2015-11-06: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-12-21: 厂商已经主动忽略漏洞,细节向公众公开
具体简介http://www.doctorpda.cn/about/us#在中国医生中仅次于丁香园论坛!
地址http://www.med330.cn/ti.action存在命令执行漏洞
直接getshell服务器
net user \YSZXCS1 ���û��ʻ�-------------------------------------------------------------------------------Administrator Guest ����ɹ���ɡ�
net start
�Ѿ��������� Windows ����: Apache2.4 Background Intelligent Transfer Service Base Filtering Engine Certificate Propagation COM+ Event System COM+ System Application Cryptographic Services DCOM Server Process Launcher Desktop Window Manager Session Manager DHCP Client Diagnostic Policy Service Distributed Link Tracking Client Distributed Transaction Coordinator DNS Client Google ���·��� (gupdate) Group Policy Client IKE and AuthIP IPsec Keying Modules IP Helper IPsec Policy Agent Microsoft IME Dictionary Update MongoDB MySQL Network Connections Network List Service Network Location Awareness Network Store Interface Service nexus Plug and Play Power Print Spooler Remote Desktop Configuration Remote Desktop Services Remote Desktop Services UserMode Port Redirector Remote Procedure Call (RPC) Remote Registry RPC Endpoint Mapper Security Accounts Manager Server Shell Hardware Detection System Event Notification Service Task Scheduler TCP/IP NetBIOS Helper User Profile Service VisualSVN Server VMware Tools Service Windows Event Log Windows Firewall Windows Font Cache Service Windows Management Instrumentation Windows Remote Management (WS-Management) Windows Update WinHTTP Web Proxy Auto-Discovery Service Workstation ������������ɹ���ɡ�
net share
������ ��Դ ע��-------------------------------------------------------------------------------C$ C:\ Ĭ�Ϲ��� E$ E:\ Ĭ�Ϲ��� IPC$ Զ�� IPC ADMIN$ C:\Windows Զ�̹��� temp C:\temp ����ɹ���ɡ�
net view
��������� ע��-------------------------------------------------------------------------------\\AAA-2FA6B496B8D \\B2BDB \\B2BIIS \\B2BIIS1 \\B2BIIS2 \\B2BP1 \\B2BP2 \\B2BP3 \\BBB-2FA6B496B8D \\BYYYTEST \\CHANDAO \\CHUFANGJI \\CW-YQZL \\DEVSERVER \\DSS \\ECP1 \\FTP \\HDERP \\HLYY \\IM \\LLWKCX \\LMIS1 \\MEMBASE \\NBCS \\NEWSVN \\O2O \\O2OSEVER \\OECPDEVELOPER \\PTYY \\PTYYCS \\PZFW \\QDBY-CTI \\QDBY-NEWREC \\SCGL \\SMS \\TJCS \\VCENTER \\VSKF \\WIN-IIYG3YA8VG1 \\WIN-OHLUGK6BQGL \\WIN-Y5JI9ZJQJNJ \\WXHY \\YC1 \\YC3 \\YIYUANDB \\YSZXCS1 \\YSZXCS3 \\ZSFW ����ɹ���ɡ�
ipconfig /all
Windows IP ���� ������ . . . . . . . . . . . . . : yszxcs1 �� DNS �� . . . . . . . . . . . : �ڵ����� . . . . . . . . . . . . : ��� IP ·�������� . . . . . . . . . . : �� WINS ���������� . . . . . . . . . : ����̫�������� ��������: �����ض��� DNS �� . . . . . . . : ����. . . . . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection �����ַ. . . . . . . . . . . . . : 00-50-56-9D-4D-25 DHCP ������ . . . . . . . . . . . : �� �Զ�����������. . . . . . . . . . : �� �������� IPv6 ��ַ. . . . . . . . : fe80::ddc0:1f95:b017:643b%11(��ѡ) IPv4 ��ַ . . . . . . . . . . . . : 192.168.0.31(��ѡ) �������� . . . . . . . . . . . . : 255.255.255.0 Ĭ�����. . . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 234884137 DHCPv6 �ͻ��� DUID . . . . . . . : 00-01-00-01-17-E9-88-9A-00-0C-29-80-52-E5 DNS ������ . . . . . . . . . . . : 192.168.0.5 TCPIP �ϵ� NetBIOS . . . . . . . : ��������������� isatap.{79DB94AB-D38D-48FD-9D6E-2FF7FC13285C}: ý��״̬ . . . . . . . . . . . . : ý���ѶϿ� �����ض��� DNS �� . . . . . . . : ����. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter �����ַ. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ������ . . . . . . . . . . . : �� �Զ�����������. . . . . . . . . . : ����������� Teredo Tunneling Pseudo-Interface: �����ض��� DNS �� . . . . . . . : ����. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface �����ַ. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ������ . . . . . . . . . . . : �� �Զ�����������. . . . . . . . . . : �� IPv6 ��ַ . . . . . . . . . . . . : 2001:0:db92:d24:3053:10e:3f57:ffe0(��ѡ) �������� IPv6 ��ַ. . . . . . . . : fe80::3053:10e:3f57:ffe0%13(��ѡ) Ĭ�����. . . . . . . . . . . . . : :: TCPIP �ϵ� NetBIOS . . . . . . . : �ѽ���
netstat -ano
����� Э�� ���ص�ַ �ⲿ��ַ ״̬ PID TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2476 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 716 TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 11392 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 12244 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 10456 TCP 0.0.0.0:6379 0.0.0.0:0 LISTENING 9884 TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING 12848 TCP 0.0.0.0:8016 0.0.0.0:0 LISTENING 11392 TCP 0.0.0.0:8017 0.0.0.0:0 LISTENING 12592 TCP 0.0.0.0:8019 0.0.0.0:0 LISTENING 12592 TCP 0.0.0.0:8022 0.0.0.0:0 LISTENING 6888 TCP 0.0.0.0:8023 0.0.0.0:0 LISTENING 6888 TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 12848 TCP 0.0.0.0:8081 0.0.0.0:0 LISTENING 1356 TCP 0.0.0.0:8089 0.0.0.0:0 LISTENING 9068 TCP 0.0.0.0:27017 0.0.0.0:0 LISTENING 1188 TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 424 TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 808 TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 856 TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 536 