乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-02: 细节已通知厂商并且等待厂商处理中 2015-03-07: 厂商已经主动忽略漏洞,细节向公众公开
皮书数据库Getshell+多处数据库信息
http://202.201.7.35/web/template/web-index.action命令测试入口
包含数据库信息:url = jdbc:sqlserver://localhost:1433; DatabaseName=testusername = sapassword = sqlserver@312driverClassName = com.microsoft.sqlserver.jdbc.SQLServerDriver
#sqlserver version database settingsjdbc.driver=com.microsoft.sqlserver.jdbc.SQLServerDriverjdbc.url=jdbc:sqlserver://localhost:1433;DatabaseName=pishu_dbjdbc.username=sajdbc.password=sqlserver@312#hibernate.dialect=org.hibernate.dialect.SQLServerDialecthibernate.dialect=cn.vsp.ssap.common.dialect.VspSQLServerDialecthibernate.show_sql=falsehibernate.format_sql=true#dbcp settingsdbcp.initialSize=5dbcp.maxActive=20dbcp.maxIdle=10
# system time zone 8: East Eight Zone -8: West Eight Zonewc_sys_timezone=8# system default languagewc_sys_default_lang=zh_CN# password minimum lengthwc_sys_passwd_minlen=6# password maximum lengthwc_sys_passwd_maxlen=20# client list sizewc_list_size_client=10# client page diffwc_page_diff_client=3# the same folder relative doc size wc_page_relative_doc=5# admin list sizewc_list_size_admin=10# admin page diffwc_page_diff_admin=3# initial folder tree show levelwc_folder_tree_showlevel=1# folder tree max levelwc_folder_tree_maxlevel=5# source document name maximum lengthwc_src_docname_maxlen=100# source folder name maximum lengthwc_src_foldername_maxlen=30# allow source extensionwc_src_allow_exts=pdf|epub# allow water-mark image extensionwc_wmimg_allow_exts=jpg|gif|jpeg|tiff|tif|bmp|png# system base pathwc_sys_base_path=http://192.168.1.27:8087/foxit-drm-test# system ftp server base pathwc_sys_ftp_path=D\:/Test/# server RSA private keywc_sys_rsa_prv_key=AAAAQMgVp6FfrFPmYLR0a/sEavD7UGZrBtJ0ldU8jKLZzCNYsWpad0aeQzTs6uflo5unwxjs/TdCcf6hbAb7ng3nQ1kAAABA1LzJ7UttvPwvM0cTwzrYCaOLA+UEQwpxn8xYISF6I/RDAJRsKYJd3/bFQZcC2JCaeqPnQgYDTpDZ30wuJ3AA+QAAAEAjTx2U8sQOzk1NBXx3l14qhrPV1qbZ2FatKM2GJm9RiB9PAOffSRrrON4o7EoMaOYxkzu+dSMs709MhsGJ+6J5AAAAQGQcm0J92UngFjY/kNRX7TG2X4lctrYjCEsy/EvThMWgH4fNYBOIpKWhTcSDTKIl7lfUqRAC1GE1GzvnnT+8PLEAAABAIcZqVQdULNEsaEYtPM+Vam6QlQWZqUfANBdwCG4O6hMmtsH12yXntYQ2abCtLzkklvKGGC3cJO7jUJguiTTeAQ\=\=XRlx0jgDprz7Fd4EJ0yN0ol9mmgvAU8C0v3/tUQFaCiDzLjZDFjqJ0AaQedV5I18D8Pe38+Dbrd++e++iVnMUH+kIF7NBwKtWJpFhepFUD7Di4AcNw9FDF+bE4kxfssKbzZkXpG8vMpvey+g8Y5P7tJVU1NEXhtF9Me5o95C4fc\=# server RSA public keywc_sys_rsa_pub_key=AAAAgKZFfIs1WvmV7brO2Y22wkl79mA/n2ZL3znTrJt+1jihWsdHh3y3yHqhsNyjK6kcbkR21O2lUCI81pEcsEk2rJqj4fEsRMvIVzxOX9qfbnuj5MlJKYrVq0EcrObBCTiJ6O0rT8O55DIVQgDGsAgZka/35l87bAZFhn8ikymL4IGRAAAAARE\=# system administrator accountwc_sys_admin_account=admin# system administrator passwordwc_sys_admin_password=admin## enduser path configuration block# end user root pathwc_eu_path_root=d\:/z_drm_base/end-user/# use default child folder structure 1(yes|true) 0(no|false)wc_eu_path_child_default=yes# if use default child folder, the folder configuration below about end-user not required.# end user certificate folderwc_eu_folder_cert=/cert/# end user cloud reading root folderwc_eu_folder_cloud=/free/# end user cloud reading pdf folderwc_eu_folder_cloud_pdf=/free/pdf/# end user cloud reading index folderwc_eu_folder_cloud_index=/free/index/# end user cloud reading notation folderwc_eu_folder_cloud_note=/free/note/# end user online reading root folderwc_eu_folder_online=/drm/# end user online reading pdf folderwc_eu_folder_online_pdf=/drm/pdf/# end user online reading index folderwc_eu_folder_online_index=/drm/index/# end user online reading bookmark folderwc_eu_folder_online_bookmark=/drm/bookmark/# end user online reading notation folderwc_eu_folder_online_note=/drm/note/# end user order reading root folderwc_eu_folder_order=/order/# end user envelop root folderwc_eu_folder_envelop=/envelop/# end user temp folderwc_eu_folder_temp=/temp/## Source file path configuration block# root folder pathwc_src_path_root=d\:/z_drm_base/foxit/# use default child folder structure 1(yes|true) 0(no|false)wc_src_path_child_default=true# if use default child folder, the folder configuration below about source not required.# source file folderwc_src_folder_source=/source/# pretreat root folderwc_src_folder_pretreat=/pretreat/# pretreat pdf folderwc_src_folder_pretreat_pdf=/pretreat/pdf/# pretreat index folderwc_src_folder_pretreat_index=/pretreat/index/# pretreat notation folderwc_src_folder_pretreat_note=/pretreat/note/# pretreat pre-encrypt folderwc_src_folder_encrypt=/preencrypt/# temp fodlerwc_src_folder_temp=/temp/# water-mark (image|PDF) folderwc_src_folder_wmfile=/wmfile/
你懂得!
危害等级:无影响厂商忽略
忽略时间:2015-03-07 10:26
暂无