当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0209095

漏洞标题:某铁路系统存在弱口令(已Getshell+可连接数据库+可连接多个FTP地址+涉及大量的信息)

相关厂商:某铁路系统

漏洞作者: 路人甲

提交时间:2016-05-16 11:30

修复时间:2016-07-03 17:10

公开时间:2016-07-03 17:10

漏洞类型:后台弱口令

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-05-16: 细节已通知厂商并且等待厂商处理中
2016-05-19: 厂商已经确认,细节仅向厂商公开
2016-05-29: 细节向核心白帽子及相关领域专家公开
2016-06-08: 细节向普通白帽子公开
2016-06-18: 细节向实习白帽子公开
2016-07-03: 细节向公众公开

简要描述:

存在弱口令,可getshell。

详细说明:

漏洞地址:

**.**.**.**:7001/shxt/


1.jpg


存在weblogic反序列漏洞

**.**.**.**:7001/console/login/LoginForm.jsp


存在弱口令
weblogic/weblogic123

2.jpg


3.jpg


**.**.**.**:7001/test/index.jsp?m=FileManage
密码:shack2
**.**.**.**:7001/test/bak.jsp?o=index
密码:test


4.jpg


5.jpg


D:/code/2014-08-13/shxt/WEB-INF/classes/ftp.properties
#yuan ping hcy
ftp.hcy.yp.server=**.**.**.**
ftp.hcy.yp.user=shxt
ftp.hcy.yp.password=shxt
ftp.hcy.yp.port=21
ftp.hcy.yp.remotepath=/SMS/GWHC/S/
ftp.hcy.yp.localpath=D:/FTP/HCY/YP/SMS/GWHC/S/
ftp.hcy.yp.bakpath=D:/FTP/HCY/YP/SMS/GWHC/SBAK/
#su ning hcy
ftp.hcy.sn.server=**.**.**.**
ftp.hcy.sn.user=anonymous
ftp.hcy.sn.password=shtl123
ftp.hcy.sn.port=21
ftp.hcy.sn.remotepath=/SMS/GWHC/S/
ftp.hcy.sn.localpath=D:/FTP/HCY/SN/SMS/GWHC/S/
ftp.hcy.sn.bakpath=D:/FTP/HCY/SN/SMS/GWHC/SBAK/
#su ning tqyb
ftp.tqyb.sn.server=**.**.**.**
ftp.tqyb.sn.user=shtl
ftp.tqyb.sn.password=shtl_2012
ftp.tqyb.sn.port=21
ftp.tqyb.sn.type=2
ftp.tqyb.sn.excelnum=174
ftp.tqyb.sn.localpath=D:/FTP/TQYB/SN/
#yuan ping tqyb
ftp.tqyb.yp.server=**.**.**.**
ftp.tqyb.yp.user=vh538247
ftp.tqyb.yp.password=3031468
ftp.tqyb.yp.port=21
ftp.tqyb.yp.type=1
ftp.tqyb.yp.excelnum=78
ftp.tqyb.yp.localpath=D:/FTP/TQYB/YP/
#shan xi ylj gw
ftp.yljgw.server=**.**.**.**
ftp.yljgw.user=shtl
ftp.yljgw.password=shtl123
ftp.yljgw.port=21
ftp.yljgw.remotepath=
ftp.yljgw.localpath=D:/FTP/YLJGW/R/
ftp.yljgw.bakpath=D:/FTP/YLJGW/RBAK/
#su ning qxzhyj
ftp.qxzhyj.sn.server=**.**.**.**
ftp.qxzhyj.sn.user=shtl
ftp.qxzhyj.sn.password=shtl_2012
ftp.qxzhyj.sn.port=21
ftp.qxzhyj.sn.type=2
ftp.qxzhyj.sn.dqbm=SN
ftp.qxzhyj.sn.localpath=D:/FTP/QZZHYJ/SN/
#su ning ylzq
ftp.yljczq.sn.url=**.**.**.**/sntl/rtable.aspx
ftp.yljczq.sn.filepath=D:/FTP/YLZQ/SN/
#su ning ylzq
ftp.yljczq.yp.url=**.**.**.**/shtl/rtable.aspx
ftp.yljczq.yp.filepath=D:/FTP/YLZQ/YP/
ftp.yzqxzs.yp.url=**.**.**.**/shtl/duanqi.aspx
ftp.yzqxzs.yp.filepath=D:/FTP/YZQXZS/YP/
ftp.yzqxzs.yp.dqbm=YP
FTP的帐号密码以及IP地址,可顺利连接,就不说了!~~~
D:/code/2014-08-13/shxt/WEB-INF/classes/ftp_ip_list.xml
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<ftp_list>
	<ftp>
		<ip>**.**.**.**</ip>
		<port>21</port>
		<user_name>anonymous</user_name>
		<pwd>shtl123</pwd>
		<path>/SMS/GWHC/S/</path>
	</ftp>
</ftp_list>
D:/code/2014-08-13/shxt/WEB-INF/classes/hibernate.cfg.xml
	<session-factory>
		<property name="dialect">
			org.hibernate.dialect.Oracle9Dialect
		</property>
		<!--<property name="connection.url">
			jdbc:oracle:thin:@**.**.**.**:1521:shxt
			</property>
		-->
		<!--<property name="connection.url">jdbc:oracle:thin:@**.**.**.**:1521:orcl</property>
			<property name="connection.url">
			jdbc:oracle:thin:@**.**.**.**:1521:orcl
			</property>-->
<!-- 
		<property name="connection.url">
			jdbc:oracle:thin:@**.**.**.**:1521:orcltt
		</property>
		<property name="connection.username">shxt</property>
		<property name="connection.password">shxt</property>
		<property name="connection.driver_class">
			oracle.jdbc.driver.OracleDriver
		</property>
 -->
jdbc:oracle:thin:@**.**.**.**:1521:orcl
这个数据库的数据如下
T_BUZ_ZYJC_DW_WJJC_LOG 14629810 
T_BUZ_ZYJC_SCSB_JSXXRZ 14231067 
TRAIN_LINE_TIME_LOG 12671935 
