新闻
绿地团体全球会员(绿地会)某系统存在命令执行漏洞/root权限/涉及多个项目源码 -柬埔寨海运
新闻 | 2020-08-24 20:17
admin@g-club.com
*****cod*****
TX packets 1381751 bytes 7158778617 (6.6 GiB)
operator:x:11:0:operator:/root:/sbin/nologin
*****ebup_*****
*****:3e:01:00:dc *****
*****de&g*****
*****de&g*****
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
RX errors 0 dropped 0 overruns 0 frame 0
*****s*****
*****for polkitd:*****
**********
*****6 bytes 56323*****
:8080/login?from=%2fjenkins java反序列化命令执行/var/lib/jenkins/users/admin/config.xml
***** for libstoragemgmt:*****
*****d SSH:/var/empty*****
*****���*****
**********
*****6 bytes 8095*****
涉及多个源码
*****s*****
*****lyway-3.*****
*****14fc7408c71b787f5463.png&qu*****
ls
*****3e:01:02:51 [*****
*****-l*****
**********
eth0: flags=4163 mtu 1500
cd src
? (10.117.29.174) at 00:16:3e:01:00:04 [ether] on eth0
*****e./flywa*****
? (121.43.104.59) at 00:16:3e:01:02:51 [ether] on eth1
*****overruns 0 carr*****
? (121.43.106.225) at 00:16:3e:01:00:ee [ether] on eth1
**********
? (121.43.107.249) at 00:2a:6a:e6:4c:bc [ether] on eth1
*****6:3e:01:02:51*****
? (10.117.29.41) at 00:16:3e:01:00:30 [ether] on eth0
ether 00:16:3e:00:2c:ec txqueuelen 1000 (Ethernet)
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
*****opped 0 ove*****
*****ool/lpd:/s*****
*****16:3e:01:00:e*****
*****16:3e:01:00:d*****
*****/
cat /root/.bash_history 部分内收留
? (10.117.31.248) at 00:2a:6a:e6:4b:7c [ether] on eth0
*****in@g-club.com&l*****
*****ck:/var/run/avahi-*****
***** 255.255.252.0 br*****
eth1: flags=4163 mtu 1500
*****6e txqueuelen *****
*****6:3e:01:00:04*****
**********
*****lib/chrony:/*****
*****07 bytes 8068*****
RX packets 2410396 bytes 809594596 (772.0 MiB)
*****6 bytes 8095*****
*****body:/:/s*****
*****/var/ftp:/s*****
**********
*****:/sbin:/*****
*****at 00:2a:6a:e6:4*****
? (121.43.107.247) at 00:00:0c:9f:f3:20 [ether] on eth1
*****;cd /j*****
ls
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
**********
*****overruns 0 carr*****
*****wn:/sbin:/s*****
sync:x:5:0:sync:/sbin:/bin/sync
games:x:12:100:games:/usr/games:/sbin/nologin
loop txqueuelen 0 (Local Loopback)
*****AST,RUNNING,MUL*****
? (10.117.29.46) at 00:16:3e:01:00:dc [ether] on eth0
*****s*****
*****ebup_dao/src/database/*.* *****
./flyway migrate./flyway migrate
*****c/pa*****
ll -l
*****/ntp:/sbi*****
cp /var/lib/jenkins/workspace/greenlandB2B2C/kpluswebup_dao/src/database/*.* /usr/local/flyway-3.2.1-prod/sql/
*****ebup_admi*****
adm:x:3:4:adm:/var/adm:/sbin/nologin
*****aemon:/:/s*****
*****len 0 (Loc*****
*****Stack:/var/lib/avah*****
*****s*****
ls
***** -*****
*****orkspace/gr*****
,物流中介 ,禹州物流 **********
*****i@greenlandhk.com*****
TX packets 6381535 bytes 12319814865 (11.4 GiB)
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
*****1 bytes 7158*****
lo: flags=73 mtu 65536
