Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
ForensicSIM Toolkit gets
Serv-U bounce attack and
To the Image File Execut
Based on CallStack count
To a some music website
How to use double WAN ro
pcshare official net exa
Security precious book m
Honey jar and honey net
The invasion examination
pcshare official net exa
Tomcat invasion examinat
Bypasses the CallStack f
Ten big invasion examina
The network invasion exa
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
TEA guidelines for risk
Training for medical per
JSIC Security Forum 2001
SITO includes E-Learning
The rationale for choosi
Drink and drug driving c
BTEC is Tavcom Training
International trade issu
1 in 5 companies is unli
New compact PD-350 for F
sharp rise in prices of
Passfaces strong authent
T3i teams with Passfaces
Comodo Two Factor Authen
Comfortable two-factor a
A winding safe examination
  Add date: 07/16/2008   Publishing date: 07/16/2008   Hits: 6
Total 4 pages, Current page:1, Jump to page:
 
Writes in the start:
    This safe examination had a period of time in the past, has wanted to write the draft not to have the time, the concrete environment possibly had fades from the memory, but the entire process and the mentality very much understood. As a result in school period after school in school network work room work, therefore quite pays attention to some school website's service and the development. This period discovered that some institute's document exchange system unusual good, the use can bring many aspects in the campus net the convenience. Searched on the bottom wire not ready-made system downloading, must to want presently to write inadequately…

    Steps on the spot:
    The server opened 21 and 80 ports, Serv-U6.2, Apache/2.055(win32)PHP/5.1.2; Also has a OA system with the Taiwan server on. The black box test, first tests the upload script document, may upload, after obtaining raises the code fetch, carries on the extraction not to be able to analyze…, carries on to the upload process grasps the package, then the structure does not exist document, contract award, also does not have the storm to leave any sensitive information. Carried on the scanning to the entire exchange system also to sweep config.php, google under also not to have other document. Was not a moment ago said that also has the OA system, google OA time has the tendency connection truly, but all connections first is the judgment in the school IP, if in the non-school IP skips a debarkation page directly, tested completely to here reached the impasse. How many passes through does departure, how many pass through comes back to test again does not have the result, really cannot take it? Test when again after inputting raises the code fetch the downloading address to attract me.

    “hxxp://www.xxx.edu.cn/ex/download.php?url=exchanging%2F200709121626171664123.jpg&name=dff3badd8b57fee777c63871.jpg”
   
    after url, should be a specific address, then under the revision can under to other document?
    Grasps the package:
   
    GET /ex/download.php? url=exchanging%2F200709121626171664123.jpg&name=dff3badd8b57fee777c63871.jpg
    HTTP/1.1
    Accept: */*
    Referer: hxxp://www.xxx.edu.cn/ex/down.php
    Accept-Language: zh-cn
    UA-CPU: x86
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; InfoPath.1)
    Host: www.xxx.edu.cn
    Connection: Keep-Alive
    Cookie: down_fail_cnt=0
    Generally under WIN32 PHP inherits SYS jurisdiction, therefore reads the document simply to go study c:\boot.ini, Telnet server ip 80 transmit following revises the good data

    Revision:

    /ex/download.php? url=c%3A%5Cboot.ini HTTP/1.1
    Accept: */*
    Referer: hxxp://www.xxx.edu.cn/ex/down.php

 
Other pages: : 1 * 2 * 3 * 4 * Next>>
Prev:The invasion examination has died? Application time invasion examination technology Next:The enterprise invades the examination system: Explains the IPS dense fog

Comment:

Category: Home > invades the examination
Home