记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

北斗卫星LBS位置服务平台getshell+信息泄露

2014-10-07 22:31

北斗卫星LBS位置服务平台getshell+信息泄露

地址:http://221.194.128.113:8095/BdlbsManager/

贵站点存在struts漏洞,直接导致getshell

1.jpg



信息泄露:

<!--LBS用户连接 dbcp连接池   org.apache.commons.dbcp.BasicDataSource"-->

<bean id="dataSourceQuanJu" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close" lazy-init="true">



<!-- 42数据库连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@10.0.18.42:1521:bddb"></property>

<property name="user" value="qjdb"></property>

<property name="password" value="qj2013"></property>-->





<!-- 113数据库连接地址 -->

<!--

<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.113:1538:bddb"></property>

<property name="user" value="qjdb"></property>

<property name="password" value="qj07031804qj"></property>

-->



<!-- 114数据库连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.114:1539:ykdb"></property>

<property name="user" value="qjdb"></property>

<property name="password" value="ykdbqj"></property>-->



<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@123.125.16.139:1540:zxdb"></property>

<property name="user" value="qjdb"></property>

<property name="password" value="qj07031804qj"></property>

漏洞证明:

--><!--测试用的demo例子 开始  -->

<bean id="qjTbTermincardinfoDAO" class="com.sos.lbs.dao.impl.QjTbTermincardinfoDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryQuanJu"/>

</property>

</bean>

<bean id="qjTbTermincardinfoService" class="com.sos.lbs.service.impl.QjTbTermincardinfoService">

<property name="iqjTbTermincardinfoDAO" ref="qjTbTermincardinfoDAO"></property>

<property name="iqjTbTermincardidDAO" ref="qjTbTermincardidDAO"></property>

</bean>

<bean id="TerminCardAction" class="com.sos.lbs.action.QjTbTermincardinfoAction" >

<property name="iqjTbTermincardinfoService" ref="qjTbTermincardinfoService"></property>

<property name="ilbsTbUserService" ref="lbsTbUserService"></property>

<property name="iqjTbTermincardidService" ref="qjTbTermincardidService"></property>

</bean>

<!--测试用的demo例子 结束 -->



<!-- 判断该终端是否为有屏机 开始 -->

<bean id="qjVwTermincardinfoDAO" class="com.sos.lbs.dao.impl.QjVwTermincardinfoDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryQuanJu"/>

</property>

</bean>

<bean id="qjVwTermincardinfoService" class="com.sos.lbs.service.impl.QjVwTermincardinfoService">

<property name="iqjVwTermincardinfoDAO" ref="qjVwTermincardinfoDAO"></property>

</bean>

<bean id="QjVwTinfoAction" class="com.sos.lbs.action.QjVwTermincardinfoAction">

<property name="iqjVwTermincardinfoService" ref="qjVwTermincardinfoService"></property>

</bean>

<!-- 判断该终端是否为有屏机 结束 -->



<!-- 查询终端所有的运营商信息 -->

<bean id="qjTbTerminfactoryDAO" class="com.sos.lbs.dao.impl.QjTbTerminfactoryDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryQuanJu"/>

</property>

</bean>

<bean id="qjTbTerminfactoryService" class="com.sos.lbs.service.impl.QjTbTerminfactoryService">

<property name="iqjTbTerminfactoryDAO" ref="qjTbTerminfactoryDAO"></property>

</bean>



<bean id="qjTbTerminfactoryAction" class="com.sos.lbs.action.QjTbTerminfactoryAction">

<property name="iqjTbTerminfactoryService" ref="qjTbTerminfactoryService"></property>

</bean>



<!-- 所有的运营商信息列表 开始 -->

<bean id="qjTbOperatorDAO" class="com.sos.lbs.dao.impl.QjTbOperatorDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryQuanJu"/>

</property>

</bean>

<bean id="qjTbOperatorService" class="com.sos.lbs.service.impl.QjTbOperatorService">

<property name="iqjTbOperatorDAO" ref="qjTbOperatorDAO"></property>

</bean>

<bean id="qjTbOperatorAction" class="com.sos.lbs.action.QjTbOperatorAction">

<property name="iqjTbOperatorService" ref="qjTbOperatorService"></property>

</bean>

<!-- 所有的运营商信息列表 结束 -->





<!-- 终端卡信息开始 2014-3-25 -->

<bean id="qjTbTermincardidDAO" class="com.sos.lbs.dao.impl.QjTbTermincardidDAO">

<property name="sessionFactory" ref="sessionFactoryQuanJu"></property>

</bean>

<bean id="qjTbTermincardidService" class="com.sos.lbs.service.impl.QjTbTermincardidService">

