School recruitment test to easily get full marks (involving three large Internet manufacturers)

School recruitment test to easily get full marks (involving three large Internet manufacturers)

The last time I submitted a server code network vulnerability, the vulnerability was handled by a small vendor, and no one answered the question ......
Today, I saw that the shell is still there, and I have a few more shells → _ →
Submit it again. I hope you will pay attention to it...

Detailed description:

In the previous vulnerability, the msyql password was not changed. The user table actually stores the password in plaintext...
 

Background http://hr.acmcoder.com/xycloveManage

Weak Password admin: admin
 

Another problem here is that js jump is not logged on. You only need to disable js.
 

You can also log on directly by setting the cookie to this ......
 

An error occurred while connecting to mongodb using mongo shell:
 

Code Region

Error while trying to show server startup warnings: not authorized on admin to execute command { getLog: "startupWarnings" }

I thought it was a limitation. I checked the result and found a mongodb bug. After logging on, I just need to try db. auth () again.
 

Code Region

mongos> show dbsACMcoder0.03125GBACMcoderExamReport0.03125GBACMcoderExamSessionDB2.999267578125GBadmin0.015625GBconfig0.046875GBhello-world46.977783203125GB

Both the question and the question are in hello-world, where the score is saved:

Take Baidu written examination as an example, the judge address is http://baidu.acmcoder.com/comp

The judge's password:

Invigilation Hall:
 

Exam items:
 

Scoring interface:
 

Proof of vulnerability: Code Region

 

Mask Region

  * ***** Cmcoder.com & quo ************ 5; // SMTP? * ********* R.com "; // SMTP? * ********* Email ;//? * ********** 9; toemail '************ com "; // SMTP? * ********* Uot; // SMTP server? ***** 

 

 

Solution:

All understand...