javaEeAccessControlCheck
Check broken access control exists in the Java web application.
检查 Java Web 应用程序中是否存在访问控制绕过问题。
使用
python3 javaEeAccessControlCheck.py "http://127.0.0.1/admin/index?id=1"
python3 javaEeAccessControlCheck.py "http://127.0.0.1/admin/index" -data id=1
python3 javaEeAccessControlCheck.py "http://127.0.0.1/admin/index" -data-json '{"id":1}'
python3 javaEeAccessControlCheck.py "http://127.0.0.1/admin/index?id=1" -all
python3 javaEeAccessControlCheck.py "http://127.0.0.1/admin/index" -data-json '{"id":1}' -all
[GET]自动判断/Automatic judgment
[GET]所有Payload长度/All Response Length
[POST]自动判断/Automatic judgment
[POST]所有Payload长度/All Response Length
[POST-JSON]所有Payload长度/All Response Length
测试某开源系统
可根据不同payload的返回包长度来判断哪些payload可用 
测试某开源系统
3 Mar 13, 2022
6 May 18, 2022
2 Dec 05, 2021
5.5k Jan 03, 2023
421 Dec 21, 2022
46 Nov 22, 2022
2 Mar 01, 2022
1 Feb 18, 2022
62 Dec 08, 2022
5 Feb 18, 2022
3 Feb 18, 2022
22k Jan 06, 2023
3 Sep 30, 2022
5k Jan 04, 2023
84 Dec 31, 2022
13 Jun 29, 2022
9 Jan 07, 2023
38 Feb 20, 2022
2 Jan 12, 2022
1 Dec 14, 2022