A series of security problems caused by China Telecom's system negligence

Source: Internet
Author: User
Tags fsm

With a trembling hand, the weak password went in and found a series of security problems. The fsm service can be used to locate the problems, send text messages through sms, and even affect Telecom user data.
This system should have been adopted by China Telecom. It is recommended that cncert notify China Telecom to check the system ~

Googlehacking

Intitle: telecom field intext: megasoft

This is a field management system developed by China Telecom and megasoft. after entering a mobile phone number, employees will activate the fsm service. This system can be used to locate, send text messages, view and draw a road map, and perform other operations.

Test user

Password 123456

Taking http://www.189dw.com: 8081 as an Example

The test user successfully logs in,




Location


Draw a Roadmap


Getshell:

Http://www.xxx.com: 8081/common/JSPs/file. jsp

Arbitrary File Upload directly getshell


Positioning longitude and latitude:

The http://www.189dw.com: 8081/positionmap. mapemployee. do? Stimeid = 0.4427834945057538 & positionmap_smobile = Mobile Phone Number ~


Send text messages via sms

The http://www.189dw.com: 8081/positionmap. newsms. do? Ui_key = positionmap-sendsms-pop & ui_tokey = & ui_tohref = % 2Fpositionmap. no. do % 3F & ui_toform = & positionmap_smobile = Mobile Phone Number @ & mobile phone number @





After getshell finds that the permission is too high, it is root directly. After the ssh configuration is changed, the ip address and user group restrictions are removed and the server is connected successfully, and a bigger problem is found, the telecom user data in this province is stored naked on servers.




 

The data is too big to be directly looked at. I was so scared that I had to log out in a hurry.

 

Solution:

Delete test user

Enhance permission Control

Verify File Upload



 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.