一个低版本JBoss让解放日报整个域沦陷 | wooyun-2015-0101184| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0101184

漏洞标题：一个低版本JBoss让解放日报整个域沦陷

漏洞作者：提莫队长

提交时间：2015-03-13 17:40

修复时间：2015-04-27 17:42

公开时间：2015-04-27 17:42

漏洞类型：系统/服务运维配置不当

危害等级：高

自评Rank：20

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-03-13：细节已通知厂商并且等待厂商处理中
2015-03-18：厂商已经确认，细节仅向厂商公开
2015-03-28：细节向核心白帽子及相关领域专家公开
2015-04-07：细节向普通白帽子公开
2015-04-17：细节向实习白帽子公开
2015-04-27：细节向公众公开

简要描述：

一个低版本的Jboss对外开放，发现有域环境后，刚好正在学域渗透，所以进一步渗透后拿到域控权限。
ps：JBoss现已关闭。未渗透跟网站或数据库有关的机器，仅仅是为了玩域。

详细说明：

JBoss现已关闭，webshell已经无法访问。
JBoss低版本可以直接执行命令部署war包。拿到webshell后，权限为system权限。查看内网环境，发现存在域环境，所以决定进一步渗透整个域。
内网中各种若口令，不费多大力气就搞定了域控。

漏洞证明：

http://114.80.76.146:8080/jmx-console/
对应内网机子:192.168.105.76/24

C:\Documents and Settings\Administrator>net view /domain
Domain
----------------------------------------------------------------
2301
AUTONOMY
JFGP
MSHOME
WK
WORKGROUP
XWGP
ZLZX
ZLZXDOMAIN
厂部
命令成功完成。
net view /domain:JFGP
服务器名称            注释
-------------------------------------------------------------------------------
\\A2                                                                           
\\BKWZ-CHENGFEI                                                                
\\BKWZ-CHENZHESHI                                                              
\\BKWZ-GESHENSHEN                                                              
\\BKWZ-GUSHAOFEI                                                               
\\BKWZ-HUANGAIHUA                                                              
\\BKWZ-SHENYINBIA                                                              
\\BKWZ-SHENZHENG                                                               
\\BKWZ-TONGLIQUN                                                               
\\BKWZ-WANGQIONG                                                               
\\BKWZ-WENGANG                                                                 
\\BKWZ-WENGJIANHO                                                              
\\BKWZ-WUYONGJIN                                                               
\\BKWZ-YVJUN                                                                   
\\BKWZ-ZHANGQINGD                                                              
\\BKWZ－WANGBAOME                                                              
\\BX-SHIXSH                                                                    
\\CBJK-HUANGJIKAN                                                              
\\CBJK-YANGLING                                                                
\\CBJY-SHENFENGLI                                                              
\\CBMS-TANGHONGWE                                                              
\\CBPB                                                                         
\\CBZB-FANYUANJIN                                                              
\\CBZB-TUXIN                                                                   
\\CHEGB_RENGXINKA                                                              
\\CLWZ-SHIXISHENG                                                              
\\CLWZ-YANGJIE                                                                 
\\CLWZ_GONGXIANG                                                               
\\DNZX-MONITOR                                                                 
\\DNZX-SHENZR                                                                  
\\DNZX-TKM6300BAK                                                              
\\DNZX-ZHIBANJI                                                                
\\DNZX_IBMM52BAK                                                               
\\DNZX_JFMONITER                                                               
\\DNZX_SMS                                                                     
\\FDC-1SHIXISHENG                                                              
\\FDC-CHENSHANZHE                                                              
\\FDC-CHUYANGJI1                                                               
\\FDC-GUYIFEI                                                                  
\\FDC-LUTING                                                                   
\\FDC-MASHAOSHUN                                                               
\\FDC-SHABIN                                                                   
\\FDC-TANGZUOMIN                                                               
\\FDC-XUXUNGUO                                                                 
\\FDC-YANGQI                                                                   
\\FDC-ZHANGGAO                                                                 
\\FDC-ZHANGYI                                                                  
\\FDC_LUTING                                                                   
\\FDC_SONGXINGCHA                                                              
\\FDC_ZHENGHAIMIN                                                              
\\FDCB-HUMINFANG                                                               
\\FDCB-TANGYINGHA                                                              
\\FDCB-WANGFENGFA                                                              
\\FDCB-WENBISHEN       fdcsb_wenbisheng                                        
\\FDCB-ZHUXIUPING                                                              
\\FDCNEWSBAK                                                                   
\\FDCNOTES                                                                     
\\FDCSVR_1                                                                     
\\FZBSVR2                                                                      
\\HEJIAN                                                                       
\\HP12789342826                                                                
\\HQWY_DAIDAXIONG                                                              
\\HTHJTYUJTY                                                                   
\\ITNEWSBAK                                                                    
\\JBRS_LIJING                                                                  
\\JF-SMS1                                                                      
\\JF-SMS2                                                                      
