乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-20: 积极联系厂商并且等待厂商认领中,细节不对外公开 2016-02-01: 厂商已经主动忽略漏洞,细节向公众公开
这么多个亿的公司,我哭我穷公司简介http://stockdata.stock.hexun.com/gszl/s002285.shtml
世联行战略合作伙伴平台地址http://esmdev.worldunion.com.cn:8080/toolbook/partner/pingtai.jsp
图中标识链接地址http://wusms.worldunion.com.cn:8082/toolbook/tolearnLogin.action存在命令执行漏洞
直接上传木马到服务器中
net user \\WUWSAPI01 的用户帐户-------------------------------------------------------------------------------Administrator away Guest 命令成功完成。net share共享名 资源 注解-------------------------------------------------------------------------------C$ C:\ 默认共享 D$ D:\ 默认共享 IPC$ 远程 IPC ADMIN$ C:\Windows 远程管理 Development D:\Development handerbook D:\handerbook sms D:\tomcatservers\sms software D:\software Users C:\Users 命令成功完成。net view 服务器名称 注解-------------------------------------------------------------------------------\\CRMBIDEV \\CRMDEV \\CRMDEV01 \\CRMDEVDB01 \\CRMETLDEV \\CSS-VM \\EHR \\EHRSQL \\ESMDB01 \\ESMDB02 \\ESMMOBILE01 \\ESMMOBILE02 \\FINANCE2 \\HDS2500SNM \\HNAS \\HRTEST \\IT08-SQL \\ITSUPPORTS-VM \\JLHRAPP01 \\OAAPP01 \\OAAPP02 \\OAMTSERVER \\OAREPORT \\OASERVER01 \\OASERVER02 \\RDPSERVER \\SELLS sells1 \\SHARE \\SIEBELTEST \\SLGW01 世联顾问平台 \\SMS \\SQLSERVER \\SZ-DBSERVER SZ-DataBase Server \\SZADS01 \\SZBILL02 \\SZCITRIX01 SZCITRIX01 \\SZDC01 \\SZDC02 \\SZDC03 \\SZDC04 \\SZEAM \\SZEMS01 \\SZEMS02 \\SZFWL01 \\SZFYLIC01 \\SZHPDM01 \\SZJRAPP01 \\SZJRAPP03 \\SZJRTEST01 \\SZKMAPP01 \\SZKMAPP02 \\SZKMCVT01 \\SZKMDOC01 \\SZKMEDGE02 \\SZKMFETCH01 \\SZKMIDOL01 \\SZKMORACLE \\SZNBUMD02 \\SZNBUMT01 \\SZNMS01 \\SZPORTAL01 \\SZPORTAL02 \\SZPRINT01 SZPRINT01 \\SZSCCM01 \\SZSEP01 \\SZSEP02 \\SZSLHAPP10 \\SZSQL01 \\SZSQL02 \\SZSQL03 \\SZSQL04 \\SZSQL05 \\SZSQL06 \\SZSQL07 \\SZSQL08 \\SZTMG01 \\SZVCS01 \\SZWEB01 \\TELECOUNT \\WSTEST-VM \\WUBESERVER \\WUBI \\WUBUDGET01 \\WUBUDGET03 \\WUCADLIC \\WUCRM \\WUCRM2 \\WUCRMDB \\WUCRMOSES \\WUETL \\WUSHENJIAPP01 \\WUSYSLOG01 \\WUWSAPI01 \\WUWSAPI02 \\WYSQL01 命令成功完成。 net start已经启动以下 Windows 服务: Adobe Acrobat Update Service Application Host Helper Service Application Information Application Management Background Intelligent Transfer Service Base Filtering Engine Certificate Propagation CNG Key Isolation COM+ Event System COM+ System Application Computer Browser Cryptographic Services DCOM Server Process Launcher Desktop Window Manager Session Manager DHCP Client Diagnostic Policy Service Distributed Link Tracking Client Distributed Transaction Coordinator DNS Client Encrypting File System (EFS) eSpaceMeeting Function Discovery Provider Host Group Policy Client IKE and AuthIP IPsec Keying Modules IP Helper IPsec Policy Agent Microsoft FTP Service Netlogon Network Connections Network List Service Network Location Awareness Network Store Interface Service Plug and Play Power Print Spooler Protected Storage Remote Desktop Configuration Remote Desktop Services Remote Desktop Services UserMode Port Redirector Remote Procedure Call (RPC) Remote Registry RPC Endpoint Mapper Security Accounts Manager Server Shell Hardware Detection Symantec Endpoint Protection Symantec Management Client System Center Management System Event Notification Service Task Scheduler TCP/IP NetBIOS Helper User Profile Service VMTools Windows Event Log Windows Font Cache Service Windows Management Instrumentation Windows Process Activation Service Windows Remote Management (WS-Management) Windows Time Workstation World Wide Web Publishing Service命令成功完成。