红队专题-漏扫-Xray

于 2024-03-08 09:38:53 发布
阅读量911 收藏 8
点赞数 7
分类专栏: 网络安全-渗透测试 文章标签: 安全
amingMM
本文链接:https://blog.csdn.net/qq_33608000/article/details/136553267
版权

在这里插入图片描述

Xray

介绍

Xray扫描器是一款功能强大的安全评估工具,它主要使用HTTP/HTTPS代理进行被动扫描。这款工具由多名经验丰富的一线安全从业者开发,具备多种特性使其在安全扫描和漏洞检测方面表现出色。

Xray扫描器支持多种扫描和检测模块,包括SQL注入检测、命令注入检测、任意重定向检测、路径遍历模块等。此外,它还具有一些内置插件,如XSS漏洞检测、XML实体注入检测等,这些插件能够进一步提升其漏洞检测能力。

在使用Xray扫描器时,可以通过开启监听、设置浏览器代理等方式,使其能够自动探测访问网站的漏洞。同时,Xray扫描器还支持与其他安全工具如BurpSuite联动,以提供更全面的安全评估。

除了强大的功能外,Xray扫描器还具有检测速度快、漏洞检测算法高效的特点。其代码质量高,经过多层验证,可靠性得到了保证。此外,Xray扫描器还支持高级可定制性,用户可以通过修改配置文件来定制其功能,以满足不同的安全需求。

https://blog.csdn.net/qq_45300786/article/details/108380490

.\xray_windows_amd64.exe webscan --basic-crawler http:// .com

xray_windows_amd64.exe genca

xray_windows_amd64.exe upgrade


.\xray_windows_amd64.exe webscan --listen 0.0.0.0:7777 --html-output te111t.html

https://github.com/chaitin/xray/releases


[与 Burp 联动 - xray 安全评估工具文档](https://docs.xray.cool/#/scenario/burp)



Xray 支持多种漏洞检测,主要检测类型如下:
XSS漏洞检测 (key: xss)
SQL 注入检测 (key: sqldet)
命令/代码注入检测 (key: cmd-injection)
目录枚举 (key: dirscan)
路径穿越检测 (key: path-traversal)
XML 实体注入检测 (key: xxe)
文件上传检测 (key: upload)
弱口令检测 (key: brute-force)
jsonp 检测 (key: jsonp)
ssrf 检测 (key: ssrf)
基线检查 (key: baseline)
任意跳转检测 (key: redirect)
CRLF 注入 (key: crlf-injection)
Struts2 系列漏洞检测 (高级版,key: struts)
Thinkphp系列漏洞检测 (高级版,key: thinkphp)
POC 框架 (key: phantasm) 

https://zhuanlan.zhihu.com/p/598413412

poc-yaml-vbulletin-cve-2020-12720
poc-yaml-spark-webui-unauth
poc-yaml-citrix-cve-2020-8193-unauthorized
poc-yaml-sophosfirewall-bypass
poc-yaml-orchid-core-vms-cve-2018-10956-path-traversal
poc-yaml-webgrind-index-cve-2018-12909-fileread
poc-yaml-anymacro-mail-sql-injection
poc-yaml-yungoucms-sqli
poc-yaml-pentaho-cve-2021-31602-authentication-bypass
poc-yaml-netgear-cve-2017-5521
poc-yaml-eweaver-oa-mecadminaction-sqlexec
poc-yaml-western-digital-mycloud-upload-php-exec
poc-yaml-anymacro-mail-fileread

poc-yaml-exchange-cve-2021-41349-xss
poc-yaml-emlog-cve-2021-3293
poc-yaml-seacmsv645-command-exec
poc-yaml-yonyou-erp-nc-readfile
poc-yaml-datang-ac-default-password-cnvd-2021-04128

poc-yaml-activemq-default-password
poc-yaml-jolokia-cve-2018-1000130-code-injection
poc-yaml-druid-monitor-unauth
poc-yaml-elasticsearch-cve-2015-5531
poc-yaml-uwsgi-cve-2018-7490
poc-yaml-china-mobile-yu-router-information-disclosure
poc-yaml-tongda-oa-v11-auth-mobi-php-get-user-session
poc-yaml-discuz-v72-sqli
poc-yaml-jquery-picture-cut-upload-php-fileupload-cve-2018-9208
poc-yaml-finereport-directory-traversal
poc-yaml-crawlab-users-add
poc-yaml-zoho-manageengine-opmanager-cve-2020-12116
poc-yaml-sunlogin-windows-cnvd-2022-10270-rce
poc-yaml-kemai-ras-ultra-vires
poc-yaml-wavlink-cve-2022-31847-info-leak
poc-yaml-f5-tmui-cve-2020-5902-rce
poc-yaml-wavlink-nightled-remote-command-execute
poc-yaml-atlassian-jira-unauth-user-enumeration
poc-yaml-telesquare-cve-2021-46422-rce
poc-yaml-western-digital-mycloud-raid-cgi-exec
poc-yaml-coremail-cnvd-2019-16798
poc-yaml-dedecms-cve-2018-7700-rce
poc-yaml-apache-druid-cve-2021-36749-file-read
poc-yaml-cockpit-cve-2020-35848-nosqli
poc-yaml-wso2-cve-2022-29464-fileupload

poc-yaml-yonyou-grp-u8-file-upload
poc-yaml-minio-default-password
poc-yaml-qnap-cve-2022-27593-fileupload
poc-yaml-yapi-rce
poc-yaml-phpmyadmin-wooyun-2016-199433-deserialization
poc-yaml-sangfor-ba-rce
poc-yaml-nhttpd-cve-2019-16278
poc-yaml-western-digital-mycloud-ftp-download-exec
poc-yaml-cisco-rv132w-router-cve-2018-0127-information-disclosure
poc-yaml-airflow-unauth
poc-yaml-fortigate-cve-2018-13379-readfile
poc-yaml-druid-cve-2021-25646
poc-yaml-oracle-ebs-bispgrapgh-file-read

poc-yaml-wanhu-ezoffice-documentedit-sqli
poc-yaml-jellyfin-file-read-cve-2021-21402
poc-yaml-jira-cve-2020-14181
poc-yaml-gogs-cve-2018-18925-rce

