GETSHELL (involving payment interfaces), a financial platform of Anbang Insurance)

GETSHELL (involving payment interfaces), a financial platform of Anbang Insurance)

An insurance server: http: // 123.127.251.8: 7001/console/login/LoginForm. jsp

From the project deployed in it, it should be stored and paid interface.



Previously, WooYun was exposed on this server: The ambang insurance vulnerability can leak a large amount of sensitive information about users and internal personnel.



Weblogic deserialization Vulnerability

Bounce getshell
 

Current weblogic user
 

Database information. There are 6 parts in total:
 

 

     
  
   jdbc:oracle:thin:@10.10.139.1:1521:finarp
      
  
   oracle.jdbc.OracleDriver
      
        
           
    
     user
            
    
     finflat
          
       
      
  
   {AES}621IzvOdaRybPZCEdeomPTpqBvZlVueE+tEOt7vR1WU=
    
 

 

     
  
   jdbc:oracle:thin:@10.10.134.23:1521:slistest
      
  
   oracle.jdbc.xa.client.OracleXADataSource
      
        
           
    
     user
            
    
     lis
          
       
      
  
   {AES}GiqK56bmIBwlqHu5xKAX5WzNld+SHMOvQ+HK0IsBoLE=
    
 

Project information. There should be two main projects: confirmAccountPlat and yeePayProxy.
 

There are many payment interfaces, certificate information, server interfaces, certificates, and other information.
 

 

Project source code and database backup information
 

 

 

Solution:

You know