T_BUZ_ZYJC_SCSBRZ 9828803 
T_BUZ_ZYJC_SCSB_SSWZ 7707612 
T_BUZ_YL_ZQJL 4857438 
T_SYS_MESSAGER_USER 3839028 
WFWORKITEM 2840043 
WF_H_WIPARTICIPANT 2248465 
RAILSHAKENINFO 2005730 
T_BUZ_YL 1330497 
TRAIN_LINE_TIME_LOG_BAK 1312970 
WFWIPARTICIPANT 906223 
WFACTIVITYINST 874597 
T_BUZ_FXY_AQFXXX_CZB 796979 
T_LOG_USER_LOGIN 773214 
WFTRANSITION 683444 
WFTRANSCTRL 680035 
T_SYS_LOGIN_DETAIL 666197 
T_BUZ_ZYJC_GW 643592 
T_BUZ_ZYJC_SCSB_IMMI 546335 
T_BUZ_ZYJC_LOG 415140 
WF_H_WORKITEM 325228 
T_SYS_LOGIN_DETAIL20150316 312066 
T_BUZ_FXY_AQFXXX 234976 
T_BUZ_FXY_AQFXXX_ZGFH 208310 
WFPROCESSINST 197281 
T_BUZ_FXY_AQFXXX_YS 185422 
T_BUZ_ZYJC_FZCYXQK 181053 
WF_H_ACTIVITYINST 176326 
T_BUZ_FXY_YHGJZRELA 161959 
T_SYS_MESSAGER 161590 
T_BUZ_ZYJC_SCSB_XJQK_PATCH 154643 
WF_H_TRANSCTRL 137403 
WF_H_TRANSITION 137065 
TD_CMD_TO 134712 
T_BUZ_FXY_AQFXXX_YS_20150519 111297 
NEW_TRAIN_LINE_TIME_LOG 80277 
T_BUZ_AQJD_LKXX_CL 76048 
TD_CMD_MAIN 56785 
T_BUZ_FXY_AQFXXX_FJ 56338 
T_BUZ_FXY_YH_GLDXGJZ_GL 45588 
T_BUZ_FXY_AQFXXX_PRO 42723 
T_BUZ_AQJD_LKXX_JSBM 41215 
T_BUZ_ZYJK_FHYP_RY_XXK 40741 
WF_H_PROCESSINST 40531 
CMD_COPYTO 36669 
FXY_DLETE_TEMP 29719 
T_BUZ_ZYJC_GWZGW 28546 
T_LOG_DATA 19696 
T_BUZ_AQJD_LKXX_XX 19548 
T_BUZ_JCCJ_BJDJ 19227 
T_SYS_ROLE_PERMISSION 19006 
T_BUZ_ZYJC_GWDTTCY_CCFCSJB 17949 
DB_REALTIME 17490 
T_BUZ_BATX_FJ 13352 
T_BUZ_ZYJC_DW_WJJC 12995 
T_SYS_USER_ROLE_2017 12575 
T_BUZ_AQJD_LKXX_CL_20151031 12475 
T_SYS_USER_ROLE_20150805 12382 
T_SYS_USER_ROLE 12299 
T_BUZ_AQJD_LKXX_CL_20151028 12294 
T_SYS_USER_ROLE_20150203 11301 
T_SYS_USER_ROLE_2014121019 11266 
T_BUZ_ZYJC_GWDTTCY_JCXZGLSJL 10554 
T_BUZ_ZYJC_XJXLSJ_XJRY 10499 
T_BUZ_FXY_YHZCGJZ_PC 10275 
SYS_EXPORT_SCHEMA_01 9550 
T_SYS_USER_2016 9380 
T_SYS_USER_20160427 9378 
T_SYS_USER 9378 
T_SYS_USER_201602151203 9300 
T_SYS_USER_2017 9300 
T_BUZ_MOBILE_MESS_PARAS 9251 
T_SYS_USER_ORG_20150805 9242 
T_SYS_USER_20150805 9173 
T_SYS_USER_ORG 9170 
T_BUZ_AQJD_LKXX_JSBM_20151031 8605 
T_SYS_USER_ORG_20150203 8206 
T_SYS_USER_ORG_2014121019 8176 
T_SYS_USER_20150203 8147 
T_SYS_USER_TT 8118 
T_SYS_USER_2014121019 8118 
T_SYS_USER_TEMP 8022 
T_SYS_USER_BACK_20140403 7873 
T_BUZ_ZYJC_XJXLSJ_XJGJ 6480 
T_BUZ_MOBILE_LWJL 6432 
T_BUZ_ZYJC_DW_WJJC_2016011718 6373 
T_BUZ_ZYJC_WJJC_20160217 6373 
T_BUZ_ZYJC_XLXJ_XJ 6254 
T_BUZ_AQJD_LKXX_XX_20151116 5504 
T_BUZ_FXY_FXYKK_NR 5088 
T_BUZ_SG_CZJL 4753 
T_BUZ_FXY_AQFXXX_YQSP 4732 
T_BUZ_ZYJC_SCSB_SBXX 4727 
T_BUZ_ZYJC_XLXJ_XJ_20131015 4353 
T_BUZ_LBYP_YGGWDA 4286 
T_BUZ_FXY_YHZCGJZ 4188 
SN_TRAIN_LINE_TIME 3935 
T_BUZ_ZYJC_ERROR 3929 
T_BUZ_ZYJC_SCSB_XJQK 3649 
T_LOG_APP_LOGIN_USER 3580 
T_BUZ_FXY_AQFXXX_FXYJDWMC 3487 
T_SYS_USER_MANAGE_ORG 3271 
T_BUZ_AQJD_LKXX_XX_20151031 3210 
T_BUZ_ZYJC_SCSB_XJQK_EXCEPTION 3198 
T_BUZ_AQJD_LKXX_XX_20151028 3157 
T_BUZ_BASE_QXDM 3132 
T_SYS_MESSAGER_USER_2014121019 2820 
T_BUZ_BASE_SJXX 2776 
T_BUZ_BATX_NSJH_JCDBZ_MX 2692 
T_BUZ_ZYJC_XJXLSJ_XJGJ_BAK 2428 
T_SYS_ROLE_PERMISSION_STRATEGY 2405 
T_BUZ_LBYP_HPBZ 2045 
T_BUZ_AQJD_LKXX_CL_20150114 1961 
T_BUZ_BATX_KHBZ_MX 1863 
RAILSHAKENINFO_DELETE 1862 
T_SYS_USER_OA_DCL 1823 
T_SYS_SEL_ORG 1814 
T_SYS_USER_CONFIG 1728 
T_BUZ_ZYJK_HPKC 1722 
T_SYS_COPY_USER_VIEW 1662 
T_BUZ_FXY_FXYKK_ML 1611 
T_BUZ_BATX_AQXY 1560 
T_BUZ_JCCJ_JCRB 1481 
T_SYS_RELAT_OA_USER 1365 
T_BUZ_FXY_FXYKK_GLDX 1344 
T_BUZ_BATX_KHPD_MX 1261 
T_BUZ_BATX_KHBZ_SYR 1245 
T_BUZ_YJ_QXWZMX 1231 
T_SYS_ORG 1161 
T_BUZ_AQJD_LKXX_JSBM_20150114 1148 
T_SYS_ORG_2016 1148 
FXY_TEMP 1134 
T_SYS_ORG_2017 1117 
T_SYS_LOGIN 1058 
T_BUZ_SG_GKB_DD 1056 
T_SYS_ORG_20151126 1053 