\\JFBP-WANGHUILIN                                                              
\\JFBX-XINYEHUA                                                                
\\JFCG-LUXZ                                                                    
\\JFCG_TANGDEMING                                                              
\\JFCW-LIJIANGUO                                                               
\\JFCW-LUOHUI                                                                  
\\JFCW_DB                                                                      
\\JFDNZXSV                                                                     
\\JFFGJ-NEW                                                                    
\\JFFGJBAK                                                                     
\\JFFH-BAOJIANNON                                                              
\\JFFX-CHENWEN                                                                 
\\JFFX-LOUWEI                                                                  
\\JFFX-LOUYAN                                                                  
\\JFFX-WANGQIAN                                                                
\\JFFX-YANGYINXUE                                                              
\\JFFX-ZHANGZHAOQ                                                              
\\JFFX-ZHOUHENLI                                                               
\\JFGG_GUHONGWEI                                                               
\\JFGGSV                                                                       
\\JFGH-ZHOULILI                                                                
\\JFGN-SHIXI3                                                                  
\\JFGN-ZHOUWENBO                                                               
\\JFGP_GUZIBAN                                                                 
\\JFJC-FENGHUIJU                                                               
\\JFJC-ZOUJIE                                                                  
\\JFJCC                                                                        
\\JFJD-CHENGUOQIA                                                              
\\JFJD-HEXIANWEI                                                               
\\JFJD-SHIXI1                                                                  
\\JFJD_ZHOUFENG                                                                
\\JFJG-ZHAOGUOCHE                                                              
\\JFJW-LIXUN                                                                   
\\JFNEWSTRS                                                                    
\\JFNOTES4                                                                     
\\JFPB                                                                         
\\JFPB-KANGJIAKAI                                                              
\\JFPB-SHIJUN                                                                  
\\JFPB-WUJINGRONG                                                              
\\JFPB-YUYANMIN                                                                
\\JFPB-ZHUQIN                                                                  
\\JFQG-MASONG                                                                  
\\JFQG-PRINTER                                                                 
\\JFQG-XINFANG2                                                                
\\JFQG-XINFANG3                                                                
\\JFRS-CHENLIFANG                                                              
\\JFRS-LINJIEXIAO                                                              
\\JFRS-QINGHAIMEI                                                              
\\JFRS-SHUJIANWEI                                                              
\\JFRSLIANGYONG                                                                
\\JFSB-SHENYE                                                                  
\\JFSB-XUXINFANG                                                               
\\JFSB-YUDIANWU                                                                
\\JFSM_XIEZHENQIA                                                              
\\JFSY-CHUHUIWEN                                                               
\\JFSY-PANLEQUN                                                                
\\JFSY-QIANWEIWEI                                                              
\\JFSY-XIAPU                                                                   
\\JFSY-ZHUCHANGYU                                                              
\\JFSY-ZHUQI                                                                   
\\JFSY-ZHUWEI          jfsy_zhuwei                                             
\\JFTY_ZHENGXINAO                                                              
\\JFUSER-HP                                                                    
\\JFUSER-XUY                                                                   
\\JFWINS1                                                                      
\\JFWINS2                                                                      
\\JFWINS3                                                                      
\\JFWL_LIJI                                                                    
\\JFWL_YANGJIAN                                                                
\\JFWXJS-NEW                                                                   
\\JFWXJSBAK-NEW                                                                
\\JFXXJSZX                                                                     
\\JFYB_HUITUYI                                                                 
\\JFYB_ZHANGTIANS                                                              
\\JFZB-CHENJIANFE                                                              
\\JFZBB-1RIBANJIA                                                              
\\JFZBB-22SHENGXH                                                              
\\JFZBB-2RIBANJIA                                                              
\\JFZBB-HEIMAJIAO                                                              
