[ { "id": 265151514, "name": "tomcat-cluster-session-sync-exp", "full_name": "threedr3am\/tomcat-cluster-session-sync-exp", "owner": { "login": "threedr3am", "id": 19884279, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19884279?v=4", "html_url": "https:\/\/github.com\/threedr3am", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/threedr3am\/tomcat-cluster-session-sync-exp", "description": "tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!", "fork": false, "created_at": "2020-05-19T05:12:53Z", "updated_at": "2024-08-12T20:01:38Z", "pushed_at": "2020-05-19T05:13:19Z", "stargazers_count": 213, "watchers_count": 213, "has_discussions": false, "forks_count": 37, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 37, "watchers": 213, "score": 0, "subscribers_count": 3 }, { "id": 265717610, "name": "CVE-2020-9484", "full_name": "masahiro331\/CVE-2020-9484", "owner": { "login": "masahiro331", "id": 20438853, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", "html_url": "https:\/\/github.com\/masahiro331", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/masahiro331\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-05-21T00:41:06Z", "updated_at": "2024-12-06T15:27:26Z", "pushed_at": "2021-10-28T02:31:04Z", "stargazers_count": 127, "watchers_count": 127, "has_discussions": false, "forks_count": 30, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 30, "watchers": 127, "score": 0, "subscribers_count": 5 }, { "id": 265741960, "name": "CVE-2020-9484", "full_name": "seanachao\/CVE-2020-9484", "owner": { "login": "seanachao", "id": 30539692, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30539692?v=4", "html_url": "https:\/\/github.com\/seanachao", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/seanachao\/CVE-2020-9484", "description": "利用ceye批量检测CVE-2020-9484", "fork": false, "created_at": "2020-05-21T03:07:24Z", "updated_at": "2022-03-23T08:03:58Z", "pushed_at": "2020-05-21T02:30:47Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 265870392, "name": "CVE-2020-9484", "full_name": "IdealDreamLast\/CVE-2020-9484", "owner": { "login": "IdealDreamLast", "id": 33090510, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33090510?v=4", "html_url": "https:\/\/github.com\/IdealDreamLast", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/IdealDreamLast\/CVE-2020-9484", "description": "用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞", "fork": false, "created_at": "2020-05-21T14:30:46Z", "updated_at": "2024-02-03T09:31:34Z", "pushed_at": "2020-05-21T15:13:22Z", "stargazers_count": 52, "watchers_count": 52, "has_discussions": false, "forks_count": 21, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 21, "watchers": 52, "score": 0, "subscribers_count": 4 }, { "id": 269379345, "name": "CVE-2020-9484", "full_name": "qerogram\/CVE-2020-9484", "owner": { "login": "qerogram", "id": 29586629, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29586629?v=4", "html_url": "https:\/\/github.com\/qerogram", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/qerogram\/CVE-2020-9484", "description": "for Ubuntu 18.04, improve functions.", "fork": false, "created_at": "2020-06-04T14:19:12Z", "updated_at": "2022-02-23T07:05:46Z", "pushed_at": "2020-06-04T18:12:18Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 269770630, "name": "CVE-2020-9484-Mass-Scan", "full_name": "osamahamad\/CVE-2020-9484-Mass-Scan", "owner": { "login": "osamahamad", "id": 59566963, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59566963?v=4", "html_url": "https:\/\/github.com\/osamahamad", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/osamahamad\/CVE-2020-9484-Mass-Scan", "description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ", "fork": false, "created_at": "2020-06-05T20:40:28Z", "updated_at": "2024-11-07T12:10:24Z", "pushed_at": "2020-06-05T21:04:43Z", "stargazers_count": 32, "watchers_count": 32, "has_discussions": false, "forks_count": 15, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 15, "watchers": 32, "score": 0, "subscribers_count": 3 }, { "id": 293086175, "name": "CVE-2020-9484-exploit", "full_name": "anjai94\/CVE-2020-9484-exploit", "owner": { "login": "anjai94", "id": 30573192, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30573192?v=4", "html_url": "https:\/\/github.com\/anjai94", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/anjai94\/CVE-2020-9484-exploit", "description": null, "fork": false, "created_at": "2020-09-05T13:56:51Z", "updated_at": "2022-10-13T07:18:49Z", "pushed_at": "2020-09-05T14:08:52Z", "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 6, "score": 0, "subscribers_count": 3 }, { "id": 325878746, "name": "CVE-2020-9484", "full_name": "PenTestical\/CVE-2020-9484", "owner": { "login": "PenTestical", "id": 57206134, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", "html_url": "https:\/\/github.com\/PenTestical", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/PenTestical\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-12-31T21:54:50Z", "updated_at": "2024-12-11T11:36:54Z", "pushed_at": "2022-04-16T14:22:27Z", "stargazers_count": 33, "watchers_count": 33, "has_discussions": false, "forks_count": 9, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 9, "watchers": 33, "score": 0, "subscribers_count": 1 }, { "id": 329004194, "name": "CVE-2020-9484-Scanner", "full_name": "DanQMoo\/CVE-2020-9484-Scanner", "owner": { "login": "DanQMoo", "id": 29651956, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4", "html_url": "https:\/\/github.com\/DanQMoo", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner", "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", "fork": false, "created_at": "2021-01-12T14:00:00Z", "updated_at": "2022-04-17T09:09:57Z", "pushed_at": "2020-06-10T07:08:17Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 