T_BUZ_MOBILE_MESS_PUSHNR 1047 
T_BUZ_SG_GKB_JCQK_DD 1045 
T_SYS_ORG_20150805 1012 
T_SYS_ORG_20160427 988 
T_BUZ_AQJD_JCTZS 978 
T_BUZ_SG_SBGZ_CLBG 892 
T_BUZ_SG_SBGZ_CLBG_ZRDW 882 
T_BUZ_LBYP_JHFFRYXQ 858 
T_SYS_ORG_20150203 850 
T_BUZ_SG_GKB_DC 844 
T_BUZ_SG_GKB_QSQK 837 
T_SYS_ORG_2014121019 835 
T_BUZ_AQJD_JCTZS_CL 821 
T_BUZ_FXY_AQFXXX_DBB 797 
RAILSHAKENINFO_DEL 753 
T_BUZ_ZYHJ_GNWHCS 749 
T_SYS_ORG_20140321 732 
T_BUZ_AQJD_JCTZS_20150804 728 
T_SYS_ORG_ROLE 720 
T_BUZ_FXY_FXYKK_NR_TEMP_BAK 699 
T_SYS_ORG_201403171044 692 
KNXPG 689 
T_SYS_ORG_201402271613 681 
T_BUZ_ZYHJ_TZZYRY 671 
T_BUZ_JYDGJJC 670 
T_BUZ_FHYP_ORG 632 
T_SYS_ORG_ROLE_20141210 627 
T_SYS_ORG_ROLE_20150203 627 
T_BUZ_SG_SBGZ_CLBG_FJ 624 
T_BUZ_FXY_FXYKK_NR_HISTORY 610 
T_SYS_PERMISSION 607 
T_BUZ_JYD_YY 562 
T_SYS_MODEL 557 
T_BUZ_AQJD_JCTZS_20150204 556 
T_BUZ_AQJD_LKXX_XX_20150114 553 
T_BUZ_FXY_FXYKK_NR_BAK 546 
T_BUZ_AQJD_JCTZS_20150123BAK 523 
T_BUZ_BASE_SGDW 516 
T_SYS_MODEL_BAK 507 
T_BUZ_ZYHJ_GNWHCS_FJ 504 
T_BUZ_BASE_RSSGYY 468 
T_BUZ_LBYP_HPBZ_SYDQ 454 
SECTION_SLOW 410 
T_BUZ_JYD_RY 405 
T_BUZ_JYD_YL 399 
T_SYS_STRATEGY 392 
T_SYS_STRATEGY_BBK 392 
T_SYS_STRATEGY_BAK 380 
T_BUZ_ZYHJ_TZSB 348 
T_BUZ_JYD_XX 342 
T_BUZ_BASE_CSDM 338 
T_BUZ_SBJC_JCYXGLS_NEW 321 
T_BUZ_BATX_NSJH_SHYJ 318 
T_BUZ_BATX_AQWJ 302 
T_BUZ_YJ_YJYA 301 
T_BASE_DATA 287 
T_BUZ_TQYB_QXZHYJ 286 
T_BUZ_BASE_SSD_JCH 282 
T_BUZ_JYD_GJ 280 
T_BUZ_LBYP_JHFFXQ 278 
T_BUZ_LBYP_CGJHXQ 263 
T_BUZ_FXY_FXYKK_LB 254 
T_BUZ_TQYB_XX 252 
T_BUZ_ZYJC_SCSB_BJ 240 
T_BUZ_BATX_WJ_MX 239 
T_BUZ_FXY_FXYKK_ML_OLD 233 
T_BUZ_LBYP_YGGWDA141 228 
T_BUZ_YH_MAYSEARCH 227 
T_BUZ_FXY_AQFXXX_DBHFB 217 
T_BUZ_AQJD_JCTZS_FJ 201 
T_SYS_HELP 194 
T_BUZ_LBYP_GBHP_KP 189 
T_BUZ_LBYP_HPXH 189 
T_BUZ_FXY_FXYKK_ML_HISTORY 184 
T_BUZ_ZYJK_FHYP_GZ 169 
TIMESTEP 168 
T_BUZ_FXY_AQFXXX_GKJH 158 
T_BUZ_BASE_ZYZ 157 
T_BUZ_FXY_YH_GLDXGJZ 149 
T_BUZ_BATX_AQTR 132 
T_BUZ_FXY_FXYKK_ML_BAK 132 
T_BUZ_BASE_SJYY 130 
T_LOG_ERROR 130 
T_SYS_ROLE 122 
T_SYS_ROLE_20150805 120 
T_BUZ_BATX_BHGBG 117 
T_BUZ_ZYHJ_WXPMX 113 
T_BUZ_BATX_NSY 105 
T_BUZ_FXY_FXYKK_GL_NR 104 
T_BUZ_SG_TB 100 
T_BUZ_ZYJC_SCSB_LOG 99 
STATION_SLOW 97 
T_BUZ_JYD_XZDW_JX 95 
T_BUZ_BATX_MBJH_WCQK 93 
T_BUZ_BASE_SGDJEJ 91 
T_BUZ_BATX_HYJY 91 
T_BUZ_SG_TB_FJ 90 
T_BUZ_WXY_ZDYH_CZJL 84 
T_BUZ_ZYHJ_WXP_FJ 75 
T_BASE_TYPE 73 
T_SYS_APP_LOGIN_USER 73 
T_BUZ_BLYY_JSDWRY 72 
T_BUZ_BASE_ZY_QYSJ 72 
T_BUZ_ZYJC_GWDTTCY_XLJCYSBTZ 70 
T_BUZ_ZYHJ_WXP 69 
EOS_DICT_ENTRY_I18N 68 
T_BUZ_WXY_WXYKK_NR 62 
T_BUZ_ZYJC_DW_BJ 59 
T_BUZ_SG_GKB_CL 58 
T_BUZ_LBYP_HPFL 58 
T_BUZ_JYD_YY_20150729 57 
T_BUZ_BATX_BHGBG_LC 55 
T_BUZ_ZYJK_GB_HPKC 54 
T_BUZ_BATX_FLFG 51 
T_BUZ_BATX_AQHD 50 
WFPROCESSDEFINE 48 
T_BUZ_TQYB_QXZHYJ_YJDM 48 
WFPROCESSDEFINETEMP 47 
T_BUZ_LBYP_JHFF 47 
T_BUZ_FXY_FXYKK_GL_ML 46 
T_BUZ_BPS_EXT 46 
T_BUZ_BATX_MBJH 46 
T_BUZ_JYD_XZDW 45 
T_BUZ_LBYP_GBHP_PBBZKP 45 
T_BUZ_YJ_WZK_XX 44 
T_BUZ_BASE_TZSB_SBMC 43 
T_BUZ_BASE_CZ 43 
T_BUZ_BATX_TXWJ 41 
T_BUZ_TQYB 40 
T_BUZ_BATX_AQJY 40 
EOS_DICT_ENTRY 40 
T_BUZ_YL_JCD 40 
T_BUZ_BATX_NSY_PXJL 39 
T_BUZ_BLYY_FSDW 39 
T_BUZ_BASE_RSSGYYXL 39 
T_BUZ_BASE_GZBJ 38 
T_BUZ_SY_AQXX 37 
T_BUZ_JYD_BD 37 
T_BUZ_LBYP_HPZD 36 
T_BUZ_ZYJC_JCWRECORD 35 
T_BUZ_FXY_AQFXXX_XZ 35 
T_BUZ_ZYJC_WXY 35 
T_BUZ_ZYJC_XJXL_CZ 34 
T_BUZ_YJ_QXWZ 33 
T_BUZ_TQYB_BM 32 
T_BUZ_BATX_HYBZ 31 
T_BUZ_BATX_NSJCB 31 
T_BUZ_BASE_SDM 31 
T_BUZ_BATX_MBJH_TJJH 30 
CMD_ENGINE 29 
T_BUZ_BASE_SJLB 29 
T_BUZ_ZYJK_FHYP_HPXX 29 
T_BUZ_ZYJC_SCSB 28 
T_BUZ_ZYHJ_WXP_BAK 27 
T_BUZ_BATX_LDJH 27 
T_BUZ_FXY_AQFXXX_XZFH 27 
T_BUZ_BATX_PXJH 27 
T_BUZ_BASE_SGYY 27 
T_BUZ_SG_SBGZ_CLBG_ZRR 26 
