Skip to content

tangxiaofeng7/CVE-2023-32315-Openfire-Bypass

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 1 tag
Code

Latest commit

@tangxiaofeng7
tangxiaofeng7 Update README.md
85ac74e Jun 15, 2023
Update README.md
85ac74e

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
img
add rce
June 14, 2023 17:43
scan_all
add rce
June 14, 2023 17:43
src
add rce
June 14, 2023 17:43
README.md
Update README.md
June 15, 2023 09:35
pom.xml
fix pom.xml
June 15, 2023 09:29

README.md

CVE-2023-32315

0x01 获取返回的JSESSIONID和csrftoken ,构造请求包新增用户(替换JSESSIONID、csrftoken) img.png

cd CVE-2023-32315-Openfire-Bypass/scan_all
go mod tidy
go run main.go -u http://openfire.com:9090

0x02 插件编译安装

mvn clean package

或 releases下载插件

0x03 上传插件 img.png

0x04 得到webshel img.png 0x05 执行命令 img.png

About

rce

Resources

Readme
Activity

Stars

112 stars

Watchers

5 watching

Forks

31 forks
Report repository

Releases 1

openfire-webshell-plugin Latest
Jun 15, 2023

Packages

No packages published

Languages