- 帖子
- 13
- 积分
- 20
- 威望
- 26
- 金钱
- 25
- 在线时间
- 0 小时
|
3楼
发表于 2008-7-21 00:09
| 只看该作者
首先感谢追寻帮我发这个帖子,有看webshell的可以短信通知我.
to楼上,mysql目录没有找到.
下面是我搜集的信息.
1,目标系统
OS Name: Microsoft(R) Windows(R) Server 2003, Enterprise Edition
OS Version: 5.2.3790 Service Pack 2 Build 3790
2,运行的服务没办法查看,net start运行后无回显,其他命令都正常.
3,扩展映射asp,php,aspx
4,端口
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 1624
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 1624
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 792
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:1002 0.0.0.0:0 LISTENING 1836
TCP 0.0.0.0:1041 0.0.0.0:0 LISTENING 1624
TCP 0.0.0.0:1043 0.0.0.0:0 LISTENING 548
TCP 0.0.0.0:1089 0.0.0.0:0 LISTENING 1624
TCP 0.0.0.0:1093 0.0.0.0:0 LISTENING 1624
TCP 0.0.0.0:1248 0.0.0.0:0 LISTENING 1696
TCP 0.0.0.0:2499 0.0.0.0:0 LISTENING 920
TCP 0.0.0.0:2967 0.0.0.0:0 LISTENING 2036
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 2904
TCP 0.0.0.0:4899 0.0.0.0:0 LISTENING 1892
TCP 0.0.0.0:8693 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:13722 0.0.0.0:0 LISTENING 1752
TCP 0.0.0.0:13724 0.0.0.0:0 LISTENING 1660
TCP 0.0.0.0:13782 0.0.0.0:0 LISTENING 1660
TCP 0.0.0.0:13783 0.0.0.0:0 LISTENING 1660
TCP 127.0.0.1:1042 0.0.0.0:0 LISTENING 1752
TCP 127.0.0.1:1187 0.0.0.0:0 LISTENING 3332
UDP 0.0.0.0:161 *:* 2008
UDP 0.0.0.0:445 *:* 4
UDP 0.0.0.0:500 *:* 548
UDP 0.0.0.0:1025 *:* 864
UDP 0.0.0.0:1026 *:* 864
UDP 0.0.0.0:1040 *:* 2008
UDP 0.0.0.0:1716 *:* 864
UDP 0.0.0.0:3456 *:* 1624
UDP 0.0.0.0:4500 *:* 548
UDP 127.0.0.1:123 *:* 880
UDP 127.0.0.1:1027 *:* 548
UDP 127.0.0.1:1175 *:* 488
UDP 127.0.0.1:3456 *:* 1624
UDP 208.109.xxx.171:123 *:* 880
UDP 208.109.xxx.171:137 *:* 4
UDP 208.109.xxx.171:138 *:* 4
5,当前进程
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 0 28 K
System 4 0 328 K
smss.exe 412 0 452 K
csrss.exe 460 0 6,796 K
winlogon.exe 488 0 12,580 K
services.exe 536 0 36,492 K
lsass.exe 548 0 17,320 K
svchost.exe 724 0 3,328 K
svchost.exe 792 0 4,640 K
svchost.exe 864 0 7,112 K
svchost.exe 880 0 6,032 K
svchost.exe 920 0 50,032 K
ccSetMgr.exe 976 0 4,132 K
ccEvtMgr.exe 1004 0 3,984 K
SPBBCSvc.exe 1144 0 3,792 K
spoolsv.exe 1308 0 5,244 K
msdtc.exe 1332 0 4,448 K
DefWatch.exe 1480 0 5,208 K
svchost.exe 1508 0 2,452 K
inetinfo.exe 1624 0 63,204 K
bpinetd.exe 1660 0 3,892 K
pNSClient.exe 1696 0 12,888 K
bpjava-msvc.exe 1752 0 3,664 K
watchdog.exe 1808 0 1,476 K
ProcessMonitorService.exe 1828 0 3,420 K
python.exe 1836 0 21,140 K
svchost.exe 1880 0 2,240 K
r_server.exe 1892 0 4,796 K
SavRoam.exe 1916 0 5,172 K
