在线cms识别|旁站|c段|信息泄密|工控|系统|物联网安全|cms漏洞扫描|端口扫描|待完善..
<h1 style="color: black; text-align: left; margin-bottom: 10px;">在线cms识别|旁站|c段|信息<span style="color: black;">泄密</span>|工控|系统|物联网安全|cms漏洞扫描|端口扫描|待完善..</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">onlinetools</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">微语:</span><span style="color: black;">这是一个<span style="color: black;">伴侣</span>弄的东西,征求对方同意的<span style="color: black;">状况</span>下排版了下,发了出来,有些许BUG,大牛<span style="color: black;">能够</span>的话,来完善完善。</span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">这是一款线上工具箱,收集整理了<span style="color: black;">有些</span>渗透测试过程中<span style="color: black;">平常</span>的<span style="color: black;">需要</span>。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">此刻</span><span style="color: black;">已然</span><span style="color: black;">包括</span>的功能有:</p>
<span style="color: black;">在线cms识别|旁站|c段|信息<span style="color: black;">泄密</span>|工控|系统|物联网安全|cms漏洞扫描|端口扫描</span><span style="color: black;">依赖安装</span><span style="color: black;">pip </span>install-r requirements.txt<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">运用</span><span style="color: black;">办法</span></span></p><span style="color: black;">python3</span> main.py<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">浏览器打开</span></p><span style="color: black;">http:<span style="color: black;">//localhost:8000/</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">说明</span><span style="color: black;">1.漏洞poc来自开源项目AngelSword,共320个,<span style="color: black;">这里</span><span style="color: black;">暗示</span>感谢</span><span style="color: black;">2.本工具仅限于进行漏洞验证,如若<span style="color: black;">因此呢</span><span style="color: black;">导致</span><span style="color: black;">关联</span>法律问题,概不负责。</span><span style="color: black;">已有POC</span><span style="color: black;">POC</span></span><span style="color: black;">运行截图</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJAg3DzMAv0xspC4HEwmrtVjmwCib2mm5ZZWM2ic97Wqe6UIYk7tq831Lw/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJ1ujyibSsMSAbR6ROcA61ZmQFZSwIrYv7Rge15Z1eJic3f6thkibwshZ3Q/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJKfuVjSYia4ibTBWIrtsxWgBZ4vziaESdMVJz8jRsIdILuOavhZQz8f94Q/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJKibzmOHBQGDibGSmWK9uPzAthaA8iarOCu32c1NyOqeLQ0pGEJqMAFianQ/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJftWhlMmpXNtXicMiay2zpCJYBmqKqsfZ2YLgZoqYr2hMD6lSLXbgiafog/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJ8Eic57UAywCmVpj8KC4kfwjYoQcx87onYyldb1icWRPlusxBMDFe3Tibw/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJW3SxKBjaIM8icOzYc24CI9FlgZMPbSTKepl1CpPyZOJr6w0bEiakFM0g/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/RfJmzvvDC09myMgDEfsP0LQNia0VdFVBJUMlf7TPjX8QssxlSW3eM97AlCFveorKzJUwbWRmCEf7qibMKJ81aYDw/640?wx_fmt=png&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">日前</span><span style="color: black;">持有</span>的poc:</span><span style="color: black;">cms:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> "泛微OA downfile.php 任意文件下载漏洞",</p>"泛微OA 数据库配置<span style="color: black;">泄密</span>",
"phpok res_action_control.php 任意文件下载(需要cookies文件)",
"phpok api.php SQL注入漏洞",
"phpok remote_image getshell漏洞",
"jeecg 重置admin<span style="color: black;">秘码</span>",
"typecho install.php反序列化命令执行<span style="color: black;">",
"</span>Dotnetcms(风讯cms)<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>韩国autoset建站程序phpmyadmin任意登录漏洞<span style="color: black;">",
"</span>phpstudy探针<span style="color: black;">",
"</span>phpstudy phpmyadmin默认<span style="color: black;">秘码</span>漏洞<span style="color: black;">",
"</span>Discuz论坛forum.php参数message SSRF漏洞<span style="color: black;">",
"</span>Discuz X3 focus.swf flashxss漏洞<span style="color: black;">",
