当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0144418

漏洞标题:运营商安全之中国电信呼叫中心系统命令执行漏洞

相关厂商:中国电信

漏洞作者: 路人甲

提交时间:2015-10-02 10:58

修复时间:2015-11-24 17:10

公开时间:2015-11-24 17:10

漏洞类型:命令执行

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-10-02: 细节已通知厂商并且等待厂商处理中
2015-10-10: 厂商已经确认,细节仅向厂商公开
2015-10-20: 细节向核心白帽子及相关领域专家公开
2015-10-30: 细节向普通白帽子公开
2015-11-09: 细节向实习白帽子公开
2015-11-24: 细节向公众公开

简要描述:

运营商安全之中国电信呼叫中心系统命令执行漏洞

详细说明:

**.**.**.**:8080/jmx-console
**.**.**.**:8080/ccpsso/authen
**.**.**.**:8080/ccpsso/authen
**.**.**.**:8080/ccpsso/authen
jboss密码为admin admin
直接部署
**.**.**.**:8090/upload5warn/shell.jsp
小马
**.**.**.**:8090//upload5warn/cmd.jsp
023

1.png


查看了下ftp连接工具,有很多用户名密码,我没做测试,自检下。

[**.**.**.**]
created=40239.4284810301
Proxy=0
IP=**.**.**.**
user=administrator
pass=829D4C9C3A110201
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D8E67422
[**.**.**.**]
created=40242.6929453472
Proxy=0
IP=**.**.**.**
user=oracle
pass=A872A03790BBACEB63B156D158CF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F9F107E9
[**.**.**.**]
created=40243.4813612847
Proxy=0
IP=**.**.**.**
user=weblogic
pass=1DFD23B61009395EA8BF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=A1A367C7
path=/bea
[**.**.**.**广西应用]
created=40249.6462042708
Proxy=0
IP=**.**.**.**
user=wlan
pass=22E00C5EFA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=8A8CBC9A
path=/opt/BOCO/wlan
[**.**.**.**]
created=40254.6597807986
Proxy=0
IP=**.**.**.**
user=weblogic
pass=35E50B5EFB25D5335DF4
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=343F8CD8
[**.**.**.**]
created=40256.5938252431
Proxy=0
IP=**.**.**.**
user=weblogic
pass=8383A93F9D779F3D98
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=FD392DBA
[**.**.**.**]
created=40272.3414530903
Proxy=0
IP=**.**.**.**
user=root
pass=0F0F3295380224A632
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=683697E5
[**.**.**.**]
created=40318.7154191088
Proxy=0
IP=**.**.**.**
user=WLAN_guest
pass=72B0BDCD2AF31ABB19E818
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=B3C77F3E
[**.**.**.**]
created=40337.666021956
Proxy=0
IP=**.**.**.**
user=weblogic
pass=53C369F85EBB6AAFD969
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=C6DDA0DC
[**.**.**.**(广西数据库)]
created=40351.6722313889
Proxy=0
IP=**.**.**.**
user=oracle
pass=79914595CE41E7
port=21
path=/export/home/oracle
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=42D5E0ED
[**.**.**.**广西采集1]
created=40351.6728267593
Proxy=0
IP=**.**.**.**
user=wlan
pass=5AEB649739DF005A
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F8349FB1
[**.**.**.**广西采集2]
created=40351.6734777431
Proxy=0
IP=**.**.**.**
user=wlan
pass=A79988FB45CB6CEE
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F0FDFFAC
[**.**.**.**广西采集3]
created=40351.6746043519
Proxy=0
IP=**.**.**.**
user=wlan
pass=4FFA7586CB42E265
port=21
path=/opt/BOCO/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=7EFC0908
[**.**.**.**]
created=40352.7697477083
Proxy=0
IP=**.**.**.**
user=weblogic
pass=A07194C5031CCACF3A09
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=EBF9F4F5
[**.**.**.**]
created=40354.7385078241
Proxy=0
IP=**.**.**.**
user=oracle
pass=F31ACD1C49CF74
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=C9A2D15A
[**.**.**.**]
options=300333300003300110300001000333300000101200
Proxy=0
IP=**.**.**.**
user=wlan
pass=73B341B13619C9035EFA18EA6D
port=22
DSL=25
USL=25
TZ=-1
SPS=0
RPS=0
ID=757F9597
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[哈尔滨WLAN应用]
created=40421.4744922338
Proxy=0
IP=**.**.**.**
user=gdau
pass=DC8494C677CD64E364
port=21
path=/DNMS/BOCO/OMC
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=6DD4BEEA
[哈尔滨WLAN数据库]
created=40421.5692937037
Proxy=0
IP=**.**.**.**
user=oracle
pass=1911C21778CA45B1CD58809B
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=77E3407C
[**.**.**.**]
created=40471.6225006597
Proxy=0
IP=**.**.**.**
user=gdau
pass=411B2DBD0E34CA0ABA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=8001A1D3
[**.**.**.**]
created=40479.6413341088
Proxy=0
IP=**.**.**.**
user=root
pass=D733E360E2
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=48E94092
[**.**.**.**]
created=40481.612590463
Proxy=0
IP=**.**.**.**
user=root
pass=6E994884CE
