乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-26: 细节已通知厂商并且等待厂商处理中 2015-12-29: 厂商已经确认,细节仅向厂商公开 2016-01-08: 细节向核心白帽子及相关领域专家公开 2016-01-18: 细节向普通白帽子公开 2016-01-28: 细节向实习白帽子公开 2016-02-09: 细节向公众公开
这次是78台 之前是73台 看来又上新业务了~
海尔集团http://58.56.128.98:7003/JAVA反序列化的命令执行可执行任意命令
root权限拿到shellhttp://58.56.128.98:7003/uddiexplorer/33ss.jsp
先连接数据库看下
看下订单详情
探测下内网这次是78台 之前是73台 看来又上新业务了~
http://10.135.108.94 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.95 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.93 >> 海尔微信公众号后台管理系统>>nginx/1.7.9 >>Successhttp://10.135.108.107 >> Loading Portal...>>SAP J2EE Engine/7.00 >>Successhttp://10.135.108.117 >> >>Apache/2.2.21 (Unix) >>Successhttp://10.135.108.110 >> �������Ϣ����ϵͳ>>Microsoft-IIS/6.0 >>Successhttp://10.135.108.102 >> >>Apache/2.4.6 (Unix) OpenSSL/1.0.1c mod_jk/1.2.37 >>Successhttp://10.135.108.35 >> >>Jetty(8.1.15.v20140411) >>Successhttp://10.135.108.29 >> nginx>>nginx >>Successhttp://10.135.108.37 >> >>Apache-Coyote/1.1 >>Successhttp://10.135.108.38 >> >>Apache-Coyote/1.1 >>Successhttp://10.135.108.40 >> 海尔B2B首页>>Apache-Coyote/1.1 >>Successhttp://10.135.108.16 >> 海尔翻译管理平台>>Apache-Coyote/1.1 >>Successhttp://10.135.108.64 >> Welcome to nginx!>>nginx/1.8.0 >>Successhttp://10.135.108.65 >> Welcome to nginx!>>nginx/1.8.0 >>Successhttp://10.135.108.21 >> >>Apache/2.2.22 (Win32) mod_jk/1.2.30 >>Successhttp://10.135.108.135 >> >>unknow >>Successhttp://10.135.108.158 >> Welcome to nginx!>>nginx/1.5.13 >>Successhttp://10.135.108.159 >> >>nginx/1.2.7 >>Successhttp://10.135.108.157 >> 移动办公平台 >>MAM Server 1.0 >>Successhttp://10.135.108.160 >> HOPE>>nginx >>Successhttp://10.135.108.49 >> 巨商汇_海尔店铺>>Apache-Coyote/1.1 >>Successhttp://10.135.108.140 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.22 >> IIS7>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.55 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.132 >> 运行时错误>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.178 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.126 >> 云菜网云菜网>>null >>Successhttp://10.135.108.12 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.50 >> 巨商汇_海尔店铺>>Apache-Coyote/1.1 >>Successhttp://10.135.108.162 >> 登录>>Apache-Coyote/1.1 >>Successhttp://10.135.108.155 >> 海尔工业品商城>>Apache/2.4.6 (Unix) OpenSSL/1.0.1c mod_jk/1.2.37 >>Successhttp://10.135.108.179 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.36 >> >>Apache-Coyote/1.1 >>Successhttp://10.135.108.198 >> SCRM应用平台导航页>>nginx/1.4.4 >>Successhttp://10.135.108.197 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.200 >> 海尔互联网网站建设服务版块>>Apache-Coyote/1.1 >>Successhttp://10.135.108.199 >> ��ӭʹ���Ű�����Ӧ�ð�ȫ���>>Apache Coyote/1.0 >>Successhttp://10.135.108.204 >> Welcome to nginx!>>nginx/1.6.1 >>Successhttp://10.135.108.208 >> Login>>Lotus-Domino >>Successhttp://10.135.108.14 >> >>Apache/2.4.6 (Unix) OpenSSL/1.0.1g mod_jk/1.2.37 >>Successhttp://10.135.108.13 >> >>Apache/2.4.6 (Unix) OpenSSL/1.0.1g mod_jk/1.2.37 >>Successhttp://10.135.108.201 >> >>Microsoft-IIS/6.0 >>Successhttp://10.135.108.146 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.81 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.231 >> 海尔人才雷达:人才搜索>>Apache-Coyote/1.1 >>Successhttp://10.135.108.232 >> 海客会-海尔·智慧社区生活服务平台>>null >>Successhttp://10.135.108.215 >> >>Microsoft-IIS/6.0 >>Successhttp://10.135.108.62 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.235 >> WebSphere Application Server Version V8.5 Liberty Profile200 OK>>nginx/1.6.1 >>Successhttp://10.135.108.180 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.241 >> Loading Portal...>>SAP J2EE Engine/7.00 >>Successhttp://10.135.108.221 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.20 >> IIS7>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.209 >> >>Microsoft-IIS/6.0 >>Successhttp://10.135.108.206 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.249 >> Welcome to nginx!>>nginx >>Successhttp://10.135.108.19 >> IIS7>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.250 >> Welcome to nginx!>>nginx >>Successhttp://10.135.108.252 >> Welcome to nginx!>>nginx >>Successhttp://10.135.108.18 >> IIS7>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.211 >> 海尔企业客户采购|海尔商用解决方案-海尔B2B智慧集成解决方案平台>>Apache-Coyote/1.1 >>Successhttp://10.135.108.246 >> >>nginx/1.6.0 >>Successhttp://10.135.108.17 >> IIS7>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.188 >> >>Microsoft-IIS/6.0 >>Successhttp://10.135.108.87 >> haier>>Microsoft-IIS/6.0 >>Successhttp://10.135.108.212 >> 海尔企业客户采购|海尔商用解决方案-海尔B2B智慧集成解决方案平台>>Apache/2.4.7 (Unix) PHP/5.3.27 >>Successhttp://10.135.108.181 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.138 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.10 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.118 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.61 >> M-lab创客实验室beta版>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.90 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.11 >> 首页 - 海尔文化交互平台>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.133 >> 海尔二维码管理平台>>Microsoft-IIS/7.0 >>Successhttp://10.135.108.169 >> >>Microsoft-IIS/7.5 >>Successhttp://10.135.108.148 >> IIS7>>Microsoft-IIS/7.5 >>Successhttp://10.135.108.113 >> >>Microsoft-IIS/7.5 >>Success
连接几个看下
升级
危害等级:高
漏洞Rank:15
确认时间:2015-12-29 10:34
感谢白帽子的测试与提醒,已安排人员进行处理
暂无