netstat -ano活动连接 协议 本地地址 外部地址 状态 PID TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 1264 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 732 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 2496 TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING 4628 TCP 0.0.0.0:8013 0.0.0.0:0 LISTENING 5344 TCP 0.0.0.0:8014 0.0.0.0:0 LISTENING 5964 TCP 0.0.0.0:8019 0.0.0.0:0 LISTENING 6588 TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 4628 TCP 0.0.0.0:8081 0.0.0.0:0 LISTENING 5344 TCP 0.0.0.0:8082 0.0.0.0:0 LISTENING 5964 TCP 0.0.0.0:8083 0.0.0.0:0 LISTENING 6588 TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 444 TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 820 TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 864 TCP 0.0.0.0:49171 0.0.0.0:0 LISTENING 548 TCP 0.0.0.0:49188 0.0.0.0:0 LISTENING 540 TCP 127.0.0.1:8005 0.0.0.0:0 LISTENING 4628 TCP 127.0.0.1:8006 0.0.0.0:0 LISTENING 5344 TCP 127.0.0.1:8007 0.0.0.0:0 LISTENING 5964 TCP 127.0.0.1:8008 0.0.0.0:0 LISTENING 6588 TCP 127.0.0.1:50386 127.0.0.1:50387 ESTABLISHED 4628 TCP 127.0.0.1:50387 127.0.0.1:50386 ESTABLISHED 4628 TCP 127.0.0.1:50388 127.0.0.1:50389 ESTABLISHED 4628 TCP 127.0.0.1:50389 127.0.0.1:50388 ESTABLISHED 4628 TCP 127.0.0.1:50390 127.0.0.1:50391 ESTABLISHED 4628 TCP 127.0.0.1:50391 127.0.0.1:50390 ESTABLISHED 4628 TCP 127.0.0.1:50392 127.0.0.1:50393 ESTABLISHED 4628 TCP 127.0.0.1:50393 127.0.0.1:50392 ESTABLISHED 4628 TCP 127.0.0.1:50394 127.0.0.1:50395 ESTABLISHED 4628 TCP 127.0.0.1:50395 127.0.0.1:50394 ESTABLISHED 4628 TCP 127.0.0.1:50396 127.0.0.1:50397 ESTABLISHED 4628 TCP 127.0.0.1:50397 127.0.0.1:50396 ESTABLISHED 4628 TCP 192.168.11.21:139 0.0.0.0:0 LISTENING 4 TCP 192.168.11.21:8080 192.168.11.13:5462 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:5500 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:6321 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:13175 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:13830 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:17881 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:20857 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:25095 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:28340 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:28989 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:32076 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:39912 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:41688 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:41692 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:43077 ESTABLISHED 4628 TCP 192.168.11.21:8080 192.168.11.13:46801 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:48403 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:52573 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:53335 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:53787 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:54357 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:55342 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:59997 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:60681 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:64978 TIME_WAIT 