Typecho deserialization vulnerability in Oct 2017.
This scripts is for learning purpose ONLY. DO NOT use on unauthorized circumstances. USE AT YOUR OWN RISK!!!
pip install requests
Python 2/3, then you are all set!
Build your own exe
If you want to build exe on your own, install
pyinstaller and run
pyinstaller -F exp.py.
How to patch Typecho and some further suggestions##
- Upgrade Typecho to the latest version
installdirectory once the installation completes.
mysqlnologin shell account for Apache/Nginx, PHP and MySQL.
- Update your system regularly, DO NOT use EOL Operating System.
- It's better to use Linux for webserver rather than Windows.