#利用标题: TSPLUS 16.0.2.14-远程访问不安全文件和文件夹权限
#日期: 2023-08-09
#利用作者: Carlo di Dato for Deloitte风险咨询意大利
#供应商HomePage3360 https://tsplus.net/
#版本:最多16.0.2.14
#在: Windows上测试
#CVE : CVE-2023-31067
tsplus远程访问(v。16.0.2.14)是Citrix和
Microsoft RDS用于远程桌面访问和Windows应用程序
送货。网络启用您的旧应用程序,创建SaaS解决方案或远程解决方案
访问您的集中企业工具和文件。
TSPLUS远程访问解决方案带有嵌入式Web服务器
允许远程用户轻松地远程连接。
但是,设置了不安全的文件和文件夹权限,这可以
允许恶意用户操纵文件内容(例如:
HTML页面或JS脚本的代码)或更改合法文件(例如
为了补偿系统或
获得提高特权。
这是及其各自的不安全文件和文件夹列表
权限:
所有人:(oi)(cf)(f)和每个人(f)
许可:所有人:(OI)(CI)(f)
C: \ Program Files(x86)\ tsplus \ clients \ www
C: \ Program Files(x86)\ tsplus \ clients \ www \ addons
C: \ Program Files(x86)\ tsplus \ clients \ www \ ConnectionClient
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ downloads
C: \ Program Files(x86)\ tsplus \ clients \ www \ prints
C: \ Program Files(x86)\ tsplus \ clients \ www \ remoteappclient
C: \ Program Files(X86)\ tsplus \ clients \ www \软件
C: \ Program Files(x86)\ tsplus \ clients \ www \ var
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ cgi-bin \ remoteapp
C: \ Program Files(x86)\ tsplus \ clients \ www \ downloads \ shared
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ jwres
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ locales
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ imgs \ topmenu
C: \ Program Files(X86)\ TSPLU \ clients \ www \ software \ html5 \ imgs \ key \ parts
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ img
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ third
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ img \ cp
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ img \ srv
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ java \ third \ images
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ java \ third \ js
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ images \ bramus
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ js \原型
C: \ Program Files(x86)\ tsplus \ clients \ www \ var \ log
C: \ Program Files(x86)\ tsplus \ userDesktop \主题
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ bluebar
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ default
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ greybar
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ logon
C: \ Program Files(X86)\ tsplus \ userDesktop \ themes \ Menuontop
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ themless \ seamless
C: \ Program Files(X86)\ tsplus \ userDesktop \ themes \ thinclient
C: \ Program Files(x86)\ tsplus \ userdesktop \ themes \ vista
----------------------------------------------------------------------------------------------------------------------------------------
许可:所有人:(f)
C: \ Program Files(x86)\ tsplus \ clients \ www \ all.min.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ custom.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ popins.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ robots.txt
C: \程序文件
(x86)\ tsplus \ clients \ www \ addons \ setup-virtualprinter-client.exe
C: \ Program Files(x86)\ tsplus \ clients \ www \ cgi-bin \ hb.exe.config
C: \程序文件
(x86)\ tsplus \ client \ www \ cgi-bin \ sessionprelaunch.common.dll.config
C: \ Program Files(x86)\ tsplus \ clients \ www \ cgi-bin \ remoteapp \ index.html
C: \ Program Files(x86)\ tsplus \ clients \ www \ remoteappclient \ index.html
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ common.css
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ jwres \ jwwebsocking.jar
C: \ Program Files(x86)\ tsplus \ client \ www \ software \ html5 \ jwres \ jwres \ web.jar
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ ishor \ exitlist.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ www \ html5 \ hount \ exitupload.html
C: \程序文件
(x86)\ tsplus \ client \ www \ software \ html5 \ horn \ getlist.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ own \ getupload.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ hount \ postupload.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ own \ uploaderr.html
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ index.html
C: \ Program Files(X86)\ tsplus \ clients \ www \ software \ java \ img \ index.html
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ img \ port.bin
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ java \ third \ jws.js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ java \ third \ sha256.js
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ js \ prototype \ prototype.js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ js \ jquery.min.js
#日期: 2023-08-09
