中石化某重要系统JAVA反序列化命令执行（ROOT+可入内网）

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0166055

漏洞标题：中石化某重要系统JAVA反序列化命令执行（ROOT+可入内网）

漏洞作者：牛小帅

提交时间：2015-12-30 15:03

修复时间：2016-02-12 18:49

公开时间：2016-02-12 18:49

漏洞类型：命令执行

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-12-30：细节已通知厂商并且等待厂商处理中
2015-12-30：厂商已经确认，细节仅向厂商公开
2016-01-09：细节向核心白帽子及相关领域专家公开
2016-01-19：细节向普通白帽子公开
2016-01-29：细节向实习白帽子公开
2016-02-12：细节向公众公开

简要描述：

@中国石油化工股份有限公司中石化大哥给分太低了吧,能不能给个15啊 ,大过年你给我5wb太少了吧
[b](root权限+可探测内网3台主机)[/b]

详细说明：

站点：是供应商系统

http://supplier.sinopec.com:9001

存在weblogic应用
root权限

root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
snapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
ipsec:*:201:1::/etc/ipsec:/usr/bin/ksh
nuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
esaadmin:*:10:0::/var/esa:/usr/bin/ksh
supp:!:202:1::/supftp:/usr/bin/bsh

活动的 Internet 连接 （包括服务器）
Proto Recv-Q Send-Q  本地地址      外部地址    （状态）
tcp        0      0  *.*                    *.*                    CLOSED
tcp4       0      0  *.*                    *.*                    CLOSED
tcp4       0      0  *.13                   *.*                    LISTEN
tcp        0      0  *.21                   *.*                    LISTEN
tcp        0      0  *.23                   *.*                    LISTEN
tcp4       0      0  *.25                   *.*                    LISTEN
tcp4       0      0  *.37                   *.*                    LISTEN
tcp4       0      0  *.111                  *.*                    LISTEN
tcp        0      0  *.199                  *.*                    LISTEN
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46152      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46172      ESTABLISHED
tcp        0      0  10.2.188.177.51524     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46288      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46313      ESTABLISHED
tcp        0      0  *.427                  *.*                    LISTEN
tcp        0      0  10.2.188.177.51603     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.51664     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.512                  *.*                    LISTEN
tcp        0      0  *.513                  *.*                    LISTEN
tcp        0      0  *.514                  *.*                    LISTEN
tcp        0      0  10.2.188.177.51689     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.657                  *.*                    LISTEN
tcp        0      0  10.2.188.177.52068     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.52250     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  *.1334                 *.*                    LISTEN
tcp        0      0  10.2.188.177.52754     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.137.64.51.57721     ESTABLISHED
tcp        0      0  10.2.188.177.53322     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.54216     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.54694     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55344   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55345   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55346   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55347   ESTABLISHED
tcp4       0      0  10.2.188.177.7007      10.248.250.61.56077    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53080   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53081   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53125   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53126   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53127   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53129   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53130   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53131   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53132   FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.5.99.1.54194        ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.5.99.1.54315        FIN_WAIT_2
tcp        0      0  10.2.188.177.56082     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.5001                 *.*                    LISTEN
tcp        0      0  *.5335                 *.*                    LISTEN
tcp        0      0  *.5336                 *.*                    LISTEN
tcp        0      0  *.5988                 *.*                    LISTEN
tcp        0      0  *.5989                 *.*                    LISTEN
tcp        0      0  *.6181                 *.*                    LISTEN
tcp        0      0  10.2.188.177.57401     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.32959     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57460     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57461     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57463     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57465     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57468     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57470     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57471     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57473     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57474     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57476     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57477     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57478     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57479     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57481     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57486     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57487     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.23        10.5.24.34.1524        ESTABLISHED
tcp        0      0  10.2.188.177.57491     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57496     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57498     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57502     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57509     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57513     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57517     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57521     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57533     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57535     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57536     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57554     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57558     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57563     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57571     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57572     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57604     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33423     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57967     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33493     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33587     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.6987                 *.*                    LISTEN
tcp        0      0  10.2.188.177.59098     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.1982     ESTABLISHED
tcp        0      0  10.2.188.177.34761     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.102.170.25.3268     FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.102.170.25.3271     FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62977       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62978       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62979       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62980       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62981       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62984       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62986       FIN_WAIT_2
tcp        0      0  *.32769                *.*                    LISTEN
tcp4       0      0  *.32773                *.*                    LISTEN
tcp4       0      0  *.32774                *.*                    LISTEN
tcp        0      0  *.32779                *.*                    LISTEN
tcp        0      0  *.32785                *.*                    LISTEN
tcp        0      0  10.2.188.177.35050     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.2433     ESTABLISHED
tcp        0      0  10.2.188.177.35227     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  *.9090                 *.*                    LISTEN
tcp        0      0  10.2.188.177.35769     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.36060     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.9510                 *.*                    LISTEN
tcp        0      0  10.2.188.177.60765     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.36691     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.61660     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.37323     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.61992     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62035     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62101     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.80        *.*                    LISTEN
tcp        0      0  10.2.188.177.62354     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38117     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62625     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62672     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38737     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38781     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39007     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63559     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39062     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63622     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63759     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39287     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63797     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63869     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63135   ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.57428     ESTABLISHED
tcp        0      0  10.2.188.177.57428     10.2.188.177.7001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63138   ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.57429     ESTABLISHED
tcp        0      0  10.2.188.177.57429     10.2.188.177.7001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63142   ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63150   ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63151   ESTABLISHED
tcp        0      0  10.2.188.177.64103     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.61950                *.*                    LISTEN
