Struts2-Scan icon indicating copy to clipboard operation
Struts2-Scan copied to clipboard
verified publisher icon HatBoy

S2-007检测不出来

Open hotencode opened this issue 2 years ago • 1 comments

S2-007 check返回false但是能够exec_cmd,可能需要修改一下

hotencode avatar Jul 29 '23 07:07 hotencode

建议是把echo_check函数中的待执行命令从echo expr {num1} + {num2}]改成echo {num1},判定条件改为str(num1} in html and "echo" not in html

hotencode avatar Jul 29 '23 08:07 hotencode