Authorize to test the Online game Network

Target site: http: // 60.173.11.236: 88/
Environment: IIS6.0, windows2003, arpfirewall, and 360 security guard
Penetration platform: xp + excellent brain
Start:
Http: // 60.173.11.236: 88/manage/Default background
According to the background analysis, the laoy Article Management System 2009 v1.0 is used.
Baidu and Google are looking for 0-day to see if they can get into the market!
The result is a cup! 1.0 basically, the source code is not downloaded! I really don't know where the master got the source code.
This cannot be done! Change path...
First, check whether the default terminal port is changed.
 

Open by default! Continue!
Scan the port!
One Namap tool!
Failed to scan port! The server is equipped with a firewall ....
What should we do? Run the Directory and analyze it slowly ~
Sacrifice wwwscan artifacts... Dictionary is integrated by myself! Very powerful!
The system is scanned !!! Test the resolution vulnerability !!

 

Locate and upload
Http: // 60.173.11.236: 88/Upload/PicUpload. aspx
I directly threw it to my senior brother and son... I will continue to read more!
14:46:52
After the token is successfully uploaded, you must wait for the Administrator to verify the token on the website.
14:46:58
Review required
X7z 14:47:08
 
X7z 14:47:18
He also has to be reviewed ~
When I was depressed, I suddenly found something. When I connected to the terminal, I confirmed that the server was win32. Now I showed nginx while scanning the website directory. Why? Is the website set up on the Intranet? If this is the case, will the website become very useful because it cannot obtain the permissions of the physical machine !! I guess it was right!
The server is built under 2003 websites!
However, when I scan the website, the website becomes nginx, which indicates that there is a virtual machine on the server and the website is placed in the virtual machine! The website is mapped to the IP address, that is, the Internet is enabled, so others can access the website. the website built on 2003 is only for testing purposes and is not open. the website is open to the virtual machine on the server, so I want to intrude into the website on the virtual machine.
When I was still suffering, my brother sent the address of the server registrar.
14:47:37
Http://www.cidc.cc
X7z 14:51:40
Are you sure you are from the cnetwork?
14:51:54
Hmm
X7z 14:52:12
Haha!
Get it done now
(Because I am unwilling to intrude into the websites created in this environment! You have a good time !)
Click the Registrar's website.



Most people collect data first !! After I guess about the password, I will go back to our Customer Service... Today, I will perform social engineering first when I have no idea about the information of the server owner...
Skills:
Go directly to the chat record!
 


 

 
 
It's boring to wait! With my master, you can be fooled !!
 
 
 





 
 
 
At this time, the customer service is here !!


 
Continue to talk to master !! Social engineering charm ~~ This is good for social engineering! Use someone else to help you intrude into the system! Haha!
The Lord is playing on one side... Isn't it like a TV scene? The social Eldest Brother is behind the scenes ..... The younger brother meets the goal of the eldest brother ..
Continue ..
 




 
 
At this time, the customer service message is coming again !!
 
Haha !!!!! Excited? Fun? The charm of social engineering !!

 
China Telecom host !! My native card connection B from Grandma
Stepping Stone!
Ask coco for a zombie server that is too Telecom! Directly jump on ..
 

The website configuration file is found !!! Brother said no pressure on the database to get rid of pants and brush it!
 
 
Pack B and leave !!!
The website vulnerability has been notified to the Administrator.
This intrusion has been authorized
I hope you will not try again
By the way, I forgot to mention it. the one I learned just now is stuck, and the game fails. the reason is that the server connection is interrupted because the password is being cracked at the data center. but I can't say that the machine room is cracking the password. I can only keep saying that it should be a scanning and scanning! Tips

Author: x7z Website: www.x7z.org