Skip to content

Commit 82836d9

Browse files
whgojpwhgojp
committed
V1.1
1 parent d8b6e7c commit 82836d9

110 files changed

Lines changed: 1994 additions & 1377 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

README.md

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@
1717

1818
![show](./pic/show.png)
1919

20-
2120
## 面向人群
2221

2322
- 安全服务方面:帮助安全服务人员理解漏洞原理(产生、修复、审计)
@@ -30,6 +29,8 @@ http://whgojp.top/
3029

3130
账号密码:admin/admin
3231

32+
> PS:服务器快到期了 不知道还能开多久……
33+
3334
## 项目灵感
3435

3536
​ 曾在甲方单位工作过一段时间,有机会可以接触到完整的**漏洞生命周期**:很多次做完渗透测试后,通过(TAPD、Jira)发送工单通知研发朋友修复漏洞,经常面临着一些问题:**1、研发不知道为什么这是个漏洞?2、研发不知道这个漏洞怎么修复?**
@@ -105,12 +106,6 @@ docker-compose -p javaseclab up -d
105106

106107
![image-20240905225532698](./pic/deploy-docker2.png)
107108

108-
## TodoList
109-
110-
- [ ] 跨站脚本模块实现
111-
- [ ] SQL注入模块实现
112-
- [ ] 任意文件类模块实现
113-
114109
## 开源协议
115110

116111
**When we speak of free software, we are referring to freedom, not price.**
@@ -121,14 +116,16 @@ docker-compose -p javaseclab up -d
121116

122117
1. 安全问题:由于是漏洞靶场,因此不建议搭建在公网上使用
123118
1. 项目中的安全修复代码仅供参考,实际业务中漏洞修复起来可能要复杂的多……
124-
1. **问题/建议反馈:如果遇到一些项目问题或者更好的建议,欢迎各位师傅可以提Issue或加我微信进行反馈**
119+
1. **问题/建议反馈:如果遇到一些项目问题或者更好的建议,欢迎各位师傅可以提Issue或加交流群进行反馈**
125120
1. **看到这里,师傅觉得项目有用的话,麻烦动动手点个star吧,非常感谢🙏**
126121

127122
## 关于作者
128123

129124
作者博客:https://blog.csdn.net/weixin_53009585
130125

131-
作者微信:
126+
**如果师傅同样对开发安全、应用安全、SDL、漏洞靶场等感兴趣的话,欢迎加交流群一起探讨……**
127+
132128
<div style="text-align: center;">
133129
<img src="./pic/wechat.png" alt="description" width="271" height="366" />
134-
</div>
130+
<img src="./pic/group.png" alt="description" width="271" height="366" />
131+
</div>

docker-compose.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ services:
1515
- JavaSecLabNet
1616

1717
JavaSecLab:
18-
image: javaseclab:1.0
18+
image: javaseclab:1.1
1919
container_name: Container-JavaSecLab
2020
restart: always
2121
build: .

pic/group.png

163 KB
Loading

pic/home.png

68.7 KB
Loading

pic/show.png

-72 KB
Loading

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>top.whgojp</groupId>
88
<artifactId>JavaSecLab</artifactId>
9-
<version>1.0.0</version>
9+
<version>1.1.0</version>
1010
<name>Java综合漏洞平台</name>
1111
<description>hello JavaSec!</description>
1212
<parent>

sql/JavaSecLab.sql

Lines changed: 5 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
Target Server Version : 80200 (8.2.0)
1212
File Encoding : 65001
1313
14-
Date: 26/08/2024 19:15:41
14+
Date: 10/11/2024 13:17:18
1515
*/
1616

1717
SET NAMES utf8mb4;
@@ -63,32 +63,13 @@ CREATE TABLE `sqli` (
6363
`username` varchar(255) COLLATE utf8mb4_general_ci NOT NULL COMMENT '用户名',
6464
`password` varchar(255) COLLATE utf8mb4_general_ci NOT NULL COMMENT '密码',
6565
PRIMARY KEY (`id`) USING BTREE
66-
) ENGINE=InnoDB AUTO_INCREMENT=730 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
66+
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
6767

6868
-- ----------------------------
6969
-- Records of sqli
7070
-- ----------------------------
7171
BEGIN;
72-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (706, '321', 'qwe');
73-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (707, '2', '1');
74-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (708, '1', '21');
75-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (713, '1', '1');
76-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (714, 'qwe', 'qwe');
77-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (715, '1', '1\' AND GTID_SUBSET(CONCAT(0x71706a7a71,(SELECT (ELT(7170=7170,1))),0x7171717071),7170) AND \'1\'=\'1');
78-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (716, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
79-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (717, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
80-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (718, '1', '1');
81-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (719, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
82-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (720, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
83-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (721, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
84-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (722, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
85-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (723, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
86-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (724, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
87-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (725, 'test', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
88-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (726, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
89-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (727, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
90-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (728, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
91-
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (729, '1', '1\' and updatexml(1,concat(0x7e,(SELECT user()),0x7e),1) AND \'1\'=\'1');
72+
INSERT INTO `sqli` (`id`, `username`, `password`) VALUES (1, 'test', 'test');
9273
COMMIT;
9374

9475
-- ----------------------------
@@ -105,9 +86,9 @@ CREATE TABLE `user` (
10586
-- Records of user
10687
-- ----------------------------
10788
BEGIN;
108-
INSERT INTO `user` (`username`, `password`) VALUES ('1', '1');
10989
INSERT INTO `user` (`username`, `password`) VALUES ('123', '123');
11090
INSERT INTO `user` (`username`, `password`) VALUES ('admin', 'admin');
91+
INSERT INTO `user` (`username`, `password`) VALUES ('test', 'test');
11192
COMMIT;
11293

11394
-- ----------------------------
@@ -120,7 +101,7 @@ CREATE TABLE `xss` (
120101
`ua` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'User-Agent',
121102
`date` varchar(255) COLLATE utf8mb4_general_ci NOT NULL COMMENT '插入时间',
122103
PRIMARY KEY (`id`)
123-
) ENGINE=InnoDB AUTO_INCREMENT=74 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
104+
) ENGINE=InnoDB AUTO_INCREMENT=82 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
124105

125106
-- ----------------------------
126107
-- Records of xss

src/main/java/top/whgojp/common/push/service/DingDingPush.java

Lines changed: 0 additions & 10 deletions
This file was deleted.

src/main/java/top/whgojp/common/push/service/EmailPush.java

Lines changed: 0 additions & 11 deletions
This file was deleted.

src/main/java/top/whgojp/common/push/service/FeiShuPush.java

Lines changed: 0 additions & 10 deletions
This file was deleted.

0 commit comments

Comments
 (0)