\\JFZBB-HUANGJIEM                                                              
\\JFZBB-JIAYIQUN                                                               
\\JFZBB-SHENGXIAO                                                              
\\JFZBB-ZHANGSIZH                                                              
\\JFZBB-ZHANGWEIP                                                              
\\JFZBB-ZHANGYANG                                                              
\\JFZM-GUXUEWEN                                                                
\\JTGH-PANGLI                                                                  
\\JTGH-SHENZHUOQU                                                              
\\JTIG_XUSHUYUAN       jtzjb_liuming                                           
\\JTJC-HUDIEKUN                                                                
\\JTJC-LINYANHE                                                                
\\JTJC-LUTINGTING                                                              
\\JTJC-SHENKAN                                                                 
\\JTJC-YUSHENGHUA                                                              
\\JTJC-ZHANGLEI                                                                
\\JTJC-ZHAOLAN                                                                 
\\JTJG-LIUYAN                                                                  
\\JTJG-LIYONG                                                                  
\\JTJG-SHIJINSHEN                                                              
\\JTJG-WUCHUNSHEN                                                              
\\JTJG_XUYUMING                                                                
\\JTJJ_WANGXIAOBI                                                              
\\JTJK-DENGDIRONG                                                              
\\JTJK-WANGYI                                                                  
\\JTJK-YANGXIAODA                                                              
\\JTJT-ZHOUHONGGA                                                              
\\JTJW-ZHANGXINCH                                                              
\\JTJW_WUSHUQING                                                               
\\JTRS-SUNLINRONG                                                              
\\JTRS-ZHANGYINGH                                                              
\\JTRS-ZHOUYF                                                                  
\\JTRS_XULIANNA                                                                
\\JTSB-GUWEIJIA        jfws_guweijia                                           
\\JTSB-HANMIN                                                                  
\\JTSB-JIANGXINGH                                                              
\\JTSB-LIUBING                                                                 
\\JTSB-TUMING                                                                  
\\JTSB-WANGXIANAN                                                              
\\JTSB-YAOYIN                                                                  
\\JTSB_-ANGCHENGH                                                              
\\JTSJ-GENLIPING                                                               
\\JTSJ-WUYOUP                                                                  
\\JTSY-CAIWUGONGY                                                              
\\JTSY-HUXIAODONG                                                              
\\JTSY-JIANGNAN                                                                
\\JTSY-JIXIN                                                                   
\\JTSY-LIANGYING                                                               
\\JTSY-LIBILIN                                                                 
\\JTSY-RENTIANYI                                                               
\\JTSY-SHIWEI                                                                  
\\JTSY-WANGLUSHI                                                               
\\JTSY-XULI                                                                    
\\JTSY-YEYING          jfjt_xieaf                                              
\\JTSY-YUTIAN                                                                  
\\JTSY-ZHANGGULIA                                                              
\\JTSY-ZHUJING                                                                 
\\JTTG-DUJIE                                                                   
\\JTTG-WANGYAN                                                                 
\\JTWM-LUXIAOHAI                                                               
\\JTWMB-DOUMANG        jtwmb_doumang                                           
\\JYCM-LVLA                                                                    
\\LINWY-PC                                                                     
\\RCB-CAIBIAN                                                                  
\\RCSCB-XUTIANL                                                                
\\SHBX-SUNHONGKAN                                                              
\\SHBX-ZHOUJINGYA                                                              
\\SJSV1                                                                        
\\SLSD-CHENGLI                                                                 
\\SLSD-CHENYILING                                                              
\\SLSD-DUJUAN                                                                  
\\SLSD-FENGZHENG                                                               
\\SLSD-LIUYU                                                                   
\\SLSD-QIUCHONGCH                                                              
\\SLSD-WANGHAN                                                                 
\\SLSD-YAOWANGXIN      eva                                                     
\\SLSD-ZHUMEINA                                                                
\\SYFZB_CHENSIJIA                                                              
\\SZCB-CHENTINGWE                                                              
\\SZCB-FANGYING                                                                
