OICQ网站入侵事例一则 OICQ腾讯网站资料之详细说明篇那天下午由于为了帮朋友黑回被黑的OICQ,我 只好用我这点小技术去腾讯公司闯一闯,本文的消息只用来为那些想黑回被黑号地 朋友提供的资料! 希望那位高手能发扬光大!!! 202.96.170.188这是网站的IP地址,可以试试IP攻击,但多数不会成功! 有WEB 服务,哈哈,那你就可以看看用什么方法入侵主机。我们常用的是FTP 和和WEB 这两个服务,那么哈哈哈哈,你就可以用WEB 进行入侵! 系统是UNIX/WIN9X,这个消息很重要,因为你知道了服务器的地址,就可以知 道有那些微软的漏洞,你就可以用专门对付9X的软件和,UNIX击破,但这样做,多 数好的,重要的不是破坏,而是入侵! 下面这个数据是用FINGER扫描得来的,看看服务器的那些端口是开放的! 就可以由这些开放的端口,用合法的用户身份进入,当然你是不合法的随便找 个好几个月也没用的用户登陆吧! 202.96.170.175…… szptt170.szptt.net.cn 202.96.170.182…… szptt170.szptt.net.cn 202.96.170.183…… szptt170.szptt.net.cn 202.96.170.192…… szptt170.szptt.net.cn 202.96.170.249…… szptt170.szptt.net.cn 202.96.170.251…… szptt170.szptt.net.cn 202.96.170.253…… szptt170.szptt.net.cn 202.96.170.255…… szptt170.szptt.net.cn 下面这段是用CGI 扫描,看看服务器上提供了那些CGI ,结果发现一大堆! Target——> www.tencent.com HTTP/1.1 200 OK Date: Tue, 23 Jan 2001 07 :35:15 GMT Server: Apache/1.3.12(Unix) Connection: close Content-Type: text/html 下面的内容就是发现的服务器所提供的CGI ,所以说CGI 是很不安全的! Starting CGi Check…… Find: UnlG - backd00r @ /cgi-bin/unlg1.1 Find: UnlG - backd00r II hahahahaahah@ /cgi-bin/unlg1.2 Find: gH —— backd00r @ /cgi-bin/gH.cgi Find: THC - backd00r @ /cgi-bin/rwwwshell.pl Find: phf……classic@ /cgi-bin/phf Find: Count.cgi @ /cgi-bin/Count.cgi Find: test-cgi @ /cgi-bin/test-cgi Find: nph-test-cgi @ /cgi-bin/nph-test-cgi Find: php.cgi@ /cgi-bin/php.cgi Find: php.cgi @ /cgi-bin/php Find: phf.cgi@ /cgi-bin/phf.pp Find: handler @ /cgi-bin/handler Find: webgais @ /cgi-bin/webgais Find: websendmail @ /cgi-bin/websendmail Find: guestbook @ /cgi-bin/guestbook Find: webdist.cgi @ /cgi-bin/webdist.cgi Find: faxsurvey @ /cgi-bin/faxsurvey Find: htmlscript @ /cgi-bin/htmlscript Find: pfdisplay @ /cgi-bin/pfdispaly.cgi Find: perl.exe ——>f0r winnt@ /cgi-win/perl.exe Find: perl ——> f0r un1x @ /cgi-bin/perl Find: wwwboard.pl @ /cgi-bin/wwwboard.pl Find: wwwboard.cgi @ /cgi-bin/wwwboard.cgi Find: www-sql @ /cgi-bin/www-sql Find: view-source @ /cgi-bin/view-source Find: wwwadmin.pl@ /cgi-bin/wwwadmin.pl Find: formmail.pl@ /cgi-bin/formmail.pl Find: sendform.cgi@ /cgi-bin/sendform.cgi Find: wrap@ /cgi-bin/wrap Find: edit.pl @ /cgi-bin/edit.pl Find: perlshop.cgi@ /cgi-bin/perlshop.cgi Find: webbbs.cgi@ /cgi-bin/webbbs.cgi Find: whois_raw.cgi@ /cgi-bin/whois_raw.cgi Find: AnyBoard.cgi@ /cgi-bin/AnyBoard.cgi Find: rguest.exe@ /cgi-bin/rguest.exe Find: campas @ /cgi-bin/campas Find: aglimpse @ /cgi-bin/aglimpse Find: glimpse @ /cgi-bin/glimpse Find: man.sh @ /cgi-bin/man.sh Find: AT-admin.cgi @ /cgi-bin/AT-admin.cgi Find: filemail.pl @ /cgi-bin/filemail.pl Find: maillist.pl @ /cgi-bin/maillist.pl Find: jj @ /cgi-bin/jj Find: info2www @ /cgi-bin/info2www Find: files.pl @ /cgi-bin/files.pl Find: finger @ /cgi-bin/finger Find: bnbform.cgi @ /cgi-bin/bnbform.cgi Find: survey.cgi @ /cgi-bin/survey.cgi Find: AnyForm2 @ /cgi-bin/AnyForm2 Find: textcounter.pl @ /cgi-bin/textcounter.pl Find: classifields.cgi@ /cgi-bin/classifieds.cgi Find: environ.cgi @ /cgi-bin/environ.cgi Find: service.pwd @ /_vti_pvt/service.pwd Find: users.pwd @ /_vti_pvt/users.pwd Find: authors.pwd @ /_vti_pvt/authors.pwd Find: administrators @ /_vti_pvt/administrators.pwd Find: shtml.dll @ /_vti_pvt/shtml.dll Find: shtml.exe@ /_vti_pvt/shtml.exe Find: fpexe @ /_vti_bin/fpexe Find: args.bat @ /cgi-dos/args.bat Find: args.cmd ——> maybe a overflow@ /cgi-dos/args.cmd Find: uploader.exe @ /cgi-win/uploader.exe Find: wguest.exe@ /cgi-win/wguest.exe Find: wguest.exe@ /cgi-bin/wguest.exe Find: wguest.exe@ /scripts/wguest.exe Find: bdir - samples @ /scripts/issadmin/bdir.htr Find: CGImail.exe @ /scripts/CGImail.exe Find: getdrvs.exe @ /scripts/tools/getdrvs.exe Find: newdsn.exe @ /scripts/tools/newdsn.exe Find: fpcount.exe @ /scripts/fpcount.exe Find: counter.exe @ /scripts/counter.exe Find: visadmin.exe@ /scripts/visadmin.exe Find: openfile.cfm @ /cfdocs/expelval/openfile.cfm Find: exprcalc.cfm @ /cfdocs/expelval/exprcalc.cfm Find: dispopenedfile @ /cfdocs/expelval/displayopenedfile.cfm Find: sendmail.cfm @ /cfdocs/expelval/sendmail.cfm Find: search97.vts @ /search97.vts Find: carbo.dll@ /carbo.dll Find: PageServices@ /?PageServices Find: pfieffer.bat@ /scripts/pfieffer.bat Find: pfieffer.cmd@ /scripts/pfieffer.cmd Find: ads_data.pl——>the newest cgi bug by JFS:)@ /photoads/ads_data.pl Find: env.cgi——>the newest cgi bug by JFS:)@ /photoads/cgi-bin/env.cgi Find: photo_cfg.pl ——>the newest cgi bug by JFS:)@ /cgi-bin/photo_cfg.pl Find: password ——> I think it‘s maybe ……:)@ /password.log Find: password ——> I think it‘s maybe ……:)@ /password.dat Find: password ——> I think it‘s maybe ……:)@ /cgi-bin/password.log Find: password ——> I think it‘s maybe ……:)@ /cgi-bin/password.dat Find: user —— I think it ‘s Maybe ……)@ /user.log Find: user —— I think it ‘s Maybe ……)@ /user.dat Find: user —— I think it ‘s Maybe ……)@ /cgi-bin/user.log Find: user —— I think it ‘s Maybe ……)@ /cgi-bin/user.dat Find: fpcount.exe——> overfl0w bug@ /cgi-bin/fpcount.exe Find: fpcount.exe——> overfl0w bug@ /_vti_bin/fpcount.exe Find: contains the version of the FP extensions;new !@ /_vti_inf.html Find: showcode.asp@ /msadc/Samples/SELECTOR/showcode.asp Find: architext_query.pl -> allow run a shll cmd.@ /ews/ews/architext_query.pl Find: architext_query.pl -> allow run a shell cmd.@ /navigate/ews/ews/architext_query.pl Find: aglimpse -> a search script(perl);@ /cgi-bin/aglimpse Find: novall httpd Cgi bug ,can view anything@ /scripts/convert.bas Find: lsass.exe @ /scripts/lsass.exe Find: htmlscript ?……/ ……/ ……/ ……/etc/passwd@ /cgi-bin/htmlscript Find: advsearch.asp -> bug@ /iissamples/exair/search/advsearch.asp Find: change passwd bug@ /iisadmpwd/aexp2.htr Find: upload file bug@ /scripts/repost.asp Find: nph-publish Cgi@ /cgi-bin/nph-publish Find: domcfg.nsf/?open@ /domcfg.nsf/?open Find: achg.htr@ /iisadmpwd/achg.htr Find: aexp.htr @ /iisadmpwd/aexp.htr Find: aexp2.htr@ /iisadmpwd/aexp2.htr Find: aexp2b.htr@ /iisadmpwd/aexp2b.htr Find: aexp3.htr@ /iisadmpwd/aexp3.htr Find: aexp4.htr@ /iisadmpwd/aexp4.htr Find: aexp4b.htr@ /iisadmpwd/aexp4b.htr Find: anot.htr@ /iisadmpwd/anot.htr Find: anot3.htr@ /iisadmpwd/anot3.htr Find: day5datacopier.cgi@ /cgi-bin/day5datacopier.cgi Find: day5datanotifier.cgi@ /cgi-bin/day5datanotifier.cgi Find: _AuthChangeUrl@ /_AuthChangeUrl? Find: passwd@ /cgi-bin/passwd Find: passwd@ /cgi-bin/passwd.txt Find: passwd@ /cgi-bin/password Find: password.txt@ /cgi-bin/password.txt Find: adminlogin@ /session/adminlogin Find: ax.cgi@ /cgi-bin/ax.cgi Find: ax-admin.cgi@ /cgi-bin/ax-admin.cgi Find: dot dot bug@ / ……/autoexec.bat Find: guestbook.cgi@ /cgi-bin/guestbook.cgi Find: dumpenv.pl@ /cgi-bin/dumpenv.pl Find: upload.pl@ /cgi-bin/upload.pl Find: ~root@ /~root CGi Check over 最后用专门扫描CGI 漏洞的程序扫描其中36个CGI ,(那个软件自称是超级扫 描器) 但扫描的结果发现其中35个是PATH(补)上漏洞的,还有一个是ROOT,我高兴 一下,哈哈哈,既然是ROOT没打,天助我也,继续扫描才发现是禁用的,我靠! 所以说我这次搞来的资料似乎对我没用但黑客的哲学是没有没有用的资料! 希望那位大哥能用!!!!!!! -------- 黄金书屋