Said back on: Shanda mall found a small vulnerability: http://www.bkjia.com/Article/201303/198619.html. Tips: · due to a long period of time, some vulnerabilities may have been changed or fixed, so in some scenarios, you can only restore the event environment in the past. · This penetration may involve some data, but it has never been removed from the database and declined to cross-provincial o (I believe Shanda is not such a vendor ~) Detailed Description: after passing the grand mall test, there seems to be no clue... The IP segment is also scanned, and common vulnerabilities are also found. Is it in a dead end ..? One day on the cloud game wooyun platform, see the Grand manufacturer. Wondering if there is anything missing ..? Or you can find some information from the vulnerability history ..? As a result, you can review the Shanda network and Shanda online vulnerability history .. At this time, a place attracted me. In the x0ers friends: Shanda Network Substation source code leakage caused by sensitive information leakage, found an address. From the picture, it looks like a Game Information Server. After opening it, we found it was a grand billing business management system. Let's take a look. It's a demonstration page. There are some links, one of which is the link to download the demo package. The following file is found during the download process: download. jsp has caught attention. Open the source file and check it. Intuition tells me that this program has a vulnerability, at least at the download level. But I have never learned java, so I threw it into wvs. Wvs scan results confirm this guess. As a result, various traversal operations are in progress .... Ten minutes later, I found the source code package for the station and downloaded it.
The database connection information is found. (Oracle Database) because the Oracle database has no instances connected to the network and the address is in the Intranet, the = but the database password of the billing business management system is exposed, it seems that I am also paying attention to it...
Solution:
· Modify the Database Password in this example · Delete the unicode folder under support.billing.snda.com