GitHub - evi1hack/LandrayExploit: 蓝凌OA漏洞利用工具/前台无条件RCE/文件写入 · GitHub
Skip to content

evi1hack/LandrayExploit

BranchesTags
 
 

Folders and files

Repository files navigation

LandrayExploit

蓝凌OA 漏洞利用工具

1.XMLDecoder反序列化

sys/search/sys_search_main/sysSearchMain.do

2.Beanshell任意代码执行

/sys/common/dataxml.jsp

命令执行默认回显,部分环境可能无法成功,文件写入比较稳当。默认写入路径为根目录下的/loginx.jsp

image

About

蓝凌OA漏洞利用工具/前台无条件RCE/文件写入

Resources

Readme
Activity

Stars

19 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

Contributors

Languages

  • Java 100.0%