poc-yaml-confluence-cve-2021-26085-arbitrary-file-read
poc-yaml-tcexam-cve-2021-20114-info-leak
poc-yaml-weaver-emobile-v6-sqli
poc-yaml-thinkcmf-write-shell
poc-yaml-xiaomi-cve-2019-18371
poc-yaml-solarwinds-cve-2020-10148
poc-yaml-dedecms-carbuyaction-fileinclude
poc-yaml-secnet-ac-default-password
poc-yaml-redash-cve-2021-41192-unauth
poc-yaml-oa8000-workflowservice-sqli
poc-yaml-kubernetes-unauth
poc-yaml-msvod-sqli
poc-yaml-onethink-sqli
poc-yaml-yonyou-nc-file-upload
poc-yaml-ziguang-sqli-cnvd-2021-41638
poc-yaml-wifisky-default-password-cnvd-2021-39012
poc-yaml-bitbucket-unauth
poc-yaml-f5-cve-2021-22986
poc-yaml-kodexplorer-directory-traversal
poc-yaml-gitblit-cve-2022-31268
poc-yaml-dlink-dsl-2888a-rce
poc-yaml-youphptube-cve-2019-18662
poc-yaml-elasticsearch-cve-2015-3337
poc-yaml-craftcms-seomatic-cve-2020-9757-rce
poc-yaml-hjtcloud-directory-file-leak
poc-yaml-terramaster-cve-2020-28188-rce
poc-yaml-aspcms-backend-leak
poc-yaml-tenda-w15e-passsword-leak
poc-yaml-showdoc-default-password
poc-yaml-docker-registry-api-unauth
poc-yaml-ibm-websphere-portal-hcl-cve-2021-27748-ssrf

poc-yaml-ruckus-default-password
poc-yaml-jinhe-oa-readfile
poc-yaml-mastodon-cve-2022-0432
poc-yaml-v-sol-olt-platform-unauth-config-download
poc-yaml-ghostscript-cve-2018-19475-rce
poc-yaml-terramaster-cve-2020-15568
poc-yaml-ifw8-router-cve-2019-16313
poc-yaml-trs-was5-file-read
poc-yaml-prestashop-cve-2020-26248-sqli
poc-yaml-tibco-jasperreports-cve-2018-18809-directory-traversal
poc-yaml-rails-cve-2018-3760-rce
poc-yaml-seeyon-wooyun-2015-148227

poc-yaml-thinkcmf-cve-2018-19898-sqli
poc-yaml-landray-oa-rce
poc-yaml-emerge-e3-cve-2019-7256
poc-yaml-msnswitch-cve-2022-32429
poc-yaml-metinfo-cve-2019-17418-sqli
poc-yaml-emerge-e3-cve-2019-7254

poc-yaml-pbootcms-rce-cve-2022-32417
poc-yaml-yonyou-fe-templateoftaohong-manager-jsp-directory-traversal
poc-yaml-voipmonitor-cve-2021-30461-rce
poc-yaml-grafana-snapshot-cve-2021-39226
poc-yaml-apache-airflow-cve-2020-13927-unauthorized
poc-yaml-shiziyu-cms-apicontroller-sqli
poc-yaml-atlassian-jira-cve-2019-3401
poc-yaml-atlassian-jira-cve-2019-3403
poc-yaml-visual-tools-dvr-vx16-cve-2021-42071
poc-yaml-mantisbt-cve-2017-7615-unauth
poc-yaml-youphptube-encoder-cve-2019-5128
poc-yaml-youphptube-encoder-cve-2019-5129
poc-yaml-youphptube-encoder-cve-2019-5127
poc-yaml-dlink-dsl-28881a-ultra-vires
poc-yaml-yccms-rce
poc-yaml-zoho-manageengine-adaudit-plus-cve-2022-28219-xxe
poc-yaml-spon-ip-intercom-ping-rce
poc-yaml-thinkphp-cve-2022-25481-info-leak
poc-yaml-seacms-rce
poc-yaml-e-cology-loginsso-sqli
poc-go-tomcat-put

poc-yaml-74cms-se-cve-2022-29720
poc-yaml-egroupware-spellchecker-rce
poc-yaml-opencart-newsletter-custom-popup-sqli
poc-yaml-intelbras-wireless-cve-2021-3017
poc-yaml-kyocera-file-read
poc-yaml-cisco-cve-2020-3452-readfile
poc-yaml-drupal-cve-2014-3704-sqli
poc-yaml-odoo-cve-2019-14322
poc-yaml-jetty-servlets-concatservlet-information-disclosure-cve-2021-28169
poc-yaml-linksys-cnvd-2014-01260

poc-yaml-delta-entelitouch-cookie-user-password-disclosure
poc-yaml-pbootcms-database-file-download
poc-yaml-php-proxy-cve-2018-19458-fileread

poc-yaml-seeyon-oa-a6-information-disclosure
poc-yaml-full-read-ssrf-in-spring-cloud-netflix
poc-yaml-unraid-cve-2020-5847-remote-code-execution

poc-yaml-discuz-cve-2019-13956-rce
poc-yaml-rconfig-cve-2020-10547
poc-yaml-rconfig-cve-2020-10546

poc-yaml-rconfig-cve-2020-10549
poc-yaml-rconfig-cve-2020-10548
poc-yaml-domoticz-cve-2019-10664
poc-yaml-circarlife-scada-cve-2018-16671-info-leak
poc-yaml-joomla-cve-2017-8917-sqli
poc-yaml-cuberite-cve-2019-15516
poc-yaml-flexpaper-cve-2018-11686
poc-yaml-kingdee-eas-directory-traversal
poc-yaml-inspur-tscev4-cve-2020-21224-rce
poc-yaml-gitlab-cve-2022-1162-hardcoded-password
poc-yaml-xunchi-cnvd-2020-23735-file-read
poc-yaml-ewebs-fileread
poc-yaml-dlink-850l-info-leak
poc-yaml-selea-ocr-anpr-arbitrary-seleacamera-file-read
poc-yaml-venustech-tianyue-default-password
poc-yaml-finecms-getshell
poc-yaml-jellyfin-cve-2021-29490
poc-yaml-apache-apisix-dashboard-api-unauth-rce

poc-yaml-pigcms-file-upload
poc-yaml-h3c-secparh-any-user-login
poc-yaml-microweber-cve-2022-0378
poc-yaml-nuuo-nvrmini-cve-2018-14933
poc-yaml-lanproxy-cve-2021-3019-lfi
poc-yaml-confluence-cve-2015-8399
poc-yaml-manageengine-opmanager-cve-2020-11946
poc-yaml-jboss-unauth
poc-yaml-thinkcmf-lfi
poc-yaml-shopxo-cnvd-2021-15822
poc-yaml-tongda-meeting-unauthorized-access
poc-yaml-apache-nifi-api-unauthorized-access

