Skip to content

Commit 52ead5d

Browse files
hktalenthktalent
committed
1、up PoCs 2、add supply chain 2022-08-09
1 parent 34c4784 commit 52ead5d

File tree

120 files changed

+897
-9
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

120 files changed

+897
-9
lines changed

README_CN.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -214,13 +214,16 @@ more see: <a href=https://github.com/hktalent/scan4all/discussions>discussions</
214214
- 2022-06-24 优化指纹算法;增加工作流程图
215215
- 2022-06-23 添加参数ParseSSl,控制默认不深度分析SSL中的DNS信息,默认不对SSL中dns进行扫描;优化:nmap未自动加.exe的bug;优化windows下缓存文件未优化体积的bug
216216
- 2022-06-22 集成 N 种协议弱口令检测、密码爆破:ftp、mongodb、mssql、mysql、oracle、postgresql、rdp、redis、smb、ssh、telnet,同时优化支持外挂密码字典
217+
- 2022-06-21 决然做scan4all
218+
<!--
217219
- 2022-06-20 集成Subfinder,域名爆破,启动参数导出EnableSubfinder=true,注意启动后很慢; ssl证书中域名信息的自动深度钻取
218220
允许通过 config/config.json 配置定义自己的字典,或设置相关开关
219221
- 2022-06-17 优化一个域名多个IP的情况,所有IP都会被端口扫描,然后按照后续的扫描流程
220222
- 2022-06-15 此版本增加了过去实战中获得的几个weblogic密码字典和webshell字典
221223
- 2022-06-10 完成核的整合,当然包括核模板的整合
222224
- 2022-06-07 添加相似度算法来检测 404
223225
- 2022-06-07 增加http url列表精准扫描参数,根据环境变量UrlPrecise=true开启
226+
-->
224227

225228
# 交流群(微信、QQ、Tg)
226229
| Wechat | Or | QQchat | Or | Tg |

brute/dicts/cprt.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
技术支持
2+
运行维护单位
3+
开发单位

brute/dicts/softc.txt

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
Amadeus
2+
Amadeus IT Group
3+
CA
4+
Fiserv
5+
HCL Technologies
6+
HCL科技
7+
Intuit
8+
Microsoft
9+
Oracle
10+
SAP
11+
VMware
12+
甲骨文
13+
赛门铁克
14+
同方股份有限公司
15+
长天科技有限公司
16+
万达信息股份有限公司
17+
东软集团股份有限公司
18+
山大地纬软件股份有限公司
19+
广州华南资讯科技有限公司
20+
广州华资软件技术有限公司
21+
浙大网新科技股份有限公司
22+
浙江天正信息科技有限公司
23+
山东地纬计算机软件有限公司
24+
易联众信息技术股份有限公司
25+
创智和宇信息技术股份有限公司
26+
北京中软国际信息技术有限公司
27+
南京莱斯信息技术股份有限公司
28+
四川久远银海软件股份有限公司
29+
新型农村社会养老保险信息系统
30+
长沙创智和宇信息技术有限公司
31+
北京北控电信通信息技术有限公司

brute/supportinfo.go

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
package brute
2+
3+
import (
4+
_ "embed"
5+
"github.com/hktalent/scan4all/lib/util"
6+
"regexp"
7+
"strings"
8+
)
9+
10+
//go:embed dicts/cprt.txt
11+
var supplyChainPrefix string
12+
13+
//go:embed dicts/softc.txt
14+
var supplyChainEndstr string
15+
16+
func init() {
17+
util.RegInitFunc(func() {
18+
p1 := "((" + strings.Join(strings.Split(strings.TrimSpace(supplyChainPrefix), "\n"), ")|(") + "))\\s*[::]\\s*"
19+
p2 := "((" + strings.Join(strings.Split(strings.TrimSpace(supplyChainEndstr), "\n"), ")|(") + "))"
20+
util.SupplyChainReg = regexp.MustCompile(p1 + p2)
21+
})
22+
}

config/nuclei-templates/cves/2014/CVE-2014-3704.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ info:
1616
remediation: Upgrade to Drupal core 7.32 or later.
1717
classification:
1818
cve-id: CVE-2014-3704
19+
metadata:
20+
shodan-query: http.component:"drupal"
1921
tags: cve,cve2014,drupal,sqli
2022

