当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0186380

漏洞标题:P2P金融安全之卡得万利某处命令执行影响多台重要服务器(自带nmap威胁内网安全)

相关厂商:卡得万利

漏洞作者: 镱鍚

提交时间:2016-03-20 23:31

修复时间:2016-05-04 23:31

公开时间:2016-05-04 23:31

漏洞类型:服务弱口令

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-03-20: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-05-04: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT
涉及微信服务器、邮件服务器、监控服务器、多台路由设备等,自带nmap,可直接探测内网

详细说明:

URL:http://220.248.19.22:80/


zabbix弱口令:admin zabbix
可直接登陆

2.png


看下它上面涉及的服务器,都挺重要的

5.png


13.png


从脚本中可以看到,服务器上安装了nmap的,可以直接探测内网,我这里加了个脚本,看了下ip信息

3.png


4.png


这里用nmap它自带的nmap脚本探测了一下各个服务器的端口,如下:

7.png


6.png


10.png


11.png


12.png


从中还是得到不少信息
jenkins项目平台

http://220.248.19.21:8088/


8.png


邮件系统

http://211.95.2.35/


9.png


直接探测c段,得到的结果如下:

"test"的结果
Starting Nmap 5.51 ( http://nmap.org ) at 2016-03-18 20:58 CST
Nmap scan report for 192.168.0.1
Host is up (0.00073s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
687/tcp  open  asipregistry
1723/tcp open  pptp
1900/tcp open  upnp
8080/tcp open  http-proxy
MAC Address: 00:0D:88:11:29:88 (D-Link)
Nmap scan report for 192.168.0.2
Host is up (0.00048s latency).
Not shown: 996 filtered ports
PORT     STATE  SERVICE
23/tcp   open   telnet
80/tcp   open   http
443/tcp  open   https
5431/tcp closed park-agent
MAC Address: 3C:8C:40:CA:F9:F8 (Unknown)
Nmap scan report for 192.168.0.3
Host is up (0.00038s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   closed ssh
80/tcp   open   http
88/tcp   open   kerberos-sec
389/tcp  open   ldap
443/tcp  open   https
514/tcp  open   shell
636/tcp  open   ldapssl
902/tcp  closed iss-realsecure
2020/tcp open   xinupageserver
6502/tcp closed netop-rc
8010/tcp closed xmpp
MAC Address: 00:0C:29:51:D0:69 (VMware)
Nmap scan report for 192.168.0.4
Host is up (0.00033s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   closed ssh
80/tcp   open   http
427/tcp  open   svrloc
443/tcp  open   https
902/tcp  open   iss-realsecure
5988/tcp closed wbem-http
5989/tcp open   wbem-https
8000/tcp open   http-alt
8080/tcp closed http-proxy
8100/tcp open   xprint-server
8300/tcp open   tmi
MAC Address: 14:18:77:32:F1:AE (Unknown)
Nmap scan report for 192.168.0.5
Host is up (0.00018s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
427/tcp  open   svrloc
443/tcp  open   https
902/tcp  open   iss-realsecure
5988/tcp closed wbem-http
5989/tcp open   wbem-https
8000/tcp open   http-alt
8080/tcp closed http-proxy
8100/tcp open   xprint-server
8300/tcp open   tmi
MAC Address: B0:83:FE:E5:A8:4D (Unknown)
Nmap scan report for 192.168.0.8
Host is up (0.00089s latency).
Not shown: 991 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   closed http
81/tcp   open   hosts2-ns
3306/tcp open   mysql
3690/tcp open   svn
8080/tcp closed http-proxy
8081/tcp open   blackice-icecap
8090/tcp open   unknown
9000/tcp open   cslistener
MAC Address: 6C:F0:49:46:1A:FC (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.9
Host is up (0.0047s latency).
Not shown: 983 filtered ports
PORT      STATE SERVICE
53/tcp    open  domain
80/tcp    open  http
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
8800/tcp  open  sunwebadmin
49154/tcp open  unknown
49155/tcp open  unknown
49157/tcp open  unknown
49158/tcp open  unknown
MAC Address: 00:0C:29:C1:AF:0D (VMware)
Nmap scan report for 192.168.0.10
Host is up (0.00012s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
81/tcp   open  hosts2-ns
631/tcp  open  ipp
3306/tcp open  mysql
MAC Address: 00:0C:29:C1:5B:A3 (VMware)
Nmap scan report for 192.168.0.11
Host is up (0.00012s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:0C:29:A8:25:5B (VMware)
Nmap scan report for 192.168.0.13
Host is up (0.00021s latency).