snmp.exe 2008 0 5,708 K
Rtvscan.exe 2036 0 69,736 K
svchost.exe 2352 0 19,804 K
svchost.exe 2904 0 5,148 K
svchost.exe 2984 0 4,284 K
alg.exe 3332 0 3,212 K
wmiprvse.exe 3440 0 5,844 K
logon.scr 5884 0 1,928 K
wmiprvse.exe 15632 0 10,728 K
cisvc.exe 22976 0 4,964 K
cidaemon.exe 18640 0 488 K
cidaemon.exe 9352 0 2,036 K
w3wp.exe 30936 0 43,468 K
w3wp.exe 2948 0 39,028 K
w3wp.exe 23608 0 35,104 K
cmd.exe 32564 0 4,372 K
w3wp.exe 3856 0 136,156 K
w3wp.exe 26008 0 98,036 K
w3wp.exe 15408 0 35,432 K
w3wp.exe 23720 0 106,640 K
w3wp.exe 19584 0 77,408 K
w3wp.exe 6020 0 41,752 K
w3wp.exe 12252 0 12,296 K
w3wp.exe 6852 0 13,756 K
w3wp.exe 12028 0 166,096 K
w3wp.exe 23772 0 51,756 K
w3wp.exe 28468 0 78,304 K
w3wp.exe 11524 0 89,280 K
w3wp.exe 32308 0 74,144 K
w3wp.exe 8740 0 9,280 K
w3wp.exe 6920 0 38,684 K
w3wp.exe 12832 0 14,672 K
w3wp.exe 6896 0 58,876 K
w3wp.exe 29808 0 230,904 K
w3wp.exe 20932 0 34,044 K
w3wp.exe 28836 0 128,808 K
w3wp.exe 27636 0 71,420 K
w3wp.exe 14332 0 32,072 K
w3wp.exe 4700 0 56,852 K
w3wp.exe 12156 0 40,004 K
w3wp.exe 21636 0 105,448 K
w3wp.exe 4928 0 26,636 K
w3wp.exe 18000 0 10,244 K
w3wp.exe 6780 0 53,516 K
w3wp.exe 30764 0 199,392 K
w3wp.exe 612 0 73,648 K
w3wp.exe 2020 0 50,384 K
w3wp.exe 5148 0 292,428 K
w3wp.exe 6648 0 23,736 K
w3wp.exe 6076 0 90,388 K
w3wp.exe 31128 0 10,904 K
w3wp.exe 26780 0 41,088 K
w3wp.exe 25864 0 13,488 K
w3wp.exe 23452 0 46,068 K
w3wp.exe 21380 0 55,420 K
w3wp.exe 31996 0 19,628 K
w3wp.exe 1672 0 9,132 K
w3wp.exe 27712 0 10,408 K
w3wp.exe 11164 0 48,024 K
bpbkar32.exe 292 0 22,656 K
w3wp.exe 10700 0 10,376 K
vssvc.exe 8452 0 6,924 K
svchost.exe 5896 0 3,872 K
cidaemon.exe 31904 0 928 K
w3wp.exe 2452 0 10,932 K
w3wp.exe 11664 0 13,368 K
w3wp.exe 18228 0 8,964 K
w3wp.exe 4880 0 16,164 K
w3wp.exe 5080 0 8,912 K
w3wp.exe 6416 0 13,872 K
cmd.exe 12408 0 1,780 K
tasklist.exe 32276 0 4,136 K
6,set结果
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APP_POOL_ID=HostingAppPool21_ASPNET2
ClusterLog=C:\WINDOWS\Cluster\cluster.log
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=P3SWH129
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
Path=C:\Program Files\VERITAS\NetBackup\bin\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=d:\temp
TMP=d:\temp
USERPROFILE=C:\Documents and Settings\Default User
windir=C:\WINDOWS
7,当前安装程序
C:\Program Files\ 无权限
这个是开始菜单下的程序列表
accessories
administrative tools
microsoft asp.net 2.0 ajax extensions
Microsoft SOAP Toolkit Version 3
startup
symantec client security
veritas netbackup
winzip
desktop.ini |
|