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=264D6899
[GD_WLAN GD_DG dgdb]
created=40482.6337040278
Proxy=0
IP=**.**.**.**
user=oracle
pass=7D954999CA4DF3
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=AC829BEB
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgapp]
created=40482.6339994213
Proxy=0
IP=**.**.**.**
user=root
pass=EF2ED30B44DF11B5
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=BFCE8E03
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgcol1]
created=40482.6343022106
Proxy=0
IP=**.**.**.**
user=root
pass=1EFC20B729DA0653F9
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=D4F03A53
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
path=/wlan
[GD_WLAN GD_DG dgcol2]
created=40482.6345038889
Proxy=0
IP=**.**.**.**
user=root
pass=D736E376D2
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=116BE87A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgcol3]
created=40482.6348778241
Proxy=0
IP=**.**.**.**
user=root
pass=19E9174B8F
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
path=/wlan
ID=49FC8A58
[GD_WLAN GD_FS fsapp]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=21F1174EF715C016BC
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=DFD60742
[GD_WLAN GD_SZ szapp]
created=40482.6639072338
Proxy=0
IP=**.**.**.**
user=root
pass=EF2ED374D82AD70D43
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=0C3AC65A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_SZ szcol1]
created=40482.6702910417
Proxy=0
IP=**.**.**.**
user=root
pass=71A1478932D30156FC
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=3C8C1553
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
localpath=E:\WLAN\程序\20101030\wlan-omc 主体-**.**.**.**\采集机
[GD_WLAN GD_SZ szcol2]
created=40482.6753817708
Proxy=0
IP=**.**.**.**
user=root
pass=F021C40BB351FC6AE0
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=32C0AAA3
[GD_WLAN GD_SZ szcol3]
created=40482.6763556713
Proxy=0
IP=**.**.**.**
user=root
pass=5FBF65EB50BD6BF85F
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=783F2FCE
[GD_WLAN GD_SZ szcol5]
created=40482.6778227894
Proxy=0
IP=**.**.**.**
user=root
pass=17072AAE1FEC184D83
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D300C808
[GD_WLAN GD_FS fscol1]
created=40482.6882335417
Proxy=0
IP=**.**.**.**
user=root
pass=CC4DF064E123CE044A
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=CCA11A5D
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_FS fscol2]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=1AF81CB113F01C498F
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=E630957E
[GD_WLAN GD_FS fscol3]
created=40482.6900776157
Proxy=0
IP=**.**.**.**
user=root
pass=BC5D80D57F8CB92FA5
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=C7520A6A
[GD_WLAN GD_YAYUN yayunapp]
created=40483.4443036343
Proxy=0
IP=**.**.**.**
user=root
pass=13FC2DAF12
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2C932503
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM JMAPP]
created=40483.7818215278
Proxy=0
IP=**.**.**.**
user=root
pass=8B84B211B3
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2562493E
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_HZ HZAPP]
created=40483.7839527431
Proxy=0
IP=**.**.**.**
user=root
pass=5CBA5EF546C775E269
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=708680A0
[GD_WLAN GD_GZ GZAPP]
created=40483.7853747685
Proxy=0
IP=**.**.**.**
user=root
pass=31DA0B498B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=701967BB
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG yycol2]
created=40489.7592884838
Proxy=0
IP=**.**.**.**
user=root
pass=0803339130
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=826DF6A7
[GD_WLAN GD_GZ gzdb]
created=40492.4493861227
Proxy=0
IP=**.**.**.**
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
user=root
pass=BC5684C003
ID=187CDBC5
[GD_WLAN GD_YAYUN yycol]
created=40492.5149555671
Proxy=0
IP=**.**.**.**
user=root
pass=42CD7CD87B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
path=/wlan
ID=58FCA8FC
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_FS fsdb]
created=40492.6014356944
Proxy=0
IP=**.**.**.**
user=oracle
pass=54BA6CFE54BA61
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=40B3F900