Not shown: 980 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
2179/tcp  open  vmrdp
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
6059/tcp  open  X11:59
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
8888/tcp  open  sun-answerbook
9009/tcp  open  pichat
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49157/tcp open  unknown
49158/tcp open  unknown
49159/tcp open  unknown
MAC Address: F0:1F:AF:D2:A1:F0 (Unknown)
Nmap scan report for 192.168.0.14
Host is up (0.00040s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 8C:DC:D4:49:15:50 (Unknown)
Nmap scan report for 192.168.0.15
Host is up (0.00027s latency).
Not shown: 997 filtered ports
PORT     STATE SERVICE
22/tcp   open  ssh
3000/tcp open  ppp
8080/tcp open  http-proxy
MAC Address: 00:0C:29:47:B9:4F (VMware)
Nmap scan report for 192.168.0.16
Host is up (0.00024s latency).
Not shown: 997 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
161/tcp  closed snmp
3306/tcp open   mysql
MAC Address: 00:0C:29:99:4E:37 (VMware)
Nmap scan report for 192.168.0.17
Host is up (0.000020s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
Nmap scan report for 192.168.0.18
Host is up (0.00055s latency).
Not shown: 997 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
443/tcp open  https
MAC Address: 00:0C:29:23:B0:42 (VMware)
Nmap scan report for 192.168.0.19
Host is up (0.00033s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:0C:29:1B:DA:41 (VMware)
Nmap scan report for 192.168.0.21
Host is up (0.00055s latency).
Not shown: 996 filtered ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
8080/tcp open  http-proxy
MAC Address: 00:0C:29:C5:B0:A2 (VMware)
Nmap scan report for 192.168.0.22
Host is up (0.00088s latency).
Not shown: 990 closed ports
PORT     STATE SERVICE
80/tcp   open  http
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
443/tcp  open  https
445/tcp  open  microsoft-ds
1029/tcp open  ms-lsa
3389/tcp open  ms-term-serv
4899/tcp open  radmin
5800/tcp open  vnc-http
5900/tcp open  vnc
MAC Address: 00:E0:4C:35:17:56 (Realtek Semiconductor)
Nmap scan report for 192.168.0.23
Host is up (0.00055s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:50:56:88:6C:4E (VMware)
Nmap scan report for 192.168.0.24
Host is up (0.00048s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:50:56:88:36:6F (VMware)
Nmap scan report for 192.168.0.25
Host is up (0.00027s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
443/tcp  open  https
8009/tcp open  ajp13
8888/tcp open  sun-answerbook
MAC Address: 00:50:56:88:C7:DA (VMware)
Nmap scan report for 192.168.0.26
Host is up (0.00026s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:50:56:88:B5:C8 (VMware)
Nmap scan report for 192.168.0.50
Host is up (0.00062s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:23:E2 (Grandstream Networks)
Nmap scan report for 192.168.0.53
Host is up (0.00059s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:24:F8 (Grandstream Networks)
Nmap scan report for 192.168.0.55
Host is up (0.00054s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:25:4F (Grandstream Networks)
Nmap scan report for 192.168.0.56
Host is up (0.00057s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:3B:47:FC (Grandstream Networks)
Nmap scan report for 192.168.0.57
Host is up (0.00057s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:25:6D (Grandstream Networks)
Nmap scan report for 192.168.0.63
Host is up (0.00050s latency).
Not shown: 992 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.76
Host is up (0.00030s latency).
Not shown: 989 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1521/tcp  open  oracle
3389/tcp  open  ms-term-serv
5357/tcp  open  wsdapi
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49158/tcp open  unknown
