当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-090477

漏洞标题:南北软件默认配置导致所有用户被威胁(已经证实可以控制服务器)

相关厂商:南北软件

漏洞作者: 深蓝

提交时间:2015-01-07 17:12

修复时间:2015-02-21 17:14

公开时间:2015-02-21 17:14

漏洞类型:成功的入侵事件

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-01-07: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-02-21: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

南北软件默认配置导致所有用户被威胁【已经证实可以控制服务器】

详细说明:

南北软件默认配置导致所有用户被威胁【已经证实可以控制服务器】 主页修改登录密码

1.jpg

2.jpg

3.jpg


url:http://222.223.218.138:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.116:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.118:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.115:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.114:8000/manager/html
user:tomcat
pass:tomcat
url:http://117.78.2.208:8000/manager/html
user:tomcat
pass:tomcat
url:http://221.7.205.53:8000/manager/html
user:tomcat
pass:tomcat
url:http://221.7.205.54:8000/manager/html
user:tomcat
pass:tomcat
url:http://210.14.154.142:8000/manager/html
user:tomcat
pass:tomcat
url:http://123.151.19.108:8000/manager/html
user:tomcat
pass:tomcat
url:http://121.29.227.53:8000/manager/html
user:tomcat
pass:tomcat
url:http://120.0.221.6:8000/manager/html
user:tomcat
pass:tomcat
url:http://119.113.142.86:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.116:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.234.52.115:8000/manager/html
user:tomcat
pass:tomcat
url:http://60.8.196.166:8000/manager/html
user:tomcat
pass:tomcat
url:http://222.223.218.94:8000/manager/html
user:tomcat
pass:tomcat
url:http://222.222.23.140:8000/manager/html
user:tomcat
pass:tomcat
url:http://222.94.89.241:8000/manager/html
user:tomcat
pass:tomcat
url:http://222.68.180.154:8000/manager/html
user:tomcat
pass:tomcat
url:http://221.226.100.162:8000/manager/html
user:tomcat
pass:tomcat
url:http://219.148.122.196:8000/manager/html
user:tomcat
pass:tomcat
url:http://219.148.122.239:8000/manager/html
user:tomcat
pass:tomcat
url:http://218.249.195.243:8000/manager/html
user:tomcat
pass:tomcat
url:http://219.129.201.124:8000/manager/html
user:tomcat
pass:tomcat
url:http://218.90.137.138:8000/manager/html
user:tomcat
pass:tomcat
url:http://218.94.67.218:8000/manager/html
user:tomcat
pass:tomcat
url:http://218.71.138.206:8000/manager/html
user:tomcat
pass:tomcat
url:http://202.103.207.38:8000/manager/html
user:tomcat
pass:tomcat
url:http://202.103.207.39:8000/manager/html
user:tomcat
pass:tomcat
url:http://122.224.101.76:8000/manager/html
user:tomcat
pass:tomcat
url:http://119.129.151.64:8000/manager/html
user:tomcat
pass:tomcat
url:http://119.127.193.159:8000/manager/html
user:tomcat
pass:tomcat
url:http://116.247.125.130:8000/manager/html
user:tomcat
pass:tomcat
url:http://116.231.4.61:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.185.212.85:8000/manager/html
user:tomcat
pass:tomcat
url:http://61.130.101.106:8000/manager/html
user:tomcat
pass:tomcat
url:http://60.190.30.214:8000/manager/html
user:tomcat
pass:tomcat
url:http://58.49.94.100:8000/manager/html
user:tomcat
pass:tomcat
url:http://121.40.31.44:8080/manager/html
user:tomcat
pass:tomcat
url:http://121.201.5.29:8080/manager/html
user:tomcat
pass:tomcat
url:http://121.201.13.113:8080/manager/html
user:tomcat
pass:tomcat

漏洞证明:

1.jpg

2.jpg

3.jpg

4.jpg

5.jpg

6.jpg

7.jpg

8.jpg

8.jpg

9.jpg

10.jpg

11.jpg

12.jpg

13.jpg

14.jpg

15.jpg

修复方案:

默认设置 我已经不知道怎么说了 sell 多给几个乌云币 打字好累的 不知道算不算通用

版权声明:转载请注明来源 深蓝@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