mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/06/21 18:08:08

Browse source
This commit is contained in:
motikan2010-bot 2020-06-21 18:08:08 +09:00
parent 58842a3a32
commit 2b11fb3adc
23 changed files with 736 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2016/CVE-2016-3714.json
View file

@ -86,8 +86,8 @@
"pushed_at": "2016-05-29T17:27:10Z",
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 3,
"forks": 3,
"forks_count": 4,
"forks": 4,
"watchers": 16,
"score": 0
},

25
2017/CVE-2017-0038.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 85834314,
"name": "CVE-2017-0038-EXP-C-JS",
"full_name": "k0keoyo\/CVE-2017-0038-EXP-C-JS",
"owner": {
"login": "k0keoyo",
"id": 13257929,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13257929?v=4",
"html_url": "https:\/\/github.com\/k0keoyo"
},
"html_url": "https:\/\/github.com\/k0keoyo\/CVE-2017-0038-EXP-C-JS",
"description": null,
"fork": false,
"created_at": "2017-03-22T13:59:48Z",
"updated_at": "2019-09-13T11:40:59Z",
"pushed_at": "2017-03-23T14:07:37Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 8,
"forks": 8,
"watchers": 6,
"score": 0
}
]

25
2017/CVE-2017-0065.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 85072866,
"name": "cve-2017-0065",
"full_name": "Dankirk\/cve-2017-0065",
"owner": {
"login": "Dankirk",
"id": 10588760,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10588760?v=4",
"html_url": "https:\/\/github.com\/Dankirk"
},
"html_url": "https:\/\/github.com\/Dankirk\/cve-2017-0065",
"description": "Exploiting Edge's read:\/\/ urlhandler",
"fork": false,
"created_at": "2017-03-15T13:01:29Z",
"updated_at": "2019-10-26T13:38:33Z",
"pushed_at": "2017-03-15T13:47:22Z",
"stargazers_count": 15,
"watchers_count": 15,
"forks_count": 14,
"forks": 14,
"watchers": 15,
"score": 0
}
]

23
2017/CVE-2017-0478.json
View file

@ -1,4 +1,27 @@
[
{
"id": 85445247,
"name": "CVE-2017-0478",
"full_name": "JiounDai\/CVE-2017-0478",
"owner": {
"login": "JiounDai",
"id": 4220640,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4220640?v=4",
"html_url": "https:\/\/github.com\/JiounDai"
},
"html_url": "https:\/\/github.com\/JiounDai\/CVE-2017-0478",
"description": "poc of CVE-2017-0478",
"fork": false,
"created_at": "2017-03-19T02:18:37Z",
"updated_at": "2018-08-02T19:14:29Z",
"pushed_at": "2017-03-19T02:43:19Z",
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 5,
"forks": 5,
"watchers": 8,
"score": 0
},
{
"id": 141312944,
"name": "CVE-2017-0478",

8
2017/CVE-2017-11882.json
View file

@ -59,13 +59,13 @@
"description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882",
"fork": false,
"created_at": "2017-11-21T05:55:53Z",
"updated_at": "2020-06-16T10:53:41Z",
"updated_at": "2020-06-21T05:53:08Z",
"pushed_at": "2017-11-29T03:33:53Z",
"stargazers_count": 458,
"watchers_count": 458,
"stargazers_count": 459,
"watchers_count": 459,
"forks_count": 238,
"forks": 238,
"watchers": 458,
"watchers": 459,
"score": 0
},
{