"</span>Discuz! X2<span style="color: black;">.5</span> <span style="color: black;">理学</span>路径<span style="color: black;">泄密</span>漏洞<span style="color: black;">",
"</span>Discuz问卷调查参数orderby注入漏洞<span style="color: black;">",
"</span>Hishop系统productlist.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>亿邮邮箱弱口令列表<span style="color: black;">泄密</span><span style="color: black;">",
"</span>亿邮Email Defender系统免登陆DBA注入<span style="color: black;">",
"</span>亿邮邮件系统重置<span style="color: black;">秘码</span>问题暴力破解<span style="color: black;">",
"</span>亿邮mail5 <span style="color: black;">user</span> 参数kw <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>金蝶办公系统任意文件下载<span style="color: black;">",
"</span>金蝶协同平台远程信息<span style="color: black;">泄密</span>漏洞<span style="color: black;">",
"</span>金蝶AES系统<span style="color: black;">Java</span> web配置文件<span style="color: black;">泄密</span><span style="color: black;">",
"</span>金蝶EAS任意文件读取<span style="color: black;">",
"</span>乐语客服系统任意文件下载漏洞<span style="color: black;">",
"</span>smartoa 多处任意文件下载漏洞<span style="color: black;">",
"</span>urp<span style="color: black;">查找</span>接口曝露<span style="color: black;">",
"</span>URP越权查看任意学生课表、成绩(需登录)<span style="color: black;">",
"</span>URP综合教务系统任意文件读取<span style="color: black;">",
"</span>pkpmbs工程质量监督站信息管理系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>pkpmbs建设工程质量监督系统注入<span style="color: black;">",
"</span>pkpmbs建设工程质量监督系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>帝友P2P借贷系统无需登录<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>帝友P2P借贷系统任意文件读取漏洞<span style="color: black;">",
"</span>iGenus邮件系统一处无需登录的任意代码执行<span style="color: black;">",
"</span>iGenus邮箱系统login.php 参数Lang任意文件读取<span style="color: black;">",
"</span>iGenus邮箱系统管理中心<span style="color: black;">sys</span>/login.php 参数Lang任意文件读取<span style="color: black;">",
"</span>live800客服系统downlog任意文件下载<span style="color: black;">",
"</span>live800在线客服系统loginAction <span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>live800在线客服系统多处<span style="color: black;">SQL</span>注入GETSHELL漏洞<span style="color: black;">",
"</span>live800在线客服系统<span style="color: black;">XML</span>实体注入漏洞<span style="color: black;">",
"</span>Onethink 参数<span style="color: black;">category</span> <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>ThinkPHP 代码执行漏洞<span style="color: black;">",
"</span>汇思学习管理系统任意文件下载<span style="color: black;">",
"</span>Cyberwisdom wizBank学习管理平台<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>domino_unauth未授权漏洞<span style="color: black;">",
"</span>宏景EHR系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>汇能群管理系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>汇文软件图书管理系统ajax_asyn_link.old.php任意文件读取<span style="color: black;">",
"</span>汇文软件图书管理系统ajax_asyn_link.php任意文件读取<span style="color: black;">",
"</span>汇文软件图书管理系统ajax_get_file.php任意文件读取<span style="color: black;">",
"</span>通元建站系统用户名<span style="color: black;">泄密</span>漏洞<span style="color: black;">",
"</span>metinfo5<span style="color: black;">.0</span> getpassword.php两处时间盲注漏洞<span style="color: black;">",
"</span>用友ICC struts2远程命令执行<span style="color: black;">",
"</span>V2视频会议系统某处<span style="color: black;">SQL</span>注射、XXE漏洞(可getshell)<span style="color: black;">",
"</span>政府采购系统eweb编辑器默认口令Getshell漏洞<span style="color: black;">",
"</span>RAP接口平台struts远程代码执行<span style="color: black;">",
"</span>虹安DLP数据<span style="color: black;">泄密</span>防护平台struts2远程命令执行<span style="color: black;">",
"</span>九羽数字图书馆struts远程命令执行<span style="color: black;">",
"</span>垚捷电商平台通用struts命令执行<span style="color: black;">",
"</span>Digital-Campus数字校园平台<span style="color: black;">LOG</span>文件<span style="color: black;">泄密</span><span style="color: black;">",
"</span>Digital-Campus2<span style="color: black;">.0</span>数字校园平台<span style="color: black;">Sql</span>注射<span style="color: black;">",
