其他
在微信内编辑图片会上传并审查原图?
在 iOS
微信中编辑(打码)了一张图片并发送,编辑后的图片如下:
几秒后原图中的地址收到了 120.233.19.186
(广东移动)的访问,URL
是图中部分可见文字的拼接
{"time":1700801419.550,"host":"XXX:443","req":"GET /YYY/snapshotsMethodPOSTHeadersAuthorizati...Bearer","req_size":980,"ip":"120.233.19.186","ua":"Mozilla/5.0 (Linux; Android 13; M2007J1SC Build/TKQ1.221114.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/107.0.5304.141 Mobile Safari/537.36 XWEB/5127 MMWEBSDK/20230405 MMWEBID/1151 MicroMessenger/8.0.35.2360(0x2800235D) WeChat/arm64 Weixin NetType/WIFI Language/zh_CN ABI/arm64 qcloudcdn-xinan Request-Source=3 Request-Channel=99","status":404,"resp_time":0.000,"resp_size":1482,"protocol":"HTTP/1.1","tls":"TLSv1.3"}
DNSlog
复现成功,但似乎没有 log4j
漏洞
43.136.129.249
220.196.152.109
101.35.153.118
81.71.98.69
183.36.24.8
106.52.173.110
106.52.173.28
106.52.173.28
81.71.98.134
笔者未复现成功!
原文链接
https://www.v2ex.com/t/995953
关注公众号后台回复 0001
领取Windows Proxifier激活码,0002
领取Mac Proxifier激活码,0003
获取无需登录在线即用的New Bing地址,0004
获取CobaltStrike4.9.1破解版,0005
获取VMware Pro 17.5永久Key,0006
获取现代亚洲APT组织TTP报告,0007
获取IDA Pro 8.3 keygen
加我微信好友,邀请你进交流群
往期推荐
文章号,欢迎关注