Skip to content
在渗透测试中快速检测常见中间件、组件的高危漏洞。
Python
Branch: master
Clone or download
Latest commit 927b6e2 Aug 6, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.vscode update ipquery Apr 27, 2019
bf_dicts update rdp-dicts Apr 28, 2019
docker_vuln __pycache__ 清除 Mar 11, 2019
durpal Add drupal check Mar 1, 2019
fckeditor
gatepass_vuln __pycache__ 清除 Mar 11, 2019
iis iis_shortname_Scan python3 fixed Mar 14, 2019
ipq ipq update Jun 18, 2019
ipquery update ipquery Apr 27, 2019
jboss __pycache__ 清除 Mar 11, 2019
kindeditor adjustment .gitignore Mar 2, 2019
navigate_vuln
redis_vuln __pycache__ 清除 Mar 11, 2019
spring_vuln __pycache__ 清除 Mar 11, 2019
tomcat Update example_vulnerability.py Jul 22, 2019
weblogic update CVE-2018-2628 Aug 6, 2019
zabbix_vuln __pycache__ 清除 Mar 11, 2019
.gitignore adjustment .gitignore Mar 2, 2019
README.md Update README.md Apr 26, 2019
moon.py ipq update Jun 18, 2019

README.md

vulnerability-list

常见漏洞快速检测,目前包含以下漏洞。

Tomcat:

  • CVE_2017_12615 / CVE_2017_12617
  • tomcat_weakpassword
  • example_vulnerability(检测tomcat的examples等目录是否存在)

moon.py -u tomcat http://xx.xx.xx.xx:xxxx

Fckeditor

  • 获取版本及常见上传页面检测
  • fck<=2.4版本上传直接上传asa文件getshell

moon.py -u fck http://xx.xx.xx.xx/fckxx

Weblogic

  • CVE_2017_10271 #利用方法参考:https://vulhub.org
  • weblogic_ssrf_cve-2014-4210
  • weblogic_weakpassword
  • CVE-2018-2628 #Author:xxlegend
  • CNVD-C-2019-48814

moon.py -u weblogic http://xx.xx.xx.xx:xxxx

IP归属查询

  • 能简单查一下IP的归属地

moon.py -u ip http://www.xxx.com

IIS

  • 短文件名泄露 #来自 lijiejie/IIS_shortname_Scanner

moon.py -u iis http://xx.xx.xx.xx

Docker

  • docker_daemon_api未授权访问

moon.py -u docker http://xx.xx.xx.xx:xxxx

Redis

  • redis未授权访问

moon.py -u redis http://xx.xx.xx.xx:xxxx or moon.py -u redis xx.xx.xx.xx:xxxx

Zabbix

  • zabbix_sql_CVE_2016_10134 #有参考独自等待的脚本

moon.py -u zabbix http://xx.xx.xx.xx:xxxx

Navigate

moon.py -u navigate http://xx.xx.xx.xx:xxxx

Gatepass

moon.py -u gatepass http://xx.xx.xx.xx:xxxx

Jboss

  • admin-console
  • Checking Struts2
  • Checking Servlet Deserialization
  • Checking Application Deserialization
  • Checking Jenkins
  • Checking web-console
  • Checking jmx-console
  • JMXInvokerServlet
  • 此模块调用的是 #jexboss

moon.py -u jboss http://xx.xx.xx.xx:xxxx

Kindeditor

  • kindeditor<=4.1.5文件上传漏洞

moon.py -u kindeditor http://xx.xx.xx.xx:xxxx/kidneditor-4.1.5

Drupal

moon.py -u drupal http://xxx.xxx.xxx.xxx:xxxx

You can’t perform that action at this time.