[ { "id": 265151514, "name": "tomcat-cluster-session-sync-exp", "full_name": "threedr3am\/tomcat-cluster-session-sync-exp", "owner": { "login": "threedr3am", "id": 19884279, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19884279?v=4", "html_url": "https:\/\/github.com\/threedr3am" }, "html_url": "https:\/\/github.com\/threedr3am\/tomcat-cluster-session-sync-exp", "description": "tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!", "fork": false, "created_at": "2020-05-19T05:12:53Z", "updated_at": "2022-01-05T08:08:10Z", "pushed_at": "2020-05-19T05:13:19Z", "stargazers_count": 213, "watchers_count": 213, "forks_count": 38, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 38, "watchers": 213, "score": 0 }, { "id": 265717610, "name": "CVE-2020-9484", "full_name": "masahiro331\/CVE-2020-9484", "owner": { "login": "masahiro331", "id": 20438853, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", "html_url": "https:\/\/github.com\/masahiro331" }, "html_url": "https:\/\/github.com\/masahiro331\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-05-21T00:41:06Z", "updated_at": "2022-01-23T06:22:12Z", "pushed_at": "2021-10-28T02:31:04Z", "stargazers_count": 123, "watchers_count": 123, "forks_count": 29, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 29, "watchers": 123, "score": 0 }, { "id": 265870392, "name": "CVE-2020-9484", "full_name": "IdealDreamLast\/CVE-2020-9484", "owner": { "login": "IdealDreamLast", "id": 33090510, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33090510?v=4", "html_url": "https:\/\/github.com\/IdealDreamLast" }, "html_url": "https:\/\/github.com\/IdealDreamLast\/CVE-2020-9484", "description": "用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞", "fork": false, "created_at": "2020-05-21T14:30:46Z", "updated_at": "2022-01-20T07:07:51Z", "pushed_at": "2020-05-21T15:13:22Z", "stargazers_count": 52, "watchers_count": 52, "forks_count": 21, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 21, "watchers": 52, "score": 0 }, { "id": 269379345, "name": "CVE-2020-9484", "full_name": "qerogram\/CVE-2020-9484", "owner": { "login": "qerogram", "id": 29586629, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29586629?v=4", "html_url": "https:\/\/github.com\/qerogram" }, "html_url": "https:\/\/github.com\/qerogram\/CVE-2020-9484", "description": "for Ubuntu 18.04, improve functions.", "fork": false, "created_at": "2020-06-04T14:19:12Z", "updated_at": "2021-01-06T08:40:21Z", "pushed_at": "2020-06-04T18:12:18Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 269770630, "name": "CVE-2020-9484-Mass-Scan", "full_name": "osamahamad\/CVE-2020-9484-Mass-Scan", "owner": { "login": "osamahamad", "id": 59566963, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59566963?v=4", "html_url": "https:\/\/github.com\/osamahamad" }, "html_url": "https:\/\/github.com\/osamahamad\/CVE-2020-9484-Mass-Scan", "description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ", "fork": false, "created_at": "2020-06-05T20:40:28Z", "updated_at": "2021-12-15T14:39:29Z", "pushed_at": "2020-06-05T21:04:43Z", "stargazers_count": 30, "watchers_count": 30, "forks_count": 13, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 13, "watchers": 30, "score": 0 }, { "id": 288949429, "name": "CVE-2020-9484-Scanner", "full_name": "Xslover\/CVE-2020-9484-Scanner", "owner": { "login": "Xslover", "id": 44116872, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44116872?v=4", "html_url": "https:\/\/github.com\/Xslover" }, "html_url": "https:\/\/github.com\/Xslover\/CVE-2020-9484-Scanner", "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", "fork": false, "created_at": "2020-08-20T08:26:37Z", "updated_at": "2021-12-07T05:54:31Z", "pushed_at": "2020-06-10T07:08:17Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 293086175, "name": "CVE-2020-9484-exploit", "full_name": "anjai94\/CVE-2020-9484-exploit", "owner": { "login": "anjai94", "id": 