<property name="iqjTbTermincardidDAO" ref="qjTbTermincardidDAO"></property>

</bean>

<bean id="qjTbTermincardidAction" class="com.sos.lbs.action.QjTbTermincardidAction">

<property name="iqjTbTermincardidService" ref="qjTbTermincardidService"></property>

</bean>

<!-- 终端卡信息结束 2014-3-25 -->





<!-- 终端卡详细信息备份表开始 2014-3-25 -->

<bean id="qjTbTermincardinfoHistoryDAO" class="com.sos.lbs.dao.impl.QjTbTermincardinfoHistoryDAO">

<property name="sessionFactory" ref="sessionFactoryQuanJu"></property>

</bean>

<bean id="qjTbTermincardinfoHistoryService" class="com.sos.lbs.service.impl.QjTbTermincardinfoHistoryService">

<property name="iqjTbTermincardinfoHistoryDAO" ref="qjTbTermincardinfoHistoryDAO"></property>

</bean>

<!-- 终端卡详细信息备份表结束 2014-3-25 -->





</beans>



<?xml version="1.0" encoding="UTF-8"?>  

<beans

xmlns="http://www.springframework.org/schema/beans"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">





<!--LBS用户连接 dbcp连接池 <bean id="dataSource"org.apache.commons.dbcp.BasicDataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"> -->

<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close" lazy-init="true">





<!-- 42连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@10.0.18.42:1521:bddb"></property>

<property name="user" value="lbsdb001"></property>

<property name="password" value="lbs2013"></property>





--><!-- 113连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.113:1538:bddb"></property>

<property name="user" value="lbsdb001"></property>

<property name="password" value="lbs07031804lbs"></property>

-->



<!-- 114连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.114:1539:ykdb"></property>

<property name="user" value="lbsdb001"></property>

<property name="password" value="ykdblbs"></property>-->





<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@123.125.16.139:1540:zxdb"></property>

<property name="user" value="lbsdb001"></property>

<property name="password" value="lbs07031804lbs"></property>









<!--连接池中保留的最小连接数。-->

<property name="minPoolSize" value="3"></property>

<!--连接池中保留的最大连接数。Default: 15 -->

<property name="maxPoolSize" value="100" />

<!--初始化时获取的连接数,取值应在minPoolSize与maxPoolSize之间。Default: 3 -->

<property name="initialPoolSize" value="5" />

<!--最大空闲时间,60秒内未使用则连接被丢弃。若为0则永不丢弃。Default: 0 -->

<property name="maxIdleTime" value="180" />

<!--当连接池中的连接耗尽的时候c3p0一次同时获取的连接数。Default: 3 -->

<property name="acquireIncrement" value="5" />



<!--每60秒检查所有连接池中的空闲连接。Default: 0 -->

<property name="idleConnectionTestPeriod" value="180" />

<!--定义在从数据库获取新连接失败后重复尝试的次数。Default: 30 -->

<property name="acquireRetryAttempts" value="30" />



<!--连接关闭时默认将所有未提交的操作回滚。Default: false -->

<property name="autoCommitOnClose" value="true"></property>

<!-- <property name="preferredTestQuery" value="select count(*) from dual"></property> -->





<!-- 新加 2014-03-17-->

<property name="checkoutTimeout" value="5000"></property>

<property name="maxStatements" value="0"></property>



</bean>

<!--

dataSource: 要连接的 datasource (通常我们不会定义在 server.xml)

defaultAutoCommit: 对于事务是否 autoCommit, 默认值为 true

defaultReadOnly: 对于数据库是否只能读取, 默认值为 false

driverClassName:连接数据库所用的 JDBC Driver Class,

maxActive: 可以从对象池中取出的对象最大个数,为0则表示没有限制,默认为8

maxIdle: 最大等待连接中的数量,设 0 为没有限制 (对象池中对象最大个数)