"</span>jeecms download.jsp 参数fpath任意文件下载<span style="color: black;">",
"</span>shopex<span style="color: black;">敏锐</span>信息<span style="color: black;">泄密</span><span style="color: black;">",
"</span>动科(dkcms)默认数据库漏洞<span style="color: black;">",
"</span>FineCMS免费版文件上传漏洞<span style="color: black;">",
"</span>DaMall商城系统<span style="color: black;">sql</span>注入<span style="color: black;">",
"</span>大汉版通JCMS数据库配置文件读取漏洞<span style="color: black;">",
"</span>大汉downfile.jsp 任意文件下载<span style="color: black;">",
"</span>大汉VerfiyCodeServlet越权漏洞<span style="color: black;">",
"</span>PHP168 login.php GETSHELL漏洞<span style="color: black;">",
"</span>dedecms版本探测<span style="color: black;">",
"</span>dedecms search.php <span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>dedecms<span style="color: black;">trace</span>爆路径漏洞<span style="color: black;">",
"</span>dedecms download.php重定向漏洞<span style="color: black;">",
"</span>dedecms recommend.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>umail<span style="color: black;">理学</span>路径<span style="color: black;">泄密</span><span style="color: black;">",
"</span>U-Mail邮件系统sessionid<span style="color: black;">拜访</span><span style="color: black;">",
"</span>metinfo v5<span style="color: black;">.3</span><span style="color: black;">sql</span>注入漏洞<span style="color: black;">",
"</span>用友致远A6协同系统<span style="color: black;">SQL</span>注射<span style="color: black;">union</span>可shell<span style="color: black;">",
"</span>用友致远A6协同系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>用友致远A6协同系统<span style="color: black;">敏锐</span>信息<span style="color: black;">泄密</span>&<span style="color: black;">SQL</span>注射<span style="color: black;">",
"</span>用友致远A6协同系统数据库账号<span style="color: black;">泄密</span><span style="color: black;">",
"</span>用友致远A6 test.jsp <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>用友CRM系统任意文件读取<span style="color: black;">",
"</span>用友EHR 任意文件读取<span style="color: black;">",
"</span>用友优普a8 CmxUserSQL时间盲注入<span style="color: black;">",
"</span>用友a8 <span style="color: black;">log</span><span style="color: black;">泄密</span><span style="color: black;">",
"</span>用友a8监控后台默认<span style="color: black;">秘码</span>漏洞<span style="color: black;">",
"</span>用友致远A8协同系统 blind <span style="color: black;">XML</span>实体注入<span style="color: black;">",
"</span>用友GRP-U8 <span style="color: black;">sql</span>注入漏洞<span style="color: black;">",
"</span>用友u8 CmxItem.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>用友FE协作办公平台<span style="color: black;">5.5</span> <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>用友EHR系统 ResetPwd.jsp <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>用友nc NCFindWeb 任意文件下载漏洞<span style="color: black;">",
"</span>fsmcms p_replydetail.jsp注入漏洞<span style="color: black;">",
"</span>FSMCMS网站重装漏洞<span style="color: black;">",
"</span>FSMCMS columninfo.jsp文件参数ColumnID <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>qibocms<span style="color: black;">晓得</span>系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>qibo<span style="color: black;">归类</span>系统search.php 代码执行<span style="color: black;">",
"</span>qibocms news/js.php文件参数f_idSQL注入<span style="color: black;">",
"</span>qibocms s.php文件参数fids <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>依友POS系统登陆信息<span style="color: black;">泄密</span><span style="color: black;">",
"</span>浪潮行政审批系统十八处注入<span style="color: black;">",
"</span>浪潮ECGAP政务审批系统<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>五车图书管系统任意下载<span style="color: black;">",
"</span>五车图书管系统kindaction任意文件遍历<span style="color: black;">",
"</span>Gobetters视频会议系统<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>LBCMS多处<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>Euse TMS存在多处DBA权限<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>suntown未授权任意文件上传漏洞<span style="color: black;">",