69
2017/CVE-2017-2370.json
View file

@ -1,4 +1,73 @@
[
{
"id": 80148945,
"name": "extra_recipe",
"full_name": "maximehip\/extra_recipe",
"owner": {
"login": "maximehip",
"id": 6273425,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6273425?v=4",
"html_url": "https:\/\/github.com\/maximehip"
},
"html_url": "https:\/\/github.com\/maximehip\/extra_recipe",
"description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2) https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1004",
"fork": false,
"created_at": "2017-01-26T19:47:43Z",
"updated_at": "2017-01-26T19:48:19Z",
"pushed_at": "2017-01-26T19:48:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 80717942,
"name": "extra_recipe",
"full_name": "JackBro\/extra_recipe",
"owner": {
"login": "JackBro",
"id": 21210712,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21210712?v=4",
"html_url": "https:\/\/github.com\/JackBro"
},
"html_url": "https:\/\/github.com\/JackBro\/extra_recipe",
"description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2)",
"fork": false,
"created_at": "2017-02-02T11:16:38Z",
"updated_at": "2017-10-14T08:34:32Z",
"pushed_at": "2017-01-27T17:44:09Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 81874110,
"name": "extra_recipe-iOS-10.2",
"full_name": "Rootkitsmm\/extra_recipe-iOS-10.2",
"owner": {
"login": "Rootkitsmm",
"id": 5567904,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5567904?v=4",
"html_url": "https:\/\/github.com\/Rootkitsmm"
},
"html_url": "https:\/\/github.com\/Rootkitsmm\/extra_recipe-iOS-10.2",
"description": "CVE-2017-2370",
"fork": false,
"created_at": "2017-02-13T21:32:40Z",
"updated_at": "2019-01-03T05:45:15Z",
"pushed_at": "2017-02-01T11:36:26Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 3,
"forks": 3,
"watchers": 1,
"score": 0
},
{
"id": 142854846,
"name": "CVE-2017-2370",

25
2017/CVE-2017-2636.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 84497885,
"name": "cve-2017-2636-el",
"full_name": "alexzorin\/cve-2017-2636-el",
"owner": {
"login": "alexzorin",
"id": 311534,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/311534?v=4",
"html_url": "https:\/\/github.com\/alexzorin"
},
"html_url": "https:\/\/github.com\/alexzorin\/cve-2017-2636-el",
"description": "Ansible role for workaround for CVE-2017-2636 (Red Hat) - https:\/\/access.redhat.com\/security\/cve\/CVE-2017-2636",
"fork": false,
"created_at": "2017-03-09T23:20:42Z",
"updated_at": "2017-03-18T16:23:19Z",
"pushed_at": "2017-03-09T23:21:14Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

23
2017/CVE-2017-3730.json
View file

@ -1,4 +1,27 @@
[
{
"id": 79682713,
"name": "CVE-2017-3730",
"full_name": "guidovranken\/CVE-2017-3730",
"owner": {
"login": "guidovranken",
"id": 6846644,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6846644?v=4",
"html_url": "https:\/\/github.com\/guidovranken"
},
"html_url": "https:\/\/github.com\/guidovranken\/CVE-2017-3730",
"description": "OpenSSL CVE-2017-3730 proof-of-concept",
"fork": false,
"created_at": "2017-01-22T00:40:34Z",
"updated_at": "2018-12-04T20:01:55Z",
"pushed_at": "2017-01-26T01:30:54Z",
"stargazers_count": 11,
"watchers_count": 11,
"forks_count": 5,
"forks": 5,
"watchers": 11,
"score": 0
},
{
"id": 97466064,
"name": "OpenSSL-CVE-2017-3730",

4
2017/CVE-2017-5123.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2020-06-19T15:12:31Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 1,
"forks": 1,
"forks_count": 2,
"forks": 2,
"watchers": 9,
"score": 0
}

