banner
andrewji8

Being towards death

Heed not to the tree-rustling and leaf-lashing rain, Why not stroll along, whistle and sing under its rein. Lighter and better suited than horses are straw sandals and a bamboo staff, Who's afraid? A palm-leaf plaited cape provides enough to misty weather in life sustain. A thorny spring breeze sobers up the spirit, I feel a slight chill, The setting sun over the mountain offers greetings still. Looking back over the bleak passage survived, The return in time Shall not be affected by windswept rain or shine.
telegram
twitter
github
HomeArchives

Dude Suite Web Security Tools - Penetration Testing Toolset

#渗透147
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The GitHub repository "DudeSuite" has been updated with several optimizations and fixes, including: 1. Improved data replay interaction and functionality. 2. Fixed dictionary reading issues in data cracking. 3. Port scanning can now detect ports blocked by firewalls. 4. Users can open web applications directly from scan results. 5. Port scanning can be conducted using domain names. 6. IP address queries now correctly display internal addresses. 7. Vulnerability verification now includes a new category for vulnerabilities added in the last 30 days. 8. The current version features a new logo. The vulnerability database has been updated (as of September 18, 2024) with various SQL injection and file reading/upload vulnerabilities across multiple systems, including: - Meisi CMS - Array Networks APV - Huawang Cloud Conference Management Platform - TXEHR Human Resource Management System - AVCON System Management Platform - MoticDSM - H3C iMC Smart Management Center - Youyou U8 CRM These updates highlight significant security issues that need to be addressed.

image

github:
https://github.com/x364e3ab6/DudeSuite

  1. Optimize the interaction method and function of data replay
  2. Fix the issue of incorrect dictionary reading during data brute force
  3. Port scanning can now scan ports blocked by firewalls
  4. Port scanning can now open web applications in the browser by double-clicking the scan results
  5. Port scanning can now directly use domain names for scanning
  6. IP address queries can correctly display internal network addresses
  7. The vulnerability verification category now includes the latest vulnerabilities showing those added in the last 30 days
  8. The current version enables a new LOGO

Vulnerability database update [20240918]
Meisi CMS Video Management System
SQL Injection in Array Networks APV Application Delivery System Command Execution Vulnerability
HuaWang Cloud Conference Management Platform has multiple SQL injection vulnerabilities
HuaWang Cloud Conference Management Platform checkDoubleUserNameForAdd SQL injection
Shared Human Resource Management System TXEHR V15 SFZService.asmx SQL injection
AVCON System Management Platform download.action Arbitrary File Read Vulnerability
Zhelin Machinery M9ERP DownloadInpFile Arbitrary File Read Vulnerability
MoticDSM Micronaut Digital Slice Management System Arbitrary File Read Vulnerability
Sailan Enterprise Management System System_FocusList_SubmitUploadify Arbitrary File Upload Vulnerability
Sailan Enterprise Management System GetExcellTemperature SQL injection
Shared TXEHR V15 Human Resource Management Platform hdlUploadFile.ashx Arbitrary File Upload Vulnerability
Yonyou GRP-U8 bx_dj_check.jsp SQL injection
H3C iMC Intelligent Management Center autoDeploy Remote Code Execution
Yitian Intelligent eHR CreateUser Arbitrary User Addition Vulnerability
Yonyou U8 CRM exportdictionary.php SQL injection
Sailan Enterprise Management System EHR_Holidays_SubmitUploadify Arbitrary File Upload Vulnerability
JimuReport Building Block Report Permission Bypass Vulnerability

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.