文章总结: 本文汇总了JeecgBoot平台的多个高危漏洞,涵盖SSTI模板注入、AviatorScript及Freemarker表达式注入导致的远程代码执行,以及利用路径遍历绕过鉴权的JNDI注入与任意文件上传漏洞。文档提供了详细的漏洞复现POC、资产测绘指纹、常见接口列表及综合利用工具,适合安全人员进行漏洞检测与验证。 综合评分: 85 文章分类: 漏洞分析,WEB安全,漏洞POC,渗透测试,红队
常见jeecg-boot常见接口
/v2/api-docs/jeecg-boot/online/cgform/head/fileTree?_t=1632524014&parentPath=//jeecg-boot/sys/user/querySysUser?username=admin/jeecg//api/sys//sys/user/v2/api-docs/swagger-ui.html/env/actuator/mappings/metrics/beans/configprops/actuator/metrics/actuator/mappings/actuator/beans/actuator/configprops/actuator/httptrace/druid/index.html/druid/sql.html/druid/weburi.html/druid/websession.html/druid/weburi.json/druid/websession.json/druid/login.html/api/config/list/sys/user/list/sys/user/add/sys/user/edit/sys/user/queryById/sys/user/changePassword/sys/role/list/sys/role/add/sys/role/edit/sys/role/queryPermission/v2/api-docs/v1/api-docs/api-docs/sys/menu/list/sys/menu/add/sys/menu/edit/sys/menu/delete/sys/depart/list/sys/depart/add/sys/depart/edit/sys/depart/delete/online/cgform/list/online/cgform/add/online/cgform/edit/online/cgform/delete/online/cgform/fields/{tableName}/online/cgform/table/list/online/cgform/table/sync/online/cgform/generateCode/sys/dict/list/sys/dict/add/sys/dict/edit/sys/dict/delete/act/process/list/act/process/deploy/act/task/list/act/task/complete/act/task/history/sys/common/upload/sys/common/download/{fileId}/sys/common/view/{fileId}/monitor/redis/info/monitor/server/info/api/test/demo/list/api/test/demo/add/sys/log/list/sys/log/delete/sys/sms/send/sys/sms/list/api/test/demo/edit/api/test/demo/delete/report/loadReport/{code}/chart/api/getChartData/api/test/demo/queryById/act/process/delete/sys/dict/loadDictItems/{dictCode}/jeecg-boot/sys/getLoginQrcode/jeecg-boot/sys/getQrcodeToken/jeecg-boot/sys/login/jeecg-boot/sys/phoneLogin/jeecg-boot/sys/scanLoginQrcode/jeecg-boot/drag/onlDragDataSource/add/jeecg-boot/drag/onlDragDataSource/delete/jeecg-boot/drag/onlDragDataSource/deleteBatch/jeecg-boot/drag/onlDragDataSource/edit/jeecg-boot/drag/onlDragDataSource/list/jeecg-boot/drag/onlDragDataSource/queryById/jeecg-boot/drag/onlDragDatasetHead/add/jeecg-boot/drag/onlDragDatasetHead/addGroup/jeecg-boot/drag/onlDragDatasetHead/delDragDataSetHeadGroup/jeecg-boot/drag/onlDragDatasetHead/delete/jeecg-boot/drag/onlDragDatasetHead/edit/jeecg-boot/drag/onlDragDatasetHead/queryById/jeecg-boot/drag/onlDragDatasetHead/updateGroup/jeecg-boot/drag/onlDragDatasetParam/add/jeecg-boot/drag/onlDragDatasetParam/delete/jeecg-boot/druid/login.html/jeecg-boot/drag/onlDragDatasetParam/deleteBatch/jeecg-boot/drag/onlDragDatasetParam/edit/jeecg-boot/actuator/httptrace/jeecg-boot/drag/onlDragDatasetParam/list/jeecg-boot/drag/onlDragDatasetParam/queryById/jeecg-boot/drag/websocket/sendData/jeecg-boot/sys/checkRule/add/jeecg-boot/sys/checkRule/checkByCode/jeecg-boot/sys/checkRule/delete/jeecg-boot/sys/checkRule/deleteBatch/jeecg-boot/sys/checkRule/edit/jeecg-boot/sys/checkRule/list/jeecg-boot/sys/checkRule/queryById/jeecg-boot/sys/comment/add/jeecg-boot/sys/comment/addFile/jeecg-boot/sys/comment/addText/jeecg-boot/sys/comment/delete/jeecg-boot/sys/comment/deleteBatch/jeecg-boot/sys/comment/deleteOne/jeecg-boot/sys/comment/edit/jeecg-boot/sys/comment/fileList/jeecg-boot/sys/comment/list/jeecg-boot/sys/comment/listByForm/jeecg-boot/sys/comment/queryById/jeecg-boot/sys/dataSource/add/jeecg-boot/sys/dataSource/delete/jeecg-boot/sys/dataSource/deleteBatch/jeecg-boot/sys/dataSource/edit/jeecg-boot/sys/dataSource/list/jeecg-boot/sys/dataSource/queryById/jeecg-boot/sys/dictItem/dictItemCheck/jeecg-boot/sys/duplicate/check/jeecg-boot/sys/files/add/jeecg-boot/sys/files/delete/jeecg-boot/sys/files/deleteBatch/jeecg-boot/sys/files/edit/jeecg-boot/sys/files/list/jeecg-boot/sys/files/queryById/jeecg-boot/sys/fillRule/add/jeecg-boot/sys/fillRule/delete/jeecg-boot/sys/fillRule/deleteBatch/jeecg-boot/sys/fillRule/edit/jeecg-boot/sys/fillRule/list/jeecg-boot/sys/fillRule/queryById/jeecg-boot/sys/formFile/add/jeecg-boot/sys/formFile/delete/jeecg-boot/sys/formFile/deleteBatch/jeecg-boot/sys/formFile/edit/jeecg-boot/sys/formFile/list/jeecg-boot/sys/formFile/queryById/jeecg-boot/sys/position/add/jeecg-boot/sys/position/delete/jeecg-boot/sys/position/deleteBatch/jeecg-boot/sys/position/edit/jeecg-boot/sys/position/list/jeecg-boot/sys/position/queryByCode/jeecg-boot/sys/position/queryById/jeecg-boot/sys/quartzJob/pause/jeecg-boot/sys/quartzJob/resume/jeecg-boot/sys/randomImage//jeecg-boot/sys/sysDepartPermission/add/jeecg-boot/sys/sysDepartPermission/delete/jeecg-boot/sys/sysDepartPermission/deleteBatch/jeecg-boot/sys/sysDepartPermission/edit/jeecg-boot/sys/sysDepartPermission/list/jeecg-boot/sys/sysDepartPermission/queryById/jeecg-boot/sys/sysDepartRole/add/jeecg-boot/sys/sysDepartRole/delete/jeecg-boot/sys/sysDepartRole/deleteBatch/jeecg-boot/sys/sysDepartRole/edit/jeecg-boot/sys/sysDepartRole/list/jeecg-boot/sys/sysDepartRole/queryById/jeecg-boot/sys/sysRoleIndex/add/jeecg-boot/sys/sysRoleIndex/delete/jeecg-boot/sys/sysRoleIndex/deleteBatch/jeecg-boot/sys/sysRoleIndex/edit/jeecg-boot/sys/sysRoleIndex/list/jeecg-boot/sys/sysRoleIndex/queryByCode/jeecg-boot/sys/sysRoleIndex/queryById/jeecg-boot/test/dynamic/test1/jeecg-boot/test/jeecgDemo/add/jeecg-boot/test/jeecgDemo/delete/jeecg-boot/test/jeecgDemo/deleteBatch/jeecg-boot/test/jeecgDemo/edit/jeecg-boot/test/jeecgDemo/list/jeecg-boot/test/jeecgDemo/queryById/sys/user/delete/jeecg-boot/sys/user/addSysUserRole/sys/role/delete/user/register
常见jeecg-boot漏洞利用工具
https://github.com/Framework-vulnerability-tool/jeecg
工具介绍jeecg综合漏洞利用工具,程序采用javafx开发,环境JDK 1.8 声明:仅用于授权测试,用户滥用造成的一切后果和作者无关 请遵守法律法规! 漏洞收录如下:
jeecg-boot queryFieldBySql远程命令执行漏洞jeecg-boot testConnection远程命令执行漏洞JeecgBoot jmreport/loadTableData SSTI模板注入漏洞jeecg-boot-queryTableData-sqli注入漏洞jeecg-boot-getDictItemsByTable-sqli注入漏洞Jeecg-Boot qurestSql-SQL注入漏洞jeecg-boot commonController 任意文件上传漏洞jeecg-boot jmreport任意文件上传漏洞jeecg-boot-querySysUser信息泄露漏洞jeecg-boot-checkOnlyUser信息泄露漏洞jeecg-boot-httptrace信息泄露漏洞jeecg-boot-任意文件下载漏洞jeecg-boot-jeecgFormDemoController漏洞jeecg-boot-v2 P3 Biz Chat任意文件读取漏洞jeecg-boot-v2 sys/duplicate/check注入漏洞jeecg-boot-v2 AviatorScript表达式注入漏洞
免责声明:
本文所载程序、技术方法仅面向合法合规的安全研究与教学场景,旨在提升网络安全防护能力,具有明确的技术研究属性。
任何单位或个人未经授权,将本文内容用于攻击、破坏等非法用途的,由此引发的全部法律责任、民事赔偿及连带责任,均由行为人独立承担,本站不承担任何连带责任。
本站内容均为技术交流与知识分享目的发布,若存在版权侵权或其他异议,请通过邮件联系处理,具体联系方式可点击页面上方的联系我。
本文转载自:dmd5安全 dmd5安全 dmd5安全《Jeecg-boot常见漏洞汇总(二)》
版权声明
本站仅做备份收录,仅供研究与教学参考之用。
读者将信息用于其他用途的,全部法律及连带责任由读者自行承担,本站不承担任何责任。
![[AICoding+安全]二.CodeBuddy赋能恶意代码分析与家族分类实践(肝货)](/images/random/titlepic/3.jpg)
评论