414
2017/CVE-2017-5638.json
View file

@ -1,4 +1,280 @@
[
{
"id": 84158718,
"name": "S2-045",
"full_name": "PolarisLab\/S2-045",
"owner": {
"login": "PolarisLab",
"id": 25890110,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25890110?v=4",
"html_url": "https:\/\/github.com\/PolarisLab"
},
"html_url": "https:\/\/github.com\/PolarisLab\/S2-045",
"description": "Struts2 S2-045CVE-2017-5638Vulnerability environment - http:\/\/www.mottoin.com\/97954.html",
"fork": false,
"created_at": "2017-03-07T05:30:30Z",
"updated_at": "2019-06-29T02:30:57Z",
"pushed_at": "2017-03-07T05:37:55Z",
"stargazers_count": 24,
"watchers_count": 24,
"forks_count": 12,
"forks": 12,
"watchers": 24,
"score": 0
},
{
"id": 84186490,
"name": "Struts2-045-Exp",
"full_name": "Flyteas\/Struts2-045-Exp",
"owner": {
"login": "Flyteas",
"id": 15673913,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15673913?v=4",
"html_url": "https:\/\/github.com\/Flyteas"
},
"html_url": "https:\/\/github.com\/Flyteas\/Struts2-045-Exp",
"description": "Struts2 S2-045CVE-2017-5638Exp with GUI",
"fork": false,
"created_at": "2017-03-07T10:30:20Z",
"updated_at": "2020-04-10T02:04:59Z",
"pushed_at": "2017-03-13T06:30:41Z",
"stargazers_count": 61,
"watchers_count": 61,
"forks_count": 29,
"forks": 29,
"watchers": 61,
"score": 0
},
{
"id": 84277596,
"name": "cve-2017-5638",
"full_name": "bongbongco\/cve-2017-5638",
"owner": {
"login": "bongbongco",
"id": 3170006,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3170006?v=4",
"html_url": "https:\/\/github.com\/bongbongco"
},
"html_url": "https:\/\/github.com\/bongbongco\/cve-2017-5638",
"description": null,
"fork": false,
"created_at": "2017-03-08T04:17:33Z",
"updated_at": "2017-03-08T04:31:28Z",
"pushed_at": "2017-03-08T04:31:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 84481525,
"name": "S2-045-EXP-POC-TOOLS",
"full_name": "jas502n\/S2-045-EXP-POC-TOOLS",
"owner": {
"login": "jas502n",
"id": 16593068,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4",
"html_url": "https:\/\/github.com\/jas502n"
},
"html_url": "https:\/\/github.com\/jas502n\/S2-045-EXP-POC-TOOLS",
"description": "S2-045 漏洞 POC-TOOLS CVE-2017-5638",
"fork": false,
"created_at": "2017-03-09T19:40:47Z",
"updated_at": "2020-06-16T02:37:44Z",
"pushed_at": "2017-03-09T19:50:50Z",
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 18,
"forks": 18,
"watchers": 21,
"score": 0
},
{
"id": 84518902,
"name": "strutszeiro",
"full_name": "mthbernardes\/strutszeiro",
"owner": {
"login": "mthbernardes",
"id": 12648924,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12648924?v=4",
"html_url": "https:\/\/github.com\/mthbernardes"
},
"html_url": "https:\/\/github.com\/mthbernardes\/strutszeiro",
"description": "Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)",
"fork": false,
"created_at": "2017-03-10T04:23:41Z",
"updated_at": "2020-05-11T01:31:47Z",
"pushed_at": "2017-03-11T04:11:39Z",
"stargazers_count": 38,
"watchers_count": 38,
"forks_count": 26,
"forks": 26,
"watchers": 38,
"score": 0
},
{
"id": 84581800,
"name": "cve-2017-5638",
"full_name": "xsscx\/cve-2017-5638",
"owner": {
"login": "xsscx",
"id": 10790582,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10790582?v=4",
"html_url": "https:\/\/github.com\/xsscx"
},
"html_url": "https:\/\/github.com\/xsscx\/cve-2017-5638",
"description": "Example PoC Code for CVE-2017-5638 | Apache Struts Exploit ",
"fork": false,
"created_at": "2017-03-10T16:56:14Z",
"updated_at": "2020-06-06T03:09:37Z",
"pushed_at": "2017-03-12T15:43:27Z",
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 20,
"forks": 20,
"watchers": 10,
"score": 0
},
{
"id": 84602394,
"name": "apache-struts2-CVE-2017-5638",
"full_name": "immunio\/apache-struts2-CVE-2017-5638",