tcp        0      0  10.2.188.177.64208     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64263     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39845     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39982     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  127.0.0.1.9514         *.*                    LISTEN
tcp4       0      0  127.0.0.1.9515         *.*                    LISTEN
tcp        0      0  10.2.188.177.40096     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64663     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15992  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15993  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15994  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16004  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16007  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16008  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16009  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16010  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16011  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16012  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16013  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16014  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16015  FIN_WAIT_2
tcp        0      0  10.2.188.177.40276     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64800     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40459     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40738     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.14248                *.*                    LISTEN
tcp        0      0  10.2.188.177.65497     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41256     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41713     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41714     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41715     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41716     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41718     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41719     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41720     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41721     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41722     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41727     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41728     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41729     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41730     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41731     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41732     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41733     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41734     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41735     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41736     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41737     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41738     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41739     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41740     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41741     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41742     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41743     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41744     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41745     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41746     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41747     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.9302     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.9313     ESTABLISHED
tcp        0      0  10.2.188.177.42742     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.16191                *.*                    LISTEN
tcp4       0      0  127.0.0.1.199          127.0.0.1.32768        ESTABLISHED
tcp4       0      0  127.0.0.1.32768        127.0.0.1.199          ESTABLISHED
tcp        0      0  10.2.188.177.43221     10.5.86.196.1521       ESTABLISHED
tcp6       0      0  ::1.32777                                     ::1.32778                                     CLOSE_WAIT
tcp4       0      0  10.2.188.177.7001      10.2.188.178.61303     ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.178.61304     ESTABLISHED
tcp        0      0  10.2.188.177.43565     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.37434     ESTABLISHED
tcp        0      0  10.2.188.177.37434     10.2.188.177.7001      ESTABLISHED
tcp        0      0  10.2.188.177.44112     10.5.86.197.1521       ESTABLISHED
tcp        0      0  10.2.188.177.7001      *.*                    LISTEN
tcp        0      0  10.2.188.177.7003      *.*                    LISTEN
tcp        0      0  10.2.188.177.7004      *.*                    LISTEN
tcp        0      0  10.2.188.177.7007      *.*                    LISTEN
tcp4       0      0  10.2.188.177.9002      10.2.188.178.60923     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55165    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55166    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55172    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55173    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55174    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55175    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55176    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55177    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55178    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55185    ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49822     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49824     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49828     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49829     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49830     ESTABLISHED
tcp4       0   1214  10.2.188.177.80        10.175.1.126.49831     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49832     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49833     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49834     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49841     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.59784    ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61594     ESTABLISHED
tcp        0      0  10.2.188.177.61594     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61607     ESTABLISHED
tcp        0      0  10.2.188.177.61607     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61608     ESTABLISHED
tcp        0      0  10.2.188.177.61608     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61609     ESTABLISHED
tcp        0      0  10.2.188.177.61609     10.2.188.177.9002      ESTABLISHED
tcp        0      0  10.2.188.177.61614     10.2.188.178.9003      ESTABLISHED
tcp        0      0  10.2.188.177.45799     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.45862     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.46035     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60787    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60788    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60789    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60790    ESTABLISHED
tcp        0      0  10.2.188.177.9001      *.*                    LISTEN
tcp        0      0  10.2.188.177.9002      *.*                    LISTEN
tcp        0      0  10.2.188.177.9003      *.*                    LISTEN
tcp4       0      0  10.2.188.177.80        10.81.48.118.1481      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19964    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19970    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19975    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19976    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19978    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19979    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20028    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20048    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20049    FIN_WAIT_2
tcp        0      0  10.2.188.177.40426     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40581     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40653     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40684     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40747     10.2.188.178.7004      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.84.13.79.59402      ESTABLISHED
tcp        0      0  10.2.188.177.40843     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40853     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40855     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40857     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40863     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40864     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40867     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40868     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40886     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40891     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40892     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40893     10.2.188.178.7003      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.144.2.45.50081      ESTABLISHED
tcp4       0      0  10.2.188.177.7003      10.2.188.177.40901     ESTABLISHED
tcp        0      0  10.2.188.177.40901     10.2.188.177.7003      ESTABLISHED
tcp4       0      0  10.2.188.177.7004      10.2.188.177.40910     ESTABLISHED
tcp        0      0  10.2.188.177.40910     10.2.188.177.7004      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.85.166.94.3933      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.85.166.94.3956      ESTABLISHED
tcp        0      0  10.2.188.177.47495     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.47910     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.64021     ESTABLISHED
tcp        0      0  10.2.188.177.64021     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.2.188.177.64072     ESTABLISHED
tcp        0      0  10.2.188.177.64072     10.2.188.177.9001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.84.43.146.3852      ESTABLISHED
tcp        0      0  10.2.188.177.48903     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      123.125.71.117.50481   FIN_WAIT_2
tcp        0      0  10.2.188.177.48992     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40852     10.2.188.178.9003      ESTABLISHED
tcp        0      0  10.2.188.177.49352     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9003      10.2.188.177.40899     ESTABLISHED
