Skip to content
vbulletin 5.0.0 till 5.5.4 pre-auth rce
Branch: master
Clone or download
Latest commit d951a3d Oct 3, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
demo init Oct 2, 2019
LICENSE Initial commit Oct 2, 2019 init Oct 2, 2019
urls.txt init Oct 2, 2019 init Oct 2, 2019

vbulletin5 rce漏洞检测工具

0x00 概述

201909 vbulletion5(5.0.0-5.5.4)爆出rce漏洞,利用文件ajax/render/widget_php和post参数widgetConfig[code]可直接远程代码执行。

本工具支持单url检测,cmdshell,get web shell(写入一句话木马),批量检测,批量getshell。

0x01 需求


pip install requests

0x02 快速开始

使用帮助: python -h

单url漏洞检测: python -u ""

cmdshell: python -u "" --cmdshell

单url getshell: python -u "" --getshell

批量检测: python -f urls.txt

批量getshhell: python -f urls.txt --getshell

0x03 反馈


You can’t perform that action at this time.