MAC Address: 74:86:7A:F0:CF:AC (Unknown)
Nmap scan report for 192.168.0.89
Host is up (0.00050s latency).
Not shown: 993 filtered ports
PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
80/tcp   open   http
3306/tcp open   mysql
8009/tcp closed ajp13
8080/tcp closed http-proxy
8888/tcp open   sun-answerbook
MAC Address: C8:1F:66:E5:3C:4F (Unknown)
Nmap scan report for 192.168.0.98
Host is up (0.00060s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
81/tcp    open  hosts2-ns
90/tcp    open  dnsix
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
2383/tcp  open  ms-olap4
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
9000/tcp  open  cslistener
9001/tcp  open  tor-orport
27000/tcp open  flexlm0
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
MAC Address: 40:A8:F0:5E:B4:A4 (Unknown)
Nmap scan report for 192.168.0.101
Host is up (0.00072s latency).
Not shown: 998 filtered ports
PORT     STATE SERVICE
2869/tcp open  icslap
3306/tcp open  mysql
MAC Address: B0:83:FE:BB:BB:D2 (Unknown)
Nmap scan report for 192.168.0.103
Host is up (0.00056s latency).
Not shown: 990 closed ports
PORT     STATE SERVICE
80/tcp   open  http
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1801/tcp open  msmq
2103/tcp open  zephyr-clt
2105/tcp open  eklogin
2107/tcp open  msmq-mgmt
2869/tcp open  icslap
3306/tcp open  mysql
MAC Address: B0:83:FE:77:C6:9C (Unknown)
Nmap scan report for 192.168.0.111
Host is up (0.00020s latency).
Not shown: 986 closed ports
PORT     STATE SERVICE
80/tcp   open  http
81/tcp   open  hosts2-ns
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1025/tcp open  NFS-or-IIS
1026/tcp open  LSA-or-nterm
1723/tcp open  pptp
3306/tcp open  mysql
3389/tcp open  ms-term-serv
6666/tcp open  irc
8009/tcp open  ajp13
8080/tcp open  http-proxy
8088/tcp open  radan-http
MAC Address: 6C:F0:49:4E:88:94 (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.120
Host is up (0.00044s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
443/tcp  open  https
5900/tcp open  vnc
MAC Address: 00:26:B9:5C:9B:55 (Dell)
Nmap scan report for 192.168.0.125
Host is up (0.00036s latency).
Not shown: 989 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
80/tcp    open  http
139/tcp   open  netbios-ssn
427/tcp   open  svrloc
443/tcp   open  https
445/tcp   open  microsoft-ds
515/tcp   open  printer
631/tcp   open  ipp
843/tcp   open  unknown
9100/tcp  open  jetdirect
50001/tcp open  unknown
MAC Address: 00:20:6B:91:E8:7A (Konica Minolta Holdings)
Nmap scan report for 192.168.0.126
Host is up (0.00046s latency).
Not shown: 998 closed ports
PORT      STATE SERVICE
80/tcp    open  http
50002/tcp open  iiimsf
MAC Address: 00:0E:3A:14:A5:76 (Cirrus Logic)
Nmap scan report for 192.168.0.127
Host is up (0.00048s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
515/tcp  open  printer
631/tcp  open  ipp
8080/tcp open  http-proxy
9100/tcp open  jetdirect
MAC Address: 3C:4A:92:BB:E8:C9 (Unknown)
Nmap scan report for 192.168.0.128
Host is up (0.00031s latency).
Not shown: 987 closed ports
PORT     STATE SERVICE
80/tcp   open  http
81/tcp   open  hosts2-ns
82/tcp   open  xfer
83/tcp   open  mit-ml-dev
443/tcp  open  https
515/tcp  open  printer
631/tcp  open  ipp
5222/tcp open  xmpp-client
8080/tcp open  http-proxy
8291/tcp open  unknown
8292/tcp open  blp3
8888/tcp open  sun-answerbook
9100/tcp open  jetdirect
MAC Address: A0:B3:CC:9E:1F:39 (Unknown)
Nmap scan report for 192.168.0.130
Host is up (0.00058s latency).
Not shown: 994 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.131
Host is up (0.00055s latency).
Not shown: 994 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.165
Host is up (0.00021s latency).
Not shown: 988 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
