场景:您通过 telnet 进入,双击并发现这些是可用的命令。
IPv6-relay ipaddr preinit
acl_logd iplink ps
acos_init iproute pwd
acos_service iprule radvd
ash iptunnel rc
autoconfig_wan_down ipv6-conntab read_bd
autoconfig_wan_up kill reboot
automount killall reset_no_reboot
bd l2tpd restart_all_processes
bftpd lcli ripd
brctl leddown rm
burn5gpass ledup rmdir
burn5gssid lld2d rmmod
burnboardid ln route
burnethermac ls routef
burnpass lsmod routel
burnpin mattrib routerinfo
burnrf mbadblocks rtmon
burnsku mcat rtpr
burnsn mcd rtsol
burnssid mclasserase scheact
busybox mcopy sh
calcheck mdel showconfig
cat mdeltree sort
chmod mdir strings
cp mdu swresetd
cut mformat sysctl
date minfo tail
ddnsd mkdir tc
df mknod tee
dhcp6c mlabel telnetd
dhcp6c_down mld telnetenabled
dhcp6c_up mmd tfmeter
dhcp6s mmount tftp
dnsRedirectReplyd mmove timesync
dnsmasq mount touch
eapd mount.ntfs-3g tr
echo mpartition ubdcmd
email mrd udevtrigger
emf mren udhcpc
erase mshowfat udhcpd
et mtools umount
free mtoolstest upnp
ftpc mtype upnpd
getchksum mzip uptime
gpio nas vconfig
gproxy netstat version
grep nice wan_debug
gunzip nslookup wandetect
gzip ntfs-3g wanled
halt ntpclient wget
head nvram wl
heartbeat outputimage wlanconfigd
hostname phymons wlconf
hotplug ping wps_ap
hotplug2 ping6 wps_enr
httpd pot wps_monitor
ifcfg poweroff wpsd
ifconfig pppd write
igs pppdv6 zcat
init pppoecd zebra
insmod pppoecdv6
ip pptp
不幸的是,你没有netcat,你也没有/dev/tcp,但也许/proc/net/tcp会有用?
在任何人假设这是我在 Savers(旧货店)购买的路由器之前,我有在 SE 中提出“场景”主题的想法。
我脑子里有几个想法,也许是 javascript 反向 shell,因为他们有 httpd?