HanDs
NO.2

[7月漏洞公开] 酷我音乐某处任意文件上传Getshell 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

酷我音乐某处任意文件上传getshell

详细说明:

对酷我音乐的某个c段进行扫描



然后抓住一处文件上传,无限制

kuwo1.PNG



skeylist.kuwo.cn

http://60.28.217.180:8040/ 这个端口任意文件下载



上传一个php文件试试,成功getshell



kuwo2.PNG





这样还不够证明酷我音乐,上个脚本把内网扫一扫



code 区域
Scanning IP 192.168.220.75

Scanning IP 192.168.220.76
Port: 80 is open

Scanning IP 192.168.220.77

Scanning IP 192.168.220.78
Port: 80 is open

Scanning IP 192.168.220.79

Scanning IP 192.168.220.80
Port: 80 is open

Scanning IP 192.168.220.81

Scanning IP 192.168.220.82

Scanning IP 192.168.220.83
Port: 80 is open

Scanning IP 192.168.220.84

Scanning IP 192.168.220.85
Port: 80 is open

Scanning IP 192.168.220.86
Port: 80 is open

Scanning IP 192.168.220.87
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.220.88
Port: 80 is open

Scanning IP 192.168.220.89
Port: 80 is open

Scanning IP 192.168.220.94
Port: 80 is open

Scanning IP 192.168.220.95
Port: 80 is open

Scanning IP 192.168.220.96

Scanning IP 192.168.220.97

Scanning IP 192.168.220.98
Port: 8888 is open

Scanning IP 192.168.220.99
Port: 8888 is open

Scanning IP 192.168.220.100

Scanning IP 192.168.220.101

Scanning IP 192.168.220.102
Port: 80 is open

Scanning IP 192.168.220.103
Port: 8888 is open

Scanning IP 192.168.220.104
Port: 80 is open

Scanning IP 192.168.220.105
Port: 80 is open

Scanning IP 192.168.220.106
Port: 80 is open

Scanning IP 192.168.0.28
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.29
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.35
Port: 3306 is open

Scanning IP 192.168.0.36
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.37
Port: 80 is open

Scanning IP 192.168.0.38

Scanning IP 192.168.0.39
Port: 80 is open

Scanning IP 192.168.0.42
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.43
Port: 80 is open
Port: 8080 is open
Port: 8888 is open

Scanning IP 192.168.0.44
Port: 80 is open
Port: 8080 is open
Port: 3306 is open


Scanning IP 192.168.0.49
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.50
Port: 80 is open

Scanning IP 192.168.0.51

Scanning IP 192.168.0.52
Port: 80 is open

Scanning IP 192.168.0.53

Scanning IP 192.168.0.54

Scanning IP 192.168.0.55
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.0.56
Port: 80 is open

Scanning IP 192.168.0.57
Port: 80 is open

Scanning IP 192.168.0.80
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.166
Port: 80 is open

Scanning IP 192.168.0.169
Port: 80 is open

Scanning IP 192.168.0.170
Port: 80 is open

Scanning IP 192.168.0.174
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.0.177
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.178

Scanning IP 192.168.0.179
Port: 80 is open

Scanning IP 192.168.0.180
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.181
Port: 80 is open

Scanning IP 192.168.0.184
Port: 80 is open

Scanning IP 192.168.0.185
Port: 3306 is open

Scanning IP 192.168.0.186
Port: 80 is open

Scanning IP 192.168.0.187
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.188
Port: 80 is open

Scanning IP 192.168.0.189
Port: 3306 is open

Scanning IP 192.168.0.248
Port: 80 is open

Scanning IP 192.168.0.254
Port: 80 is open





代理一下看看



酷我搜索 内网地址:192.168.0.161

kuwo3.PNG



192.168.0.80



打开乱码,看看源码就知道是酷我的



kuwo4.PNG





内网里再发现一枚文件上传



kuwo5.PNG







漏洞证明:

