马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?立即注册
×
在 iOS 微信中编辑(打码)了一张图片并发送,编辑后的图片如下: 几秒后原图中的地址收到了 120.233.19.186 (广东移动)的访问,URL 是图中部分可见文字的拼接
- {"time":1700801419.550,"host":"XXX:443","req":"GET /YYY/snapshotsMethodPOSTHeadersAuthorizati...Bearer","req_size":980,"ip":"120.233.19.186","ua":"Mozilla/5.0 (Linux; Android 13; M2007J1SC Build/TKQ1.221114.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/107.0.5304.141 Mobile Safari/537.36 XWEB/5127 MMWEBSDK/20230405 MMWEBID/1151 MicroMessenger/8.0.35.2360(0x2800235D) WeChat/arm64 Weixin NetType/WIFI Language/zh_CN ABI/arm64 qcloudcdn-xinan Request-Source=3 Request-Channel=99","status":404,"resp_time":0.000,"resp_size":1482,"protocol":"HTTP/1.1","tls":"TLSv1.3"}
复制代码 [color=var(--box-foreground-color)]DNSlog 复现成功,但似乎没有 log4j 漏洞
43.136.129.249, 220.196.152.109, 101.35.153.118, 81.71.98.69, 183.36.24.8, 106.52.173.110, 106.52.173.28, 106.52.173.28, 81.71.98.134
[color=var(--box-foreground-color)]
|