T_BUZ_BATX_AQXX 26 
STATION_LOCK 26 
T_BUZ_ZYJC_RYXX 25 
T_BUZ_YJJY_YJYA_GSJYWJ 24 
T_BUZ_BATX_PXJL 24 
PLAN_TABLE 24 
T_CONFIG_DATA 23 
T_BUZ_YJJY_FJ 23 
T_BUZ_BASE_GSZY 22 
T_BUZ_BASE_ZY_ORG 22 
T_BUZ_ZYJC_XJXLSJ 20 
T_BUZ_YJJY_CDJYJL 19 
T_BUZ_JYD_BAK 18 
WFBIZ_CATALOG_INFO 18 
T_CONFIG_BUZ_ZT 18 
T_BUZ_YJ_WZK_ML 17 
T_BUZ_BATX_FZ_FW 17 
T_BUZ_ZYJC_JKPT 16 
T_BUZ_BASE_GZLB 16 
EOS_DICT_TYPE_I18N 16 
T_BUZ_YJ_YJYA_BAK 16 
T_BUZ_AQJD_LKXX_JC 15 
T_BUZ_FXY_ZDAQFXXX_CZB 15 
T_BUZ_SY_AQXX_FK 15 
T_BUZ_BASE_ZY 15 
BFS_BFMS_JS_PATTERN 15 
T_BUZ_BASE_GZLBXTGX 15 
T_LOG_TYPE 15 
T_BUZ_AQJD_LKXX_COLOR_20151103 14 
T_BUZ_BASE_TZSB_SBLX 14 
T_BUZ_WXY_ZDYH_FJ 14 
T_BUZ_LBYP_HPBZ_ZB 14 
T_BUZ_AQJD_LKXX_JC_20151031 13 
T_BUZ_SG_GKB_QSQK_BAK 13 
T_BUZ_BASE_YALB 13 
T_BUZ_WXY_WXYKK_ML 13 
T_BUZ_JYD 13 
T_BUZ_BASE_JC 12 
T_BUZ_BATX_KHPD 12 
T_BUZ_BATX_KHBZ 12 
T_BUZ_BASE_WXLYFL 12 
T_BUZ_ZYJC_SCSB_DWQ 12 
T_BUZ_ZYHJ_TZZYRY_CZSB 12 
T_BUZ_ZYHJ_TZZYRY_GZ_CZSB 12 
RAILSHAKENINFO_DELETE_MAIN 12 
T_SYS_MESSAGER_2014121019 11 
T_BUZ_AQJD_LKXX_COLOR 11 
T_BUZ_AQJD_DZYZ 11 
T_BUZ_FXY_FXYKK_BG 11 
T_BUZ_ZYJK_FFDJ_MX 11 
T_BUZ_BATX_NSJH 11 
T_BUZ_ZYJC 11 
T_SYS_APP_VERSION 10 
T_BUZ_BATX_PSGL 10 
T_BUZ_YJJY_YJYA_GSJYWJ_FJ 10 
T_BUZ_LBYP_GBHPXH 10 
BFS_BFMS_FUNS 10 
T_BAXT_AQWH_SP 10 
T_SYS_MSG 10 
T_BUZ_SY_AQXX_FJ 10 
T_BUZ_LBYP_GBHPZD 10 
T_BUZ_SBJC_JCYXGLS 9 
T_BUZ_ZYHJ_TZZYRY_GZ 9 
T_BUZ_ZYJK_FHYP_HPML 9 
BFS_IN_JILIAN 9 
T_BUZ_BASE_BM 9 
T_BUZ_BATX_NSBG 9 
T_BUZ_ZYJC_SCSBSY 8 
T_BUZ_WXY_ZDYH_DB 8 
T_BUZ_WXY_ZDYH_YBB_XX 8 
T_BUZ_WXY_ZDYH_ZG 8 
T_BUZ_BASE_SSD 8 
BFS_BFMS_VARS 8 
EOS_DICT_TYPE 8 
EOS_UNIQUE_TABLE 8 
T_BUZ_BASE_SGDJYJ 8 
T_CONFIG_BUZ_DATA 8 
T_BUZ_BATX_AQTB 7 
SN_TD_CMD_TO 7 
T_BUZ_SBJC_ZY 7 
T_BUZ_WXY_ZDYH_GPDBGS 7 
T_BUZ_BASE_ZY_DD_DW 7 
BFS_IN_JILIAN_ITEM 7 
REGISTER 7 
T_BUZ_BASE_TZSB_SBZL 7 
T_BUZ_BASE_ZHXXLB 7 
WFSYSTEMINFO 7 
T_BUZ_ZYJK_FHYP_ZY 6 
T_BUZ_ZYJC_RYDW_ZY 6 
T_BUZ_BLYY_NR 6 
T_BUZ_WXY_ZDYH_XX 6 
T_BUZ_SG_SBGZ_CLBG_BAK 6 
T_BUZ_AQJD_DZYZ_2014121019 5 
T_SYS_COPY 5 
T_BUZ_AQJD_DZYZ_201502022209 5 
T_BUZ_AQJD_DZYZ_20150311 5 
T_BUZ_BATX_NSBG_FJ 5 
T_BUZ_AQTS 5 
T_BUZ_WXY_ZDYH_YS 5 
EOS_QRTZ_LOCKS 5 
T_BUZ_BASE_SGLB 5 
T_BUZ_BASE_CDFS 5 
T_BUZ_BLYY_BLYYNR 4 
WL_SESSIONS 4 
BFS_BFMS_UNIQUE_KEY 4 
T_BUZ_ZYJK_FHYP_RY 4 
T_BUZ_ZYHJ_JCBDBDJ 4 
T_BUZ_AQJD_JCTZS_CL_20150123 3 
T_BUZ_JKSJWXYK 3 
T_BUZ_LBYP_CGJH 3 
T_BUZ_LBYP_GBFFGL 3 
T_SYS_MSG_RIGHT 3 
T_BUZ_FXY_ZDAQFXXX 3 
T_BUZ_ZYJK_FHYP_GZXX 3 
T_SYS_ROLE_TYPE 3 
BFS_BFMS_JS_PATTERNPARAM 3 
BFS_IN_JILIAN_TYPE 3 
T_BUZ_WXY_ZDYH_XZ 3 
T_BUZ_SG_GKB_DD_XGSP 2 
T_SYS_ORG_OATB_PZ 2 
T_BUZ_MOBILE_WTFKR 2 
T_BUZ_LBYP_GBFFGL_MX 2 
T_BUZ_ZYJC_JCWDEVICE 2 
SN_TD_CMD_MAIN 2 
T_BUZ_BASE_XL 2 
T_BUZ_FXY_ZDAQFXXX_ZGFH 2 
T_BUZ_FXY_ZDAQFXXX_ZGJH 2 
T_BUZ_SBJC_SBGXGX 2 
T_BUZ_WXY_ZDYH_DB_HZ 2 
T_BUZ_BASE_DD 2 
T_BUZ_FXY_ZDAQFXXX_DBB 2 
T_BUZ_ZYJC_YZQXZS 1 
T_BUZ_BLYY_CONFIG 1 
T_BUZ_MOBILE_WT 1 
T_BUZ_BATX_WJ 1 
T_BUZ_LBYP_GBHP_BZKP 1 
SN_CMD_COPYTO 1 
T_BUZ_SG_JBQKB_CLB 1 
T_BUZ_SG_JBQKB_CLB_ZRR 1 
T_BUZ_SG_JBQKB_JCQK 1 
T_BUZ_SG_JBQKB_SWRYQK 1 
T_BUZ_SG_JBQKB_ZRRD 1 
T_BUZ_WXY_ZDYH_YBB 1 
T_BUZ_ZYHJ_JCBDBDJ_FJ 1 
T_BUZ_ZYJK_FFDJ 1 
WFBIZ_CALENDAR_INFO 1 
BFS_BFMS_USER 1 
BFS_BFMS_USER_GROUP 1 
BFS_BFMS_USER_GROUP_REF 1 
BFS_SYSTEMINFO 1 
TB_TRAIN 1 
T_SYS_JK 1 
D:/code/2014-08-13/shxt/WEB-INF/classes/uddi-address.xml
<uddi__address__list>
    <uddi__address id="default">
        <name>localserver</name>
        <logicName>default</logicName>
        <type>remote</type>
       <!-- 
        <uddiHost>**.**.**.**</uddiHost>
        <uddiPort>7001</uddiPort>
          -->
         