poc-yaml-emerge-e3-series-cve-2022-31269

poc-yaml-frp-dashboard-unauth
poc-yaml-wavlink-cve-2022-34049
poc-yaml-jira-cve-2022-39960-unauth
poc-yaml-wavlink-cve-2022-34046

poc-yaml-movabletype-cve-2021-20837-rce
poc-yaml-vbulletin-cve-2019-16759

poc-yaml-influxdb-unauth
poc-yaml-ecology-workflowcentertreedata-sqli
poc-yaml-hongfan-ioffice-oa-cnvd-2021-32400-sqli
poc-yaml-ueditor-cnvd-2017-20077-file-upload
poc-yaml-solarview-compact-cve-2022-29303-rce
poc-yaml-apache-apisix-cve-2020-13945-rce

poc-yaml-junams-fileupload-cnvd-2020-24741
poc-yaml-phpunit-cve-2017-9841-rce

poc-yaml-jetty-cve-2021-28164
poc-yaml-tongda-oa-get-contactlist-php-leak-information
poc-yaml-cerebro-request-ssrf
poc-yaml-tongda-oa-unauth
poc-yaml-tlr-2005ksh-cve-2021-45428
poc-yaml-microsoft-exchange-ssrf-cve-2021-26885
poc-yaml-ruijie-eg-cli-rce
poc-yaml-dlink-cve-2021-42627-unauth
poc-yaml-springboot-env-unauth

poc-yaml-h2-database-web-console-unauthorized-access
poc-yaml-easyappointments-cve-2022-0482
poc-yaml-consul-rexec-rce
poc-yaml-seacms-sqli
poc-yaml-weaver-oa-sptmforportalthumbnail-jsp-path-traversal

poc-yaml-weaver-oa-jqueryfiletree-jsp-path-traversal
poc-yaml-drawio-cve-2022-1713-ssrf
poc-yaml-node-red-cve-2021-25864-fileread
poc-yaml-netentsec-ngfw-rce
poc-yaml-dotcms-cve-2018-17422-url-redirection
poc-yaml-lianruan-uninac-fileupload
poc-yaml-skywalking-cve-2020-9483-sqli
poc-yaml-jsrog-artifactory-cve-2019-9733
poc-yaml-jeesite-userfiles-path-traversal
poc-yaml-ecshop-collection-list-sqli
poc-yaml-bt742-pma-unauthorized-access
poc-yaml-confluence-cve-2022-26138
poc-yaml-seeyon-cnvd-2020-62422-readfile
poc-yaml-yonyou-ksoa-file-upload
poc-yaml-panabit-syaddmount-command-exec
poc-yaml-exchange-cve-2021-26855-ssrf
poc-yaml-ruijie-eg-file-read


poc-yaml-wanhu-ezoffice-downloadservlet-path-traversal
poc-yaml-xdcms-sql
poc-yaml-phpstudy-backdoor-rce
poc-yaml-boa-cve-2017-9833-fileread
poc-yaml-apache-flink-upload-rce
poc-yaml-opentsdb-cve-2020-35476-rce
poc-yaml-laravel-filemanager-cve-2022-40734-path-traversal
poc-yaml-selea-ocr-anpr-arbitrary-get-file-read
poc-yaml-dahua-cve-2021-33044-authentication-bypass
poc-yaml-nps-default-password
poc-yaml-kingsoft-v8-default-password
poc-yaml-nostromo-cve-2011-0751-directory-traversal
poc-yaml-discuz-ml3x-cnvd-2019-22239
poc-yaml-nexus-cve-2020-10199
poc-yaml-netentsec-icg-default-password
poc-yaml-wapples-filrewall-cve-2022-35413
poc-yaml-landray-oa-treexml-rce
poc-yaml-wi-fi-web-rce

poc-yaml-openfire-cve-2019-18394-ssrf
poc-yaml-citrix-cve-2019-19781-path-traversal
poc-yaml-duomicms-sqli
poc-yaml-natshell-arbitrary-file-read
poc-yaml-auerswald-cve-2021-40859
poc-yaml-saltstack-cve-2020-16846
poc-yaml-wanhu-ezoffice-file-upload
poc-yaml-joomla-cve-2015-7297-sqli
poc-yaml-kyan-network-monitoring-account-password-leakage
poc-yaml-zabbix-cve-2016-10134-sqli
poc-yaml-etouch-v2-sqli
poc-yaml-phpok-sqli
poc-go-ecology-db-config-info-leak

poc-yaml-huawei-home-gateway-hg659-fileread

poc-yaml-weijiaoyi-post-curl-ssrf
poc-yaml-teclib-glpl-cve-2019-10232
poc-yaml-netsweeper-webadmin-cve-2020-13167

poc-yaml-dedecms-membergroup-sqli
poc-yaml-metabase-cve-2021-41277
poc-yaml-alibaba-nacos-v1-auth-bypass
poc-yaml-ecology-filedownload-directory-traversal
poc-yaml-sapido-router-unauthenticated-rce
poc-yaml-magento-config-disclosure-info-leak
poc-yaml-earcms-download-php-exec
poc-yaml-gitlab-cve-2021-22214-ssrf
poc-yaml-kkfileview-cve-2021-43734
poc-yaml-alibaba-nacos-cve-2021-29442-unauth
poc-yaml-amtt-hiboss-server-ping-rce
poc-yaml-confluence-cve-2021-26084-rce
poc-yaml-dell-idarc-default-password
poc-yaml-metersphere-plugincontroller-rce
poc-yaml-zzcms-zsmanage-sqli
poc-yaml-qiwang-erp-sql-injection
poc-yaml-yonyou-nc-file-accept-upload

poc-yaml-netpower-readfile
poc-yaml-china-telecom-zte-f460-rce
poc-go-tongda-lfi-upload-rce
poc-yaml-cobub-channel-cve-2018-8057-sqli
poc-yaml-hwl-2511-ss-cve-2022-36554-rce
poc-yaml-kevinlab-bems-backdoor-cve-2021-37292
poc-yaml-yonyou-grp-u8-sqli
poc-yaml-discuz-wooyun-2010-080723

poc-yaml-apollo-default-password
poc-yaml-dotnetcms-sqli
poc-yaml-mpsec-isg1000-file-read

poc-yaml-apache-ambari-default-password
poc-yaml-finecms-cve-2018-6893
poc-yaml-h3c-route-unauthorized
poc-yaml-alibaba-canal-info-leak
poc-yaml-solr-cve-2017-12629-xxe
poc-yaml-lg-n1a1-nas-cnnvd-201607-467-rce
poc-yaml-intouch-access-anywhere-cve-2022-23854-lfi

poc-yaml-spring-data-rest-cve-2017-8046-rce
poc-yaml-yonyou-nc-service-info-leak
poc-yaml-weaver-oa-cnvd-2022-43245
poc-yaml-feiyuxing-route-wifi-password-leak
poc-yaml-bsphp-unauthorized-access

poc-yaml-iceflow-vpn-cnvd-2016-10768-info-leak
poc-yaml-rockmongo-default-password
poc-yaml-adobe-experience-manager-cve-2019-8086-xxe
poc-yaml-qilin-bastion-host-rce
poc-yaml-lucee-cve-2021-21307-rce
poc-yaml-joomla-component-vreview-sql
poc-yaml-tongda-oa-login-code-php-login-bypass
poc-yaml-qnap-cve-2019-7192
poc-yaml-dahua-dss-file-read

poc-yaml-tongda-oa-action-upload-php-upload
poc-yaml-zoho-manageengine-opmanager-cve-2022-36923
poc-yaml-74cms-cnvd-2021-45280
poc-yaml-solr-fileread
poc-yaml-spark-api-unauth
poc-yaml-hadoop-yarn-unauthorized-access
poc-yaml-zabbix-cve-2019-17382
poc-yaml-greencms-cve-2018-12604
poc-yaml-h3c-cvm-upload-file-upload
poc-yaml-resin-directory-traversal-cve-2021-44138
poc-go-tomcat-cve-2020-1938
poc-yaml-inspur-clusterenginev4-sysshell-remote-command-exec
poc-yaml-topsec-topapp-lb-sqli
poc-yaml-elasticsearch-cve-2015-1427
poc-yaml-red-hat-freeipa-cve-2022-2414-xxe
poc-yaml-ecology-syncuserinfo-sqli
poc-yaml-phpweb-appplus-php-upload
poc-yaml-cisco-rv-series-router-cve-2021-1472-rce
poc-yaml-gateone-cve-2020-35736
poc-yaml-atlassian-jira-cve-2022-0540

poc-yaml-dlink-cve-2020-25078-account-disclosure

poc-yaml-yonyou-u8c-file-upload
poc-yaml-topsec-defalut-password
poc-yaml-socomec-cve-2019-15859
poc-yaml-glpi-telemetry-cve-2021-39211-info-leak
poc-yaml-spring-cve-2016-4977
poc-yaml-typecho-rce
poc-yaml-laravel-cve-2021-3129-rce
poc-yaml-ruijie-fileupload-fileupload-rce
poc-yaml-wavlink-cve-2022-34570-info-leak
poc-yaml-teampass-cve-2020-12478-unauth
poc-yaml-jira-cve-2019-8442
poc-yaml-zentao-v11-sqli
poc-yaml-nginx-path-traversal
poc-yaml-jira-cve-2019-8449

poc-yaml-thinkphp-v6-file-write
poc-yaml-u5cms-cve-2022-32444-url-redirection

poc-yaml-huawei-dg8045-deviceinfo-info-leak

poc-yaml-satellian-cve-2020-7980-rce
poc-yaml-bigant-server-cve-2022-23347-lfi
poc-yaml-qibocms-sqli
poc-yaml-metinfo-cve-2019-16996-sqli
poc-yaml-hanming-video-conferencing-file-read
poc-yaml-sysaid-itil-cve-2021-43972
poc-yaml-yonyou-erp-u8-file-upload
poc-yaml-solr-cve-2019-0193
poc-yaml-jira-cve-2021-26086
poc-yaml-opensis-cve-2020-6637
poc-yaml-panabit-ixcache-default-password
poc-yaml-ukefu-cnvd-2021-18305-file-read
poc-yaml-prestashop-smartblog-cve-2021-37538
poc-yaml-weaver-oa-workrelate-file-upload
poc-yaml-microweber-cve-2022-0666
poc-yaml-tomcat-cve-2017-12615-rce

poc-yaml-qibocms-readfile
poc-yaml-hexinchuang-cloud-desktop-file-upload
poc-yaml-novnc-url-redirection-cve-2021-3654
poc-yaml-fiberhome-cve-2017-15647-path-traversal

poc-yaml-reolink-rlc-410w-cve-2022-21236
poc-yaml-ecology-validate-sqli
poc-yaml-apache-httpd-cve-2021-41773
poc-yaml-nuuo-file-inclusion
poc-yaml-pega-infinity-cve-2021-27651-unauth
poc-yaml-tomcat-cve-2018-11759
poc-yaml-seeyon-wooyun-2015-0108235-sqli
poc-yaml-kingdee-k3-cloud-mobfileupload-upload

poc-yaml-weiphp-sql
poc-yaml-kunshi-vos3000-fileread
poc-yaml-e-message-unauth
poc-yaml-tieline-ip-audio-gateway-cve-2021-35336
poc-yaml-prestashop-cve-2021-3110-sqli
poc-yaml-sangfor-edr-cssp-rce
poc-yaml-western-digital-mycloud-upload-php-upload
poc-yaml-zeroshell-cve-2019-12725-rce
poc-yaml-hongfan-oa-sqli
poc-yaml-h3c-imc-rce
poc-yaml-prometheus-url-redirection-cve-2021-29622
poc-yaml-go-pprof-leak
poc-yaml-wavlink-cve-2022-34045-info-leak
poc-yaml-kkfileview-getcorsfile-ssrf
poc-yaml-dotnetnuke-cve-2017-0929-ssrf

poc-yaml-western-digital-mycloud-sendlogtosupport-php-exec
poc-yaml-laravel-improper-webdir
poc-yaml-f5-big-ip-cve-2022-1388-rce
poc-yaml-razor-cve-2018-8770
poc-yaml-zoho-manageengine-access-manager-plus-cve-2022-29081
poc-yaml-cacti-weathermap-file-write
poc-yaml-finecms-sqli
poc-yaml-apache-ofbiz-cve-2018-8033-xxe
poc-yaml-nsfocus-uts-password-leak
poc-yaml-xxl-job-default-password