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_HZ hzdb]
created=40492.6028533796
Proxy=0
IP=**.**.**.**
user=root
pass=C948ED65E91BC61CB2
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=4E82EE48
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM jmdb]
created=40492.6044943519
Proxy=0
IP=**.**.**.**
user=oracle
pass=1AF022B022F41B
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=095B303F
[GD_WLAN GD_SZ szdb]
created=40492.6050706019
Proxy=0
IP=**.**.**.**
user=oracle
pass=72984A98CD40E4
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D96F5817
[GD_WLAN GD_YAYUN yydb]
created=40492.6057291204
Proxy=0
IP=**.**.**.**
user=root
pass=22ED1CB81B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=519F880A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_GZ gzcol1]
created=40501.4521891204
Proxy=0
IP=**.**.**.**
user=root
pass=18F322A221
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=0112D029
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN **.**.**.**]
created=40512.569801331
Proxy=0
IP=**.**.**.**
user=wlanomc
pass=65A55387C349F76F
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=360511D3
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM jmcol1]
created=40535.5879077778
Proxy=0
IP=**.**.**.**
user=root
pass=7F88B615BF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=50E45BC0
[GD_WLAN GD_GZ yayunapp]
created=40568.4303704745
Proxy=0
IP=**.**.**.**
user=root
pass=8681B112B0
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=AE0A4B05
[GD_WLAN GD_GZ gzcol2]
created=40590.5881911806
Proxy=0
IP=**.**.**.**
user=root
pass=F713C30042
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=EB6BA3C8
[GD_WLAN GD_GZ gzcol225]
created=40590.5889351852
Proxy=0
IP=**.**.**.**
user=root
pass=0B04329231
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=318ABE2D
[GD_WLAN GD_JM jmcol2]
created=40590.5990438657
Proxy=0
IP=**.**.**.**
user=root
pass=E925D576DC
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=13E5B015
[GD_WLAN 福建采集机90]
created=40599.9629703704
Proxy=0
IP=**.**.**.**
user=wlan
pass=C746F366E2
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=08DCCF0F
[GD_WLAN GD_JM 阳江]
created=40603.7487816435
Proxy=0
IP=**.**.**.**
user=root
pass=25F51BA724E10F448A
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=30208093
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM 湛江]
created=40610.4953132176
Proxy=0
IP=**.**.**.**
user=root
pass=A5749927A76590C50C
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=38A00163
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN 福建采集机89]
created=40627.6211854282
Proxy=0
IP=**.**.**.**
user=wlan
pass=C342EF62E6
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
ID=B143B7FD
[GD_WLAN GD_HZ HZcol]
created=40634.5306347569
Proxy=0
IP=**.**.**.**
user=root
pass=A57499319D6F9ACF06
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=A6E34682
[GD_WLAN 福建数据库]
created=40654.8975773958
Proxy=0
IP=**.**.**.**
user=wlan
pass=BF4EFB6EEA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
ID=C5F48DF4
[GD_WLAN GD_GZ 韶关]
created=40655.4029891782
Proxy=0
IP=**.**.**.**
user=root
pass=A2AA9DE32E190E
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=E6F34F58
[GD_WLAN GD_GZ gzcol98]
created=40660.6846634375
Proxy=0
IP=**.**.**.**
user=root
pass=CB47F754FE
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=79F46849
[GD_WLAN GD_JM 肇庆]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=738BF30A
pass=51C167D2729341963D
[GD_WLAN GD_JM mm1]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=9D7CA13C9F6D98CD04
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2D6D26D9
[GD_WLAN GD_JM mm2]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=08163B9B3FCC78ED64
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=A56E1B83
[GD_WLAN GD_GZ gz106]
created=40698.4832741898
Proxy=0
IP=**.**.**.**
user=root
pass=F812C00341
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=09387322
[GD_WLAN GD_GZ yayundb]
created=40702.4718068171
Proxy=0
IP=**.**.**.**
user=root
pass=11FA2BA928
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=2D988869
[**.**.**.**(bpo)]
created=41198.3972594097
Proxy=0
IP=**.**.**.**
user=software
pass=DE2BDB71D331D372EF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=0D0AB410


