Shulou(Shulou.com)06/01 Report--

What this article shares with you is an example analysis of the recurrence of vulnerabilities in e-cology OA database configuration information disclosure. The editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.

Introduction to 0x00

E-cology is a collaborative commerce platform with the functions of enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management and asset management.

Overview of 0x01 vulnerabilities

There is a vulnerability of database configuration information disclosure in an interface of e-cology OA system. An attacker can obtain database configuration information through a vulnerable page and decryption. The default database of pan-micro e-cology is mostly MSSQL database, and if an attacker can access the database directly, he can obtain user data directly.

0x02 affects version

Currently known as 8.100.0531, other versions are not excluded, including not limited to EC7.0 and EC8.0

0x03 environment building

0x04 vulnerability exploitation

Verify that this vulnerability exists and visit

Http://xx.xx.xx.xx/mobile/DBconfigReader.jsp

The page will return garbled code after DES encryption.

Check the returned data and find that there are some\ r\ n, which need to be removed. You can choose to slice out the data, or you can use repalce to replace it.

After decrypting the database using the DES algorithm combined with the key, the information related to the database can be obtained. The key is 1z2x3c4v

You can also use poc script directly (there is a link at the end of the article)

0x05 repair mode

1. Disable access to / mobile/DBconfigReader.jsp

2. Download the patch pack:

Https://www.weaver.com.cn//cs/securityDownload.asp

The above is an example analysis of the recurrence of vulnerabilities in e-cology OA database configuration information disclosure. The editor believes that there are some knowledge points that may be seen or used in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.