流光结果:
端口扫描
21(FTP Control)
80(HTTP)
3389(TERMINAL)
389(LDAP)
CGI扫描
WEB版本信息: Microsoft-IIS/5.0
扫描成功CGI漏洞
/scripts/samples/search/author.idq (HTTP: 200 )
/scripts/samples/search/simple.idq (HTTP: 200 )
/scripts/samples/search/qfullhit.htw (HTTP: 200 )
/scripts/samples/search/filetime.idq (HTTP: 200 )
/scripts/samples/search/filesize.idq (HTTP: 200 )
/scripts/samples/search/queryhit.idq (HTTP: 200 )
/scripts/samples/search/query.idq (HTTP: 200 )
/scripts/samples/search/qsumrhit.htw (HTTP: 200 )
/index.asp%81 (HTTP: 200 )
/blabla.idq (HTTP: 200 )
/abczxv.htw (HTTP: 200 )
/*.idq (HTTP: 200 )
/*.ida (HTTP: 200 )
/?PageServices (HTTP: 200 )
Plugins
IIS5.0 .Printer Exploit(Grant System Privileges)
可以远程连接,用输入法入侵失败,IDA路径错误,IISHACK连接失败,请教还有其他方法吗?
|
