乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-04: 细节已通知厂商并且等待厂商处理中 2015-11-06: 厂商已经确认,细节仅向厂商公开 2015-11-16: 细节向核心白帽子及相关领域专家公开 2015-11-26: 细节向普通白帽子公开 2015-12-06: 细节向实习白帽子公开 2015-12-21: 细节向公众公开
服务弱口令导致getshell可威胁内网
周董代言的那个L
系统地址:**.**.**.**/eps/login/login.seam?cid=15857问题:jboss中间件服务弱口令**.**.**.**/admin-consoleadmin/admin
部署war;getshell
已成马场小马:**.**.**.**/upload5warn/shell.jsp一句话:**.**.**.**/upload5warn/wooyun.jsp密码:pandas
???: **.**.**.** --- 0xb Internet ??? ?????? ???? **.**.**.** 00-50-56-b3-31-d7 ??? **.**.**.** 00-50-56-a3-48-85 ??? **.**.**.** 00-21-5e-26-2f-0c ??? **.**.**.** 00-50-56-a3-1b-da ??? **.**.**.** 00-50-56-b3-51-02 ??? **.**.**.** 00-50-56-b3-60-b4 ??? **.**.**.**0 00-50-56-b3-51-59 ??? **.**.**.**1 00-50-56-a3-30-fe ??? **.**.**.**2 00-50-56-b3-79-21 ??? **.**.**.**3 00-50-56-b3-44-e6 ??? **.**.**.**7 00-21-5e-73-78-1e ??? **.**.**.**8 00-50-56-b3-79-51 ??? **.**.**.**0 e4-1f-13-65-24-88 ??? **.**.**.**1 00-50-56-a3-73-8e ??? **.**.**.**2 00-50-56-a3-48-85 ??? **.**.**.**3 00-50-56-a3-7a-61 ??? **.**.**.**4 00-50-56-a3-38-41 ??? **.**.**.**5 00-50-56-a3-43-c6 ??? **.**.**.**6 00-50-56-a3-7f-f9 ??? **.**.**.**7 00-50-56-a3-7f-f9 ??? **.**.**.**1 c4-64-13-5b-0d-80 ??? **.**.**.**2 c4-64-13-5b-0d-84 ??? **.**.**.**3 00-0c-29-8f-37-5b ??? **.**.**.**4 00-0c-29-f4-b1-42 ??? **.**.**.**5 00-0c-29-d1-f6-e5 ??? **.**.**.**6 00-1a-64-6e-bb-43 ??? **.**.**.**7 00-1a-64-6f-ce-f8 ??? **.**.**.**8 78-2b-cb-48-85-7f ??? **.**.**.**9 d4-ae-52-6a-9e-6a ??? **.**.**.**0 78-2b-cb-55-4f-45 ??? **.**.**.**1 00-1a-64-b4-73-68 ??? **.**.**.**0 00-1e-67-ac-df-63 ??? **.**.**.**1 00-50-56-b3-70-b7 ??? **.**.**.**2 00-50-56-b3-7a-45 ??? **.**.**.**3 30-0e-d5-c5-ad-00 ??? **.**.**.**4 30-0e-d5-c5-ad-01 ??? **.**.**.**5 30-0e-d5-c5-ad-02 ??? **.**.**.** 00-50-56-b3-63-23 ??? **.**.**.** 5c-f3-fc-e7-d7-4a ??? **.**.**.** 00-40-48-6b-3e-98 ??? **.**.**.** 00-d0-c9-b7-40-d1 ??? **.**.**.** 00-50-56-b3-35-cb ??? **.**.**.** 00-50-56-a3-08-86 ??? **.**.**.** 00-50-56-a3-63-92 ??? **.**.**.** 50-e5-49-b9-c1-c4 ??? **.**.**.** 00-50-56-a3-36-9d ??? **.**.**.** 00-50-56-a3-7c-65 ??? **.**.**.** 00-50-56-a3-22-9a ??? **.**.**.** 00-50-56-b3-7e-bc ??? **.**.**.** 00-50-56-a3-13-ce ??? **.**.**.** 00-50-56-a3-66-4c ??? **.**.**.** 00-50-56-a3-01-e9 ??? **.**.**.** 00-50-56-b3-6e-63 ??? **.**.**.**2 03-bf-0a-cb-0a-5c ??? **.**.**.**3 00-50-56-a3-70-a0 ??? **.**.**.**4 00-50-56-b3-19-00 ??? **.**.**.**5 00-50-56-a3-4c-4a ??? **.**.**.**6 00-50-56-a3-08-11 ??? **.**.**.**7 00-11-25-8f-6f-08 ??? **.**.**.**8 a0-d3-c1-fa-95-00 ??? **.**.**.**29 00-1a-64-35-75-bc ??? **.**.**.**30 00-50-56-a3-0b-0d ??? **.**.**.**33 00-50-56-b3-59-7c ??? **.**.**.**34 00-50-56-a3-7e-0e ??? **.**.**.**37 00-50-56-a3-01-8b ??? **.**.**.