25/tcp   open  smtp
110/tcp  open  pop3
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
143/tcp  open  imap
443/tcp  open  https
445/tcp  open  microsoft-ds
587/tcp  open  submission
1433/tcp open  ms-sql-s
3306/tcp open  mysql
3389/tcp open  ms-term-serv
MAC Address: 6C:F0:49:46:F5:B1 (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.199
Host is up (0.00045s latency).
Not shown: 997 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   closed http
5432/tcp open   postgresql
MAC Address: 00:0C:29:30:3F:34 (VMware)
Nmap scan report for 192.168.0.200
Host is up (0.0019s latency).
Not shown: 998 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
5003/tcp open  filemaker
MAC Address: 3C:D1:6E:01:A4:99 (Unknown)
Nmap scan report for 192.168.0.201
Host is up (0.00038s latency).
Not shown: 992 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
873/tcp  open  rsync
2049/tcp open  nfs
MAC Address: 8C:DC:D4:43:9C:91 (Unknown)
Nmap scan report for 192.168.0.203
Host is up (0.00038s latency).
Not shown: 988 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
25/tcp   open   smtp
80/tcp   open   http
110/tcp  open   pop3
143/tcp  open   imap
389/tcp  open   ldap
443/tcp  closed https
465/tcp  open   smtps
873/tcp  closed rsync
993/tcp  open   imaps
995/tcp  open   pop3s
5222/tcp closed xmpp-client
MAC Address: A4:BA:DB:26:45:4F (Dell)
Nmap scan report for 192.168.0.208
Host is up (0.00049s latency).
Not shown: 988 filtered ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
81/tcp   open  hosts2-ns
3306/tcp open  mysql
8081/tcp open  blackice-icecap
8082/tcp open  blackice-alerts
8084/tcp open  unknown
8085/tcp open  unknown
8086/tcp open  d-s-n
8088/tcp open  radan-http
9000/tcp open  cslistener
9002/tcp open  dynamid
MAC Address: 00:24:1D:99:7F:0B (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.209
Host is up (0.00043s latency).
Not shown: 985 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
111/tcp  open   rpcbind
443/tcp  open   https
5989/tcp open   wbem-https
8009/tcp open   ajp13
8080/tcp open   http-proxy
8081/tcp open   blackice-icecap
8088/tcp open   radan-http
8089/tcp open   unknown
8090/tcp open   unknown
9009/tcp open   pichat
9080/tcp open   glrpc
9081/tcp closed unknown
9090/tcp closed zeus-admin
MAC Address: C8:1F:66:DE:7D:F8 (Unknown)
Nmap scan report for 192.168.0.225
Host is up (0.00015s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
443/tcp open  https
MAC Address: 00:50:56:88:54:53 (VMware)
Nmap scan report for 192.168.0.239
Host is up (0.00023s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
1521/tcp  open  oracle
2383/tcp  open  ms-olap4
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49156/tcp open  unknown
49167/tcp open  unknown
MAC Address: 74:86:7A:EA:10:B4 (Unknown)
Nmap scan report for 192.168.0.244
Host is up (0.00030s latency).
Not shown: 988 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49156/tcp open  unknown
MAC Address: 74:86:7A:F0:DE:75 (Unknown)
Nmap scan report for 192.168.0.249
Host is up (0.00027s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
8089/tcp  open  unknown
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49156/tcp open  unknown
49157/tcp open  unknown
MAC Address: F8:BC:12:4D:52:A0 (Unknown)
Nmap scan report for 192.168.0.253
Host is up (0.00040s latency).
Not shown: 990 filtered ports
PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
80/tcp   open   http
81/tcp   open   hosts2-ns
443/tcp  closed https
631/tcp  closed ipp
3306/tcp open   mysql
8000/tcp open   http-alt
8080/tcp open   http-proxy
8088/tcp closed radan-http
MAC Address: 00:26:B9:5C:9B:53 (Dell)
Nmap done: 256 IP addresses (53 hosts up) scanned in 47.40 seconds