"</span>Dswjcms p2p网贷系统前台<span style="color: black;">4</span>处<span style="color: black;">sql</span>注入<span style="color: black;">",
"</span>skytech政务系统越权漏洞<span style="color: black;">",
"</span>wordpress AzonPop插件<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>wordpress 插件shortcode0<span style="color: black;">.2</span><span style="color: black;">.3</span> 本地文件<span style="color: black;">包括</span><span style="color: black;">",
"</span>wordpress插件<span style="color: black;">转</span><span style="color: black;">",
"</span>wordpress 插件WooCommerce PHP代码注入<span style="color: black;">",
"</span>wordpress 插件mailpress远程代码执行<span style="color: black;">",
"</span>wordpress <span style="color: black;">admin</span>-ajax.php任意文件下载<span style="color: black;">",
"</span>wordpress rest api权限失效<span style="color: black;">引起</span>内容注入<span style="color: black;">",
"</span>wordpress display-widgets插件后门漏洞<span style="color: black;">",
"</span>Mallbuilder商城系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>efuture<span style="color: black;">商场</span>链系统任意文件下载<span style="color: black;">",
"</span>kj65n煤矿远程监控系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>票友机票预订系统<span style="color: black;">6</span>处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>票友机票预订系统<span style="color: black;">10</span>处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>票友机票预订系统<span style="color: black;">6</span>处<span style="color: black;">SQL</span>注入(绕过)<span style="color: black;">",
"</span>票友机票预订系统<span style="color: black;">6</span>处<span style="color: black;">SQL</span>注入<span style="color: black;">2</span>(绕过)<span style="color: black;">",
"</span>票友票务系统int_order.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>票友票务系统通用<span style="color: black;">sql</span>注入<span style="color: black;">",
"</span>中农信达监察平台任意文件下载<span style="color: black;">",
"</span>连邦行政审批系统越权漏洞<span style="color: black;">",
"</span>北斗星政务PostSuggestion.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>TCExam重新安装可getshell漏洞<span style="color: black;">",
"</span>合众商道php系统通用注入<span style="color: black;">",
"</span>最土团购<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>时光动态网站平台(Cicro <span style="color: black;">3</span>e WS) 任意文件下载<span style="color: black;">",
"</span>华飞科技cms绕过JS GETSHELL<span style="color: black;">",
"</span>IWMS系统后台绕过&整站删除<span style="color: black;">",
"</span>农友政务系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>农友政务系统Item2.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>农友政务ShowLand.aspx<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>农友多处时间盲注<span style="color: black;">",
"</span>某政府采购系统任意用户<span style="color: black;">秘码</span>获取漏洞<span style="color: black;">",
"</span>铭万事业通用建站系统<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>铭万B2B SupplyList <span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>铭万门户建站系统ProductList <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>xplus npmaker <span style="color: black;">2003</span>系统GETSHELL<span style="color: black;">",
"</span>xplus通用注入<span style="color: black;">",
"</span>workyi人才系统多处注入漏洞<span style="color: black;">",
"</span>菲斯特诺期刊系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>东软UniPortal1<span style="color: black;">.2</span>未授权<span style="color: black;">拜访</span>&<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>PageAdmin可“伪造”VIEWSTATE执行任意<span style="color: black;">SQL</span><span style="color: black;">查找</span>&重置管理员<span style="color: black;">秘码</span><span style="color: black;">",
"</span>SiteFactory CMS <span style="color: black;">5.5</span><span style="color: black;">.9</span>任意文件下载漏洞<span style="color: black;">",