minIdle:对象池中对象最小个数

maxWait: 最大等待秒数, 单位为 ms, 超过时间会?出错误信息

password: 登陆数据库所用的密码

url: 连接数据库的 URL

username: 登陆数据库所用的帐号

validationQuery: 验证连接是否成功, SQL SELECT 指令至少要返回一行

removeAbandoned: 是否自我中断, 默认是 false

removeAbandonedTimeout: 几秒后会自我中断, removeAbandoned 必须为 true

logAbandoned: 是否记录中断事件, 默认为 false

minEvictableIdleTimeMillis:大于0 ,进行连接空闲时间判断,或为0,对空闲的连接不进行验证;默认30分钟

timeBetweenEvictionRunsMillis:失效检查线程运行时间间隔,如果小于等于0,不会启动检查线程,默认-1

testOnBorrow:取得对象时是否进行验证,检查对象是否有效,默认为false

testOnReturn:返回对象时是否进行验证,检查对象是否有效,默认为false

testWhileIdle:空闲时是否进行验证,检查对象是否有效,默认为false

? 在使用DBCP的时候,如果使用默认值,则数据库连接因为某种原因断掉后,再从连接池中取得连接又不进行验证,这时取得的连接实际上就会是无效的数据库连接。因此为了防止获得的数据库连接失效,在使用的时候最好保证:

username: 登陆数据库所用的帐号

validationQuery:SELECT COUNT(*) FROM DUAL

testOnBorrow、testOnReturn、testWhileIdle:最好都设为true

minEvictableIdleTimeMillis:大于0 ,进行连接空闲时间判断,或为0,对空闲的连接不进行验证

timeBetweenEvictionRunsMillis:失效检查线程运行时间间隔,如果小于等于0,不会启动检查线程

<property name=""></property>

-->



<bean id="sessionFactory"

class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">

<property name="dataSource">

<ref local="dataSource" />

</property>

<property name="hibernateProperties">

<props>

<prop key="hibernate.dialect">

org.hibernate.dialect.Oracle9Dialect

</prop>

<prop key="hibernate.show_sql">true</prop>

<!--

20140319 新添加内容

<prop key="hibernate.format_sql">true</prop>

--><prop key="hibernate.generate_statistics">true</prop>

<prop key="hibernate.autoReconnect">true</prop>

<prop key="hibernate.max_fech_depth">5</prop>

<prop key="hibernate.jdbc.batch_size">50</prop>

<prop key="hibernate.jdbc.fetch_size">100</prop>



<!--

<prop key="hibernate.generate_statistics">true</prop>

<prop key="hibernate.connection.release_mode">auto</prop>

<prop key="hibernate.autoReconnect">true</prop>

--></props>

</property>

<property name="mappingResources">

<list>

<value>com/sos/lbs/pojo/LbsTbAuthority.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbSendtext.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbUser.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbUsertermin.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbReceivetext.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbUsergroup.hbm.xml</value>

<value>com/sos/lbs/pojo/LbsTbFence.hbm.xml</value>

</list>

</property>

</bean>



<!--<bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">

<property name="sessionFactory" ref="sessionFactoryQuanJu"></property>

</bean>

--><!-- <bean id="andyWEB" class="com.sos.lbs.util.TestTask" init-method="taskTime"/> -->





<!--测试用的demo例子 开始 -->

<bean id="LbsAuthDAO" class="com.sos.lbs.dao.impl.LbsTbAuthorityDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="LbsService" class="com.sos.lbs.service.impl.LbsTbAuthorityService">

<property name="lbsAutoDAO" ref="LbsAuthDAO"></property>

</bean>

<bean id="LbsAaction" class="com.sos.lbs.action.LbsTbAuthorityAction" >

<property name="lbsService" ref="LbsService"></property>

</bean>

<!--测试用的demo例子 结束 -->



<bean id="lbsTbSendtextDAO" class="com.sos.lbs.dao.impl.LbsTbSendtextDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="lbsTbSendtextService" class="com.sos.lbs.service.impl.LbsTbSendtextService">

<property name="tbSendtextDAO" ref="lbsTbSendtextDAO"></property>

</bean>



<!-- 用户登陆页面初始化 开始-->

<bean id="lbsTbUserDAO" class="com.sos.lbs.dao.impl.LbsTbUserDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="lbsTbUserService" class="com.sos.lbs.service.impl.LbsTbUserService">