泄漏大量内部资料。

2.png


Provider=MSDAORA.1;Data Source=GZ_KM;User ID=gskm;Password=gs070308
Provider=MSDAORA.1;Data Source=KMDB;User ID=gskm_test;Password=gskm100902

漏洞证明:

**.**.**.**:8080/jmx-console
**.**.**.**:8080/ccpsso/authen
**.**.**.**:8080/ccpsso/authen
**.**.**.**:8080/ccpsso/authen
jboss密码为admin admin
直接部署
**.**.**.**:8090/upload5warn/shell.jsp
小马
**.**.**.**:8090//upload5warn/cmd.jsp
023

1.png


查看了下ftp连接工具,有很多用户名密码,我没做测试,自检下。

[**.**.**.**]
created=40239.4284810301
Proxy=0
IP=**.**.**.**
user=administrator
pass=829D4C9C3A110201
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D8E67422
[**.**.**.**]
created=40242.6929453472
Proxy=0
IP=**.**.**.**
user=oracle
pass=A872A03790BBACEB63B156D158CF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F9F107E9
[**.**.**.**]
created=40243.4813612847
Proxy=0
IP=**.**.**.**
user=weblogic
pass=1DFD23B61009395EA8BF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=A1A367C7
path=/bea
[**.**.**.**广西应用]
created=40249.6462042708
Proxy=0
IP=**.**.**.**
user=wlan
pass=22E00C5EFA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=8A8CBC9A
path=/opt/BOCO/wlan
[**.**.**.**]
created=40254.6597807986
Proxy=0
IP=**.**.**.**
user=weblogic
pass=35E50B5EFB25D5335DF4
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=343F8CD8
[**.**.**.**]
created=40256.5938252431
Proxy=0
IP=**.**.**.**
user=weblogic
pass=8383A93F9D779F3D98
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=FD392DBA
[**.**.**.**]
created=40272.3414530903
Proxy=0
IP=**.**.**.**
user=root
pass=0F0F3295380224A632
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=683697E5
[**.**.**.**]
created=40318.7154191088
Proxy=0
IP=**.**.**.**
user=WLAN_guest
pass=72B0BDCD2AF31ABB19E818
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=B3C77F3E
[**.**.**.**]
created=40337.666021956
Proxy=0
IP=**.**.**.**
user=weblogic
pass=53C369F85EBB6AAFD969
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=C6DDA0DC
[**.**.**.**(广西数据库)]
created=40351.6722313889
Proxy=0
IP=**.**.**.**
user=oracle
pass=79914595CE41E7
port=21
path=/export/home/oracle
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=42D5E0ED
[**.**.**.**广西采集1]
created=40351.6728267593
Proxy=0
IP=**.**.**.**
user=wlan
pass=5AEB649739DF005A
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F8349FB1
[**.**.**.**广西采集2]
created=40351.6734777431
Proxy=0
IP=**.**.**.**
user=wlan
pass=A79988FB45CB6CEE
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=F0FDFFAC
[**.**.**.**广西采集3]
created=40351.6746043519
Proxy=0
IP=**.**.**.**
user=wlan
pass=4FFA7586CB42E265
port=21
path=/opt/BOCO/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=7EFC0908
[**.**.**.**]
created=40352.7697477083
Proxy=0
IP=**.**.**.**
user=weblogic
pass=A07194C5031CCACF3A09
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=EBF9F4F5
[**.**.**.**]
created=40354.7385078241
Proxy=0
IP=**.**.**.**
user=oracle
pass=F31ACD1C49CF74
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=C9A2D15A
[**.**.**.**]
options=300333300003300110300001000333300000101200
Proxy=0
IP=**.**.**.**
user=wlan
pass=73B341B13619C9035EFA18EA6D
port=22
DSL=25
USL=25
TZ=-1
SPS=0
RPS=0
ID=757F9597
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[哈尔滨WLAN应用]
created=40421.4744922338
Proxy=0
IP=**.**.**.**
user=gdau
pass=DC8494C677CD64E364