可以看到,还是有很多东西的。就不深入了,危害太大了

漏洞证明:

URL:http://220.248.19.22:80/


zabbix弱口令:admin zabbix
可直接登陆

2.png


看下它上面涉及的服务器,都挺重要的

5.png


13.png


从脚本中可以看到,服务器上安装了nmap的,可以直接探测内网,我这里加了个脚本,看了下ip信息

3.png


4.png


这里用nmap它自带的nmap脚本探测了一下各个服务器的端口,如下:

7.png


6.png


10.png


11.png


12.png


从中还是得到不少信息
jenkins项目平台

http://220.248.19.21:8088/


8.png


邮件系统

http://211.95.2.35/


9.png


直接探测c段,得到的结果如下:

"test"的结果
Starting Nmap 5.51 ( http://nmap.org ) at 2016-03-18 20:58 CST
Nmap scan report for 192.168.0.1
Host is up (0.00073s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
687/tcp  open  asipregistry
1723/tcp open  pptp
1900/tcp open  upnp
8080/tcp open  http-proxy
MAC Address: 00:0D:88:11:29:88 (D-Link)
Nmap scan report for 192.168.0.2
Host is up (0.00048s latency).
Not shown: 996 filtered ports
PORT     STATE  SERVICE
23/tcp   open   telnet
80/tcp   open   http
443/tcp  open   https
5431/tcp closed park-agent
MAC Address: 3C:8C:40:CA:F9:F8 (Unknown)
Nmap scan report for 192.168.0.3
Host is up (0.00038s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   closed ssh
80/tcp   open   http
88/tcp   open   kerberos-sec
389/tcp  open   ldap
443/tcp  open   https
514/tcp  open   shell
636/tcp  open   ldapssl
902/tcp  closed iss-realsecure
2020/tcp open   xinupageserver
6502/tcp closed netop-rc
8010/tcp closed xmpp
MAC Address: 00:0C:29:51:D0:69 (VMware)
Nmap scan report for 192.168.0.4
Host is up (0.00033s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   closed ssh
80/tcp   open   http
427/tcp  open   svrloc
443/tcp  open   https
902/tcp  open   iss-realsecure
5988/tcp closed wbem-http
5989/tcp open   wbem-https
8000/tcp open   http-alt
8080/tcp closed http-proxy
8100/tcp open   xprint-server
8300/tcp open   tmi
MAC Address: 14:18:77:32:F1:AE (Unknown)
Nmap scan report for 192.168.0.5
Host is up (0.00018s latency).
Not shown: 989 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
427/tcp  open   svrloc
443/tcp  open   https
902/tcp  open   iss-realsecure
5988/tcp closed wbem-http
5989/tcp open   wbem-https
8000/tcp open   http-alt
8080/tcp closed http-proxy
8100/tcp open   xprint-server
8300/tcp open   tmi
MAC Address: B0:83:FE:E5:A8:4D (Unknown)
Nmap scan report for 192.168.0.8
Host is up (0.00089s latency).
Not shown: 991 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   closed http
81/tcp   open   hosts2-ns
3306/tcp open   mysql
3690/tcp open   svn
8080/tcp closed http-proxy
8081/tcp open   blackice-icecap
8090/tcp open   unknown
9000/tcp open   cslistener
MAC Address: 6C:F0:49:46:1A:FC (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.9
Host is up (0.0047s latency).
Not shown: 983 filtered ports
PORT      STATE SERVICE
53/tcp    open  domain
80/tcp    open  http
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
8800/tcp  open  sunwebadmin
49154/tcp open  unknown
49155/tcp open  unknown
49157/tcp open  unknown
49158/tcp open  unknown
MAC Address: 00:0C:29:C1:AF:0D (VMware)
Nmap scan report for 192.168.0.10
Host is up (0.00012s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
81/tcp   open  hosts2-ns
631/tcp  open  ipp
3306/tcp open  mysql
MAC Address: 00:0C:29:C1:5B:A3 (VMware)
Nmap scan report for 192.168.0.11
Host is up (0.00012s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:0C:29:A8:25:5B (VMware)
Nmap scan report for 192.168.0.13
Host is up (0.00021s latency).
Not shown: 980 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
2179/tcp  open  vmrdp
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
6059/tcp  open  X11:59
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
8888/tcp  open  sun-answerbook
9009/tcp  open  pichat
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49157/tcp open  unknown
49158/tcp open  unknown
49159/tcp open  unknown
MAC Address: F0:1F:AF:D2:A1:F0 (Unknown)
