乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-22: 细节已通知厂商并且等待厂商处理中 2015-12-24: 厂商已经确认,细节仅向厂商公开 2016-01-03: 细节向核心白帽子及相关领域专家公开 2016-01-13: 细节向普通白帽子公开 2016-01-23: 细节向实习白帽子公开 2016-02-06: 细节向公众公开
RT
湖北邮政廉政风险点控制管理系统http://58.52.163.234:7001/weblogic的反序列化漏洞直接反弹shell
查看下端口
C:\Oracle\Middleware\user_projects\domains\slzfxkz>netstat -annetstat -an»l½ Эө ±¾µصٖ· ²¿µٖ· ״̬ TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1158 0.0.0.0:0 LISTENING TCP 0.0.0.0:1521 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:3938 0.0.0.0:0 LISTENING TCP 0.0.0.0:5520 0.0.0.0:0 LISTENING TCP 0.0.0.0:5560 0.0.0.0:0 LISTENING TCP 0.0.0.0:5580 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49159 0.0.0.0:0 LISTENING TCP 0.0.0.0:49172 0.0.0.0:0 LISTENING TCP 127.0.0.1:1521 127.0.0.1:55301 ESTABLISHED TCP 127.0.0.1:7001 0.0.0.0:0 LISTENING TCP 127.0.0.1:49156 0.0.0.0:0 LISTENING TCP 127.0.0.1:55301 127.0.0.1:1521 ESTABLISHED TCP 192.168.0.19:139 0.0.0.0:0 LISTENING TCP 192.168.0.19:1521 192.168.0.19:49160 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:49166 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:49167 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:49168 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:49181 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:49182 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:58098 ESTABLISHED TCP 192.168.0.19:1521 192.168.0.19:58137 TIME_WAIT TCP 192.168.0.19:1521 192.168.0.19:58138 TIME_WAIT TCP 192.168.0.19:3938 192.168.0.19:58131 TIME_WAIT TCP 192.168.0.19:3938 192.168.0.19:58134 TIME_WAIT TCP 192.168.0.19:3938 192.168.0.19:58141 TIME_WAIT TCP 192.168.0.19:3938 192.168.0.19:58146 TIME_WAIT TCP 192.168.0.19:7001 0.0.0.0:0 LISTENING TCP 192.168.0.19:49160 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:49166 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:49167 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:49168 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:49181 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:49182 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:58098 192.168.0.19:1521 ESTABLISHED TCP 192.168.0.19:58123 45.62.103.177:1111 ESTABLISHED TCP 192.168.0.19:58124 63.245.201.133:443 ESTABLISHED TCP 