[–] mdewinter 8y ago ↗ Windows only, maybe the title can be changed. [–] bluetwo 8y ago ↗ I stopped reading when I got to 'Windows' as well.
[–] ryanlol 8y ago ↗ It's 2017 and scanning /0 for PUT still reliably gets a bunch of shells... [–] kevindqc 8y ago ↗ Why does that return a shell? [–] dogma1138 8y ago ↗ Web shell via put, still quite common.Just as common as dorking for common webshells with no or default passwords.If you need a VPS fast googling for c99 is faster than spinning up something on AWS ;) [–] exikyut 8y ago ↗ Would like to learn more about this.Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :) [–] exikyut 8y ago ↗ OH, that's a _netmask_. It took me an entire day to figure that out. I thought /0 was a path :)
[–] kevindqc 8y ago ↗ Why does that return a shell? [–] dogma1138 8y ago ↗ Web shell via put, still quite common.Just as common as dorking for common webshells with no or default passwords.If you need a VPS fast googling for c99 is faster than spinning up something on AWS ;) [–] exikyut 8y ago ↗ Would like to learn more about this.Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :)
[–] dogma1138 8y ago ↗ Web shell via put, still quite common.Just as common as dorking for common webshells with no or default passwords.If you need a VPS fast googling for c99 is faster than spinning up something on AWS ;) [–] exikyut 8y ago ↗ Would like to learn more about this.Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :)
[–] exikyut 8y ago ↗ Would like to learn more about this.Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :)
[–] exikyut 8y ago ↗ OH, that's a _netmask_. It took me an entire day to figure that out. I thought /0 was a path :)
[–] bastijn 8y ago ↗ > "National Vulnerability Database The NVD is currently offline for scheduled maintenance.> Please check back again shortly. We apologize for the inconvenience.> Please direct any questions to nvd@nist.gov. Thank you."Perfect timing for hn Frontpage. Alt link: https://tomcat.apache.org/security-7.html [–] thephyber 8y ago ↗ Interestingly, I think NVD.nist.gov just changed their HTML-generating template since this HN URL was posted. [–] jlgaddis 8y ago ↗ They did. The page looks much different now than it did earlier.
[–] thephyber 8y ago ↗ Interestingly, I think NVD.nist.gov just changed their HTML-generating template since this HN URL was posted. [–] jlgaddis 8y ago ↗ They did. The page looks much different now than it did earlier.
12 comments
[ 510 ms ] story [ 77.4 ms ] threadJust as common as dorking for common webshells with no or default passwords.
If you need a VPS fast googling for c99 is faster than spinning up something on AWS ;)
Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :)
> Please check back again shortly. We apologize for the inconvenience.
> Please direct any questions to nvd@nist.gov. Thank you."
Perfect timing for hn Frontpage. Alt link: https://tomcat.apache.org/security-7.html