2123
variables:

config/nuclei-templates/cves/2015/CVE-2015-1503.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ info:
1515
cvss-score: 7.5
1616
cve-id: CVE-2015-1503
1717
cwe-id: CWE-200
18+
metadata:
19+
shodan-query: title:"icewarp"
1820
tags: cve,cve2015,icewarp,lfi,mail
1921

2022
requests:

config/nuclei-templates/cves/2015/CVE-2015-7450.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ info:
1515
cvss-score: 9.8
1616
cve-id: CVE-2015-7450
1717
cwe-id: CWE-94
18+
metadata:
19+
shodan-query: http.html:"IBM WebSphere Portal"
1820
tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java,kev
1921

2022
requests:

config/nuclei-templates/cves/2016/CVE-2016-0957.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1414
cvss-score: 7.5
1515
cve-id: CVE-2016-0957
16+
metadata:
17+
shodan-query: http.component:"Adobe Experience Manager"
1618
tags: cve,cve2016,adobe,aem
1719

1820
requests:

config/nuclei-templates/cves/2016/CVE-2016-2389.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ info:
1616
cvss-score: 7.5
1717
cve-id: CVE-2016-2389
1818
cwe-id: CWE-22
19+
metadata:
20+
shodan-query: http.favicon.hash:-266008933
1921
tags: cve,cve2016,lfi,sap
2022

2123
requests:

config/nuclei-templates/cves/2017/CVE-2017-12615.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,9 @@ info:
1717
cvss-score: 8.1
1818
cve-id: CVE-2017-12615
1919
cwe-id: CWE-434
20-
tags: cve,cve2017,apache,rce,tomcat,kev
20+
metadata:
21+
shodan-query: title:"Apache Tomcat"
22+
tags: cve,cve2017,apache,rce,tomcat,kev,cisa
2123

2224
requests:
2325
- method: PUT

config/nuclei-templates/cves/2017/CVE-2017-12637.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 7.5
1515
cve-id: CVE-2017-12637
1616
cwe-id: CWE-22
17+
metadata:
18+
shodan-query: http.favicon.hash:-266008933
1719
tags: cve,cve2017,sap,lfi,java,traversal
1820

1921
requests:

config/nuclei-templates/cves/2017/CVE-2017-6090.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 8.8
1515
cve-id: CVE-2017-6090
1616
cwe-id: CWE-434
17+
metadata:
18+
shodan-query: http.title:"PhpCollab"
1719
tags: cve,cve2017,phpcollab,rce,fileupload
1820

1921
requests:

config/nuclei-templates/cves/2017/CVE-2017-9506.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 6.1
1515
cve-id: CVE-2017-9506
1616
cwe-id: CWE-918
17+
metadata:
18+
shodan-query: http.component:"Atlassian Jira"
1719
tags: cve,cve2017,atlassian,jira,ssrf,oast
1820

1921
requests:

config/nuclei-templates/cves/2018/CVE-2018-11759.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@ info:
1717
cvss-score: 7.5
1818
cve-id: CVE-2018-11759
1919
cwe-id: CWE-22
20+
metadata:
21+
shodan-query: title:"Apache Tomcat"
2022
tags: cve,cve2018,apache,tomcat
2123

2224
requests:

config/nuclei-templates/cves/2018/CVE-2018-11784.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 4.3
1515
cve-id: CVE-2018-11784
1616
cwe-id: CWE-601
17+
metadata:
18+
shodan-query: title:"Apache Tomcat"
1719
tags: tomcat,redirect,cve,cve2018,apache
1820

1921
requests:

config/nuclei-templates/cves/2018/CVE-2018-20824.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ info:
1212
cvss-score: 6.1
1313
cve-id: CVE-2018-20824
1414
cwe-id: CWE-79
15+
metadata:
16+
shodan-query: http.component:"Atlassian Jira"
1517
tags: cve,cve2018,atlassian,jira,xss
1618

1719
requests:

config/nuclei-templates/cves/2018/CVE-2018-7600.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,9 @@ info:
1515
cvss-score: 9.8
1616
cve-id: CVE-2018-7600
1717
cwe-id: CWE-20
18-
tags: cve,cve2018,drupal,rce,kev
18+
metadata:
19+
shodan-query: http.component:"drupal"
20+
tags: cve,cve2018,drupal,rce,kev,cisa
1921

2022
requests:
2123
- raw:

config/nuclei-templates/cves/2018/CVE-2018-7602.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,9 @@ info:
1414
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1515
cvss-score: 9.8
1616
cve-id: CVE-2018-7602
17-
tags: cve,cve2018,drupal,authenticated,kev
17+
metadata:
18+
shodan-query: http.component:"drupal"
19+
tags: cve,cve2018,drupal,authenticated,kev,cisa
1820

