CubeSec ID IDSampro
Attack As Defense
CubeSec Product Develop Team Written By Hao Wu Shuai Yuan
CUBESECNSTRT121 SDLAPT
01
02 +
03
04 Matrix
05 02
01 PART ONE
02 + PART TWO
+
90
80
77
70
66 67 70
60
50 40
38
36
41 36
39
30 20
21
17
21 24
12
10 5 5 5 0 0
2009 2010 2011 2012 2013 2014
web
+--
+--
github WikiJira
+--
2014 Shellsock2013 Structs2S2-016
03 PART THREE
APT
TEXT
--
- ""
test.com
IP
a.test.com IP
b.test.com
--
DNS A
DNS
-- WebIP
Web CMS
IP
--
IPWeb IP
IP 10.1.1.1 10.1.1.1
/ Linux SSH
NA 9000
2.62 OpenSSH4.3
Banner NA Welcome
Web
a.test.com Apache
80
2.20
PHP
XXX
b.test.com Apache Tomcat
8080 5.0
JSP
--
-- GoogleBingBaidu
-- POC CVE CVE
Freebuf
POC
POC--POC
--
URL
CVE EXP
04 Matrix PART FOUR
Matrix-- Matrix
POC/
Matrix
Web UI
Matrix--
xxx.com
Web UI
IP
POC/
Matrix--
Asset
IP
web
1Web titlekeyword 2 IP 3IP Banner
IP
Matrix--Web UI
Thanks for Listening