Weak Lily net password causes a large amount of internal employee information leakage

Weak Lily net password causes a large amount of internal employee information leakage

Weak passwords on a platform of Lily net cause a large amount of internal employee information leakage

PS: President, what are the targets?

Http://oa.baihe.com: 3220/jsoa/login. jsp


The vulnerability is here ~ JSPX Architecture

Jspx is a rapid web development framework from Egypt.

However, the admin user is found

And the user test, after repeated attempts, the password is weak password 111111

[Email protected] (Vice President) 7788250, I have changed the password

Advanced
 

Easy to understand

 

Mask Region

  
   
* ***** President jaso **********? Lily. Senior Vice President of President office? * ********* Wu Ping female Lily. Total? * *********] Chen Hui male Lily net .? * *********] Li Hao male Lily net .? * *********] Xie Mei, female, Lily net .? * ********] Yang Yixin male Lily? * *********] Yu Xiang male Lily net .? * *********] Turning to irong female Lily? * **********?] Female Lily? * *********] Kong fan taimale Lily? * **********?] Li Fei male Lily? * ********] Liu xiaoduan female Lily? * ********] Yellow Sea super male Lily? **********?? Short Message *****
  

 

 

Mask Region

  
   
* ***** President jaso *********** male Lily. Senior Vice President of President office? *****
  

Http://oa.baihe.com: 3220/jsoa/WorkFlowProcAction. do? Flowpara = 1 & search = & workTitle = & activityName = % B7 % A2 % C6 % F0 % C8 % CB % B4 % F2 % D3 % A1 & submitPersonId = 10026614 & submitPerson = % b6 % C5 % BB % A2 & work = 10749050 & workType = 1 & activity = 1210458 & table = 1209987 & record = 10748914 & processName = BH009-% BD % E8 % BF % EE % C0 % E0 % C1 % F7 % B3 % CC & workStatus = 1011 & submitTime = 2015-11-23% 6:0000:08. 0 & processId = 1210437 & stepCount = 1 & isStandForWork = 0 & standForUserId = 0 & standForUserName = null & initActivity = 1210439 & initActivityName = % BE % AD % C0 % ED & submitPersonTime = % 6:6:00:08. 0 & tranType = null & tranFromPersonId = null & fromdesktop = 1

 

Mask Region

  
   
*****?? **********?. Finance? * ********** 015-11 *********** 2015 -**********?? **********??? **********??? * ********* Fund management? * ********* Pay? **********? **********?? 20? **********? **********?? Silver? **********?? OK? **********?? Silver? * ********* 1074 **********? Jin? * ********** 00 **********?? **********?? * ********* Billing? * ******************* Payment? **********? **********?? **********?? * ********** O **********?? **********? Core? **********?? **********? With <************************************** ** difference? * *********-11? * *********-11 **********?? **********??? ********************? **********? What is it about **********?? **********??? ********************?? * ********* 56591 **********?? **********? Use? ********************? **********? Combined? * ********** Reporter? **********??? * **********. The address is at ************************* coin? **********?? ******************************?? **********? Why? **********??? ********************?? **********?? **********??? **********??? ********************?? ********************?? **********? Pre? ********************??? **********?? **********?? **********??? * ******************** Payment application? ***********************************
  

 
Http://oa.baihe.com: 3220/jsoa/WorkFlowProcAction. do? Flowpara = 1 & search = & workTitle = & activityName = % D4 % A4 % CB % E3 % B5 % C7 % BC % C7 & submitPersonId = 10025783 & submitPerson = % BA % CE % BA % A3 % B2 % A8 & work = 10630669 & workType = 1 & activity = 1056261 & table = 1059835 & record = 10630491 & processName = BH005-% B1 % A8 % CF % FA % C0 % E0 % C1 % F7 % B3 % CC & workStatus = 1011 & submitTime = % 2009:53:07. 0 & processId = 1051231 & stepCount = 2 & isStandForWork = 0 & standForUserId = 0 & standForUserName = null & initActivity = 1051253 & initActivityName = % D7 % DC % BC % E0 & submitPersonTime = % 2009:53:07. 0 & tranType = null & tranFromPersonId = null & fromdesktop = 1


Http://oa.baihe.com: 3220/jsoa/WorkFlowProcAction. do? Flowpara = 1 & search = & workTitle = & activityName = % B7 % A2 % C6 % F0 % C8 % CB % C7 % A9 % CA % D5 & submitPersonId = 10026614 & submitPerson = % b6 % C5 % BB % A2 & work = 10051530 & workType = 1 & activity = 4357994 & table = 4251356 & record = 10051506 & processName = BH022-% C3 % FB % C6 % AC % C9 % EA % C7 % EB % B5 % A5 & workStatus = 1011 & submitTime = % 6:6. 0 & processId = 4252230 & stepCount = 1 & isStandForWork = 0 & standForUserId = 0 & standForUserName = null & initActivity = 4354831 & initActivityName = % C9 % CF % BC % B6 % C1 % EC % B5 % BC & submitPersonTime = 2015-10-09% 6:6:04:55. 0 & tranType = null & tranFromPersonId = null & fromdesktop = 1


 

Mask Region

  
   
