乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-05: 细节已通知厂商并且等待厂商处理中 2015-06-08: 厂商已经确认,细节仅向厂商公开 2015-06-18: 细节向核心白帽子及相关领域专家公开 2015-06-28: 细节向普通白帽子公开 2015-07-08: 细节向实习白帽子公开 2015-07-23: 细节向公众公开
我不小心看到的
海尔某站存在iis写权限漏洞URL:http://123.234.41.25根目录下不可写,需要在web目录下面才可以put通过写权限getshellhttp://123.234.41.25/web/shell.asp然后就看到了很多不该看的东西
貌似这还是个FTP服务器
各种数据
<add key="ConnectionString" value="Data Source=10.135.13.102;Initial Catalog=HIGMDM; User ID=sa;Password=huazheng2010;" /> <add key="MonitorConnectionStr" value="Data Source=10.135.13.102;Initial Catalog=MonitorLog; User ID=sa;Password=huazheng2010;" /> <add key="RepairConnectionString" value="Data Source=10.135.13.102;Initial Catalog=costdbnew; User ID=sa;Password=huazheng2010;" />
各种数据库貌似密码都一样
192.168.99.227 acmailserver192.168.99.7 acmailserverc10.135.6.11 archivemailserver192.168.100.126 bxmailserver192.168.100.139 bxmailserverc10.135.6.177 cqlmailserver192.168.100.32 cwmailserver192.168.171.6 dlmailsvr192.168.100.204 dmsmailserver192.168.100.129 haiermailserver192.168.99.223 haiermailserverc192.168.100.71 haiernetserver192.168.100.87 Haierpt192.168.11.2 hdmailserver192.168.100.70 hdmailserverc10.135.7.219 hdzhsserver192.168.175.2 hfhrserver10.142.236.2 hfmailserver2192.168.99.30 hrapplyserver192.168.99.233 hrldap192.168.100.39 hrmailserver192.168.100.72 hrmailserver1192.168.100.229 hrmailserver2192.168.100.223 hrmailserver3192.168.99.222 hrmailserverc192.168.100.79 hrnetserver192.168.99.221 hrnetserverc192.168.100.92 hrnetsvr192.168.100.211 hrportal192.168.99.224 hrportalc192.168.100.75 hrserver192.168.99.225 hrsmtp192.168.99.230 hrzjserver192.168.27.2 hwbxserver192.168.99.171 hwtmailserver192.168.100.88 ICM_Server192.168.100.76 infosvr1192.168.100.95 infosvr2192.168.100.196 infosvr310.128.3.116 infosvr5192.168.100.73 itmailserver192.168.100.117 jnmailserver10.128.3.134 jsjmailserver192.168.99.228 lodmserver192.168.100.137 lodmserverc10.130.41.1 mjmailserver10.135.7.103 mobilemailserver110.135.7.137 portalagserver192.168.100.78 qdmailserver1192.168.99.229 qdmailserver2192.168.99.231 qdmailserver3192.168.99.234 qdmailserver510.135.7.230 qdmailserver610.135.6.23 qdmailserver710.135.6.24 qdmailserver8192.168.100.77 vpnserver192.168.99.6 vpnserver1192.168.100.74 vpnsvr1192.168.100.138 vpnsvr2192.168.100.81 webmailserver192.168.179.7 whapplyserver192.168.99.226 xyjmailsvr192.168.99.5 xyjmailsvrc192.168.249.1 zqhrmailserver10.135.106.86 sharefileserver 192.168.99.8 qdmailserver2c10.135.7.138 portalinfo192.168.229.5 chnue001.china.hp.com chnue001192.168.229.7 chnue003.chn.hp.com chnue003
内网所有服务器
<add key="AppCenterDSN" value="Host=10.0.2.36;Service=8001;Server=niosserver; Database=nios_flow3; UId=npmuser; Password=npmoptr2012;Database locale=en_US.819;Client Locale=en_US.CP1252"/> <add key="AppCenterDBType" value="Informix"/> <add key="AppCenterDSN" value="Data Source=localhost;Persist Security info=True;Initial Catalog=ccflow;User ID=root;Password=jiaozi;"/> <add key="AppCenterDBType" value="MySQL"/> <add key="AppCenterDSN" value="Password=ccflow;Persist Security Info=True;User ID=sa;Initial Catalog=tongwang;Data Source=.;Timeout=999;MultipleActiveResultSets=true"/> <add key="AppCenterDBType" value="MSSQL"/> <add key="AppCenterDSN" value="user id=ccflow;data source=orcl;password=ccflow;Max Pool Size=200"/> <add key="AppCenterDBType" value="Oracle"/> -->
又一批数据库
------------------------------------------------------测试登录地址:http://10.135.108.141/HRHIGTest/login4.aspx用户名:admin 密码:crstest数据数据库服务器:10.135.13.102 用户名:sa 密码:huazheng2010数据库名:HRMS_Test运行服务器:10.135.108.141 用户名:haieradmin 密码:Haier,2015代码位置:D/Test System/HRHIGTESTftp地址:ftp://10.135.108.141/Test System/HRHIGTEST------------------------------------------------------正式登录地址:http://10.135.108.141/HRHIG/login4.aspx用户名:admin 密码:Haierdc数据数据库服务器:10.135.13.102 用户名:sa 密码:huazheng2010数据库名:HRMS_Pro运行服务器:10.135.108.141 用户名:haieradmin 密码:Haier,2015代码位置:D/System/HRHIGftp地址:ftp://10.135.108.141/System/HRHIGhz_cb_d_DeleteTaskBookApproveByCpxmcode
人力系统服务器信息还有好多,我就不贴啦
你们集团缺运维嘛
危害等级:高
漏洞Rank:17
确认时间:2015-06-08 18:24
感谢乌云平台白帽子的测试与提醒,我方已安排人员进行处理。
暂无