Skip to content

1.9.5
Compare
Choose a tag to compare
@Jarcis-cy Jarcis-cy released this 12 Apr 03:39
· 18 commits to master since this release
1.9.5
ab33d2d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

版本介绍

该版本为 瑞友天翼应用虚拟化系统远程代码执行漏洞 的应急版本,除了增加该漏洞的POC,未对其他内容做修改。

更新内容

新增poc-yaml-realor-gwt-system-sql-injection检测插件(因为漏洞本身是sql注入引起的RCE,所以漏洞分类是sql-injection)
想要检测该漏洞的师傅,可以使用

./xray ws --poc poc-yaml-realor-gwt-system-sql-injection --url example.com

进行检测。

相关参考链接:CT stack

Assets 10
Loading