"</span>璐华企业版OA系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>璐华OA系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>璐华OA系统多处<span style="color: black;">SQL</span>注入<span style="color: black;">3</span><span style="color: black;">",
"</span>GN <span style="color: black;">SQL</span> Injection<span style="color: black;">",
"</span>JumboECMS V1<span style="color: black;">.6</span><span style="color: black;">.1</span> 注入漏洞<span style="color: black;">",
"</span>joomla组件com_docman本地文件<span style="color: black;">包括</span><span style="color: black;">",
"</span>joomla <span style="color: black;">3.7</span><span style="color: black;">.0</span> core <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>北京网达信联电子采购系统多处注入<span style="color: black;">",
"</span>Designed <span style="color: black;">by</span> Alkawebs <span style="color: black;">SQL</span> Injection<span style="color: black;">",
"</span>一采通电子采购系统多处时间盲注<span style="color: black;">",
"</span>启博淘店通标准版任意文件遍历漏洞<span style="color: black;">",
"</span>PSTAR-电子服务平台<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>PSTAR-电子服务平台isfLclInfo注入漏洞<span style="color: black;">",
"</span>PSTAR-电子服务平台<span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>TRS(拓尔思) wcm pre.as 文件<span style="color: black;">包括</span><span style="color: black;">",
"</span>TRS(拓尔思) 网络信息雷达<span style="color: black;">4.6</span>系统<span style="color: black;">敏锐</span>信息泄漏到进后台<span style="color: black;">",
"</span>TRS(拓尔思) 学位论文系统papercon处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>TRS(拓尔思) infogate插件 blind <span style="color: black;">XML</span>实体注入<span style="color: black;">",
"</span>TRS(拓尔思) infogate插件 任意注册漏洞<span style="color: black;">",
"</span>TRS(拓尔思) was5配置文件<span style="color: black;">泄密</span><span style="color: black;">",
"</span>TRS(拓尔思) was5 download_templet.jsp任意文件下载<span style="color: black;">",
"</span>TRS(拓尔思) wcm系统默认账户漏洞<span style="color: black;">",
"</span>TRS(拓尔思) wcm <span style="color: black;">6.</span>x版本infoview信息<span style="color: black;">泄密</span><span style="color: black;">",
"</span>TRS(拓尔思) was40 passwd.htm页面<span style="color: black;">泄密</span><span style="color: black;">",
"</span>TRS(拓尔思) was40 tree导航树<span style="color: black;">泄密</span><span style="color: black;">",
"</span>TRS(拓尔思) ids身份认证信息<span style="color: black;">泄密</span><span style="color: black;">",
"</span>TRS(拓尔思) wcm webservice文件写入漏洞<span style="color: black;">",
"</span>易创思ECScms MoreIndex <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>金窗教务系统存在多处<span style="color: black;">SQL</span>注射漏洞<span style="color: black;">",
"</span>siteserver3<span style="color: black;">.6</span><span style="color: black;">.4</span>bac<span style="color: black;">公斤</span>round_taskLog.aspx注入<span style="color: black;">",
"</span>siteserver3<span style="color: black;">.6</span><span style="color: black;">.4</span> bac<span style="color: black;">公斤</span>round_log.aspx注入<span style="color: black;">",
"</span>siteserver3<span style="color: black;">.6</span><span style="color: black;">.4</span>user.aspx注入<span style="color: black;">",
"</span>siteserver3<span style="color: black;">.6</span><span style="color: black;">.4</span> bac<span style="color: black;">公斤</span>round_keywordsFilting.aspx注入<span style="color: black;">",
"</span>siteserver3<span style="color: black;">.6</span><span style="color: black;">.4</span>bac<span style="color: black;">公斤</span>round_administrator.aspx注入<span style="color: black;">",
"</span>NITC营销系统suggestwordList.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>NITC营销系统index.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>南大之星信息发布系统DBA <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>蓝凌EIS智慧协同平台menu_left_edit.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>天柏在线培训系统Type_List.aspx<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>天柏在线培训系统TCH_list.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>天柏在线培训系统Class_Info.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>天柏在线培训系统St_Info.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>安财软件GetXMLList任意文件读取<span style="color: black;">",
