Skip to content
A simple framework for sending test payloads for known web CVEs.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci update Apr 19, 2019
tests update May 17, 2019
.gitignore lint fixes Dec 26, 2018
Makefile update Apr 19, 2019
README.md update Apr 18, 2019
groups.json update May 17, 2019
requirements.txt
webcve.py update May 7, 2019

README.md

web-cve-tests

PRs Welcome CircleCI

The goal of this tool is to send PoC payloads to verify server-side attack detection solutions. If detected, the server side should return a specified HTTP status code.

This tool is not intended to actually exploit the vulnerability or to test for the existence of the vulnerability.

Usage

Basic:

./webcve.py --url https://target-site.com

Specify detected response code (default is 403):

./webcve.py --url https://target-site.com --status-code 406

Verbose (output CVE descriptions):

./webcve.py --url https://target-site.com -v

Test a single CVE (with example output):

./webcve.py --url https://target-site.com --status-code 406 --cve CVE-2017-9791 -v
CVE-2017-9791
The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution
via a malicious field value passed in a raw message to the ActionMessage.
        Test passed (406)
        Test passed (406)
        Test passed (406)
        Test passed (406)

Test for a group of CVEs. Groups are defined in groups.json.

./webcve.py --url https://target-site.com --group struts

Test for a group type of CVEs. Types are defined in groups.json.

./webcve.py --url https://target-site.com --type cms

List available groups or types.

./webcve.py --list group
./webcve.py --list type

Contributions

Pull requests are welcome. Please use the existing CVE directories as examples of how you should structure your submission.

You can’t perform that action at this time.