Exploit-Framework
Exploits:
Vendor | Vulnerability | Effected Version | Description | Author |
---|---|---|---|---|
zblog | NOT_CVE | <=1.5.1 | Zblog Authenticated LFI | @Shutdown_r |
OpenSNS | NOT_CVE | <=3.31 | OpenSNS UnAuthenticated GetShell | @90sec |
Joomla | CVE-2015-8562 | 1.5<3.45 | Joomla Header Unauthenticated RCE | @Andrew McNicol |
Codiad | CVE-2017-11366 | <=2.8.3 | Codiad Authenticated RCE | @WangYihang |
Codiad | CVE-2014-9581 | <=2.4.3 | Codiad Authenticated LFI | @TaurusOmar |
SeaCMS | CVE-2017-17561 | <=6.56 | SeaCMS Authenticated GetShell | @WangYihang |
SeaCMS | NOT_CVE | <=6.28 | SeaCMS UnAuthenticated RCE | @没穿底裤 |
phpMoAdmin | CVE-2015-2208 | <=1.1.2 | phpMoAdmin UnAuthenticated RCE | Unknown |
WordPress | CVE-2017-5487 | <4.7.1 | WordPress Username Enumeration | @Dctor |
DedeCMS | NOT_CVE | <=5.6 | DedeCms recommend.php SQL injection | @没穿底裤 |
Kernel | CVE-2016-5195 | 2.6.22<3.9 | DirtyC0w Privilege Escalation | @nowsecure |
Video:
WIKI:
Contribution:
TODO:
- 解析字符串
- 深层模块化
- 上下文栈维护
- 日志
- 自动补全
- Exploit 搜索
- Wiki
- Exploit 规范
- 维护 Reverse Shell (结合 Reverse-Shell-Manager)
- Payload 模块
- 免杀模块
- 维护一句话木马 (结合 Webshell-Sniper)
- 数据库
- Web 前端
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers!
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]