<property name="ilbsTbUserDAO" ref="lbsTbUserDAO"></property>

</bean>

<bean id="lbsTbUserAction" class="com.sos.lbs.action.LbsTbUserAction">

<property name="ilbsTbUserService" ref="lbsTbUserService"></property>

<property name="ilbsTbUserterminService" ref="lbsTbUserterminService"></property>

<property name="iqjVwTermincardinfoService" ref="qjVwTermincardinfoService"></property>

<property name="ilbsTbReceivetextService" ref="lbsTbReceivetextService"></property>

<property name="ilbsTbUsergroupService" ref="lbsTbUsergroupService"></property>

</bean>

<!-- 用户登陆页面初始化 结束-->





<!-- 用户登陆 开始-->

<bean id="lbsTbUserterminDAO" class="com.sos.lbs.dao.impl.LbsTbUserterminDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="lbsTbUserterminService" class="com.sos.lbs.service.impl.LbsTbUserterminService">

<property name="ilbsTbUserterminDAO" ref="lbsTbUserterminDAO"></property>

</bean>

<!-- 用户登陆 结束-->



<!--查询用户已经接收到的短信信息 开始-->

<bean id="lbsTbReceivetextDAO" class="com.sos.lbs.dao.impl.LbsTbReceivetextDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="lbsTbReceivetextService" class="com.sos.lbs.service.impl.LbsTbReceivetextService">

<property name="ilbsTbReceivetextDAO" ref="lbsTbReceivetextDAO"></property>

</bean>

<!--查询用户已经接收到的短信信息 结束-->



<!--用户分组 开始 -->

<bean id="lbsTbUsergroupDAO" class="com.sos.lbs.dao.impl.LbsTbUsergroupDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="lbsTbUsergroupService" class="com.sos.lbs.service.impl.LbsTbUsergroupService">

<property name="ilbsTbUsergroupDAO" ref="lbsTbUsergroupDAO"></property>

</bean>

<!--用户分组 结束 -->





<!-- 电子围栏 开始 -->

<bean id="ilbsTbFenceDAO" class="com.sos.lbs.dao.impl.LbsTbFenceDAO">

<property name="sessionFactory">

<ref bean="sessionFactory"/>

</property>

</bean>

<bean id="ilbsTbFenceService" class="com.sos.lbs.service.impl.LbsTbFenceService">

<property name="ilbsTbFenceDAO" ref="ilbsTbFenceDAO"></property>

</bean>

<bean id="lbsTbFenceAction" class="com.sos.lbs.action.LbsTbFenceAction">

<property name="ilbsTbFenceService" ref="ilbsTbFenceService"></property>

</bean>

<!-- 电子围栏 结束 -->





</beans>



<?xml version="1.0" encoding="UTF-8"?>  

<beans

xmlns="http://www.springframework.org/schema/beans"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">



<!--终端用户连接 proxool连接池 开发库 开始-->

<bean id="dataSourceUser" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close" lazy-init="true" >





<!-- 42数据库连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@10.0.18.42:1521:bddb"></property>

<property name="user" value="bddb001"></property>

<property name="password" value="bd2013"></property>





--><!-- 113数据库连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.113:1538:bddb"></property>

<property name="user" value="bddb001"></property>

<property name="password" value="bd07031804bd"></property>

-->



<!-- 114数据库连接地址 -->

<!--<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@221.194.128.114:1539:ykdb"></property>

<property name="user" value="bddb001"></property>

<property name="password" value="ykdbbd"></property>-->





<property name="driverClass" value="oracle.jdbc.driver.OracleDriver" ></property>

<property name="jdbcUrl" value="jdbc:oracle:thin:@123.125.16.139:1540:zxdb"></property>

<property name="user" value="bddb001"></property>

<property name="password" value="bd07031804bd"></property>













<!--连接池中保留的最小连接数。-->

<property name="minPoolSize" value="3"></property>

<!--连接池中保留的最大连接数。Default: 15 -->

<property name="maxPoolSize" value="300" />

<!--初始化时获取的连接数,取值应在minPoolSize与maxPoolSize之间。Default: 3 -->

<property name="initialPoolSize" value="5" />

<!--最大空闲时间,60秒内未使用则连接被丢弃。若为0则永不丢弃。Default: 0 -->



<property name="maxIdleTime" value="180" />

<!--当连接池中的连接耗尽的时候c3p0一次同时获取的连接数。Default: 3 -->

<property name="acquireIncrement" value="5" />



<!--每60秒检查所有连接池中的空闲连接。Default: 0 -->

<property name="idleConnectionTestPeriod" value="180" />

<!--定义在从数据库获取新连接失败后重复尝试的次数。Default: 30 -->

<property name="acquireRetryAttempts" value="30" />



<!--连接关闭时默认将所有未提交的操作回滚。Default: false -->

<property name="autoCommitOnClose" value="true"></property>

<!-- <property name="preferredTestQuery" value="select count(*) from dual"></property> -->