#利用作者: Carlo di Dato for Deloitte风险咨询意大利
#供应商HomePage3360 https://tsplus.net/
#版本:最多16.0.2.14
#在: Windows上测试
#CVE : CVE-2023-31067
tsplus远程访问(v。16.0.2.14)是Citrix和
Microsoft RDS用于远程桌面访问和Windows应用程序
送货。网络启用您的旧应用程序,创建SaaS解决方案或远程解决方案
访问您的集中企业工具和文件。
TSPLUS远程访问解决方案带有嵌入式Web服务器
允许远程用户轻松地远程连接。
但是,设置了不安全的文件和文件夹权限,这可以
允许恶意用户操纵文件内容(例如:
HTML页面或JS脚本的代码)或更改合法文件(例如
为了补偿系统或
获得提高特权。
这是及其各自的不安全文件和文件夹列表
权限:
所有人:(oi)(cf)(f)和每个人(f)
许可:所有人:(OI)(CI)(f)
C: \ Program Files(x86)\ tsplus \ clients \ www
C: \ Program Files(x86)\ tsplus \ clients \ www \ addons
C: \ Program Files(x86)\ tsplus \ clients \ www \ ConnectionClient
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ downloads
C: \ Program Files(x86)\ tsplus \ clients \ www \ prints
C: \ Program Files(x86)\ tsplus \ clients \ www \ remoteappclient
C: \ Program Files(X86)\ tsplus \ clients \ www \软件
C: \ Program Files(x86)\ tsplus \ clients \ www \ var
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ cgi-bin \ remoteapp
C: \ Program Files(x86)\ tsplus \ clients \ www \ downloads \ shared
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ jwres
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ locales
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ html5 \ imgs \ topmenu
C: \ Program Files(X86)\ TSPLU \ clients \ www \ software \ html5 \ imgs \ key \ parts
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ img
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ third
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ img \ cp
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ img \ srv
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ java \ third \ images
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ java \ third \ js
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ images \ bramus
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ js \原型
C: \ Program Files(x86)\ tsplus \ clients \ www \ var \ log
C: \ Program Files(x86)\ tsplus \ userDesktop \主题
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ bluebar
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ default
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ greybar
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ logon
C: \ Program Files(X86)\ tsplus \ userDesktop \ themes \ Menuontop
C: \ Program Files(x86)\ tsplus \ userDesktop \ themes \ themless \ seamless
C: \ Program Files(X86)\ tsplus \ userDesktop \ themes \ thinclient
C: \ Program Files(x86)\ tsplus \ userdesktop \ themes \ vista
----------------------------------------------------------------------------------------------------------------------------------------
许可:所有人:(f)
C: \ Program Files(x86)\ tsplus \ clients \ www \ all.min.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ custom.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ popins.css
C: \ Program Files(x86)\ tsplus \ clients \ www \ robots.txt
C: \程序文件
(x86)\ tsplus \ clients \ www \ addons \ setup-virtualprinter-client.exe
C: \ Program Files(x86)\ tsplus \ clients \ www \ cgi-bin \ hb.exe.config
C: \程序文件
(x86)\ tsplus \ client \ www \ cgi-bin \ sessionprelaunch.common.dll.config
C: \ Program Files(x86)\ tsplus \ clients \ www \ cgi-bin \ remoteapp \ index.html
C: \ Program Files(x86)\ tsplus \ clients \ www \ remoteappclient \ index.html
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ common.css
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ jwres \ jwwebsocking.jar
C: \ Program Files(x86)\ tsplus \ client \ www \ software \ html5 \ jwres \ jwres \ web.jar
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ ishor \ exitlist.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ www \ html5 \ hount \ exitupload.html
C: \程序文件
(x86)\ tsplus \ client \ www \ software \ html5 \ horn \ getlist.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ own \ getupload.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ hount \ postupload.html
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ html5 \ own \ uploaderr.html
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ index.html
C: \ Program Files(X86)\ tsplus \ clients \ www \ software \ java \ img \ index.html
C: \ Program Files(X86)\ TSPLUS \ clients \ www \ software \ java \ img \ port.bin
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ java \ third \ jws.js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ java \ java \ third \ sha256.js
C: \程序文件
(x86)\ tsplus \ clients \ www \ software \ java \ third \ js \ prototype \ prototype.js
C: \ Program Files(x86)\ tsplus \ clients \ www \ software \ js \ jquery.min.js