"owner": {
"login": "immunio",
"id": 6700387,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6700387?v=4",
"html_url": "https:\/\/github.com\/immunio"
},
"html_url": "https:\/\/github.com\/immunio\/apache-struts2-CVE-2017-5638",
"description": "Demo Application and Exploit",
"fork": false,
"created_at": "2017-03-10T21:33:25Z",
"updated_at": "2020-05-29T01:57:57Z",
"pushed_at": "2017-03-13T15:03:32Z",
"stargazers_count": 37,
"watchers_count": 37,
"forks_count": 36,
"forks": 36,
"watchers": 37,
"score": 0
},
{
"id": 84620334,
"name": "OgnlContentTypeRejectorValve",
"full_name": "Masahiro-Yamada\/OgnlContentTypeRejectorValve",
"owner": {
"login": "Masahiro-Yamada",
"id": 479387,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/479387?v=4",
"html_url": "https:\/\/github.com\/Masahiro-Yamada"
},
"html_url": "https:\/\/github.com\/Masahiro-Yamada\/OgnlContentTypeRejectorValve",
"description": "This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)",
"fork": false,
"created_at": "2017-03-11T03:18:12Z",
"updated_at": "2017-04-11T00:06:36Z",
"pushed_at": "2017-03-13T14:49:25Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 84639178,
"name": "CVE-2017-5638-Apache-Struts2",
"full_name": "aljazceru\/CVE-2017-5638-Apache-Struts2",
"owner": {
"login": "aljazceru",
"id": 4439523,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4439523?v=4",
"html_url": "https:\/\/github.com\/aljazceru"
},
"html_url": "https:\/\/github.com\/aljazceru\/CVE-2017-5638-Apache-Struts2",
"description": "Tweaking original PoC (https:\/\/github.com\/rapid7\/metasploit-framework\/issues\/8064) to work on self-signed certificates ",
"fork": false,
"created_at": "2017-03-11T09:39:09Z",
"updated_at": "2019-07-15T22:02:37Z",
"pushed_at": "2017-03-11T09:41:27Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"score": 0
},
{
"id": 84640546,
"name": "test_struts2_vulnerability_CVE-2017-5638",
"full_name": "sjitech\/test_struts2_vulnerability_CVE-2017-5638",
"owner": {
"login": "sjitech",
"id": 5180638,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5180638?v=4",
"html_url": "https:\/\/github.com\/sjitech"
},
"html_url": "https:\/\/github.com\/sjitech\/test_struts2_vulnerability_CVE-2017-5638",
"description": "test struts2 vulnerability CVE-2017-5638 in Mac OS X",
"fork": false,
"created_at": "2017-03-11T10:03:54Z",
"updated_at": "2017-03-13T11:14:00Z",
"pushed_at": "2017-03-13T07:38:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 84642680,
"name": "CVE-2017-5638",
"full_name": "jrrombaldo\/CVE-2017-5638",
"owner": {
"login": "jrrombaldo",
"id": 121948,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/121948?v=4",
"html_url": "https:\/\/github.com\/jrrombaldo"
},
"html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-5638",
"description": null,
"fork": false,
"created_at": "2017-03-11T10:43:16Z",
"updated_at": "2017-03-11T13:07:57Z",
"pushed_at": "2017-03-24T19:12:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 84644857,
"name": "CVE-2017-5638",
"full_name": "random-robbie\/CVE-2017-5638",
"owner": {
"login": "random-robbie",
"id": 4902869,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4",
"html_url": "https:\/\/github.com\/random-robbie"
},
"html_url": "https:\/\/github.com\/random-robbie\/CVE-2017-5638",
"description": "CVE: 2017-5638 in different formats",
"fork": false,
"created_at": "2017-03-11T11:22:44Z",
"updated_at": "2017-03-11T11:28:58Z",
"pushed_at": "2017-03-16T11:26:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"forks": 1,
"watchers": 0,
"score": 0
},
{
"id": 84655941,
"name": "CVE-2017-5638_struts",
@ -45,6 +321,75 @@
"watchers": 371,
"score": 0
},
{
"id": 84705148,
"name": "Struts-Apache-ExploitPack",