\\SZCB-HUANGHUIQI                                                              
\\SZCB-LILINWEI                                                                
\\SZCB-QIAOKE                                                                  
\\SZCB-SHIWEIWEN                                                               
\\SZCB-SONGHUI                                                                 
\\SZCB-WUSHENYAN                                                               
\\SZCB-WUYANG                                                                  
\\SZCB-XUJIAMIN                                                                
\\SZCB-YANXIAODAN                                                              
\\SZCB-ZHANGCHAO                                                               
\\SZCB_WANGQIN                                                                 
\\SZCBZX-WANGDONG                                                              
\\SZCM-XILINGLING                                                              
\\WBCJ-1SHIXISHEN                                                              
\\WBGJ-YANGMEIPIN                                                              
\\WBJJ-WANGXU                                                                  
\\WBPB                                                                         
\\WBPB-GUOPEI                                                                  
\\WBPB-HUANGYIN                                                                
\\WBPB-LURONG                                                                  
\\WBPB-QIANLINYI                                                               
\\WBPB-RONGLAN                                                                 
\\WBPB-TIANJIA                                                                 
\\WBPB-XIAOLI                                                                  
\\WBPB-XUNING                                                                  
\\WBPB-YEZHIDONG                                                               
\\WBPB-ZHANGGUFEN                                                              
\\WBPB-ZHULIFENG                                                               
\\WBPB-ZHUYUNXIU                                                               
\\WBYW-CHENRUI                                                                 
\\WBZB-BAIYUBEN                                                                
\\WBZB-PANCHEN                                                                 
\\WBZB-YAOZULIANG                                                              
\\WBZB-ZHANGXIAOL                                                              
\\WBZQ-QIHUO                                                                   
\\WUYE_LIMING          wy_liming                                               
\\WYGS-HUZHIMIN                                                                
\\WYHQ-DINGWEIGAN                                                              
\\WYHQ-HUIWU                                                                   
\\WYHQ-SHAODEJUN                                                               
\\WYHQ-ZHOUSHANSH                                                              
\\WYHQ_HANBISHENG                                                              
\\WYHQ_HONGXIANG                                                               
\\WYHQ_QIAOCHENGH                                                              
\\WYHQ_WANGYINLIA                                                              
\\WYHQ_ZHANGHONG                                                               
\\WYHQ_ZHANGSHURE                                                              
\\WYHQ_ZHOUJINGYU                                                              
\\WYHQ_ZHOUSHANSH                                                              
\\XMT-CAOWENBO                                                                 
\\XMT-JINMINGCHUA                                                              
\\XMT-KONGYIN                                                                  
\\XMT-LUTING                                                                   
\\XMT-QINGSHUANGS                                                              
\\XMT-WANGAO                                                                   
\\XMT-WANGLI                                                                   
\\XMT-WUCHENGJIE                                                               
\\XMT-XUDANDAN                                                                 
\\XMT-YAOSHUWEN                                                                
\\XMT-ZHOUDAN                                                                  
\\XMT-ZHOUXIANG                                                                
\\XMT-ZHUJIE                                                                   
\\XMT-ZOULIYA                                                                  
\\XMT_LIMO             xmt_limo                                                
\\XMT_NEWS                                                                     
\\XMT_SHAOLUHONG                                                               
\\XSYWB-JINMEIJUA                                                              
\\XSYWB-QIAOJIA                                                                
\\XSYWB-WANGRY                                                                 
\\XSYWB-YUANSHUAI                                                              
\\XSYWB_QIAOJIA                                                                
\\XWB-GAOFEI                                                                   
\\XWB-XIABIN                                                                   
\\XWBSJZ1                                                                      
\\XWBSJZ2                                                                      
\\XWCB_CAIWU                                                                   
\\XWCB_CHENHAINI                                                               
\\XWCW-CHENBIN                                                                 
\\XWCW_WANG11                                                                  
\\XWDZ-CHENGJIE                                                                
