Target machine: A computer with a version of Office vulnerabilities installed
Attack aircraft: An Kai liunx ip:192.168.0.110
Python script download Link: https://github.com/Ridter/CVE-2017-11882
MSF Component downloads: Https://github.com/0x09AL/CVE-2017-11882-metasploit
A. Copy the cve_2017_11882.rb file downloaded
Vulnerability Description:March 27, using IIS 6.0 on Windows 2003 R2 burst the 0Day Vulnerability (cve-2017-7269), the exploit POC began to circulate, but the bad thing is that the product has stopped updating. The download link to the POC online is as follows.GitHub Address: Https://github.com/edwardz246003/IIS_exploitCombined with the above POC, we analyze the cause of the vulnerability and the process of
Vulnerability Name: cve-2017-12615-Remote Code execution vulnerabilitycve-2017-12615: Remote code execution vulnerabilityWhen Tomcat is running on the Windows operating system and the HTTP Put request method is enabled (for example, by setting the ReadOnly initialization parameter to false), an attacker would likely be able to upload a JSP file containing arbitra
=s.accept () -Conn.send ('Welcome to your unfriendly FTP server\r\n') - Print(CONN.RECV (1024)) -Conn.send ("331 ok\r\n") A Print(CONN.RECV (1024)) +Conn.send ('ok\r\n') the Print(CONN.RECV (1024)) -Conn.send ('"'+buffer+'" is current directory\r\n')#Send malicious buffer structureExecute script, start serviceThe victim machine Ftpshell Client Connection Malicious FTP server, can find the client immediately error, Shellcode is executedNote: I did not experiment in Win2008 SP20x02. R
Guide
Zabbix can monitor various network parameters, ensure the safe operation of the server system, and provide flexible notification mechanism for the system administrator to quickly locate/solve the various problems.
about Zabbix
Zabbix is an enterprise-class open source solution based on the Web interface that provides distributed system monitoring and network monitoring capabilities.
Zabbix can monitor various network parameters, ensure the safe operation of the server system
Supervisord is a tool developed by the Python language for managing back-end applications (services), allowing operations personnel to manage them using a graphical interface.
recently, Supervisord exposed a remote command execution vulnerability that requires authentication (cve-2017-11610), through the POST request Supervisord management interface malicious data, can obtain the server operation permissio
ExplodingcanHttps://github.com/danigargu/explodingcanAn implementation of Explodingcan ' s exploit extracted from Fuzzbunch, the "Metasploit" of the NSA.Details
Vulnerability:microsoft IIS WebDav ' scstoragepathfromurl ' Remote Buffer Overflow
cve:cve-2017-7269
Disclosure Date:march 31 2017
Affected Product:microsoft Windows Server 2003 R2 SP2 x86
Why?Months ago I needed to study t
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.