Taizhou real estate network program 0day

Non-Editor: Keep the first paragraph of the article at the author's requirement. Please understand

Alas, I don't know which kind of fairy has been offended recently, and it has attracted so many big cows to work with me. Can I do it if I am wrong? I told you all my ID card and home address. What is the purpose of killing me? That is a fact! Let me go. Don't say anything bad about me, say I accept the apprentice, and leave after collecting the money, OK? I beg you! I declare:
1. I don't want to go in because I don't want to go in.
2. Do not accept the ticket. Do not use that technology.
3. No apprentice, no master.
4. Don't chat with strangers and married women.
By H4ckx7
_______________________________________
Taizhou real estate network program 0day
Vulnerability file house/upload. asp
<Html>
<Head>
<Meta http-equiv = "Content-Type" content = "text/html; charset = gb2312">
<LINK href = "../css/Style.css" rel = stylesheet type = text/css>
<Link href = "../ht.css" rel = "stylesheet" type = "text/css">
</Head>
<Body leftmargin = "0" topmargin = "0">
<Form name = "form3" method = "post" action = "upfile. asp" enctype = "multipart/form-data">
<Table>
<Tr>
<Td>
<Input name = "file1" type = "file" class = "ht" size = 30>
<Input type = "submit" name = "Submit" value = "Upload">
</Td>
</Tr>
</Table>
</Form>
</Body>
</Html>
No file type verification or filtering is performed on the server! Tragedy...
You can directly upload the asp cer and the file type you want to upload. If some sites perform verification, use IIS6 to resolve the vulnerability and win the shell (figure 1)

The uploaded file is in the picture/directory! (Figure 2)