The java anti-sequential getshell vulnerability of a Provincial Bureau of Quality supervision involves 1.67 million industrial staff (including personal details such as name, ID card number, mobile phone number, and certificate number)
0.0
Mask Region
1.http://**.**.**/index.shtml
Java deserialization getshell
Mask Region
1.http://**.**.**/uddiexplorer/wooyun.jsp
Passwd: wooyun! @#
Db Configuration:
jdbc.jdbcUrl = jdbc\:oracle\:thin\:@localhost\:1521\:orcljdbc.user=examyoubiaojdbc.password=examyoubiao
Data Volume statistics for some tables
TB_EXAM_PAPER_MX90993361TB_EXAM_XGCL_MAP6904114TB_EXAM_OPERATE4192434SYS_LOG1711145TB_CERT1675424TB_CERT_DYJL1576203TB_EXAM_BMB1272042TB_EXAM_CZXM_MAP1218700TB_EXAM_PAPER1152639TB_CERT_SQ1100169TB_EXAM_SC869998TB_CERT_SQ_MX864242TB_EXAM_PAPER_DLXX824122TB_CERT_SQ_LOG646919TB_EXAM_SC_MX273653TB_EXAM_BMB_ZYXM219153TB_EXAM_TK116380TB_EXAM_YRDW110821
select * from EXAMNEW.TB_CERT where rownum between 1 and 100
Http: // **. **: 7001/index.shtml
Java deserialization getshell
Http: // **. **: 7001/uddiexplorer/wooyun. jsp
Passwd: wooyun! @#
Db Configuration:
jdbc.jdbcUrl = jdbc\:oracle\:thin\:@localhost\:1521\:orcljdbc.user=examyoubiaojdbc.password=examyoubiao
Data Volume statistics for some tables
TB_EXAM_PAPER_MX90993361TB_EXAM_XGCL_MAP6904114TB_EXAM_OPERATE4192434SYS_LOG1711145TB_CERT1675424TB_CERT_DYJL1576203TB_EXAM_BMB1272042TB_EXAM_CZXM_MAP1218700TB_EXAM_PAPER1152639TB_CERT_SQ1100169TB_EXAM_SC869998TB_CERT_SQ_MX864242TB_EXAM_PAPER_DLXX824122TB_CERT_SQ_LOG646919TB_EXAM_SC_MX273653TB_EXAM_BMB_ZYXM219153TB_EXAM_TK116380TB_EXAM_YRDW110821
select * from EXAMNEW.TB_CERT where rownum between 1 and 100
Solution:
Update patch