"full_name": "ret2jazzy\/Struts-Apache-ExploitPack",
"owner": {
"login": "ret2jazzy",
"id": 20831187,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20831187?v=4",
"html_url": "https:\/\/github.com\/ret2jazzy"
},
"html_url": "https:\/\/github.com\/ret2jazzy\/Struts-Apache-ExploitPack",
"description": "These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)",
"fork": false,
"created_at": "2017-03-12T06:28:51Z",
"updated_at": "2020-04-07T06:39:58Z",
"pushed_at": "2017-03-12T07:26:03Z",
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 13,
"forks": 13,
"watchers": 17,
"score": 0
},
{
"id": 84725982,
"name": "ExpStruts",
"full_name": "lolwaleet\/ExpStruts",
"owner": {
"login": "lolwaleet",
"id": 20018319,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20018319?v=4",
"html_url": "https:\/\/github.com\/lolwaleet"
},
"html_url": "https:\/\/github.com\/lolwaleet\/ExpStruts",
"description": "A php based exploiter for CVE-2017-5638.",
"fork": false,
"created_at": "2017-03-12T13:03:52Z",
"updated_at": "2020-03-15T16:58:21Z",
"pushed_at": "2017-03-12T13:04:33Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 2,
"forks": 2,
"watchers": 2,
"score": 0
},
{
"id": 84819853,
"name": "CVE-2017-5638-Apache-Struts2",
"full_name": "oktavianto\/CVE-2017-5638-Apache-Struts2",
"owner": {
"login": "oktavianto",
"id": 8210275,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8210275?v=4",
"html_url": "https:\/\/github.com\/oktavianto"
},
"html_url": "https:\/\/github.com\/oktavianto\/CVE-2017-5638-Apache-Struts2",
"description": "Example PHP Exploiter for CVE-2017-5638",
"fork": false,
"created_at": "2017-03-13T11:39:55Z",
"updated_at": "2020-04-07T06:38:46Z",
"pushed_at": "2017-03-20T19:40:16Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 4,
"forks": 4,
"watchers": 2,
"score": 0
},
{
"id": 85010282,
"name": "cve-2017-5638",
@ -68,6 +413,29 @@
"watchers": 11,
"score": 0
},
{
"id": 85145901,
"name": "Strutshock",
"full_name": "opt9\/Strutshock",
"owner": {
"login": "opt9",
"id": 192655,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4",
"html_url": "https:\/\/github.com\/opt9"
},
"html_url": "https:\/\/github.com\/opt9\/Strutshock",
"description": "Struts2 RCE CVE-2017-5638 non-intrusive check shell script",
"fork": false,
"created_at": "2017-03-16T02:59:22Z",
"updated_at": "2017-05-04T20:58:47Z",
"pushed_at": "2017-03-16T04:02:40Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 1,
"forks": 1,
"watchers": 3,
"score": 0
},
{
"id": 85341283,
"name": "StrutsShell",
@ -91,6 +459,29 @@
"watchers": 3,
"score": 0
},
{
"id": 85390529,
"name": "CVE-2017-5638",
"full_name": "bhagdave\/CVE-2017-5638",
"owner": {
"login": "bhagdave",
"id": 3230037,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3230037?v=4",
"html_url": "https:\/\/github.com\/bhagdave"
},
"html_url": "https:\/\/github.com\/bhagdave\/CVE-2017-5638",
"description": null,
"fork": false,
"created_at": "2017-03-18T09:39:59Z",
"updated_at": "2017-03-19T01:25:24Z",
"pushed_at": "2017-03-21T21:53:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 85664016,
"name": "st2-046-poc",
@ -183,6 +574,29 @@
"watchers": 0,
"score": 0
},
{
"id": 86415022,
"name": "Strutscli",
"full_name": "opt9\/Strutscli",
"owner": {
"login": "opt9",
"id": 192655,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4",
"html_url": "https:\/\/github.com\/opt9"
},
"html_url": "https:\/\/github.com\/opt9\/Strutscli",
"description": "Struts2 RCE CVE-2017-5638 CLI shell",
"fork": false,
"created_at": "2017-03-28T04:31:44Z",
"updated_at": "2017-04-14T08:03:48Z",
"pushed_at": "2017-03-28T04:36:11Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"score": 0
},
{
"id": 87695524,
"name": "strutsy",

