https://github.com/bewhale/thinkphp_gui_tools

ThinkPHP漏洞综合利用工具, 图形化界面, 命令执行, 一键getshell, 批量检测, 日志遍历, session包含,宝塔绕过
https://github.com/bewhale/thinkphp_gui_tools

getshell gui java javafx log-analysis

Last synced: 7 months ago
JSON representation

ThinkPHP漏洞综合利用工具, 图形化界面, 命令执行, 一键getshell, 批量检测, 日志遍历, session包含,宝塔绕过

• Host: GitHub
• URL: https://github.com/bewhale/thinkphp_gui_tools
• Owner: bewhale
• Created: 2021-04-26T13:32:23.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2022-07-02T09:01:52.000Z (over 3 years ago)
• Last Synced: 2025-03-28T16:05:21.509Z (8 months ago)
• Topics: getshell, gui, java, javafx, log-analysis
• Language: PHP
• Homepage:
• Size: 175 KB
• Stars: 709
• Watchers: 11
• Forks: 101
• Open Issues: 8
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - bewhale/thinkphp_gui_tools - ThinkPHP漏洞综合利用工具, 图形化界面, 命令执行, 一键getshell, 批量检测, 日志遍历, session包含,宝塔绕过 (PHP)

README

          
![thinkphp_gui_tools](https://socialify.git.ci/bewhale/thinkphp_gui_tools/image?description=1&font=Source%20Code%20Pro&forks=1&issues=1&language=1&name=1&owner=1&pattern=Solid&stargazers=1&theme=Light)

# thinkphp_gui_tools

本项目是采用 JDK8 + javafx 开发的 ThinkPHP 图形化综合利用工具， 参考了其他大佬项目的部分代码。

JDK8可以直接运行，JDK11 因为去除了javafx这个依赖，需要自己再加上参数加入模块

```

java -Dfile.encoding="UTF-8" --module-path "C:\Program Files\Java\javafx-sdk-11.0.2\lib" --add-modules "javafx.controls,javafx.fxml,javafx.web" -jar "xxx.jar"

```

* 支持大部分ThinkPHP漏洞检测,整合20多个payload

* 支持部分漏洞执行命令

* 支持单一漏洞批量检测

* 支持TP3和TP5自定义路径日志遍历

* 支持部分漏洞一键GetShell

* 支持设置代理和UA

![](https://raw.githubusercontent.com/bewhale/thinkphp_gui_tools/main/img3.png)

![](https://raw.githubusercontent.com/bewhale/thinkphp_gui_tools/main/img1.png)

![](https://raw.githubusercontent.com/bewhale/thinkphp_gui_tools/main/img2.png)

# 参考项目

https://github.com/SkyBlueEternal/thinkphp-RCE-POC-Collection  

https://github.com/Lucifer1993/TPscan  

https://github.com/fupinglee/JavaTools  

https://github.com/xinyu2428/TDOA_RCE