diff --git a/README.md b/README.md index a69fb6e1..3a1c439e 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ vscan # 1.options ``` Examples: - ./vscan -l hosts.txt -top-ports http -o out.txt -ceyeapi xxx -ceyedomain xxxxxx.ceye.io + ./vscan -l hosts.txt -top-ports http -o out.txt -local-jndi xxx.xxx.xxx.xxx:1234 -ceyeapi xxx -ceyedomain xxxxxx.ceye.io Usage: ./vscan [flags] @@ -37,6 +37,8 @@ OUTPUT: CONFIGURATION: -proxy Httpx Proxy, eg (http://127.0.0.1:8080|socks5://127.0.0.1:1080) + -skip-admin-brute Skip brute admin password + -local-jndi Local Jndi Server and Port (eg: 8.8.8.8:1234,如需外网访问,IP请填写外网IP) -ceyeapi ceye.io api key //扫描时最好添加dnslog,有些漏洞检测需要dnslog验证 -ceyedomain ceye.io subdomain //扫描时最好添加dnslog,有些漏洞检测需要dnslog验证 -no-color Don't Use colors in output @@ -109,6 +111,7 @@ pocs_go: +-------------------+------------------+-------------------------------------------------------------+ | 系统 | 编号 | 描述 | +-------------------+------------------+-------------------------------------------------------------+ + | Apache Log4j | CVE-2021-44228 | 2.0 <= Apache log4j2 <= 2.14.1, log4j remote code execution | | Apache Shiro | CVE-2016-4437 | <= 1.2.4, shiro-550, rememberme deserialization rce | | Apache Tomcat | CVE-2017-12615 | 7.0.0 - 7.0.81, put method any files upload | | Apache Tomcat | CVE-2020-1938 | 6, 7 < 7.0.100, 8 < 8.5.51, 9 < 9.0.31 arbitrary file read | @@ -194,6 +197,18 @@ case "Apache Tomcat": 扫描 备份、swagger-ui、spring actuator、上传接口、测试文件等敏感文件,字典在 ./brute/dicts.go 内置,可自行修改 +## 3.6 JNDILOG + +JNDI漏洞支持两种验证方式、 + +1.本机-local-jndi参数启动JNDIlog进行验证 + +2.外网DNSLOG验证 + +如两个参数都使用,GOPOC使用JNDILOG进行,YMLPOC还是会使用DNSLOG。 + +总结:建议扫描时使用 JNDILOG 功能的同时使用 DNSLOG + ## Licenses 本工具仅面向合法授权的企业安全建设行为,在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。 diff --git a/go.mod b/go.mod index 991f4e61..34871836 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,6 @@ require ( github.com/hbakhtiyor/strsim v0.0.0-20190107154042-4d2bbb273edf github.com/logrusorgru/aurora v2.0.3+incompatible github.com/microcosm-cc/bluemonday v1.0.16 - github.com/panjf2000/ants v1.3.0 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 github.com/pkg/errors v0.9.1 github.com/projectdiscovery/blackrock v0.0.0-20210415162320-b38689ae3a2e diff --git a/go.sum b/go.sum index 1508c51d..e2f287d8 100644 --- a/go.sum +++ b/go.sum @@ -163,8 +163,6 @@ github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1y github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7mt48= github.com/onsi/gomega v1.16.0 h1:6gjqkI8iiRHMvdccRJM8rVKjCWk6ZIm6FTm3ddIe4/c= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/panjf2000/ants v1.3.0 h1:8pQ+8leaLc9lys2viEEr8md0U4RN6uOSUCE9bOYjQ9M= -github.com/panjf2000/ants v1.3.0/go.mod h1:AaACblRPzq35m1g3enqYcxspbbiOJJYaxU2wMpm1cXY= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=