25
2017/CVE-2017-6370.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 85539985,
"name": "TYPO3-v7.6.15-Unencrypted-Login-Request",
"full_name": "faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request",
"owner": {
"login": "faizzaidi",
"id": 12153050,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4",
"html_url": "https:\/\/github.com\/faizzaidi"
},
"html_url": "https:\/\/github.com\/faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request",
"description": "TYPO3 v7.6.15 Unencrypted Login Request Assigned CVE Number: CVE-2017-6370",
"fork": false,
"created_at": "2017-03-20T05:51:07Z",
"updated_at": "2018-05-07T17:02:28Z",
"pushed_at": "2017-03-20T05:51:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

4
2018/CVE-2018-4407.json
View file

@ -86,8 +86,8 @@
"pushed_at": "2018-12-04T08:21:43Z",
"stargazers_count": 23,
"watchers_count": 23,
"forks_count": 5,
"forks": 5,
"forks_count": 4,
"forks": 4,
"watchers": 23,
"score": 0
},

8
2018/CVE-2018-5955.json
View file

@ -36,13 +36,13 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2020-06-18T01:11:08Z",
"updated_at": "2020-06-21T05:55:38Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 269,
"watchers_count": 269,
"stargazers_count": 268,
"watchers_count": 268,
"forks_count": 59,
"forks": 59,
"watchers": 269,
"watchers": 268,
"score": 0
}
]

8
2019/CVE-2019-11510.json
View file

@ -13,13 +13,13 @@
"description": "Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)",
"fork": false,
"created_at": "2019-08-21T08:40:26Z",
"updated_at": "2020-06-19T19:44:11Z",
"updated_at": "2020-06-21T03:21:57Z",
"pushed_at": "2020-01-11T13:55:33Z",
"stargazers_count": 316,
"watchers_count": 316,
"stargazers_count": 317,
"watchers_count": 317,
"forks_count": 124,
"forks": 124,
"watchers": 316,
"watchers": 317,
"score": 0
},
{

8
2019/CVE-2019-2618.json
View file

@ -82,13 +82,13 @@
"description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618CVE-2019-2729检测Python3支持",
"fork": false,
"created_at": "2019-06-21T09:22:43Z",
"updated_at": "2020-06-18T11:24:11Z",
"updated_at": "2020-06-21T06:04:58Z",
"pushed_at": "2020-04-26T10:49:25Z",
"stargazers_count": 595,
"watchers_count": 595,
"stargazers_count": 594,
"watchers_count": 594,
"forks_count": 131,
"forks": 131,
"watchers": 595,
"watchers": 594,
"score": 0
},
{

8
2019/CVE-2019-7609.json
View file

@ -59,13 +59,13 @@
"description": "exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts",
"fork": false,
"created_at": "2019-10-21T15:31:13Z",
"updated_at": "2020-06-20T15:32:16Z",
"updated_at": "2020-06-21T09:07:57Z",
"pushed_at": "2019-10-23T07:10:35Z",
"stargazers_count": 90,
"watchers_count": 90,
"stargazers_count": 89,
"watchers_count": 89,
"forks_count": 32,
"forks": 32,
"watchers": 90,
"watchers": 89,
"score": 0
},
{

4
2020/CVE-2020-0683.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-02-11T21:34:28Z",
"stargazers_count": 211,
"watchers_count": 211,
"forks_count": 44,
"forks": 44,
"forks_count": 45,
"forks": 45,
"watchers": 211,
"score": 0
}

