bakabtw/Cool-Y.github.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Site updated: 2019-07-27 14:41:41

Browse Source
This commit is contained in:
Cool-Y
2019-07-27 14:42:04 +08:00
parent 50ac5928c3
commit b13450713e
100 changed files with 171 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
page/2/index.html
View File

@ -733,7 +733,7 @@ WinDbg
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/03/25/Samba-CVE/" itemprop="url">小米路由器与Samba漏洞CVE-2017-7494</a></h1>
<a class="post-title-link" href="/2019/03/25/Samba-CVE/" itemprop="url">某厂商路由器与Samba漏洞CVE-2017-7494</a></h1>
<div class="post-meta">
@ -785,7 +785,7 @@ WinDbg
<span id="/2019/03/25/Samba-CVE/" class="leancloud_visitors" data-flag-title="小米路由器与Samba漏洞CVE-2017-7494">
<span id="/2019/03/25/Samba-CVE/" class="leancloud_visitors" data-flag-title="某厂商路由器与Samba漏洞CVE-2017-7494">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
@ -808,7 +808,7 @@ WinDbg
</span>
<span title="字数统计">
1.6k 字
1.7k 字
</span>
@ -822,7 +822,7 @@ WinDbg
</span>
<span title="阅读时长">
6 分钟
7 分钟
</span>
</div>
@ -845,11 +845,13 @@ WinDbg
小米路由器与Samba漏洞CVE-2017-7494漏洞描述Samba服务器软件存在远程执行代码漏洞。攻击者可以利用客户端将指定库文件上传到具有可写权限的共享目录会导致服务器加载并执行指定的库文件。具体执行条件如下
漏洞描述Samba服务器软件存在远程执行代码漏洞。攻击者可以利用客户端将指定库文件上传到具有可写权限的共享目录会导致服务器加载并执行指定的库文件。具体执行条件如下
服务器打开了文件/打印机共享端口445让其能够在公网上访问
共享文件拥有写
共享文件拥有写入权限
恶意攻击者需猜解Samba服务端共享目录的
...
<!--noindex-->
<div class="post-button text-center">
@ -2347,7 +2349,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">67.6k</span>
<span title="Site words total count">67.7k</span>
</div>

2
page/3/index.html
View File

@ -795,7 +795,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">67.6k</span>
<span title="Site words total count">67.7k</span>
</div>