A station of prudential Trust has command execution (involving millions of users/involving massive amounts of capital data/involving multiple bank agents)
RT
**. **: 7002/etrading/command execution exists. a large amount of information is found by writing shell to configure the database.
Personal information of Agent users, trust information, cooperation information of multiple banks, and information of bank owners.
If the data is too large, only part of the evidence is intercepted.
jdbc:oracle:thin:@**.**.**.**:1521:tcmp
oracle.jdbc.OracleDriver
user
etrust
{AES}l/ZDIOSDHqEcLIKlfDQ3kTWJucuvuD9LSQcUSAdreKs=
etrust
jdbc:oracle:thin:@**.**.**.**:1521:tcmp
oracle.jdbc.OracleDriver
user
cctcrm
{AES}nTXXJv//UNBAEPlfboQ6HRR80vwCDKuSj2Mt/C/ZENo=
cctcrm
**.**.**.** >> >>Microsoft-IIS/7.5 >>Success**.**.**.** >> >>Serv-U/**.**.**.** >>Success**.**.**.** >> >>Resin/3.1.8 >>Success**.**.**.** >> Apache Tomcat>>Apache-Coyote/1.1 >>Success**.**.**.** >> IIS7>>Microsoft-IIS/7.5 >>Success**.**.**.** >> >>Microsoft-IIS/7.5 >>Success**.**.**.** >> >>Microsoft-IIS/7.5 >>Success**.**.**.** >> >>Microsoft-IIS/7.5 >>Success**.**.**.** >> >>Microsoft-IIS/7.5 >>Success**.**.**.** >> IIS7>>Microsoft-IIS/7.5 >>Success**.**.**.** >> HP LaserJet 400 M401dn **.**.**.**>>Virata-EmWeb/R6_2_1 >>Success
Intranet Test
**.**.**.**:7002/etrading/1.jspx 9635789
Solution: