We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
最近在学习pocsuite3编写POC脚本,在看到你们的文章https://paper.seebug.org/1931/ 中有一个是示例,CVE-2021-43798 这个POC,我在尝试利用这个POC进行漏洞测试的时候,突然发现, -u ip:3000 指定的IP端口地址,会在POC套件里出现 self.url = http://192.168.136.141:3000/login 没错,问题就出现在login后缀上面,通过fildder抓包可以发现,POC访问的是/login/public/plugins/alertGroups/../../../../../../../../etc/passwd 多了一个login,在思索再三之后,没有办法解决,请问有思路吗? 可以联系1120904649 qq号
The text was updated successfully, but these errors were encountered:
_check 方法中的一个 url 重定向问题, 已修复,可以源码安装最新版。
_check
Sorry, something went wrong.
Successfully merging a pull request may close this issue.
最近在学习pocsuite3编写POC脚本,在看到你们的文章https://paper.seebug.org/1931/
中有一个是示例,CVE-2021-43798 这个POC,我在尝试利用这个POC进行漏洞测试的时候,突然发现,
-u ip:3000 指定的IP端口地址,会在POC套件里出现 self.url = http://192.168.136.141:3000/login
没错,问题就出现在login后缀上面,通过fildder抓包可以发现,POC访问的是/login/public/plugins/alertGroups/../../../../../../../../etc/passwd
多了一个login,在思索再三之后,没有办法解决,请问有思路吗?
可以联系1120904649 qq号
The text was updated successfully, but these errors were encountered: