Two new deep enumerators (One API, Argilla), neon pink banner, Cat-03 model serving fingerprints.
New enumerators
enumOneAPI — songquanpeng/one-api LLM gateway (1.19M Docker Hub pulls)
/api/status— identity: version, system_name, email_verification flag (public by design)/v1/models— open relay detection; 200 = anyone can route inference requests through the operator's upstream provider accounts (OpenAI, Anthropic, etc.)POST /api/user/login {"username":"root","password":"123456"}— default credential check. Documented in the one-api README, actively exploited in the wild. Surfaces CRITICAL with role + username on success. Verified live: 27.124.10.54:3000.
enumArgilla — HuggingFace Argilla annotation platform
/api/v1/me— auth gate; handles both error shapes:- v2.x:
{"error":"Unauthorized Access"}(HTTP 401) - v1.x:
{"detail":{"code":"argilla.api.errors::UnauthorizedError",...}}(HTTP 401) - 200 +
"username"field = misconfigured anonymous access → CRITICAL
- v2.x:
/api/v1/workspaces— workspace names; readable without auth = annotation training data exposed → CRITICAL/api/v1/datasets— dataset names; readable without auth → CRITICAL
Both enumerators were previously falling through to mkResult (no-op fallback), returning auth_status: unknown and findings: null. agent-logging-system flagged both as error_rate_high (100% error rate). Root cause: neither was registered in enumeratorRegistry.
Other changes
- Banner: color changed from cyan (
\033[96m) to neon pink (\033[38;5;198m) - Cat-03 model serving fingerprints: KoboldCpp (port 5001), LM Studio (port 1234), Aphrodite Engine (port 2242), LMDeploy, GPT4All, HuggingFace TGI, faster-whisper server
- README: banner image, screenshots section (6 images: fingerprinting, phase 3, service cards, Ollama CRIT, One API default creds, full summary)
Binaries
| Platform | File |
|---|---|
| Linux x86_64 | aimap-linux-amd64 |
| Linux arm64 | aimap-linux-arm64 |
| macOS x86_64 | aimap-darwin-amd64 |
| macOS arm64 (Apple Silicon) | aimap-darwin-arm64 |
Verify with sha256sum -c SHA256SUMS.