Comments (5)
参数s是空的
from cve-2020-0688.
@godheyu
哪一个s?返回包还是正则匹配的结果?
你可以先用Detect进行验证,以及访问LiveIdError.aspx确认是否存在,之后用arch命令看是否有回显,看一下是哪一步出了问题。
我测试的多个环境还没出现过这种情况,所以没法复现你说的问题。
from cve-2020-0688.
遇到同样的问题,detect验证是没问题的,但是cmd不行
抓到的 response:
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
request-id: 5440d0bb-b7f2-4ce2-9044-0b7b134f1efe
X-CalculatedBETarget: win-i1ip7vgf5al.test.com
X-Content-Type-Options: nosniff
X-DiagInfo: WIN-I1IP7VGF5AL
X-BEServer: WIN-I1IP7VGF5AL
X-UA-Compatible: IE=10
X-AspNet-Version: 4.0.30319
Set-Cookie: msExchEcpCanary=PBj1Eex8IEmGi6vFD37aqJlxPaD3ytcISB4Gz35xmV2luQNNdIMmB1HV0KZlMoYc8kdUYcIIyX4.; path=/ecp; secure
Set-Cookie: X-BackEndCookie=S-1-5-21-2402718306-434039336-2810486681-500=u56Lnp2ejJqBzJnJmpvPzJzSy5zOyNLLycvK0seZnp7SysjMnJ2byp7NzJnKgYHNz83P0s/L0s7Iq8/LxcvHxczG; expires=Fri, 17-Apr-2020 04:48:39 GMT; path=/ecp; secure; HttpOnly
X-Powered-By: ASP.NET
X-FEServer: WIN-I1IP7VGF5AL
Date: Wed, 18 Mar 2020 04:48:39 GMT
Connection: close
Content-Length: 0
from cve-2020-0688.
from cve-2020-0688.
确实是4.8,师傅能大概说下是哪里导致的bug么
from cve-2020-0688.
Related Issues (9)
- How about 2010 sp3? I fail. HOT 3
- fail to create dummy file HOT 1
- RemoteStub.cs? HOT 2
- LiveIdError.aspx HOT 1
- exec <cmd> Error HOT 1
- Detect Error HOT 1
- 因多次执行命令导致线程锁死无法执行命令
- Exploit and detect tools for CVE-2020-0688
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cve-2020-0688.