Anti-Michara: Beware of FrontPage

xiaoxiao2021-03-06  54

FrontPage Extended Privilege Hole (called the flow of light) refers to the case where the network administrator uses FrontPage to manage your own site. This is not an aura that can only be considered a configuration, just like the default empty password SQL Server. But as the latest version of FrontPage, the latest version of SQL Server will no longer make this low-level mistake. If you take a scanning software to make large-area scan probes on the network, you will find that there are still many computers on the network. Just company let me summarize some common attack methods on the Internet, so we started from it. First, the previous scan recording and results are first determined to do today's demo.

Open the local installed Microsoft FrontPage Select Open Site Project from the File menu.

The host address format whose security problem is written in the dialog box that pops up open site is: http: // ip is then click Open.

Depending on the network situation, after a while we can see the directory structure and files in the remote site in Microsoft FrontPage, which we can freely operate the site files of the remote host like local editing.

Depending on the structure of the observation, I know that the other party is a site that uses ASP and SQL Server interacting, so the source file content of the other party ASP is traveled, and the password of the other SQL Server database administrator SA will be found. Use this password to remotely connect to the administrator's permissions directly.

Another way is to choose a new ASP file on the other site, using the ASP remote management function to achieve access restrictions on the web page.

Here I simply copy a very popular cmd.asp, which can achieve an ASP file for interacting CMD environments through a page manner.

After completing, select Save Microsoft FrontPage automatically saved our newly created files in a remote web directory. Now we can directly access this ASP back door with IE. The above is the return result of the DIR C: / command. . It can be seen that a small configuration error hazard is very large, I hope that all network managers pay more attention.

转载请注明原文地址:https://www.9cbs.com/read-118023.html

New Post(0)