tcp        0      0  10.2.188.177.40899     10.2.188.177.9003      ESTABLISHED
tcp        0      0  10.2.188.177.40902     10.2.188.178.9003      ESTABLISHED
tcp4       0      0  10.2.188.177.9003      10.2.188.177.40905     ESTABLISHED
tcp        0      0  10.2.188.177.40905     10.2.188.177.9003      ESTABLISHED
tcp        0      0  10.2.188.177.49625     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.49780     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40031     10.2.133.102.80        LAST_ACK
tcp4       0      0  10.2.188.177.9002      10.2.188.177.41706     ESTABLISHED
tcp        0      0  10.2.188.177.41706     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4822      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4823      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4824      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4825      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4826      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4827      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4828      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4829      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4830      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4831      ESTABLISHED
tcp        0      0  10.2.188.177.50680     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  127.0.0.1.32769        127.0.0.1.32771        ESTABLISHED
tcp        0      0  127.0.0.1.32771        127.0.0.1.32769        ESTABLISHED
tcp4       0      0  127.0.0.1.32769        127.0.0.1.32772        ESTABLISHED
tcp        0      0  127.0.0.1.32772        127.0.0.1.32769        ESTABLISHED
tcp4       0      0  10.2.188.177.9001      114.242.173.178.59010  ESTABLISHED
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.13                   *.*                   
udp4       0      0  *.37                   *.*                   
udp4       0      0  *.111                  *.*                   
udp        0      0  127.255.255.255.123    *.*                   
udp        0      0  10.2.188.255.123       *.*                   
udp4       0      0  127.0.0.1.123          *.*                   
udp4       0      0  10.2.188.177.123       *.*                   
udp4       0      0  *.123                  *.*                   
udp        0      0  *.161                  *.*                   
udp        0      0  *.427                  *.*                   
udp        0      0  *.514                  *.*                   
udp4       0      0  *.518                  *.*                   
udp        0      0  *.657                  *.*                   
udp4       0      0  *.2279                 *.*                   
udp        0      0  *.7001                 *.*                   
udp        0      0  *.7001                 *.*                   
udp4       0      0  *.32783                *.*                   
udp4       0      0  *.32809                *.*                   
udp4       0      0  *.32818                *.*                   
udp4       0      0  *.32831                *.*                   
udp4       0      0  *.32844                *.*                   
udp4       0      0  *.32857                *.*                   
udp4       0      0  *.32862                *.*                   
udp        0      0  *.32927                *.*                   
udp        0      0  *.32970                *.*                   
udp        0      0  *.9002                 *.*                   
udp        0      0  *.14252                *.*                   
udp        0      0  *.14253                *.*                   
活动的 UNIX domain sockets
SADR/PCB  Type   Recv-Q Send-Q Inode    Conn     Refs     Nextref  Addr
f1000e0001ca9808 dgram       0      0 f1000a028076f820                0                0                0 /dev/.SRC-unix/SRCsHasib
f1000e0001cab500
f1000e00027b2808 dgram       0      0 f1000a0281160c20                0                0                0 /dev/.SRC-unix/SRCzLasif
f1000e0001cabf80
f1000e0001caec08 dgram       0      0 f1000a028077fc20                0                0                0 /dev/.SRC-unix/SRCtLasic
f1000e0001cab980
f1000e00027b4008 dgram       0      0 f1000a02810f0c20                0 f1000e00029eac00                0 /dev/log
f1000e0001cabf00
f1000e00027b4408 dgram       0      0 f1000a0281280820                0                0                0 /dev/.SRC-unix/SRCzXasid
f1000e0001cab280
f1000e0001ca9408 dgram       0      0 f1000a0281260c20                0                0                0 /dev/.SRC-unix/SRC1Lasih
f1000e0001cab080
f1000e0001ca9008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000a28300
f1000e0001cab780
f1000e00027b4c08 dgram       0      0 f1000a02812a0c20                0                0                0 /dev/.SRC-unix/SRC1Xasii
f1000e0001cabb00
f1000e00027b3c08 dgram       0      0 f1000a0280cf1020                0                0                0 /dev/.SRC-unix/SRC1-asij
f1000e0001cab800
f1000e00027bbc08 stream      0      0 f1000a0281216420                0                0                0 /var/cim/elasocket_cimv2
f1000e0000051100
f1000e00027ba808 dgram       0      0 f1000a0281142020                0                0                0 /dev/.SRC-unix/SRC5Xasik
f1000e0001cabd00
f1000e00027bc408 stream      0      0 f1000a02813d5c20                0                0                0 /var/ct/IW/soc/mc/rmsrv
f1000e0001cab600
f1000e00027b8008 stream      0      0 f1000a0281345c20                0                0                0 /var/ct/IW/soc/mc/clsrv
f1000e0001cab880
f1000e00027b7008 stream      0      0 f1000a0281457020                0                0                0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab380
f1000e00027bc808 stream      0      0 f1000a0281359420                0                0                0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e0001cab680
f1000e00027bb808 stream      0      0                0 f1000e00027bff80                0                0
f1000e0001cab900
f1000e00027b8408 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000f67980
f1000e00027bfe00
f1000e00027b3808 dgram       0      0 f1000a02813b6420                0                0                0 /dev/.SRC-unix/SRCcXasim
f1000e0001cab100
f1000e00027bc008 stream      0      0 f1000a02813a7020                0                0                0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab200
f1000e00027be408 stream      0      0                0 f1000e0001cab300                0                0
f1000e0001cab000
f1000e00027b7408 stream      0      0                0 f1000e0001cab700                0                0
f1000e0001cabd80
f1000e00027ed808 stream      0      0 f1000a029bb9b820                0                0                0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00027bf080
f1000e0002e4a008 dgram       0      0                0 f1000e0001cabf00                0 f1000e00027bfe00
f1000e00027bfd80
f1000e00027e3808 stream      0      0                0                0                0                0
f1000e0003389780
f1000e0002caa808 stream      0      0                0                0                0                0
f1000e0003499e00
f1000e0002865c08 dgram       0      0                0 f1000e0001cabf00                0 f1000e00027bfd80
f1000e00029eac00
f1000e0000a21808 dgram       0      0 f1000a028085f420                0                0                0 /dev/.SRC-unix/SRCsXasia
f1000e0000a28800
f1000e0000521008 dgram       0      0 f1000a02806cf420                0                0                0 /dev/SRC
f1000e0000520180
f1000e0000f66808 dgram       0      0 f1000a02811f0c20                0                0                0 /dev/.SRC-unix/SRCz-asig
f1000e0000f67300
f1000e000053d008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0001cab780
f1000e0000520c80
f1000e0000f66408 dgram       0      0 f1000a0281110c20                0                0                0 /dev/.SRC-unix/SRCz-asie
f1000e0000f67480
f1000e0000a2d808 dgram       0      0                0 f1000e0001cabf00                0                0
f1000e0000a28300
f1000e000053d408 stream      0      0 f1000a02810f3820                0                0                0 /etc/cluster/clcomd_sec
f1000e0000520a00
f1000e0000a3a408 stream      0      0                0                0                0                0
f1000e0000a28a00
f1000e0000f75008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000520c80
f1000e0000f67980
f1000e0000f75c08 dgram       0      0 f1000a0281329020                0                0                0 /dev/.SRC-unix/SRCjXasiq
f1000e0000f26200
f1000e0000529c08 dgram       0      0 f1000a0281317020                0                0                0 /dev/.SRC-unix/SRCeHasin
f1000e0000520480
f1000e0000f88408 dgram       0      0 f1000a0281301420                0                0                0 /dev/.SRC-unix/SRCXXasil
f1000e0000f67200
f1000e00027bd008 stream      0      0                0 f1000e0001cab000                0                0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab300
f1000e00027b8808 stream      0      0                0 f1000e0001cab900                0                0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e00027bff80
f1000e00027bac08 stream      0      0                0 f1000e0001cabd80                0                0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab700
f1000e0000a26008 stream      0      0 f1000a028169d020                0                0                0 /opt/freeware/cimom/pegasus/etc/cimxml.socket
f1000e0000a28700
f1000e0005019c08 stream      0      0                0                0                0                0
f1000e0000f67f80
f1000e0006a64008 stream      0      0                0                0                0                0
f1000e0001b13300
f1000e000507a808 stream      0      0                0                0                0                0
f1000e00049b9500
f1000e000bd2d008 stream      0      0                0                0                0                0
f1000e0001a1cb80
f1000e000496d408 dgram       0      0 f1000a029bb6b820                0                0                0 /dev/.SRC-unix/SRCcXasEC
f1000e00049be900
f1000e000498b408 stream      0      0                0 f1000e00049bd600                0                0
f1000e00049b5980
f1000e0004971808 stream      0      0                0 f1000e00049b5980                0                0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00049bd600
f1000e0006b0f008 stream      0      0                0                0                0                0
f1000e0008fdfb80
f1000e0000ac2008 stream      0      0                0                0                0                0
f1000e0002059080
f1000e0000b2fc08 stream      0      0                0                0                0                0
f1000e0000a28100

