【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
-
Updated
Feb 26, 2023 - Python
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞
【Lazy Artifact】A graphical tool that collects urls in batches, and performs various nday detections on the collected urls in batches. It can be used for src mining, cnvd mining, 0day exploitation, building your own arsenal and other scenarios.
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)
[CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.
「💥」CVE-2022-26134 - Confluence Pre-Auth RCE
Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)
远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。
Add a description, image, and links to the cve-2022-26134 topic page so that developers can more easily learn about it.
To associate your repository with the cve-2022-26134 topic, visit your repo's landing page and select "manage topics."