update readme

veo · Jun 23, 2022 · d5b66ca · d5b66ca
1 parent 608aaa8
commit d5b66ca
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -32,6 +32,8 @@
 - 快速的POC检测功能
 - 快速的敏感文件检测功能
 - 轻量、开源、跨平台使用
+- 支持指纹 650(eHole) + 3129(Local) + 3053(wappalyzergo) = 6832 条
+- 支持 Xray 和 Nuclei 的 POC 检测
 - 支持多种类型的输入 - **STDIN/HOST/IP/CIDR/URL/TXT**
 - 支持多种类型的输出 - **JSON/TXT/CSV/STDOUT**
 

diff --git a/static/pocs.md b/static/pocs.md
@@ -6,6 +6,16 @@ pocs_go:
  +-------------------+------------------+-------------------------------------------------------------+
  | 系统               | 编号             | 描述                                                         |
  +-------------------+------------------+-------------------------------------------------------------+
+ | F5 BIG-IP         | CVE-2022-1388    | F5 BIG-IP iControl REST - Remote Command Execution          |
+ | F5 BIG-IP         | CVE-2021-22986   | F5 BIG-IP iControl REST - Remote Command Execution          |
+ | F5 BIG-IP         | CVE-2020-5902    | F5 BIG-IP RCE                                               |
+ | Confluence        | CVE-2022-26134   | RCE 1.3.0-7.4.17, 7.13.0-7.13.7, 7.14.0-7.14.3, 7.15.0      |
+ |                   |                  | -7.15.2, 7.16.0-7.16.4, 7.17.0-7.17.4, 7.18.0-7.18.1        |
+ | Confluence        | CVE_2021_26085   | Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read       |
+ | Confluence        | CVE-2021-26084   | RCE < 6.13.23, 6.14.0-7.4.11, 7.5.0-7.11.6, 7.12.0-7.12.5   |
+ | Gitlab            | CVE-2021-22205   | RCE on Gitlab version < 13.10.3                             |
+ | Zabbix            | CVE-2022-23131   | Zabbix instances where SAML SSO authentication bypass       |
+ | Sunlogin          | RCE              | Sunlogin RCE                                                |
  | Springboot        | CVE-2022-22965   | Spring Framework RCE via Data Binding on JDK 9+             |
  | Springboot        | CVE-2022-22947   | spring cloud gateway 3.1.1+ and 3.0.7+ remote code execution|
  | Apache Log4j      | CVE-2021-44228   | 2.0 <= Apache log4j2 <= 2.14.1, log4j remote code execution |
@@ -29,12 +39,13 @@ pocs_go:
  | Oracle Weblogic   | CVE-2020-14883   | 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0, console rce       |
  | Oracle Weblogic   | CVE-2021-2109    | 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0, unauthorized jndi |
  | PHPUnit           | CVE_2017_9841    | 4.x < 4.8.28, 5.x < 5.6.3, remote code execution            |
- | Seeyon            | *                | some poc                                                    |
+ | Seeyon            | 10+ POC          | some poc                                                    |
  | ThinkPHP          | CVE-2019-9082    | < 3.2.4, thinkphp remote code execution                     |
  | ThinkPHP          | CVE-2018-20062   | <= 5.0.23, 5.1.31, thinkphp remote code execution           |
  +-------------------+------------------+-------------------------------------------------------------+
 pocs_yml:
 
-xrayV2 all pocs
+xrayV2 all 354 pocs
 
+Nuclei 1700+ pocs
 ```
diff --git a/static/vscan-run.png b/static/vscan-run.png