port=21
path=/DNMS/BOCO/OMC
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=6DD4BEEA
[哈尔滨WLAN数据库]
created=40421.5692937037
Proxy=0
IP=**.**.**.**
user=oracle
pass=1911C21778CA45B1CD58809B
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=77E3407C
[**.**.**.**]
created=40471.6225006597
Proxy=0
IP=**.**.**.**
user=gdau
pass=411B2DBD0E34CA0ABA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=8001A1D3
[**.**.**.**]
created=40479.6413341088
Proxy=0
IP=**.**.**.**
user=root
pass=D733E360E2
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=48E94092
[**.**.**.**]
created=40481.612590463
Proxy=0
IP=**.**.**.**
user=root
pass=6E994884CE
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=264D6899
[GD_WLAN GD_DG dgdb]
created=40482.6337040278
Proxy=0
IP=**.**.**.**
user=oracle
pass=7D954999CA4DF3
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=AC829BEB
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgapp]
created=40482.6339994213
Proxy=0
IP=**.**.**.**
user=root
pass=EF2ED30B44DF11B5
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=BFCE8E03
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgcol1]
created=40482.6343022106
Proxy=0
IP=**.**.**.**
user=root
pass=1EFC20B729DA0653F9
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=D4F03A53
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
path=/wlan
[GD_WLAN GD_DG dgcol2]
created=40482.6345038889
Proxy=0
IP=**.**.**.**
user=root
pass=D736E376D2
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=116BE87A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG dgcol3]
created=40482.6348778241
Proxy=0
IP=**.**.**.**
user=root
pass=19E9174B8F
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
path=/wlan
ID=49FC8A58
[GD_WLAN GD_FS fsapp]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=21F1174EF715C016BC
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=DFD60742
[GD_WLAN GD_SZ szapp]
created=40482.6639072338
Proxy=0
IP=**.**.**.**
user=root
pass=EF2ED374D82AD70D43
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=0C3AC65A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_SZ szcol1]
created=40482.6702910417
Proxy=0
IP=**.**.**.**
user=root
pass=71A1478932D30156FC
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=3C8C1553
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
localpath=E:\WLAN\程序\20101030\wlan-omc 主体-**.**.**.**\采集机
[GD_WLAN GD_SZ szcol2]
created=40482.6753817708
Proxy=0
IP=**.**.**.**
user=root
pass=F021C40BB351FC6AE0
port=21
path=/wlan
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=32C0AAA3
[GD_WLAN GD_SZ szcol3]
created=40482.6763556713
Proxy=0
IP=**.**.**.**
user=root
pass=5FBF65EB50BD6BF85F
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=783F2FCE
[GD_WLAN GD_SZ szcol5]
created=40482.6778227894
Proxy=0
IP=**.**.**.**
user=root
pass=17072AAE1FEC184D83
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D300C808
[GD_WLAN GD_FS fscol1]
created=40482.6882335417
Proxy=0
IP=**.**.**.**
user=root
pass=CC4DF064E123CE044A
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=CCA11A5D
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_FS fscol2]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=1AF81CB113F01C498F
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=E630957E
[GD_WLAN GD_FS fscol3]
