A critical system vulnerability in UFIDA
Successful intrusion through an obsolete system and leakage of most of the source code
First, the system has a weak password http://vip.ufida.com.cn/nccsm/HomePage.aspxtest1 123456 there are a large number of weak passwords 123456
System Injection
Get the admin password through injection and log in
Upload shell in the background
Locate the configuration file and connect to the database
Collect employee tables,
You can log on to the UFIDA tkr system by using the account and password you have collected.
You can use the Upload knowledge page for shell upload.
, Audit login source code found that the system has a universal password, the password can be used to log on to any user
Protected void btnLogin_Click (object sender, EventArgs e) {string URL = "Default. aspx"; if (! String. isNullOrEmpty (Request. queryString ["previuseurl"]) URL = Server. urlDecode (Request. queryString ["previuseurl"]); string UserName = TextBox1.Text. trim (); string Password = TextBox2.Text. trim (); bool IsSuccessful = false; string Remark = ""; // if (! String. isNullOrEmpty (UserName) & Password = "tkr * 123") {Authority. instance. loginByDomainAccount (UserName); Response. redirect (URL);} else {SEAPersonService PersonService = new SEAPersonService (); PersonInfo psn = new PersonInfo (); if (rdoType1.Checked) {psn = PersonService. loginByDomainAccountWithPassword ("pdomain", UserName, Password);} else {psn = PersonService. loginByUserName (UserName, Password );}This system involves all the products of Ufida, basically all the source code, but you need to find it yourself
Solution:
Improve employees' self-check awareness