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
**********
*****00:0c:9f:f3:2*****
*****s*****
*****0.1 netma*****
? (121.43.107.248) at 00:2a:6a:e6:4b:7c [ether] on eth1
*****tegration Server:/va*****
ifconfig -a
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
*****1ffb1af51cb0a91504b9.png&qu*****
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
**********
*****opped 0 ove*****
ls
*****/usr/games:*****
*****4ec1d14a0afea3ba9645.png&qu*****
RX packets 132128846 bytes 5632328121 (5.2 GiB)
*****r_-UserPropert*****
? (10.117.31.249) at 00:2a:6a:e6:4c:bc [ether] on eth0
cd /jenkins
inet 121.43.104.51 netmask 255.255.252.0 broadcast 121.43.107.255
RX errors 0 dropped 0 overruns 0 frame 0
*****er plugin="m*****
*****2a:6a:e6:4c:b*****
*****fig*****
libstoragemgmt:x:998:997:daemon account for libstoragemgmt:/var/run/lsm:/sbin/nologin
ls
*****1f745568a0986619cd5f.png&qu*****
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
*****ers/admin/*****
*****s*****
cd /var/lib/jenkins/workspace/greenlandB2B2C/
*****0:0c:9f:f2:bc*****
*****s*****
**********
chandlerli@greenlandhk.com
*****de&g*****
RX packets 1907762507 bytes 80680399263 (75.1 GiB)
*****r/adm:/sb*****
daemon:x:2:2:daemon:/sbin:/sbin/nologin
*****a:6a:e6:4b:7c*****
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
*****ec txqueuelen *****
ls
find -name kpluswebup_admin_webapp
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
*****���*****
inet 10.117.29.228 netmask 255.255.248.0 broadcast 10.117.31.255
ntp:x:38:38::/etc/ntp:/sbin/nologin
*****0:root:/roo*****
***** 255.255.248.0 br*****
? (121.43.104.78) at 00:16:3e:01:00:77 [ether] on eth1
cd database/
inet 127.0.0.1 netmask 255.0.0.0
内网环境arp -a
*****BACK,RUNNING*****
chrony:x:997:996::/var/lib/chrony:/sbin/nologin
*****6:3e:01:00:77*****
*****..*****
*****6:3e:01:02:88*****
*****d9e6d027386b5d630181.png&qu*****
cd /
*****tab*****
*****/spool/mail*****
abrt:x:173:173::/etc/abrt:/sbin/nologin
*****overruns 0 carr*****
*****tor:/root:/*****
dbus:x:81:81:System message bus:/:/sbin/nologin
ls
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
***** bytes 1231981*****
/var/lib/jenkins/jobs//restartQATomcat/config.xml
*****a:6a:e6:4c:bc*****
*****6:3e:01:00:aa*****
*****::/:/sbi*****
false
*****webup_dao/src/database/*.******
cat /etc/passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
root:x:0:0:root:/root:/bin/bash
? (121.43.104.132) at 00:16:3e:01:00:dc [ether] on eth1
*****sr*****
*****w*****
*****opped 0 ove*****
*****BROADCAST,RUNNING,*****
*****bin:/sbi*****
*****:3e:01:00:30 *****
**********
**********
*****:/sbin:/sb*****
tcpdump:x:72:72::/:/sbin/nologin
pwd
*****�列化��*****
*****c/abrt:/sb*****
? (10.117.28.2) at 00:16:3e:01:02:51 [ether] on eth0
*****
*****restartQATom*****
? (10.117.29.148) at 00:16:3e:01:02:88 [ether] on eth0
**********
cd ..
