Skip to content
/ PocList Public

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5…

1.1k stars 319 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

1n7erface/PocList

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

89 Commits
.gitattributes
.gitattributes
 
 
360TianQing-SQLinjection.jar
360TianQing-SQLinjection.jar
 
 
360TianQing-Unauthorized.jar
360TianQing-Unauthorized.jar
 
 
Alibaba-Nacos-Unauthorized.jar
Alibaba-Nacos-Unauthorized.jar
 
 
Apache-Druid-RCE_CVE-2021-25646.jar
Apache-Druid-RCE_CVE-2021-25646.jar
 
 
Apache-Solr-GetAnyFile.jar
Apache-Solr-GetAnyFile.jar
 
 
D-Link-DCS-CVE-2020-25078.jar
D-Link-DCS-CVE-2020-25078.jar
 
 
F5-BIG-IP-CVE-2021-22986.jar
F5-BIG-IP-CVE-2021-22986.jar
 
 
FanWeiOA-V8-SQLinjection.jar
FanWeiOA-V8-SQLinjection.jar
 
 
GitLab-Graphql-CNVD-2021-14193.jar
GitLab-Graphql-CNVD-2021-14193.jar
 
 
MS-Exchange-SSRF-CVE-2021-26885.jar
MS-Exchange-SSRF-CVE-2021-26885.jar
 
 
NCCloud-SQLinjection.jar
NCCloud-SQLinjection.jar
 
 
Oracle-WebLogic-CVE-2020-14882.jar
Oracle-WebLogic-CVE-2020-14882.jar
 
 
Oracle-WebLogic-CVE-2020-14883.jar
Oracle-WebLogic-CVE-2020-14883.jar
 
 
Oracle-WebLogic-CVE-2021-2109_RCE.jar
Oracle-WebLogic-CVE-2021-2109_RCE.jar
 
 
QiAnXin-WangKangFirewall-RCE.jar
QiAnXin-WangKangFirewall-RCE.jar
 
 
QiZhiBaoLeiJi-AnyUserLogin.jar
QiZhiBaoLeiJi-AnyUserLogin.jar
 
 
README.md
README.md
 
 
RG-CNVD-2021-14536.jar
RG-CNVD-2021-14536.jar
 
 
RJ-SSL-VPN-UltraVires.jar
RJ-SSL-VPN-UltraVires.jar
 
 
Redis-Unauthorized-RCE.jar
Redis-Unauthorized-RCE.jar
 
 
ShowDoc-RCE.jar
ShowDoc-RCE.jar
 
 
Sonicwall-SSL-VPN-RCE.jar
Sonicwall-SSL-VPN-RCE.jar
 
 
TDOA-V11.7-GetOnlineCookie.jar
TDOA-V11.7-GetOnlineCookie.jar
 
 
VMware-vCenter-GetAnyFile.jar
VMware-vCenter-GetAnyFile.jar
 
 
WLAN-AP-WEA453e-RCE.jar
WLAN-AP-WEA453e-RCE.jar
 
 
yongyou-GRP-U8-XXE.jar
yongyou-GRP-U8-XXE.jar
 
 
金山-V8-终端安全系统.jar
金山-V8-终端安全系统.jar
 
 

Repository files navigation

此项目暂时停止更新。在我更新到后期意识到两个问题,第一:似乎我在仓库中对安全法的声明不到位,造成了一些我不愿意看到的结果。第二:在此项目设计之初我没有考虑到一些底层架构上的东西。比如接口的通用性,比如图形化和单种框架的全版本检测才是大众更为需要的。

编写的POC

Alibaba-Nacos-Unauthorized

ApacheDruid-RCE_CVE-2021-25646

MS-Exchange-SSRF-CVE-2021-26885

Oracle-WebLogic-CVE-2021-2109_RCE

RG-CNVD-2021-14536

RJ-SSL-VPN-UltraVires

Redis-Unauthorized-RCE

TDOA-V11.7-GetOnlineCookie

VMware-vCenter-GetAnyFile

yongyou-GRP-U8-XXE

Oracle-WebLogic-CVE-2020-14883

Oracle-WebLogic-CVE-2020-14882

Apache-Solr-GetAnyFile

F5-BIG-IP-CVE-2021-22986

Sonicwall-SSL-VPN-RCE

GitLab-Graphql-CNVD-2021-14193

D-Link-DCS-CVE-2020-25078

WLAN-AP-WEA453e-RCE

360TianQing-Unauthorized

360TianQing-SQLinjection

FanWeiOA-V8-SQLinjection

QiZhiBaoLeiJi-AnyUserLogin

QiAnXin-WangKangFirewall-RCE

金山-V8-终端安全系统RCE

NCCloud-SQLinjection

ShowDoc-RCE

关于POC

这里会把作者在各种环境中遇到的繁琐漏洞简化为POC工具,以便在后续中轻松发现与利用

免责声明

此处提供的所有工具仅供授权状态下使用,如发生刑事案件,非授权攻击行为于本人无关.望大家熟知《网络安全法》.

About

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5…

Topics

jar poc alibaba-nacos

Resources

Readme
Activity

Stars

1.1k stars

Watchers

36 watching

Forks

319 forks
Report repository

Packages

No packages published

Languages