30573192, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30573192?v=4", "html_url": "https:\/\/github.com\/anjai94" }, "html_url": "https:\/\/github.com\/anjai94\/CVE-2020-9484-exploit", "description": null, "fork": false, "created_at": "2020-09-05T13:56:51Z", "updated_at": "2021-07-06T19:34:34Z", "pushed_at": "2020-09-05T14:08:52Z", "stargazers_count": 5, "watchers_count": 5, "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 5, "score": 0 }, { "id": 325878746, "name": "CVE-2020-9484", "full_name": "PenTestical\/CVE-2020-9484", "owner": { "login": "PenTestical", "id": 57206134, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", "html_url": "https:\/\/github.com\/PenTestical" }, "html_url": "https:\/\/github.com\/PenTestical\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2020-12-31T21:54:50Z", "updated_at": "2022-01-17T15:36:02Z", "pushed_at": "2020-12-31T23:45:38Z", "stargazers_count": 10, "watchers_count": 10, "forks_count": 6, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 6, "watchers": 10, "score": 0 }, { "id": 333238894, "name": "CVE-2020-9484", "full_name": "AssassinUKG\/CVE-2020-9484", "owner": { "login": "AssassinUKG", "id": 5285547, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", "html_url": "https:\/\/github.com\/AssassinUKG" }, "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2021-01-26T22:51:30Z", "updated_at": "2021-04-19T18:21:20Z", "pushed_at": "2021-02-10T00:01:45Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 2, "score": 0 }, { "id": 337782636, "name": "CVE-2020-9484", "full_name": "VICXOR\/CVE-2020-9484", "owner": { "login": "VICXOR", "id": 43370621, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43370621?v=4", "html_url": "https:\/\/github.com\/VICXOR" }, "html_url": "https:\/\/github.com\/VICXOR\/CVE-2020-9484", "description": "POC for CVE-2020-9484", "fork": false, "created_at": "2021-02-10T16:27:07Z", "updated_at": "2022-01-13T02:23:28Z", "pushed_at": "2021-02-10T16:55:37Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [ "apache", "exploit", "rce", "tomcat" ], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 343388829, "name": "CVE-2020-9484", "full_name": "DXY0411\/CVE-2020-9484", "owner": { "login": "DXY0411", "id": 42259364, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", "html_url": "https:\/\/github.com\/DXY0411" }, "html_url": "https:\/\/github.com\/DXY0411\/CVE-2020-9484", "description": null, "fork": false, "created_at": "2021-03-01T11:16:04Z", "updated_at": "2021-03-08T10:02:52Z", "pushed_at": "2021-03-08T10:02:50Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 368539603, "name": "CVE-2020-9484", "full_name": "RepublicR0K\/CVE-2020-9484", "owner": { "login": "RepublicR0K", "id": 73670332, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73670332?v=4", "html_url": "https:\/\/github.com\/RepublicR0K" }, "html_url": "https:\/\/github.com\/RepublicR0K\/CVE-2020-9484", "description": "Apache Tomcat RCE (CVE-2020-9484)", "fork": false, "created_at": "2021-05-18T13:26:18Z", "updated_at": "2021-09-19T19:11:16Z", "pushed_at": "2021-05-18T13:27:11Z", "stargazers_count": 5, "watchers_count": 5, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 5, "score": 0 }, { "id": 458246235, "name": "CVE-2020-9484", "full_name": "ColdFusionX\/CVE-2020-9484", "owner": { "login": "ColdFusionX", "id": 8522240, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", "html_url": "https:\/\/github.com\/ColdFusionX" }, "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2020-9484", "description": "POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484)", "fork": false, "created_at": "2022-02-11T15:45:10Z", "updated_at": "2022-02-11T18:04:19Z", "pushed_at": "2022-02-11T18:02:52Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [ "cve-2020-9484", "deserialization", "docker", "exploit", "rce", "serialization", "tomcat" ], "visibility": "public", "forks": 1, "watchers": 0, "score": 0 } ]