Analysis of Common Services and Their Security Vulnerabilities (1)

Enterprise 2023-04-08 18:21:07 views: null

Today I will continue to introduce you to the relevant knowledge of penetration testing. The main content of this article is the analysis of common services and their security vulnerabilities.

Disclaimer:
The content described in this article is only for learning and communication. It is strictly forbidden to use the technology in the article to conduct illegal activities, otherwise you will be responsible for all serious consequences!
Again: Penetration testing of unauthorized devices is strictly prohibited!

1. Analysis of Web Service Vulnerabilities

1. Tomcat
Tomcat is a lightweight open source free server developed based on JAVA, which can handle HTML code and is the first choice for JSP programs.
Common vulnerabilities of tomcat services are:

  • manager weak password
  • upload webshell in put mode
  • HTTP slow attack
  • CVE-2020-1938 ajr file contains vulnerability

PS: HTTP slow attack can refer to the article: Detailed explanation of HTTP slow attack

2. Jboss
Jboss is an open source web server that complies with the J2EE specification, and the default service port is 8080.
Common vulnerabilities of Jboss services are:

  • Background weak password
  • Console background deployment war package
  • Java deserialization
  • remote code execution

3. webSphere
webSphere is an IBM open source lightweight J2EE application server with a default service port of 9080.
Common vulnerabilities of webSphere services are:

  • Background weak password
  • Arbitrary file disclosure
  • Java deserialization

4. weblogic
weblogic is a middleware based on JAVA EE architecture developed by Oracle Corporation of the United States, which can be used to develop, integrate, deploy and manage large-scale distributed web applications. The default service ports are 7001 and 7002.
Common vulnerabilities of weblogic services are:

  • Background weak password
  • Console background deployment war package
  • SSRF
  • Test page upload webshell
  • JAVA反序列化(CVE-2018-3623、CVE-2018-2893、CVE-2017-10271、CVE-2019-2725、CVE-2019-2729)

5. Glassfish
Glassfish is a web server based on JAVA EE, and the default service ports are 8080 and 4848.
Common vulnerabilities of Glassfish services are:

  • brute force
  • arbitrary file read
  • authentication bypass

6. Apache
Apache is the world's No. 1 web server software. It has outstanding cross-platform and security features and can run on almost all mainstream computer platforms. Apache opens port 80 by default.
Common vulnerabilities of the Apache service are:

  • HTTP slow attack
  • parsing loopholes
  • directory traversal

7. Apache Solr
Apache Solr is an open source search service, developed using JAVA language, mainly based on HTTP and Apache Lucene, and the default service port is 8983.
Common vulnerabilities of the Apache Solr service are:

  • CVE-2017-12629 Remote Command Execution
  • CVE-2019-0193 Remote Command Execution

8. IIS
IIS stands for International Information Service, which is a Windows-based Web service provided by Microsoft Corporation.
Common vulnerabilities of IIS services are:

  • put upload webshell
  • IIS Parsing Vulnerability
  • IIS Privilege Escalation Vulnerability
  • IIS Remote Code Execution Vulnerability (CVE-2017-7269)

9. Resin
Resin is a web server developed with JAVA language, supports servlets and jsp engines, and is very fast. Its default service port is 8080.
The common vulnerabilities of Resin service are:

  • directory traversal
  • remote file reading

10. Axis2
Axis2 is written in JAVA language. It is a soap engine and an embedded Servlet engine. Compared with Axis, Axis2 has stronger flexibility and a new architecture. Its default service port is 8080.
Common vulnerabilities of Asix2 services are:

  • Background weak password

11. Lotus
Lotus is a full-stack web framework developed by Ruby, which has the advantages of lightweight, high performance and testability. Its default service port is 1352.
Common vulnerabilities of Lotus services are:

  • Background weak password
  • information leakage
  • cross site scripting attack

12. Nginx
Nginx is a high-performance HTTP and reverse proxy web server, and also provides mail service functions.
Common vulnerabilities of Nginx services are:

  • HTTP slow attack
  • parsing loopholes

13. Jetty
Jetty, developed by JAVA, is an open source Servlet container that can provide a running environment for JAVA-based web containers. The default service port is 8080.
Common vulnerabilities of Jetty services are:

  • remote share buffer overflow

2. Analysis of Database Service Vulnerabilities

1. MySQL
MySQL is a very common database service, the default service port is 3306.
Common vulnerabilities of MySQL services are:

  • weak password
  • Authentication Vulnerability CVE-2012-2122
  • denial of service attack
  • phpmyadmin universal password and weak password
  • UDF/MOF privilege escalation

2. Mssql
Mssql is a lightweight database server with a default service port of 1433.
Common vulnerabilities of the Mssql service are:

  • weak password
  • Stored procedure privilege escalation

3. Oracle
Oracle is a common database of Oracle Corporation, and the default service port is 1521.
Common vulnerabilities of Oracle services are:

  • weak password
  • TNS vulnerability

4. Redis
Redis is a non-relational and in-memory database, and its default service port is 6379.
Common vulnerabilities of Redis services are:

  • weak password
  • unauthorized access

5. PostgreSQL
The default service port of PostgreSQL is 5432, and its common vulnerabilities are:

  • weak password
  • Buffer overflow CVE-2014-2669

6. MongoDB
MongoDB is a non-relational database. The default service port is 27001. The main vulnerabilities are:

  • weak password
  • unauthorized access

7. DB2
The default service port of DB2 is 5000. The main vulnerabilities are:

  • Security restriction bypass for unauthorized operations CVE-2015-1992

8. Sybase
Sybase is a relational database. The default service ports are 5000 and 4100. The main vulnerabilities are:

  • weak password
  • command injection

9. Memcache
The default port of Memcache service is 11211. The main vulnerabilities are:

  • unauthorized access
  • Configuration Vulnerabilities

10. Elasticsearch
ElasticSearch is a distributed search and data analysis engine in the ELK log storage architecture. The default service port numbers are 9200 and 9300. The main vulnerabilities are:

  • unauthorized access
  • remote code execution
  • Document handling
  • Webshell writes

3. Analysis of Vulnerabilities in Big Data Services

1. Hadoop
The default port number of Hadoop service is 50010. The main vulnerabilities are:

  • remote command execution

2. Zookeeper
The default port number of the Zookeeper service is 2181. The main vulnerabilities are:

  • unauthorized access

Originality is not easy, please indicate the source for reprinting: https://blog.csdn.net/weixin_40228200

Guess you like

Origin blog.csdn.net/weixin_40228200/article/details/128493312
Recommended
Linus is the most active in "eating dog food"!
Ranking
Share good programmer web front-end array and sorting, de-duplication and random roll call
Compilation error caused by cv_bridge and python version problems error: return-statement with no value, in function returning'void*' [-fpe
魔众帮助中心系统 v3.1.0 首页切换器,界面优化
Die beim Millimeterwellenradar-Integrationstest aufgetretene Grube (Multiprozessbindung an einen UDP-Port verursacht Probleme)
How to suppress the "requires transitive directive for an automatic module" warning properly?
LeetCode-1743. Restore the Array From Adjacent Pairs-Analysis and Code (Java)
Summer 2019 Summer soft essay 7 workers
Python中Assert断言的使用语法和例子
LeetCode one question per day (2021-2-3 sliding window median)
Fairchild, the ancestor of semiconductors, the legend of the first trillion-dollar start-up
Daily
More
2024-05-20(5)
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)

Code World

© 2018 codetd.com