add ThinkPHP 6.x反序列化POP链（二）&ThinkPHP 6.x反序列化POP链（三）

2025-08-12 11:06:04 +00:00 · 2020-06-22 12:34:13 +08:00 · 2020-06-22 12:34:13 +08:00 · 36ce5f4357
commit 36ce5f4357
parent ef1931ac0b
4 changed files with 3 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -124,7 +124,9 @@
 - [CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC](https://github.com/motikan2010/CVE-2020-5398/)
 - [PHPOK v5.3&v5.4getshell](https://www.anquanke.com/post/id/194453) | [phpok V5.4.137前台getshell分析](https://forum.90sec.com/t/topic/728) | [PHPOK 4.7从注入到getshell](https://xz.aliyun.com/t/1569)
 - [thinkphp6 session 任意文件创建漏洞复现 含POC](./books/thinkphp6%20session%20任意文件创建漏洞复现%20含POC.pdf) --- 原文在漏洞推送公众号上
- [ThinkPHP 6.x反序列化POP链（一）](./books/ThinkPHP%206.x反序列化POP链（一）.pdf)
+- [ThinkPHP 6.x反序列化POP链（一）](./books/ThinkPHP%206.x反序列化POP链（一）.pdf)|[原文链接](https://mp.weixin.qq.com/s/rEjt9zb-AksiVwF1GngFww)
+- [ThinkPHP 6.x反序列化POP链（二）](./books/ThinkPHP%206.x反序列化POP链（二）.pdf)|[原文链接](https://mp.weixin.qq.com/s/q8Xa3triuXEB3NoeOgka1g)
+- [ThinkPHP 6.x反序列化POP链（三）](./books/ThinkPHP%206.x反序列化POP链（三）.pdf)|[原文链接](https://mp.weixin.qq.com/s/PFNt3yF0boE5lR2KofghBg)
 - [WordPress InfiniteWP - Client Authentication Bypass (Metasploit)](https://www.exploit-db.com/exploits/48047)
 - [【Linux提权/RCE】OpenSMTPD 6.4.0 < 6.6.1 - Local Privilege Escalation + Remote Code Execution](https://www.exploit-db.com/exploits/48051)
 - [CVE-2020-7471-django1.11-1.11.282.2-2.2.103.0-3.0.3 StringAgg(delimiter)使用了不安全的数据会造成SQL注入漏洞环境和POC](https://github.com/Saferman/CVE-2020-7471)
--- a/6.x反序列化POP链（一）.pdf
+++ b/6.x反序列化POP链（一）.pdf
--- a/6.x反序列化POP链（三）.pdf
+++ b/6.x反序列化POP链（三）.pdf
--- a/6.x反序列化POP链（二）.pdf
+++ b/6.x反序列化POP链（二）.pdf