Small script BUG leads to security risks

Author: bkys
Information Source: C ++ hacker base [Www.cjjhack.cn]

This Forum was launched at the beginning. Today, I am ugly here. This article has no technical skills. It only involves discovering a small program BUG and combining a few social workers to win several virtual machine backgrounds.

Don't laugh.

Today's goalWww.xxxidc.comRanking 5W on the system's out-of-the-star Virtual Machine Management Platform '''

Nice.

There are many good things on the Virtual Machine Service Platform of an IDC. A good virtual machine service provider has hundreds of thousands of WEB pages ..

First, let's take a look at your ideas. Such websites won't have any injection vulnerabilities for you. Or you don't need to think about what to upload. Cross-site? Wait for the Administrator to be fooled? Social engineering? I don't want to cheat people ..

Let's take a look, but I just found a connection and clicked it. No way, get used .... Echo. When I look at this, it's almost no fun.

I think there must be some trial? Trial means that we can upload anything to a WEB virtual space. Then raise the permission.

Okay, just do it. Click buy in the figure to enter and register a user. Select registration and try again. You will get a free one-day space.

After going up, I found that there was almost no permission, which is not supported by. net. You cannot run a program. No SU privilege escalation, no pcAnywhere, or anything else. It seems that the trial is safe.

Return to the target site in a drop-down manner and look at the security. It seems safe.

The keyword "off-star Virtual Machine Management Platform" is searched, and no vulnerability message is found.

No vulnerability was found in SEBUG. It seems that this out-of-the-stars management program is very alien.

I left like this, but I thought, is it just empty-handed? This is not my style!

Look at this login page again, It is very conspicuous, ''' will you order him? You don't know. I want to leave a message to customer service.

If a problem is thrown, submit it and return the result, as shown in:

Then I checked the problem connection and reported that I had clicked on him while waiting for a miracle.

Haha '''. I don't know if you are smart.

If the ID of this address is not verified by COOIEK. There will certainly be a lot of problems leaked.

According to the statistics of domestic staff in the social engineering survey (in fact, their own experience), 50% believe in the administrator and tell the Administrator some of their secrets. Class such as XXID XXpass

This evil idea flashed fast in my mind...

Replace the ID with your ID. At a glance

Come on, there is a change of ID and ID, not long before. A lot of good things have appeared

Insert a joke here and see it in it ." My service was stolen four times. I'm nervous! "" If you change the VPS password for a long time, it will not be stolen. "I laughed at me and thought what it was. It turns out that the VPS terminal was cracked. It is estimated that it will be owned by the social worker.

In a short time

You can log on with the password '''

Haha there is still 2 yuan


In a short time, several backend management permissions will be available. I won't guess if there are too many ''IDs for 3 W.

Postscript.

I thought I found the vulnerability. When I ran outside of other stars, I couldn't see any other results. Some do not even have this file. Maybe this problem is discovered. Maybe it's other programs integrated by people.

The problem lies mainly in the absence of COOIEK verification for this query problem. It's okay if you add the password.

Be flexible and considerate when learning technology! I hope you can take out your article! Thank you.

I remember you don't need to do anything. I told the administrator about it.

This story is not a fiction. If there are similarities, it is a fiction!