https://github.com/k8gege/solrexp
Apache Solr <=8.2.0 Velocity Template 0day Exploit
https://github.com/k8gege/solrexp
0day apache exp exploit getshell k8cscan rce solr
Last synced: 8 days ago
JSON representation
Apache Solr <=8.2.0 Velocity Template 0day Exploit
- Host: GitHub
- URL: https://github.com/k8gege/solrexp
- Owner: k8gege
- Created: 2019-11-01T07:16:12.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-11-02T07:18:02.000Z (over 5 years ago)
- Last Synced: 2025-05-03T19:39:08.454Z (about 2 months ago)
- Topics: 0day, apache, exp, exploit, getshell, k8cscan, rce, solr
- Language: Python
- Homepage:
- Size: 345 KB
- Stars: 44
- Watchers: 2
- Forks: 20
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Apache Solr <=8.2.0 Velocity Template 0day Exploit
Exploit: https://github.com/k8gege/SolrExp
Cscan: https://github.com/k8gege/K8CScan
### 环境
下载Solr 8.2.0添加core,默认配置即可。7.x版本自带core
### 配置
0x001 批量URL配置Cscan.ini
[Cscan]
exe=F:\Python279\python.exe
arg=exp.py $ip$ whoami
0x002 批量C段配置Cscan.ini
[Cscan]
exe=F:\Python279\python.exe
arg=exp.py http://$ip$:8983 whoami
### 利用
单个: python exp.py url cmd
或 Cscan url
批量C段: Cscan 192.168.1.8/24
批量URL: Cscan (同目录放url.txt)