333238894, "name": "CVE-2020-9484", "full_name": "AssassinUKG\/CVE-2020-9484", "owner": { "login": "AssassinUKG", "id": 5285547, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", "html_url": "https:\/\/github.com\/AssassinUKG", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2021-01-26T22:51:30Z", "updated_at": "2024-08-12T20:09:47Z", "pushed_at": "2021-02-10T00:01:45Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 5, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 5, "watchers": 4, "score": 0, "subscribers_count": 3 }, { "id": 337782636, "name": "CVE-2020-9484", "full_name": "VICXOR\/CVE-2020-9484", "owner": { "login": "VICXOR", "id": 43370621, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43370621?v=4", "html_url": "https:\/\/github.com\/VICXOR", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/VICXOR\/CVE-2020-9484", "description": "POC for CVE-2020-9484", "fork": false, "created_at": "2021-02-10T16:27:07Z", "updated_at": "2024-11-22T16:50:05Z", "pushed_at": "2021-02-10T16:55:37Z", "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "apache", "exploit", "rce", "tomcat" ], "visibility": "public", "forks": 0, "watchers": 11, "score": 0, "subscribers_count": 1 }, { "id": 343388829, "name": "CVE-2020-9484", "full_name": "DXY0411\/CVE-2020-9484", "owner": { "login": "DXY0411", "id": 42259364, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", "html_url": "https:\/\/github.com\/DXY0411", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/DXY0411\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2021-03-01T11:16:04Z", "updated_at": "2021-03-08T10:02:52Z", "pushed_at": "2021-03-08T10:02:50Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 368539603, "name": "CVE-2020-9484", "full_name": "RepublicR0K\/CVE-2020-9484", "owner": { "login": "RepublicR0K", "id": 73670332, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73670332?v=4", "html_url": "https:\/\/github.com\/RepublicR0K", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/RepublicR0K\/CVE-2020-9484", "description": "Apache Tomcat RCE (CVE-2020-9484)", "fork": false, "created_at": "2021-05-18T13:26:18Z", "updated_at": "2024-06-25T17:12:35Z", "pushed_at": "2021-05-18T13:27:11Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 4, "score": 0, "subscribers_count": 1 }, { "id": 458246235, "name": "CVE-2020-9484", "full_name": "ColdFusionX\/CVE-2020-9484", "owner": { "login": "ColdFusionX", "id": 8522240, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", "html_url": "https:\/\/github.com\/ColdFusionX", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2020-9484", "description": "POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484)", "fork": false, "created_at": "2022-02-11T15:45:10Z", "updated_at": "2024-08-12T20:20:31Z", "pushed_at": "2022-02-11T18:02:52Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2020-9484", "deserialization", "docker", "exploit", "rce", "serialization", "tomcat" ], "visibility": "public", "forks": 2, "watchers": 4, "score": 0, "subscribers_count": 1 }, { "id": 565892834, "name": "CVE-2020-9484_Exploit", "full_name": "d3fudd\/CVE-2020-9484_Exploit", "owner": { "login": "d3fudd", "id": 76706456, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76706456?v=4", "html_url": "https:\/\/github.com\/d3fudd", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/d3fudd\/CVE-2020-9484_Exploit", "description": "Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE", "fork": false, "created_at": "2022-11-14T14:48:30Z", "updated_at": "2024-12-08T22:15:36Z", "pushed_at": "2023-04-17T14:52:50Z", "stargazers_count": 16, "watchers_count": 16, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 16, "score": 0, "subscribers_count": 1 }, { "id": 858341238, "name": "CVE-2020-9484", "full_name": "0dayCTF\/CVE-2020-9484", "owner": { "login": "0dayCTF", "id": 44453666, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44453666?v=4", "html_url": "https:\/\/github.com\/0dayCTF", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0dayCTF\/CVE-2020-9484", "description": "Remake of CVE-2020-9484 by Pentestical", "fork": false, "created_at": "2024-09-16T18:17:52Z", "updated_at": "2024-12-08T23:18:03Z", "pushed_at": "2024-09-16T18:22:36Z", "stargazers_count": 18, "watchers_count": 18, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 18, "score": 0, "subscribers_count": 1 }, { "id": 863005801, "name": "CVE-2020-9484", "full_name": "Disturbante\/CVE-2020-9484", "owner": { "login": "Disturbante", "id": 126893851, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126893851?v=4", "html_url": "https:\/\/github.com\/Disturbante", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Disturbante\/CVE-2020-9484", "description": "Bash POC for CVE-2020-9484 that i used in tryhackme challenge", "fork": false, "created_at": "2024-09-25T14:55:51Z", "updated_at": "2024-09-25T14:56:44Z", "pushed_at": "2024-09-25T14:56:41Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 868366417, "name": "PoC_CVE-2020-9484", "full_name": "savsch\/PoC_CVE-2020-9484", "owner": { "login": "savsch", "id": 119003089, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119003089?v=4", "html_url": "https:\/\/github.com\/savsch", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/savsch\/PoC_CVE-2020-9484", "description": "PoC exploit for CVE-2020-9484, and a vulnerable web application for its demonstration", "fork": false, "created_at": "2024-10-06T07:37:44Z", "updated_at": "2024-10-10T05:04:16Z", "pushed_at": "2024-10-06T14:08:15Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 } ]