created=40482.6900776157
Proxy=0
IP=**.**.**.**
user=root
pass=BC5D80D57F8CB92FA5
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=C7520A6A
[GD_WLAN GD_YAYUN yayunapp]
created=40483.4443036343
Proxy=0
IP=**.**.**.**
user=root
pass=13FC2DAF12
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2C932503
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM JMAPP]
created=40483.7818215278
Proxy=0
IP=**.**.**.**
user=root
pass=8B84B211B3
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2562493E
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_HZ HZAPP]
created=40483.7839527431
Proxy=0
IP=**.**.**.**
user=root
pass=5CBA5EF546C775E269
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=708680A0
[GD_WLAN GD_GZ GZAPP]
created=40483.7853747685
Proxy=0
IP=**.**.**.**
user=root
pass=31DA0B498B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=701967BB
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_DG yycol2]
created=40489.7592884838
Proxy=0
IP=**.**.**.**
user=root
pass=0803339130
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=826DF6A7
[GD_WLAN GD_GZ gzdb]
created=40492.4493861227
Proxy=0
IP=**.**.**.**
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
user=root
pass=BC5684C003
ID=187CDBC5
[GD_WLAN GD_YAYUN yycol]
created=40492.5149555671
Proxy=0
IP=**.**.**.**
user=root
pass=42CD7CD87B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
path=/wlan
ID=58FCA8FC
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_FS fsdb]
created=40492.6014356944
Proxy=0
IP=**.**.**.**
user=oracle
pass=54BA6CFE54BA61
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=40B3F900
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_HZ hzdb]
created=40492.6028533796
Proxy=0
IP=**.**.**.**
user=root
pass=C948ED65E91BC61CB2
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=4E82EE48
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM jmdb]
created=40492.6044943519
Proxy=0
IP=**.**.**.**
user=oracle
pass=1AF022B022F41B
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=095B303F
[GD_WLAN GD_SZ szdb]
created=40492.6050706019
Proxy=0
IP=**.**.**.**
user=oracle
pass=72984A98CD40E4
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=D96F5817
[GD_WLAN GD_YAYUN yydb]
created=40492.6057291204
Proxy=0
IP=**.**.**.**
user=root
pass=22ED1CB81B
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=519F880A
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_GZ gzcol1]
created=40501.4521891204
Proxy=0
IP=**.**.**.**
user=root
pass=18F322A221
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=0112D029
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN **.**.**.**]
created=40512.569801331
Proxy=0
IP=**.**.**.**
user=wlanomc
pass=65A55387C349F76F
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=360511D3
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM jmcol1]
created=40535.5879077778
Proxy=0
IP=**.**.**.**
user=root
pass=7F88B615BF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=50E45BC0
[GD_WLAN GD_GZ yayunapp]
created=40568.4303704745
Proxy=0
IP=**.**.**.**
user=root
pass=8681B112B0
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=AE0A4B05
[GD_WLAN GD_GZ gzcol2]
created=40590.5881911806
Proxy=0
IP=**.**.**.**
user=root
pass=F713C30042
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=EB6BA3C8
