2024Goby红队版POC.zip_Goby红队版资源-CSDN文库

共1576个文件

go：1570个

json：6个

135 浏览量 2024-08-19 22:12:39 上传评论收藏 7.04MB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

2024Goby红队版POC.zip （1576个子文件）

CVD-2021-15322.go 427KB

CVD-2024-2757.go 129KB

CVD-2021-14694.go 116KB

CVD-2021-1860.go 108KB

CVD-2023-3411.go 104KB

CVD-2022-3127.go 103KB

Esafenet_Document_Security_Management_System_SystemService_RCE.go 84KB

CVD-2021-5187.go 80KB

CVD-2024-1537.go 72KB

CVD-2023-3050.go 70KB

CVD-2024-2923.go 64KB

CVD-2024-2388.go 55KB

CVD-2023-2626.go 54KB

CVD-2021-15810.go 53KB

CVD-2024-3122.go 53KB

CVD-2024-3114.go 52KB

CVD-2024-3291.go 51KB

CVD-2024-2276.go 51KB

CVD-2024-1134.go 51KB

CVD-2024-2021.go 50KB

CVD-2024-3352.go 50KB

CVD-2024-2898.go 49KB

CVD-2024-3168.go 49KB

CVD-2024-3006.go 49KB

CVD-2024-0623.go 49KB

CVD-2024-2191.go 48KB

CVD-2024-3344.go 48KB

CVD-2024-0515.go 48KB

CVD-2024-0518.go 48KB

CVD-2024-2420.go 48KB

CVD-2024-0607.go 48KB

CVD-2024-0533.go 48KB

CVD-2023-3390.go 48KB

CVD-2024-0581.go 48KB

CVD-2024-0513.go 48KB

CVD-2024-0612.go 48KB

CVD-2023-3395.go 48KB

CVD-2023-3297.go 48KB

CVD-2024-0534.go 48KB

CVD-2024-0543.go 48KB

CVD-2024-0536.go 48KB

CVD-2024-0587.go 48KB

CVD-2024-0547.go 48KB

CVD-2024-0528.go 48KB

CVD-2023-3441.go 48KB

CVD-2023-3426.go 48KB

CVD-2024-0520.go 48KB

CVD-2024-0626.go 48KB

CVD-2024-0501.go 48KB

CVD-2023-3384.go 48KB

CVD-2024-0554.go 48KB

CVD-2023-3393.go 48KB

CVD-2024-0565.go 48KB

CVD-2024-0556.go 48KB

CVD-2024-0561.go 48KB

CVD-2023-3423.go 48KB

CVD-2024-0570.go 48KB

CVD-2023-3437.go 48KB

CVD-2024-0600.go 48KB

CVD-2023-3449.go 48KB

CVD-2024-2033.go 48KB

CVD-2024-3337.go 48KB

CVD-2023-3417.go 48KB

CVD-2023-3400.go 48KB

CVD-2024-0616.go 48KB

CVD-2024-0522.go 48KB

CVD-2023-3433.go 48KB

CVD-2023-3414.go 48KB

CVD-2024-0509.go 48KB

CVD-2024-3222.go 48KB

CVD-2024-0593.go 48KB

CVD-2024-3358.go 48KB

CVD-2024-2727.go 48KB

CVD-2024-2230.go 48KB

CVD-2024-3173.go 48KB

CVD-2024-2203.go 47KB

CVD-2024-2526.go 47KB

CVD-2024-2498.go 47KB

CVD-2024-2364.go 47KB

CVD-2024-2668.go 47KB

CVD-2024-2430.go 47KB

CVD-2024-2990.go 47KB

CVD-2023-0787.go 47KB

CVD-2024-3135.go 47KB

CVD-2024-2551.go 47KB

CVD-2024-3183.go 47KB

CVD-2024-3146.go 46KB

CVD-2024-2571.go 46KB

CVD-2024-3092.go 46KB

CVD-2022-3409.go 46KB

CVD-2024-2342.go 45KB

CVD-2024-1053.go 44KB

CVD-2021-3217.go 44KB

CVD-2021-15400.go 44KB

CVD-2023-3117.go 44KB

CVD-2023-3128.go 44KB

共 1576 条

package exploits import ( "bytes" "crypto/aes" "crypto/cipher" "crypto/hmac" "crypto/sha1" "crypto/sha256" "encoding/base64" "encoding/hex" "fmt" "git.gobies.org/goby/goscanner/godclient" "git.gobies.org/goby/goscanner/goutils" "git.gobies.org/goby/goscanner/jsonvul" "git.gobies.org/goby/goscanner/scanconfig" "git.gobies.org/goby/httpclient" "log" "net/url" "regexp" "strconv" "strings" "time" ) func init() { expJson := `{ "Name": "Progress Telerik UI for ASP.NET AJAX Deserialization (CVE-2019-18935)", "Description": "Telerik UI for ASP NET AJAX is a set of UI components widely used in web applications, reducing the time required to build web forms applications for any browser and device by half. Telerik UI for ASP NET AJAX is a complete ASP NET AJAX user interface development toolkit.Telerik UI for ASP NET AJAX has an RCE vulnerability caused by deserialization, which allows attackers to execute code on the server side, write backdoors, gain server privileges, and ultimately control the entire web server.", "Impact": "Telerik UI for ASP NET AJAX has an RCE vulnerability caused by deserialization, which allows attackers to execute code on the server side, write backdoors, gain server privileges, and ultimately control the entire web server.", "Recommendation": "1. The manufacturer has released an upgrade patch to fix the vulnerability. The link to obtain the patch is: <a href=\"https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization\">https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization</a>2. If not necessary, public network access to the system is prohibited.3. Set access policies and whitelist access through security devices such as firewalls.", "Product": "Telerik-UI", "VulType": [ "Code Execution" ], "Tags": [ "Code Execution" ], "Translation": { "CN": { "Name": "Telerik UI ASP.NET AJAX 反序列化 RCE 漏洞（CVE-2019-18935）", "Product": "Telerik-UI-for-ASP.NET", "Description": "Telerik UI for ASP.NET AJAX 是一套广泛用于 Web 应用程序的 UI 组件，将为任何浏览器和设备构建Web Forms应用程序的时间缩短一半。