192.168.0.19:58130 192.168.0.19:1158 TIME_WAIT TCP 192.168.0.19:58133 192.168.0.19:1158 TIME_WAIT TCP 192.168.0.19:58140 192.168.0.19:1158 TIME_WAIT TCP 192.168.0.19:58142 192.168.0.19:1521 TIME_WAIT TCP 192.168.0.19:58144 74.125.23.113:443 SYN_SENT TCP 192.168.0.19:58145 192.168.0.19:1158 TIME_WAIT TCP [::]:135 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:47001 [::]:0 LISTENING TCP [::]:49152 [::]:0 LISTENING TCP [::]:49153 [::]:0 LISTENING TCP [::]:49154 [::]:0 LISTENING TCP [::]:49155 [::]:0 LISTENING TCP [::]:49172 [::]:0 LISTENING TCP [::1]:7001 [::]:0 LISTENING TCP [2001:0:da1e:40c2:10cb:37c2:3f57:ffec]:7001 [::]:0 LISTENING TCP [fe80::5efe:192.168.0.19%13]:7001 [::]:0 LISTENING TCP [fe80::10cb:37c2:3f57:ffec%11]:7001 [::]:0 LISTENING TCP [fe80::44b4:ed89:9ec8:ea98%12]:7001 [::]:0 LISTENING UDP 0.0.0.0:500 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5355 *:* UDP 192.168.0.19:137 *:* UDP 192.168.0.19:138 *:* UDP [::]:500 *:* UDP [::]:4500 *:* UDP [::]:5355 *:*
探测下内网
C:\Oracle\Middleware\user_projects\domains\slzfxkz>arp -aarp -a ½ӿغ 192.168.0.19 --- 0xc Internet µٖ· ϯmµٖ· `э 192.168.0.1 3c-e5-a6-55-9c-d4 ¶¯̬ 192.168.0.3 44-37-e6-59-d9-db ¶¯̬ 192.168.0.5 00-16-ec-a2-d6-18 ¶¯̬ 192.168.0.11 b8-ae-ed-d2-2f-25 ¶¯̬ 192.168.0.39 c0-3f-d5-73-53-0a ¶¯̬ 192.168.0.40 c8-9c-dc-67-ec-ed ¶¯̬ 192.168.0.44 40-8d-5c-44-da-fa ¶¯̬ 192.168.0.55 00-21-97-11-51-c1 ¶¯̬ 192.168.0.66 90-e6-ba-c4-56-f7 ¶¯̬ 192.168.0.74 c0-3f-d5-3f-0e-6e ¶¯̬ 192.168.0.75 14-dd-a9-ea-6c-4b ¶¯̬ 192.168.0.101 d8-cb-8a-48-51-33 ¶¯̬ 192.168.0.105 ec-a8-6b-3b-e0-c9 ¶¯̬ 192.168.0.107 00-1b-b9-76-d0-7d ¶¯̬ 192.168.0.114 00-11-5b-4c-66-08 ¶¯̬ 192.168.0.115 3c-97-0e-f8-c7-1f ¶¯̬ 192.168.0.121 ec-a8-6b-37-6e-1b ¶¯̬ 192.168.0.122 90-fb-a6-78-05-24 ¶¯̬ 192.168.0.124 50-7b-9d-03-97-de ¶¯̬ 192.168.0.130 44-87-fc-98-a6-31 ¶¯̬ 192.168.0.131 0c-72-2c-e9-10-0b ¶¯̬ 192.168.0.132 44-8a-5b-aa-5f-da ¶¯̬ 192.168.0.139 40-8d-5c-44-de-02 ¶¯̬ 192.168.0.141 d8-cb-8a-0a-18-c4 ¶¯̬ 192.168.0.144 20-89-84-26-41-20 ¶¯̬ 192.168.0.147 e8-9a-8f-cf-8e-c1 ¶¯̬ 192.168.0.154 44-87-fc-fb-86-59 ¶¯̬ 192.168.0.157 40-8d-5c-29-82-c1 ¶¯̬ 192.168.0.165 9c-21-6a-60-6b-fb ¶¯̬ 192.168.0.173 00-e0-4c-97-2b-0c ¶¯̬ 192.168.0.179 28-d2-44-21-33-74 ¶¯̬ 192.168.0.183 a0-d3-c1-4f-6c-d6 ¶¯̬ 