*****?? ********************?? Rong? ********************?? ********************? ********************?? * ******************* 10 -**********?? * ******************** 10? ********************? ********************??? * ******************** Points? ******************* 188-8 **********?? * ******************* 290 ******************* *?? ******************086 ******************* *? ******************** Ihe .**********?? ********************?? **********?? ********************? Department adjustment? **********??? ********************?? Yes. When the business card is printed? * ********* 5-10-0 **********?? ********************? * ********* 15-10-0 **********?? * *******************, Gu system? * ********* 15-10-1 ************ de & g ************ * ** 1. http ://**. **. **/jsoa/WorkFlowProcAction. doflowpara = 1 & search = & workTitle = & activityName = % B7 % A2 % C6 % F0 % C8 % CB % C7 % A9 % CA % D5 & submitPersonId = 9740083 & submitPerson = % b2 % DC % C0 % F6 % C0 % F6 & work = 9759363 & workType = 1 & activity = 4357994 & table = 4251356 & record = 9759339 & processName = BH022-% C3 % FB % C6 % AC % C9 % EA % C7 % EB % B5 % A5 & workStatus = 1011 & submitTime = % 2010:21:28. 0 & processId = 42 52230 & stepCount = 1 & isStandForWork = 0 & standForUserId = 0 & standForUserName = null & initActivity = 4354831 & initActivityName = % C9 % CF % BC % B6 % C1 % EC % B5 % BC & submitPersonTime = % 2010:21:28. 0 & tranType = null & tranFromPersonId = null & fromdesktop = 1 _*************************?? ********************?? Rong? ********************?? ********************?? ********************?? * ******************* 09 -**********?? * ****************** 9-1 ***************** ***? * ******************** Center? * ******************** Points? ******************** 8-81 **********?? * ******************* 596 ******************* *?? ******************************? ******************** Aihe **********?? ********************??? * *************** 2. http ://**. **. **/jsoa/InformationAction. doaction = openInfo & channelId = 154488 & informationId = 1267873 & channelName = % B9 % AB % B8 % E6 & userChannelName = % B9 % AB % B9 % B2 % D0 % C5 % CF % a2 & checkdepart = null & redHead = 0 & informationType = 1 & channelType = 1 _ *********************** 3. ://**. **. ** // oa.baihe.com: 3220/jsoa/InformationAction. doaction = openInfo & channelId = 154488 & informationId = 1267873 & channelName = % B9 % AB % B8 % E6 & userChannelName = % B9 % AB % B9 % B2 % D0 % C5 % CF % a2 & checkdepart = null & redHead = 0 & informationType = 1 & channelType = 1
  

_
**********
**********
*****? ? *****
**********
*****?? *****
**********
*****?? Period? *****
*****
*****
**********
*****? Contact? *****
**********
*****?? *****
**********
* *** 0/4 (Saturday) (Sunday? *****
**********
* ***** Li ran Zhao Yong *****
**********
* ***** 13911646160 1381088579 *****
**********
*****?? *****
**********
* ***** (Sunday )*****
**********
* ***** Yang xiuming *****
**********
* ***** 810071159 *****
**********
**********
*****?? *****
**********
* ***** 1 (Sunday )*****
**********
*****?? Lei *****
**********
* ***** 15210325356 *****
**********
**********
**********
*****?? *****
**********
* ***** Friday) 2 *****
**********
*****? *****
**********
* ***** 5793 *****
**********
**********
**********
*****?? *****
**********
* ***** (Sunday )*****
**********
*****? Brave *****
**********
* ***** 0885793 *****
**********
**********
*****?? Information? *****
**********
***** 3efa6d0f7f1d.jpg "alt = & quo *****
**********
**********
**********
* ***** 27a6cd84a0e224e9f3.jpg "*****
**********
**********
***** Feceb6e35c95fa4b3bec.jpg & qu *****
**********
**********
* ***** Ode *****
* ***** Vice president of the business department *****
*****
*****
* *** Email] [? *****
* ***** Li Dong, department manager ,*****
*****
*****
* *** Email] [? *****
* ***** Manager Li Dong, no *****
*****
*****
* *** Email] [? *****
* ***** Li Dong, department manager ,*****
*****
*****
* *** Email] [? *****
*****? Department employee Li Dong ,? *****
*****
*****
* *** Email] [? *****
* ***** Department employee Cao Lili ,? *****
*****
*****
* *** Email] [? *****
*****?? Department employee Li Dong ,? *****
*****
*****
* *** Email] [? *****
* ***** Department employee Cao Lili ,? *****
*****
*****
* *** Email] [? *****
* ***** Department employee Cao Lili ,? *****
**********
***** E601c38c9c9f527c4389.jpg & qu *****
**********
**********
*****? President jasonti *****
**********
**********
*****?? Vice president: 15810921777 z *****
**********
**********
*****? Executive Vice President of the CD *****
**********
**********
* *****. Com *****
**********
? *****
* *****-11 *****
*****
*****
? *****
* *****-11 *****
*****?? *****
*****??? *****
*****
*****
*****? *****
*****? Financial event *****
*****?? *****
*****??? *****
*****
*****
*****?? *****
* ***** 56591 *****
*****?? *****
*****? Use? *****
*****
*****
*****? *****
*****? Combined? *****
* *** Operator? *****
*****??? *****
* *****. The address is in *****
* ***** 1
*****
* *** Currency? *****
*****?? *****
*****
*****
*****
*****
*****?? *****
* ***** 1
*****
*****? Why? *****
*****??? *****
*****
*****
*****?? *****
*****?? *****
*****??? *****
*****??? *****
*****
*****
*****?? *****
*****
*****
*****?? *****
*****? Pre? *****
*****
*****
*****??? *****
*****?? *****
*****?? *****
*****??? *****
*****
*****
* *** Payment application? *****
*****
*****
*****
*****
**********

Http://oa.baihe.com: 3220/jsoa/CheckUser. jspx


Test 111111 administrator privilege to modify the password of any employee ~~