{"id":43705934,"url":"https://github.com/Anthem-whisper/YApi-Exploit","last_synced_at":"2026-02-16T16:00:40.773Z","repository":{"id":63901136,"uuid":"571600563","full_name":"Anthem-whisper/YApi-Exploit","owner":"Anthem-whisper","description":"YApi boolean-based injection exploit.","archived":false,"fork":false,"pushed_at":"2023-02-08T15:57:44.000Z","size":29,"stargazers_count":58,"open_issues_count":0,"forks_count":9,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-21T16:44:24.248Z","etag":null,"topics":["yapi"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Anthem-whisper.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-11-28T13:37:11.000Z","updated_at":"2024-09-04T06:21:40.000Z","dependencies_parsed_at":"2023-01-14T12:45:24.016Z","dependency_job_id":null,"html_url":"https://github.com/Anthem-whisper/YApi-Exploit","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Anthem-whisper/YApi-Exploit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anthem-whisper%2FYApi-Exploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anthem-whisper%2FYApi-Exploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anthem-whisper%2FYApi-Exploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anthem-whisper%2FYApi-Exploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Anthem-whisper","download_url":"https://codeload.github.com/Anthem-whisper/YApi-Exploit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anthem-whisper%2FYApi-Exploit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29512225,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-16T09:05:14.864Z","status":"ssl_error","status_checked_at":"2026-02-16T08:55:59.364Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["yapi"],"created_at":"2026-02-05T06:00:17.292Z","updated_at":"2026-02-16T16:00:40.766Z","avatar_url":"https://github.com/Anthem-whisper.png","language":"Python","funding_links":[],"categories":["Web安全"],"sub_categories":[],"readme":"# YApi-Exploit\nYApi boolean-based injection [exploit](https://github.com/Anthem-whisper/YApi-Exploit).\n\n## 声明\n\n本工具仅用于合法的测试，请明确您对于目标是否得到了授权\n\n请勿用于任何非法用途，否则后果自负\n\n## 用法\n\n```\n❯ python exp.py -h\n\n__  _____          _    ______           __      _ __\n\\ \\/ /   |  ____  (_)  / ____/  ______  / /___  (_) /_\n \\  / /| | / __ \\/ /  / __/ | |/_/ __ \\/ / __ \\/ / __/\n / / ___ |/ /_/ / /  / /____\u003e  \u003c/ /_/ / / /_/ / / /_\n/_/_/  |_/ .___/_/  /_____/_/|_/ .___/_/\\____/_/\\__/\n        /_/                   /_/\n\n\nusage: python3 exp.py [-h] [-shell] [-target TARGET] [-proxy PROXY] [-action ACTION] [-salt SALT] [-sleep SLEEP]\n                      [-timeout TIMEOUT] [-token TOKEN] [-uid UID] [-id ID] [-entoken ENTOKEN] [-cmd CMD]\n\noptional arguments:\n  -h, --help        show this help message and exit\n  -shell            交互式操作, 如果使用这个参数则无需输入其他任何参数\n  -target TARGET    目标站点, 比如: http://127.0.0.1:3000/\n  -proxy PROXY      HTTP代理, 比如: http://127.0.0.1:8080/, 默认为空\n  -action ACTION    要执行操作, 有如下几个操作:\n                     encrypt_token              从token和uid加密得到encrypted token\n                     decrypt_token              解密encrypted token, 得到uid和token\n                     check_token_validity       检测当前token是否可用\n                     get_alive_api_list         获取所有支持GET和POST方法的API\n                     get_token_by_inject        通过布尔盲注获得一个(加密之前的)token\n                     get_id_uid_by_token        通过一个(加密之前的)token获得项目id和作者uid\n                     execute_command            通过pre_script执行命令, 需要项目id和一个(加密过后的)token\n  -salt SALT        YApi用于加密uid和token的盐, 默认为'abcde'\n  -sleep SLEEP      每个请求的间隔的秒数, 默认为0.2\n  -timeout TIMEOUT  请求超时时间, 默认为3\n  -token TOKEN      加密之前的token, 如果你有的话\n  -uid UID          项目作者的uid, 如果你有的话\n  -id ID            项目id, 如果你有的话\n  -entoken ENTOKEN  加密之后的token, 如果你有的话\n  -cmd CMD          要执行的命令, 无回显\n```\n\n\n\n![](https://raw.githubusercontent.com/Anthem-whisper/imgbed/master/img/202211282149425.png)\n\n## 注意事项\n- 利用条件\n  - YApi version \u003c [v1.11.0](https://github.com/YMFE/yapi/pull/2628)\n  - 需要项目存在测试集合`X`, 且`X`中的接口数量大于0\n- 暂不考虑自动添加测试合集并加入接口的功能\n- `pre_script`\n  - 这个参数会在所有接口测试的时候执行, 也就是说：当测试合集`X`中的接口数量为`n`, 你的命令会被执行`n`次, 请注意不要把业务打崩","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAnthem-whisper%2FYApi-Exploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAnthem-whisper%2FYApi-Exploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAnthem-whisper%2FYApi-Exploit/lists"}