jenkins:x:996:995:Jenkins Continuous Integration Server:/var/lib/jenkins:/bin/false
*****se
ether 00:16:3e:00:30:6e txqueuelen 1000 (Ethernet)
*****个��*****
*****erProperty plugin=&q*****
halt:x:7:0:halt:/sbin:/sbin/halt
*****pool/postfix*****
*****:/sbin:/*****
cd kpluswebup_dao/
,空运报价 海运价格
*****cod*****
TX packets 1381751 bytes 7158778617 (6.6 GiB)
operator:x:11:0:operator:/root:/sbin/nologin
*****ebup_*****
*****:3e:01:00:dc *****
*****de&g*****
*****de&g*****
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
RX errors 0 dropped 0 overruns 0 frame 0
*****s*****
*****for polkitd:*****
**********
*****6 bytes 56323*****
:8080/login?from=%2fjenkins java反序列化命令执行/var/lib/jenkins/users/admin/config.xml
***** for libstoragemgmt:*****
*****d SSH:/var/empty*****
*****���*****
**********
*****6 bytes 8095*****
涉及多个源码
*****s*****
*****lyway-3.*****
*****14fc7408c71b787f5463.png&qu*****
ls
*****3e:01:02:51 [*****
*****-l*****
**********
eth0: flags=4163 mtu 1500
cd src
? (10.117.29.174) at 00:16:3e:01:00:04 [ether] on eth0
*****e./flywa*****
? (121.43.104.59) at 00:16:3e:01:02:51 [ether] on eth1
*****overruns 0 carr*****
? (121.43.106.225) at 00:16:3e:01:00:ee [ether] on eth1
**********
? (121.43.107.249) at 00:2a:6a:e6:4c:bc [ether] on eth1
*****6:3e:01:02:51*****
? (10.117.29.41) at 00:16:3e:01:00:30 [ether] on eth0
ether 00:16:3e:00:2c:ec txqueuelen 1000 (Ethernet)
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
*****opped 0 ove*****
*****ool/lpd:/s*****
*****16:3e:01:00:e*****
*****16:3e:01:00:d*****
*****/
cat /root/.bash_history 部分内收留
? (10.117.31.248) at 00:2a:6a:e6:4b:7c [ether] on eth0
*****in@g-club.com&l*****
*****ck:/var/run/avahi-*****
***** 255.255.252.0 br*****
eth1: flags=4163 mtu 1500
*****6e txqueuelen *****
*****6:3e:01:00:04*****
**********
*****lib/chrony:/*****
*****07 bytes 8068*****
RX packets 2410396 bytes 809594596 (772.0 MiB)
*****6 bytes 8095*****
*****body:/:/s*****
*****/var/ftp:/s*****
**********
*****:/sbin:/*****
*****at 00:2a:6a:e6:4*****
? (121.43.107.247) at 00:00:0c:9f:f3:20 [ether] on eth1
*****;cd /j*****
ls
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
**********
*****overruns 0 carr*****
*****wn:/sbin:/s*****
sync:x:5:0:sync:/sbin:/bin/sync
games:x:12:100:games:/usr/games:/sbin/nologin
loop txqueuelen 0 (Local Loopback)
*****AST,RUNNING,MUL*****
? (10.117.29.46) at 00:16:3e:01:00:dc [ether] on eth0
*****s*****
*****ebup_dao/src/database/*.* *****
./flyway migrate./flyway migrate
*****c/pa*****
ll -l
*****/ntp:/sbi*****
cp /var/lib/jenkins/workspace/greenlandB2B2C/kpluswebup_dao/src/database/*.* /usr/local/flyway-3.2.1-prod/sql/
*****ebup_admi*****
adm:x:3:4:adm:/var/adm:/sbin/nologin
*****aemon:/:/s*****
*****len 0 (Loc*****
*****Stack:/var/lib/avah*****
1.**.**.**/loginfrom=%2f_
cd /usr/local/flyway-3.2.1-dev/
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root权限
TX packets 2410396 bytes 809594596 (772.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
*****istory ��*****
*****s*****
ls
***** -*****
*****orkspace/gr*****
,物流中介 ,禹州物流 **********
*****i@greenlandhk.com*****
TX packets 6381535 bytes 12319814865 (11.4 GiB)
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
*****1 bytes 7158*****
lo: flags=73 mtu 65536
