01 项目地址
https://github.com/WingsSec/Meppo02 项目介绍
漏洞检测框架 Meppo,包括致远OA、 Drupal、泛微OA、Weblogic等漏洞
【Payload List】 ================================================================================================================== | Moudle | Payload | Remark | ------------------------------------------------------------------------------------------------------------------ | AlibabaCanal | Alibaba_Canal_Info_Leak | Alibaba Canal config 云密钥信息泄露漏洞 | ------------------------------------------------------------------------------------------------------------------ | Apache | CVE_2021_41773 | Apache httpd 目录穿越漏洞 | ------------------------------------------------------------------------------------------------------------------ | Confluence | CVE_2021_26084 | Confluence OGNL注入RCE | ------------------------------------------------------------------------------------------------------------------ | Demo | Demo | robots.txt敏感信息泄露 | ------------------------------------------------------------------------------------------------------------------ | Demo | Test | 万能test | ------------------------------------------------------------------------------------------------------------------ | Discuz |discuz_version_change_getshell| discuz 版本转换功能getshell漏洞 | ------------------------------------------------------------------------------------------------------------------ | Drupal | CVE_2018_7600 | Drupal 7 RCE | ------------------------------------------------------------------------------------------------------------------ | Drupal | CVE_2018_7600_8 | Drupal 8 RCE | ------------------------------------------------------------------------------------------------------------------ | Drupal | CVE_2019_6340 | drupal8-REST-RCE | ------------------------------------------------------------------------------------------------------------------ | ESAFENET | CNVD_2021_26058 | 亿赛通电子文档安全管理系统远程命令执行漏洞 | ------------------------------------------------------------------------------------------------------------------ | EyouCMS | EyouCMS_qiantai_rce | 易优CMS前台RCE | ------------------------------------------------------------------------------------------------------------------ | F5 | CVE_2020_5902 | F5 BIG-IP 远程代码执行漏洞1 | ------------------------------------------------------------------------------------------------------------------ | F5 | CVE_2021_22986 | F5 BIG-IP 远程代码执行漏洞2 | ------------------------------------------------------------------------------------------------------------------ | Fikker | Fikker_admin | fikker Console default password | ------------------------------------------------------------------------------------------------------------------ | H3C | IMC_RCE | H3C IMC RCE | ------------------------------------------------------------------------------------------------------------------ | Inspur | CVE_2020_21224 | Inspur ClusterEngine V4.0 RCE | ------------------------------------------------------------------------------------------------------------------ | Inspur | Inspur_Any_user_login | 浪潮任意用户登录漏洞 | ------------------------------------------------------------------------------------------------------------------ | Inspur | Inspur_sysShell_RCE | 浪潮ClusterEngineV4.0 sysShell RCE | ------------------------------------------------------------------------------------------------------------------ | Jeecms | Jeecms_ssrf_getshell | Jeecms ssrf漏洞 | ------------------------------------------------------------------------------------------------------------------ | Kangle | Kangle_default_password | kangle 默认密码 | ------------------------------------------------------------------------------------------------------------------ | Landray | Landray_OA_anyfile_read | 蓝凌OA custom.jsp 任意文件读取漏洞 | ------------------------------------------------------------------------------------------------------------------ | Landray |Landray_OA_xmldecoder_getshell| 蓝凌OA xmldecoder 反序列化漏洞 | ------------------------------------------------------------------------------------------------------------------ | Lanproxy | CVE_2021_3019 | Lanproxy 目录遍历漏洞 | ------------------------------------------------------------------------------------------------------------------ | Nexus | CVE_2019_7238 | Nexus RCE | ------------------------------------------------------------------------------------------------------------------ | Seeyon | CNVD_2019_19299 | 致远OA A8 htmlofficeservlet RCE | ------------------------------------------------------------------------------------------------------------------ | Seeyon | CNVD_2020_62422 | 致远OA webmail.do任意文件下载检测 | ------------------------------------------------------------------------------------------------------------------ | Seeyon | CNVD_2021_01627 | 致远OA ajax.do登录绕过 任意文件上传 | ------------------------------------------------------------------------------------------------------------------ | Seeyon | Information_seeyou | 致远OA 敏感信息泄露 | ------------------------------------------------------------------------------------------------------------------ | Seeyon | Seeyon_OA_SessionLeak_Upload | 致远OA Session泄露 任意文件上传漏洞 | ------------------------------------------------------------------------------------------------------------------ | Seeyon | Seeyon_OA_Session_Leak | 致远OA getSessionList.jsp Session泄漏漏洞 | ------------------------------------------------------------------------------------------------------------------ | Seeyon | Seeyon_OA_SQLInjection | 致远OA SQL注入漏洞 | ------------------------------------------------------------------------------------------------------------------ | SonarQube | CVE_2020_27986 | SonarQube API 未授权访问漏洞 | ------------------------------------------------------------------------------------------------------------------ | Spring | CVE_2022_22947 | Spring Cloud Gateway RCE | ------------------------------------------------------------------------------------------------------------------ | Spring | CVE_2022_22963 | spring_function_rce | ------------------------------------------------------------------------------------------------------------------ | Spring | CVE_2022_22965 | Spring Core RCE | ------------------------------------------------------------------------------------------------------------------ | TDXK | TDXK_Any_file_upload | TDXK_前台任意文件上传 | ------------------------------------------------------------------------------------------------------------------ | TDXK | TDXK_Any_user_login | TDXK_任意用户登录 | ------------------------------------------------------------------------------------------------------------------ | TDXK | TDXK_logined_any_file_upload | TDXK_登录后任意文件上传 | ------------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------ | Weaver | CNVD_2019_32204 | 泛微OA Bsh 远程代码执行漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weaver | Weaver_e_Bridge_file_read | 泛微云桥 e-Bridge 任意文件读取 | ------------------------------------------------------------------------------------------------------------------ | Weaver | Weaver_e_Cology_RCE | 泛微E-Cology WorkflowServiceXml RCE | ------------------------------------------------------------------------------------------------------------------ | Weaver |Weaver_e_cology_v9_file_upload| 泛微OA weaver.common.Ctrl 任意文件上传漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weaver | Weaver_OA_V8_sqlinjection | 泛微OA V8 SQL注入漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2014_4210 | Weblogic SSRF漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2017_10271 | Weblogic XML Decoder反序列化漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2018_2894 | Weblogic任意文件上传漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2019_2725 | Weblogic RCE | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2020_16882 | Weblogic未授权远程代码执行漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | CVE_2021_2109 | Weblogic LDAP 远程代码执行漏洞 | ------------------------------------------------------------------------------------------------------------------ | Weblogic | Weblogic_Console_Info_Leak | Weblogic控制台路径泄露 | ------------------------------------------------------------------------------------------------------------------ | Zabbix | CVE_2016_10134 | Zabbix SQL注入 | ------------------------------------------------------------------------------------------------------------------ | Zabbix | Zabbix_default_password | zabbix 默认密码 | ==================================================================================================================
注:工具仅供安全研究与学习之用,若将工具做其他用途,由使用者承担全部法律及连带责任,作者及发布者不承担任何法律及连带责任。
原文始发于微信公众号(GSDK安全团队):漏洞检测框架 - Meppo
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论