GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → magicming200 → Cve 2020 10199_cve 2020 10204

magicming200 / Cve 2020 10199_cve 2020 10204

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

Labels

vulnerabilitypoc

Projects that are alternatives of or similar to Cve 2020 10199 cve 2020 10204

Xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+30990%)
Mutual labels:  vulnerability, poc
CVE-2021-33766
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (+85%)
Mutual labels:  poc, vulnerability
dheater
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+610%)
Mutual labels:  poc, vulnerability
Exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+15180%)
Mutual labels:  vulnerability, poc
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+1965%)
Mutual labels:  vulnerability, poc
Php7 Opcache Override
Security-related PHP7 OPcache abuse tools and demo
Stars: ✭ 237 (+1085%)
Mutual labels:  vulnerability, poc
CVE-2020-1611
Juniper Junos Space (CVE-2020-1611) (PoC)
Stars: ✭ 25 (+25%)
Mutual labels:  poc, vulnerability
CVE-2020-11651
CVE-2020-11651: Proof of Concept
Stars: ✭ 41 (+105%)
Mutual labels:  poc, vulnerability
Javadeserh2hc
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (+1705%)
Mutual labels:  vulnerability, poc
NSE-scripts
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (+425%)
Mutual labels:  poc, vulnerability
Pub
Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
Stars: ✭ 217 (+985%)
Mutual labels:  vulnerability, poc
Poc
Proofs-of-concept
Stars: ✭ 467 (+2235%)
Mutual labels:  vulnerability, poc
Bitp0wn
Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (+195%)
Mutual labels:  vulnerability, poc
Ary
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+1105%)
Mutual labels:  vulnerability, poc
Poccollect
Poc Collected for study and develop
Stars: ✭ 15 (-25%)
Mutual labels:  vulnerability, poc
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (+20%)
Mutual labels:  poc, vulnerability
Ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+23940%)
Mutual labels:  vulnerability, poc
Vulscan
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+2330%)
Mutual labels:  vulnerability, poc
Routeros
RouterOS Security Research Tooling and Proof of Concepts
Stars: ✭ 603 (+2915%)
Mutual labels:  poc
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+3780%)
Mutual labels:  poc
View All Similar Projects ➔

迈萌CVE-2020-10199、CVE-2020-10204漏洞检测工具

工具介绍

抽空用java写了这个小工具,支持一键检测CVE-2020-10199、CVE-2020-10204漏洞,图形化界面,为确保检测稳定性,payload用到了随机数。该工具仅限安全从业者在法律法规允许的范围内使用,违规使用后果自负。

运行截图

使用方式

  1. 登录进入后台;
  2. 获取登录后的cookie及scrf属性;
  3. 打开本工具,填写相关信息,点击检测即可。

运行环境

跨平台,JRE>=1.6。

漏洞背景

Sonatype Nexus 是一个 Maven 的仓库管理系统,它提供了强大的仓库管理、构件搜索等功能,并且可以用来搭建 Maven 仓库私服,在代理远程仓库的同时维护本地仓库,以节省带宽和时间。在 Nexus Repository Manager OSS/Pro 3.21.1 及之前的版本中,经过授权认证的攻击者,可以通过 JavaEL 表达式注入造成远程代码执行,获取系统权限。

CVE-2020-10199官方说明:https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31

CVE-2020-10204官方说明:https://support.sonatype.com/hc/en-us/articles/360044356194-CVE-2020-10204-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31

影响范围

CVE-2020-10199:Nexus Repository Manager OSS/PRo <=3.21.1,需有低权限账号。

CVE-2020-10204:Nexus Repository Manager OSS/PRo <=3.21.1,需有管理员账号。

漏洞修复

Nexus Repository Manager OSS/Pro升级到最新版。下载地址:https://help.sonatype.com/repomanager3/download?_ga=2.58824877.1855790103.1586413660-404515824.1586413660

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].