0 TCP 192.168.11.21:8080 192.168.11.13:65298 TIME_WAIT 0 TCP 192.168.11.21:8082 171.111.42.89:37443 TIME_WAIT 0 TCP 192.168.11.21:8082 171.111.42.89:37452 TIME_WAIT 0 TCP 192.168.11.21:8082 171.111.42.89:37455 TIME_WAIT 0 TCP 192.168.11.21:8082 171.111.42.89:37457 TIME_WAIT 0 TCP 192.168.11.21:8082 171.111.42.89:37460 ESTABLISHED 5964 TCP 192.168.11.21:8082 192.168.11.13:2102 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:2994 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:5461 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:6517 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:9192 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:12393 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:12888 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:15841 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:21759 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:23802 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:27927 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:42468 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:43157 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:50375 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:57649 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:58925 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:59321 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:62539 TIME_WAIT 0 TCP 192.168.11.21:8082 192.168.11.13:62726 TIME_WAIT 0 TCP 192.168.11.21:49192 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:49454 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:49469 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:50264 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:50265 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:50365 192.168.11.221:1521 ESTABLISHED 4628 TCP 192.168.11.21:50366 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:50381 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:50382 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:50398 116.58.219.218:80 ESTABLISHED 4628 TCP 192.168.11.21:50401 192.168.11.184:1521 ESTABLISHED 4628 TCP 192.168.11.21:50402 192.168.11.184:1521 ESTABLISHED 4628 TCP 192.168.11.21:50453 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:50470 10.70.0.32:1521 ESTABLISHED 4628 TCP 192.168.11.21:50471 10.70.0.32:1521 ESTABLISHED 4628 TCP 192.168.11.21:50508 10.70.0.31:1521 TIME_WAIT 0 TCP 192.168.11.21:50524 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50525 192.168.11.232:8014 ESTABLISHED 2404 TCP 192.168.11.21:50526 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50527 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50528 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50529 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50530 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50531 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50532 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50533 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50534 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50535 192.168.11.107:1433 TIME_WAIT 0 TCP 192.168.11.21:50536 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50537 192.168.12.224:25 TIME_WAIT 0 TCP 192.168.11.21:50538 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:50539 