poc-yaml-apache-ofbiz-cve-2020-9496-xml-deserialization
poc-yaml-zimbra-collaboration-server-cve-2013-7091-lfi
poc-yaml-ukefu-cnvd-2021-18303-ssrf
poc-yaml-etcd-unauth
poc-yaml-nexus-default-password
poc-yaml-gurock-testrail-cve-2021-40875-info-leak
poc-go-apache-log4j2-rce
poc-yaml-thinfinity-virtualui-cve-2021-44848-user-enum-unauth
poc-yaml-zyxel-ztp-rce-cve-2022-30525
poc-yaml-sonarqube-cve-2020-27986-unauth
poc-yaml-fortinet-cve-2022-40684-auth-bypass
poc-yaml-seacms-before-v992-rce
poc-yaml-doccms-sqli
poc-yaml-couchcms-cve-2018-7662
poc-yaml-ecology-hrmcareerapplyperview-sql
poc-yaml-tenda-11n-ultra-vires
poc-yaml-yonyou-iufo-userinformation-disclosure
poc-yaml-gitlist-rce-cve-2018-1000533
poc-yaml-tpshop-sqli
poc-yaml-atlassian-bitbucket-archive-cve-2022-36804-remote-command-exec
poc-yaml-phpshe-sqli
poc-yaml-jira-ssrf-cve-2019-8451
poc-yaml-springcloud-cve-2019-3799
poc-yaml-tianqing-info-leak
poc-yaml-pyspider-unauthorized-access
poc-yaml-jupyter-notebook-rce
poc-yaml-netgear-cnnvd-201306-024
poc-yaml-cockpit-cve-2020-35846-sqli
poc-yaml-jinher-oa-c6-default-password
poc-yaml-joomla-jck-cve-2018-17254-sqli
poc-yaml-seeyon-oa-arbitrary-auth
poc-yaml-node-red-dashboard-file-read-cve-2021-3223
poc-yaml-hitachi-vantara-pentaho-business-analytics-cve-2021-34684

poc-yaml-huayu-reporter-rce
poc-yaml-dedecms-url-redirection
poc-yaml-seeyon-ajax-unauthorized-access
poc-yaml-ruijie-nbr1300g-cli-password-leak
poc-yaml-dzzoffice-2-02-1-sc-utf8-unauth
poc-yaml-jetty-web-inf-information-disclosure-cve-2021-34429
poc-yaml-activemq-cve-2016-3088
poc-yaml-earcms-index-uplog-php-file-upload

poc-yaml-vmware-workspace-cve-2022-22954-rce
poc-yaml-rconfig-cve-2019-16663
poc-yaml-topsec-rce
poc-yaml-rocket-chat-cve-2021-22911-nosqli

poc-yaml-wavlink-cve-2022-2486-rce
poc-yaml-weaver-ecology-getsqldata-sqli-rce
poc-yaml-interlib-read-file
poc-yaml-mongo-express-cve-2019-10758
poc-yaml-apache-guacamole-default-password
poc-yaml-powercreator-arbitrary-file-upload

poc-yaml-elfinder-cve-2021-32682-rce
poc-yaml-tongda-anywhere2017-auth-bypass
poc-yaml-circarlife-scada-cve-2018-12634-info-leak

poc-yaml-dapr-dashboard-cve-2022-38817-unauth
poc-yaml-western-digital-mycloud-jqueryfiletree-exec
poc-yaml-manageengine-servicedesk-cve-2017-11512-lfi
poc-yaml-ecology-springframework-directory-traversal
poc-yaml-ruijie-eg-update-rce
poc-yaml-seeyon-session-leak
poc-yaml-zoneminder-cve-2016-10140-unauth-access

poc-yaml-odoo-file-read
poc-yaml-spiderflow-save-remote-command-execute
poc-yaml-xieda-oa-artibute-cnvd-2021-29066-file-read
poc-yaml-cve-2017-16894-sensitive-documents
poc-yaml-d-link-dir-825-cve-2021-46442
poc-yaml-wavlink-cve-2022-31846

poc-yaml-phpstudy-nginx-wrong-resolve
poc-yaml-wavlink-cve-2022-31845
poc-yaml-zabbix-cve-2022-23134
poc-yaml-dubbo-admin-default-password
poc-yaml-elasticsearch-unauth
poc-yaml-mingyu-waf-login-bypass
poc-yaml-vmware-vrealize-cve-2021-21975-ssrf
poc-yaml-circarlife-scada-cve-2018-16668-info-leak
poc-yaml-hongfan-oa-readfile
poc-yaml-cockpit-cve-2020-35847-nosqli
poc-yaml-weiphp-path-traversal
poc-yaml-keycloak-cve-2020-10770-ssrf
poc-yaml-vtigercrm-cve-2020-19363
poc-yaml-yongyou-u8-oa-sqli
poc-yaml-tapestry-cve-2019-0195-readfile
poc-yaml-kibana-cve-2019-7609-rce
poc-yaml-vite-cnvd-2022-44615
poc-yaml-rconfig-ajaxserversettingschk-cve-2019-16662-rce
poc-yaml-supesite-sqli
poc-yaml-kibana-unauth
poc-yaml-netgear-ssl-vpn-20211222-cve-2022-29383
poc-yaml-dahua-dss-arbitrary-file-download-cnvd-2020-61986
poc-yaml-eea-info-leak-cnvd-2021-10543
poc-yaml-tpshop-directory-traversal
poc-yaml-74cms-se-cve-2022-33095
poc-yaml-ruoyi-management-fileread
poc-yaml-joomla-cnvd-2019-34135-rce
poc-yaml-apache-kylin-unauth-cve-2020-13937
poc-yaml-dlink-cve-2019-16920-rce
poc-yaml-zyxel-cve-2022-0342-auth-bypass
poc-yaml-dedecms-search-php-sqli
poc-yaml-solr-velocity-template-rce
poc-yaml-tongda-oa-report-bi-func-php-sqli
poc-yaml-ispyconnect-cve-2022-29775-unauth
poc-yaml-tongda-user-session-disclosure
poc-yaml-weaver-oa-ultra-vires
poc-yaml-kyocera-printer-cve-2020-23575-path-traversal
poc-yaml-dlink-cve-2020-9376-dump-credentials
poc-yaml-resin-viewfile-fileread
poc-yaml-nagiosxi-cve-2020-35578-rce

