GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → z1un → weaver_exp

z1un / weaver_exp

Licence: other
泛微OA漏洞综合利用脚本

Programming Languages

python
139335 projects - #7 most used programming language

Labels

weaverexpweaverexpweaveroa

Projects that are alternatives of or similar to weaver exp

Yakhont
The high-level Android components library for data loading, location, lifecycle callbacks and more.
Stars: ✭ 13 (-96.17%)
Mutual labels:  weaver
Exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+801.47%)
Mutual labels:  exp
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+758.7%)
Mutual labels:  exp
MS17010EXP
Ladon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (-88.2%)
Mutual labels:  exp
SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Stars: ✭ 1,060 (+212.68%)
Mutual labels:  exp
tongda-exp
python编写的多个通达常见漏洞exp
Stars: ✭ 24 (-92.92%)
Mutual labels:  exp
redis exp
redis 利用脚本-执行命令、文件上传、目录猜解
Stars: ✭ 29 (-91.45%)
Mutual labels:  exp
expo-deploy
Bash script to deploy to different Expo environments (https://expo.io)
Stars: ✭ 40 (-88.2%)
Mutual labels:  exp
threat-broadcast
威胁情报播报(停止运营)
Stars: ✭ 147 (-56.64%)
Mutual labels:  exp

泛微OA漏洞合集

当前集合漏洞:
泛微云桥任意文件读取

泛微OA V8前台Sql注入

泛微OA WorkflowServiceXml RCE CNVD-2019-32204

泛微OA weaver.common.Ctrl 任意文件上传

泛微OA Bsh RCE

泛微OA WorkflowCenterTreeData接口SQL注入(仅限oracle数据库) CNVD-2019-34241

泛微OA E-Cology 数据库配置信息泄漏

泛微OA V9 任意文件上传(未完成,测试ing)

先写了这些,也欢迎补充~

其中/poc下的利用脚本均可独立使用。

python3 poc.py url
Usage:
python3 main.py -f filename

python3 main.py -u url

参考

https://ailiqun.xyz/2021/05/02/%E6%B3%9B%E5%BE%AEOA-%E5%89%8D%E5%8F%B0GetShell%E5%A4%8D%E7%8E%B0/

http://wiki.peiqi.tech/

https://www.o2oxy.cn/3561.html

https://github.com/Henry4E36/weaverSQL

https://github.com/NS-Sp4ce/Weaver-OA-E-cology-Database-Leak

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].