Telerik UI for ASP.NET AJAX是完整的 ASP.NET AJAX 用户界面开发工具集。Telerik UI for ASP.NET AJAX 存在反序列化导致的 RCE 漏洞，攻击者可通过该漏洞在服务器端任意执行代码，写入后门，获取服务器权限，进而控制整个web服务器。 ", "Recommendation": "1、厂商已发布升级补丁以修复漏洞，补丁获取链接： <a href=\"https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization\" target=\"_blank\">https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization</a>2、如非必要，禁止公网访问该系统。 3、通过防火墙等安全设备设置访问策略，设置白名单访问。", "Impact": "Telerik UI for ASP.NET AJAX 存在反序列化导致的 RCE 漏洞，攻击者可通过该漏洞在服务器端任意执行代码，写入后门，获取服务器权限，进而控制整个web服务器。 ", "VulType": [ "代码执行" ], "Tags": [ "代码执行" ] }, "EN": { "Name": "Progress Telerik UI for ASP.NET AJAX Deserialization (CVE-2019-18935)", "Product": "Telerik-UI", "Description": "Telerik UI for ASP NET AJAX is a set of UI components widely used in web applications, reducing the time required to build web forms applications for any browser and device by half. Telerik UI for ASP NET AJAX is a complete ASP NET AJAX user interface development toolkit.Telerik UI for ASP NET AJAX has an RCE vulnerability caused by deserialization, which allows attackers to execute code on the server side, write backdoors, gain server privileges, and ultimately control the entire web server.", "Recommendation": "1. The manufacturer has released an upgrade patch to fix the vulnerability. The link to obtain the patch is: <a href=\"https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization\">https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization</a>2. If not necessary, public network access to the system is prohibited.3. Set access policies and whitelist access through security devices such as firewalls.", "Impact": "Telerik UI for ASP NET AJAX has an RCE vulnerability caused by deserialization, which allows attackers to execute code on the server side, write backdoors, gain server privileges, and ultimately control the entire web server. ", "VulType": [ "Code Execution" ], "Tags": [ "Code Execution" ] } }, "FofaQuery": "body=\"Telerik.Web.UI, Version=\" || (body=\"Telerik.Web.UI.WebResource.axd\" || body=\"content=\\\"Sitefinity\")", "GobyQuery": "body=\"Telerik.Web.UI, Version=\" || (body=\"Telerik.Web.UI.WebResource.axd\" || body=\"content=\\\"Sitefinity\")", "Author": "go0p@", "Homepage": "https://www.telerik.com", "DisclosureDate": "2019-12-11", "References": [ "https://bishopfox.com/blog/cve-2019-18935-remote-code-execution-in-telerik-ui", "https://github.com/noperator/CVE-2019-18935", "https://github.com/bao7uo/RAU_crypto", "https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization" ], "HasExp": true, "Is0day": false, "Level": "3", "CVSS": "9.8", "CVEIDs": [ "CVE-2019-18935" ], "CNVD": [], "CNNVD": [ "CNNVD-201912-504" ], "ScanSteps": [ "AND", { "Request": { "method": "GET", "uri": "/", "follow_redirect": false, "header": {}, "data_type": "text", "data": "" }, "ResponseTest": { "type": "group", "operation": "AND", "checks": [ { "type": "item", "variable": "$code", "operation": "==", "value": "200", "bz": "" } ] }, "SetVariable": [] } ], "ExploitSteps": [ "AND", { "Request": { "method": "GET", "uri": "/", "follow_redirect": false, "header": {}, "data_type": "text", "data": "" }, "ResponseTest": { "type": "group", "operation": "AND", "checks": [ { "type": "item", "variable": "$code", "operation": "==", "value": "200", "bz": "" } ] }, "SetVariable": [] } ], "ExpParams": [ { "name": "attackType", "type": "select", "value": "reverse", "show": "" } ], "ExpTips": { "type": "", "content": "" }, "AttackSurfaces": { "Application": [ "Telerik-Sitefinity" ], "Support": [], "Service": [], "System": [], "Hardware": [] }, "CVSSScore": "9.3", "PostTime": "2023-12-08",

评论收藏

内容反馈