        <uddiHost>**.**.**.**</uddiHost>
        <uddiPort>8080</uddiPort>
        
        <uddiAdminPort>6201</uddiAdminPort>
        <uddiWebContext>default</uddiWebContext>
        <uddiUserID>bps</uddiUserID>
        <uddiPassword>000000</uddiPassword>
        <description>
        </description>
    </uddi__address>
</uddi__address__list>
D:/Oracle/Middleware/user_projects/domains/base_domain/config/jdbc/devDS-6580-jdbc.xml
  <name>devDS</name>
  <jdbc-driver-params>
    <url>jdbc:oracle:thin:@localhost:1521:orcltt</url>
    <driver-name>oracle.jdbc.OracleDriver</driver-name>
    <properties>
      <property>
        <name>user</name>
        <value>shxt</value>
      </property>
    </properties>
    <password-encrypted>{AES}ACGxylQilwKdaYPmOYM7rCV/XjR+J0jXy49a+D/wpB0=</password-encrypted>
  </jdbc-driver-params>
密码:shxt
T_SYS_MESSAGER_USER 2559991 
T_BUZ_YL_ZQJL 2147545 
T_BUZ_ZYJC_GW 314906 
T_BUZ_FXY_AQFXXX 177183 
T_BUZ_FXY_YHGJZRELA 152069 
T_SYS_LOGIN_DETAIL 125228 
T_SYS_MESSAGER 94803 
T_BUZ_ZYJK_FHYP_RY_XXK 40214 
T_BUZ_AQJD_LKXX_CL 34697 
T_BUZ_FXY_YH_GLDXGJZ_GL 26228 
T_LOG_USER_LOGIN 24187 
T_BUZ_YL 23197 
T_BUZ_FXY_AQFXXX_CZB 21567 
T_BUZ_AQJD_LKXX_JSBM 20220 
T_SYS_ROLE_PERMISSION 19785 
DB_REALTIME 18478 
T_BUZ_ZYJC_GWZGW 13532 
T_SYS_USER_ROLE 12416 
T_BUZ_FXY_YHZCGJZ_PC 10333 
T_LOG_DATA 9619 
T_SYS_USER_2018 9378 
T_SYS_USER 9378 
T_SYS_USER_ORG 9263 
T_BUZ_AQJD_LKXX_XX 9237 
T_SYS_USER_ZHENGLIWANG 9197 
T_SYS_USER_2017 9194 
T_SYS_USER_OA 8556 
T_BUZ_ZYJC_GWDTTCY_CCFCSJB 7526 
T_BUZ_MOBILE_MESS_PARAS 7507 
T_BUZ_ZYJC_DW_WJJC 6373 
T_BUZ_LBYP_YGGWDA 6019 
T_BUZ_FXY_FXYKK_NR 5088 
WFWIPARTICIPANT 4841 
T_BUZ_JCCJ_BJDJ 4409 
T_BUZ_ZYJC_GWDTTCY_JCXZGLSJL 4263 
WFWORKITEM 4207 
T_BUZ_FXY_AQFXXX_PRO 3972 
T_BUZ_FXY_YHZCGJZ 3875 
T_BUZ_ZYJC_XJXLSJ_XJGJ 3260 
T_BUZ_BASE_QXDM 3132 
SN_TRAIN_LINE_TIME 3104 
T_BUZ_ZYJC_XLXJ_XJ 3044 
T_SYS_USER_MANAGE_ORG 2855 
T_BUZ_BASE_SJXX 2774 
T_BUZ_ZYJC_LOG 2442 
T_SYS_ROLE_PERMISSION_STRATEGY 2200 
T_BUZ_FXY_AQFXXX_YS 2144 
T_BUZ_ZYJK_HPKC 2130 
T_SYS_DEPT_JOB_OA 2082 
T_BUZ_BATX_KHBZ_MX 1864 
T_BUZ_LBYP_HPBZ 1863 
T_SYS_USER_OA_DCL 1768 
T_BUZ_BATX_NSJH_JCDBZ_MX 1678 
T_BUZ_FXY_FXYKK_ML 1611 
T_SYS_RELAT_OA_USER 1372 
T_BUZ_BATX_KHPD_MX 1352 
T_BUZ_FXY_FXYKK_GLDX 1344 
T_BUZ_BATX_FJ 1285 
WFACTIVITYINST 1255 
T_BUZ_BATX_KHBZ_SYR 1245 
FXY_RW_TEMP 1202 
T_BUZ_FXY_FXYRW_NR 1163 
FXY_TEMP 1134 
T_BUZ_ZYJC_DW_WJJC_LOG 993 
T_SYS_ORG_2018 988 
T_SYS_ORG 988 
T_SYS_ORG_2017 983 
WFTRANSITION 890 
WFTRANSCTRL 851 
T_SYS_ORG_ROLE 714 
T_SYS_LOGIN 713 
T_BUZ_ZYJC_XJXLSJ_XJRY 700 
T_BUZ_FXY_FXYKK_NR_TEMP_BAK 699 
T_BUZ_JCCJ_JCRB 695 
T_BUZ_YJ_QXWZMX 694 
KNXPG 689 
T_BUZ_MOBILE_MESS_PUSHNR 664 
T_BUZ_BATX_AQXY 659 
T_BUZ_AQJD_JCTZS 656 
T_SYS_PERMISSION 612 
T_BUZ_FXY_FXYKK_NR_HISTORY 610 
T_BUZ_BATX_AQTB_TEST 574 
T_BUZ_JYD_YY 562 
T_SYS_MODEL 559 
T_BUZ_LBYP_JHFFRYXQ 548 
T_BUZ_FXY_FXYKK_NR_BAK 546 
WF_H_WIPARTICIPANT 528 
T_SYS_JOB 528 
T_SYS_MODEL_KK 505 
T_BUZ_FXY_AQFXXX_FXYJDWMC 490 
T_BUZ_BASE_RSSGYY 468 
T_BUZ_FHYP_ORG 442 
T_BUZ_FXY_AQFXXX_FJ 421 
T_BUZ_ZYHJ_TZZYRY 393 
T_SYS_STRATEGY 392 
SECTION_SLOW 383 
T_SYS_STRATEGY_BAK 380 
WFPROCESSINST 374 
T_BUZ_FXY_FXYRW 372 
T_BUZ_ZYJC_FZCYXQK 366 
T_BUZ_BASE_CSDM 338 
