[ { "id": 265151514, "name": "tomcat-cluster-session-sync-exp", "full_name": "threedr3am\/tomcat-cluster-session-sync-exp", "owner": { "login": "threedr3am", "id": 19884279, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19884279?v=4", "html_url": "https:\/\/github.com\/threedr3am" }, "html_url": "https:\/\/github.com\/threedr3am\/tomcat-cluster-session-sync-exp", "description": "tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!", "fork": false, "created_at": "2020-05-19T05:12:53Z", "updated_at": "2021-01-14T06:10:35Z", "pushed_at": "2020-05-19T05:13:19Z", "stargazers_count": 198, "watchers_count": 198, "forks_count": 35, "forks": 35, "watchers": 198, "score": 0 }, { "id": 265717610, "name": "CVE-2020-9484", "full_name": "masahiro331\/CVE-2020-9484", "owner": { "login": "masahiro331", "id": 20438853, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", "html_url": "https:\/\/github.com\/masahiro331" }, "html_url": "https:\/\/github.com\/masahiro331\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-05-21T00:41:06Z", "updated_at": "2021-01-28T01:33:02Z", "pushed_at": "2020-05-21T10:15:35Z", "stargazers_count": 97, "watchers_count": 97, "forks_count": 24, "forks": 24, "watchers": 97, "score": 0 }, { "id": 265870392, "name": "CVE-2020-9484", "full_name": "IdealDreamLast\/CVE-2020-9484", "owner": { "login": "IdealDreamLast", "id": 33090510, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33090510?v=4", "html_url": "https:\/\/github.com\/IdealDreamLast" }, "html_url": "https:\/\/github.com\/IdealDreamLast\/CVE-2020-9484", "description": "用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞", "fork": false, "created_at": "2020-05-21T14:30:46Z", "updated_at": "2020-12-14T07:20:01Z", "pushed_at": "2020-05-21T15:13:22Z", "stargazers_count": 46, "watchers_count": 46, "forks_count": 21, "forks": 21, "watchers": 46, "score": 0 }, { "id": 269379345, "name": "CVE-2020-9484", "full_name": "qerogram\/CVE-2020-9484", "owner": { "login": "qerogram", "id": 29586629, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29586629?v=4", "html_url": "https:\/\/github.com\/qerogram" }, "html_url": "https:\/\/github.com\/qerogram\/CVE-2020-9484", "description": "for Ubuntu 18.04, improve functions.", "fork": false, "created_at": "2020-06-04T14:19:12Z", "updated_at": "2021-01-06T08:40:21Z", "pushed_at": "2020-06-04T18:12:18Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "forks": 0, "watchers": 1, "score": 0 }, { "id": 269770630, "name": "CVE-2020-9484-Mass-Scan", "full_name": "osamahamad\/CVE-2020-9484-Mass-Scan", "owner": { "login": "osamahamad", "id": 59566963, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59566963?v=4", "html_url": "https:\/\/github.com\/osamahamad" }, "html_url": "https:\/\/github.com\/osamahamad\/CVE-2020-9484-Mass-Scan", "description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ", "fork": false, "created_at": "2020-06-05T20:40:28Z", "updated_at": "2021-01-14T18:24:56Z", "pushed_at": "2020-06-05T21:04:43Z", "stargazers_count": 23, "watchers_count": 23, "forks_count": 11, "forks": 11, "watchers": 23, "score": 0 }, { "id": 270900495, "name": "CVE-2020-9484-Scanner", "full_name": "DeviantSec\/CVE-2020-9484-Scanner", "owner": { "login": "DeviantSec", "id": 48874057, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48874057?v=4", "html_url": "https:\/\/github.com\/DeviantSec" }, "html_url": "https:\/\/github.com\/DeviantSec\/CVE-2020-9484-Scanner", "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", "fork": false, "created_at": "2020-06-09T04:13:51Z", "updated_at": "2020-06-10T07:08:19Z", "pushed_at": "2020-06-10T07:08:17Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 2, "forks": 2, "watchers": 1, "score": 0 }, { "id": 293086175, "name": "CVE-2020-9484-exploit", "full_name": "anjai94\/CVE-2020-9484-exploit", "owner": { "login": "anjai94", "id": 30573192, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30573192?v=4", "html_url": "https:\/\/github.com\/anjai94" }, "html_url": "https:\/\/github.com\/anjai94\/CVE-2020-9484-exploit", "description": null, "fork": false, "created_at": "2020-09-05T13:56:51Z", "updated_at": "2021-01-27T14:56:51Z", "pushed_at": "2020-09-05T14:08:52Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "forks": 1, "watchers": 1, "score": 0 }, { "id": 325878746, "name": "CVE-2020-9484", "full_name": "PenTestical\/CVE-2020-9484", "owner": { "login": "PenTestical", "id": 57206134, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", "html_url": "https:\/\/github.com\/PenTestical" }, "html_url": "https:\/\/github.com\/PenTestical\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-12-31T21:54:50Z", "updated_at": "2020-12-31T23:45:40Z", "pushed_at": "2020-12-31T23:45:38Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 329985612, "name": "-CVE-2020-9484-", "full_name": "Proxysec\/-CVE-2020-9484-", "owner": { "login": "Proxysec", "id": 68131578, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68131578?v=4", "html_url": "https:\/\/github.com\/Proxysec" }, "html_url": "https:\/\/github.com\/Proxysec\/-CVE-2020-9484-", "description": "Apache Tomcat RCE (CVE-2020-9484)", "fork": false, "created_at": "2021-01-15T17:59:25Z", "updated_at": "2021-01-15T17:59:25Z", "pushed_at": "2021-01-15T17:59:26Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 }, { "id": 329985708, "name": "-CVE-2020-9484", "full_name": "Proxysec\/-CVE-2020-9484", "owner": { "login": "Proxysec", "id": 68131578, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68131578?v=4", "html_url": "https:\/\/github.com\/Proxysec" }, "html_url": "https:\/\/github.com\/Proxysec\/-CVE-2020-9484", "description": "Apache Tomcat RCE (CVE-2020-9484)", "fork": false, "created_at": "2021-01-15T17:59:50Z", "updated_at": "2021-01-15T18:12:09Z", "pushed_at": "2021-01-15T18:12:07Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 1, "forks": 1, "watchers": 0, "score": 0 }, { "id": 333238894, "name": "CVE-2020-9484", "full_name": "AssassinUKG\/CVE-2020-9484", "owner": { "login": "AssassinUKG", "id": 5285547, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", "html_url": "https:\/\/github.com\/AssassinUKG" }, "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2021-01-26T22:51:30Z", "updated_at": "2021-01-27T01:22:30Z", "pushed_at": "2021-01-26T23:02:24Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "forks": 1, "watchers": 1, "score": 0 } ]