nmap扫描出来一个csrf漏洞
C:\nmap 192.168.1.1 --script=auth,vuln Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-21 23:19 ?D1ú±ê×?ê±?? mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers Stats: 0:02:00 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan NSE Timing: About 98.59% done; ETC: 23:21 (0:00:00 remaining) Nmap scan report for 192.168.1.1 Host is up (0.0044s latency). Not shown: 997 closed ports PORT STATE SERVICE 80/tcp open http |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug) | http-csrf: | Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.1.1 | Found the following possible CSRF vulnerabilities: | | Path: http://192.168.1.1:80/ | Form id: top |_ Form action: javascript:submit(); |_http-dombased-xss: Couldn't find any DOM based XSS. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities. |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) 5080/tcp open onscreen 8080/tcp open http-proxy |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug) |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) MAC Address: FC:8F:7D:41:0C:6C (Unknown)
分享目的仅供大家学习和交流,您必须在下载后24小时内删除! 2. 不得使用于非法商业用途,不得违反国家法律。否则后果自负! 3. 本站提供的源码、模板、插件、软件、等等其他资源,都不包含技术服务请大家谅解!内容投诉
资源库 » 利用审查元素查看浏览器保存的移动光猫页面明文密码
资源库 » 利用审查元素查看浏览器保存的移动光猫页面明文密码