"</span>安财软件GetFile任意文件读取<span style="color: black;">",
"</span>安财软件GetFileContent任意文件读取<span style="color: black;">",
"</span>天津神州助平台通用型任意下载<span style="color: black;">",
"</span>ETMV9数字化校园平台任意下载<span style="color: black;">",
"</span>安脉grghjl.aspx 参数stuNo注入<span style="color: black;">",
"</span>农友多处时间盲注<span style="color: black;">",
"</span>某政府通用任意文件下载<span style="color: black;">",
"</span>师友list.aspx keywords <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>speedcms <span style="color: black;">list</span>文件参数cid <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>卓繁cms任意文件下载漏洞<span style="color: black;">",
"</span>金宇恒内容管理系统通用型任意文件下载漏洞<span style="color: black;">",
"</span>任我行crm任意文件下载<span style="color: black;">",
"</span>易创思教育建站系统未授权<span style="color: black;">拜访</span>可查看所有注册用户<span style="color: black;">",
"</span>wecenter <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>shopnum1 ShoppingCart1<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>shopnum1 ProductListCategory <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>shopnum1 ProductDetail.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>shopnum1 GuidBuyList.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>好视通视频会议系统(fastmeeting)任意文件遍历<span style="color: black;">",
"</span>远古流<span style="color: black;">媒介</span>系统两处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>远古 pic_proxy.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>远古流<span style="color: black;">媒介</span>系统 GetCaption.ashx注入<span style="color: black;">",
"</span>shop7z order_checknoprint.asp <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>dreamgallery album.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>IPS Community Suite <= <span style="color: black;">4.1</span><span style="color: black;">.12</span><span style="color: black;">.3</span> PHP远程代码执行<span style="color: black;">",
"</span>科信邮件系统login.server.php 时间盲注<span style="color: black;">",
"</span>shopNC B2B版 index.php<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>南京擎天政务系统 geren_list_page.aspx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>学子科技诊断测评系统多处未授权<span style="color: black;">拜访</span><span style="color: black;">",
"</span>Shadows-IT selector.php 任意文件<span style="color: black;">包括</span><span style="color: black;">",
"</span>皓翰数字化校园平台任意文件下载<span style="color: black;">",
"</span>phpcms digg_add.php<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>phpcms authkey<span style="color: black;">泄密</span>漏洞<span style="color: black;">",
"</span>phpcms2008 flash_upload.php <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>phpcms2008 product.php 代码执行<span style="color: black;">",
"</span>phpcms v9<span style="color: black;">.6</span><span style="color: black;">.0</span> <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>phpcms <span style="color: black;">9.6</span><span style="color: black;">.1</span>任意文件读取漏洞<span style="color: black;">",
"</span>phpcms v9 flash xss漏洞<span style="color: black;">",
"</span>seacms search.php 代码执行<span style="color: black;">",
"</span>seacms<span style="color: black;">6.45</span> search.php <span style="color: black;">order</span>参数前台代码执行<span style="color: black;">",
"</span>seacms search.php 参数jq代码执行<span style="color: black;">",
"</span>安脉学生管理系统<span style="color: black;">10</span>处<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>cmseasy header.php 报错注入<span style="color: black;">",