poc-yaml-chinaunicom-modem-default-password
poc-yaml-phpcms-cve-2018-19127
poc-yaml-alibaba-anyproxy-fetchbody-fileread
poc-yaml-solarview-compact-rce-cve-2022-29298
poc-yaml-seeyon-default-password
poc-yaml-vbulletin-cve-2015-7808
poc-yaml-jsrog-artifactory-cve-2019-17444
poc-yaml-tongda-oa-gateway-path-traversal
poc-yaml-twonkyserver-cve-2018-7171-fileread
poc-yaml-zentao-sqli-cnvd-2022-42853
poc-yaml-flink-jobmanager-cve-2020-17519-lfi
poc-yaml-weaver-oa-filedownload-jsp-path-traversal
poc-yaml-gocd-cve-2021-43287
poc-yaml-httpd-ssrf-cve-2021-40438
poc-yaml-metinfo-cve-2019-16997-sqli
poc-yaml-nette-framework-cve-2020-15227-rce
poc-yaml-prtg-network-monitor-cve-2020-11547-info-leak
poc-yaml-metinfo-lfi-cnvd-2018-13393
poc-yaml-lionfish-cms-image-upload-php-upload
poc-yaml-totolink-cve-2022-25076-rce
poc-yaml-changjietong-downloadproxy-file-read
poc-yaml-zeit-nodejs-cve-2020-5284-directory-traversal
poc-yaml-h3c-er3100-unauth-access
poc-yaml-php-chat-live-uploadimg-html-upload
poc-yaml-artica-pandora-fms-cve-2020-8497-unauth
poc-yaml-jira-cve-2019-11581
poc-yaml-maccmsv10-backdoor
poc-yaml-bash-cve-2014-6271
poc-yaml-opendreambox-cve-2017-14135-rce
poc-yaml-telecom-gateway-default-password

poc-yaml-cloud-oa-system-sqli
poc-yaml-blogengine-net-cve-2019-10717-path-traversal
poc-yaml-nextjs-cve-2017-16877
poc-yaml-fuelcms-cve-2018-16763-rce
poc-yaml-kafka-manager-unauth
poc-yaml-kavita-cover-upload-file-read
poc-yaml-finecms-filedownload
poc-yaml-dptech-vpn-fileread
poc-yaml-yongyou-nc-iupdateservice-xxe
poc-yaml-tlr-2855ks6-arbitrary-file-creation-cve-2021-46418
poc-yaml-sonicwall-ssl-vpn-rce
poc-yaml-saltstack-cve-2021-25282-file-write
poc-yaml-aruba-instant-default-password
poc-yaml-feifeicms-lfr
poc-yaml-wavlink-cve-2022-2488-rce

poc-yaml-maccms-cve-2017-17733-rce
poc-yaml-ruanhong-oa-xxe
poc-yaml-resin-cnnvd-200705-315
poc-yaml-nagio-cve-2018-10738
poc-yaml-citrix-cve-2020-8194-code-injection
poc-yaml-yonyou-nc-arbitrary-file-upload
poc-yaml-thinkphp5-controller-rce


poc-yaml-dataease-cve-2022-34114
poc-yaml-74cms-sqli
poc-yaml-dedecms-cve-2018-6910

poc-yaml-resin-inputfile-fileread-or-ssrf
poc-yaml-zhiyuan-oa-fanruan-info-leak
poc-yaml-docker-api-unauthorized-rce
poc-yaml-citrix-cve-2020-8191-xss
poc-yaml-pfsense-rce-cve-2021-41282
poc-yaml-nagio-cve-2018-10735
poc-yaml-kong-cve-2020-11710-unauth
poc-yaml-nagio-cve-2018-10737
poc-yaml-nagio-cve-2018-10736
poc-yaml-weaver-e-office-lazyuploadify-upload
poc-yaml-vmware-workspace-cve-2021-22054-ssrf

poc-yaml-dynamicweb-cve-2022-25369
poc-yaml-draytek-cve-2020-8515
poc-yaml-pulse-cve-2019-11510
poc-yaml-yongyou-nc-cloud-fs-sqli

poc-yaml-western-digital-mycloud-multi-uploadify-file-upload
poc-yaml-ruijie-uac-cnvd-2021-14536
poc-yaml-microstrategy-cve-2020-11450-info-leak
poc-yaml-clickhouse-http-unauth
poc-yaml-74cms-sqli-1
poc-yaml-74cms-sqli-2
poc-yaml-uniview-isc-rce
poc-yaml-sanfor-reporter-anyfileread
poc-yaml-circarlife-scada-cve-2018-16670-info-leak
poc-yaml-seeyon-a6-employee-info-leak
poc-yaml-seeyon-oa-a8-m-information-disclosure
poc-yaml-fhem-file-read-cve-2020-19360
poc-yaml-emby-mediaserver-cve-2020-26948
poc-yaml-ecshop-cnvd-2020-58823-sqli
poc-yaml-zoho-cve-2022-23779-info-leak
poc-yaml-essl-dataapp-unauth-db-leak
poc-yaml-apache-spark-rce-cve-2022-33891
poc-yaml-joomla-cve-2018-7314-sql
poc-yaml-citrix-xenmobile-cve-2020-8209
poc-yaml-topapp-lb-any-user-login

poc-yaml-glassfish-cve-2017-1000029-lfi
poc-yaml-drupal-cve-2019-6340
poc-yaml-ecology-javabeanshell-rce
poc-yaml-vmware-vcenter-cve-2021-21985-rce

poc-yaml-spring-cloud-cve-2020-5405
poc-yaml-alibaba-canal-default-password
poc-yaml-e-office-v10-sqli
poc-yaml-hadoop-yarn-rpc-rce
poc-yaml-iis-put-getshell
poc-yaml-samsung-wea453e-rce
poc-yaml-phpmoadmin-cve-2015-2208-rce
poc-yaml-weaver-ebridge-file-read
poc-yaml-discuz-wechat-plugins-unauth
poc-yaml-nuxeo-cve-2018-16341-rce
poc-yaml-oracle-ebs-cve-2018-3167-ssrf
poc-yaml-fangweicms-sqli
poc-yaml-sap-cve-2017-12637-fileread
poc-yaml-spring-cloud-cve-2020-5410

poc-yaml-supervisord-cve-2017-11610
poc-yaml-aspcms-sqli
poc-yaml-nuuo-nvrmini2-cve-2018-11523-upload
poc-yaml-h5s-video-platform-cnvd-2020-67113-unauth

poc-yaml-jboss-cve-2010-1871

poc-yaml-yonyou-nc-xxe
poc-yaml-getsimple-cve-2019-11231
poc-yaml-gilacms-cve-2020-5515
poc-yaml-yinda-get-file-read
poc-yaml-wavlink-password-disclosure-cve-2022-34047

