cheetah
cheetah copied to clipboard
测试了php、asp的shell,但都无法发现密码
已经测试了php和asp的shell,而且密码已经手工测试过,即使只将已知密码写入新的字典(只有这1条密码),也无法发现。更换get、post方式都无效。
谢谢反馈,有没有详细一点的截图呢,有空我排查一下。
--------------原始邮件-------------- 发件人:"tysmlq "[email protected]; 发送时间:2019年4月19日(星期五) 上午10:52 收件人:"sunnyelf/cheetah" [email protected]; 抄送:"Subscribed "[email protected]; 主题:[sunnyelf/cheetah] 测试了php、asp的shell,但都无法发现密码 (#14)
已经测试了php和asp的shell,而且密码已经手工测试过,即使只将已知密码写入新的字典(只有这1条密码),也无法发现。更换get、post方式都无效。
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
传不上图片,把破解会话过程传上来了 root@kali:~/cheetah-master# python cheetah.py -u http://192.168.100.25:8000/ecshop/lq.php -p ./1.txt
[10:55:46] [INFO] the cheetah start execution [10:55:46] [HINT] using POST request mode [10:55:46] [HINT] setting request interval seconds 0 [10:55:46] [HINT] using dictionary-based password attack [10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [WARN] not specify the web server or shell type [10:55:46] [INFO] detecting server info of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [HINT] the shell type may be php [10:55:46] [HINT] web server may be Apache/2.4.10 (Win32) OpenSSL/0.9.8zb PHP/5.2.17 [10:55:46] [HINT] web server may be x-powered-by PHP/5.2.17 [10:55:46] [WARN] you did not specify the maximum request parameter [10:55:46] [INFO] setting the number of request parameters 1000 [10:55:46] [INFO] opening password file ./1.txt [10:55:46] [HINT] using password file ./1.txt [10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [WARN] the cheetah did not find the webshell password [10:55:46] [HINT] try to change a better password dictionary file [10:55:46] [HINT] try to specify a smaller value of parameter -n [10:55:46] [HINT] try to specify parameter -r for GET request [10:55:46] [INFO] the cheetah end execution
1.txt只有一个lq.php的密码是吧?能否发一下lq.php呢?
--------------原始邮件-------------- 发件人:"tysmlq "[email protected]; 发送时间:2019年4月19日(星期五) 中午11:05 收件人:"sunnyelf/cheetah" [email protected]; 抄送:"Levi Li "[email protected];"Comment "[email protected]; 主题:Re: [sunnyelf/cheetah] 测试了php、asp的shell,但都无法发现密码 (#14)
传不上图片,把破解会话过程传上来了 root@kali:~/cheetah-master# python cheetah.py -u http://192.168.100.25:8000/ecshop/lq.php -p ./1.txt
[10:55:46] [INFO] the cheetah start execution [10:55:46] [HINT] using POST request mode [10:55:46] [HINT] setting request interval seconds 0 [10:55:46] [HINT] using dictionary-based password attack [10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [WARN] not specify the web server or shell type [10:55:46] [INFO] detecting server info of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [HINT] the shell type may be php [10:55:46] [HINT] web server may be Apache/2.4.10 (Win32) OpenSSL/0.9.8zb PHP/5.2.17 [10:55:46] [HINT] web server may be x-powered-by PHP/5.2.17 [10:55:46] [WARN] you did not specify the maximum request parameter [10:55:46] [INFO] setting the number of request parameters 1000 [10:55:46] [INFO] opening password file ./1.txt [10:55:46] [HINT] using password file ./1.txt [10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php [10:55:46] [WARN] the cheetah did not find the webshell password [10:55:46] [HINT] try to change a better password dictionary file [10:55:46] [HINT] try to specify a smaller value of parameter -n [10:55:46] [HINT] try to specify parameter -r for GET request [10:55:46] [INFO] the cheetah end execution
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.
传不上附件,已发邮件。
没有收到相关截图和文件,直接打包成附件发送我邮箱吧。
--------------原始邮件-------------- 发件人:"tysmlq "[email protected]; 发送时间:2019年4月19日(星期五) 中午11:13 收件人:"sunnyelf/cheetah" [email protected]; 抄送:"Levi Li "[email protected];"Comment "[email protected]; 主题:Re: [sunnyelf/cheetah] 测试了php、asp的shell,但都无法发现密码 (#14)
附上命令行截图、shell登录前截图、shell登录进去的截图、shell和1.txt
2019-04-19
tysmlq
发件人: Levi Li
发送时间: 2019-04-19 11:10:50
收件人: sunnyelf/cheetah
抄送: tysmlq; Author
主题: Re:_[sunnyelf/cheetah]测试了php、asp的shell,但都无法发现密码(#14)
1.txt只有一个lq.php的密码是吧?能否发一下lq.php呢?
--------------原始邮件--------------
发件人:"tysmlq "[email protected];
发送时间:2019年4月19日(星期五) 中午11:05
收件人:"sunnyelf/cheetah" [email protected];
抄送:"Levi Li "[email protected];"Comment "[email protected];
主题:Re: [sunnyelf/cheetah] 测试了php、asp的shell,但都无法发现密码 (#14)
传不上图片,把破解会话过程传上来了
root@kali:~/cheetah-master# python cheetah.py -u http://192.168.100.25:8000/ecshop/lq.php -p ./1.txt
[10:55:46] [INFO] the cheetah start execution
[10:55:46] [HINT] using POST request mode
[10:55:46] [HINT] setting request interval seconds 0
[10:55:46] [HINT] using dictionary-based password attack
[10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php
[10:55:46] [WARN] not specify the web server or shell type
[10:55:46] [INFO] detecting server info of http://192.168.100.25:8000/ecshop/lq.php
[10:55:46] [HINT] the shell type may be php
[10:55:46] [HINT] web server may be Apache/2.4.10 (Win32) OpenSSL/0.9.8zb PHP/5.2.17
[10:55:46] [HINT] web server may be x-powered-by PHP/5.2.17
[10:55:46] [WARN] you did not specify the maximum request parameter
[10:55:46] [INFO] setting the number of request parameters 1000
[10:55:46] [INFO] opening password file ./1.txt
[10:55:46] [HINT] using password file ./1.txt
[10:55:46] [INFO] cracking password of http://192.168.100.25:8000/ecshop/lq.php
[10:55:46] [WARN] the cheetah did not find the webshell password
[10:55:46] [HINT] try to change a better password dictionary file
[10:55:46] [HINT] try to specify a smaller value of parameter -n
[10:55:46] [HINT] try to specify parameter -r for GET request
[10:55:46] [INFO] the cheetah end execution
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.