Share
## https://sploitus.com/exploit?id=6242DA6E-E5CE-5B71-AC34-7B3EE24F82CC
This repository is an offensive tool for collecting or writing various vulnerability POCs and exploits. The primary vulnerability targeted by the provided code is CNVD-2020-10487, a Tomcat-Ajp LFI (Local File Inclusion) vulnerability. The tool is designed to exploit this vulnerability to gain unauthorized access to sensitive information. The code includes a Python script, `2020-10487.py`, which is used to exploit the vulnerability. The script uses the `pack_string` and `unpack_string` functions to encode and decode strings, and the `AjpBodyRequest` class to simulate an AJp request to the vulnerable Tomcat server. The script also includes a function to unpack the AJp request body and extract the requested file path. The tool is designed to be used in a controlled environment and should not be used for malicious purposes.