T_BUZ_BATX_NSJH_SHYJ 327 
T_BUZ_FXY_AQFXXX_ZGFH 319 
T_BUZ_ZYJC_SCSB_XJQK_PATCH 305 
T_BUZ_SY_AQXX 301 
T_BUZ_BASE_SGDW 300 
T_SYS_ORG_BAK 300 
T_BASE_DATA 299 
T_BUZ_SG_CZJL 280 
T_BUZ_BASE_SSD_JCH 279 
T_BUZ_MOBILE_LWJL 258 
T_BUZ_FXY_FXYKK_LB 254 
T_SYS_SEL_ORG 252 
T_BUZ_ZYHJ_TZSB 247 
T_BUZ_JYD_RY 244 
T_BUZ_BATX_WJ_MX 243 
T_BUZ_FXY_FXYKK_ML_OLD 233 
T_LOG_APP_LOGIN_USER 221 
T_BUZ_YJ_YJYA 214 
T_BUZ_AQJD_JCTZS_CL 209 
T_BUZ_TQYB_QXZHYJ 207 
T_BUZ_TQYB_XX 204 
T_BUZ_ZYHJ_TZSB_20151028 195 
T_BUZ_BATX_AQWJ 191 
T_BUZ_LBYP_HPXH 190 
T_BUZ_ZYHJ_GNWHCS 188 
T_BUZ_FXY_FXYKK_ML_HISTORY 184 
T_BUZ_WXY_ZDYH_CZJL 183 
T_BUZ_ZYJK_FHYP_GZ 171 
TIMESTEP 168 
T_BUZ_BASE_ZYZ 157 
T_BUZ_FXY_AQFXXX_GKJH 150 
T_BUZ_ZYJC_ERROR 149 
T_BUZ_BATX_MBJH 137 
T_BUZ_FXY_FXYKK_ML_BAK 132 
T_BUZ_BATX_MBJH_TJJH 132 
T_LOG_ERROR 131 
T_BUZ_SG_SBGZ_CLBG 128 
T_BUZ_JYDGJJC 128 
T_BUZ_BASE_SJYY 125 
T_SYS_ROLE 122 
T_BUZ_BASE_DW_WXY 122 
T_BUZ_BATX_MBJH_WCQK 122 
T_BUZ_LBYP_CGJHXQ 110 
T_BUZ_SG_GKB_DD 109 
T_BUZ_FXY_FXYKK_GL_NR 104 
T_BUZ_ZYHJ_WXPMX 103 
T_BUZ_ZYJC_SCSB_LOG 100 
T_BUZ_LBYP_HPBZ_SYDQ 98 
T_BUZ_BATX_AQTR 96 
STATION_SLOW 95 
T_BUZ_BATX_NSY 94 
T_BUZ_BASE_SGDJEJ 92 
T_BUZ_ZYJC_RYDW_ZY 91 
T_BUZ_BATX_AQHD 90 
RAILSHAKENINFO_DELETE 86 
T_BUZ_FXY_AQFXXX_YQSP 84 
T_SYS_USER_CONFIG 80 
T_BUZ_BATX_AQXX 79 
T_BUZ_SG_SBGZ_CLBG_ZRDW 76 
T_BUZ_JYD_GJ 75 
T_BUZ_BLYY_JSDWRY 75 
T_BASE_TYPE 74 
T_BUZ_BATX_BHGBG 73 
T_BUZ_BASE_ZY_QYSJ 72 
T_BUZ_LBYP_JHFFXQ 71 
T_BUZ_SG_GKB_QSQK 70 
EOS_DICT_ENTRY_I18N 68 
T_BUZ_JYD_XZDW_JX 68 
T_BUZ_WXY_WXYKK_NR 66 
T_BUZ_ZYHJ_WXP 65 
T_BUZ_LBYP_HPFL 63 
T_BUZ_BATX_BHGBG_LC 61 
T_BUZ_AQJD_JCTZS_FJ 61 
T_BUZ_SG_TB 61 
T_BUZ_SG_GKB_JCQK_DD 61 
T_BUZ_ZYJC_DW_BJ 59 
T_BUZ_SG_GKB_DC 56 
T_BUZ_ZYHJ_JCBDBDJ_FJ 55 
T_BUZ_YJ_WZK_XX 54 
T_BUZ_BATX_AQJY 54 
T_SYS_APP_LOGIN_USER 51 
T_BUZ_BATX_FLFG 51 
T_BUZ_SG_GKB_CL 50 
T_BUZ_TQYB_QXZHYJ_YJDM 48 
T_BUZ_ZYJK_GB_HPKC 46 
WFPROCESSDEFINETEMP 46 
WFPROCESSDEFINE 46 
T_BUZ_FXY_FXYKK_GL_ML 46 
T_BUZ_BATX_LDJH 44 
T_BUZ_BASE_CZ 44 
T_BUZ_BPS_EXT 43 
T_BUZ_BATX_TXWJ 43 
T_BUZ_SBJC_JCYXGLS_NEW 42 
T_BUZ_BATX_HYJY 42 
T_BUZ_SG_TB_FJ 40 
T_BUZ_YL_JCD 40 
T_BUZ_TQYB 40 
EOS_DICT_ENTRY 40 
T_BUZ_BASE_RSSGYYXL 39 
T_BUZ_ZYHJ_GNWHCS_FJ 39 
T_BUZ_BLYY_FSDW 39 
T_BUZ_BASE_TZSB_SBMC 39 
T_BUZ_LBYP_HPZD 38 
T_BUZ_BASE_GZBJ 37 
T_BUZ_ZYJC_GWDTTCY_XLJCYSBTZ 37 
T_BUZ_JYD_XZDW 37 
T_BUZ_FXY_AQFXXX_DBB 37 
T_BUZ_JYD_XX 34 
T_BUZ_TQYB_BM 33 
T_BUZ_SG_JBQKB_FJ 33 
T_BUZ_ZYJC_SCSB 32 
T_BUZ_FXY_YHZCGJZ_PC_ZT 31 
T_BUZ_BASE_SDM 31 
T_BUZ_BATX_KHBZ 30 
T_BUZ_JYD_YL 30 
T_BUZ_BATX_NSY_PXJL 30 
T_BUZ_ZYJC_RYXX 29 
T_BUZ_BASE_SJLB 29 
T_BUZ_ZYJK_FHYP_HPXX 29 
T_BUZ_ZYHJ_JCBDBDJ 28 
T_BUZ_BASE_SGYY 27 
T_BUZ_YJJY_YJYA_GSJYWJ 27 
T_BUZ_YH_MAYSEARCH 27 
T_SYS_COPY_USER_VIEW 27 
T_BUZ_WXY_ZDYH_XX 27 
T_BUZ_ZYHJ_WXP_BAK 27 
T_BUZ_BATX_NSJCB 24 
STATION_LOCK 24 
T_CONFIG_DATA 23 
T_BUZ_LBYP_JHFF 23 
T_BUZ_BASE_ZY_ORG 22 
T_BUZ_BASE_GSZY 22 
T_BUZ_SG_JBQKB 21 
T_BUZ_WXY_ZDYH_FJ 20 
T_BUZ_SG_GKB_DD_XGSP 20 
T_BUZ_SG_GKB_DD_BAK 19 
T_BUZ_BATX_PXJH 18 
T_BUZ_JYD_BAK 18 
WFBIZ_CATALOG_INFO 18 
T_CONFIG_BUZ_ZT 18 
T_SYS_UP_FILE 18 
T_BUZ_ZYHJ_WXP_FJ 18 
T_BUZ_SG_SBGZ_CLBG_FJ 17 
T_BUZ_ZYJC_JKPT 17 
T_BUZ_YJ_WZK_ML 17 
T_BUZ_BASE_GZLB 16 
T_BUZ_BATX_KHPD 16 
