File tree 2 files changed +27
-0
lines changed
2 files changed +27
-0
lines changed Original file line number Diff line number Diff line change 11- 用户指南
22 - [ 配置文件] ( guide/config.md )
3+ - [ 内置POC列表] ( guide/poc-list.md )
34 - [ 自定义POC] ( guide/poc.md )
45 - [ 反连平台] ( guide/reverse.md )
56 - [ 检查更新] ( guide/update.md )
Original file line number Diff line number Diff line change 1+ # 内置POC列表
2+
3+ 社区版XRay将内置一些常用漏洞的POC,在XRay每次更新后,可以删除本地配置文件,重新生成最新的配置文件。此时,你将看到所有内置POC:
4+
5+ ``` yaml
6+ phantasm :
7+ enabled : true
8+ max_parallel : 1
9+ poc :
10+ - poc-yaml-drupal-drupalgeddon2-rce
11+ - poc-yaml-joomla-cve-2015-7297-sqli
12+ - poc-yaml-joomla-cve-2017-8917-sqli
13+ - poc-yaml-thinkphp5-controller-rce
14+ - poc-yaml-thinkphp5023-method-rce
15+ - poc-go-tomcat-put
16+ - ...
17+ ` ` `
18+
19+ ` phantasm.poc`是一个列表,里面包含所有内置POC,列举如下:
20+
21+ - ` poc-yaml-drupal-drupalgeddon2-rce` Drupal远程代码执行漏洞(CVE-2018-7600)
22+ - ` poc-yaml-joomla-cve-2015-7297-sqli` Joomla SQL注入漏洞(CVE-2015-7297)
23+ - ` poc-yaml-joomla-cve-2017-8917-sqli` Joomla SQL注入漏洞(CVE-2017-8917)
24+ - ` poc-yaml-thinkphp5-controller-rce` ThinkPHP < 5.0.23 远程代码执行漏洞
25+ - ` poc-yaml-thinkphp5023-method-rce` ThinkPHP 5.0/5.1 远程代码执行漏洞
26+ - ` poc-go-tomcat-put` Tomcat PUT 文件写入漏洞(CVE-2017-12615)
You can’t perform that action at this time.
0 commit comments