\\XWDZ-CHENYALI                                                                
\\XWDZ-CHENYI                                                                  
\\XWDZ-CHENYUYU                                                                
\\XWDZ-HUPIN                                                                   
\\XWDZ-JIANGPEIMI                                                              
\\XWDZ-PANGLIANG                                                               
\\XWDZ-TAOF                                                                    
\\XWDZ-WEIJUN                                                                  
\\XWFGJ-NEW                                                                    
\\XWFGJBAK                                                                     
\\XWFX-10CALLCENT                                                              
\\XWFX-14CALLCENT                                                              
\\XWFX-2CALLCENCE                                                              
\\XWFX-6CALLCENTE                                                              
\\XWFX-9CALLCENTE                                                              
\\XWFX-QUYI                                                                    
\\XWFX-WANGFANG                                                                
\\XWFX-WENGTAO                                                                 
\\XWFX-XUXIANG                                                                 
\\XWFX-ZHANGYANXI                                                              
\\XWFX-ZHANGYU                                                                 
\\XWNEWSTRS                                                                    
\\XWSVR                                                                        
\\XWWB_XIEFEIJUN                                                               
\\XWWB_YUTAORAN                                                                
\\XWWXJS-NEW                                                                   
\\XWWXJSBAK-NEW                                                                
\\XWZB-CUIXIN                                                                  
\\XWZB-FANWEI                                                                  
\\XWZB-GUHONGMEI                                                               
\\XWZB-ZHONGMING                                                               
\\XWZB_MAOYONGXIO                                                              
\\XXJSZX-ALEX                                                                  
\\XXZX-SUYIMING                                                                
\\YWB-BAOSIYU                                                                  
\\YWB-DAIXIAOGUAN                                                              
\\YWB-HANHUI                                                                   
\\YWB-JINWEIJUN                                                                
\\YWB-QINGHAO          ywb                                                     
\\YWB-SHAOYAGE                                                                 
\\YWB-SHIXISHENG1                                                              
\\YWB-SHIXISHENG2                                                              
\\YWB-WANGQIFENG                                                               
\\YWB-YANGRUIQ                                                                 
\\YWB-YANGYONGXI                                                               
\\YWB-YUJING                                                                   
\\YWB-ZHOULIJUN                                                                
\\YWZX_WANGWR                                                                  
\\ZBNEWSBAK                                                                    
\\ZBSH                                                                         
\\ZBSH-CAOXINGGEN                                                              
\\ZBSH-LIJIAQI                                                                 
\\ZBSH-PRINT                                                                   
\\ZBSH-ZHOUWENJIN                                                              
\\ZBSH_CHENYONGYI                                                              
\\ZBSH_SHIQIANGEN                                                              
\\ZBSH_TIANBING                                                                
\\ZBSH_YUZHILONG                                                               
\\ZBSH_ZHANGZHIPI                                                              
\\ZBSH_ZHOUWENJIN                                                              
\\ZGF                                                                          
\\ZHANGZH                                                                      
\\ZLSVR                                                                        
\\ZLZX-CAIYIANG                                                                
\\ZLZX-CGRS            jf_zlzx                                                 
\\ZLZX-FJ3                                                                     
\\ZLZX-GUOLIANG        zlzxgl                                                  
\\ZLZX-HUANGHAIYU      zlzx-hhy                                                
\\ZLZX-JIANGMEIJU                                                              
\\ZLZX-JINGHONG                                                                
\\ZLZX-LIYS            zlzxliys                                                
\\ZLZX-LYS                                                                     
\\ZLZX-MAGUANG         zls-mg                                                  
\\ZLZX-TIANBIAO                                                                
\\ZLZX-XIADINGYAN                                                              
\\ZLZX_ANGZHEN         zlzx_angz                                               
\\ZLZX_DINGHUIYU       xiaoding                                                
\\ZLZX_DONGQX          dongqx                                                  
\\ZLZX_FANJIE1                                                                 
\\ZLZX_SERVER-W11                                                              
命令成功完成。

