当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0133844

漏洞标题:善林(上海)金融主站Shell一枚

相关厂商:shanlinjinrong.com

漏洞作者: 爱上平顶山

提交时间:2015-08-13 14:47

修复时间:2015-09-28 14:00

公开时间:2015-09-28 14:00

漏洞类型:成功的入侵事件

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-13: 细节已通知厂商并且等待厂商处理中
2015-08-14: 厂商已经确认,细节仅向厂商公开
2015-08-24: 细节向核心白帽子及相关领域专家公开
2015-09-03: 细节向普通白帽子公开
2015-09-13: 细节向实习白帽子公开
2015-09-28: 细节向公众公开

简要描述:

...

详细说明:

发了上个漏洞 忘记这个了 补上.
http://www.shanlinjinrong.com/
密码这么快就改了? 原来是admin admin .....

0.jpg


1.jpg


0.jpg


[*] 基本信息 [ 	Linux ebs-35800 2.6.32-220.4.1.el6.x86_64 #1 SMP Tue Jan 24 02:13:44 GMT 2012 x86_64(www) ]
[/]$ ls -al
total 14164
dr-xr-xr-x.  23 root root     4096 Dec 31  2014 .
dr-xr-xr-x.  23 root root     4096 Dec 31  2014 ..
-rw-r--r--    1 root root        0 Dec 31  2014 .autofsck
-rw-r--r--    1 root root        0 Feb  6  2012 .autorelabel
dr-xr-xr-x.   2 root root     4096 Sep 28  2014 bin
dr-xr-xr-x.   4 root root     4096 Feb  7  2012 boot
lrwxrwxrwx    1 root root       17 Feb 10  2012 data -> /home/wddata/data
drwxr-xr-x   15 root root     3380 Aug  9 03:42 dev
drwxr-xr-x.  81 root root     4096 Feb  2  2015 etc
drwxr-xr-x    8 root root     4096 Dec 31  2014 home
-rw-r--r--.   1 root root 14264610 Feb  7  2012 initramfs-2.6.32-220.4.1.el6.x86_64.img
dr-xr-xr-x.   8 root root     4096 Feb  7  2012 lib
dr-xr-xr-x.   8 root root    12288 Feb  2  2015 lib64
drwx------.   2 root root    16384 Feb  7  2012 lost+found
drwxr-xr-x.   2 root root     4096 Sep 23  2011 media
drwxr-xr-x.   2 root root     4096 Sep 23  2011 mnt
-rw-------    1 root root    59674 Dec 31  2014 nohup.out
drwxr-xr-x.   2 root root     4096 Sep 23  2011 opt
dr-xr-xr-x  132 root root        0 Dec 31  2014 proc
dr-xr-x---.   4 root root     4096 Jan  1  2015 root
dr-xr-xr-x.   2 root root     4096 Feb  2  2015 sbin
drwxr-xr-x.   2 root root     4096 Feb  7  2012 selinux
drwxr-xr-x.   2 root root     4096 Sep 23  2011 srv
drwxr-xr-x   13 root root        0 Dec 31  2014 sys
drwxrwxrwt.   3 root root    69632 Aug 13 13:18 tmp
drwxr-xr-x.  14 root root     4096 Jun 29 16:09 usr
drwxr-xr-x.  18 root root     4096 Feb  7  2012 var
drwxr-xr-x.   5 root root     4096 Jan  2  2015 www
[/]$ uname -a
Linux ebs-35800 2.6.32-220.4.1.el6.x86_64 #1 SMP Tue Jan 24 02:13:44 GMT 2012 x86_64 x86_64 x86_64 GNU/Linux
[/]$ ifconfig
eth0      Link encap:Ethernet  HWaddr 52:54:00:91:B8:D8  
          inet addr:122.114.52.208  Bcast:122.114.52.255  Mask:255.255.255.0
          inet6 addr: fe80::5054:ff:fe91:b8d8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:335411908 errors:0 dropped:0 overruns:0 frame:0
          TX packets:465172173 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:28416838462 (26.4 GiB)  TX bytes:633521056696 (590.0 GiB)
eth1      Link encap:Ethernet  HWaddr 52:54:00:14:26:F8  
          inet addr:192.168.52.208  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::5054:ff:fe14:26f8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3691019 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9312 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:290420767 (276.9 MiB)  TX bytes:480780 (469.5 KiB)
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:252692 errors:0 dropped:0 overruns:0 frame:0
          TX packets:252692 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:26626706 (25.3 MiB)  TX bytes:26626706 (25.3 MiB)
[/]$


好的。

漏洞证明:

···

修复方案:

安全意识

版权声明:转载请注明来源 爱上平顶山@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-08-14 13:59

厂商回复:

非常感谢,已经加紧处理了。

最新状态:

暂无