新浪某重要主站命令执行漏洞入内网

  • 内容
  • 相关

漏洞详情

披露状态:

 

2016-05-06: 细节已通知厂商并且等待厂商处理中
2016-05-06: 厂商已查看当前漏洞内容,细节仅向厂商公开
2016-05-09: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

http://bbs.sina.com.cn/ 新浪论坛命令执行

随便点击一个帖子进行回服,同样是命令执行 NC反弹,直接入服务器

sina3.png



sina4.png

 

漏洞证明:

 

sina1.png



sina2.png





这在服务器竟然装了nmap 那就索性扫了下, 不知是有人已经来过还是你们自己人装的

code 区域
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.195
Host is up (0.00013s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.196
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.197
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.198
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.199
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.200
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.201
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.202
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.203
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.204
Host is up (0.00013s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.205
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.206
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.207
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.208
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.209
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.210
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.211
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.212
Host is up (0.00030s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.213
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.214
Host is up (0.00016s latency).
Not shown: 988 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp filtered X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.215
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
843/tcp open unknown
873/tcp open rsync
3306/tcp open mysql
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.216
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.217
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.218
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.219
Host is up (0.00016s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.220
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.221
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.222
Host is up (0.00017s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.223
Host is up (0.00017s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.224
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.225
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.226
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.227
Host is up (0.00014s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7103/tcp open unknown
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.228
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.229
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.230
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp filtered X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.232
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.233
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.234
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.235
Host is up (0.00020s latency).
Not shown: 988 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.236
Host is up (0.00019s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
843/tcp open unknown
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.237
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.238
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.239
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.240
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.241
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.242
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.243
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.244
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.245
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.246
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.247
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.248
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.249
Host is up (0.00021s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt
8090/tcp open unknown

Nmap scan report for 172.16.187.250
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.251
Host is up (0.00024s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.253
Host is up (0.00020s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
873/tcp open rsync
5666/tcp open nrpe

Nmap scan report for 172.16.187.254
Host is up (0.00028s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh







继续玩代码执行 内网就不深入了 这么都开了 22 ssh 3306 怎么也能找到几台弱口令的吧

修复方案:

你们懂的

版权声明:转载请注明来源 Q1NG@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-05-09 10:40

厂商回复:

已有白帽子报过,故忽略,感谢支持~

最新状态:

暂无


本文标签:

版权声明:若无特殊注明,本文皆为《安三》原创,转载请保留文章出处。『鹦鹉搜索』

百度收录:百度已收录『查看详情』

本文链接:新浪某重要主站命令执行漏洞入内网 - https://www.15qq.cn/wooyun/562.html

发表评论

电子邮件地址不会被公开。 必填项已用*标注

允许邮件通知