T_BUZ_BATX_NSJH 16 
T_BUZ_BATX_PSGL 16 
EOS_DICT_TYPE_I18N 16 
T_BUZ_YJ_YJYA_BAK 16 
T_BUZ_ZYJK_FFDJ_MX 16 
T_SYS_MSG 16 
T_BUZ_FXY_AQFXXX_DBHFB 16 
T_BUZ_BASE_GZLBXTGX 15 
BFS_BFMS_JS_PATTERN 15 
T_LOG_TYPE 15 
T_BUZ_FXY_ZDAQFXXX_CZB 15 
T_BUZ_BASE_ZY 14 
T_BUZ_BATX_PXJL 14 
T_BUZ_ZYJC_XJXLSJ 14 
T_BUZ_YJ_QXWZ 14 
T_BUZ_LBYP_GBHP_KP 14 
T_BUZ_BASE_YALB 13 
T_BUZ_LBYP_GBHP_PBBZKP 13 
T_BUZ_LBYP_HPBZ_ZB 13 
T_BUZ_AQJD_LKXX_JC 13 
T_BUZ_SG_GKB_QSQK_BAK 13 
T_BUZ_SG_JBQKB_JCQK 13 
T_BUZ_WXY_WXYKK_ML 13 
T_BUZ_SG_GKB_DC_BAK 13 
T_BUZ_BASE_JC 12 
T_BUZ_BASE_WXLYFL 12 
T_BUZ_WXY_ZDYH_DB 12 
T_BUZ_ZYHJ_TZZYRY_GZ_CZSB 12 
T_BUZ_ZYHJ_TZZYRY_CZSB 12 
T_BUZ_FXY_FXYKK_BG 11 
T_BUZ_SG_SBGZ_CLBG_ZRR 11 
T_BUZ_AQJD_LKXX_COLOR 11 
T_BUZ_ZYJC_XJXLSJ_BAK 11 
T_BUZ_AQJD_DZYZ 11 
T_BUZ_ZYJC 11 
T_BAXT_AQWH_SP 10 
BFS_BFMS_FUNS 10 
T_BUZ_BASE_TZSB_SBLX 10 
T_BUZ_BASE_ORG_ZY 10 
PLAN_TABLE 9 
TST 9 
T_BUZ_BASE_SSD 9 
T_BUZ_BATX_NSBG 9 
T_BUZ_FXY_AQFXXX_XZ 9 
T_BUZ_JYD 9 
T_BUZ_LBYP_GBHPXH 9 
T_BUZ_LBYP_GBHPZD 9 
T_BUZ_SBJC_JCYXGLS 9 
T_BUZ_SG_JBQKB_SWRYQK 9 
T_BUZ_SG_JBQKB_ZRRD 9 
T_BUZ_ZYJK_FHYP_HPML 9 
T_BUZ_WXY_ZDYH_ZG 9 
BFS_IN_JILIAN 9 
T_BUZ_BASE_BM 9 
T_BUZ_BASE_SGDJYJ 8 
EOS_DICT_TYPE 8 
T_BUZ_SG_JBQKB_CLB 8 
T_BUZ_ZYHJ_TZZYRY_GZ 8 
T_BUZ_ZYJC_SCSBSY 8 
T_CONFIG_BUZ_DATA 8 
SN_TD_CMD_MAIN 8 
SN_TD_CMD_TO 8 
TD_CMD_MAIN 8 
TD_CMD_TO 8 
T_BUZ_WXY_ZDYH_GPDBGS 8 
T_BUZ_WXY_ZDYH_YBB_XX 8 
T_SYS_MSG_USER 8 
RAILSHAKENINFO 8 
BFS_BFMS_VARS 8 
EOS_UNIQUE_TABLE 8 
T_BUZ_LBYP_CGJH 8 
REGISTER 7 
T_BUZ_BASE_ZHXXLB 7 
T_BUZ_BASE_ZY_DD_DW 7 
BFS_IN_JILIAN_ITEM 7 
T_BUZ_SBJC_ZY 7 
T_BUZ_YJJY_YJYA_GSJYWJ_FJ 7 
T_AQTB 7 
T_BUZ_BATX_AQTB 7 
T_BUZ_AQTS 6 
T_BUZ_BASE_TZSB_SBZL 6 
T_BUZ_BATX_FZ_FW 6 
T_BUZ_BATX_HYBZ 6 
T_BUZ_ZYJC_SCSB_DWQ 6 
T_BUZ_SG_SBGZ_CLBG_BAK 6 
T_BUZ_ZYJK_FFDJ 6 
T_BUZ_ZYJK_FHYP_ZY 6 
T_BUZ_ZYJC_WXY 6 
T_BUZ_BLYY_NR 6 
T_BUZ_BASE_PET 5 
T_BUZ_BASE_SGLB 5 
T_BUZ_FXY_AQFXXX_XZFH 5 
T_BUZ_SY_AQXX_FJ 5 
T_BUZ_SY_AQXX_FK 5 
T_BUZ_BASE_CDFS 5 
QRTZ_LOCKS 5 
T_SYS_COPY 5 
T_BUZ_WXY_ZDYH_XZ 5 
T_BUZ_WXY_ZDYH_YS 5 
EOS_QRTZ_LOCKS 5 
T_BUZ_YJJY_CDJYJL 5 
T_BUZ_BATX_NSBG_FJ 4 
T_BUZ_BLYY_BLYYNR 4 
T_BUZ_SG_JBQKB_CLB_ZRR 4 
BFS_BFMS_UNIQUE_KEY 4 
SN_CMD_COPYTO 4 
CMD_COPYTO 4 
T_BUZ_WXY_ZDYH_DB_HZ 4 
T_BUZ_ZYJK_FHYP_RY 4 
T_BUZ_BLYY_JL 3 
T_BUZ_FXY_ZDAQFXXX 3 
T_BUZ_JKSJWXYK 3 
T_BUZ_LBYP_GBCGGL_MX 3 
T_BUZ_ZYJK_FHYP_GZXX 3 
T_SYS_ROLE_TYPE 3 
QRTZ_FIRED_TRIGGERS 3 
BFS_BFMS_JS_PATTERNPARAM 3 
BFS_IN_JILIAN_TYPE 3 
T_SYS_APP_VERSION 3 
T_BUZ_ZYJC_SCSB_BJ 3 
T_BUZ_BASE_DD 2 
T_BUZ_BASE_XL 2 
T_BUZ_FXY_ZDAQFXXX_DBB 2 
T_BUZ_FXY_ZDAQFXXX_ZGFH 2 
T_BUZ_FXY_ZDAQFXXX_ZGJH 2 
T_BUZ_LBYP_GBFFGL_MX 2 
T_SYS_ORG_POST 2 
T_BUZ_ZHGL_AQLW 2 
T_SYS_HELP 2 
T_SYS_MSG_RIGHT 2 
T_SYS_ORG_OATB_PZ 2 
T_BUZ_WXY_ZDYH_XZ_HZ 2 
T_SYS_POST 2 
T_BUZ_SBJC_SBGXGX 2 
TB_TRAIN 1 
T_SYS_JK 1 
T_BUZ_BLYY_CONFIG 1 
T_BUZ_LBYP_GBCGGL 1 
T_BUZ_LBYP_GBFFGL 1 
T_BUZ_LBYP_GBHP_BZKP 1 
T_BUZ_YJJY_FJ 1 
T_BUZ_ZYJK_GS 1 
T_BUZ_ZYJK_ZYB 1 
RAILSHAKENINFO_DELETE_MAIN 1 
QRTZ_JOB_DETAILS 1 
QRTZ_TRIGGERS 1 
QRTZ_CRON_TRIGGERS 1 
QRTZ_SCHEDULER_STATE 1 
T_SYS_ROLE_TEST 1 
T_BUZ_ZYJC_YZQXZS 1 
BFS_BFMS_USER 1 
BFS_BFMS_USER_GROUP 1 
BFS_BFMS_USER_GROUP_REF 1 
BFS_SYSTEMINFO 1 
WFSYSTEMINFO 1 
WFBIZ_CALENDAR_INFO 1 
T_BUZ_BATX_WJ 1


