我喜欢黑夜,喜欢网络安全,孤独寂寞的黑夜里,我只需要,一包烟,一台笔记本...
更多
首  页>>JAVA安全开发>> 漏洞信息微软IIS 6.0和7.5的多个漏洞及利用方法
微软IIS 6.0和7.5的多个漏洞及利用方法
5634
1推荐
0评论

1.任何组织和个人不得利用此漏洞进行非法行为,Author:qing

微软的IIS 6.0安装PHP绕过认证漏洞

微软IIS与PHP 6.0
(这是对PHP5中的Windows Server 2003 SP1的测试)
详细说明:
攻击者可以发送一个特殊的请求发送到IIS 6.0服务
成功绕过访问限制
攻击者可以访问有密码保护的文件
例:
--> Example request (path to the file): /admin::$INDEX_ALLOCATION/index.php
(暂时没有翻译,怕影响精确度)
if the:$INDEX_ALLOCATION postfix is appended to directory name.
This can result in accessing administrative files and under special
circumstances execute arbirary code remotely

微软IIS 7.5经典的ASP验证绕过

受影响的软件:

.NET Framework 4.0
(.NET框架2.0是不受影响,其他.NET框架
尚未进行测试)
(在Windows 7测试)

详细说明:

通过添加 [ ":$i30:$INDEX_ALLOCATION" ] to the directory serving (便可成功绕过)
例:

There is a password protected directory configured that has administrative asp scripts inside

An attacker requests the directory with :$i30:$INDEX_ALLOCATION
appended to the directory name
IIS/7.5 gracefully executes the ASP script without asking for
proper credentials
IIS 7.5 NET源代码泄露和身份验证漏洞
(.NET 2.0和.NET 4.0中测试)
例:http://>/admin:$i30:$INDEX_ALLOCATION/admin.php will run

the PHP script without asking for proper credentials.
(暂时没有翻译)
By appending /.php to an ASPX file (or any other file using the .NET

framework that is not blocked through the request filtering rules,
like misconfigured: .CS,.VB files)
IIS/7.5 responds with the full source code of the file and executes it
as PHP code. This means that by using an upload feature it might be
possible (under special circumstances) to execute arbitrary PHP code.
Example: Default.aspx/.php
已经有 ( 0 ) 位网友对此发表了自己的看法,你也评一评吧! 此文不错,我要推荐-->    推 荐
欢迎参与讨论,请在这里发表您的看法、交流您的观点@禁止各种脚本

  • 点击Top
  • 推荐Top
  • 评论Top
更 多>>
本站采用Java语言开发,Spring框架,欢迎朋友们提意见。重新对页面进行布局,修改了程序,方便开源使用,由于本人美工真的不行 ,很少用背景图片,页面基本都用背景色...
主题:无色无味 | 网站地图|
Copyright (c) 2012-2013 www.shack2.org All Rights Reserved. | 空ICP备111111111号 | 程序设计: shack2 Powered by SJBlog v1.0 联系QQ:1341413415