探测一下内网：
好详细

# @(#)47	1.2  src/bos/usr/sbin/netstart/hosts, cmdnet, bos61D, d2007_49A2 10/1/07 13:57:52
# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
# bos61D src/bos/usr/sbin/netstart/hosts 1.2 
#  
# Licensed Materials - Property of IBM 
#  
# COPYRIGHT International Business Machines Corp. 1985,1989 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
# 
# COMPONENT_NAME: TCPIP hosts
# 
# FUNCTIONS: loopback 
#
# ORIGINS: 26  27 
#
# (C) COPYRIGHT International Business Machines Corp. 1985, 1989
# All Rights Reserved
# Licensed Materials - Property of IBM
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
#  /etc/hosts
#
# This file contains the hostnames and their address for hosts in the
# network.  This file is used to resolve a hostname into an Internet
# address.  
#
# At minimum, this file must contain the name and address for each
# device defined for TCP in your /etc/net file.  It may also contain
# entries for well-known (reserved) names such as timeserver
# and printserver as well as any other host name and address.
#
# The format of this file is:
# Internet Address	Hostname	# Comments
# Internet Address can be either IPv4 or IPv6 address.
# Items are separated by any number of blanks and/or tabs.  A '#'
# indicates the beginning of a comment; characters up to the end of the
# line are not interpreted by routines which search this file.  Blank
# lines are allowed.
# Internet Address	Hostname	# Comments
# 192.9.200.1     	net0sample	# ethernet name/address
# 128.100.0.1		token0sample	# token ring name/address
# 10.2.0.2		x25sample	# x.25 name/address
# 2000:1:1:1:209:6bff:feee:2b7f		ipv6sample	# ipv6 name/address
127.0.0.1		loopback localhost	# loopback (lo0) name/address
10.5.86.190	localhost
10.5.86.191	localhost
10.2.188.177	localhost

?（10.2.188.1）位于0:9:f:9:0:a [ethernet] stored in bucket 51
 ?（10.2.188.178）位于0:15:17:6f:26:fd [ethernet] stored in bucket 79
 ?（10.2.188.82）位于d8:9d:67:32:ca:27 [ethernet] stored in bucket 132

漏洞证明：

站点：是供应商系统

http://supplier.sinopec.com:9001

存在weblogic应用
root权限

root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
snapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
ipsec:*:201:1::/etc/ipsec:/usr/bin/ksh
nuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
esaadmin:*:10:0::/var/esa:/usr/bin/ksh
supp:!:202:1::/supftp:/usr/bin/bsh