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:50540 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50541 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50542 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50543 192.168.11.97:139 TIME_WAIT 0 TCP 192.168.11.21:50544 192.168.11.185:1521 ESTABLISHED 4628 TCP 192.168.11.21:50545 192.168.11.185:1521 ESTABLISHED 4628 TCP 192.168.11.21:50546 192.168.11.153:1433 ESTABLISHED 4628 TCP 192.168.11.21:50547 192.168.11.153:1433 ESTABLISHED 4628 TCP 192.168.11.21:50548 192.168.11.153:1433 ESTABLISHED 4628 TCP 192.168.11.21:50549 192.168.11.153:1433 ESTABLISHED 4628 TCP 192.168.11.21:50550 192.168.11.153:1433 ESTABLISHED 4628 TCP 192.168.11.21:50551 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50552 192.168.11.185:1521 TIME_WAIT 0 TCP 192.168.11.21:50554 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:50556 192.168.11.107:1433 TIME_WAIT 0 TCP 192.168.11.21:50698 192.168.11.35:1521 ESTABLISHED 4628 TCP 192.168.11.21:50699 192.168.11.35:1521 ESTABLISHED 4628 TCP 192.168.11.21:50816 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:50817 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:50818 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:50819 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:50820 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:50840 10.70.0.32:1521 ESTABLISHED 4628 TCP 192.168.11.21:50841 10.70.0.32:1521 ESTABLISHED 4628 TCP 192.168.11.21:50842 10.70.0.32:1521 ESTABLISHED 4628 TCP 192.168.11.21:51906 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:51907 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:51908 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:51913 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:51914 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:51915 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:52419 192.168.11.221:1521 ESTABLISHED 4628 TCP 192.168.11.21:52420 192.168.11.221:1521 ESTABLISHED 4628 TCP 192.168.11.21:52421 192.168.11.221:1521 ESTABLISHED 4628 TCP 192.168.11.21:52422 192.168.11.151:1433 ESTABLISHED 4628 TCP 192.168.11.21:52423 192.168.11.151:1433 ESTABLISHED 4628 TCP 192.168.11.21:52424 192.168.11.151:1433 ESTABLISHED 4628 TCP 192.168.11.21:52550 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:52612 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52613 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52614 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52615 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52616 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52624 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:52625 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:52626 192.168.11.137:1433 ESTABLISHED 4628 TCP 192.168.11.21:52629 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52630 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52631 192.168.11.108:1433 ESTABLISHED 4628 TCP 192.168.11.21:52741 192.168.11.145:1521 ESTABLISHED 4628 TCP 192.168.11.21:52742 192.168.11.145:1521 ESTABLISHED 4628 TCP 192.168.11.21:52983 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:53575 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:53651 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:53652 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:53653 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:53820 192.168.11.185:1521 ESTABLISHED 4628 TCP 192.168.11.21:53821 192.168.11.185:1521 ESTABLISHED 4628 TCP 192.168.11.21:53822 192.168.11.185:1521 ESTABLISHED 4628 TCP 192.168.11.21:53834 192.168.11.