Commands executed by a station in ChangHong enter the Enterprise Intranet (affecting the security of dozens of hosts) + multiple backdoor files are found to have been infiltrated

Source: Internet
Author: User

Commands executed by a station in ChangHong enter the Enterprise Intranet (affecting the security of dozens of hosts) + multiple backdoor files are found to have been infiltrated

Commands executed by a station in ChangHong enter the enterprise's large Intranet (affecting the security of dozens of hosts) + multiple backdoor files are found to have been infiltrated, and all the proxy files are available, intranet should have been infiltrated...

Founded in 1958, Changhong is a comprehensive multinational enterprise group integrating military industry, consumer electronics, and core device R & D and manufacturing. Its brand value is RMB 113.518 billion.

In recent years, Changhong has vigorously implemented its intelligent strategy, promoted industrial restructuring, and continuously improved its comprehensive competitiveness. With the powerful brands, technologies, industries, talents, markets, services, and other strengths, we will make every effort to promote the upgrading of the manufacturing industry, service industry transformation, and global development, and gradually build Changhong into a globally respectable enterprise.


Official Website: http://www.changhongit.com/


Vulnerability site: Changhong Jiahua mobile phone receiving system http: // 124.205.58.20/


The Struts2 S2-016 remote command execution exists
 


Intranet host
 


\\145 ZONGHECHAXUN 145 ZongHeChaXun

\ 1600ROM-C96D66C

\ 4031 BAOJIADANSH

\ 4042 SHENPIRIZHI

\ 4136 cfcara0000l

\\%7dakaapp2000

\ 4181 MUKOOL

\ 4221-MSTR2000

\\ 4233 ITYW

\ 4234-MSTR2003X3

\ 5025 YGGZZX 2k8R2muban

\ 5046-2361_att 5046-236TomcatTest

\ 5067 YQZLCX 5067

\ 5069 JAVATEST 5069

\ 90 SHENFAZHAN

\ 9600ROM-BC6B800

\ AIC73

\ AR-CHIT

\ ATTACHMENT attachment

\ AVAYAWEB

\ BIEE423 BIEE423

\ BLADE1-9 blade1-9

\ BLADE10

\ BLADE20

\ BLADE5

\ BLADE7

\ CHANGHON-1A7666

\ CHANGHONGIT ChangHongIt Auto Build

\ CHCLOUD

\ CHISA

\ CHIT-YTKMF6KV18

\ CHIT041

\ CHIT164

\ CHITDB179

\ CHITDY-A41461B2

\ CHITOA

\ COGNOS Cognos

\ COMMAPP

\ DAKA

\ DISCUZ

\ DNS3

\ DOMINOBUSHUCESH DominoKaiFa

\ DYNATRACE

\ E2FAXPOR

\ JIA Jia

\ JIACOGNOS jiacognos.changhongit.com

\ JIADB JiaDB

\ JIANSHE

\ JIAOHANG

\ MAIL01 4006mail01

\ MAIL01BAK mail01bak

\ MAIL02

\ MAIL03

\ MAIL04

\ MEDIA

\ MEETING

\ MINSHENG

\ NBUMANAGE

\ OPENWRT OpenWrt

\ OSGI1

\ OSGITEST

\ PRONGSIS

\ PROXY

\ SAMETIME

\ SBESERVER SBEserver

\ SHENFAZHAN shenfazhan

\ SHUMA-SVN

\ SM06

\ SQL

\ TEST2 DominoKaiFa

\ VCENTER

\ WCHUYUN wchuyun

\ WEBSERVER002 Webserver002

\ WEBSERVER2012 webserver2012

\ WIKI

\ WIN-00B6Q4SAEJC

\ WIN-1BJMVBIVO08

\ WIN-71M4409T19C

\ WIN-C1D8HRD139A

\ WIN-MAUAUOTO4VJ

\ WIN2003-32-219

\ WIN2003-AF6AC0F

\ WINDOWS-2481GPW WINDOWS-2481GPW

\ WINDOWS-CK67NPI

\ WJH225 wjh

\ WMS

\ ZARVA03

\ ZARVA08 zarva08


Multiple backdoor files were found on the server. The intrusion time was around July 2015.
 

 

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.