乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-29: 细节已通知厂商并且等待厂商处理中 2015-10-29: 厂商已经确认,细节仅向厂商公开 2015-11-08: 细节向核心白帽子及相关领域专家公开 2015-11-18: 细节向普通白帽子公开 2015-11-28: 细节向实习白帽子公开 2015-12-13: 细节向公众公开
天治基金
**.**.**.**:7001/etrading/
**.**.**.**:7001/console/login/LoginForm.jspweblogic/weblogic密码已修改为ma999999成功拿到shell**.**.**.**:7001/ma/ma3.jspD:/ETSDomain/config/jdbc可链接三个数据库
表
STG_TSHARE TACCOBANKMINBALANCE TACCOBANKRELATION TACCOCONFIRM_TMP02 TACCOINTERESTRATE TACCORANGE TCAPITALMODEBROKER TCAPITALMODENET TCAPITALMODERATIO TCAPITALPROCESS TCAPITALSYSTEMCONFIG TCAPSPILITPARAMETER TCERTIFICATE TCHANNELDISCOUNT TCHARGEREQUEST TCHECKCONFIG TCHECKIDRESULT TCHILDCENTER TCHINAPAYACCOBANKMOD TCHINAPAYACCOREQUEST TCHINAPAYALLOT TCHINAPAYFIXPLAN TCHINAPAYFIXPLANSHOT TCITY TCMBRECORD_WEB TLINKPROTOCOL TLIQUIDATEFLAG TMANGEFARERATE TMONEYFUNDPAYCOMP TMONEYFUNDPAYCOMPRESULT TMONEYPAYSIGN TNETSTATION TORGPAYRATE TOVERDRAFT TPARTNERACCO_WEB TPARTNERFEESETTING TPARTNERREQUEST TPARTNERREQUESTDETAIL_WEB_JD TPAYMENTACCOBANK TPAYMENTBANKDATE TPAYMENTCHECK TPAYMENTCOMP TPAYMENTCOMPRESULT TPAYMENTCURRENT TPAYMENTUNIT TPENDCAPITAL TPERATIOVALUATION TPROEXPORTCAPITALSET TPROMOTIONINFO TPROTOCOL TPROTOCOLCURRENT TRISKLIMIT TRISKLIMIT_WEB TSALE TSALESYSGUID TSEAT TSECRETFIELD TSECTIONSCHEMA TSENDFAX TSERVICE TSERVICEVALIDATOR TSHAREDETAILSUCCESS TSHAREDETAIL_TMP TSHAREQUERY TSLBFUNDCURRENT TSLBFUNDINFO TSMSSENDCFG TSMSSEND_TMP TSPECIALWORD TSQL TSTATICSHAREPROFIT TSTATICSHARES_TA TSTOCK TSTOCKEXPONENT TSUBACCOFUNDRIGHT TSUBACCOPROFIT TSUBACCOREQUEST TSUBACCOUNTINFO TSUBAREACODE TSUMREQUEST_TMP TSYSPARAMETER TSZTCOMDICT TSZTCOMFORMAT TSZTCOMPONENT TSZTMSGSERVICE
然后探测下内网**.**.**.**:7001/ma/out.jsp
内网44台机器 可渗透
服务器名称 注解-------------------------------------------------------------------------------\\ADM-MIAOZP \\ADM-O-LUQS \\ADM-O-ZHOUWJ \\ADM-YEFF \\CLS-VMSQL2012 \\CLS-VMTRADE \\CLS-WIN2012HV \\DAG \\DP-02DOMAIN \\DP-04VSERVER DP-04Vserver \\DP-05VSERVER \\DP-06VSERVER \\DP-12VSERVER \\DP-13VSERVER \\DTC-VMSQL2012 \\GO-O-YANYW \\GO-O-ZHAOYB \\INVE-2-WANGYANG \\INVE-O-XIANGGY \\OPER-O-QIANMH2 \\OPER-O-ZHUJH \\RECORDING \\RECORDING2 \\SRV-FILESERVER \\SVR-HJJK \\SVR-HPWD \\SVR-JYYB \\SVR-MAIL01 \\SVR-MAIL02 \\SVR-REPORT-2012 \\SVR-TRADE01 \\SVR-VMSVR01 \\SVR-VMSVR07 \\SVR-VMSVR08 \\VM-AR1 \\VM-AR2 \\VM-ARTEST \\VM-CFWXMSG \\VM-CITRIXWI \\VM-CSETRADING \\VM-CSJSZBW \\VM-DFBRMSG \\VM-ETRADINGIIS \\VM-ICBC-SZ-CN \\VM-ICBCNC \\VM-O32-TEST \\VM-OATEST \\VM-OATEST-LYNC \\VM-ORACLETEST \\VM-PRINT \\VM-SQL2012-01 \\VM-SQL2012-02 \\VM-SQL2012CLS \\VM-TDX-OUT \\VM-TEST01 \\VM-TEST07 \\VM-TZBB \\WKS-EAD2 \\WKS-MOCA 命令成功完成。
修改密码
危害等级:高
漏洞Rank:15
确认时间:2015-10-29 11:02
测试环境,没有及时修改,感谢提醒。修改密码,修复漏洞。
2015-10-29:已修复。