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:53835 192.168.11.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:53836 192.168.11.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:53837 192.168.11.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:53838 192.168.11.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:54168 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54237 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54255 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54675 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:54684 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54688 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54766 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54768 192.168.16.61:445 ESTABLISHED 4 TCP 192.168.11.21:54780 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54782 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54812 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54816 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54820 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54882 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54906 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:54925 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:55041 192.168.12.229:5723 ESTABLISHED 4344 TCP 192.168.11.21:55110 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:55130 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:55247 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:55283 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:55915 192.168.11.107:445 ESTABLISHED 4 TCP 192.168.11.21:55992 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:56195 192.168.11.81:2321 ESTABLISHED 4628 TCP 192.168.11.21:58987 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:58988 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:58989 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:59303 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:59824 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:59825 192.168.11.114:1433 ESTABLISHED 4628 TCP 192.168.11.21:62271 10.70.0.31:1521 ESTABLISHED 4628 TCP 192.168.11.21:63129 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:63592 192.168.11.107:1433 ESTABLISHED 4628 TCP 192.168.11.21:65523 10.70.0.31:1521 ESTABLISHED 4628 TCP [::]:21 [::]:0 LISTENING 1264 TCP [::]:80 [::]:0 LISTENING 4 TCP [::]:135 [::]:0 LISTENING 732 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:3389 [::]:0 LISTENING 2496 TCP [::]:47001 [::]:0 LISTENING 4 TCP [::]:49152 [::]:0 LISTENING 444 TCP [::]:49153 [::]:0 LISTENING 820 TCP [::]:49154 [::]:0 LISTENING 864 TCP [::]:49171 [::]:0 LISTENING 548 TCP [::]:49188 [::]:0 LISTENING 540 UDP 0.0.0.0:123 *:* 916 UDP 0.0.0.0:500 *:* 864 UDP 0.0.0.0:4500 *:* 864 UDP 0.0.0.0:5355 *:* 1000 UDP 127.0.0.1:55913 *:* 4344 UDP 127.0.0.1:57108 *:* 1000 UDP 127.0.0.1:58813 *:* 548 UDP 127.0.0.1:58916 *:* 3352 UDP 127.0.0.1:60602 *:* 864 UDP 127.0.0.1:61882 *:* 2404 UDP 192.168.11.21:137 *:* 4 UDP 192.168.11.21:138 *:* 