bakabtw/Cool-Y.github.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Site updated: 2021-03-02 14:31:11

Browse Source
This commit is contained in:
Cool-Y
2021-03-02 14:31:33 +08:00
parent 47c3cbb555
commit 6a8dc3fae3
122 changed files with 4398 additions and 1357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

386
page/2/index.html
View File

@ -277,6 +277,194 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/07/24/web-dvwa/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/07/24/web-dvwa/" itemprop="url">DVWA黑客攻防平台</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-07-24T11:46:51+08:00">
2019-07-24
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/web/" itemprop="url" rel="index">
<span itemprop="name">web</span>
</a>
</span>
</span>
<span id="/2019/07/24/web-dvwa/" class="leancloud_visitors" data-flag-title="DVWA黑客攻防平台">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
7.1k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
31 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
搭建环境最好使用docker来搭建方便迁移 https://hub.docker.com/r/vulnerables/web-dvwa/
暴力破解easy模式
密码破解是从存储在计算机系统中或由计算机系统传输的数据中恢复密码的过程。一种常见的方法是反复尝试密码的猜测。用户经常选择弱密码。不安全选择
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/07/24/web-dvwa/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
@ -1955,198 +2143,6 @@ WinDbg
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/03/25/Samba-CVE/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/03/25/Samba-CVE/" itemprop="url">某厂商路由器与Samba漏洞CVE-2017-7494</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-03-25T13:45:16+08:00">
2019-03-25
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/IOT/" itemprop="url" rel="index">
<span itemprop="name">IOT</span>
</a>
</span>
</span>
<span id="/2019/03/25/Samba-CVE/" class="leancloud_visitors" data-flag-title="某厂商路由器与Samba漏洞CVE-2017-7494">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
1.7k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
7 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
漏洞描述Samba服务器软件存在远程执行代码漏洞。攻击者可以利用客户端将指定库文件上传到具有可写权限的共享目录会导致服务器加载并执行指定的库文件。具体执行条件如下
服务器打开了文件/打印机共享端口445让其能够在公网上访问
共享文件拥有写入权限
恶意攻击者需猜解Samba服务端共享目录的
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/03/25/Samba-CVE/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
@ -2219,7 +2215,7 @@ WinDbg
<a href="/archives/">
<span class="site-state-item-count">28</span>
<span class="site-state-item-count">29</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -2241,7 +2237,7 @@ WinDbg
<div class="site-state-item site-state-tags">
<a href="/tags/index.html">
<span class="site-state-item-count">52</span>
<span class="site-state-item-count">53</span>
<span class="site-state-item-name">标签</span>
</a>
</div>
@ -2317,7 +2313,7 @@ WinDbg
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">100.2k</span>
<span title="Site words total count">100.6k</span>
</div>

198
page/3/index.html
View File

@ -277,6 +277,198 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/03/25/Samba-CVE/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/03/25/Samba-CVE/" itemprop="url">某厂商路由器与Samba漏洞CVE-2017-7494</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-03-25T13:45:16+08:00">
2019-03-25
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/IOT/" itemprop="url" rel="index">
<span itemprop="name">IOT</span>
</a>
</span>
</span>
<span id="/2019/03/25/Samba-CVE/" class="leancloud_visitors" data-flag-title="某厂商路由器与Samba漏洞CVE-2017-7494">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
1.7k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
7 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
漏洞描述Samba服务器软件存在远程执行代码漏洞。攻击者可以利用客户端将指定库文件上传到具有可写权限的共享目录会导致服务器加载并执行指定的库文件。具体执行条件如下
服务器打开了文件/打印机共享端口445让其能够在公网上访问
共享文件拥有写入权限
恶意攻击者需猜解Samba服务端共享目录的
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/03/25/Samba-CVE/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
@ -1797,7 +1989,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<a href="/archives/">
<span class="site-state-item-count">28</span>
<span class="site-state-item-count">29</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -1819,7 +2011,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<div class="site-state-item site-state-tags">
<a href="/tags/index.html">
<span class="site-state-item-count">52</span>
<span class="site-state-item-count">53</span>
<span class="site-state-item-name">标签</span>
</a>
</div>
@ -1895,7 +2087,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">100.2k</span>
<span title="Site words total count">100.6k</span>
</div>