TCP 0.0.0.0:49191 0.0.0.0:0 LISTENING 528 TCP 0.0.0.0:49194 0.0.0.0:0 LISTENING 10504 TCP 127.0.0.1:8005 0.0.0.0:0 LISTENING 12848 TCP 127.0.0.1:8018 0.0.0.0:0 LISTENING 12592 TCP 127.0.0.1:8023 0.0.0.0:0 LISTENING 9068 TCP 127.0.0.1:8024 0.0.0.0:0 LISTENING 6888 TCP 127.0.0.1:27017 127.0.0.1:50540 ESTABLISHED 1188 TCP 127.0.0.1:27017 127.0.0.1:50541 ESTABLISHED 1188 TCP 127.0.0.1:27017 127.0.0.1:59448 ESTABLISHED 1188 TCP 127.0.0.1:31000 127.0.0.1:32000 ESTABLISHED 1356 TCP 127.0.0.1:32000 0.0.0.0:0 LISTENING 1280 TCP 127.0.0.1:32000 127.0.0.1:31000 ESTABLISHED 1280 TCP 127.0.0.1:49189 127.0.0.1:49190 ESTABLISHED 1356 TCP 127.0.0.1:49190 127.0.0.1:49189 ESTABLISHED 1356 TCP 127.0.0.1:50540 127.0.0.1:27017 ESTABLISHED 12592 TCP 127.0.0.1:50541 127.0.0.1:27017 ESTABLISHED 12592 TCP 127.0.0.1:59448 127.0.0.1:27017 ESTABLISHED 12592 TCP 192.168.0.31:80 192.168.16.32:54673 ESTABLISHED 2476 TCP 192.168.0.31:139 0.0.0.0:0 LISTENING 4 TCP 192.168.0.31:3306 192.168.0.30:46333 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46334 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46540 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46541 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46542 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46543 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46544 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46545 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46546 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46547 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46548 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46549 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46550 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46551 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46552 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46553 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46554 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46555 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46556 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46557 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46558 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46559 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46560 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46561 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.30:46562 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.31:50387 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.31:50412 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.31:51380 TIME_WAIT 0 TCP 192.168.0.31:3306 192.168.0.31:51388 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.0.31:51392 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49282 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49283 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49284 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49285 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49286 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49287 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49288 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49289 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49290 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49291 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49292 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49293 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49294 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49295 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49296 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49297 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49298 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49299 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49300 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49301 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49302 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49303 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49304 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49305 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49306 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49307 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49308 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49309 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49310 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49311 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49312 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49313 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49314 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49315 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49316 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49317 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49318 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49319 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49324 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49325 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.9:49929 