mirror of
https://github.com/nganhkhoa/CTF-All-In-One.git
synced 2024-12-24 19:21:15 +07:00
add 7.1.4
This commit is contained in:
parent
784a2b7fd6
commit
c27b6dba81
@ -120,6 +120,7 @@ GitHub 地址:https://github.com/firmianay/CTF-All-In-One
|
|||||||
* [7.1.1 [CVE-2017-11543] tcpdump 4.9.0 Buffer Overflow](doc/7.1.1_tcpdump_2017-11543.md)
|
* [7.1.1 [CVE-2017-11543] tcpdump 4.9.0 Buffer Overflow](doc/7.1.1_tcpdump_2017-11543.md)
|
||||||
* [7.1.2 [CVE-2015-0235] glibc 2.17 Buffer Overflow](doc/7.1.2_glibc_2015-0235.md)
|
* [7.1.2 [CVE-2015-0235] glibc 2.17 Buffer Overflow](doc/7.1.2_glibc_2015-0235.md)
|
||||||
* [7.1.3 [CVE-2016-4971] wget 1.17.1 Arbitrary File Upload](doc/7.1.3_wget_2016-4971.md)
|
* [7.1.3 [CVE-2016-4971] wget 1.17.1 Arbitrary File Upload](doc/7.1.3_wget_2016-4971.md)
|
||||||
|
* [7.1.4 [CVE-2017-13089] wget 1.19.1 Buffer Overflow](doc/7.1.4_wget_2017-13089.md)
|
||||||
* [八、附录](doc/8_appendix.md)
|
* [八、附录](doc/8_appendix.md)
|
||||||
* [8.1 更多 Linux 工具](doc/8.1_Linuxtools.md)
|
* [8.1 更多 Linux 工具](doc/8.1_Linuxtools.md)
|
||||||
* [8.2 更多 Windows 工具](doc/8.2_wintools.md)
|
* [8.2 更多 Windows 工具](doc/8.2_wintools.md)
|
||||||
|
@ -98,6 +98,7 @@ $ sudo apt-get install libneon27-gnutls-dev
|
|||||||
$ wget https://ftp.gnu.org/gnu/wget/wget-1.17.1.tar.gz
|
$ wget https://ftp.gnu.org/gnu/wget/wget-1.17.1.tar.gz
|
||||||
$ tar zxvf wget-1.17.1.tar.gz
|
$ tar zxvf wget-1.17.1.tar.gz
|
||||||
$ cd wget-1.17.1
|
$ cd wget-1.17.1
|
||||||
|
$ ./configure
|
||||||
$ make && sudo make install
|
$ make && sudo make install
|
||||||
```
|
```
|
||||||
发出请求:
|
发出请求:
|
||||||
|
34
doc/7.1.4_wget_2017-13089.md
Normal file
34
doc/7.1.4_wget_2017-13089.md
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
# 7.1.4 [CVE-2017-13089] wget 1.19.1 Buffer Overflow
|
||||||
|
|
||||||
|
- [漏洞描述](#漏洞描述)
|
||||||
|
- [漏洞复现](#漏洞复现)
|
||||||
|
- [漏洞分析](#漏洞分析)
|
||||||
|
- [参考资料](#参考资料)
|
||||||
|
|
||||||
|
|
||||||
|
[下载文件](../src/exploit/7.1.4_wget_2017-13089)
|
||||||
|
|
||||||
|
## 漏洞描述
|
||||||
|
wget 是一个从网络上自动下载文件的工具,支持通过 HTTP、HTTPS、FTP 三种最常见的 TCP/IP 协议。
|
||||||
|
|
||||||
|
## 漏洞复现
|
||||||
|
| |推荐使用的环境 | 备注
|
||||||
|
--- | --- | ---
|
||||||
|
操作系统 | Ubuntu 16.04 | 体系结构:64 位
|
||||||
|
漏洞软件 | wget | 版本号:1.19.1
|
||||||
|
|
||||||
|
```
|
||||||
|
$ sudo apt-get install libneon27-gnutls-dev
|
||||||
|
$ wget https://ftp.gnu.org/gnu/wget/wget-1.19.1.tar.gz
|
||||||
|
$ tar zxvf wget-1.19.1.tar.gz
|
||||||
|
$ cd wget-1.19.1
|
||||||
|
$ ./configure
|
||||||
|
$ make && sudo make install
|
||||||
|
$ wget -V | head -n1
|
||||||
|
GNU Wget 1.19.1 built on linux-gnu.
|
||||||
|
```
|
||||||
|
|
||||||
|
## 漏洞分析
|
||||||
|
|
||||||
|
## 参考资料
|
||||||
|
- [CVE-2017-13089 Detail](https://nvd.nist.gov/vuln/detail/CVE-2017-13089)
|
@ -3,3 +3,4 @@
|
|||||||
- [7.1.1 [CVE-2017-11543] tcpdump 4.9.0 Buffer Overflow](7.1.1_tcpdump_2017-11543.md)
|
- [7.1.1 [CVE-2017-11543] tcpdump 4.9.0 Buffer Overflow](7.1.1_tcpdump_2017-11543.md)
|
||||||
- [7.1.2 [CVE-2015-0235] glibc 2.17 Buffer Overflow](7.1.2_glibc_2015-0235.md)
|
- [7.1.2 [CVE-2015-0235] glibc 2.17 Buffer Overflow](7.1.2_glibc_2015-0235.md)
|
||||||
- [7.1.3 [CVE-2016-4971] wget 1.17.1 Arbitrary File Upload](7.1.3_wget_2016-4971.md)
|
- [7.1.3 [CVE-2016-4971] wget 1.17.1 Arbitrary File Upload](7.1.3_wget_2016-4971.md)
|
||||||
|
- [7.1.4 [CVE-2017-13089] wget 1.19.1 Buffer Overflow](7.1.4_wget_2017-13089.md)
|
||||||
|
Loading…
Reference in New Issue
Block a user