You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The server build environment is windows
After logging in to the background, click Settings, there is a file upload vulnerability in an ico image upload point, you can bypass the upload, upload the webshell through this point, and you can take down the server.
Vulnerability location:http://172.20.10.2:8082/0/admin/settings/general
1.Upload the shell file and capture the package。Modify Content-Type to image/ico, filename to .php and php followed by spaces to bypass
2.Although the response packet is 302, the file itself has been uploaded successfully。The uploaded file is located in the \upload\settings directory, named favicon.php
3.The connection is successful through the ice scorpion, and the server shell is obtained.
The text was updated successfully, but these errors were encountered:
The server build environment is windows
![image](https://user-images.githubusercontent.com/58929675/164606674-b9d80cc9-31ae-4c56-8757-66e51574c6a0.png)
![image](https://user-images.githubusercontent.com/58929675/164607275-2c4f5b19-02e9-41d0-82f8-b81a19580bba.png)
![image](https://user-images.githubusercontent.com/58929675/164607604-cc2a09f7-bdb5-47cd-8b03-529beac0c123.png)
![image](https://user-images.githubusercontent.com/58929675/164607822-1f7fbb7b-ca85-46bf-ac0a-e8e2c1d695b5.png)
![image](https://user-images.githubusercontent.com/58929675/164614519-6eed8077-00c7-4e63-acf0-c7dc8d0aa0e8.png)
![image](https://user-images.githubusercontent.com/58929675/164614544-2dc1053f-5a7d-43f5-9e8f-70bde96b2236.png)
After logging in to the background, click Settings, there is a file upload vulnerability in an ico image upload point, you can bypass the upload, upload the webshell through this point, and you can take down the server.
Vulnerability location:http://172.20.10.2:8082/0/admin/settings/general
1.Upload the shell file and capture the package。Modify Content-Type to image/ico, filename to .php and php followed by spaces to bypass
2.Although the response packet is 302, the file itself has been uploaded successfully。The uploaded file is located in the \upload\settings directory, named favicon.php
3.The connection is successful through the ice scorpion, and the server shell is obtained.
The text was updated successfully, but these errors were encountered: