HanDs
管理员

[7月漏洞公开] TCL某站点Getshell影响550万客户信息安全 



rt

详细说明:

code 区域

mask 区域
1.http://**.**.**/



反序列getshell

code 区域

mask 区域
1.http://**.**.**/bea_wls_internal/1.jsp



密码:

mask 区域
*****m*****



数据库配置:

code 区域
<db-user>gn</db-user>
<db-password>gn</db-password>
<select-tran-level>1</select-tran-level>
<update-tran-level>2</update-tran-level>
<db-driver>oracle.jdbc.OracleDriver</db-driver>
<db-url>jdbc:oracle:thin:@10.106.0.13:1521:tclcss</db-url>



code 区域
GN	CSS_INVENTORY_HISTORY	465597582
GN CSS_SURPLUS_AMOUNT_CHANGE_H 219245436
GN BASE_BATCHCODE_AUTOMATICALLY 116558100
GN CSS_BADINVENTORY_HISTORY 64013386
GN CSS_SALE_BOM 49358950
APPSCRM CPCSYSLOG 27042804
GN CSS_SVRPAY_ACCOUNT_HISTORY 13532491
GN CSS_FIXFEE_SETTLE_PREPARE 9500678
GN CSS_ENDUSER 5898901
GN CSS_SURPLUS_AMOUNT_HISTORY 5776230
APPSCRM CPCUSEROPINIONH 5569654
GN CSS_INST_HEADER 5247937
GN CSS_APPEAL 5168622
APPSCRM CPCEMAILTRK 5152155
GN TMP_INST_HEADER 3805911
GN CSS_SETTLE_ID 3750760
APPSCRM CPCSYSMENULOG 3712217
GN CSS_INST_HEADER02 3159860
GN BALANCEOFWORKID 2524716
GN CSS_FIXFEE_SETTLE_LINE 2239548
GN CSS_ITEMIN_LINE 2026488
GN CSS_ITEMOUT_LINE 1951060
GN CSS_FIX_HEADER 1775447
GN V_OI_WBL_CALL_DATA1 1731704
GN CSS_INST_DETAIL_OLD 1701359



R5.png

漏洞证明:

code 区域
GN	CSS_INVENTORY_HISTORY	465597582
GN CSS_SURPLUS_AMOUNT_CHANGE_H 219245436
GN BASE_BATCHCODE_AUTOMATICALLY 116558100
GN CSS_BADINVENTORY_HISTORY 64013386
GN CSS_SALE_BOM 49358950
APPSCRM CPCSYSLOG 27042804
GN CSS_SVRPAY_ACCOUNT_HISTORY 13532491
GN CSS_FIXFEE_SETTLE_PREPARE 9500678
GN CSS_ENDUSER 5898901
GN CSS_SURPLUS_AMOUNT_HISTORY 5776230
APPSCRM CPCUSEROPINIONH 5569654
GN CSS_INST_HEADER 5247937
GN CSS_APPEAL 5168622
APPSCRM CPCEMAILTRK 5152155
GN TMP_INST_HEADER 3805911
GN CSS_SETTLE_ID 3750760
APPSCRM CPCSYSMENULOG 3712217
GN CSS_INST_HEADER02 3159860
GN BALANCEOFWORKID 2524716
GN CSS_FIXFEE_SETTLE_LINE 2239548
GN CSS_ITEMIN_LINE 2026488
GN CSS_ITEMOUT_LINE 1951060
GN CSS_FIX_HEADER 1775447
GN V_OI_WBL_CALL_DATA1 1731704
GN CSS_INST_DETAIL_OLD 1701359



R5.png

修复方案:

打补丁 + 删除shell


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
TCL 某站点 Getshell 影响 550 万客户信息安全
#1楼
发帖时间:2016-7-15   |   查看数:0   |   回复数:0
游客组
快速回复