192.168.0.185 c0-3f-d5-9d-c2-6f ¶¯̬ 192.168.0.190 a0-d3-c1-4f-1e-52 ¶¯̬ 192.168.0.192 f0-76-1c-58-f8-a1 ¶¯̬ 192.168.0.199 d8-cb-8a-0e-f7-ce ¶¯̬ 192.168.0.214 a0-d3-c1-4f-6f-2b ¶¯̬ 192.168.0.231 b8-97-5a-3a-fc-88 ¶¯̬ 192.168.0.245 bc-46-99-a8-f4-0b ¶¯̬ 192.168.0.249 44-37-e6-36-af-a0 ¶¯̬ 192.168.0.255 ff-ff-ff-ff-ff-ff ¾²̬ 224.0.0.2 01-00-5e-00-00-02 ¾²̬ 224.0.0.22 01-00-5e-00-00-16 ¾²̬ 224.0.0.252 01-00-5e-00-00-fc ¾²̬ C:\Oracle\Middleware\user_projects\domains\slzfxkz>
½ӿغ 192.168.0.19 --- 0xc Internet µٖ· ϯmµٖ· `э 192.168.0.1 3c-e5-a6-55-9c-d4 ¶¯̬ 192.168.0.3 44-37-e6-59-d9-db ¶¯̬ 192.168.0.5 00-16-ec-a2-d6-18 ¶¯̬ 192.168.0.11 b8-ae-ed-d2-2f-25 ¶¯̬ 192.168.0.39 c0-3f-d5-73-53-0a ¶¯̬ 192.168.0.40 c8-9c-dc-67-ec-ed ¶¯̬ 192.168.0.44 40-8d-5c-44-da-fa ¶¯̬ 192.168.0.55 00-21-97-11-51-c1 ¶¯̬ 192.168.0.66 90-e6-ba-c4-56-f7 ¶¯̬ 192.168.0.74 c0-3f-d5-3f-0e-6e ¶¯̬ 192.168.0.75 14-dd-a9-ea-6c-4b ¶¯̬ 192.168.0.101 d8-cb-8a-48-51-33 ¶¯̬ 192.168.0.105 ec-a8-6b-3b-e0-c9 ¶¯̬ 192.168.0.107 00-1b-b9-76-d0-7d ¶¯̬ 192.168.0.114 00-11-5b-4c-66-08 ¶¯̬ 192.168.0.115 3c-97-0e-f8-c7-1f ¶¯̬ 192.168.0.121 ec-a8-6b-37-6e-1b ¶¯̬ 192.168.0.122 90-fb-a6-78-05-24 ¶¯̬ 192.168.0.124 50-7b-9d-03-97-de ¶¯̬ 192.168.0.130 44-87-fc-98-a6-31 ¶¯̬ 192.168.0.131 0c-72-2c-e9-10-0b ¶¯̬ 192.168.0.132 44-8a-5b-aa-5f-da ¶¯̬ 192.168.0.139 40-8d-5c-44-de-02 ¶¯̬ 192.168.0.141 d8-cb-8a-0a-18-c4 ¶¯̬ 192.168.0.144 20-89-84-26-41-20 ¶¯̬ 192.168.0.147 e8-9a-8f-cf-8e-c1 ¶¯̬ 192.168.0.154 44-87-fc-fb-86-59 ¶¯̬ 192.168.0.157 40-8d-5c-29-82-c1 ¶¯̬ 192.168.0.165 9c-21-6a-60-6b-fb ¶¯̬ 192.168.0.173 00-e0-4c-97-2b-0c ¶¯̬ 192.168.0.179 28-d2-44-21-33-74 ¶¯̬ 192.168.0.183 a0-d3-c1-4f-6c-d6 ¶¯̬ 192.168.0.185 c0-3f-d5-9d-c2-6f ¶¯̬ 192.168.0.190 a0-d3-c1-4f-1e-52 ¶¯̬ 192.168.0.192 f0-76-1c-58-f8-a1 ¶¯̬ 192.168.0.199 d8-cb-8a-0e-f7-ce ¶¯̬ 192.168.0.214 a0-d3-c1-4f-6f-2b ¶¯̬ 192.168.0.231 b8-97-5a-3a-fc-88 ¶¯̬ 192.168.0.245 bc-46-99-a8-f4-0b ¶¯̬ 192.168.0.249 44-37-e6-36-af-a0 ¶¯̬ 192.168.0.255 ff-ff-ff-ff-ff-ff ¾²̬ 224.0.0.2 01-00-5e-00-00-02 ¾²̬ 224.0.0.22 01-00-5e-00-00-16 ¾²̬ 224.0.0.252 01-00-5e-00-00-fc ¾²̬ C:\Oracle\Middleware\user_projects\domains\slzfxkz>
探测下内网<code>C:\Oracle\Middleware\user_projects\domains\slzfxkz>arp -aarp -a
升级
危害等级:高
漏洞Rank:10
确认时间:2015-12-24 11:03
谢谢
暂无
