Giter Club home page Giter Club logo

1n7erface / poclist Goto Github PK

View Code? Open in Web Editor NEW
1.1K 1.1K 321.0 2.53 MB

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE

Java 100.00%
alibaba-nacos jar poc

poclist's Introduction

此项目暂时停止更新。在我更新到后期意识到两个问题,第一:似乎我在仓库中对安全法的声明不到位,造成了一些我不愿意看到的结果。第二:在此项目设计之初我没有考虑到一些底层架构上的东西。比如接口的通用性,比如图形化和单种框架的全版本检测才是大众更为需要的。

编写的POC

Alibaba-Nacos-Unauthorized

ApacheDruid-RCE_CVE-2021-25646

MS-Exchange-SSRF-CVE-2021-26885

Oracle-WebLogic-CVE-2021-2109_RCE

RG-CNVD-2021-14536

RJ-SSL-VPN-UltraVires

Redis-Unauthorized-RCE

TDOA-V11.7-GetOnlineCookie

VMware-vCenter-GetAnyFile

yongyou-GRP-U8-XXE

Oracle-WebLogic-CVE-2020-14883

Oracle-WebLogic-CVE-2020-14882

Apache-Solr-GetAnyFile

F5-BIG-IP-CVE-2021-22986

Sonicwall-SSL-VPN-RCE

GitLab-Graphql-CNVD-2021-14193

D-Link-DCS-CVE-2020-25078

WLAN-AP-WEA453e-RCE

360TianQing-Unauthorized

360TianQing-SQLinjection

FanWeiOA-V8-SQLinjection

QiZhiBaoLeiJi-AnyUserLogin

QiAnXin-WangKangFirewall-RCE

金山-V8-终端安全系统RCE

NCCloud-SQLinjection

ShowDoc-RCE

关于POC

这里会把作者在各种环境中遇到的繁琐漏洞简化为POC工具,以便在后续中轻松发现与利用

免责声明

此处提供的所有工具仅供授权状态下使用,如发生刑事案件,非授权攻击行为于本人无关.望大家熟知《网络安全法》.

poclist's People

Contributors

1n7erface avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

hcjcn zglaozhu jiangmoo hittimes pizzaline antichown c0olw harris2015 wuyoukm luoam skye-sky-a11y xiliangsong caoeryeyoushang whitesharks microvorld think77 yukar1z0e wh-orange yangshuangfu liuzhaozhuo xiaopihaik imbaiye dskho tefuir72 c0d1007 tollytu xiaotu0821 ykankaya linuxdy daqdian xp0inter thecryinggame s7safe cl0udg0d superdolby cuteghost6 xushidajiang mathilda12 yuyuowo listenquiet richard6666 devilmaycrying goowen str1am 419066074 jsongmax vvring w4ter fbion getblackjake j4ckzh0u dk47os3r inuo091 kangd1w2 309746069 syunaht silentsoul04 02bx cl4ysmith fankaren icysun hack404-007 mr-m0nst3r harry1080 morns0 whizsail timeshu getcode2git fanyibo2009 steward007 yemoli yijinglab chrr0m4n gysf666 j0k4r5 liutufang ls-wen aruilcrude imagin-sch 1337g liehu inuyasha-fay logosale daboquan h1iba1 yyming-sudo ys11i huangzccn spark-a fleabane1 zhangtianqing98 fdlucifer wrysunny gxlioper lw1988 jaky5155 yida223 jdxn ne0ke718 bingpo

poclist's Issues

改进

可以考虑把验证存在漏洞的,写入一个txt,不然放服务器扫,断开连接后也不知道结果

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.