免责声明:请勿从事非法测试,利用此工具而造成的任何直接或者间接的后果及损失,均由使用者本人负责,所产生的一切不良后果与作者无关。该仅供安全人员用于授权测试,请勿非法使用!!!
本工具webshell采用蚁剑连接,密码均为x
注意:通达OA v11.6前台任意文件删除+任意文件上传漏洞会删除auth.inc.php,这可能会损坏OA系统谨慎操作
TongdaOATool本工具支持以下漏洞的验证和利用:
1、通达OA任意用户登录漏洞(TongdaOA_AnyUser_Login)
影响版本:2017-V11.4
2、通达OA后台im任意文件上传漏洞(Tongda_Im_Upload)
影响版本:2017-V11.4
3、通达OA后台module任意文件上传漏洞(Tongda_Module_Upload)
影响版本:2017-V11.4
4、通达OA后台ispirit任意文件上传漏洞(Tongda_Ispirit_Upload)
影响版本:2017-V11.4
5、通达OA前台ispirit文件包含漏洞(Tongda_Ispirit_FileInclude)
影响版本:v11-v11.3
6、通达OA前台action任意文件上传漏洞(Tongda_Action_Upload)
影响版本:2016-V11.6
7、通达OA前台authmobi伪造在线用户登录漏洞(TongdaOA_Authmobi_Login)
影响版本:2017-V11.7
8、通达OA后台attachment_remark文件包含漏洞(TongdaOA_Attachment_remark_FileInclude)
影响版本:2017-V11.7
9、通达OA后台management任意文件上传漏洞(TongdaOA_Management_Upload)
影响版本:2017-V11.6
10、通达OA登录认证绕过漏洞(TongdaOA_Bypass_Auth)
影响版本:通达OA2013、通达OA2016、通达OA2017
11、通达OA v11.6前台任意文件删除+任意文件上传漏洞(TongdaOA_Delete_Auth)
影响版本:v11.6
12、通达OA gataway前台任意文件上传漏洞
影响版本:v11.8-v11.10
13、通达OA api_ali前台任意文件上传漏洞
影响版本:v11.2-v11.9
后续待更新其他漏洞,欢迎各位大佬提bug。
V1.1
1、修改webshell为免杀常见杀软的webshell
2、更换webshell工具冰蝎为蚁剑
3、新增通达OA后台module任意文件上传
V1.2
新增一下漏洞检测
1.新增通达OA前台action任意文件上传漏洞
2.新增通达OA前台ispirit文件包含漏洞
3.新增通达OA后台attachment_remark文件包含漏洞
4.新增通达OA后台management任意文件上传漏洞
5.新增通达OA v11.6前台任意文件删除+任意文件上传漏洞
6.新增通达OA v11.8 前台任意文件上传漏洞
V1.3
1. 代码开源
2. 增加http、socks代理功能,方便抓包分析或内网环境下使用
3. 采用线程池修复卡顿问题
4. 新增通达OA前台authmobi伪造在线用户登录漏洞(TongdaOA_Authmobi_Login)
5. 新增通达OA登录认证绕过漏洞(TongdaOA_Bypass_Auth)
6. 新增通达OA gataway前台任意文件上传漏洞
增加http、socks代理功能,方便抓包分析代码或内网环境下使用
![image](https://private-user-images.githubusercontent.com/105373673/268468069-a107fa95-a230-4c78-bb5b-382b6a496237.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY4MDY5LWExMDdmYTk1LWEyMzAtNGM3OC1iYjViLTM4MmI2YTQ5NjIzNy5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT03M2ZmYjYxNmZhNTc0NDZhNzNiYzNkODBlMjM1OGQxYmY3MTUzMGM0ZjY2ZGM0MTFmYzEzNzg0YWZhODNiNDE2JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.lOn5i1YQMMqG4Uvjlx9Cd_y2ZRldewK4331Cofya3o4)
![image](https://private-user-images.githubusercontent.com/105373673/268468118-6fcd4905-491f-49bf-bee7-aa42ce38fe57.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY4MTE4LTZmY2Q0OTA1LTQ5MWYtNDliZi1iZWU3LWFhNDJjZTM4ZmU1Ny5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0yMmRmN2NhY2IxMmUxY2I3OTc1YzU3MmFkMDMzNTRmMzZlOGY5YWUzYjE0NWM0Y2U0Y2M2N2ZjN2U3MzViYTA5JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.-TBT3j9opTofUy_KZQlWrIQQX7gHqNMV8MCJb-rQixk)
采用线程池解决检测漏洞时卡顿问题
![image](https://private-user-images.githubusercontent.com/105373673/268467388-2b9307bb-1d78-470b-9120-41dff5a24d7f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY3Mzg4LTJiOTMwN2JiLTFkNzgtNDcwYi05MTIwLTQxZGZmNWEyNGQ3Zi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT02ZmFjYzUwYzlhNmRlYmZjZTRmYWZlZjJiYzk4NDdmOGFjN2UwMzQ2YTRmMDNmMmQ1MzMwNjg5YmU3OWU0YTk4JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.dQMyyLauRR7yepMhCMYL9EYG-I7im9lfiWOERMlr5v8)
![image](https://private-user-images.githubusercontent.com/105373673/268467418-87e52f99-203e-436f-96ba-850eb7fe7f9f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY3NDE4LTg3ZTUyZjk5LTIwM2UtNDM2Zi05NmJhLTg1MGViN2ZlN2Y5Zi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1jYTIwN2FlNTNlOGQ3MjM2MmRlZmU4ZGE3NDY0MDZkZTk5MmJmYzA0NTM3YzkzODY5NTczZDZlMTk2ODhkMTc1JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.bXehn-i7ViqAh6v8daoWT-t2L1BOmrQX4zKip1GfxlI)
![image](https://private-user-images.githubusercontent.com/105373673/268467424-a3a4b809-ddd1-45af-94b2-ab17ab8cad10.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY3NDI0LWEzYTRiODA5LWRkZDEtNDVhZi05NGIyLWFiMTdhYjhjYWQxMC5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT03Zjc5MWM3NDBlYjQ4ODViYjg2MTZiY2QzNGM3NTdmZmY1ZjU1MThlMzIxZjQwMjAxNTk1MmU4M2NkNTIxOTVjJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.uLRNlQ9ooS7JM8klijx3Ywr3zgSbsBYM_W_L0chR60g)
![image](https://private-user-images.githubusercontent.com/105373673/268467435-12b511c5-f6e4-4854-8cdc-28fea0a8b025.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk1MzMwMTgsIm5iZiI6MTcxOTUzMjcxOCwicGF0aCI6Ii8xMDUzNzM2NzMvMjY4NDY3NDM1LTEyYjUxMWM1LWY2ZTQtNDg1NC04Y2RjLTI4ZmVhMGE4YjAyNS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI3JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyN1QyMzU4MzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0xMzMyNTA5YWIwNWY2NDQ3YjExYjdiZjFiN2UxMWQ1MjcwMDc1NjU2OGFjODAzNmJiOTliZTQyMTUzMTBkOTc5JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.3h7qW5iiIhQeRo2LtmzoSHULtBQ3e4nwIug_RWtxxos)