"</span>PhpMyAdmin2<span style="color: black;">.8</span><span style="color: black;">.0</span><span style="color: black;">.3</span>无需登录任意文件<span style="color: black;">包括</span><span style="color: black;">引起</span>代码执行<span style="color: black;">",
"</span>opensns index.php 参数arearank注入<span style="color: black;">",
"</span>opensns index.php 前台getshell<span style="color: black;">",
"</span>ecshop uc.php参数code<span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>ecshop3<span style="color: black;">.0</span> flow.php 参数order_id注入<span style="color: black;">",
"</span>SiteEngine <span style="color: black;">6.0</span> & <span style="color: black;">7.1</span> <span style="color: black;">SQL</span>注入漏洞<span style="color: black;">",
"</span>明腾cms cookie<span style="color: black;">诈骗</span>漏洞<span style="color: black;">",
"</span>正方教务系统services.asmx <span style="color: black;">SQL</span>注入<span style="color: black;">",
"</span>正方教务系统数据库任意<span style="color: black;">操作</span><span style="color: black;">",
"</span>正方教务系统default3.aspx爆破页面<span style="color: black;">",
"</span>V2视频会议系统某处<span style="color: black;">SQL</span>注射、XXE漏洞(可getshell)<span style="color: black;">",
"</span><span style="color: black;">1039</span>驾校通未授权<span style="color: black;">拜访</span>漏洞<span style="color: black;">",
"</span>thinksns <span style="color: black;">category</span>模块代码执行<span style="color: black;">",
"</span>TPshop eval-stdin.php 代码执行漏洞<span style="color: black;">"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">hardware:</span></p> <span style="color: black;">"Dlink 本地文件<span style="color: black;">包括</span>"</span>,
<span style="color: black;">"Dlink DIAGNOSTIC.PHP命令执行"</span>,
<span style="color: black;">"锐捷VPN设备未授权<span style="color: black;">拜访</span>漏洞"</span>,
<span style="color: black;">"上海安达通某网关<span style="color: black;">制品</span>&某VPN<span style="color: black;">制品</span>struts命令执行"</span>,
<span style="color: black;">"SJW74系列安全网关 和 PN-2G安全网关信息<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"迈普vpn安全网关弱口令&&执行命令"</span>,
<span style="color: black;">"迈普网关webui任意文件下载"</span>,
<span style="color: black;">"浙江宇视(DVR/NCR)监控设备远程命令执行漏洞"</span>,
<span style="color: black;">"富士施乐打印机默认口令漏洞"</span>,
<span style="color: black;">"惠普打印机telnet未授权<span style="color: black;">拜访</span>"</span>,
<span style="color: black;">"东芝topaccess打印机未授权漏洞"</span>,
<span style="color: black;">"佳能打印机未授权漏洞"</span>,
<span style="color: black;">"juniper NetScreen防火墙后门(CVE-2015-7755)"</span>,
<span style="color: black;">"海康威视web弱口令"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">industrial:</span></p> <span style="color: black;">"新力热电无线抄表监控系统绕过后台登录"</span>,
<span style="color: black;">"火力发电能耗监测弱口令"</span>,
<span style="color: black;">"sgc8000 大型旋转机监控系统报警短信模块<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"sgc8000 监控系统数据连接信息<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"sgc8000监控系统超管账号<span style="color: black;">泄密</span>漏洞"</span>,
<span style="color: black;">"zte 无线<span style="color: black;">掌控</span>器 SQL注入"</span>,
<span style="color: black;">"中兴无线<span style="color: black;">掌控</span>器弱口令"</span>,
<span style="color: black;">"东方电子SCADA通用系统信息<span style="color: black;">泄密</span>"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">information:</span></p> <span style="color: black;">"options<span style="color: black;">办法</span>开启"</span>,
<span style="color: black;">"git源码<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"java配置文件文件<span style="color: black;">发掘</span>"</span>,
<span style="color: black;">"robots文件<span style="color: black;">发掘</span>"</span>,
<span style="color: black;">"svn源码<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"JetBrains IDE workspace.xml文件<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"apache server-status信息<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"crossdomain.xml文件<span style="color: black;">发掘</span>"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">system:</span></p> <span style="color: black;">"CouchDB 未授权漏洞"</span>,