活动的 Internet 连接 （包括服务器）
Proto Recv-Q Send-Q  本地地址      外部地址    （状态）
tcp        0      0  *.*                    *.*                    CLOSED
tcp4       0      0  *.*                    *.*                    CLOSED
tcp4       0      0  *.13                   *.*                    LISTEN
tcp        0      0  *.21                   *.*                    LISTEN
tcp        0      0  *.23                   *.*                    LISTEN
tcp4       0      0  *.25                   *.*                    LISTEN
tcp4       0      0  *.37                   *.*                    LISTEN
tcp4       0      0  *.111                  *.*                    LISTEN
tcp        0      0  *.199                  *.*                    LISTEN
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46152      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46172      ESTABLISHED
tcp        0      0  10.2.188.177.51524     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46288      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      202.96.41.9.46313      ESTABLISHED
tcp        0      0  *.427                  *.*                    LISTEN
tcp        0      0  10.2.188.177.51603     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.51664     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.512                  *.*                    LISTEN
tcp        0      0  *.513                  *.*                    LISTEN
tcp        0      0  *.514                  *.*                    LISTEN
tcp        0      0  10.2.188.177.51689     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.657                  *.*                    LISTEN
tcp        0      0  10.2.188.177.52068     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.52250     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  *.1334                 *.*                    LISTEN
tcp        0      0  10.2.188.177.52754     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.137.64.51.57721     ESTABLISHED
tcp        0      0  10.2.188.177.53322     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.54216     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.54694     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55344   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55345   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55346   ESTABLISHED
tcp4       0      0  10.2.188.177.9001      219.149.59.150.55347   ESTABLISHED
tcp4       0      0  10.2.188.177.7007      10.248.250.61.56077    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53080   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53081   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53125   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53126   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53127   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53129   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53130   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53131   FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      115.183.24.218.53132   FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.5.99.1.54194        ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.5.99.1.54315        FIN_WAIT_2
tcp        0      0  10.2.188.177.56082     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.5001                 *.*                    LISTEN
tcp        0      0  *.5335                 *.*                    LISTEN
tcp        0      0  *.5336                 *.*                    LISTEN
tcp        0      0  *.5988                 *.*                    LISTEN
tcp        0      0  *.5989                 *.*                    LISTEN
tcp        0      0  *.6181                 *.*                    LISTEN
tcp        0      0  10.2.188.177.57401     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.32959     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57460     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57461     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57463     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57465     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57468     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57470     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57471     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57473     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57474     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57476     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57477     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57478     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57479     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57481     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57486     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57487     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.23        10.5.24.34.1524        ESTABLISHED
tcp        0      0  10.2.188.177.57491     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57496     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57498     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57502     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57509     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57513     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57517     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57521     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57533     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57535     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57536     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57554     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57558     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57563     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57571     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57572     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57604     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33423     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.57967     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33493     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.33587     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.6987                 *.*                    LISTEN
tcp        0      0  10.2.188.177.59098     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.1982     ESTABLISHED
tcp        0      0  10.2.188.177.34761     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.102.170.25.3268     FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.102.170.25.3271     FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62977       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62978       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62979       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62980       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62981       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62984       FIN_WAIT_2
tcp4       0      0  10.2.188.177.80        10.3.112.6.62986       FIN_WAIT_2
tcp        0      0  *.32769                *.*                    LISTEN
tcp4       0      0  *.32773                *.*                    LISTEN
tcp4       0      0  *.32774                *.*                    LISTEN
tcp        0      0  *.32779                *.*                    LISTEN
tcp        0      0  *.32785                *.*                    LISTEN
tcp        0      0  10.2.188.177.35050     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.2433     ESTABLISHED
tcp        0      0  10.2.188.177.35227     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  *.9090                 *.*                    LISTEN
tcp        0      0  10.2.188.177.35769     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.36060     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.9510                 *.*                    LISTEN
tcp        0      0  10.2.188.177.60765     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.36691     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.61660     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.37323     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.61992     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62035     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62101     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.80        *.*                    LISTEN
tcp        0      0  10.2.188.177.62354     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38117     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62625     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.62672     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38737     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.38781     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39007     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63559     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39062     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63622     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63759     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39287     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63797     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.63869     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63135   ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.57428     ESTABLISHED
tcp        0      0  10.2.188.177.57428     10.2.188.177.7001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63138   ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.57429     ESTABLISHED
tcp        0      0  10.2.188.177.57429     10.2.188.177.7001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63142   ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63150   ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.238.163.162.63151   ESTABLISHED
tcp        0      0  10.2.188.177.64103     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.61950                *.*                    LISTEN
tcp        0      0  10.2.188.177.64208     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64263     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39845     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.39982     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  127.0.0.1.9514         *.*                    LISTEN
tcp4       0      0  127.0.0.1.9515         *.*                    LISTEN
