNODB_BUFFER_POOL_STATS 
INNODB_LOCKS 
COLUMNS 
INNODB_FT_BEING_DELETED 
TABLES 
INNODB_FT_DELETED 
PARTITIONS 
VIEWS 
COLLATION_CHARACTER_SET_APPLICABILITY 
INNODB_SYS_TABLES 
INNODB_FT_INDEX_TABLE 
STATISTICS 
INNODB_CMPMEM_RESET 
PARAMETERS 
COLLATIONS 
USER_PRIVILEGES 
SESSION_VARIABLES 
INNODB_CMPMEM 
INNODB_CMP_PER_INDEX 
OPTIMIZER_TRACE 
CHARACTER_SETS 
TRIGGERS 
SESSION_STATUS 
INNODB_BUFFER_PAGE 
v_user 
INNODB_CMP_RESET 
KEY_COLUMN_USAGE 
SCHEMA_PRIVILEGES 
INNODB_CMP_PER_INDEX_RESET 
INNODB_METRICS 
GLOBAL_VARIABLES 
INNODB_SYS_FIELDS 
SCHEMATA 
GLOBAL_STATUS 
INNODB_CMP 
INNODB_FT_DEFAULT_STOPWORD 
ROUTINES 
FILES 
INNODB_SYS_TABLESTATS 
INNODB_SYS_INDEXES 
REFERENTIAL_CONSTRAINTS 
INNODB_LOCK_WAITS 
EVENTS 
TABLE_PRIVILEGES 
INNODB_SYS_FOREIGN_COLS 
INNODB_SYS_COLUMNS 
PROFILING 
INNODB_SYS_DATAFILES 
ENGINES 
INNODB_FT_INDEX_CACHE 
TABLE_CONSTRAINTS 
PROCESSLIST 
INNODB_SYS_FOREIGN


探测下内网
http://182.92.187.7:7001/ma/out.jsp

2.jpg

漏洞证明:

http://182.92.187.7:7001/ma/out.jsp

2.jpg

修复方案:

修改密码

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