fierce-fish

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写，去掉臃肿功能的精简版本poc框架

PS：真的用不惯其它臃肿的功能，不过作为一个收集漏洞poc && exp的框架还是非常不错的！！！
osprey
For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼，一种比鱼鹰还要凶猛的鱼，由于是osprey的改写版所以取此命名漏洞盒子PoC框架，寓意快，精，准，凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发)，是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口，可供灵活调用，也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt

若执行脚本还是报错，可以根据报错信息提示缺失的模块，手动执行命令(pip3 install ‘缺失模块名')，进行安装...

使用

获取帮助列表：

$ python osprey.py --help

最简单的用法，针对一个目标URL，发起一个PoC做检测：

$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名	poc名称	poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection	vb_2017_0060	Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read	vb_2021_0001	Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information	vb_2021_0002	Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection	vb_2021_0003	LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection	vb_2021_0004	LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read	vb_2021_0005	Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE	vb_2021_0006	Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password	vb_2021_0007	Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection	vb_2021_0008	Weaver OA 8 SQL injection
Weaver OA Bsh RCE	vb_2021_0009	Weaver OA Bsh RCE
Citrix XenMobile Read FIle	vb_2021_0010	Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882	vb_2021_0011	Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read	vb_2021_0012	Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read	vb_2021_0013	Jinher OA Arbitrary File Read
LanProxy Server Read File	vb_2021_0014	LanProxy Server Read File
YApi Remote Code Execute	vb_2021_0015	YApi Remote Code Execute
SaltStack RCE CVE-2020-11651	vb_2021_0016	SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage	vb_2021_0017	Coremail Server Information Leakage
AonarQube Api Information Leakage	vb_2021_0018	AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage	vb_2021_0019	Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage	vb_2021_0020	MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage	vb_2021_0021	ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE	vb_2021_0022	IceWarp WebClient Basic RCE
ShowDoc File Upload	vb_2021_0023	ShowDoc File Upload
Duoke-Web-Server-SQLInjection	vb_2021_0024	Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read	vb_2021_0025	yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak	vb_2021_0026	zhongqingnabo_information_leak
Apache Druid RCE	vb_2021_0027	Apache Druid RCE
Apache Kylin Xielou ReadFile	vb_2021_0028	Apache Kylin Xielou ReadFile
Apache Flink Read File	vb_2021_0029	Apache Flink Read File
Apache Flink Rce	vb_2021_0030	Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead	vb_2021_0031	3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE	vb_2021_0032	IceWarp WebClient Basic RCE
亿赛通命令执行漏洞	vb_2021_0033	亿赛通命令执行漏洞
Atlassian Jira Information disclosure	vb_2021_0034	Atlassian Jira Information disclosure
LANLING OA file read	vb_2021_0035	LANLING OA file read
CISCO Read-Only Path Traversal Vuln	vb_2021_0036	CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell	vb_2021_0037	Seeyon_Ajax_Getshell
vb_2021_0038_iis6_webdav_CVE_2017_7269	vb_2021_0038	vb_2021_0038_iis6_webdav_CVE_2017_7269
dedecms57_cve_2018_6910	vb_2021_0039	dedecms57_cve_2018_6910
Weaver_OA_e_Bridge_fileread	vb_2021_0040	Weaver_OA_e_Bridge_fileread
huayu_reporter_rce	vb_2021_0041	huayu_reporter_rce
zyxel_nbg2105_bypass_auth	vb_2021_0042	zyxel_nbg2105_bypass_auth
HIKVISION_file_read	vb_2021_0043	HIKVISION_file_read
CVE_2021_41773_poc_and_exploit	vb_2021_0044	CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit	vb_2021_0045	CVE_2021_42013_poc_and_exploit
CVE_2021_38647_omigod_RCE	vb_2021_0046	CVE_2021_38647_omigod_RCE
CVE_2021_26855_proxylogon	vb_2021_0047	CVE_2021_26855_proxylogon
CVE_2021_22005_VMWare_vCenter_Server_File_Upload	vb_2021_0048	CVE_2021_22005_VMWare_vCenter_Server_File_Upload
CVE_2021_22205_gitlab_unauth_rce	vb_2021_0049	CVE_2021_22205_gitlab_unauth_rce
coremail_information_leak	vb_2021_0050	coremail_information_leak
CVE_2021_40870_Aviatrix_Controller	vb_2021_0051	CVE_2021_40870_Aviatrix_Controller
CVE_2021_40845_Authenticated_File_Upload_RCE	vb_2021_0052	CVE_2021_40845_Authenticated_File_Upload_RCE
CVE_2021_26084_Confluence_OGNL_injection	vb_2021_0053	CVE_2021_26084_Confluence_OGNL_injection
haoshitong_video_fileread	vb_2021_0054	haoshitong_video_fileread
wanhuoa_file_download	vb_2021_0055	wanhuoa_file_download
NS_NGFW_RCE	vb_2021_0056	NS_NGFW_RCE
Confluence_SSTI_CVE_2019_3396	vb_2021_0057	Confluence_SSTI_CVE_2019_3396
Metabase_fileread_CVE_2021_41277	vb_2021_0058	Metabase_fileread_CVE_2021_41277
fanwei_cnvd_2021_49104	vb_2021_0059	泛微e-office 任意文件上传

特点

体积小

检测效果精准，可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC，请参考 osprey编写规范和要求说明

Name		Name	Last commit message	Last commit date
Latest commit History 30 Commits
core		core
doc		doc
lib		lib
pics		pics
pocs		pocs
thirdparty		thirdparty
.DS_Store		.DS_Store
BasePoc.py		BasePoc.py
README.md		README.md
cmd 2.vm		cmd 2.vm
cmd.vm		cmd.vm
config.yaml		config.yaml
nc.py		nc.py
osprey.py		osprey.py
requirements.txt		requirements.txt
settings.py		settings.py
setup.py		setup.py
testshellcode		testshellcode
utils.py		utils.py

FDlucifer/firece-fish

Folders and files

Latest commit

History

Repository files navigation

fierce-fish

简介

安装

使用

目前已收录漏洞POC及EXP

特点

poc编写说明相关文档

后续会在本仓库长期更新最新的POC & EXP。:)

About

Topics

Resources

Stars

Watchers

Forks

Languages