12
2020/CVE-2020-0787.json
View file

@ -13,13 +13,13 @@
"description": "Support ALL Windows Version",
"fork": false,
"created_at": "2020-06-16T08:57:51Z",
"updated_at": "2020-06-21T01:41:31Z",
"updated_at": "2020-06-21T05:33:32Z",
"pushed_at": "2020-06-18T00:42:57Z",
"stargazers_count": 207,
"watchers_count": 207,
"forks_count": 47,
"forks": 47,
"watchers": 207,
"stargazers_count": 212,
"watchers_count": 212,
"forks_count": 49,
"forks": 49,
"watchers": 212,
"score": 0
}
]

12
2020/CVE-2020-0796.json
View file

@ -86,8 +86,8 @@
"pushed_at": "2020-03-13T09:54:16Z",
"stargazers_count": 497,
"watchers_count": 497,
"forks_count": 164,
"forks": 164,
"forks_count": 165,
"forks": 165,
"watchers": 497,
"score": 0
},
@ -1462,13 +1462,13 @@
"description": "This is an implementation of the CVE-2020-0796 aka SMBGhost vulnerability, compatible with the Metasploit Framework",
"fork": false,
"created_at": "2020-06-19T20:38:11Z",
"updated_at": "2020-06-21T02:28:10Z",
"updated_at": "2020-06-21T08:04:01Z",
"pushed_at": "2020-06-19T20:58:36Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 2,
"forks": 2,
"watchers": 8,
"watchers": 10,
"score": 0
}
]

4
2020/CVE-2020-10199.json
View file

@ -109,8 +109,8 @@
"pushed_at": "2020-05-15T06:18:18Z",
"stargazers_count": 24,
"watchers_count": 24,
"forks_count": 6,
"forks": 6,
"forks_count": 5,
"forks": 5,
"watchers": 24,
"score": 0
}

12
2020/CVE-2020-1054.json
View file

@ -13,13 +13,13 @@
"description": "LPE for CVE-2020-1054 targeting Windows 7 x64",
"fork": false,
"created_at": "2020-06-16T23:22:15Z",
"updated_at": "2020-06-21T01:02:34Z",
"updated_at": "2020-06-21T07:26:49Z",
"pushed_at": "2020-06-17T18:10:30Z",
"stargazers_count": 41,
"watchers_count": 41,
"forks_count": 13,
"forks": 13,
"watchers": 41,
"stargazers_count": 42,
"watchers_count": 42,
"forks_count": 14,
"forks": 14,
"watchers": 42,
"score": 0
}
]

8
2020/CVE-2020-8165.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2020-05-20T04:27:52Z",
"updated_at": "2020-06-20T20:16:01Z",
"updated_at": "2020-06-21T03:20:42Z",
"pushed_at": "2020-06-06T11:18:28Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"forks_count": 2,
"forks": 2,
"watchers": 10,
"watchers": 11,
"score": 0
}
]