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
**********
*****00:0c:9f:f3:2*****
*****s*****
*****0.1 netma*****
? (121.43.107.248) at 00:2a:6a:e6:4b:7c [ether] on eth1
*****tegration Server:/va*****
ifconfig -a
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
*****1ffb1af51cb0a91504b9.png&qu*****
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
**********
*****opped 0 ove*****
ls
*****/usr/games:*****
*****4ec1d14a0afea3ba9645.png&qu*****
RX packets 132128846 bytes 5632328121 (5.2 GiB)
*****r_-UserPropert*****
? (10.117.31.249) at 00:2a:6a:e6:4c:bc [ether] on eth0
cd /jenkins
inet 121.43.104.51 netmask 255.255.252.0 broadcast 121.43.107.255
RX errors 0 dropped 0 overruns 0 frame 0
*****er plugin="m*****
*****2a:6a:e6:4c:b*****
*****fig*****
libstoragemgmt:x:998:997:daemon account for libstoragemgmt:/var/run/lsm:/sbin/nologin
ls
*****1f745568a0986619cd5f.png&qu*****
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
*****ers/admin/*****
*****s*****
cd /var/lib/jenkins/workspace/greenlandB2B2C/
*****0:0c:9f:f2:bc*****
*****s*****
**********
chandlerli@greenlandhk.com
*****de&g*****
RX packets 1907762507 bytes 80680399263 (75.1 GiB)
*****r/adm:/sb*****
daemon:x:2:2:daemon:/sbin:/sbin/nologin
*****a:6a:e6:4b:7c*****
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
*****ec txqueuelen *****
ls
find -name kpluswebup_admin_webapp
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
*****���*****
inet 10.117.29.228 netmask 255.255.248.0 broadcast 10.117.31.255
ntp:x:38:38::/etc/ntp:/sbin/nologin
*****0:root:/roo*****
***** 255.255.248.0 br*****
? (121.43.104.78) at 00:16:3e:01:00:77 [ether] on eth1
cd database/
inet 127.0.0.1 netmask 255.0.0.0
内网环境arp -a
*****BACK,RUNNING*****
chrony:x:997:996::/var/lib/chrony:/sbin/nologin
*****6:3e:01:00:77*****
*****..*****
*****6:3e:01:02:88*****
*****d9e6d027386b5d630181.png&qu*****
cd /
*****tab*****
*****/spool/mail*****
abrt:x:173:173::/etc/abrt:/sbin/nologin
*****overruns 0 carr*****
*****tor:/root:/*****
dbus:x:81:81:System message bus:/:/sbin/nologin
ls
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
***** bytes 1231981*****
/var/lib/jenkins/jobs//restartQATomcat/config.xml
*****a:6a:e6:4c:bc*****
*****6:3e:01:00:aa*****
*****::/:/sbi*****
false
*****webup_dao/src/database/*.******
cat /etc/passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
root:x:0:0:root:/root:/bin/bash
? (121.43.104.132) at 00:16:3e:01:00:dc [ether] on eth1
*****sr*****
*****w*****
*****opped 0 ove*****
*****BROADCAST,RUNNING,*****
*****bin:/sbi*****
*****:3e:01:00:30 *****
**********
**********
*****:/sbin:/sb*****
tcpdump:x:72:72::/:/sbin/nologin
pwd
*****�列化��*****
*****c/abrt:/sb*****
? (10.117.28.2) at 00:16:3e:01:02:51 [ether] on eth0
*****
*****restartQATom*****
? (10.117.29.148) at 00:16:3e:01:02:88 [ether] on eth0
**********
cd ..
jenkins:x:996:995:Jenkins Continuous Integration Server:/var/lib/jenkins:/bin/false
*****se
ether 00:16:3e:00:30:6e txqueuelen 1000 (Ethernet)
*****个��*****
*****erProperty plugin=&q*****
halt:x:7:0:halt:/sbin:/sbin/halt
*****pool/postfix*****
*****:/sbin:/*****
cd kpluswebup_dao/
,空运报价 海运价格
郑重声明:本文版权归原作者所有,转载文章仅为传播更多信息之目的,如作者信息标记有误,请第一时间联系我们修改或删除,多谢。
| 千航国际 |
| 国际空运 |
| 国际海运 |
| 国际快递 |
| 跨境铁路 |
| 多式联运 |