update 0.8
This commit is contained in:
之乎者也
150
core/scan.py
150
core/scan.py
@@ -25,122 +25,14 @@ from payload.NodeJs import NodeJs
|
||||
from payload.Exchange import Exchange
|
||||
from payload.F5_BIG_IP import BIG_IP
|
||||
from payload.ApacheOFBiz import ApacheOFBiz
|
||||
from payload.QiAnXin import QiAnXin
|
||||
from payload.RuiJie import RuiJie
|
||||
from payload.Eyou import Eyou
|
||||
from payload.CoreMail import CoreMail
|
||||
from payload.Ecology import Ecology
|
||||
|
||||
|
||||
class Scan():
|
||||
# pt方法用于测试单线程,默认也不使用,纯测试用
|
||||
def pt(self, target):
|
||||
poc_apache_activemq = ApacheActiveMQ(target)
|
||||
poc_apache_activemq.cve_2015_5254_poc()
|
||||
poc_apache_activemq.cve_2016_3088_poc()
|
||||
poc_apache_activemq = ApacheActiveMQ(target)
|
||||
poc_apache_activemq.cve_2015_5254_poc()
|
||||
poc_apache_activemq.cve_2016_3088_poc()
|
||||
|
||||
poc_apache_flink = ApacheFlink(target)
|
||||
poc_apache_flink.cve_2020_17518_poc()
|
||||
poc_apache_flink.cve_2020_17519_poc()
|
||||
|
||||
poc_apache_shiro = ApacheShiro(target)
|
||||
poc_apache_shiro.cve_2016_4437_poc()
|
||||
|
||||
poc_apache_solr = ApacheSolr(target)
|
||||
poc_apache_solr.cve_2017_12629_poc()
|
||||
poc_apache_solr.cve_2019_0193_poc()
|
||||
poc_apache_solr.cve_2019_17558_poc()
|
||||
|
||||
poc_apache_tomcat = ApacheTomcat(target)
|
||||
poc_apache_tomcat.tomcat_examples_poc()
|
||||
poc_apache_tomcat.cve_2017_12615_poc()
|
||||
poc_apache_tomcat.cve_2020_1938_poc()
|
||||
|
||||
poc_apache_solr = Fastjson(target)
|
||||
poc_apache_solr.fastjson_1224_poc()
|
||||
poc_apache_solr.fastjson_1247_poc()
|
||||
poc_apache_solr.fastjson_1262_poc()
|
||||
|
||||
poc_spring = Spring(target)
|
||||
poc_spring.cve_2020_5410_poc()
|
||||
poc_spring.cve_2019_3799_poc()
|
||||
poc_spring.cve_2018_1273_poc()
|
||||
|
||||
poc_elasticsearch = Elasticsearch(target)
|
||||
poc_elasticsearch.cve_2015_1427_poc()
|
||||
poc_elasticsearch.cve_2014_3120_poc()
|
||||
poc_jenkins = Jenkins(target)
|
||||
poc_jenkins.cve_2017_1000353_poc()
|
||||
poc_jenkins.cve_2018_1000861_poc()
|
||||
poc_oracle_weblogic = OracleWeblogic(target)
|
||||
poc_oracle_weblogic.cve_2014_4210_poc()
|
||||
poc_oracle_weblogic.cve_2020_14882_poc()
|
||||
poc_oracle_weblogic.cve_2017_3506_poc()
|
||||
poc_oracle_weblogic.cve_2017_10271_poc()
|
||||
poc_oracle_weblogic.cve_2018_2894_poc()
|
||||
poc_oracle_weblogic.cve_2019_2725_poc()
|
||||
poc_oracle_weblogic.cve_2020_2555_poc()
|
||||
poc_oracle_weblogic.cve_2019_2729_poc()
|
||||
poc_oracle_weblogic.cve_2020_2883_poc()
|
||||
poc_oracle_weblogic.cve_2020_2551_poc()
|
||||
|
||||
poc_nexus = Nexus(target)
|
||||
poc_nexus.cve_2019_7238_poc()
|
||||
poc_nexus.cve_2020_10199_poc()
|
||||
|
||||
poc_redhat_jboss = RedHatJBoss(target)
|
||||
poc_redhat_jboss.cve_2010_0738_poc()
|
||||
poc_redhat_jboss.cve_2010_1428_poc()
|
||||
poc_redhat_jboss.cve_2015_7501_poc()
|
||||
poc_redhat_jboss.cve_2017_12149_poc()
|
||||
|
||||
poc_apache_unomi = ApacheUnomi(target)
|
||||
poc_apache_unomi.cve_2020_13942_poc()
|
||||
|
||||
poc_thinkphp = ThinkPHP(target)
|
||||
poc_thinkphp.cve_2019_9082_poc()
|
||||
poc_thinkphp.cve_2018_20062_poc()
|
||||
|
||||
poc_drupal = Drupal(target)
|
||||
poc_drupal.cve_2018_7600_poc()
|
||||
poc_drupal.cve_2018_7602_poc()
|
||||
poc_drupal.cve_2019_6340_poc()
|
||||
|
||||
poc_apache_struts2 = ApacheStruts2(target)
|
||||
poc_apache_struts2.s2_005_poc()
|
||||
poc_apache_struts2.s2_008_poc()
|
||||
poc_apache_struts2.s2_009_poc()
|
||||
poc_apache_struts2.s2_013_poc()
|
||||
poc_apache_struts2.s2_015_poc()
|
||||
poc_apache_struts2.s2_016_poc()
|
||||
poc_apache_struts2.s2_029_poc()
|
||||
poc_apache_struts2.s2_032_poc()
|
||||
poc_apache_struts2.s2_045_poc()
|
||||
poc_apache_struts2.s2_046_poc()
|
||||
poc_apache_struts2.s2_048_poc()
|
||||
poc_apache_struts2.s2_052_poc()
|
||||
poc_apache_struts2.s2_057_poc()
|
||||
poc_apache_struts2.s2_059_poc()
|
||||
