你有几个邮箱呢?你是怎么分配它们的用途呢?码云账号增加多邮箱支持!
指数
0
Watch 648 Star 1.3k Fork 740

因酷 / inxeduJava

Upload Malicious Files

待办的
ziliudi  创建于

inxedu through 2018-12-24 has a vulnerability that can lead to upload malicious files.
1.The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java)
输入图片说明
line 52 check the extention of the file uploaded, while we can control the value of fileType by change the param value of fileType.

2.POC
输入图片说明

above, upload a jsp file,and change the vaule of fileType to "jpg,gif,png,jsp,jpeg",in which we add "jsp" type.

and the response returns the jsp file path.
Then we can visit the jsp file and run evil code.
输入图片说明

  1. fix
    make a whitelist of file extentions in the backend.
共1人参与

评论 (0)

登录 后才可以发表评论

负责人
标签
未设置
里程碑
关联分支
开始时间
未设置
结束时间
未设置
置顶选项
优先级

搜索帮助