其他
在微信内编辑图片会上传并审查原图?
在 iOS 微信中编辑(打码)了一张图片并发送,编辑后的图片如下:
几秒后原图中的地址收到了 120.233.19.186 (广东移动)的访问,URL 是图中部分可见文字的拼接
{"time":1700801419.550,"host":"XXX:443","req":"GET /YYY/snapshotsMethodPOSTHeadersAuthorizati...Bearer","req_size":980,"ip":"120.233.19.186","ua":"Mozilla/5.0 (Linux; Android 13; M2007J1SC Build/TKQ1.221114.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/107.0.5304.141 Mobile Safari/537.36 XWEB/5127 MMWEBSDK/20230405 MMWEBID/1151 MicroMessenger/8.0.35.2360(0x2800235D) WeChat/arm64 Weixin NetType/WIFI Language/zh_CN ABI/arm64 qcloudcdn-xinan Request-Source=3 Request-Channel=99","status":404,"resp_time":0.000,"resp_size":1482,"protocol":"HTTP/1.1","tls":"TLSv1.3"}DNSlog 复现成功,但似乎没有 log4j 漏洞
43.136.129.249
220.196.152.109
101.35.153.118
81.71.98.69
183.36.24.8
106.52.173.110
106.52.173.28
106.52.173.28
81.71.98.134笔者未复现成功!
原文链接https://www.v2ex.com/t/995953关注公众号后台回复 0001 领取Windows Proxifier激活码,0002 领取Mac Proxifier激活码,0003 获取无需登录在线即用的New Bing地址,0004 获取CobaltStrike4.9.1破解版,0005 获取VMware Pro 17.5永久Key,0006 获取现代亚洲APT组织TTP报告,0007 获取IDA Pro 8.3 keygen
加我微信好友,邀请你进交流群
往期推荐
文章号,欢迎关注