4 UDP [::]:123 *:* 916 UDP [::]:500 *:* 864 UDP [::]:4500 *:* 864 UDP [::]:5355 *:* 1000 UDP [fe80::8ca1:4079:e022:6856%11]:546 *:* 820tasklist /svc映像名称 PID 服务 ========================= ======== ============================================System Idle Process 0 暂缺 System 4 暂缺 smss.exe 276 暂缺 csrss.exe 384 暂缺 csrss.exe 436 暂缺 wininit.exe 444 暂缺 winlogon.exe 480 暂缺 services.exe 540 暂缺 lsass.exe 548 EFS, KeyIso, Netlogon, ProtectedStorage, SamSs lsm.exe 560 暂缺 svchost.exe 652 DcomLaunch, PlugPlay, Power svchost.exe 732 RpcEptMapper, RpcSs LogonUI.exe 808 暂缺 svchost.exe 820 Dhcp, eventlog, lmhosts svchost.exe 864 Appinfo, AppMgmt, BITS, Browser, CertPropSvc, gpsvc, IKEEXT, iphlpsvc, LanmanServer, ProfSvc, Schedule, SENS, SessionEnv, ShellHWDetection, Winmgmt svchost.exe 916 EventSystem, fdPHost, netprofm, nsi, W32Tim svchost.exe 960 Netman, TrkWks, UmRdpService, UxSms svchost.exe 1000 CryptSvc, Dnscache, LanmanWorkstation, NlaSvc, WinRM svchost.exe 400 BFE, DPS spoolsv.exe 1160 Spooler svchost.exe 1240 AppHostSvc svchost.exe 1264 ftpsvc svchost.exe 1524 RemoteRegistry ccSvcHst.exe 1548 SepMasterService vmtoolsd.exe 1784 VMTools svchost.exe 1864 W3SVC, WAS Smc.exe 2404 SmcService svchost.exe 2496 TermService svchost.exe 2552 PolicyAgent msdtc.exe 2808 MSDTC csrss.exe 1608 暂缺 winlogon.exe 1436 暂缺 taskhost.exe 3088 暂缺 ccSvcHst.exe 3140 暂缺 rdpclip.exe 3228 暂缺 dwm.exe 3328 暂缺 explorer.exe 3352 暂缺 vmtoolsd.exe 3600 暂缺 svchost.exe 4080 FontCache armsvc.exe 4032 AdobeARMservice eMservice.exe 4868 eSpaceMeeting HealthService.exe 4344 HealthService MonitoringHost.exe 7252 暂缺 MonitoringHost.exe 5424 暂缺 java.exe 6588 暂缺 conhost.exe 5388 暂缺 java.exe 5964 暂缺 conhost.exe 6548 暂缺 java.exe 5344 暂缺 conhost.exe 944 暂缺 WmiPrvSE.exe 860 暂缺 prevhost.exe 7120 暂缺 java.exe 4628 暂缺 conhost.exe 7540 暂缺 dllhost.exe 1704 COMSysApp w3wp.exe 7920 暂缺 cmd.exe 6056 暂缺 conhost.exe 4932 暂缺 tasklist.exe 1984 暂缺 WmiPrvSE.exe 2012 暂缺 ipconfig /allWindows IP 配置 主机名 . . . . . . . . . . . . . : WUWSAPI01 主 DNS 后缀 . . . . . . . . . . . : worldunion.com.cn 节点类型 . . . . . . . . . . . . : 混合 IP 路由已启用 . . . . . . . . . . : 否 WINS 代理已启用 . . . . . . . . . : 否 DNS 后缀搜索列表 . . . . . . . . : worldunion.com.cn以太网适配器 本地连接: 连接特定的 DNS 后缀 . . . . . . . : 描述. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection 物理地址. . . . . . . . . . . . . : 00-50-56-A3-18-AB DHCP 已启用 . . . . . . . . . . . : 否 自动配置已启用. . . . . . . . . . : 是 本地链接 IPv6 地址. . . . . . . . : fe80::8ca1:4079:e022:6856%11(首选) IPv4 地址 . . . . . . . . . . . . : 192.168.11.21(首选) 子网掩码 . . . . . . . . . . . . : 255.255.255.0 默认网关. . . . . . . . . . . . . : 192.168.11.1 DHCPv6 IAID . . . . . . . . . . . : 234901590 DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-19-2D-36-2C-00-50-56-A3-18-AB DNS 服务器 . . . . . . . . . . . : 192.168.11.8 192.168.11.6 主 WINS 服务器 . . . . . . . . . : 192.168.11.8 TCPIP 上的 NetBIOS . . . . . . . : 已启用隧道适配器 isatap.{80CE1EE0-3E86-4D96-8E38-5BD3047C6574}: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter 物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP 已启用 . . . . . . . . . . . : 否 自动配置已启用. . . . . . . . . . : 是隧道适配器 Teredo Tunneling Pseudo-Interface: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 描述. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface 物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP 已启用 . . . . . . . . . . . : 否 自动配置已启用. . . . . . . . . . : 是arp -a接口: 192.168.11.21 --- 0xb Internet 地址 物理地址 类型 169.254.76.38 00-50-56-ba-24-51 动态 169.254.167.179 00-50-56-ba-58-91 动态 192.168.11.1 00-23-89-11-f2-f0 动态 192.168.11.2 00-21-59-2d-f5-80 动态 192.168.11.3 00-50-56-a3-22-1b 动态 192.168.11.4 00-1a-64-6e-0d-29 动态 192.168.11.6 00-50-56-b6-43-64 动态 192.168.11.8 00-50-56-b6-2f-84 动态 192.168.11.10 18-03-73-f6-d6-65 动态 192.168.11.13 00-e0-ed-2a-41-66 动态 192.168.11.18 00-50-56-a3-1b-8b 动态 192.168.11.23 00-50-56-ba-7c-21 动态 192.168.11.26 00-50-56-a3-6a-92 动态 192.168.11.31 00-50-56-a3-1b-89 动态 192.168.11.34 00-50-56-a3-6a-9e 动态 192.168.11.35 00-50-56-a3-67-9f 动态 192.168.11.37 00-50-56-ba-41-98 动态 192.168.11.38 00-50-56-ba-24-67 动态 192.168.11.39 00-25-90-63-d6-08 动态 192.168.11.41 00-50-56-a3-5a-b1 动态 192.168.11.46 00-e0-ed-2a-41-66 动态 192.168.11.48 00-50-56-a3-30-58 动态 192.168.11.53 00-50-56-ba-4d-b6 动态 192.168.11.56 78-2b-cb-14-50-0d 动态 192.168.11.64 00-50-56-a3-00-57 动态 192.168.11.66 00-50-56-a3-00-01 动态 192.168.11.68 00-50-56-a3-45-38 动态 192.168.11.69 00-50-56-a3-5f-62 动态 192.168.11.70 00-50-56-a3-22-fe 动态 192.168.11.71 00-50-56-a3-54-b9 动态 192.168.11.73 00-50-56-a3-74-f7 动态 192.168.11.79 00-50-56-a3-4a-08 动态 192.168.11.81 00-50-56-a3-2c-71 动态 192.168.11.84 00-50-56-a3-68-2d 动态 192.168.11.87 00-50-56-a3-68-25 动态 192.168.11.91 00-50-56-a3-46-37 动态 192.168.11.92 00-50-56-ba-24-51 动态 192.168.11.97 00-50-56-a3-00-17 动态 192.168.11.98 00-50-56-a3-6e-09 动态 192.168.11.105 00-50-56-a3-0d-d6 动态 192.168.11.106 00-50-56-a3-42-1f 动态 192.168.11.107 00-50-56-a3-05-5c 动态 192.168.11.108 00-50-56-ba-58-91 动态 192.168.11.111 00-50-56-ba-65-3b 动态 192.168.11.112 00-50-56-ba-30-8b 动态 192.168.11.114 00-50-56-a3-1f-29 动态 192.168.11.119 00-50-56-a3-00-14 动态 192.168.11.123 00-50-56-a3-38-0d 动态 192.168.11.124 00-50-56-a3-78-13 动态 192.168.11.131 00-50-56-a3-6d-5c 动态 192.168.11.137 00-50-56-b6-60-ba 动态 192.168.11.138 00-50-56-b6-3a-e5 动态 192.168.11.139 00-50-56-a3-75-e2 动态 192.168.11.140 00-50-56-a3-51-6d 动态 192.168.11.142 00-50-56-a3-40-96 动态 192.168.11.145 00-50-56-a3-70-82 动态 192.168.11.146 18-03-73-f6-d6-74 动态 192.168.11.147 00-50-56-a3-00-11 动态 192.168.11.148 00-1a-64-08-05-25 动态 192.168.11.149 00-50-56-a3-00-65 动态 192.168.11.151 00-50-56-a3-32-67 动态 192.168.11.153 00-50-56-a3-56-45 动态 192.168.11.161 00-50-56-ba-12-ee 动态 192.168.11.162 00-50-56-ba-2d-c3 动态 192.168.11.163 00-50-56-ba-23-80 动态 192.168.11.164 00-50-56-ba-46-4a 动态 192.168.11.165 00-50-56-a3-39-35 动态 192.168.11.166 00-50-56-a3-26-cd 动态 192.168.11.167 00-e0-ed-2a-41-66 动态 192.168.11.168 00-50-56-a3-76-34 动态 192.168.11.169 00-50-56-a3-47-b1 动态 192.168.11.171 00-50-56-a3-46-21 动态 192.168.11.173 00-50-56-a3-65-4f 动态 192.168.11.180 00-e0-ed-2a-41-66 动态 192.168.11.182 00-50-56-a3-6a-15 动态 192.168.11.183 00-50-56-a3-11-ea 动态 192.168.11.184 00-50-56-a3-36-12 动态 192.168.11.185 00-50-56-a3-41-4e 动态 192.168.11.186 00-50-56-a3-63-33 动态 192.168.11.187 00-50-56-a3-43-91 动态 192.168.11.192 00-50-56-a3-6a-ff 动态 192.168.11.197 00-50-56-ba-2e-9e 动态 192.168.11.207 00-50-56-ba-59-1d 动态 192.168.11.214 00-50-56-a3-00-09 动态 192.168.11.217 00-50-56-a3-0c-83 动态 192.168.11.218 00-50-56-a3-00-60 动态 192.168.11.220 00-50-56-a3-37-d6 动态 192.168.11.221 00-50-56-a3-00-04 动态 192.168.11.228 00-50-56-a3-7a-f9 动态 192.168.11.229 00-50-56-a3-48-3a 动态 192.168.11.231 