<span style="color: black;">"zookeeper 未授权漏洞"</span>,
<span style="color: black;">"GoAhead LD_PRELOAD远程代码执行(CVE-2017-17562)"</span>,
<span style="color: black;">"天融信Topsec change_lan.php本地文件<span style="color: black;">包括</span>"</span>,
<span style="color: black;">"Tomcat代码执行漏洞(CVE-2017-12616)"</span>,
<span style="color: black;">"redis 未授权漏洞"</span>,
<span style="color: black;">"KingGate防火墙默认配置<span style="color: black;">欠妥</span>可被远控"</span>,
<span style="color: black;">"nginx Multi-FastCGI Code Execution"</span>,
<span style="color: black;">"TurboMail设计缺陷以及默认配置漏洞"</span>,
<span style="color: black;">"TurboGate邮件网关XXE漏洞"</span>,
<span style="color: black;">"weblogic SSRF漏洞(CVE-2014-4210)"</span>,
<span style="color: black;">"weblogic XMLdecoder反序列化漏洞(CVE-2017-10271)"</span>,
<span style="color: black;">"weblogic 接口<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"实易DNS管理系统文件<span style="color: black;">包括</span>至远程代码执行"</span>,
<span style="color: black;">"hudson源代码<span style="color: black;">泄密</span>漏洞"</span>,
<span style="color: black;">"N点虚拟主机管理系统V1.9.6版数据库下载漏洞"</span>,
<span style="color: black;">"宏杰Zkeys虚拟主机默认数据库漏洞"</span>,
<span style="color: black;">"江南科友堡垒机信息<span style="color: black;">泄密</span>"</span>,
<span style="color: black;">"Moxa OnCell 未授权<span style="color: black;">拜访</span>"</span>,
<span style="color: black;">"glassfish 任意文件读取"</span>,
<span style="color: black;">"zabbix jsrpc.php SQL注入"</span>,
<span style="color: black;">"php fastcgi任意文件读取漏洞"</span>,
<span style="color: black;">"php expose_php模块开启"</span>,
<span style="color: black;">"hfs rejetto 远程代码执行"</span>,
<span style="color: black;">"shellshock漏洞"</span>,
<span style="color: black;">"dorado默认口令漏洞"</span>,
<span style="color: black;">"ms15_034 http.sys远程代码执行(CVE-2015-1635)"</span>,
<span style="color: black;">"IIS 6.0 webdav远程代码执行漏洞(CVE-2017-7269)"</span>,
<span style="color: black;">"深澜软件srun3000计费系统任意文件下载漏洞"</span>,
<span style="color: black;">"深澜软件srun3000计费系统rad_online.php命令执行bypass"</span>,
<span style="color: black;">"深澜软件srun3000计费系统rad_online.php参数username命令执行"</span>,
<span style="color: black;">"深澜软件srun3000计费系统download.php任意文件下载"</span>,
<span style="color: black;">"深澜软件srun3000计费系统user_info.php命令执行"</span>,
<span style="color: black;">"intel AMT web系统绕过登录(CVE-2017-5689)"</span>,
<span style="color: black;">"smtp starttls明文命令注入(CVE-2011-0411)"</span>,
<span style="color: black;">"resin viewfile 任意文件读取"</span>,
<span style="color: black;">"mongodb 未授权漏洞"</span>,
<span style="color: black;">"深信服 AD4.5版本下命令执行漏洞"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">Github: </span>OnlineTools</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">https://github.com/iceyhexman/onlinetools</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">(复制链接打开既可)</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在线演示<span style="color: black;">位置</span>:</span><span style="color: black;">Tools</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">http://tools.hexlt.org/</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">(复制链接打开既可)</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">作者:IT同路人</p>(<span style="color: black;">文案</span>转载请注明来自:IT同路人论坛)<img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;">
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">长按二维码识别关注</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">“<span style="color: black;">IT同路人</span>”<span style="color: black;">微X</span>公众号</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">投稿邮箱:call@shgcx.org</p>
回顾历史,我们不难发现:无数先辈用鲜血和生命铺就了中华民族复兴的康庄大道。
页:
[1]