神刀安全网

漏洞标题: 新浪某重要主站命令执行漏洞入内网

漏洞详情

披露状态:

2016-05-06: 细节已通知厂商并且等待厂商处理中
2016-05-09: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

http://bbs.sina.com.cn/ 新浪论坛命令执行

随便点击一个帖子进行回服,同样是命令执行 NC反弹,直接入服务器

漏洞标题:  新浪某重要主站命令执行漏洞入内网

漏洞标题:  新浪某重要主站命令执行漏洞入内网

漏洞证明:

漏洞标题:  新浪某重要主站命令执行漏洞入内网

漏洞标题:  新浪某重要主站命令执行漏洞入内网

这在服务器竟然装了nmap 那就索性扫了下, 不知是有人已经来过还是你们自己人装的

code 区域
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.195
Host is up (0.00013s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.196
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.197
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.198
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.199
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.200
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.201
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.202
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.203
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.204
Host is up (0.00013s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.205
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.206
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.207
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.208
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.209
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.210
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.211
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.212
Host is up (0.00030s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.213
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.214
Host is up (0.00016s latency).
Not shown: 988 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp filtered X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.215
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
843/tcp open unknown
873/tcp open rsync
3306/tcp open mysql
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.216
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.217
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.218
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.219
Host is up (0.00016s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.220
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.221
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.222
Host is up (0.00017s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.223
Host is up (0.00017s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.224
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.225
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.226
Host is up (0.00023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.227
Host is up (0.00014s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7103/tcp open unknown
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.228
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.229
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.230
Host is up (0.00018s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp filtered X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.232
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.233
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.234
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.235
Host is up (0.00020s latency).
Not shown: 988 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.236
Host is up (0.00019s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
843/tcp open unknown
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.237
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.238
Host is up (0.00019s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.239
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.240
Host is up (0.00020s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.241
Host is up (0.00025s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.242
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.243
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.244
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.245
Host is up (0.00022s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.246
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.247
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.248
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.249
Host is up (0.00021s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt
8090/tcp open unknown

Nmap scan report for 172.16.187.250
Host is up (0.00021s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.251
Host is up (0.00024s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
873/tcp open rsync
3306/tcp open mysql
6001/tcp open X11:1
6002/tcp open X11:2
6003/tcp open X11:3
6004/tcp open X11:4
6005/tcp open X11:5
6006/tcp open X11:6
6007/tcp open X11:7
6009/tcp open X11:9
7443/tcp open oracleas-https
8000/tcp open http-alt

Nmap scan report for 172.16.187.253
Host is up (0.00020s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
873/tcp open rsync
5666/tcp open nrpe

Nmap scan report for 172.16.187.254
Host is up (0.00028s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh

继续玩代码执行 内网就不深入了 这么都开了 22 ssh 3306 怎么也能找到几台弱口令的吧

修复方案:

你们懂的

版权声明:转载请注明来源 Q1NG@乌云

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » 漏洞标题: 新浪某重要主站命令执行漏洞入内网

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址