55
README.md
View file

@ -7852,6 +7852,22 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in
## 2017
### CVE-2017-0038
<code>
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220.
</code>
- [k0keoyo/CVE-2017-0038-EXP-C-JS](https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS)
### CVE-2017-0065
<code>
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka &quot;Microsoft Browser Information Disclosure Vulnerability.&quot; This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068.
</code>
- [Dankirk/cve-2017-0065](https://github.com/Dankirk/cve-2017-0065)
### CVE-2017-0075
<code>
@ -7993,6 +8009,7 @@ An elevation of privilege vulnerability in the Framework APIs could enable a loc
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716.
</code>
- [JiounDai/CVE-2017-0478](https://github.com/JiounDai/CVE-2017-0478)
- [denmilu/CVE-2017-0478](https://github.com/denmilu/CVE-2017-0478)
### CVE-2017-0541
@ -8935,6 +8952,9 @@ An issue was discovered in certain Apple products. iOS before 10.2.1 is affected
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the &quot;Kernel&quot; component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app.
</code>
- [maximehip/extra_recipe](https://github.com/maximehip/extra_recipe)
- [JackBro/extra_recipe](https://github.com/JackBro/extra_recipe)
- [Rootkitsmm/extra_recipe-iOS-10.2](https://github.com/Rootkitsmm/extra_recipe-iOS-10.2)
- [Peterpan0927/CVE-2017-2370](https://github.com/Peterpan0927/CVE-2017-2370)
### CVE-2017-2388
@ -8945,6 +8965,14 @@ An issue was discovered in certain Apple products. macOS before 10.12.4 is affec
- [bazad/IOFireWireFamily-null-deref](https://github.com/bazad/IOFireWireFamily-null-deref)
### CVE-2017-2636
<code>
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
</code>
- [alexzorin/cve-2017-2636-el](https://github.com/alexzorin/cve-2017-2636-el)
### CVE-2017-2666
<code>
@ -9049,6 +9077,7 @@ Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Serve
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
</code>
- [guidovranken/CVE-2017-3730](https://github.com/guidovranken/CVE-2017-3730)
- [ymmah/OpenSSL-CVE-2017-3730](https://github.com/ymmah/OpenSSL-CVE-2017-3730)
### CVE-2017-3881
@ -9150,14 +9179,32 @@ Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
</code>
- [PolarisLab/S2-045](https://github.com/PolarisLab/S2-045)
- [Flyteas/Struts2-045-Exp](https://github.com/Flyteas/Struts2-045-Exp)
- [bongbongco/cve-2017-5638](https://github.com/bongbongco/cve-2017-5638)
- [jas502n/S2-045-EXP-POC-TOOLS](https://github.com/jas502n/S2-045-EXP-POC-TOOLS)
- [mthbernardes/strutszeiro](https://github.com/mthbernardes/strutszeiro)
- [xsscx/cve-2017-5638](https://github.com/xsscx/cve-2017-5638)
- [immunio/apache-struts2-CVE-2017-5638](https://github.com/immunio/apache-struts2-CVE-2017-5638)
- [Masahiro-Yamada/OgnlContentTypeRejectorValve](https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve)
- [aljazceru/CVE-2017-5638-Apache-Struts2](https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2)
- [sjitech/test_struts2_vulnerability_CVE-2017-5638](https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638)
- [jrrombaldo/CVE-2017-5638](https://github.com/jrrombaldo/CVE-2017-5638)
- [random-robbie/CVE-2017-5638](https://github.com/random-robbie/CVE-2017-5638)
- [initconf/CVE-2017-5638_struts](https://github.com/initconf/CVE-2017-5638_struts)
- [mazen160/struts-pwn](https://github.com/mazen160/struts-pwn)
- [ret2jazzy/Struts-Apache-ExploitPack](https://github.com/ret2jazzy/Struts-Apache-ExploitPack)
- [lolwaleet/ExpStruts](https://github.com/lolwaleet/ExpStruts)
- [oktavianto/CVE-2017-5638-Apache-Struts2](https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2)
- [jrrdev/cve-2017-5638](https://github.com/jrrdev/cve-2017-5638)
- [opt9/Strutshock](https://github.com/opt9/Strutshock)
- [falcon-lnhg/StrutsShell](https://github.com/falcon-lnhg/StrutsShell)
- [bhagdave/CVE-2017-5638](https://github.com/bhagdave/CVE-2017-5638)
- [jas502n/st2-046-poc](https://github.com/jas502n/st2-046-poc)
- [KarzsGHR/S2-046_S2-045_POC](https://github.com/KarzsGHR/S2-046_S2-045_POC)
- [gsfish/S2-Reaper](https://github.com/gsfish/S2-Reaper)
- [mcassano/cve-2017-5638](https://github.com/mcassano/cve-2017-5638)
- [opt9/Strutscli](https://github.com/opt9/Strutscli)
- [tahmed11/strutsy](https://github.com/tahmed11/strutsy)
- [payatu/CVE-2017-5638](https://github.com/payatu/CVE-2017-5638)
- [Aasron/Struts2-045-Exp](https://github.com/Aasron/Struts2-045-Exp)
@ -9322,6 +9369,14 @@ D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DG
- [varangamin/CVE-2017-6206](https://github.com/varangamin/CVE-2017-6206)
### CVE-2017-6370
<code>
TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields.
</code>
- [faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request](https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request)
### CVE-2017-6558
<code>