若口令

192.168.91.30@ipcscan#Cracked account:  administrator/111
192.168.91.40@ipcscan#Cracked account:  administrator/password
192.168.91.69@ipcscan#Cracked account:  administrator/password
192.168.91.2@ipcscan#NT User List:   wyush(User)  hetb(User)  zhangdx(User)  yangzh(User)  wangjj(User)  yuj(User)  wangwj(User)  luojh(User)  liyz(User)  luoxq(User)  dingb(User)  rbjd2(User)  chenx(User)  hongx(User)  zhanggw(User)  zhoul(User)  yanghy(User)  gesm(User)  taof(User)  huangym(User)  linyh(User)  shenxh(User)  liqin(User)  chenjy(User)  shizy(User)  yangf(User)  xiezq(User)  chengl(User)  zhizuo(User)  zhangyt(User)  zhanggh(User)  wangxq(User)  panwei(User)  kongt(User)  hanj(User)  fengt(User)  xy(Admin)  wangliw(User)  isa2004(User)  xinying(User)  wangqian(User)  lixx(User)  xurr(User)  zhangchun(User)  nijia(User)  zhoux(User)  wanglei(User)  sunjy(User)  caiyh(User)  zhengsh(User)  jinwj(User)  dingyunnu(User)  duml(User)  zhangyang(User)  yanwj(User)  lixw(User)  limo(User)  quy(User)  bkshxs2(User)  zhujiy(User)  lizh(User)  zhangjunl(User)  xiap(User)  xuyong(User)  gaos(User)  zhangji(User)  xiaoli(User)  changliu2(User)  zhangzq(User)  zhangyi(User)  houxlan(User)  caozm(User)  shenzhuoq(User)  wangcf(User)  lijue(User)  liangying(User)  louw(User)  pengl(User)  wangyp(User)  
192.168.91.1@ipcscan#NT User List:   wyush(User)  hetb(User)  zhangdx(User)  yangzh(User)  wangjj(User)  yuj(User)  wangwj(User)  luojh(User)  liyz(User)  luoxq(User)  dingb(User)  rbjd2(User)  chenx(User)  hongx(User)  zhanggw(User)  zhoul(User)  yanghy(User)  gesm(User)  taof(User)  huangym(User)  linyh(User)  shenxh(User)  liqin(User)  chenjy(User)  shizy(User)  yangf(User)  xiezq(User)  chengl(User)  zhizuo(User)  zhangyt(User)  zhanggh(User)  wangxq(User)  panwei(User)  kongt(User)  hanj(User)  fengt(User)  xy(Admin)  wangliw(User)  isa2004(User)  xinying(User)  wangqian(User)  lixx(User)  xurr(User)  zhangchun(User)  nijia(User)  zhoux(User)  wanglei(User)  sunjy(User)  caiyh(User)  zhengsh(User)  jinwj(User)  dingyunnu(User)  duml(User)  zhangyang(User)  yanwj(User)  lixw(User)  limo(User)  quy(User)  bkshxs2(User)  zhujiy(User)  lizh(User)  zhangjunl(User)  xiap(User)  xuyong(User)  gaos(User)  zhangji(User)  xiaoli(User)  changliu2(User)  zhangzq(User)  zhangyi(User)  houxlan(User)  caozm(User)  shenzhuoq(User)  wangcf(User)  lijue(User)  liangying(User)  louw(User)  pengl(User)  wangyp(User)  
192.168.91.230@ipcscan#Cracked account:  administrator/password
192.168.91.48@mssqlscan#Cracked account:  sa/sa
192.168.91.45@mysqlscan#Version:  3.23.44-nt
192.168.91.45@mysqlscan#Cracked account:  root/root
192.168.91.46@mysqlscan#Version:  3.23.44-max-debug
192.168.91.46@mysqlscan#Cracked account:  root/root
192.168.91.73@mssqlscan#Cracked account:  sa/sa
192.168.91.45@mysqlscan#Version:  3.23.44-nt
192.168.91.45@mysqlscan#Cracked account:  mysql/[null]
192.168.91.46@mysqlscan#Version:  3.23.44-max-debug
