diff --git a/TongdaOA/TongdaOA_anyfile_delete_getshell/README.md b/TongdaOA/TongdaOA_anyfile_delete_getshell/README.md
new file mode 100644
index 0000000..42b8911
--- /dev/null
+++ b/TongdaOA/TongdaOA_anyfile_delete_getshell/README.md
@@ -0,0 +1,11 @@
+# Tongda OA any file delete getshell
+
+Attackers can obtain server system permissions through file deletion vulnerability and file upload vulnerability of earlier versions.
+
+**Affected version**: Tongda OA 11.6
+
+**[FOFA](https://fofa.so/result?q=app%3D"TongDa-OA"&qbase64=YXBwPSJUb25nRGEtT0Ei) query rule**: app="TongDa-OA"
+
+# Demo
+
+![](tongdaOA_getshell.gif)
\ No newline at end of file
diff --git a/TongdaOA/TongdaOA_anyfile_delete_getshell/tongdaOA_getshell.gif b/TongdaOA/TongdaOA_anyfile_delete_getshell/tongdaOA_getshell.gif
new file mode 100644
index 0000000..837a995
Binary files /dev/null and b/TongdaOA/TongdaOA_anyfile_delete_getshell/tongdaOA_getshell.gif differ