United Nations Chinese site Vulnerability Detection and repair

1. Scan
 
Open the familiar jsky and drop the target to www.un.org.cn for scanning. After a bowl of noodles, you can see that jsky has scanned the server with the iis PUT method.
 
2. Action
 
When I saw PUT, I thought of iiswrite written by veteran's eldest brother, and immediately opened it,
Write the domain name to www.un.org.cn, and then select PUT on the data packet format to upload the text to the test.txt file.
However, once the uploaded files are suffixed with asp, php, html, and so on, they will be deleted.
This is a little troublesome. Now/test.txt contains a php sentence.
So I thought of using MOVE to change the name.
 
Rename test.txt to test. php.
 
No, I am confused about it. I don't know if it is a software problem or whether there is anti-virus or firewall in the target server .....
In a few moments, I tried to change the name to an iis format xx.php.txt.
 
 
Try to submit the data packet, OK, and try to open it. Hey hey, this time it's not 404, it's a blank page, it should be a word, and it's definitely left in the kitchen knife.
Call successful
 
Run cmd to see
 
 
E: \ websiteun \> ipconfig
 
Windows IP Configuration
Www.2cto.com
 
Ethernet adapter Local Area Connection 3:
 
Connection-specific DNS Suffix .:
IP Address ......: 172.16.176.41
Subnet Mask ......: 255.255.255.0
Default Gateway ......: 172.16.176.1
It's an intranet server. It's in a vswitch environment. Forget it.
 
 
 



 
Solution:

You can directly remove the write permission of the directory or site. The write permission is not ntfs and the write permission is site.
 
Or disable webdev in the service extension in the iis manager.