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:50333 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52935 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52936 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52937 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52938 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52939 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52940 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52941 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52942 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52943 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52944 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52945 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52946 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52947 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52948 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52949 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52950 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52951 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52952 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52953 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52954 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52955 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52956 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52957 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52958 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.16:52959 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55776 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55777 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55778 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55779 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55780 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55781 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55782 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55783 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55784 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55786 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55787 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55788 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55789 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55790 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55791 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55792 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55793 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55794 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55795 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55796 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55797 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55798 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55799 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:55800 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:56006 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:60194 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:60195 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.38:60197 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:57429 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:57430 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:57517 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58799 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58800 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58801 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58802 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58803 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58804 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58805 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58806 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58807 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58808 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58809 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58810 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58811 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58812 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58813 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58814 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58815 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58816 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58817 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58818 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58819 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58820 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58821 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58822 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.56:58823 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:54890 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:54893 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:54943 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:55100 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:56563 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:56565 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:57028 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:57033 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:57231 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:57241 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:58188 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:58203 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:58812 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.3.58:58816 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64637 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64643 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64671 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64672 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64673 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64677 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64688 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64690 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64692 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64695 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64696 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64697 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64700 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64701 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64703 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64704 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64705 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64707 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64708 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64710 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64711 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64712 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64714 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64715 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64717 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64718 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64719 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64720 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64722 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64723 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64724 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64726 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64727 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64728 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64729 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64731 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64733 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64736 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64738 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64739 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64741 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64743 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64744 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64749 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64750 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64751 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64753 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64754 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64755 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64756 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64757 ESTABLISHED 12244 TCP 192.168.0.31:3306 192.168.18.2:64759 ESTABLISHED 12244 TCP 192.168.0.31:3389 192.168.3.58:56644 ESTABLISHED 10456 TCP 192.168.0.31:6379 192.168.0.31:51390 ESTABLISHED 9884 TCP 192.168.0.31:6379 192.168.3.55:52595 ESTABLISHED 9884 TCP 192.168.0.31:8080 172.16.1.105:57212 TIME_WAIT 0 TCP 192.168.0.31:8080 172.16.1.105:57217 TIME_WAIT 0 TCP 192.168.0.31:8080 172.16.1.105:57227 TIME_WAIT 0 TCP 192.168.0.31:8080 172.16.1.105:57246 TIME_WAIT 0 TCP 192.168.0.31:8080 172.16.1.105:57248 TIME_WAIT 0 TCP 192.168.0.31:8080 172.16.1.105:57259 ESTABLISHED 12848 TCP 192.168.0.31:50387 192.168.0.31:3306 ESTABLISHED 6888 TCP 192.168.0.31:50412 192.168.0.31:3306 ESTABLISHED 9068 TCP 192.168.0.31:51366 192.168.0.31:3306 TIME_WAIT 0 TCP 192.168.0.31:51372 192.168.0.31:3306 TIME_WAIT 0 TCP 192.168.0.31:51378 192.168.0.31:3306 TIME_WAIT 0 TCP 192.168.0.31:51382 192.168.0.110:139 TIME_WAIT 0 TCP 192.168.0.31:51388 192.168.0.31:3306 ESTABLISHED 12848 TCP 192.168.0.31:51390 192.168.0.31:6379 ESTABLISHED 12848 TCP 192.168.0.31:51391 74.125.23.139:443 SYN_SENT 13836 TCP 192.168.0.31:51392 192.168.0.31:3306 ESTABLISHED 12848 TCP 192.168.0.31:54070 106.120.166.76:80 ESTABLISHED 12852 TCP 192.168.0.31:62045 220.181.132.157:80 ESTABLISHED 12852 TCP [::]:135 [::]:0 LISTENING 716 TCP [::]:443 [::]:0 LISTENING 11392 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:3306 [::]:0 LISTENING 12244 TCP [::]:3389 [::]:0 LISTENING 10456 TCP [::]:6379 [::]:0 LISTENING 9884 TCP [::]:8009 [::]:0 LISTENING 12848 TCP [::]:8016 [::]:0 LISTENING 11392 TCP [::]:8080 [::]:0 LISTENING 12848 TCP [::]:47001 [::]:0 LISTENING 4 TCP [::]:49152 [::]:0 LISTENING 424 TCP [::]:49153 [::]:0 LISTENING 808 TCP [::]:49154 [::]:0 LISTENING 856 TCP [::]:49155 [::]:0 LISTENING 536 TCP [::]:49191 [::]:0 LISTENING 528 TCP [::]:49194 [::]:0 LISTENING 10504 UDP 0.0.0.0:500 *:* 856 UDP 0.0.0.0:3600 *:* 12852 UDP 0.0.0.0:4500 *:* 856 UDP 0.0.0.0:5355 *:* 1000 UDP 0.0.0.0:56212 *:* 12852 UDP 0.0.0.0:62649 *:* 14680 UDP 127.0.0.1:65491 *:* 12852 UDP 192.168.0.31:137 *:* 4 UDP 192.168.0.31:138 *:* 4 UDP [::]:500 *:* 856 UDP [::]:4500 *:* 856 UDP [::]:5355 *:* 1000 UDP [fe80::ddc0:1f95:b017:643b%11]:546 *:* 808