tcp        0      0  10.2.188.177.40096     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64663     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15992  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15993  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.15994  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16004  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16007  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16008  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16009  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16010  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16011  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16012  FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16013  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16014  ESTABLISHED
tcp4       0      0  10.2.188.177.9001      118.144.194.162.16015  FIN_WAIT_2
tcp        0      0  10.2.188.177.40276     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.64800     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40459     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40738     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.14248                *.*                    LISTEN
tcp        0      0  10.2.188.177.65497     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41256     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41713     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41714     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41715     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41716     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41718     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41719     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41720     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41721     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41722     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41727     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41728     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41729     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41730     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41731     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41732     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41733     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41734     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41735     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41736     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41737     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41738     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41739     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41740     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41741     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41742     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41743     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41744     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41745     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41746     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.41747     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.9302     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      111.206.20.58.9313     ESTABLISHED
tcp        0      0  10.2.188.177.42742     10.5.86.196.1521       ESTABLISHED
tcp        0      0  *.16191                *.*                    LISTEN
tcp4       0      0  127.0.0.1.199          127.0.0.1.32768        ESTABLISHED
tcp4       0      0  127.0.0.1.32768        127.0.0.1.199          ESTABLISHED
tcp        0      0  10.2.188.177.43221     10.5.86.196.1521       ESTABLISHED
tcp6       0      0  ::1.32777                                     ::1.32778                                     CLOSE_WAIT
tcp4       0      0  10.2.188.177.7001      10.2.188.178.61303     ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.178.61304     ESTABLISHED
tcp        0      0  10.2.188.177.43565     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.7001      10.2.188.177.37434     ESTABLISHED
tcp        0      0  10.2.188.177.37434     10.2.188.177.7001      ESTABLISHED
tcp        0      0  10.2.188.177.44112     10.5.86.197.1521       ESTABLISHED
tcp        0      0  10.2.188.177.7001      *.*                    LISTEN
tcp        0      0  10.2.188.177.7003      *.*                    LISTEN
tcp        0      0  10.2.188.177.7004      *.*                    LISTEN
tcp        0      0  10.2.188.177.7007      *.*                    LISTEN
tcp4       0      0  10.2.188.177.9002      10.2.188.178.60923     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55165    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55166    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55172    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55173    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55174    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55175    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55176    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55177    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55178    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.150.125.45.55185    ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49822     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49824     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49828     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49829     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49830     ESTABLISHED
tcp4       0   1214  10.2.188.177.80        10.175.1.126.49831     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49832     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49833     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49834     ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.175.1.126.49841     ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.59784    ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61594     ESTABLISHED
tcp        0      0  10.2.188.177.61594     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61607     ESTABLISHED
tcp        0      0  10.2.188.177.61607     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61608     ESTABLISHED
tcp        0      0  10.2.188.177.61608     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.61609     ESTABLISHED
tcp        0      0  10.2.188.177.61609     10.2.188.177.9002      ESTABLISHED
tcp        0      0  10.2.188.177.61614     10.2.188.178.9003      ESTABLISHED
tcp        0      0  10.2.188.177.45799     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.45862     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.46035     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60787    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60788    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60789    ESTABLISHED
tcp4       0      0  10.2.188.177.9001      101.71.243.74.60790    ESTABLISHED
tcp        0      0  10.2.188.177.9001      *.*                    LISTEN
tcp        0      0  10.2.188.177.9002      *.*                    LISTEN
tcp        0      0  10.2.188.177.9003      *.*                    LISTEN
tcp4       0      0  10.2.188.177.80        10.81.48.118.1481      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19964    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19970    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19975    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19976    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19978    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.19979    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20028    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20048    FIN_WAIT_2
tcp4       0      0  10.2.188.177.9001      110.153.53.96.20049    FIN_WAIT_2
tcp        0      0  10.2.188.177.40426     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40581     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40653     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40684     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40747     10.2.188.178.7004      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.84.13.79.59402      ESTABLISHED
tcp        0      0  10.2.188.177.40843     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40853     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40855     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40857     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40863     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40864     10.2.188.177.7004      TIME_WAIT
tcp        0      0  10.2.188.177.40867     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40868     10.2.188.178.7004      ESTABLISHED
tcp        0      0  10.2.188.177.40886     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40891     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40892     10.2.188.178.7003      ESTABLISHED
tcp        0      0  10.2.188.177.40893     10.2.188.178.7003      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.144.2.45.50081      ESTABLISHED
tcp4       0      0  10.2.188.177.7003      10.2.188.177.40901     ESTABLISHED
tcp        0      0  10.2.188.177.40901     10.2.188.177.7003      ESTABLISHED
tcp4       0      0  10.2.188.177.7004      10.2.188.177.40910     ESTABLISHED
tcp        0      0  10.2.188.177.40910     10.2.188.177.7004      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.85.166.94.3933      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.85.166.94.3956      ESTABLISHED
tcp        0      0  10.2.188.177.47495     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.47910     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9002      10.2.188.177.64021     ESTABLISHED
tcp        0      0  10.2.188.177.64021     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.9001      10.2.188.177.64072     ESTABLISHED
tcp        0      0  10.2.188.177.64072     10.2.188.177.9001      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.84.43.146.3852      ESTABLISHED
tcp        0      0  10.2.188.177.48903     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9001      123.125.71.117.50481   FIN_WAIT_2
tcp        0      0  10.2.188.177.48992     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40852     10.2.188.178.9003      ESTABLISHED
tcp        0      0  10.2.188.177.49352     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  10.2.188.177.9003      10.2.188.177.40899     ESTABLISHED
tcp        0      0  10.2.188.177.40899     10.2.188.177.9003      ESTABLISHED
tcp        0      0  10.2.188.177.40902     10.2.188.178.9003      ESTABLISHED
tcp4       0      0  10.2.188.177.9003      10.2.188.177.40905     ESTABLISHED
tcp        0      0  10.2.188.177.40905     10.2.188.177.9003      ESTABLISHED
