### 简要描述:
st2
### 详细说明:
http://partner.kingdee.com/user/login.action
root权限
[<img src="https://images.seebug.org/upload/201310/31160852aeadc6f7d747d1b5ffcac3322007b29b.gif" alt="20131031153251.gif" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201310/31160852aeadc6f7d747d1b5ffcac3322007b29b.gif)
获得了内网数据库的账号密码,库站分离
[<img src="https://images.seebug.org/upload/201310/311609401405a4e27c13a69a91c30271934d5562.gif" alt="20131031154246.gif" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201310/311609401405a4e27c13a69a91c30271934d5562.gif)
服务器内网ip
[<img src="https://images.seebug.org/upload/201310/31160959c7f99f953ee11788f4cc1bfcf2735b97.gif" alt="20131031160105.gif" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201310/31160959c7f99f953ee11788f4cc1bfcf2735b97.gif)
数据库的内网ip
[<img src="https://images.seebug.org/upload/201310/311610187255ea2cfb086f841a3603b6229dcf45.gif" alt="20131031160139.gif" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201310/311610187255ea2cfb086f841a3603b6229dcf45.gif)
要是连接数据库还要内网继续,我就不做了
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201310/31160852aeadc6f7d747d1b5ffcac3322007b29b.gif" alt="20131031153251.gif" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201310/31160852aeadc6f7d747d1b5ffcac3322007b29b.gif)
京公网安备 11010502034610号
暂无评论