More...
svg
svg
svg

Now Reading: Apt_t00ls-OA High-risk Vulnerability Detection Tool

svg
Loading
    Loading
    svg
    • svg
    • svg
    • svg
    • svg
    Apt_t00ls OA
    Tools
    August 9, 2023 / Prapattimynk

    Apt_t00ls-OA High-risk Vulnerability Detection Tool

    svg7
    Ads

    Panavision.

    e-cology workrelate_uploadOperation.jsp-RCE (default write to IceScorpion 4.0.3aes)

    e-cology page_uploadOperation.jsp-RCE (no case found yet, just for poc detection)

    e-cology BshServlet-RCE (can execute system commands directly)

    e-cology KtreeUploadAction-RCE (default write to IceScorpion 4.0.3aes)

    e-cology WorkflowServiceXml-RCE (default write to Memory Horse IceScorpion 3.0 beta11)

    e-office logo_UploadFile.php-RCE (default write to IceScorpion 4.0.3aes)

    e-office10 OfficeServer.php-RCE (default write to IceScorpion 4.0.3aes)

    e-office doexecl.php-RCE (Write phpinfo, getshell required, please utilize by yourself)

    e-mobile_6.6 messageType.do-SQlli (sqlmap utilization, no direct shell exp for now)

    BlueLine:

    landray_datajson-RCE (direct system command execution)

    landray_treexmlTmpl-RCE (can directly execute system commands)

    landray_sysSearchMain-RCE (multiple payloads, write to Godzilla 3.03 password yes)

    Users.

    yongyou_chajet_RCE (UFIDA T+ rce default write to Godzilla Cshap/Cshap_aes_base64)

    yongyou_NC_FileReceiveServlet-RCE deserialization rce (default write to IceScorpion 4.0.3aes)

    yongyou_NC_bsh.servlet.BshServlet_RCE (can execute system commands directly)

    yongyou_NC_NCFindWeb Directory Traversal Vulnerability (See if a legacy webshell exists)

    yongyou_GRP_UploadFileData-RCE (default write to IceScorpion 4.0.3aes)

    yongyou_KSOA_imageUpload-RCE (default write to IceScorpion 4.0.3aes)

    wanhuoa:

    wanhuoa_OfficeServer-RCE (default write to IceScorpion 4.0.3aes)

    wanhuoa_OfficeServer-RCE(default write Godzilla 4.0.1 jsp aes default password key)

    wanhuoa_DocumentEdit-SQlli(mssql database available os-shell)

    wanhuoa_OfficeServerservlet-RCE(Write IceScorpion 4.0.3 aes by default)

    wanhuoa_fileUploadController-RCE (default write to IceScorpion 4.0.3aes)

    To Far:

    seeyonoa_main_log4j2-RCE (only support detection, turn on ladp service utilization by yourself)

    seeyonoa_wpsAssistServlet-RCE (default write to IceScorpion 4.0.3aes)

    seeyonoa_htmlofficeservlet-RCE (default write to IceScorpion 4.0.3aes)

    seeyonoa_ajaxBypass-RCE(write scorpion password sky)

    Tongdaoa.

    tongdaoa_getdata-RCE (direct execution of system commands)

    tongdaoa_APIali-RCE (default write to Scorpion 4.0.3aes)

    Middleware: IIS_PUT_RCE

    IIS_PUT_RCE (emm can’t getshell at the moment, only supports detecting java without M)

    Download
    Upvote0PointsDownvote
    0 People voted this article. 0 Upvotes - 0 Downvotes.
    svg

    What do you think?

    It is nice to know your opinion. Leave a comment.

    Leave a reply

    Subscribe & Follow
    Categories
    • Cyber sec44
    • Database122
    • Exploits And POCs206
    • Malicious Scripts138
    • Tools137
    • Malwares53
    • Softwares35
    Loading
    svg

    Quick Navigation

    • 1

      Apt_t00ls-OA High-risk Vulnerability Detection Tool