<!-- 新加 2014-03-17-->

<property name="checkoutTimeout" value="5000"></property>

<property name="maxStatements" value="0"></property>

</bean>

<!--终端用户连接 dbcp连接池 测试库 结束 -->



<bean id="sessionFactoryUser"

class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">

<property name="dataSource">

<ref local="dataSourceUser" />

</property>

<property name="hibernateProperties">

<props>

<prop key="hibernate.dialect">

org.hibernate.dialect.Oracle9Dialect

</prop>

<prop key="hibernate.show_sql">true</prop>

<!--20140319 新添加内容

<prop key="hibernate.format_sql">true</prop>

--><prop key="hibernate.generate_statistics">true</prop>

<prop key="hibernate.autoReconnect">true</prop>

<prop key="hibernate.max_fech_depth">5</prop>

<prop key="hibernate.jdbc.batch_size">50</prop>

<prop key="hibernate.jdbc.fetch_size">100</prop>





<!--

<prop key="hibernate.generate_statistics">true</prop>

<prop key="hibernate.connection.release_mode">auto</prop>

<prop key="hibernate.autoReconnect">true</prop>

--></props>

</property>



<property name="mappingResources">

<list>

<value>com/sos/lbs/pojo/BdTbFootprint.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbHistorystatus.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbTextnumber.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbWaitsendtermin.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbSendtext.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbReceivetext.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbMobilesendtext.hbm.xml</value>

<value>com/sos/lbs/pojo/BdTbReceiveraw.hbm.xml</value>

</list>

</property>

</bean>





<!--<bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">

<property name="sessionFactory" ref="sessionFactoryQuanJu"></property>

</bean>





--><!--历史足迹信息查询 开始 -->

<bean id="bdTbFootprintDAO" class="com.sos.lbs.dao.impl.BdTbFootprintDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbFootprintService" class="com.sos.lbs.service.impl.BdTbFootprintService">

<property name="ibdTbFootprintDAO" ref="bdTbFootprintDAO"></property>

</bean>

<bean id="dbFootAction" class="com.sos.lbs.action.BdTbFootprintAction" >

<property name="ibdTbFootprintService" ref="bdTbFootprintService"></property>

<property name="iqjVwTermincardinfoService" ref="qjVwTermincardinfoService"></property>

<property name="ilbsRecevetTextService" ref="lbsTbReceivetextService"></property>

<property name="ilbsUserService" ref="lbsTbUserService"></property>

</bean>

<!--历史足迹信息查询 结束 -->







<!--非正常历史足迹信息查询 开始 -->

<bean id="bdTbHistorystatusDAO" class="com.sos.lbs.dao.impl.BdTbHistorystatusDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbHistorystatusService" class="com.sos.lbs.service.impl.BdTbHistorystatusService">

<property name="iddTbHistorystatusDAO" ref="bdTbHistorystatusDAO"></property>

</bean>

<bean id="HistorystateAction" class="com.sos.lbs.action.BdTbHistorystatusAction" >

<property name="ibdTbHistorystatusService" ref="bdTbHistorystatusService"></property>

</bean>

<!--非正常历史足迹信息查询 结束 -->









<!--用户发送信息 开始 -->

<bean id="isendMessageSerivces" class="com.sos.lbs.service.impl.SendMessageService">

<property name="ilbsTbSendtextService" ref="lbsTbSendtextService"></property>

<property name="textNumberservice" ref="bdTbTextnumberService"></property>

<property name="ibdTbWaitsendterminService" ref="bdTbWaitsendterminService"></property>

<property name="qjVwTermincardinfoService" ref="qjVwTermincardinfoService"></property>

<property name="ilbsTbReceivetextService" ref="lbsTbReceivetextService"></property>

<property name="ibdTbReceivetextService" ref="bdTbReceivetextService"></property>