poc-yaml-landray-oa-datajson-rce
poc-yaml-74cms-sqli-cve-2020-22209
poc-yaml-ezoffice-smartupload-jsp-upload
poc-yaml-landray-oa-custom-jsp-fileread
poc-yaml-dzzoffice-2-02-1-sc-utf8-xss
poc-yaml-d-link-dap-2020-cve-2021-27250
poc-yaml-seacms-v654-rce
poc-yaml-harbor-cve-2019-16097
poc-yaml-zoho-manageengine-desktop-central-cve-2021-44515
poc-yaml-weaver-e-cology-dbconfigreader-jsp-info-leak
poc-yaml-gitlab-graphql-info-leak-cve-2020-26413
poc-yaml-metinfo-x-rewrite-url-sqli
poc-yaml-pandorafms-cve-2019-20224-rce
poc-yaml-kingsoft-v8-file-read
poc-yaml-dedecms-guestbook-sqli
poc-yaml-elasticsearch-cve-2014-3120
poc-yaml-thinkphp5023-method-rce
poc-yaml-couchdb-cve-2017-12635
poc-yaml-couchdb-unauth
poc-go-tongda-arbitrary-auth
poc-yaml-74cms-cve-2020-22211-sqli
poc-yaml-fanweioa-signaturedownload-file-read
poc-yaml-wanhu-oa-officeserver-file-upload
poc-yaml-eyoucms-cve-2021-39501
poc-yaml-glpi-barcode-cve-2021-43778-path-traversal
poc-yaml-changjie-crm-sqli
poc-yaml-zimbra-cve-2019-9670-xxe
poc-yaml-nexus-cve-2020-10204

poc-yaml-zhixiang-oa-sqli
poc-yaml-tamronos-iptv-rce
poc-yaml-yonyou-nc-uapws-db-info-leak
poc-yaml-dlink-dap-1620-firmware-cve-2021-46381

poc-yaml-dlink-cve-2019-17506
poc-yaml-zcms-v3-sqli
poc-yaml-subrions-search-cve-2017-11444-sqli
poc-yaml-jumpserver-unauth-rce
poc-yaml-fanruan-v9-file-upload
poc-yaml-zhiyuan-oa-wpsassistservlet-file-upload
poc-yaml-motioneye-info-leak-cve-2022-25568
poc-yaml-drupal-cve-2018-7600-rce
poc-yaml-amcrest-cve-2017-8229-info-leak
poc-yaml-eyou-mail-rce-cnvd-2021-26422
poc-yaml-ametys-cms-cve-2022-26159
poc-yaml-wanhuoa-upload-rce
poc-yaml-kkfileview-xss-cve-2022-35151
poc-yaml-joomla-history-cve-2015-7857-sqli
poc-yaml-yonyou-chanjet-file-upload
poc-yaml-ecshop-rce
poc-yaml-myucms-lfr
poc-yaml-phpcms-960-sqli
poc-yaml-reporter-file-read
poc-yaml-vmware-vcenter-arbitrary-file-read
poc-yaml-tongda-oa-file-read
poc-yaml-e-zkeco-cnvd-2020-57264-read-file
poc-yaml-tensorboard-unauth
poc-yaml-nps-auth-bypass

poc-yaml-spon-ip-intercom-file-read

poc-yaml-apache-storm-unauthorized-access
poc-yaml-ucms-v148-cve-2020-25483
poc-yaml-showdoc-uploadfile
poc-yaml-lionfish-cms-wxapp-php-upload
poc-yaml-xiuno-bbs-cvnd-2019-01348-reinstallation
poc-yaml-voipmonitor-cve-2022-24260
poc-yaml-php-cgi-cve-2012-1823-rce
poc-yaml-confluence-cve-2019-3396-path-traversal
poc-yaml-kibana-cve-2018-17246
poc-yaml-niushop-attrarray-sqli
poc-yaml-jeewms-showordownbyurl-fileread
poc-yaml-consul-service-rce
poc-yaml-vmware-vcenter-unauthorized-rce-cve-2021-21972
poc-yaml-strs-mas-remote-command-exec
poc-yaml-springboot-jolokia-lfi
poc-yaml-thinkadmin-v6-readfile



poc-yaml-yachtcontrol-webapplication-cve-2019-17270
poc-yaml-hd-network-real-time-monitoring-system-cve-2021-45043
poc-yaml-wavlink-cve-2020-13117-rce
poc-yaml-afterlogic-webmail-cve-2021-26294-path-traversal
poc-yaml-cisco-router-cve-2019-1653-info-leak
poc-yaml-node-red-file-read
poc-yaml-wuzhicms-cve-2018-11528
poc-yaml-weaver-e-cology-ktreeuploadaction-upload
poc-yaml-ivanti-endpoint-manager-cve-2021-44529-rce
poc-yaml-weaver-e-mobile-client-do-sqli
poc-yaml-rconfig-commands-inc-cve-2020-10220-sqli
poc-yaml-phpmyadmin-cve-2018-12613-file-inclusion
poc-yaml-dedecms-cve-2017-17731-sqli
poc-yaml-piwigo-cve-2022-26266-sqli
poc-yaml-sangfor-edr-arbitrary-admin-login
poc-yaml-php-imap-cve-2018-19518-rce
poc-yaml-kingsoft-tss-v8-file-upload
poc-yaml-dvr-cve-2018-9995
poc-yaml-laravel-debug-info-leak
poc-yaml-dedecms-mysql-error-trace
poc-yaml-genixcms-register-cve-2015-3933-sqli
poc-yaml-joomla-ext-zhbaidumap-cve-2018-6605-sqli
poc-yaml-weaver-e-mobile-ognl-inject
poc-yaml-zabbix-default-password
poc-yaml-vicidial-info-leak
poc-yaml-yongyou-chanjet-sql-injection
poc-yaml-samsung-wea453e-default-pwd
poc-yaml-yonyou-nc-javabeanshell-rce
poc-yaml-rudloff-alltube-cve-2022-0692
poc-yaml-fumengyun-ajaxmethod-name-sqli