systeminfo
������: YSZXCS1OS ���: Microsoft Windows Server 2008 R2 Enterprise OS �汾: 6.1.7600 ��ȱ Build 7600OS ������: Microsoft CorporationOS ����: ����������OS ��������: Multiprocessor Freeע���������: Windows �û�ע�����֯: ��Ʒ ID: 00486-OEM-8400691-20006��ʼ��װ����: 2012/9/18, 9:38:09ϵͳ����ʱ��: 2015/10/20, 10:01:11ϵͳ������: VMware, Inc.ϵͳ�ͺ�: VMware Virtual Platformϵͳ����: x64-based PC������: ��װ�� 2 ���������� [01]: Intel64 Family 6 Model 26 Stepping 5 GenuineIntel ~2394 Mhz [02]: Intel64 Family 6 Model 26 Stepping 5 GenuineIntel ~2394 MhzBIOS �汾: Phoenix Technologies LTD 6.00, 2011/1/7Windows Ŀ¼: C:\WindowsϵͳĿ¼: C:\Windows\system32�����豸: \Device\HarddiskVolume1ϵͳ��������: zh-cn;����(�й�)���뷨��������: zh-cn;����(�й�)ʱ��: (UTC+08:00)���������죬����ر���������³ľ�������ڴ�����: 4,096 MB���õ������ڴ�: 389 MB�����ڴ�: ���ֵ: 8,189 MB�����ڴ�: ����: 2,662 MB�����ڴ�: ʹ����: 5,527 MBҳ���ļ�λ��: C:\pagefile.sys��: WORKGROUP��¼������: \\YSZXCS1������: ��װ�� 2 �������� [01]: KB2731284 [02]: KB958488��: ��װ�� 1 �� NIC�� [01]: Intel(R) PRO/1000 MT Network Connection ������: �������� ���� DHCP: �� IP ��ַ [01]: 192.168.0.31 [02]: fe80::ddc0:1f95:b017:643bϵͳ�ͺ�: VMware Virtual Platformϵͳ����: x64-based PC������: ��װ�� 2 ���������� [01]: Intel64 Family 6 Model 26 Stepping 5 GenuineIntel ~2394 Mhz [02]: Intel64 Family 6 Model 26 Stepping 5 GenuineIntel ~2394 MhzBIOS �汾: Phoenix Technologies LTD 6.00, 2011/1/7Windows Ŀ¼: C:\WindowsϵͳĿ¼: C:\Windows\system32�����豸: \Device\HarddiskVolume1ϵͳ��������: zh-cn;����(�й�)���뷨��������: zh-cn;����(�й�)ʱ��: (UTC+08:00)���������죬����ر���������³ľ�������ڴ�����: 4,096 MB���õ������ڴ�: 327 MB�����ڴ�: ���ֵ: 8,189 MB�����ڴ�: ����: 2,602 MB�����ڴ�: ʹ����: 5,587 MBҳ���ļ�λ��: C:\pagefile.sys��: WORKGROUP��¼������: \\YSZXCS1������: ��װ�� 2 �������� [01]: KB2731284 [02]: KB958488��: ��װ�� 1 �� NIC�� [01]: Intel(R) PRO/1000 MT Network Connection ������: �������� ���� DHCP: �� IP ��ַ [01]: 192.168.0.31 [02]: fe80::ddc0:1f95:b017:643b
tasklist /svc
ӳ����� PID ���� ========================= ======== ============================================System Idle Process 0 ��ȱ System 4 ��ȱ smss.exe 252 ��ȱ csrss.exe 352 ��ȱ wininit.exe 424 ��ȱ csrss.exe 432 ��ȱ winlogon.exe 468 ��ȱ services.exe 528 ��ȱ lsass.exe 536 SamSs lsm.exe 544 ��ȱ svchost.exe 636 DcomLaunch, PlugPlay, Power svchost.exe 716 RpcEptMapper, RpcSs LogonUI.exe 800 ��ȱ svchost.exe 808 Dhcp, eventlog, lmhosts svchost.exe 856 AeLookupSvc, BITS, CertPropSvc, gpsvc, IKEEXT, iphlpsvc, LanmanServer, ProfSvc, Schedule, SENS, SessionEnv, ShellHWDetection, Winmgmt, wuauserv svchost.exe 904 EventSystem, netprofm, nsi, WinHttpAutoProxySvc svchost.exe 960 Netman, TrkWks, UmRdpService, UxSms svchost.exe 1000 CryptSvc, Dnscache, LanmanWorkstation, NlaSvc, WinRM svchost.exe 152 BFE, DPS, MpsSvc spoolsv.exe 1040 Spooler IMEDICTUPDATE.EXE 1148 ImeDictUpdateService mongod.exe 1188 MongoDB wrapper.exe 1280 nexus-webapp svchost.exe 1312 RemoteRegistry java.exe 1356 ��ȱ VisualSVNServer.exe 2476 VisualSVNServer conhost.exe 7672 ��ȱ vmtoolsd.exe 9220 VMTools VisualSVNServer.exe 9304 ��ȱ svchost.exe 10456 TermService svchost.exe 10504 PolicyAgent dllhost.exe 10608 COMSysApp msdtc.exe 10760 MSDTC csrss.exe 10996 ��ȱ winlogon.exe 11020 ��ȱ taskhost.exe 11228 ��ȱ rdpclip.exe 10500 ��ȱ dwm.exe 10940 ��ȱ explorer.exe 11204 ��ȱ VMwareTray.exe 11464 ��ȱ vmtoolsd.exe 11472 ��ȱ cmd.exe 728 ��ȱ conhost.exe 9592 ��ȱ GoogleUpdate.exe 10936 ��ȱ redis-server.exe 9884 ��ȱ mysqld.exe 12244 MySQL java.exe 9068 ��ȱ conhost.exe 2584 ��ȱ sh.exe 13212 ��ȱ conhost.exe 12544 ��ȱ sh.exe 13140 ��ȱ sh.exe 12980 ��ȱ conhost.exe 11220 ��ȱ sh.exe 936 ��ȱ svchost.exe 8316 FontCache 360Tray.exe 12852 ��ȱ ZhuDongFangYu.exe 7240 ZhuDongFangYu SoftMgrLite.exe 1204 ��ȱ sh.exe 13424 ��ȱ conhost.exe 13692 ��ȱ sh.exe 14064 ��ȱ sh.exe 13764 ��ȱ conhost.exe 6580 ��ȱ sh.exe 4660 ��ȱ cmd.exe 7024 ��ȱ conhost.exe 8304 ��ȱ sh.exe 5020 ��ȱ conhost.exe 4632 ��ȱ sh.exe 6408 ��ȱ sh.exe 17184 ��ȱ conhost.exe 14568 ��ȱ sh.exe 16548 ��ȱ sh.exe 5036 ��ȱ conhost.exe 16828 ��ȱ sh.exe 17288 ��ȱ java.exe 12592 ��ȱ conhost.exe 5804 ��ȱ httpd.exe 11392 Apache2.4 httpd.exe 1684 ��ȱ java.exe 6888 ��ȱ conhost.exe 14636 ��ȱ chrome.exe 14680 ��ȱ chrome.exe 6448 ��ȱ chrome.exe 13380 ��ȱ chrome.exe 12932 ��ȱ chrome.exe 12664 ��ȱ IMECMNT.EXE 12952 ��ȱ wuauclt.exe 17584 ��ȱ java.exe 12848 ��ȱ conhost.exe 2824 ��ȱ GoogleUpdate.exe 17412 ��ȱ GoogleUpdate.exe 13836 gupdate WmiPrvSE.exe 11768 ��ȱ WmiPrvSE.exe 12496 ��ȱ TrustedInstaller.exe 6912 TrustedInstaller tasklist.exe 9888 ��ȱ
加强安全意识
未能联系到厂商或者厂商积极拒绝
