Exclusive vulnerability exists in the IOV software to remotely obtain server Permissions
Jin wanwei remote connection unauthorized vulnerability Directory: 1. About "remote connection" 2. About exploits of vulnerabilities 3. Hazards 1. About "remote connection"
II. We can see that a UFIDA software is released through "" for remote office:
Click the "UFIDA" icon to bring up the login interface: (the server DELL is on the Intranet)
The IOV software has an excessive permission vulnerability, which allows you to easily control the server that runs "UF. There are many ways to use it. Here we demonstrate one method: Click Help to bring up the help document (this help document runs on a remote system ):
Right-click and choose "view source code ":
Click "help ":
Select "help topic ":
Call up the "Notepad help" of the remote system ":
Search for "http ":
Click the link to bring up the remote browser to open the link:
Now you can remotely download cmd.exe:
Select "run" to bring up the command line interface:
Here the Administrator permission is directly used:
At the same time, the server is on the Intranet:
Likewise, you can remotely download a assumer.exe file to manage the file:
Likewise, you can download and run Trojans. It can be seen that all the above programs run on the remote server through the "same speed" Proxy:
3. For hazards, you can call out other applications (such as cmd command line, file manager, and browser) that are not allowed to be remotely accessed by the remote system through "). Attackers can obtain system permissions, execute system commands, and remotely download and run Trojans.