- https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ruoyi
- 某依后台RCE分析
- 某依rce黑名单多种bypass方法分析
- 定时任务功能点绕过黑白名单执行任意sql语句
- RuoYi 可用内存马
mysql> grant all privileges on ry.* to ruoyi@localhost;
mysql> create database ry;
mysql> use ry;
mysql> source /home/cqq/repos/RuoYi-Vue/sql/ry_20210908.sql;
mysql> source /home/cqq/repos/RuoYi-Vue/sql/quartz.sql;
需要本地开启redis:
sudo apt install redis-server
sudo systemctl start redis-server
编译:
mvn clean package
sudo runuser -l ruoyi -c "java -jar /home/cqq/repos/RuoYi-Vue/ruoyi-admin/target/ruoyi-admin.jar"
https://gitee.com/y_project/RuoYi-Vue https://gitee.com/y_project/RuoYi-Cloud https://github.com/yangzongzhuan/RuoYi-fast
运行之后的控制台:
其运行依赖nacos: https://github.com/shadowsock5/Poc/blob/master/Nacos/README.md
网关启动成功:
