Empire backup Wang(Empirebak) \class\functions.php and\class\combakfun.php GETSHELL vul-vulnerability warning-the black bar safety net

2015-05-22T00:00:00
ID MYHACK58:62201562724
Type myhack58
Reporter 佚名
Modified 2015-05-22T00:00:00

Description

catalog

  1. Vulnerability Description 2. Vulnerability trigger conditions 3. Vulnerability the range of 4. Vulnerability code analysis 5. Defense method 6. Offensive and defensive thinking

1. Vulnerability description

EmpireBak is a completely free, dedicated to Mysql for big data backup with the import and design of the software,the system uses the sub-volume backup and import, in theory, can backup any size database, Empire backup Wang(Empirebak)the presence of more GETSHELL vulnerabilities, the paper one by one to discuss from the into the background to GETSHELL a variety of ways

Relevant Link:

http://help.aliyun.com/knowledge_detail.htm?knowledgeId=5980885&categoryId=8314968

2. Vulnerability trigger conditions

0x1: default weak password into the background

admin 1 2 3 4 5 6 //Installed by default weak password

0x2: fake cookie login background

ebak_loginebakckpass:119770adb578053dcb383f67a81bcbc6 ebak_bakrnd:35y5cCnnA4Kh ebak_bakusername:admin ebak_baklogintime:4 0 7 0 8 8 3 6 6 1 //使用 以上 cookie 即可 直接 访问 admin.php

[1] [2] [3] [4] [5] [6] [7] [8] [9] [1 0] [1 1] [1 2] [[1 3]] (<62724_13.htm>) next