**38 00-50-56-a3-47-58 ??? **.**.**.**39 00-50-56-b3-07-14 ??? **.**.**.**40 00-50-56-a3-43-7e ??? **.**.**.**42 00-50-56-a3-6a-4c ??? **.**.**.**50 00-50-56-a3-2e-df ??? **.**.**.**51 00-50-56-b3-5e-1f ??? **.**.**.**52 00-50-56-b3-59-86 ??? **.**.**.**53 00-50-56-a3-6c-47 ??? **.**.**.**57 00-50-56-b3-00-8d ??? **.**.**.**64 00-50-56-b3-13-55 ??? **.**.**.**80 00-50-56-b3-75-98 ??? **.**.**.**82 00-50-56-b3-7b-18 ??? **.**.**.**83 00-50-56-b3-7a-51 ??? **.**.**.**84 00-50-56-b3-08-27 ??? **.**.**.**92 00-50-56-b3-78-ec ??? **.**.**.**93 00-50-56-b3-64-f7 ??? **.**.**.**94 00-50-56-b3-68-83 ??? **.**.**.**95 00-50-56-b3-4d-1e ??? **.**.**.**98 00-50-56-b3-17-69 ??? **.**.**.**99 00-50-56-a3-2d-7a ??? **.**.**.**00 00-50-56-a3-47-44 ??? **.**.**.**02 6c-3b-e5-a8-56-18 ??? **.**.**.**03 00-50-56-b3-49-b1 ??? **.**.**.**04 00-50-56-b3-18-d0 ??? **.**.**.**05 00-50-56-b3-61-76 ??? **.**.**.**06 00-50-56-b3-68-f2 ??? **.**.**.**08 00-50-56-b3-37-1e ??? **.**.**.**09 00-50-56-b3-0d-17 ??? **.**.**.**31 00-50-56-b3-60-bd ??? **.**.**.**32 00-50-56-b3-51-f9 ??? **.**.**.**52 ec-30-91-e0-fb-00 ??? **.**.**.**53 ec-30-91-e0-fc-00 ??? **.**.**.**54 00-00-0c-07-ac-0a ??? **.**.**.**55 ff-ff-ff-ff-ff-ff ??? **.**.**.** 01-00-5e-00-00-16 ??? **.**.**.** 01-00-5e-00-00-fc ??? **.**.**.** 01-00-5e-26-4c-da ??? **.**.**.** 01-00-5e-00-00-04 ??? **.**.**.** 01-00-5e-7f-ff-fa ??? **.**.**.** ff-ff-ff-ff-ff-ff ??? ???: **.**.**.** --- 0xc Internet ??? ?????? ???? **.**.**.** ff-ff-ff-ff-ff-ff ??? **.**.**.** 01-00-5e-00-00-16 ??? **.**.**.** 01-00-5e-00-00-fc ??? **.**.**.** 01-00-5e-26-4c-da ??? **.**.**.** 01-00-5e-00-00-04 ??? **.**.**.** 01-00-5e-7f-ff-fa ??? **.**.**.** ff-ff-ff-ff-ff-ff ??? ?????????????????
:\WEBAPP\jboss-4.2.3.GA\bin\> net view????????? ???-------------------------------------------------------------------------------\\CWSERVER \\DAGSHARE \\DHCPSRV01 \\DYACS01 \\DYACSS01 \\DYACSS02 \\DYADSRV1 \\DYADSRV2 \\DYADSRV3 \\DYAUTOCADS01 \\DYCADS01 \\DYCRDS01 \\DYDBMONS01 \\DYDHCPS01 \\DYDTMS01 \\DYDYOPS01 \\DYEIPAPS01 \\DYEIPDBS01 \\DYENCDB01 \\DYENCS01 \\DYENCS02 \\DYEPS01 \\DYEPS01TEST \\DYEPS02 \\DYEPS02TEST \\DYEPS03 \\DYEPS03TEST \\DYEPS04TEST \\DYEPS05TEST \\DYESRS01 \\DYEXDRIVEPLUS \\DYEXDRIVESQL \\DYFTPS01 \\DYGISOPS01 \\DYGYSAPS01 \\DYHCSRV1 \\DYHCSRV2 \\DYHYJJS01 \\DYITFILES01 \\DYKMS01 \\DYMBXSRV1 \\DYMBXSRV2 \\DYMRPP01 \\DYOPS02 \\DYPOSSTEST01 \\DYPOSSTEST02 \\DYPOSSTEST03 \\DYPRINTERX64 \\DYQ2DBS01 \\DYSAPFS01 \\DYSDMS01 \\DYSDS01 \\DYSHPS01 \\DYSQLBITS01 \\DYTMSS01 \\DYTMSS02 \\DYUSBS01 \\DYYFFS01 \\EIPTEST-MOSS \\EIPTEST-SQL \\LGADSS01 \\LGFISS01 \\LGXFTS01 ??????????
大量内网主机
大量内部报价文件存放在D:\autovueUpload\temp\
还有采购合同
删除shell,正确配置jboss
危害等级:中
漏洞Rank:10
确认时间:2015-11-06 17:40
暂未建立与网站管理单位的直接处置渠道,待认领。
暂无
