oa-system-attack

This file does not implement malware behavior; it contains clearly malicious, actionable intrusion guidance aimed at obtaining admin access and remote shell/RCE against specific enterprise OA products. Even though there are no executable sinks in this fragment, the distribution of attack instructions significantly increases supply-chain risk and should be treated as unsafe content.

该技能是面向 AI 代理的内网 OA 漏洞利用与横向渗透指南，包含漏洞探测、默认口令尝试、RCE 路径和获取 shell 后收集凭据等进攻行为。不存在明显第三方凭据中转或可疑安装链，但其核心用途就是让代理执行攻击与后续凭据获取，因此应判定为高风险、可疑且不适合作为普通开发辅助技能。

This provided fragment is an offensive exploitation playbook. It instructs how to compromise enterprise OA systems via multiple high-impact techniques: session hijacking, webshell upload leading to RCE, deserialization-triggered RCE, arbitrary file read/write via traversal, SSRF/internal fetching, and SQL injection for credential/config leakage. There is no indication of benign functionality; inclusion in a software supply chain artifact would be extremely dangerous.

This fragment is an offensive exploitation/testing playbook, not legitimate code. It contains explicit webshell upload/execution, deserialization/SSR F->JNDI RCE, XMLDecoder Runtime exec payloads, SQL injection for credential extraction, arbitrary file read/delete via traversal, and automated scanning over internal subnets. These are strong indicators of malicious capability (high malware probability) and extreme security risk if used or distributed.