工控安全之重庆市某敏感系统存在漏洞可Getshell
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;"><span style="color:black;font-family:宋体;font-size:10.0pt;">工控安全之重庆市某消防系统存在漏洞可</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">Getshell</span><span style="color:black;font-family:宋体;font-size:10.0pt;">(涉及全市建筑</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">消防系统内网拓扑</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">设备运行情况</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">短信系统沦陷</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">可伪造发送任意信息</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">实时视频监控</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">控制大量摄像头)。</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
</span><span style="color:black;font-family:宋体;font-size:10.0pt;">地址:</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">http://**.**.**.**:82/fire/login.action</span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100731773f7ef5b141d1c6aee8b2453e3216a2.png" target="_blank"><img width="553" height="322" src="https://www.2k8.org/content/uploadfile/202203/31/394765a7.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100725184d83de5754a14e39d005433faba6d8.png" target="_blank"><img width="554" height="303" src="https://www.2k8.org/content/uploadfile/202203/31/8a211dd0.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
</span><span style="color:black;font-family:宋体;font-size:10.0pt;">短信信息:</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
http://**.**.**.**:84/notesys/superlogin.jsp</span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/081008174d2f320be65b8f7dae5e24503b0a69d8.png" target="_blank"><img width="553" height="273" src="https://www.2k8.org/content/uploadfile/202203/31/11eb643d.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100810dd98108875dbda3063be3b5f448522a5.png" target="_blank"><img width="553" height="223" src="https://www.2k8.org/content/uploadfile/202203/31/260e8de2.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<div style="border:none;border-left:solid #999999 4.5pt;padding:0cm 0cm 0cm 0cm;">
<p align="left" style="border:none;font-family:等线;font-size:10.5pt;margin:0cm;margin-top:11.25pt;padding:0cm;text-align:left;text-indent:7.5pt;text-justify:inter-ideograph;word-break:break-all;">
<span style="color:black;font-family:宋体;">漏洞证明:</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;"></span>
</p>
</div>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<span style="color:black;font-family:宋体;font-size:10.0pt;">重点来了:</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
</span><span style="color:black;font-family:宋体;font-size:10.0pt;">进入数据库,大量账号泄露:涉及重庆全市。。。</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100933fca8274804a893aec51a8e5bb74acc05.png" target="_blank"><img width="553" height="281" src="https://www.2k8.org/content/uploadfile/202203/31/8279eedc.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100955ba6be6bcae475d8d58522b9275b11482.png" target="_blank"><img width="553" height="265" src="https://www.2k8.org/content/uploadfile/202203/31/93a9223b.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08100946a4e3fb389353d218119f01f907515a63.png" target="_blank"><img width="553" height="52" src="https://www.2k8.org/content/uploadfile/202203/31/369c8206.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
</span><span style="color:black;font-family:宋体;font-size:10.0pt;">进入系统,看图吧不说</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/0810104983f8afac4960b0e583cbb6a204d62c6f.png" target="_blank"><img width="553" height="279" src="https://www.2k8.org/content/uploadfile/202203/31/44876075.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08101043420dbd0536a0efaf74369e22824c2b6c.png" target="_blank"><img width="553" height="265" src="https://www.2k8.org/content/uploadfile/202203/31/769fe67f.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08101036f9bf9e97bc99294810ca50774e901897.png" target="_blank"><img width="555" height="265" src="https://www.2k8.org/content/uploadfile/202203/31/43c9a436.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"><br />
</span><span style="color:black;font-family:宋体;font-size:10.0pt;">实时视频监控</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">/</span><span style="color:black;font-family:宋体;font-size:10.0pt;">控制大量摄像头:</span><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;">....</span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08101209b92120417485b3e425a72655cd0acd9e.png" target="_blank"><img width="555" height="267" src="https://www.2k8.org/content/uploadfile/202203/31/254e4f2b.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08101201930e3fa4582addb5802a5547ae688dca.png" target="_blank"><img width="553" height="268" src="https://www.2k8.org/content/uploadfile/202203/31/b7cd29b3.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/081011511499b2d263c3f989d02e5f19b76d574c.png" target="_blank"><img width="554" height="281" src="https://www.2k8.org/content/uploadfile/202203/31/75faa87b.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/08101144fba849bd8321cd9c4e8d64f4e90df861.png" target="_blank"><img width="553" height="261" src="https://www.2k8.org/content/uploadfile/202203/31/da1cadaf.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p align="left" style="font-family:等线;font-size:10.5pt;line-height:18.75pt;margin:0cm;text-align:left;text-justify:inter-ideograph;word-break:break-all;">
<a href="https://w.hundan.org/articles/attach/201604/081011353c17914f6704547b35896b777d6b78c2.png" target="_blank"><img width="555" height="267" src="https://www.2k8.org/content/uploadfile/202203/31/f908a290.jpg" alt="" style="vertical-align:middle;" /></a><span lang="EN-US" style="color:black;font-family:Verdana,sans-serif;font-size:10.0pt;"></span>
</p>
<p style="font-family:等线;font-size:10.5pt;margin:0cm;text-align:justify;text-justify:inter-ideograph;">
<span lang="EN-US"> </span>
</p>
页:
[1]