亿中邮（亿邮）信息技术官方网站沦陷,已成功进入后台

简要描述： 今天本身没事。为了不让他买叫我盲打王。 所以就打算随便找一个厂商 进行一次 脚本入侵。然后就找到了“亿中邮信息技术” 我大概说一下。没拿下webshell 后台设置了禁止写入。包括数据库备份 根本不可能。另外上传页面直接删除掉了。 但是你们网站的问题很大。 整个入侵过程一共是 20分钟。你们后台就沦陷了！·下面我大概讲一下入侵的整个思路 详细说明： 首先是网站主站有个意见反馈。然后我就很随意的 插入代码了。但是。返回的提交成功 一看就知道 dedecms页面。 然后我就知道。肯定是 失败的。 然后打开data/admin/ver.txt 发现版本很老啊。...

ThinkSNS开发的微博程序存在过滤不严

简要描述： 存在上传文件过滤不严漏洞！可直接上传ASP，PHP等网马后纂名的文件！ 详细说明： 存在上传文件过滤不严，可直接上传危险后纂名文件！ 漏洞证明： 上传WEBSHELL以后，...

用友管理员信息泄露可获得shell

简要描述： 用友官网可注入得到管理员信息，虽然本站找不到后台,但是通过社工可获得其他站点的shell. 详细说明： 此后台拿webshell的方法很多，很多都可行···· 漏洞证明：...

齐博cms后台 数据库工具处过滤不严格导致能写入一句话木马

简要描述： 假如你的账户密码泄露了 那你就危险了 在后台能直接拿webshell 详细说明： 后台为方便站长有个数据库工具 在哪里执行 Select '' into outfile 'F:/wwwroot/shiyanshi/cache/1.asp'; 就写入了一句话木马 然后就可以任意作为了 漏洞证明：...

ShopEX官方网站及旗下ECSHOP官方网站高危漏洞

简要描述： 域名反查www.shopexdrp.cn，发现ShopEX官方子网站、及ecshop官方网站等都在同一台服务器上，其中www.shopexdrp.cn使用dedecms，利用该CMS注入漏洞，可拿到webshell，同服务上的众多官方子网站及旗下网站被控制。 详细说明： 利用dedecms sql注入漏洞：...

[JSQL v0.3] Java Tool for Automatic Database Injection

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Version 0.2 features: GET, POST, header, cookie methods normal, error based, blind, time based algorithms automatic...

AirDrive HD 1.6 Shell Upload

Title: ====== AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Date: ===== 2013-02-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=865 VL-ID: ===== 865 Common Vulnerability Scoring System: ==================================== 6.3 Introduction: =============...

AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities

Title: ====== AirDrive HD 1.6 iPad iPhone - Multiple Web Vulnerabilities Date: ===== 2013-02-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=865 VL-ID: ===== 865 Common Vulnerability Scoring System: ==================================== 6.3 Introduction: =============...

Check the shell to find the new hidden Trojan horse ideas-vulnerability warning-the black bar safety net

Help a friend search webshell small mind Today a friend said his station has an exception, asked me to look at, the Qi of the whole Station. Checked under the webshell, find a 2 bar. Where there is a possession much more wonderful, at least I haven't seen the way, ignorant of it, unfortunately...

SiteServer CMS UserCenter/login. aspx page the user name at sql injection-vulnerability warning-the black bar safety net

After testing spike the latest of the 3. Version 5 stieserver official website:www. siteserver. cn EXP: Direct access to the UserCenter/login. aspx The username at the input: 1 2 3'insert into bairongAdministratorUserName,Password,PasswordFormat,PasswordSalt...

DEXTUpload filter is not strict lead to any uploaded file for the webshell permissions-bug warning-the black bar safety net

DEXTUpload filter is not strict lead to any uploaded file for the webshell permissions Detailed description: ! The first option one can upload the gif image,properly uploaded,spying on function of whether you can complete the upload ! Upload it,don't know pass? So I just upload when the time to r...

SiteServer CMS 3.5 background upload WEBSHELL-vulnerability warning-the black bar safety net

Version number: SiteServer CMS 3.5 Background,Upload a single GIF format Trojan. Then,through the site, file management,modify the file name,you can modify the picture Trojan horse in the format . aspx Version number: SiteServer CMS 3.5 http://demo2.siteserver.cn/siteserver/login.aspx Account:...

8 ways siteserver background getwebshell and safety recommendations-vulnerability warning-the black bar safety net

First: stencil management to directly modify the file source code can be obtained webshell Second: editor vulnerability http://demo2.siteserver.cn/siteserver/TextEditor/fckeditor/ can get webshell Third: stencil add actually have add asp to the aspx file the template in webshell Fourth: the page...

SiteServer CMS 0Day-vulnerability warning-the black bar safety net

After testing spike the latest of the 3. Version 5 stieserver official website:www. siteserver. cn EXP: Direct access to the UserCenter/login. aspx The username at the input: 1 2 3'insert into bairongAdministratorUserName,Password,PasswordFormat,PasswordSalt...

Secret phpwebshell in the backdoor-vulnerability warning-the black bar safety net

Only will this document give to others the webshell to make a contribution to the classmates. Take down a website, after, Of course, pass webshll, mention right. But some people will be in webshell insert small piece of code, so that your hard-won webshell address and password, and so on will be...

kingcms 5.0 vulnerability-a vulnerability warning-the black bar safety net

To 1. kingcms 5.0 fckeditor the default path in the admin/system/editor/FCKeditor/editor/fckeditor.Html The local horse named for the hx. asp;jpg watch jpg the front there is no point.. OK..actually later do stations combined fckeditor this editor..plus the best verification..only management can...

Feindura CMS v2.0.4 <= (thumbnail) File Upload Vulnerability

The Bug is 0day on Feindura CMS v2.0.4 when use Thumbnail to upload images attacker can upload remote and big file/webShell 100mb .gif to the target . Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com...

The latest FCKEditor ASP upload bypass vulnerability-vulnerability warning-the black bar safety net

exploiut-db: FCKEditor ASP Version 2.6.8 File Upload Protection Bypass - Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass - Credit goes to: Mostafa Azizi, Soroush Dalili - Link:http://sourceforge. net/projects/fckeditor/files/FCKeditor/ - Description: There is no validation on...

Mysql provide the right to exploit the expanded applications-vulnerability warning-the black bar safety net

This: MySQL Windows Remote System Level Exploit Stuxnet technique 0day http://www.exploit-db.com/exploits/23083/ Roughly looked at, the original is in the export file when the out of the question, specifically how out of the question, showing look at the mysql source code than I can see to...

The South data website management system injection vulnerabilities&background get WebShell-vulnerability warning-the black bar safety net

/Databases/0791idc. mdb 1. Injection point:newssearch. asp? key=7%' union select 0,username%2BCHR1 2 4%2Bpassword,2,3,4,5,6,7,8,9 from admin where 1 or '%'='&otype=title&Submit=%CB%D1%CB%F7 It may beanother versionnewssearch. asp? key=7%' union select 0,username%2BCHR1 2...