Ecshop Getshell Save

ecshop rce getshell

Project README

ecshop-getshell.py-ecshop rce getshell漏洞检测工具

概述

ecshop 2.x rce getshell漏洞,漏洞文件为user.php,由于$arr[id]和$arr[num]没有过滤导致SQL注入,进而可getshell,详情参考ecshop2.x远程代码执行漏洞重现及分析
本工具支持单url,批量检测该漏洞。

快速开始

python ecshop-getshell.py -h

单url检测:python ecshop-getshell.py -u "http://www.aaa.com/user.php?act=logni"

批量检测:python ecshop-getshell.py -f urls.txt -t 7 -s 6


反馈

issues
gmail:[email protected]
QQ邮箱:[email protected]

Open Source Agenda is not affiliated with "Ecshop Getshell" Project. README Source: theLSA/ecshop-getshell
Stars
29
Open Issues
1
Last Commit
5 years ago
Repository
theLSA/ecshop-getshell
License
MIT
Tags
Ecshop Getshell Rce

Open Source Agenda Badge

Open Source Agenda Rating
Submit Review Review Your Favorite Project
Submit Resource Articles, Courses, Videos
Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?