duangsues.is_a? SaltedFish
@dsuses
60 subscribers
609 photos
6 videos
91 files
562 links
🌶🐔🐟 duangsuse 的日常
尤其喜欢发些奇奇怪怪的东西
和转载别人的东西
Download Telegram
About
Blog
Apps
Platform
Join
duangsues.is_a? SaltedFish
60 subscribers
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
voukgroup.org cpanel.voukgroup.org mail.voukgroup.org webdisk.voukgroup.org webmail.voukgroup.org www.voukgroup.org 🌚 改天 GeekApk 也用 cPanel 好了, 再加个 Webmin 和 phpMyAdmin
use exploit/linux/smtp/exim4_dovecot_exec 或许有效
voukgroup.org 等域名的 587 端口运行着 dovecot Exim
11 views
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
use exploit/linux/smtp/exim4_dovecot_exec 或许有效 voukgroup.org 等域名的 587 端口运行着 dovecot Exim
This media is not supported in your browser
VIEW IN TELEGRAM
11 views
duangsues.is_a? SaltedFish
刚才知道其实 cPanel 是 2018 年最新的
11 views
duangsues.is_a? SaltedFish
这样所有组件都很难渗透测试,找不到能用的漏洞
或许 XSS 是一种方法,但不好的是我没有能拿来 XSS 的服务器....
11 views
duangsues.is_a? SaltedFish
比较尴尬了(...
11 views
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
大概的报告: 45.62.110.178.16clouds.com 80: Apache 2.2.15 bwg,,可以正常访问,收到一份网址列表 Linux 2.6 (CentOS) mmallv2u.net 80:Tengine 443:ssl 843:adobe-crossdomain 1935:tcpwrapped Tiandy NVR (89%), IPCop 2 firewall (Linux 3.4) (87%), Linux 3.2 (87%) 103.208.220.66 22:ssh…
继续找
11 views
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
大概的报告: 45.62.110.178.16clouds.com 80: Apache 2.2.15 bwg,,可以正常访问,收到一份网址列表 Linux 2.6 (CentOS) mmallv2u.net 80:Tengine 443:ssl 843:adobe-crossdomain 1935:tcpwrapped Tiandy NVR (89%), IPCop 2 firewall (Linux 3.4) (87%), Linux 3.2 (87%) 103.208.220.66 22:ssh…
 
msf auxiliary(scanner/mysql/mysql_login) > set RHOSTS m-darts.com
RHOSTS => m-darts.com
msf auxiliary(scanner/mysql/mysql_login) > run

[+] 110.4.45.141:3306     - 110.4.45.141:3306 - Found remote MySQL version 5.5.58


msf auxiliary(scanner/mysql/mysql_login) > use exploit/linux/mysql/mysql_yassl_hello
msf exploit(linux/mysql/mysql_yassl_hello) > info
Platform: Linux

  This module exploits a stack buffer overflow in the yaSSL (1.7.5 and 
  earlier) implementation bundled with MySQL <= 6.0. By sending a 
  specially crafted Hello packet, an attacker may be able to execute 
  arbitrary code.

有可能 🌚 — 不行, 他们的版本还是太高 🌑
13 viewsedited  
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
很多都是 WordPress 站, 不信 WPScan 这些站其实都是 voukgroup.org (103.233.0.244) 分出来的虚拟主机, 前者使用 cPanel, WordPress 4.8.6 和 RHEL6 https://t.iss.one/dsuses/1357 他们「公司」的人注册的 https://charity100.org https://macademy.asia # 使用了 CF 防护 https://makefamousnow.com https://mega7holding.com…
https://www.freebuf.com/vuls/153959.html
15 views
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
[i] WordPress version can not be detected Name: wp-maintenance-mode - v1.8.3 The version is out of date, the latest version is 2.1.2
或许这个的版本符合
15 views
duangsues.is_a? SaltedFish
https://www.freebuf.com/vuls/150203.html
15 views
duangsues.is_a? SaltedFish
#INFO #life 这次测试到此结束 🌚
如果以后再有动态重启
明天依旧继续开发 GeekApk
依然保持 0 shell(s) 的成绩, 同时也没有成功利用任何 bypass/越权漏洞
保持 0% 的成功纪录
28 viewsedited  
duangsues.is_a? SaltedFish
This media is not supported in your browser
VIEW IN TELEGRAM
11 views
duangsues.is_a? SaltedFish
This media is not supported in your browser
VIEW IN TELEGRAM
12 views
duangsues.is_a? SaltedFish
#life 倒霉,昨天中午自己炒了一盘 bian(Fictx 打不出来..) 豆, 夹生了....
11 views
duangsues.is_a? SaltedFish
duangsues.is_a? SaltedFish
#life 倒霉,昨天中午自己炒了一盘 bian(Fictx 打不出来..) 豆, 夹生了....
现在肚子疼 😂
11 views
duangsues.is_a? SaltedFish
又得喝那啥正气水..
12 views
duangsues.is_a? SaltedFish
(迫真)我回来就是为了做 GeekApk 😂
12 views
duangsues.is_a? SaltedFish
的确做了啊(确信)
13 viewsedited  
duangsues.is_a? SaltedFish
Forwarded from dnaugsuz
yay~ _(:P ゝ∠)_
15 views
duangsues.is_a? SaltedFish
总算解决图标的问题了(
16 views
duangsues.is_a? SaltedFish
@pandecheng 的图标貌似被冷落了....
16 views