Git Product home page Git Product logo

Comments (5)

godheyu avatar godheyu commented on July 1, 2024

参数s是空的

from cve-2020-0688.

zcgonvh avatar zcgonvh commented on July 1, 2024

@godheyu
哪一个s?返回包还是正则匹配的结果?
你可以先用Detect进行验证,以及访问LiveIdError.aspx确认是否存在,之后用arch命令看是否有回显,看一下是哪一步出了问题。
我测试的多个环境还没出现过这种情况,所以没法复现你说的问题。

from cve-2020-0688.

zitn avatar zitn commented on July 1, 2024

遇到同样的问题,detect验证是没问题的,但是cmd不行
Screenshot_20200318_125153
抓到的 response:

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
request-id: 5440d0bb-b7f2-4ce2-9044-0b7b134f1efe
X-CalculatedBETarget: win-i1ip7vgf5al.test.com
X-Content-Type-Options: nosniff
X-DiagInfo: WIN-I1IP7VGF5AL
X-BEServer: WIN-I1IP7VGF5AL
X-UA-Compatible: IE=10
X-AspNet-Version: 4.0.30319
Set-Cookie: msExchEcpCanary=PBj1Eex8IEmGi6vFD37aqJlxPaD3ytcISB4Gz35xmV2luQNNdIMmB1HV0KZlMoYc8kdUYcIIyX4.; path=/ecp; secure
Set-Cookie: X-BackEndCookie=S-1-5-21-2402718306-434039336-2810486681-500=u56Lnp2ejJqBzJnJmpvPzJzSy5zOyNLLycvK0seZnp7SysjMnJ2byp7NzJnKgYHNz83P0s/L0s7Iq8/LxcvHxczG; expires=Fri, 17-Apr-2020 04:48:39 GMT; path=/ecp; secure; HttpOnly
X-Powered-By: ASP.NET
X-FEServer: WIN-I1IP7VGF5AL
Date: Wed, 18 Mar 2020 04:48:39 GMT
Connection: close
Content-Length: 0

from cve-2020-0688.

zcgonvh avatar zcgonvh commented on July 1, 2024

from cve-2020-0688.

zitn avatar zitn commented on July 1, 2024

确实是4.8,师傅能大概说下是哪里导致的bug么

from cve-2020-0688.

Related Issues (9)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.