乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-22: 细节已通知厂商并且等待厂商处理中 2015-12-25: 厂商已经确认,细节仅向厂商公开 2016-01-04: 细节向核心白帽子及相关领域专家公开 2016-01-14: 细节向普通白帽子公开 2016-01-24: 细节向实习白帽子公开 2016-02-07: 细节向公众公开
四川敏感厅
*****sk*****
**.**.**.**/
**.**.**.**:70017001端口存在反序列化漏洞反弹个shell看看
内网多个机器
找到路径
<?xml version='1.0' encoding='UTF-8'?><domain xmlns="http://**.**.**.**/weblogic/domain" xmlns:sec="http://**.**.**.**/weblogic/security" xmlns:wls="http://**.**.**.**/weblogic/security/wls" xmlns:xsi="http://**.**.**.**/2001/XMLSchema-instance" xsi:schemaLocation="http://**.**.**.**/weblogic/security/xacml http://**.**.**.**/weblogic/security/xacml/1.0/xacml.xsd http://**.**.**.**/weblogic/security/providers/passwordvalidator http://**.**.**.**/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://**.**.**.**/weblogic/domain http://**.**.**.**/weblogic/1.0/domain.xsd http://**.**.**.**/weblogic/security http://**.**.**.**/weblogic/1.0/security.xsd http://**.**.**.**/weblogic/security/wls http://**.**.**.**/weblogic/security/wls/1.0/wls.xsd"> <name>ldrk</name> <domain-version>**.**.**.**</domain-version> <security-configuration> <name>ldrk</name> <realm> <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider> <sec:authentication-provider xsi:type="wls:default-identity-asserterType"> <sec:active-type>AuthenticatedUser</sec:active-type> </sec:authentication-provider> <sec:role-mapper xmlns:xac="http://**.**.**.**/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper> <sec:authorizer xmlns:xac="http://**.**.**.**/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer> <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator> <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper> <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider> <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder> <sec:name>myrealm</sec:name> <sec:password-validator xmlns:pas="http://**.**.**.**/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType"> <sec:name>SystemPasswordValidator</sec:name> <pas:min-password-length>8</pas:min-password-length> <pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters> </sec:password-validator> </realm> <default-realm>myrealm</default-realm> <credential-encrypted>{AES}9WPthX0vQnGqHnqJMECqy/KfQ7OFyk24HiTVo74QMOYRW5NgH/e8KszCVnFxUG4HV7Wz+AE8k0K2+VdaAcjPW8WZfCgMtwRztXwqk6PT2Y3keHcvj6pp6whTwONitLmV</credential-encrypted> <node-manager-username>SL6clxBILB</node-manager-username> <node-manager-password-encrypted>{AES}N2Lm99heIMzWTJjpiv0ld1oGoTusZVDgocZfPj5Wsig=</node-manager-password-encrypted> </security-configuration> <console-context-path>ldrk_console</console-context-path> <server> <name>AdminServer</name> <listen-address></listen-address> </server> <production-mode-enabled>true</production-mode-enabled> <embedded-ldap> <name>ldrk</name> <credential-encrypted>{AES}+5xPHcwyKOKIShD7nbP6Iepm6GYf0GDmZhBqeeZi4G8n8sF+MLo5RKUS1tx9PXeE</credential-encrypted> </embedded-ldap> <configuration-version>**.**.**.**</configuration-version> <app-deployment> <name>ldrk_ww</name> <target>AdminServer</target> <module-type>war</module-type> <source-path>E:\ldrk_ww\WebRoot</source-path> <security-dd-model>DDOnly</security-dd-model> </app-deployment> <app-deployment> <name>ldrk</name> <target>AdminServer</target> <module-type>war</module-type> <source-path>E:\ldrk</source-path> <security-dd-model>DDOnly</security-dd-model> </app-deployment> <admin-server-name>AdminServer</admin-server-name></domain>
网站目录E:\ldrkE:\ldrk_ww\WebRoot可getshell
公安系统 不深入</mask>
公安系统 不深入
危害等级:中
漏洞Rank:8
确认时间:2015-12-25 16:25
感谢提交!!验证确认所描述的问题,已通知其修复。
暂无
