分类: 信息化
2014-05-31 17:35:29
中国电信某C段一系列问题
中国电信某C段一系列问题,太累了!
1.电信会议助理
Target: Whoami: root WebPath: /data/huiyy/huiyizhuli/
2.中国电信云会议管理系统
Target: Whoami: root WebPath: /opt/huiyy/newconference/
3.江苏天翼客服系统
Target: Whoami: root WebPath: /xiaoi_app/jstelecom_CN_wechat/webapps/robot
4.天翼通信助手后台管理系统
Target: Whoami: nt authority\system WebPath: D:\Core\Tomcat\webapps\web\
5.电信客服系统1
Target: Whoami: root WebPath: /xiaoi_app/jstelecom_CN_wechat/webapps/robot
6.电信客服系统2
arget: Whoami: root WebPath: /xiaoi_app/jstelecom_sms/webapps/robot
7.电信数字化校园短信平台
Target: Whoami: root WebPath: /var/tomcat/webapps/ROOT/
8.jboss jmx-console未授权访问,可shell
9.天翼看交通svn泄露,可读源码
还有很多
/common /config /css /DownloadFiles /images /include /javascript /manage /manage/account /manage/AdPublish /manage/Area /manage/BusinessManage /manage/Character /manage/chart /manage/City /manage/cms /manage/code /manage/companySet /manage/css /manage/Customerauth /manage/customerReport /manage/Dict /manage/gbox /manage/gboxsetting /manage/images /manage/images/images /manage/news /manage/parking /manage/Product /manage/pu /manage/publicMsg /manage/Road /manage/serviceStation /manage/systemMsg /manage/User /manage/userlog /manage/userRecommend /manage/Vau /manage/version /manage/video /manage/Videocategory /manage/Videoerror /manage/vu /manage/win /My97DatePicker /My97DatePicker/lang /My97DatePicker/skin /My97DatePicker/skin/default /My97DatePicker/skin/whyGreen /portal /v /WebNews/image /WebNews/img /WebNews/res
以上目录都存在svn泄露,不重复
10.全球眼视频监控系统存在svn泄露。可读源码
/download /HomePage /images /include /javascript /logs
以上目录都存在,不列举了
漏洞修补方法 patch and del svn