GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → theLSA → vbulletin5-rce

theLSA / vbulletin5-rce

Licence: MIT license
CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce

Programming Languages

python
139335 projects - #7 most used programming language

Labels

rcevbulletin5cve-2019-16759

Projects that are alternatives of or similar to vbulletin5-rce

Tp5 Getshell
thinkphp5 rce getshell
Stars: ✭ 126 (+500%)
Mutual labels:  rce
Netelf
Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
Stars: ✭ 220 (+947.62%)
Mutual labels:  rce
penelope
Penelope Shell Handler
Stars: ✭ 291 (+1285.71%)
Mutual labels:  rce
Springbootvulexploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Stars: ✭ 3,196 (+15119.05%)
Mutual labels:  rce
Xrcross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (+733.33%)
Mutual labels:  rce
CVE-2020-36179
CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (+266.67%)
Mutual labels:  rce
Cve 2019 7609
exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
Stars: ✭ 108 (+414.29%)
Mutual labels:  rce
CVE-2019-7609
RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
Stars: ✭ 47 (+123.81%)
Mutual labels:  rce
Cve 2020 16898
CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Stars: ✭ 207 (+885.71%)
Mutual labels:  rce
PrintNightmare-CVE-2021-34527
PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
Stars: ✭ 73 (+247.62%)
Mutual labels:  rce
Cve 2020 2883
Weblogic coherence.jar RCE
Stars: ✭ 168 (+700%)
Mutual labels:  rce
Godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+719.05%)
Mutual labels:  rce
exprolog
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+523.81%)
Mutual labels:  rce
Apk Utilities
🛠 Tools and scripts to manipulate Android APKs
Stars: ✭ 134 (+538.1%)
Mutual labels:  rce
log4jpwn
log4j rce test environment and poc
Stars: ✭ 306 (+1357.14%)
Mutual labels:  rce
Cve 2019 0708 bluekeep rce
bluekeep exploit
Stars: ✭ 121 (+476.19%)
Mutual labels:  rce
Redis Rogue Server
Redis 4.x/5.x RCE
Stars: ✭ 243 (+1057.14%)
Mutual labels:  rce
cloudrasp-log4j2
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+400%)
Mutual labels:  rce
PayloadsAll
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (+47.62%)
Mutual labels:  rce
SAP vulnerabilities
DoS PoC's for SAP products
Stars: ✭ 47 (+123.81%)
Mutual labels:  rce
View All Similar Projects ➔

vbulletin5 rce漏洞检测工具

0x00 概述

201909 vbulletion5(5.0.0-5.5.4)爆出rce漏洞(CVE-2019-16759),利用文件ajax/render/widget_php和post参数widgetConfig[code]可直接远程代码执行。

20200811,网上爆出CVE-2019-16759补丁可被绕过,利用ajax/render/widget_tabbedcontainer_tab_panel和构造post参数subWidgets[0][config][code]可直接远程代码执行。

本工具支持单url检测,cmdshell,get web shell(写入一句话木马),批量检测,批量getshell。

0x01 需求

python2.7

pip install requests

0x02 快速开始

使用帮助: python vbulletin5-rce.py -h

单url漏洞检测: python vbulletin5-rce.py -u "http://www.xxx.com/"

cmdshell: python vbulletin5-rce.py -u "http://www.xxx.com/" --cmdshell

单url getshell: python vbulletin5-rce.py -u "http://www.xxx.com/" --getshell

批量检测: python vbulletin5-rce.py -f urls.txt

批量getshhell: python vbulletin5-rce.py -f urls.txt --getshell

0x03 反馈

issus

gmail:[email protected]

qq:[email protected]

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].