├── README.md
└── typora-img
    └── README
        ├── gzh.png
        ├── image-20240303203536393.png
        ├── image-20240303203711489.png
        ├── image-20240303204009976.png
        └── image-20240303204141877.png


/README.md:
--------------------------------------------------------------------------------
 1 | # RuoYiExploitGUI_v1.0
 2 | 
 3 | ### 0x01 前言
 4 | 
 5 | ​		若依最新定时任务SQL注入可导致RCE漏洞的一键利用工具, 扫描和漏洞利用结束会自行删除所创建的定时任务。
 6 | 
 7 | 
 8 | 
 9 | ### 0x02 工具使用说明
10 | 
11 | **单个检测**
12 | 
13 | 因为该漏洞为后台任务,所以我们需要配置Cookie请求头，点击设置-->请求头设置-->添加Cookie即可,添加完成即可进行漏洞检测
14 | 
15 | ![image-20240303203711489](typora-img/README/image-20240303203711489.png)
16 | 
17 | ![image-20240303203536393](typora-img/README/image-20240303203536393.png)
18 | 
19 | **漏洞利用**
20 | 
21 | ​		当定时任务存在SQL注入时,我们可以使用JNDI进行漏洞利用,首先我们需要下载cckuailong师傅的JNDI-Injection-Exploit-Plus项目(https://github.com/cckuailong/JNDI-Injection-Exploit-Plus/releases/tag/2.3)。
22 | 
23 | ```shell
24 | java8 -jar JNDI-Injection-Exploit-Plus-2.3-SNAPSHOT-all.jar -C calc -A 127.0.0.1
25 | ```
26 | 
27 | ![image-20240303204009976](typora-img/README/image-20240303204009976.png)
28 | 
29 | 然后我们使用该工具的JNDI模块进行一键利用
30 | 
31 | ![image-20240303204141877](typora-img/README/image-20240303204141877.png)
32 | 
33 | 
34 | 
35 | ### 0x03 免责声明
36 | 
37 | 该开源工具是由作者按照开源许可证发布的，仅供个人学习和研究使用。作者不对您使用该工具所产生的任何后果负任何法律责任。
38 | 
39 | ![gzh](./typora-img/README/gzh.png)
40 | 


--------------------------------------------------------------------------------
/typora-img/README/gzh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/RuoYiExploitGUI/43b9c655bc6b9feb242b3e0d6c1572ddbe35eea1/typora-img/README/gzh.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240303203536393.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/RuoYiExploitGUI/43b9c655bc6b9feb242b3e0d6c1572ddbe35eea1/typora-img/README/image-20240303203536393.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240303203711489.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/RuoYiExploitGUI/43b9c655bc6b9feb242b3e0d6c1572ddbe35eea1/typora-img/README/image-20240303203711489.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240303204009976.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/RuoYiExploitGUI/43b9c655bc6b9feb242b3e0d6c1572ddbe35eea1/typora-img/README/image-20240303204009976.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240303204141877.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/RuoYiExploitGUI/43b9c655bc6b9feb242b3e0d6c1572ddbe35eea1/typora-img/README/image-20240303204141877.png


--------------------------------------------------------------------------------