mountor /down.aspx 任意文件下载

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

<pre class="">using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System; using System.IO; public partial class down : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string fileName=""; FileStream fileStream=new FileStream(Server.MapPath("/")+Request["upfiles"],FileMode.Open);//upfiles木有过滤~ fileName = Request["upfiles"].ToString().Substring(7);//命名方式从第7位开始 long fileSize = fileStream.Length; Context.Response.ContentType="application/octet-stream"; Context.Response.AddHeader("Content-Disposition","attachment; filename=\""+fileName+"\""); Context.Response.AddHeader("Content-Length",fileSize.ToString()); byte[] fileBuffer=new byte[fileSize]; fileStream.Read(fileBuffer, 0, (int)fileSize); //到这里任意文件下载就产生了 fileStream.Close();...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息