乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-07-17: 细节已通知厂商并且等待厂商处理中 2016-07-19: 厂商已经主动忽略漏洞,细节向公众公开
rt
网级计量自动化系统
http://210.21.61.132:8001/wisdomServer/wisdomClient/main.html
0x01弱口令
df6100/123456admin/123456
0x02:java反序列化命令执行
多处数据库/配置
########### Oracle ###########idbase.driverClassName=oracle.jdbc.driver.OracleDriver#idbase.url=jdbc:oracle:thin:@10.114.100.173:1521/gzmsidbase.url=jdbc\:oracle\:thin\:@172.16.201.31\:1521/energydbidbase.username=df6100eidbase.password=d2lzZG9tLmRmNjEwMA==###########中间库###########idbase_mid.driverClassName=oracle.jdbc.driver.OracleDriver#idbase_mid.url=jdbc:oracle:thin:@10.114.100.173:1521/gzms#idbase_mid.username=df6100e#idbase_mid.password=df6100eidbase_mid.url=jdbc\:oracle\:thin\:@172.16.201.31\:1521/energydbidbase_mid.username=df6100eidbase_mid.password=d2lzZG9tLmRmNjEwMA==########### MySql ############idbase.driverClassName=com.mysql.jdbc.Driver#idbase.url=jdbc:mysql://172.16.40.89/idbase?characterEncoding=UTF-8#idbase.username=root#idbase.password=fixflow############## SqlServer ###############idbase.driverClassName=net.sourceforge.jtds.jdbc.Driver#idbase.url=jdbc:jtds:sqlserver://172.16.40.89:1433/fixflow#idbase.username=sa#idbase.password=sa123456
配置信息002
wsdl=http\://10.112.56.109\:7001/usmp/services/SvSndSmsService?wsdlnamespaceURI=http\://service.sv.psmis.sunrise.comserviceName=SvSndSmsServiceuserName=test_sjzxpassword=gzdw2014port=28
配置信息003
<?xml version="1.0" encoding="UTF-8" ?><!-- database parameter --><config> <database> <user>df6100e</user> <password>8*4%0.n%'vqpp</password> <dbname>energydb</dbname> </database> <checktime> <mintimegap>1</mintimegap> <maxtimegap>1800</maxtimegap> </checktime> <encryption> <strIP>172.16.201.31</strIP> <nPort>6666</nPort> <iPort>0</iPort> <TimeOut>10</TimeOut> <CityCode>CityCode</CityCode> <DllName>MasterStation_HSM.dll</DllName> <DevType> 0 </DevType> <KeyType> 0 </KeyType> <DllType>0</DllType> </encryption> <calcconfig> <threadnum>4</threadnum> <loadinterval>15</loadinterval> <autoloadpara>2345</autoloadpara> <day_mon_begtm>0</day_mon_begtm> <day_mon_endtm>60</day_mon_endtm> <day_mon_count>3</day_mon_count> <loadpara>240</loadpara> <repairobj>150</repairobj> <dy_calc_beginhour>1140</dy_calc_beginhour> </calcconfig></config>
ip/
Windows IP 配置以太网适配器 Ethernet0: 连接特定的 DNS 后缀 . . . . . . . : 本地链接 IPv6 地址. . . . . . . . : fe80::35d6:4481:b39e:c314%12 IPv4 地址 . . . . . . . . . . . . : 172.16.201.31 子网掩码 . . . . . . . . . . . . : 255.255.255.0 默认网关. . . . . . . . . . . . . : 172.16.201.254隧道适配器 isatap.{580296BC-E2DD-4A8D-AD50-6A010939525D}: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . :
危害等级:无影响厂商忽略
忽略时间:2016-07-19 09:06
系厂商未经授权自行搭建测试系统,冒用我司信息。
暂无