Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ About phpwind 5.01-5.3 0day analysis of the article     - 11 you Linux Terminal Command (Linux)

- Oracle 10g after the failure to start the upgrade (Oracle instance terminated. Disconnection forced) (Database)

- Quick paging ROW_NUMBER conducted (Database)

- C ++ thread creates transmission parameters are changed (Programming)

- Nginx log cutting and MySQL script regular backup script (Server)

- Linux memory management -free learning experience (Linux)

- ElasticSearch basic usage and cluster structures (Server)

- Troubleshooting Linux virtual machine device id and the letter of inconsistencies (Linux)

- CentOS 7.0 Automatic installation CD-ROM production Comments (Linux)

- Overall Physical Migration of Oracle Database with (Database)

- Linux system package manager (rpm, yum, source packages installation) (Linux)

- Ubuntu method for single-card dual-IP (Linux)

- Recent Consolidation Using Linux security module (Linux)

- Hadoop2.0 configuration yarn success (Server)

- The Java Properties class action (Programming)

- How to achieve the MySQL Oracle table associated with the two operations update (Database)

- Actual SSH port forwarding (Linux)

- Source encountered problems and solutions when installing SaltStack (Server)

- The difference between statement and preparedStatement of the jdbc (Database)

- Thunderbird 24.4.2 has been released for use with PPA updates (Linux)

 
         
  About phpwind 5.01-5.3 0day analysis of the article
     
  Add Date : 2018-11-21      
         
         
         
  Today luoluo cattle caught under the package, this vulnerability very cattle :)
passport_client.php was not initialized variables can bypass those judgments:

if (! $ passport_ifopen || $ passport_type! = 'client') {
  exit ( "Passport closed (PHPWind)");
} // Submit: passport_ifopen = 1 & passport_type = client bypass


if (md5 ($ action. $ userdb. $ forward. $ passport_key)! = $ verify) {
  exit ( 'Illegal request (PHPWind)');
} // Variables which can be customized, so you can bypass sy about

parse_str (StrCode ($ userdb, 'DECODE'), $ userdb); // Note StrCode ($ userdb, 'DECODE'), so the variables you want your submission $ userdb, StrCode ($ userdb, 'DECODE') coding a bit

if ($ action == 'login') {// submit action = login

  if (! $ userdb [ 'time'] ||! $ userdb [ 'username'] ||! $ userdb [ 'password']) {
    exit ( "Lack of parameters (PHPWind)");
  } // After the data have submitted $ userdb decoding

  if ($ timestamp- $ userdb [ 'time']> 3600) {
    exit ( 'Passport request expired (PHPWind)');
  } // Submitted userdb [ 'time'] bigger
.....
  $ Rt = $ db-> get_one ( "SELECT uid $ sql FROM pw_members WHERE username = '$ userdb [username]'");
  if ($ rt) {// if the user then call the following statement to change passwords

          $ Sql ​​&& $ db-> update ( "UPDATE pw_members SET $ sql WHERE uid = '$ rt [uid]'");
    $ Sql2 && $ db-> update ( "UPDATE pw_memberdata SET $ sql2 WHERE uid = '$ rt [uid]'");

      } Else // If there is no increase in user calls the following {a

    $ Db-> update ( "REPLACE INTO pw_members ($ sql1, groupid, memberid, gender, regdate, signchange) VALUES ($ sql2, '- 1', '8', '0', '$ timestamp', '1' ) ");

  ..............
     
         
         
         
  More:      
 
- Gitblit adopted Ticket collaborative development model (Linux)
- Java thread pool: ExecutorService, Executors (Programming)
- Linux console password solution (Programming)
- Memcached source installation and configuration under CentOS 6.6 (Server)
- Linux installed and tested the deployment of Kafka distributed cluster (Server)
- Python image processing library (PIL) to install and simple to use (Linux)
- To install the latest version of Shotwell 0.18 under Ubuntu (Linux)
- Weld a problem in JDK 8u60 environment (Programming)
- How do I switch from NetworkManager to systemd-network on Linux (Linux)
- ARM Linux system call (Linux)
- Ubuntu installed racing game Speed Dreams 2.1 (Linux)
- Modular JavaScript (Programming)
- Android Studio Personalization (Linux)
- Zabbix monitoring tool deployment under Ubuntu server (Server)
- Oracle RAC node on the expulsion of the inspection process on OEL6.3 (Database)
- To install Internet security firewall Raiders (Linux)
- 10 practical Java programming technology (Programming)
- Linux Variable content removal and replacement (Linux)
- Java Access Control (Programming)
- VirtualBox virtual machine to install Linux (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.