唐小风 comments

Results 9 comments of


                                            唐小风

trafficstars

ModuleNotFoundError: No module named 'netaddr'

pip3 install netaddr -i http://mirrors.aliyun.com/pypi/simple --trusted-host mirrors.aliyun.com

Package 'php-mcrypt' has no installation candidate

我直接把 'php-mcrypt'去掉了不知道会不会对环境有影响

add poc-yaml-office365-open-redirect

> 师傅，能具体解释下这个漏洞么？攻击者服务器开启Autodiscoverv1服务就可以做到url重定向 exp: https://mail.xx.com/autodiscover/autodiscover.json/v1.0/[email protected]?Protocol=Autodiscoverv1

Important note

Hi, you can take a look at this passage： https://mbechler.github.io/2021/12/10/PSA_Log4Shell_JNDI_Injection/

Important note

It can also cause information leakage at the same time. https://mp.weixin.qq.com/s/vAE89A5wKrc-YnvTr0qaNg

What will be the equivalent Linux exploit?

I suggest you learn ternary operators first. You can copy the following code： ``` String[] cmds = new String[]{"/bin/bash", "path/to/my/file.sh"}; ```

合作一下

必须的，规划中

Scanning doesn't finish.

Have a look at Extender->Output->show in UI

Scanning doesn't finish.

@j0ebarteam @Taylorcho123 @Ethan-Black Could me have a look at your request package？