# Exploit-Framework
**Repository Path**: seaflys/Exploit-Framework
## Basic Information
- **Project Name**: Exploit-Framework
- **Description**: :fire: An Exploit framework for Web Vulnerabilities written in Python
- **Primary Language**: Unknown
- **License**: GPL-3.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No
## Statistics
- **Stars**: 0
- **Forks**: 0
- **Created**: 2020-11-24
- **Last Updated**: 2021-02-07
## Categories & Tags
**Categories**: Uncategorized
**Tags**: None
## README
# Exploit-Framework
[](#backers)
[](#sponsors)
#### Exploits:
|Vendor|Vulnerability|Effected Version|Description|Author|
|:-:|:-:|:-:|:-:|:-:|
|[zblog](https://www.zblogcn.com/zblogphp/)|[NOT_CVE](https://gist.github.com/WangYihang/318020687b7e5f1efb38e9afd40c941b)|<=1.5.1|Zblog Authenticated LFI|[@Shutdown_r](http://www.jianshu.com/u/0876d51c215f)|
|[OpenSNS](http://www.opensns.cn/)|[NOT_CVE](http://0day5.com/archives/4280/)|<=3.31|OpenSNS UnAuthenticated GetShell|[@90sec](https://forum.90sec.org/)|
|[Joomla](https://www.joomla.org/)|[CVE-2015-8562](https://blog.sucuri.net/2015/12/joomla-remote-code-execution-the-details.html)|1.5<3.45|Joomla Header Unauthenticated RCE|[@Andrew McNicol](https://github.com/anarcoder)|
|[Codiad](https://github.com/Codiad/Codiad)|[CVE-2017-11366](https://nvd.nist.gov/vuln/detail/CVE-2017-11366)|<=2.8.3|Codiad Authenticated RCE|[@WangYihang](https://github.com/wangyihang)|
|[Codiad](https://github.com/Codiad/Codiad)|[CVE-2014-9581](https://nvd.nist.gov/vuln/detail/CVE-2014-9581)|<=2.4.3|Codiad Authenticated LFI|[@TaurusOmar](https://www.exploit-db.com/author/?a=7716)|
|[SeaCMS](http://www.seacms.net)|[CVE-2017-17561](https://nvd.nist.gov/vuln/detail/CVE-2017-17561)|<=6.56|SeaCMS Authenticated GetShell|[@WangYihang](https://github.com/wangyihang)|
|[SeaCMS](http://www.seacms.net)|[NOT_CVE](http://0day5.com/archives/4180/)|<=6.28|SeaCMS UnAuthenticated RCE|[@没穿底裤](http://0day5.com/author/1/)|
|[phpMoAdmin](http://www.phpmoadmin.com/)|[CVE-2015-2208](https://www.exploit-db.com/exploits/36251/)|<=1.1.2|phpMoAdmin UnAuthenticated RCE|Unknown|
|[WordPress](https://wordpress.org/)|[CVE-2017-5487](https://www.exploit-db.com/exploits/41497/)|<4.7.1|WordPress Username Enumeration|[@Dctor](https://www.facebook.com/hatbashbr/)|
|[DedeCMS](http://www.dedecms.com/)|[NOT_CVE](http://0day5.com/archives/1349/)|<=5.6|DedeCms recommend.php SQL injection|[@没穿底裤](http://0day5.com/author/1/)|
|[Kernel](https://www.kernel.org/)|[CVE-2016-5195](https://dirtycow.ninja/)|2.6.22<3.9|DirtyC0w Privilege Escalation|[@nowsecure](https://github.com/nowsecure)|
#### Video:
[](https://asciinema.org/a/152418)
#### WIKI:
> https://github.com/WangYihang/Exploit-Framework/wiki
#### Contribution:
> [1. Guidance of writing exploit module](https://github.com/WangYihang/Exploit-Framework/wiki/Contributing-to-Exploit-Framework)
#### TODO:
- [ ] 解析字符串
- [ ] 深层模块化
- [ ] 上下文栈维护
- [ ] 日志
- [ ] 自动补全
- [ ] Exploit 搜索
- [ ] Wiki
- [ ] Exploit 规范
- [ ] 维护 Reverse Shell (结合 Reverse-Shell-Manager)
- [ ] Payload 模块
- [ ] 免杀模块
- [ ] 维护一句话木马 (结合 Webshell-Sniper)
- [ ] 数据库
- [ ] Web 前端
## Contributors
This project exists thanks to all the people who contribute.
## Backers
Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/Exploit-Framework#backer)]
## Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/Exploit-Framework#sponsor)]
