通达OA 前台任意用户登录漏洞
仅供安全研究,禁止非法利用!
- python3 poc.py -v 版本 -url url
- 运行并获取到可用的SESSIONID
- 替换浏览器Cookie中的SESSIONID即可实现登录为admin
通达OA2017、V11.X<V11.5
-
Notifications
You must be signed in to change notification settings - Fork 109
NS-Sp4ce/TongDaOA-Fake-User
About
通达OA 任意用户登录漏洞
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published