6.jpg


7.jpg


8.jpg


9.jpg


10.jpg


11.jpg


12.jpg


13.jpg


14.jpg


15.jpg


16.jpg


17.jpg


18.jpg


19.jpg

漏洞证明:

如上

修复方案:

升级

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:13

确认时间:2016-05-19 17:02

厂商回复:

CNVD确认并复现所述情况,已经转由CNCERT向国家上级信息安全协调机构上报,由其后续协调网站管理单位处置.

最新状态:

暂无

漏洞评价:

评价

  1. 2016-05-16 11:34 | 十万伏特 ( 路人 | Rank:2 漏洞数:1 | Hello 乌云)

    不会是12306吧

  2. 2016-05-16 11:39 | 中国公民 ( 路人 | Rank:25 漏洞数:12 | 脱裤不提交,提交不脱裤)

    谁会是那个背锅侠

  3. 2016-05-16 13:11 | 城管实习大叔 ( 路人 | Rank:4 漏洞数:2 | 哦哦哒)

    坐等直播!

  4. 2016-05-16 13:44 | 马浩 ( 路人 | Rank:1 漏洞数:1 | 关注网络安全,请多多指教)

    坐等上电视

  5. 2016-05-17 09:11 | 蝶离飞 ( 实习白帽子 | Rank:42 漏洞数:15 | 苦B骚年)

    我不要上电视 ,我只要库子