Nmap scan report for 192.168.0.14
Host is up (0.00040s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 8C:DC:D4:49:15:50 (Unknown)
Nmap scan report for 192.168.0.15
Host is up (0.00027s latency).
Not shown: 997 filtered ports
PORT     STATE SERVICE
22/tcp   open  ssh
3000/tcp open  ppp
8080/tcp open  http-proxy
MAC Address: 00:0C:29:47:B9:4F (VMware)
Nmap scan report for 192.168.0.16
Host is up (0.00024s latency).
Not shown: 997 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
161/tcp  closed snmp
3306/tcp open   mysql
MAC Address: 00:0C:29:99:4E:37 (VMware)
Nmap scan report for 192.168.0.17
Host is up (0.000020s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
Nmap scan report for 192.168.0.18
Host is up (0.00055s latency).
Not shown: 997 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
443/tcp open  https
MAC Address: 00:0C:29:23:B0:42 (VMware)
Nmap scan report for 192.168.0.19
Host is up (0.00033s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
3306/tcp open  mysql
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:0C:29:1B:DA:41 (VMware)
Nmap scan report for 192.168.0.21
Host is up (0.00055s latency).
Not shown: 996 filtered ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
8080/tcp open  http-proxy
MAC Address: 00:0C:29:C5:B0:A2 (VMware)
Nmap scan report for 192.168.0.22
Host is up (0.00088s latency).
Not shown: 990 closed ports
PORT     STATE SERVICE
80/tcp   open  http
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
443/tcp  open  https
445/tcp  open  microsoft-ds
1029/tcp open  ms-lsa
3389/tcp open  ms-term-serv
4899/tcp open  radmin
5800/tcp open  vnc-http
5900/tcp open  vnc
MAC Address: 00:E0:4C:35:17:56 (Realtek Semiconductor)
Nmap scan report for 192.168.0.23
Host is up (0.00055s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:50:56:88:6C:4E (VMware)
Nmap scan report for 192.168.0.24
Host is up (0.00048s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:50:56:88:36:6F (VMware)
Nmap scan report for 192.168.0.25
Host is up (0.00027s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
443/tcp  open  https
8009/tcp open  ajp13
8888/tcp open  sun-answerbook
MAC Address: 00:50:56:88:C7:DA (VMware)
Nmap scan report for 192.168.0.26
Host is up (0.00026s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
8009/tcp open  ajp13
8080/tcp open  http-proxy
MAC Address: 00:50:56:88:B5:C8 (VMware)
Nmap scan report for 192.168.0.50
Host is up (0.00062s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:23:E2 (Grandstream Networks)
Nmap scan report for 192.168.0.53
Host is up (0.00059s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:24:F8 (Grandstream Networks)
Nmap scan report for 192.168.0.55
Host is up (0.00054s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:25:4F (Grandstream Networks)
Nmap scan report for 192.168.0.56
Host is up (0.00057s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:3B:47:FC (Grandstream Networks)
Nmap scan report for 192.168.0.57
Host is up (0.00057s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
80/tcp  open  http
554/tcp open  rtsp
MAC Address: 00:0B:82:40:25:6D (Grandstream Networks)
Nmap scan report for 192.168.0.63
Host is up (0.00050s latency).
Not shown: 992 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.76
Host is up (0.00030s latency).
Not shown: 989 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1521/tcp  open  oracle
3389/tcp  open  ms-term-serv
5357/tcp  open  wsdapi
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49158/tcp open  unknown
MAC Address: 74:86:7A:F0:CF:AC (Unknown)
Nmap scan report for 192.168.0.89
Host is up (0.00050s latency).
Not shown: 993 filtered ports
PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
80/tcp   open   http
3306/tcp open   mysql
8009/tcp closed ajp13
8080/tcp closed http-proxy
8888/tcp open   sun-answerbook
MAC Address: C8:1F:66:E5:3C:4F (Unknown)
Nmap scan report for 192.168.0.98
Host is up (0.00060s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
81/tcp    open  hosts2-ns
90/tcp    open  dnsix
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
2383/tcp  open  ms-olap4
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
9000/tcp  open  cslistener
9001/tcp  open  tor-orport
27000/tcp open  flexlm0
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
MAC Address: 40:A8:F0:5E:B4:A4 (Unknown)
Nmap scan report for 192.168.0.101
Host is up (0.00072s latency).
Not shown: 998 filtered ports
PORT     STATE SERVICE
2869/tcp open  icslap
3306/tcp open  mysql
MAC Address: B0:83:FE:BB:BB:D2 (Unknown)
Nmap scan report for 192.168.0.103
Host is up (0.00056s latency).
Not shown: 990 closed ports
PORT     STATE SERVICE
80/tcp   open  http
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1801/tcp open  msmq
2103/tcp open  zephyr-clt
2105/tcp open  eklogin
2107/tcp open  msmq-mgmt
2869/tcp open  icslap
3306/tcp open  mysql
MAC Address: B0:83:FE:77:C6:9C (Unknown)
Nmap scan report for 192.168.0.111
Host is up (0.00020s latency).
Not shown: 986 closed ports
PORT     STATE SERVICE
80/tcp   open  http
81/tcp   open  hosts2-ns
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1025/tcp open  NFS-or-IIS
1026/tcp open  LSA-or-nterm
1723/tcp open  pptp
3306/tcp open  mysql
3389/tcp open  ms-term-serv
6666/tcp open  irc
8009/tcp open  ajp13
8080/tcp open  http-proxy
8088/tcp open  radan-http
MAC Address: 6C:F0:49:4E:88:94 (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.120
Host is up (0.00044s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
443/tcp  open  https
5900/tcp open  vnc
MAC Address: 00:26:B9:5C:9B:55 (Dell)
Nmap scan report for 192.168.0.125
Host is up (0.00036s latency).
Not shown: 989 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
80/tcp    open  http
139/tcp   open  netbios-ssn
427/tcp   open  svrloc
443/tcp   open  https
445/tcp   open  microsoft-ds
515/tcp   open  printer
631/tcp   open  ipp
843/tcp   open  unknown
9100/tcp  open  jetdirect
50001/tcp open  unknown
MAC Address: 00:20:6B:91:E8:7A (Konica Minolta Holdings)
Nmap scan report for 192.168.0.126
Host is up (0.00046s latency).
Not shown: 998 closed ports
PORT      STATE SERVICE
80/tcp    open  http
50002/tcp open  iiimsf
MAC Address: 00:0E:3A:14:A5:76 (Cirrus Logic)
Nmap scan report for 192.168.0.127
Host is up (0.00048s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
515/tcp  open  printer
631/tcp  open  ipp
8080/tcp open  http-proxy
9100/tcp open  jetdirect
MAC Address: 3C:4A:92:BB:E8:C9 (Unknown)
Nmap scan report for 192.168.0.128
Host is up (0.00031s latency).
Not shown: 987 closed ports
PORT     STATE SERVICE
80/tcp   open  http
81/tcp   open  hosts2-ns
82/tcp   open  xfer
83/tcp   open  mit-ml-dev
443/tcp  open  https
515/tcp  open  printer
631/tcp  open  ipp
5222/tcp open  xmpp-client
8080/tcp open  http-proxy
8291/tcp open  unknown
8292/tcp open  blp3
8888/tcp open  sun-answerbook
9100/tcp open  jetdirect
MAC Address: A0:B3:CC:9E:1F:39 (Unknown)
Nmap scan report for 192.168.0.130
Host is up (0.00058s latency).
Not shown: 994 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.131
Host is up (0.00055s latency).
Not shown: 994 filtered ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3306/tcp  open  mysql
49154/tcp open  unknown
MAC Address: 90:E6:BA:DB:79:62 (Asustek Computer)
Nmap scan report for 192.168.0.165
Host is up (0.00021s latency).
Not shown: 988 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
25/tcp   open  smtp
110/tcp  open  pop3
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
143/tcp  open  imap
443/tcp  open  https
445/tcp  open  microsoft-ds
587/tcp  open  submission
1433/tcp open  ms-sql-s
3306/tcp open  mysql