poc_apache_struts2.s2_061_poc()
|
||||
poc_apache_struts2.s2_devMode_poc()
|
||||
|
||||
poc_apache_druid = ApacheDruid(target)
|
||||
poc_apache_druid.cve_2021_25646_poc()
|
||||
|
||||
poc_laravel = Laravel(target)
|
||||
poc_laravel.cve_2021_3129_poc()
|
||||
|
||||
poc_vmware = Vmware(target)
|
||||
poc_vmware.time_2020_1013_poc()
|
||||
poc_vmware.cve_2021_21972_poc()
|
||||
|
||||
poc_saltstack = SaltStack(target)
|
||||
poc_saltstack.cve_2021_25282_poc()
|
||||
|
||||
poc_nodejs = NodeJs(target)
|
||||
poc_nodejs.cve_2021_21315_poc()
|
||||
|
||||
poc_exchange = Exchange(target)
|
||||
poc_exchange.cve_2021_26855_poc()
|
||||
poc_exchange.cve_2021_27065_poc()
|
||||
|
||||
def apache_activemq(self, target, gevent_pool):
|
||||
poc_apache_activemq = ApacheActiveMQ(target)
|
||||
@@ -162,6 +54,8 @@ class Scan():
|
||||
gevent_pool.append(spawn(poc_apache_solr.cve_2019_0193_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.cve_2019_17558_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.time_2021_0318_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.cve_2021_27905_poc))
|
||||
|
||||
|
||||
def apache_tomcat(self, target, gevent_pool):
|
||||
poc_apache_tomcat = ApacheTomcat(target)
|
||||
@@ -171,7 +65,9 @@ class Scan():
|
||||
|
||||
def fastjson(self, target, gevent_pool):
|
||||
poc_apache_solr = Fastjson(target)
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1224_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1224_1_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1224_2_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1224_3_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1247_poc))
|
||||
gevent_pool.append(spawn(poc_apache_solr.fastjson_1262_poc))
|
||||
|
||||
@@ -195,14 +91,18 @@ class Scan():
|
||||
poc_oracle_weblogic = OracleWeblogic(target)
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2014_4210_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2020_14882_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2016_0638_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2017_3506_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2017_10271_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2018_2894_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2018_3191_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2019_2725_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2019_2890_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2020_2555_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2019_2729_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2020_2883_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2020_2551_poc))
|
||||
gevent_pool.append(spawn(poc_oracle_weblogic.cve_2021_2109_poc))
|
||||
|
||||
def nexus(self, target, gevent_pool):
|
||||
poc_nexus = Nexus(target)
|
||||
@@ -285,6 +185,28 @@ class Scan():
|
||||
def apache_ofbiz(self, target, gevent_pool):
|
||||
apache_ofbiz = ApacheOFBiz(target)
|
||||
gevent_pool.append(spawn(apache_ofbiz.cve_2021_26295_poc))
|
||||
gevent_pool.append(spawn(apache_ofbiz.cve_2021_30128_poc))
|
||||
gevent_pool.append(spawn(apache_ofbiz.cve_2021_29200_poc))
|
||||
|
||||
def qiaixin(self, target, gevent_pool):
|
||||
qianxin = QiAnXin(target)
|
||||
gevent_pool.append(spawn(qianxin.time_2021_0410_poc))
|
||||
|
||||
def ruijie(self, target, gevent_pool):
|
||||
ruijie = RuiJie(target)
|
||||
gevent_pool.append(spawn(ruijie.time_2021_0424_poc))
|
||||
|
||||
def eyou(self, target, gevent_pool):
|
||||
eyou = Eyou(target)
|
||||
gevent_pool.append(spawn(eyou.cnvd_2021_26422_poc))
|
||||
|
||||
def coremail(self, target, gevent_pool):
|
||||
coremail = CoreMail(target)
|
||||
gevent_pool.append(spawn(coremail.time_2021_0414_poc))
|
||||
|
||||
def ecology(self, target, gevent_pool):
|
||||
ecology = Ecology(target)
|
||||
gevent_pool.append(spawn(ecology.time_2021_0515_poc))
|
||||
|
||||
|
||||
scan = Scan()
|
||||
|
||||
Reference in New Issue
Block a user