B10815062 之漏洞回報

Taiwan-Tech-WebSec / Bug-Report

4 stars 0 forks source link

B10815062 之漏洞回報 #52

Open ak9844297 opened 2 years ago

ak9844297 commented 2 years ago

攻擊者學號：B10815052

被攻擊者學號與網址：B10815062 @yochan0412 https://demo.yochan.live/

漏洞類型：XSS(upload file)

漏洞描述上傳php檔裡面使用


<script language=javascript>alert(1)</script>

這樣php flag的檢查就會被掠過 PoC


<script language=javascript>alert(1)</script>

yochan0412 commented 2 years ago

修好了不要半夜打我去打LOL 寄件者: xiao_fang傳送時間: 2022年4月30日上午 03:08收件者: Taiwan-Tech-WebSec/Bug-Report副本: yochan0412; Mention主旨: [Taiwan-Tech-WebSec/Bug-Report] B10815062 之漏洞回報 (Issue #52) 攻擊者學號：B10815052被攻擊者學號與網址：B10815062 @yochan0412 https://demo.yochan.live/漏洞類型：RCE(upload file)漏洞描述上傳php檔裡面使用這樣php flag的檢查就會被掠過PoC —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: ***@***.***>

ak9844297 commented 2 years ago

已修正~

splitline commented 2 years ago

沒有 RCE 啊，這只是 XSS，對伺服器端無法造成危害

必須執行 shell 指令（如 ls -al 等）才算 RCE