tcp        0      0  10.2.188.177.49625     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.49780     10.5.86.196.1521       ESTABLISHED
tcp        0      0  10.2.188.177.40031     10.2.133.102.80        LAST_ACK
tcp4       0      0  10.2.188.177.9002      10.2.188.177.41706     ESTABLISHED
tcp        0      0  10.2.188.177.41706     10.2.188.177.9002      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4822      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4823      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4824      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4825      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4826      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4827      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4828      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4829      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4830      ESTABLISHED
tcp4       0      0  10.2.188.177.80        10.123.16.92.4831      ESTABLISHED
tcp        0      0  10.2.188.177.50680     10.5.86.196.1521       ESTABLISHED
tcp4       0      0  127.0.0.1.32769        127.0.0.1.32771        ESTABLISHED
tcp        0      0  127.0.0.1.32771        127.0.0.1.32769        ESTABLISHED
tcp4       0      0  127.0.0.1.32769        127.0.0.1.32772        ESTABLISHED
tcp        0      0  127.0.0.1.32772        127.0.0.1.32769        ESTABLISHED
tcp4       0      0  10.2.188.177.9001      114.242.173.178.59010  ESTABLISHED
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.*                    *.*                   
udp4       0      0  *.13                   *.*                   
udp4       0      0  *.37                   *.*                   
udp4       0      0  *.111                  *.*                   
udp        0      0  127.255.255.255.123    *.*                   
udp        0      0  10.2.188.255.123       *.*                   
udp4       0      0  127.0.0.1.123          *.*                   
udp4       0      0  10.2.188.177.123       *.*                   
udp4       0      0  *.123                  *.*                   
udp        0      0  *.161                  *.*                   
udp        0      0  *.427                  *.*                   
udp        0      0  *.514                  *.*                   
udp4       0      0  *.518                  *.*                   
udp        0      0  *.657                  *.*                   
udp4       0      0  *.2279                 *.*                   
udp        0      0  *.7001                 *.*                   
udp        0      0  *.7001                 *.*                   
udp4       0      0  *.32783                *.*                   
udp4       0      0  *.32809                *.*                   
udp4       0      0  *.32818                *.*                   
udp4       0      0  *.32831                *.*                   
udp4       0      0  *.32844                *.*                   
udp4       0      0  *.32857                *.*                   
udp4       0      0  *.32862                *.*                   
udp        0      0  *.32927                *.*                   
udp        0      0  *.32970                *.*                   
udp        0      0  *.9002                 *.*                   
udp        0      0  *.14252                *.*                   
udp        0      0  *.14253                *.*                   
活动的 UNIX domain sockets
SADR/PCB  Type   Recv-Q Send-Q Inode    Conn     Refs     Nextref  Addr
f1000e0001ca9808 dgram       0      0 f1000a028076f820                0                0                0 /dev/.SRC-unix/SRCsHasib
f1000e0001cab500
f1000e00027b2808 dgram       0      0 f1000a0281160c20                0                0                0 /dev/.SRC-unix/SRCzLasif
f1000e0001cabf80
f1000e0001caec08 dgram       0      0 f1000a028077fc20                0                0                0 /dev/.SRC-unix/SRCtLasic
f1000e0001cab980
f1000e00027b4008 dgram       0      0 f1000a02810f0c20                0 f1000e00029eac00                0 /dev/log
f1000e0001cabf00
f1000e00027b4408 dgram       0      0 f1000a0281280820                0                0                0 /dev/.SRC-unix/SRCzXasid
f1000e0001cab280
f1000e0001ca9408 dgram       0      0 f1000a0281260c20                0                0                0 /dev/.SRC-unix/SRC1Lasih
f1000e0001cab080
f1000e0001ca9008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000a28300
f1000e0001cab780
f1000e00027b4c08 dgram       0      0 f1000a02812a0c20                0                0                0 /dev/.SRC-unix/SRC1Xasii
f1000e0001cabb00
f1000e00027b3c08 dgram       0      0 f1000a0280cf1020                0                0                0 /dev/.SRC-unix/SRC1-asij
f1000e0001cab800
f1000e00027bbc08 stream      0      0 f1000a0281216420                0                0                0 /var/cim/elasocket_cimv2
f1000e0000051100
f1000e00027ba808 dgram       0      0 f1000a0281142020                0                0                0 /dev/.SRC-unix/SRC5Xasik
f1000e0001cabd00
f1000e00027bc408 stream      0      0 f1000a02813d5c20                0                0                0 /var/ct/IW/soc/mc/rmsrv
f1000e0001cab600
f1000e00027b8008 stream      0      0 f1000a0281345c20                0                0                0 /var/ct/IW/soc/mc/clsrv
f1000e0001cab880
f1000e00027b7008 stream      0      0 f1000a0281457020                0                0                0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab380
f1000e00027bc808 stream      0      0 f1000a0281359420                0                0                0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e0001cab680
f1000e00027bb808 stream      0      0                0 f1000e00027bff80                0                0
f1000e0001cab900
f1000e00027b8408 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000f67980
f1000e00027bfe00
f1000e00027b3808 dgram       0      0 f1000a02813b6420                0                0                0 /dev/.SRC-unix/SRCcXasim
f1000e0001cab100
f1000e00027bc008 stream      0      0 f1000a02813a7020                0                0                0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab200
f1000e00027be408 stream      0      0                0 f1000e0001cab300                0                0
f1000e0001cab000
f1000e00027b7408 stream      0      0                0 f1000e0001cab700                0                0
f1000e0001cabd80
f1000e00027ed808 stream      0      0 f1000a029bb9b820                0                0                0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00027bf080
f1000e0002e4a008 dgram       0      0                0 f1000e0001cabf00                0 f1000e00027bfe00
f1000e00027bfd80
f1000e00027e3808 stream      0      0                0                0                0                0
f1000e0003389780
f1000e0002caa808 stream      0      0                0                0                0                0
f1000e0003499e00
f1000e0002865c08 dgram       0      0                0 f1000e0001cabf00                0 f1000e00027bfd80
f1000e00029eac00
f1000e0000a21808 dgram       0      0 f1000a028085f420                0                0                0 /dev/.SRC-unix/SRCsXasia
f1000e0000a28800
f1000e0000521008 dgram       0      0 f1000a02806cf420                0                0                0 /dev/SRC
f1000e0000520180
f1000e0000f66808 dgram       0      0 f1000a02811f0c20                0                0                0 /dev/.SRC-unix/SRCz-asig
f1000e0000f67300
f1000e000053d008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0001cab780
f1000e0000520c80
f1000e0000f66408 dgram       0      0 f1000a0281110c20                0                0                0 /dev/.SRC-unix/SRCz-asie
f1000e0000f67480
f1000e0000a2d808 dgram       0      0                0 f1000e0001cabf00                0                0
f1000e0000a28300
f1000e000053d408 stream      0      0 f1000a02810f3820                0                0                0 /etc/cluster/clcomd_sec
f1000e0000520a00
f1000e0000a3a408 stream      0      0                0                0                0                0
f1000e0000a28a00
f1000e0000f75008 dgram       0      0                0 f1000e0001cabf00                0 f1000e0000520c80
f1000e0000f67980
f1000e0000f75c08 dgram       0      0 f1000a0281329020                0                0                0 /dev/.SRC-unix/SRCjXasiq
f1000e0000f26200
f1000e0000529c08 dgram       0      0 f1000a0281317020                0                0                0 /dev/.SRC-unix/SRCeHasin
f1000e0000520480
f1000e0000f88408 dgram       0      0 f1000a0281301420                0                0                0 /dev/.SRC-unix/SRCXXasil
f1000e0000f67200
f1000e00027bd008 stream      0      0                0 f1000e0001cab000                0                0 /var/ct/IW/soc/mc/RMIBM.CSMAgentRM.0
f1000e0001cab300
f1000e00027b8808 stream      0      0                0 f1000e0001cab900                0                0 /var/ct/IW/soc/mc/RMIBM.ServiceRM.0
f1000e00027bff80
f1000e00027bac08 stream      0      0                0 f1000e0001cabd80                0                0 /var/ct/IW/soc/mc/RMIBM.DRM.0
f1000e0001cab700
f1000e0000a26008 stream      0      0 f1000a028169d020                0                0                0 /opt/freeware/cimom/pegasus/etc/cimxml.socket
f1000e0000a28700
f1000e0005019c08 stream      0      0                0                0                0                0
f1000e0000f67f80
f1000e0006a64008 stream      0      0                0                0                0                0
f1000e0001b13300
f1000e000507a808 stream      0      0                0                0                0                0
f1000e00049b9500
f1000e000bd2d008 stream      0      0                0                0                0                0
f1000e0001a1cb80
f1000e000496d408 dgram       0      0 f1000a029bb6b820                0                0                0 /dev/.SRC-unix/SRCcXasEC
f1000e00049be900
f1000e000498b408 stream      0      0                0 f1000e00049bd600                0                0
f1000e00049b5980
f1000e0004971808 stream      0      0                0 f1000e00049b5980                0                0 /var/ct/IW/soc/mc/RMIBM.MgmtDomainRM.0
f1000e00049bd600
f1000e0006b0f008 stream      0      0                0                0                0                0
f1000e0008fdfb80
f1000e0000ac2008 stream      0      0                0                0                0                0
f1000e0002059080
f1000e0000b2fc08 stream      0      0                0                0                0                0
f1000e0000a28100

探测一下内网：
好详细

# @(#)47	1.2  src/bos/usr/sbin/netstart/hosts, cmdnet, bos61D, d2007_49A2 10/1/07 13:57:52
# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
# bos61D src/bos/usr/sbin/netstart/hosts 1.2 
#  
# Licensed Materials - Property of IBM 
#  
# COPYRIGHT International Business Machines Corp. 1985,1989 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
# 
# COMPONENT_NAME: TCPIP hosts
# 
# FUNCTIONS: loopback 
#
# ORIGINS: 26  27 
#
# (C) COPYRIGHT International Business Machines Corp. 1985, 1989
# All Rights Reserved
# Licensed Materials - Property of IBM
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
#  /etc/hosts
#
# This file contains the hostnames and their address for hosts in the
# network.  This file is used to resolve a hostname into an Internet
# address.  
#
# At minimum, this file must contain the name and address for each
# device defined for TCP in your /etc/net file.  It may also contain
# entries for well-known (reserved) names such as timeserver
# and printserver as well as any other host name and address.
#
# The format of this file is:
# Internet Address	Hostname	# Comments
# Internet Address can be either IPv4 or IPv6 address.
# Items are separated by any number of blanks and/or tabs.  A '#'
# indicates the beginning of a comment; characters up to the end of the
# line are not interpreted by routines which search this file.  Blank
# lines are allowed.
# Internet Address	Hostname	# Comments
# 192.9.200.1     	net0sample	# ethernet name/address
# 128.100.0.1		token0sample	# token ring name/address
# 10.2.0.2		x25sample	# x.25 name/address
# 2000:1:1:1:209:6bff:feee:2b7f		ipv6sample	# ipv6 name/address
127.0.0.1		loopback localhost	# loopback (lo0) name/address
10.5.86.190	localhost
10.5.86.191	localhost
10.2.188.177	localhost

?（10.2.188.1）位于0:9:f:9:0:a [ethernet] stored in bucket 51
 ?（10.2.188.178）位于0:15:17:6f:26:fd [ethernet] stored in bucket 79
 ?（10.2.188.82）位于d8:9d:67:32:ca:27 [ethernet] stored in bucket 132

修复方案：

版权声明：转载请注明来源牛小帅@乌云

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：10

确认时间：2015-12-30 16:49

厂商回复：

谢谢！我们会尽快修复。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0166055

漏洞标题：中石化某重要系统JAVA反序列化命令执行（ROOT+可入内网）

相关厂商：中国石油化工股份有限公司

漏洞作者：牛小帅

提交时间：2015-12-30 15:03

修复时间：2016-02-12 18:49

公开时间：2016-02-12 18:49

漏洞类型：命令执行

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源牛小帅@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0166055

漏洞标题：中石化某重要系统JAVA反序列化命令执行（ROOT+可入内网）

相关厂商：中国石油化工股份有限公司

漏洞作者： 牛 小 帅

提交时间：2015-12-30 15:03

修复时间：2016-02-12 18:49

公开时间：2016-02-12 18:49

漏洞类型：命令执行

危害等级：高

自评Rank：15

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0166055"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 牛 小 帅@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

漏洞作者：牛小帅

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源牛小帅@乌云