192.168.91.46@mysqlscan#Cracked account:  mysql/[null]
192.168.92.10@ipcscan#Cracked account:  administrator/password
192.168.92.21@ipcscan#Cracked account:  administrator/passwd
192.168.92.22@ipcscan#Cracked account:  administrator/passwd
192.168.92.25@ipcscan#Cracked account:  administrator/passwd
192.168.91.45@mysqlscan#Version:  3.23.44-nt
192.168.91.45@mysqlscan#Cracked account:  root/root
192.168.91.46@mysqlscan#Version:  3.23.44-max-debug
192.168.91.46@mysqlscan#Cracked account:  root/root
192.168.92.81@ipcscan#Cracked account:  administrator/password
192.168.92.1@mssqlscan#Cracked account:  sa/[null]
192.168.92.204@ftpscan#banner:   220 VxWorks (VxWorks5.5.1) FTP server ready
192.168.92.210@ipcscan#Cracked account:  administrator/password
192.168.92.211@ipcscan#Cracked account:  administrator/111
192.168.92.132@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.92.133@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.92.134@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.92.136@ftpscan#banner:   220 Microsoft FTP Service
192.168.92.136@ftpscan#Cracked account:  ftp/ftp@ftp.net
192.168.92.81@mssqlscan#Cracked account:  sa/[null]
192.168.92.139@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.92.101@mssqlscan#Cracked account:  sa/password
192.168.92.203@mssqlscan#Cracked account:  sa/[null]
192.168.92.132@mssqlscan#Cracked account:  sa/[null]
192.168.92.134@mssqlscan#Cracked account:  sa/111
192.168.92.139@mssqlscan#Cracked account:  sa/111
192.168.105.10@ipcscan#Cracked account:  administrator/111
192.168.105.23@ftpscan#banner:   220 (vsFTPd 2.3.2)
192.168.105.25@ftpscan#banner:   220 (vsFTPd 2.2.2)
192.168.105.24@ftpscan#banner:   220 (vsFTPd 2.2.2)
192.168.105.79@ipcscan#Cracked account:  administrator/111
192.168.105.22@mysqlscan#Version:  5.0.45
192.168.105.22@mysqlscan#Cracked account:  root/[null]
192.168.105.108@ipcscan#NT User List:   nobody(Guest)  fetch3(Guest)  
192.168.105.106@ipcscan#NT User List:   nobody(Guest)  fetch1(Guest)  
192.168.105.135@ipcscan#Cracked account:  administrator/password
192.168.105.20@ftpscan#banner:   220 Serv-U FTP Server v10.5 ready...
192.168.105.75@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.105.195@ipcscan#Cracked account:  administrator/password
192.168.105.202@ftpscan#banner:   220 Welcome to FTP service.
192.168.105.201@ftpscan#banner:   220 Welcome to FTP service.
192.168.105.203@ftpscan#banner:   220 Welcome to FTP service.
192.168.105.108@ftpscan#banner:   220 (vsFTPd 2.2.2)
192.168.105.123@ftpscan#banner:   220-¡î Sonic FTP Server (Version 1.06a).
192.168.105.106@ftpscan#banner:   220 (vsFTPd 2.2.2)
192.168.105.135@ftpscan#banner:   220 Serv-U FTP Server v10.5 ready...
192.168.105.191@ftpscan#banner:   220 Serv-U FTP Server v6.0 for WinSock ready...
192.168.105.195@ftpscan#banner:   220 Serv-U FTP Server v6.4 for WinSock ready...
192.168.105.195@ftpscan#Cracked account:  administrator/password
192.168.105.75@mssqlscan#Cracked account:  sa/[null]