poc-yaml-franklinfueling-cve-2021-46417-lfi

poc-yaml-kingdee-oa-apusic-readfile
poc-go-seeyon-htmlofficeservlet-rce
poc-yaml-glassfish-cve-2017-1000028-lfi
poc-yaml-ruanhong-jvm-lfi
poc-yaml-terramaster-tos-cve-2022-24989
poc-yaml-spring-cve-2020-5398-rfd
poc-yaml-ns-asg-file-read
poc-yaml-reolink-nvr-configuration-disclosure-cve-2021-40150
poc-yaml-searchblox-cve-2020-35580
amingMM
关注
  • 7
    点赞
  • 8
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
博客
红队系列-网络安全知识锦囊(持续更新)
11-09 518
AJP13是定向包协议。因为性能原因,使用二进制格式来传输可读性文本。AJP协议:WEB服务器通过TCP连接和SERVLET容器连接。为了减少进程生成socket的花费,WEB服务器和SERVLET容器之间尝试保持持久性的TCP连接,对多个请求/回复循环重用一个连接。一旦连接分配给一个特定的请求,在请求处理循环结束之前不会在分配。换句话说,在连接上,请求不是多元的。这个是连接两端的编码变得容易,虽然这导致在一时刻会有很多连接。
博客
Python AI股票自动化量化交易经济金融市场分析(每日更新)
10-14 680
一种基于量化分析(Quantitative Analysis)的交易方式。量化交易需要三大技能: 数学功底、编程技能、金融知识。网上有种说法,从事量化交易需要的知识比重如下:计算机-金融-数学,知识比重为1-3-6。
博客
红队专题-渗透工具-hydra爆破神器
03-15 597
主要步骤讲完后,下面来看看整个代码,看如何用shell程序将这些串起来。当然,能否破解成功,有一个好用的工具固然重要,但还需要一个强健的密码本。grep “host:”用来过滤打印的输出,只输出破解到密码的条目。第二步为,读取22-output.txt文件中开放22端口的主机,这条命令的含义是采用密码本./password.txt中的密码,因此,在shell中写了一个循环,hydra一次任务结束后,遍历代码很简单,不用惊讶,这就是shell脚本的神奇之处。对一个网段的扫描,也可以换成一个IP。
博客
漏洞复现-H3C系列
03-15 750
H3C用户自助服务平台是一种基于云计算和自动化技术的管理平台,旨在提供自助式、智能化的网络设备和服务管理解决方案。该平台通过集成多种功能和工具,帮助企业用户更高效地管理和维护其网络设备,并提供更好的用户体验。H3C用户自助服务平台dynamiccontent.properties.xhtml接口处存在命令执行漏洞,未经身份验证的攻击者可以利用此漏洞执行任意指令,写入后门文件,导致整个web服务器存在被控的风险。
博客
漏洞复现-红帆OA系列
03-15 1155
红帆OA--------------------------------------------fofa:app=“红帆-ioffice”
博客
漏洞复现-宏景HJSOFT系列
03-15 1130
宏景HCM--------------------------------------------fofa:app=“HJSOFT-HCM”
博客
漏洞复现-海康威视系列
03-15 440
综合安防系统是一款功能强大的综合性管理平台,其特点是视频监控与门禁一卡通的深度融合,海康的系统在系统中大量存在,出于学习的目的,通过授权测试对象对该漏洞进行研究和复现。自查方式:通过发送前文提到的漏洞探测数据包,观察返回的状态码为200,并且提示token empty!字样则可能存在漏洞,需要及时排查修复。修复建议:关闭互联网暴露面访问的权限,文件上传模块做好权限强认证。海康威视综合安防系统 iVMS-8700。海康威视综合安防系统iVMS-5000。
博客
漏洞复现-大华dahua系列
03-15 417
大华智慧园区综合管理平台是一款综合管理平台,具备园区运营、资源调配和智能服务等功能。该平台旨在协助优化园区资源分配,满足多元化的管理需求,同时通过提供智能服务,增强使用体验。大华智慧园区综合管理平台devicePoint_addImgIco存在文件上传漏洞,攻击者利用该漏洞可以获取服务器权限。app=“dahua-智慧园区综合管理平台”
博客
漏洞复现-金和OA系列
03-14 963
|| banner=“Path=/jc6”金和OA协同办公管理系统C6软件(简称金和OA),本着简单、适用、高效的原则,贴合企事业单位的实际需求,实行通用化、标准化、智能化、人性化的产品设计,充分体现企事业单位规范管理、提高办公效率的核心思想,为用户提供一整套标准的办公自动化解决方案,以帮助企事业单位迅速建立便捷规范的办公环境。app=“金和网络-金和OA”||body=“/jc6/platform/sys/login”请联系厂家 http://www.jinher.com/升级。
博客
漏洞复现-金蝶系列
03-14 988
金蝶软件是中国领先的企业管理软件及云服务提供商,拥有众多产品和解决方案,其中包括四个主要产品系列。这四个产品系列分别是:金蝶ERP(Enterprise Resource Planning): 金蝶ERP是金蝶软件的核心产品之一,是一套全面的企业管理软件解决方案,涵盖了财务、供应链管理、生产制造、人力资源管理等多个领域,为企业提供全面的业务管理功能。金蝶ERP产品线包括不同版本,以满足不同规模和行业的企业需求。
博客
漏洞复现-锐捷Ruijie系列
03-14 665
“系统升级有效期已到” && “URL 库文件已过期”
博客
开发知识点-Python-conda
03-14 338
Python-condahttps://conda.io/miniconda.htmlconda search python conda env list conda deactivateconda activate python11conda 是一个流行的开源包管理系统,它支持多种 Python 版本。 使用 cond...
博客
项目技术栈-解决方案-消息队列
03-14 379
项目技术栈-解决方案-消息队列概念应用场景1. 异步处理参考文章消息队列(Message Queue)概念“消息”是在两台计算机间传送的数据单位。 消息可以非常简单,例如只包含文本字符串; 也可以更复杂 ,包括对象等。队列是一种数据结构,先进先出,保证了顺序性。生产者:发送消息的一端。用于把消息写入到队列中消费者:从消息队...
博客
漏洞复现-万户ezOFFICE系列
03-12 1154
万户OA[+]万户协同办公平台 ezoffice存在未授权访问漏洞wanhu_office|app=“万户ezOFFICE协同管理平台”万户ezEIP。
博客
漏洞复现-蓝凌LandrayOA系列
03-08 1553
LandrayOA_sysSearchMain_Rce漏洞。LandrayOA_Custom_SSRF_JNDI漏洞。LandrayOA_Custom_FileRead漏洞。
博客
运维知识点-Apache HTTP Server
03-08 675
【代码】运维知识点-Apache。
博客
运维知识点-JBoss
03-08 423
JBoss是一个基于J2EE的开放源代码的应用服务器,也是一个运行EJB(Enterprise JavaBean)的容器和服务器。它支持EJB 1.1、EJB 2.0和EJB3的规范,体现了J2EE规范中最新的技术。JBoss遵循LGPL许可,可以在任何商业应用中免费使用,并且由开源社区开发,这使得JBoss广为流行。JBoss从最初作为一个EJB容器,已经发展成为一个基于J2EE的web操作系统,提供了丰富的功能和特性。
博客
开发知识点-Apache Struts2框架
03-08 783
【代码】开发知识点-Apache Struts2框架。
博客
运维知识点-Tomcat
03-08 678
【代码】运维知识点-Tomcat。
博客
开发知识点-Apache Axis2框架
03-08 1089
访问shell路径:http://192.168.0.104:8080/axis/…/shell.jsp。poc脚本写入shell。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值