Shulou(Shulou.com)05/31 Report--

Today, I will tell you how to reproduce the vulnerability of downloading arbitrary files in Webug shooting range. The content of the article is good. Now I would like to share it with you. Friends who feel in need can understand it. I hope it will be helpful to you. Let's read it along with the editor's ideas.

Brief description of the vulnerability:

Some websites may provide the function of viewing or downloading files due to business requirements. If there are no restrictions on the files viewed or downloaded by users, malicious users can view or download some sensitive files, such as configuration information, source files, etc.

Cause of vulnerability:

There is a function to read the file

The path to read the file can be controlled by the user and is not checked or not strictly checked.

Output the file contents

Vulnerability hazards:

Download any files on the server, such as script code, service and system configuration files, etc., and further use the obtained information to do more harm.

The available code is further audited to get more exploitable vulnerabilities

Experimental environment: webug shooting range

Home page

BP grabs the bag

We change the path of url to send it to the repeater module.

Send under repeater module

Read out the code.

Put the bag and see if it can be downloaded.

Download it and audit it.

Found a path.

Download it using the method above

Found dbConn.php with a DATAPATH in front of it.

This could be a folder name.

Let's have a try.

There's no response. There must be no such folder.

Change to data

And found that dbConfig.php

download

Discover database password

The above is the Webug range arbitrary file download vulnerabilities how to reproduce all the content, more and Webug shooting range arbitrary file download vulnerabilities how to reproduce the related content can search the previous articles or browse the following articles to learn ha! I believe the editor will add more knowledge to you. I hope you can support it!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.