修复方案：

1.测试应用时不应对外开放服务
2.应该避免出现若口令/空口令
3.应用程序版本应及时更新

版权声明：转载请注明来源提莫队长@乌云

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：13

确认时间：2015-03-18 13:28

厂商回复：

漏洞评价：

2015-03-13 22:10 | 天朝城管 ( 普通白帽子 | Rank:116 漏洞数:35 | 不要等到命玩你的时候才开始玩命)

提莫队长正在日站
2015-04-27 17:57 | ◕‿◕ ( 路人 | Rank:4 漏洞数:3 | ◕‿◕◕‿◕◕‿◕◕‿◕◕‿◕◕‿◕◕‿...)

楼主用什么神器扫描的
2015-04-28 10:05 | BMa ( 普通白帽子 | Rank:1776 漏洞数:200 )

@提莫队长后面扫弱口令用的什么工具？
2015-04-28 11:05 | J4rn4ben ( 路人 | Rank:15 漏洞数:4 | 喜欢在西湖里自由泳的野猪)

@提莫队长弱口令是什么扫的？
2015-04-28 13:07 | hack_lan ( 路人 | Rank:4 漏洞数:3 | 爱好linux开源架构，安全，python)

我也求工具
2015-06-02 22:49 | 提莫队长 ( 路人 | Rank:13 漏洞数:1 | 提莫队长正在待命)

@◕‿◕ @BMa @hack_lan @J4rn4ben N年前的东西啊,HScan
2015-06-05 14:42 | hack_lan ( 路人 | Rank:4 漏洞数:3 | 爱好linux开源架构，安全，python)

@提莫队长你这是linux环境下的？我这儿只有win环境的没有linux环境的

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0101184

漏洞标题：一个低版本JBoss让解放日报整个域沦陷

相关厂商：解放日报(jfdaily.com)

漏洞作者：提莫队长

提交时间：2015-03-13 17:40

修复时间：2015-04-27 17:42

公开时间：2015-04-27 17:42

漏洞类型：系统/服务运维配置不当

危害等级：高

自评Rank：20

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源提莫队长@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0101184

漏洞标题：一个低版本JBoss让解放日报整个域沦陷

相关厂商：解放日报(jfdaily.com)

漏洞作者： 提莫队长

提交时间：2015-03-13 17:40

修复时间：2015-04-27 17:42

公开时间：2015-04-27 17:42

漏洞类型：系统/服务运维配置不当

危害等级：高

自评Rank：20

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0101184"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 提莫队长@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

漏洞概要关注数(24) 关注此漏洞

漏洞作者：提莫队长

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源提莫队长@乌云