00-50-56-a3-06-9c 动态 192.168.11.232 00-50-56-a3-00-08 动态 192.168.11.233 00-50-56-a3-00-18 动态 192.168.11.234 00-50-56-a3-00-05 动态 192.168.11.236 00-30-17-0a-44-48 动态 192.168.11.238 00-30-17-0a-41-28 动态 192.168.11.242 00-50-56-a3-76-a3 动态 192.168.11.246 00-50-56-a3-75-ff 动态 192.168.11.247 00-50-56-a3-1a-4f 动态 192.168.11.249 00-50-56-ba-36-c6 动态 192.168.11.251 00-50-56-a3-5c-8f 动态 192.168.11.255 ff-ff-ff-ff-ff-ff 静态 224.0.0.22 01-00-5e-00-00-16 静态 224.0.0.252 01-00-5e-00-00-fc 静态 239.255.255.250 01-00-5e-7f-ff-fa 静态 systeminfo主机名: WUWSAPI01OS 名称: Microsoft Windows Server 2008 R2 Enterprise OS 版本: 6.1.7601 Service Pack 1 Build 7601OS 制造商: Microsoft CorporationOS 配置: 成员服务器OS 构件类型: Multiprocessor Free注册的所有人: Windows 用户注册的组织: 产品 ID: 55041-262-0999886-84532初始安装日期: 2013/5/21, 9:48:38系统启动时间: 2014/5/16, 20:48:58系统制造商: VMware, Inc.系统型号: VMware Virtual Platform系统类型: x64-based PC处理器: 安装了 4 个处理器。 [01]: Intel64 Family 6 Model 15 Stepping 1 GenuineIntel ~2393 Mhz [02]: Intel64 Family 6 Model 15 Stepping 1 GenuineIntel ~2393 Mhz [03]: Intel64 Family 6 Model 15 Stepping 1 GenuineIntel ~2393 Mhz [04]: Intel64 Family 6 Model 15 Stepping 1 GenuineIntel ~2393 MhzBIOS 版本: Phoenix Technologies LTD 6.00, 2012/6/22Windows 目录: C:\Windows系统目录: C:\Windows\system32启动设备: \Device\HarddiskVolume1系统区域设置: zh-cn;中文(中国)输入法区域设置: zh-cn;中文(中国)时区: (UTC+08:00)北京,重庆,香港特别行政区,乌鲁木齐物理内存总量: 16,383 MB可用的物理内存: 7,784 MB虚拟内存: 最大值: 32,765 MB虚拟内存: 可用: 12,203 MB虚拟内存: 使用中: 20,562 MB页面文件位置: C:\pagefile.sys域: worldunion.com.cn登录服务器: \\WUWSAPI01修补程序: 安装了 102 个修补程序。 [01]: KB981391 [02]: KB981392 [03]: KB977236 [04]: KB981111 [05]: KB977238 [06]: KB977239 [07]: KB981390 [08]: KB2425227 [09]: KB2506014 [10]: KB2506212 [11]: KB2506928 [12]: KB2509553 [13]: KB2511455 [14]: KB2515325 [15]: KB2533552 [16]: KB2536275 [17]: KB2536276 [18]: KB2541014 [19]: KB2544893 [20]: KB2545698 [21]: KB2547666 [22]: KB2552343 [23]: KB2560656 [24]: KB2563227 [25]: KB2564958 [26]: KB2570947 [27]: KB2584146 [28]: KB2585542 [29]: KB2598845 [30]: KB2603229 [31]: KB2604115 [32]: KB2607047 [33]: KB2608658 [34]: KB2618451 [35]: KB2620704 [36]: KB2621440 [37]: KB2631813 [38]: KB2640148 [39]: KB2643719 [40]: KB2644615 [41]: KB2645640 [42]: KB2647753 [43]: KB2653956 [44]: KB2654428 [45]: KB2655992 [46]: KB2656356 [47]: KB2658846 [48]: KB2659262 [49]: KB2660075 [50]: KB2661254 [51]: KB2667402 [52]: KB2676562 [53]: KB2685811 [54]: KB2685813 [55]: KB2685939 [56]: KB2690533 [57]: KB2691442 [58]: KB2698365 [59]: KB2699779 [60]: KB2705219 [61]: KB2706045 [62]: KB2709630 [63]: KB2712808 [64]: KB2718704 [65]: KB2719857 [66]: KB2726535 [67]: KB2729094 [68]: KB2729452 [69]: KB2732059 [70]: KB2742599 [71]: KB2743555 [72]: KB2749655 [73]: KB2750841 [74]: KB2753842 [75]: KB2757638 [76]: KB2758857 [77]: KB2761217 [78]: KB2763523 [79]: KB2765809 [80]: KB2769369 [81]: KB2770660 [82]: KB2779562 [83]: KB2785220 [84]: KB2786081 [85]: KB2786400 [86]: KB2789645 [87]: KB2790113 [88]: KB2790655 [89]: KB2791765 [90]: KB2798162 [91]: KB2804579 [92]: KB2807986 [93]: KB2813170 [94]: KB2813347 [95]: KB2820197 [96]: KB2820331 [97]: KB2829361 [98]: KB2829530 [99]: KB2830290 [100]: KB2840149 [101]: KB2847204 [102]: KB976902网卡: 安装了 1 个 NIC。 [01]: Intel(R) PRO/1000 MT Network Connection 连接名: 本地连接 启用 DHCP: 否 IP 地址 [01]: 192.168.11.21 [02]: fe80::8ca1:4079:e022:6856
加强安全意识
未能联系到厂商或者厂商积极拒绝
