济华燃气SCADA实时监控平台
**.**.**.**:8085/login.jsp
弱口令admin/123456 涉及的单位一览
电脑不知道是配置的问题还是怎么,svg无法预览,在那一台电脑上可以看到,不过没有截图,就这样吧 转到后台可以看到整个单位的
后台存在struts2命令执行,直接添加管理员登陆远程桌面,双网卡均在内网,可内网渗透
找到控制系统,可以人机交互 地区管网分布
工艺图,均可以发送指令控制系统
燃气管路信息
系统的配置图
找到了部分数据库信息
# -- Hibernate Configuration for JUnit tests -- dao.type=hibernate hibernate.connection.username=ies_ms hibernate.connection.password=iesapp hibernate.dialect=org.hibernate.dialect.SybaseDialect hibernate.connection.url=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/emmi hibernate.connection.driver_class=net.sourceforge.jtds.jdbc.Driver #hibernate.connection.username=ies #hibernate.connection.password=ieslab #hibernate.dialect=org.hibernate.dialect.Oracle9iDialect #hibernate.connection.url=jdbc\racle\:thin\**.**.**.**\:1521\:iesOrcl #hibernate.connection.driver_class=oracle.jdbc.driver.OracleDriver #hibernate.connection.username=liuxiaojun #hibernate.connection.password=liuxiaojun #hibernate.dialect=org.hibernate.dialect.Oracle10gDialect #hibernate.connection.url=jdbcracle:thin**.**.**.**:1521rcl #hibernate.connection.driver_class=oracle.jdbc.driver.OracleDriver hibernate.show_sql=false hibernate.hbm2ddl.auto=update hibernate.hbm2ddl.autoSqlCim=update hibernate.connection.usernameSqlCim=ies_ms hibernate.connection.passwordSqlCim=iesapp hibernate.dialectSqlCim=org.hibernate.dialect.SybaseDialect ##hibernate.connection.urlSqlCim=jdbc\:jtds\:sqlserver\**.**.**.**\:1312/CIM hibernate.connection.urlSqlCim=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/CIM hibernate.connection.driver_classSqlCim=net.sourceforge.jtds.jdbc.Driver hibernate.hbm2ddl.autoSqlHis=update hibernate.connection.usernameSqlHis=ies_ls hibernate.connection.passwordSqlHis=iesapp hibernate.dialectSqlHis=org.hibernate.dialect.SybaseDialect ##hibernate.connection.urlSqlHis=jdbc\:jtds\:sqlserver\**.**.**.**\:1312/UAS_History hibernate.connection.urlSqlHis=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/UAS_History hibernate.connection.driver_classSqlHis=net.sourceforge.jtds.jdbc.Driver
# -- Hibernate Configuration for JUnit tests --
dao.type=hibernate
hibernate.connection.username=ies_ms
hibernate.connection.password=iesapp
hibernate.dialect=org.hibernate.dialect.SybaseDialect
hibernate.connection.url=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/emmi
hibernate.connection.driver_class=net.sourceforge.jtds.jdbc.Driver
#hibernate.connection.username=ies
#hibernate.connection.password=ieslab
#hibernate.dialect=org.hibernate.dialect.Oracle9iDialect
#hibernate.connection.url=jdbc\racle\:thin\**.**.**.**\:1521\:iesOrcl
#hibernate.connection.driver_class=oracle.jdbc.driver.OracleDriver
#hibernate.connection.username=liuxiaojun
#hibernate.connection.password=liuxiaojun
#hibernate.dialect=org.hibernate.dialect.Oracle10gDialect
#hibernate.connection.url=jdbcracle:thin**.**.**.**:1521rcl
hibernate.show_sql=false
hibernate.hbm2ddl.auto=update
hibernate.hbm2ddl.autoSqlCim=update
hibernate.connection.usernameSqlCim=ies_ms
hibernate.connection.passwordSqlCim=iesapp
hibernate.dialectSqlCim=org.hibernate.dialect.SybaseDialect
##hibernate.connection.urlSqlCim=jdbc\:jtds\:sqlserver\**.**.**.**\:1312/CIM
hibernate.connection.urlSqlCim=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/CIM
hibernate.connection.driver_classSqlCim=net.sourceforge.jtds.jdbc.Driver
hibernate.hbm2ddl.autoSqlHis=update
hibernate.connection.usernameSqlHis=ies_ls
hibernate.connection.passwordSqlHis=iesapp
hibernate.dialectSqlHis=org.hibernate.dialect.SybaseDialect
##hibernate.connection.urlSqlHis=jdbc\:jtds\:sqlserver\**.**.**.**\:1312/UAS_History
hibernate.connection.urlSqlHis=jdbc\:jtds\:sqlserver\**.**.**.**\:1433/UAS_History
hibernate.connection.driver_classSqlHis=net.sourceforge.jtds.jdbc.Driver
内网中找到一个海康威视摄像头,雾霾大的都看不清了。。。