[GD_WLAN GD_GZ gzcol225]
created=40590.5889351852
Proxy=0
IP=**.**.**.**
user=root
pass=0B04329231
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=318ABE2D
[GD_WLAN GD_JM jmcol2]
created=40590.5990438657
Proxy=0
IP=**.**.**.**
user=root
pass=E925D576DC
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=13E5B015
[GD_WLAN 福建采集机90]
created=40599.9629703704
Proxy=0
IP=**.**.**.**
user=wlan
pass=C746F366E2
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=08DCCF0F
[GD_WLAN GD_JM 阳江]
created=40603.7487816435
Proxy=0
IP=**.**.**.**
user=root
pass=25F51BA724E10F448A
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=30208093
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN GD_JM 湛江]
created=40610.4953132176
Proxy=0
IP=**.**.**.**
user=root
pass=A5749927A76590C50C
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=38A00163
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
[GD_WLAN 福建采集机89]
created=40627.6211854282
Proxy=0
IP=**.**.**.**
user=wlan
pass=C342EF62E6
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
ID=B143B7FD
[GD_WLAN GD_HZ HZcol]
created=40634.5306347569
Proxy=0
IP=**.**.**.**
user=root
pass=A57499319D6F9ACF06
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=A6E34682
[GD_WLAN 福建数据库]
created=40654.8975773958
Proxy=0
IP=**.**.**.**
user=wlan
pass=BF4EFB6EEA
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c5=c7=c1=c3=c6=c8=c9=c10=c11=c12=c13=c4=u
ID=C5F48DF4
[GD_WLAN GD_GZ 韶关]
created=40655.4029891782
Proxy=0
IP=**.**.**.**
user=root
pass=A2AA9DE32E190E
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=E6F34F58
[GD_WLAN GD_GZ gzcol98]
created=40660.6846634375
Proxy=0
IP=**.**.**.**
user=root
pass=CB47F754FE
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=79F46849
[GD_WLAN GD_JM 肇庆]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=738BF30A
pass=51C167D2729341963D
[GD_WLAN GD_JM mm1]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=9D7CA13C9F6D98CD04
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=2D6D26D9
[GD_WLAN GD_JM mm2]
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
Proxy=0
IP=**.**.**.**
user=root
pass=08163B9B3FCC78ED64
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
ID=A56E1B83
[GD_WLAN GD_GZ gz106]
created=40698.4832741898
Proxy=0
IP=**.**.**.**
user=root
pass=F812C00341
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=09387322
[GD_WLAN GD_GZ yayundb]
created=40702.4718068171
Proxy=0
IP=**.**.**.**
user=root
pass=11FA2BA928
port=22
DSL=25
USL=25
options=300333300003300110300001000333300000101200
TZ=-1
SPS=0
RPS=0
SftpCipherList=18=c5=c17=c6=c16=c7=c19=c0=c20=c1=c28=c13=c15=u26=u23=u30=u8=u2=u25=u9=u22=u3=u21=u24=u4=u10=u29=u27=u12=u11=u14=u
SftpMACList=0=c2=c1=c3=c5=c6=c7=c8=c9=c10=c11=c12=c13=c4=u
ID=2D988869
[**.**.**.**(bpo)]
created=41198.3972594097
Proxy=0
IP=**.**.**.**
user=software
pass=DE2BDB71D331D372EF
port=21
DSL=25
USL=25
options=300333300003300110300001000333300000100200
TZ=-1
SPS=0
RPS=0
ID=0D0AB410


泄漏大量内部资料。

2.png


Provider=MSDAORA.1;Data Source=GZ_KM;User ID=gskm;Password=gs070308
Provider=MSDAORA.1;Data Source=KMDB;User ID=gskm_test;Password=gskm100902

修复方案:

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:16

确认时间:2015-10-10 17:08

厂商回复:

CNVD确认所述情况,已经转由CNCERT向中国电信集团公司通报,由其后续协调网站管理单位处置.按多个风险点评分,rank 16

最新状态:

暂无


漏洞评价:

评论