首页 安全技术 网络安全 通达OA综合利用工具通达OA综合利用工具

通达OA综合利用工具通达OA综合利用工具

上传者: 45694388 | 上传时间: 2022-04-06 00:16:10 | 文件大小: 362KB | 文件类型: ZIP
# 工具说明 **通达OA综合利用工具_20200224**
## 集成POC如下 任意用户登录POC: 4个
SQL注入POC: 2个
后台文件上传POC: 3个
本地文件包含POC: 2个
前台文件上传POC(非WEB目录): 1个
任意文件删除POC: 1个


## 工具面板截图 ![image.png](https://cdn.nlark.com/yuque/0/2021/png/516736/1614132955247-9f1b3b4d-9019-4665-8925-b36d4a6c141b.png)

## 工具利用流程 ### 1.优先利用本地文件包含漏洞 原因是本地文件包含漏洞, 配合前台文件上传可以直接getshell, 无需获取有效Cookie

### 2.若本地文件包含漏洞利用失败, 其次利用任意用户登录漏洞与SQL注入漏洞 这两个漏洞的利用方式集成在了"获取Cookie"按钮上

文件下载

资源详情

[{"title":"( 22 个子文件 362KB ) 通达OA综合利用工具通达OA综合利用工具","children":[{"title":"Elasticsearch_1.2漏洞利用工具.jar <span style='color:#111;'> 372.64KB </span>","children":null,"spread":false},{"title":"TDOA_RCE-1.0","children":[{"title":"src","children":[{"title":"META-INF","children":[{"title":"MANIFEST.MF <span style='color:#111;'> 55B </span>","children":null,"spread":false}],"spread":true},{"title":"com","children":[{"title":"xinyu","children":[{"title":"view","children":[{"title":"TDOAFrame.java <span style='color:#111;'> 2.38KB </span>","children":null,"spread":false},{"title":"Main.java <span style='color:#111;'> 167B </span>","children":null,"spread":false},{"title":"GetShellActionListener.java <span style='color:#111;'> 3.74KB </span>","children":null,"spread":false},{"title":"GetCookieActionListener.java <span style='color:#111;'> 2.68KB </span>","children":null,"spread":false}],"spread":true},{"title":"tools","children":[{"title":"Other.java <span style='color:#111;'> 930B </span>","children":null,"spread":false},{"title":"Response.java <span style='color:#111;'> 784B </span>","children":null,"spread":false},{"title":"Request.java <span style='color:#111;'> 7.36KB </span>","children":null,"spread":false}],"spread":true},{"title":"poc","children":[{"title":"SQLInjection.java <span style='color:#111;'> 2.49KB </span>","children":null,"spread":false},{"title":"ArbitraryUserLogin.java <span style='color:#111;'> 4.71KB </span>","children":null,"spread":false},{"title":"GetShell.java <span style='color:#111;'> 10.17KB </span>","children":null,"spread":false},{"title":"ArbitraryFileDeletion.java <span style='color:#111;'> 2.04KB </span>","children":null,"spread":false},{"title":"LocalFileIncludes.java <span style='color:#111;'> 2.15KB </span>","children":null,"spread":false}],"spread":true}],"spread":true}],"spread":true},{"title":"auth.inc.php <span style='color:#111;'> 7.84KB </span>","children":null,"spread":false}],"spread":true},{"title":"README.md <span style='color:#111;'> 1.61KB </span>","children":null,"spread":false},{"title":".idea","children":[{"title":"misc.xml <span style='color:#111;'> 273B </span>","children":null,"spread":false},{"title":"workspace.xml <span style='color:#111;'> 11.94KB </span>","children":null,"spread":false},{"title":"uiDesigner.xml <span style='color:#111;'> 8.59KB </span>","children":null,"spread":false},{"title":"codeStyles","children":[{"title":"codeStyleConfig.xml <span style='color:#111;'> 149B </span>","children":null,"spread":false}],"spread":true},{"title":"artifacts","children":[{"title":"TDOA_RCE_jar.xml <span style='color:#111;'> 286B </span>","children":null,"spread":false}],"spread":true},{"title":"modules.xml <span style='color:#111;'> 256B </span>","children":null,"spread":false}],"spread":true}],"spread":true}],"spread":true}]

评论信息

其他资源

免责申明

【只为小站】的资源来自网友分享,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,【只为小站】 无法对用户传输的作品、信息、内容的权属或合法性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论 【只为小站】 经营者是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。
本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二条之规定,若资源存在侵权或相关问题请联系本站客服人员,zhiweidada#qq.com,请把#换成@,本站将给予最大的支持与配合,做到及时反馈和处理。关于更多版权及免责申明参见 版权及免责申明

个人信息

下载历史

相关资源标签

热门下载

最新下载