对酷我音乐的某个c段进行扫描



然后抓住一处文件上传,无限制

kuwo1.PNG





http://60.28.217.180:8040/ 这个端口任意文件下载



上传一个php文件试试,成功getshell



kuwo2.PNG





这样还不够证明酷我音乐,上个脚本把内网扫一扫



code 区域
Scanning IP 192.168.220.75

Scanning IP 192.168.220.76
Port: 80 is open

Scanning IP 192.168.220.77

Scanning IP 192.168.220.78
Port: 80 is open

Scanning IP 192.168.220.79

Scanning IP 192.168.220.80
Port: 80 is open

Scanning IP 192.168.220.81

Scanning IP 192.168.220.82

Scanning IP 192.168.220.83
Port: 80 is open

Scanning IP 192.168.220.84

Scanning IP 192.168.220.85
Port: 80 is open

Scanning IP 192.168.220.86
Port: 80 is open

Scanning IP 192.168.220.87
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.220.88
Port: 80 is open

Scanning IP 192.168.220.89
Port: 80 is open

Scanning IP 192.168.220.94
Port: 80 is open

Scanning IP 192.168.220.95
Port: 80 is open

Scanning IP 192.168.220.96

Scanning IP 192.168.220.97

Scanning IP 192.168.220.98
Port: 8888 is open

Scanning IP 192.168.220.99
Port: 8888 is open

Scanning IP 192.168.220.100

Scanning IP 192.168.220.101

Scanning IP 192.168.220.102
Port: 80 is open

Scanning IP 192.168.220.103
Port: 8888 is open

Scanning IP 192.168.220.104
Port: 80 is open

Scanning IP 192.168.220.105
Port: 80 is open

Scanning IP 192.168.220.106
Port: 80 is open

Scanning IP 192.168.0.28
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.29
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.35
Port: 3306 is open

Scanning IP 192.168.0.36
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.37
Port: 80 is open

Scanning IP 192.168.0.38

Scanning IP 192.168.0.39
Port: 80 is open

Scanning IP 192.168.0.42
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.43
Port: 80 is open
Port: 8080 is open
Port: 8888 is open

Scanning IP 192.168.0.44
Port: 80 is open
Port: 8080 is open
Port: 3306 is open


Scanning IP 192.168.0.49
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.50
Port: 80 is open

Scanning IP 192.168.0.51

Scanning IP 192.168.0.52
Port: 80 is open

Scanning IP 192.168.0.53

Scanning IP 192.168.0.54

Scanning IP 192.168.0.55
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.0.56
Port: 80 is open

Scanning IP 192.168.0.57
Port: 80 is open

Scanning IP 192.168.0.80
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.166
Port: 80 is open

Scanning IP 192.168.0.169
Port: 80 is open

Scanning IP 192.168.0.170
Port: 80 is open

Scanning IP 192.168.0.174
Port: 80 is open
Port: 3306 is open

Scanning IP 192.168.0.177
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.178

Scanning IP 192.168.0.179
Port: 80 is open

Scanning IP 192.168.0.180
Port: 80 is open
Port: 8080 is open
Port: 3306 is open

Scanning IP 192.168.0.181
Port: 80 is open

Scanning IP 192.168.0.184
Port: 80 is open

Scanning IP 192.168.0.185
Port: 3306 is open

Scanning IP 192.168.0.186
Port: 80 is open

Scanning IP 192.168.0.187
Port: 80 is open
Port: 8080 is open

Scanning IP 192.168.0.188
Port: 80 is open

Scanning IP 192.168.0.189
Port: 3306 is open

Scanning IP 192.168.0.248
Port: 80 is open

Scanning IP 192.168.0.254
Port: 80 is open





代理一下看看



酷我搜索 内网地址:192.168.0.161

kuwo3.PNG



192.168.0.80



打开乱码,看看源码就知道是酷我的



kuwo4.PNG





内网里再发现一枚文件上传



kuwo5.PNG



修复方案:

你们懂


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
θ
#1楼
发帖时间:2016-7-15   |   查看数:0   |   回复数:0
游客组