<property name="ibdTbSendtextService" ref="bdTbSendtextService"></property>

</bean>



<bean id="SendMessageAction" class="com.sos.lbs.action.SendMessageAction">

<property name="isMessageService" ref="isendMessageSerivces"></property>

</bean>

<!--用户发送信息 结束 -->







<!-- 短信编号 开始 -->

<bean id="bdTbTextnumberDAO" class="com.sos.lbs.dao.impl.BdTbTextnumberDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbTextnumberService" class="com.sos.lbs.service.impl.BdTbTextnumberService">

<property name="iddTbTextnumberDAO" ref="bdTbTextnumberDAO"></property>

</bean>

<!-- 短信编号 结束 -->

<!-- 待发送表 开始 -->

<bean id="bdTbWaitsendterminDAO" class="com.sos.lbs.dao.impl.BdTbWaitsendterminDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbWaitsendterminService" class="com.sos.lbs.service.impl.BdTbWaitsendterminService">

<property name="ibdTbWaitsendterminDAO" ref="bdTbWaitsendterminDAO"></property>

</bean>

<!-- 待发送表 结束 -->



<!-- 终端已发送表 开始 -->

<bean id="bdTbSendtextDAO" class="com.sos.lbs.dao.impl.BdTbSendtextDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbSendtextService" class="com.sos.lbs.service.impl.BdTbSendtextService">

<property name="ibdTbSendtextDAO" ref="bdTbSendtextDAO"></property>

</bean>

<!-- 终端已发送表 结束 -->



<!-- 终端已接收表 开始 -->

<bean id="bdTbReceivetextDAO" class="com.sos.lbs.dao.impl.BdTbReceivetextDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbReceivetextService" class="com.sos.lbs.service.impl.BdTbReceivetextService">

<property name="ibdTbReceivetextDAO" ref="bdTbReceivetextDAO"></property>

</bean>

<!-- 终端已接收表 结束 -->





<!-- 待发送到终端的手机短信箱 开始-->

<bean id="bdTbMobilesendtextDAO" class="com.sos.lbs.dao.impl.BdTbMobilesendtextDAO">

<property name="sessionFactory" >

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbMobilesendtextService" class="com.sos.lbs.service.impl.BdTbMobilesendtextService">

<property name="ibdTbMobilesendtextDAO" ref="bdTbMobilesendtextDAO"></property>

</bean>

<bean id="bdTbMobilesendtextAction" class="com.sos.lbs.action.BdTbMobilesendtextAction">

<property name="ibdTbMobilesendtextService" ref="bdTbMobilesendtextService"></property>

</bean>

<!-- 待发送到终端的手机短信箱 结束-->



<!-- 转换百度坐标处理 开始

<bean id="bdTbFootprintBaiDAO" class="com.sos.lbs.dao.impl.BdTbFootprintBaiDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbFootprintBaiService" class="com.sos.lbs.service.impl.BdTbFootprintBaiService">

<property name="ibdTbFootprintBaiDAO" ref="bdTbFootprintBaiDAO"></property>

</bean>

转换百度坐标处理 结束-->





<!-- 查询指挥机原始数据包 开始-->

<bean id="bdTbReceiverawDAO" class="com.sos.lbs.dao.impl.BdTbReceiverawDAO">

<property name="sessionFactory">

<ref bean="sessionFactoryUser"/>

</property>

</bean>

<bean id="bdTbReceiverawServer" class="com.sos.lbs.service.impl.BdTbReceiverawServer">

<property name="ibdTbReceiverawDAO" ref="bdTbReceiverawDAO"></property>

</bean>

<bean id="bdTbReceiverawAction" class="com.sos.lbs.action.BdTbReceiverawAction">

<property name="ibdTbReceiverawServer" ref="bdTbReceiverawServer"></property>

</bean>

<!-- 查询指挥机原始数据包 结束-->

</beans>



修复方案:

1-漏洞涉及较广泛

2-涉及多个数据库

3-希望尽快修复吧

升级+配置等。

作为白帽子,这是我应该做的。

关注WEB安全,关注互联网风险。

知识来源: www.wooyun.org/bugs/wooyun-2014-073513

阅读:246753 | 评论:0 | 标签:无

想收藏或者和大家分享这篇好文章→复制链接地址

“北斗卫星LBS位置服务平台getshell+信息泄露”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云

本页关键词