3389/tcp open  ms-term-serv
MAC Address: 6C:F0:49:46:F5:B1 (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.199
Host is up (0.00045s latency).
Not shown: 997 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   closed http
5432/tcp open   postgresql
MAC Address: 00:0C:29:30:3F:34 (VMware)
Nmap scan report for 192.168.0.200
Host is up (0.0019s latency).
Not shown: 998 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
5003/tcp open  filemaker
MAC Address: 3C:D1:6E:01:A4:99 (Unknown)
Nmap scan report for 192.168.0.201
Host is up (0.00038s latency).
Not shown: 992 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
873/tcp  open  rsync
2049/tcp open  nfs
MAC Address: 8C:DC:D4:43:9C:91 (Unknown)
Nmap scan report for 192.168.0.203
Host is up (0.00038s latency).
Not shown: 988 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
25/tcp   open   smtp
80/tcp   open   http
110/tcp  open   pop3
143/tcp  open   imap
389/tcp  open   ldap
443/tcp  closed https
465/tcp  open   smtps
873/tcp  closed rsync
993/tcp  open   imaps
995/tcp  open   pop3s
5222/tcp closed xmpp-client
MAC Address: A4:BA:DB:26:45:4F (Dell)
Nmap scan report for 192.168.0.208
Host is up (0.00049s latency).
Not shown: 988 filtered ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
81/tcp   open  hosts2-ns
3306/tcp open  mysql
8081/tcp open  blackice-icecap
8082/tcp open  blackice-alerts
8084/tcp open  unknown
8085/tcp open  unknown
8086/tcp open  d-s-n
8088/tcp open  radan-http
9000/tcp open  cslistener
9002/tcp open  dynamid
MAC Address: 00:24:1D:99:7F:0B (Giga-byte Technology Co.)
Nmap scan report for 192.168.0.209
Host is up (0.00043s latency).
Not shown: 985 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
111/tcp  open   rpcbind
443/tcp  open   https
5989/tcp open   wbem-https
8009/tcp open   ajp13
8080/tcp open   http-proxy
8081/tcp open   blackice-icecap
8088/tcp open   radan-http
8089/tcp open   unknown
8090/tcp open   unknown
9009/tcp open   pichat
9080/tcp open   glrpc
9081/tcp closed unknown
9090/tcp closed zeus-admin
MAC Address: C8:1F:66:DE:7D:F8 (Unknown)
Nmap scan report for 192.168.0.225
Host is up (0.00015s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
443/tcp open  https
MAC Address: 00:50:56:88:54:53 (VMware)
Nmap scan report for 192.168.0.239
Host is up (0.00023s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
1521/tcp  open  oracle
2383/tcp  open  ms-olap4
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49156/tcp open  unknown
49167/tcp open  unknown
MAC Address: 74:86:7A:EA:10:B4 (Unknown)
Nmap scan report for 192.168.0.244
Host is up (0.00030s latency).
Not shown: 988 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49156/tcp open  unknown
MAC Address: 74:86:7A:F0:DE:75 (Unknown)
Nmap scan report for 192.168.0.249
Host is up (0.00027s latency).
Not shown: 984 closed ports
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
443/tcp   open  https
445/tcp   open  microsoft-ds
3306/tcp  open  mysql
3389/tcp  open  ms-term-serv
8009/tcp  open  ajp13
8080/tcp  open  http-proxy
8089/tcp  open  unknown
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49156/tcp open  unknown
49157/tcp open  unknown
MAC Address: F8:BC:12:4D:52:A0 (Unknown)
Nmap scan report for 192.168.0.253
Host is up (0.00040s latency).
Not shown: 990 filtered ports
PORT     STATE  SERVICE
21/tcp   open   ftp
22/tcp   open   ssh
80/tcp   open   http
81/tcp   open   hosts2-ns
443/tcp  closed https
631/tcp  closed ipp
3306/tcp open   mysql
8000/tcp open   http-alt
8080/tcp open   http-proxy
8088/tcp closed radan-http
MAC Address: 00:26:B9:5C:9B:53 (Dell)
Nmap done: 256 IP addresses (53 hosts up) scanned in 47.40 seconds


可以看到,还是有很多东西的。就不深入了,危害太大了

修复方案:

。。

版权声明:转载请注明来源 镱鍚@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞Rank:15 (WooYun评价)

漏洞评价:

评价