1921
requests:
2022
- raw:

config/nuclei-templates/cves/2018/CVE-2018-9205.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ info:
1616
cvss-score: 7.5
1717
cve-id: CVE-2018-9205
1818
cwe-id: CWE-22
19+
metadata:
20+
shodan-query: http.component:"drupal"
1921
tags: cve,cve2018,lfi,drupal
2022

2123
requests:

config/nuclei-templates/cves/2019/CVE-2019-0221.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,8 @@ info:
1919
cvss-score: 6.1
2020
cve-id: CVE-2019-0221
2121
cwe-id: CWE-79
22+
metadata:
23+
shodan-query: title:"Apache Tomcat"
2224
tags: cve,cve2019,apache,xss,tomcat
2325

2426
requests:

config/nuclei-templates/cves/2019/CVE-2019-11580.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,9 @@ info:
1313
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1414
cvss-score: 9.8
1515
cve-id: CVE-2019-11580
16-
tags: cve,cve2019,atlassian,rce,kev
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
18+
tags: cve,cve2019,atlassian,rce,kev,cisa
1719

1820
requests:
1921
- method: GET

config/nuclei-templates/cves/2019/CVE-2019-11581.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,9 @@ info:
1616
cvss-score: 9.8
1717
cve-id: CVE-2019-11581
1818
cwe-id: CWE-74
19-
tags: cve,cve2019,atlassian,jira,ssti,rce,kev
19+
metadata:
20+
shodan-query: http.component:"Atlassian Jira"
21+
tags: cve,cve2019,atlassian,jira,ssti,rce,kev,cisa
2022

2123
requests:
2224
- method: GET

config/nuclei-templates/cves/2019/CVE-2019-12593.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ info:
1717
cwe-id: CWE-22
1818
metadata:
1919
google-dork: Powered By IceWarp 10.4.4
20+
shodan-query: title:"icewarp"
2021
tags: cve,cve2019,lfi,icewarp
2122

2223
requests:

config/nuclei-templates/cves/2019/CVE-2019-3401.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ info:
1212
cvss-score: 5.3
1313
cve-id: CVE-2019-3401
1414
cwe-id: CWE-863
15+
metadata:
16+
shodan-query: http.component:"Atlassian Jira"
1517
tags: cve,cve2019,jira,atlassian,exposure
1618

1719
requests:

config/nuclei-templates/cves/2019/CVE-2019-3402.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-score: 6.1
1414
cve-id: CVE-2019-3402
1515
cwe-id: CWE-79
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
1618
tags: cve,cve2019,atlassian,jira,xss
1719

1820
requests:

config/nuclei-templates/cves/2019/CVE-2019-3403.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-score: 5.3
1414
cve-id: CVE-2019-3403
1515
cwe-id: CWE-863
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
1618
tags: cve,cve2019,atlassian,jira
1719

1820
requests:

config/nuclei-templates/cves/2019/CVE-2019-6340.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,9 @@ info:
1515
cvss-score: 8.1
1616
cve-id: CVE-2019-6340
1717
cwe-id: CWE-502
18-
tags: cve,cve2019,drupal,rce,kev
18+
metadata:
19+
shodan-query: http.component:"drupal"
20+
tags: cve,cve2019,drupal,rce,kev,cisa
1921

2022
requests:
2123
- method: POST

config/nuclei-templates/cves/2019/CVE-2019-8442.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1414
cvss-score: 7.5
1515
cve-id: CVE-2019-8442
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
1618
tags: cve,cve2019,atlassian,jira,lfi
1719

1820
requests:

config/nuclei-templates/cves/2019/CVE-2019-8446.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-score: 5.3
1414
cve-id: CVE-2019-8446
1515
cwe-id: CWE-863
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
1618
tags: cve,cve2019,jira
1719

1820
requests:

config/nuclei-templates/cves/2019/CVE-2019-8449.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 5.3
1515
cve-id: CVE-2019-8449
1616
cwe-id: CWE-306
17+
metadata:
18+
shodan-query: http.component:"Atlassian Jira"
1719
tags: cve,cve2019,atlassian,jira,disclosure
1820

1921
requests:

config/nuclei-templates/cves/2019/CVE-2019-8451.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ info:
1515
cvss-score: 6.5
1616
cve-id: CVE-2019-8451
1717
cwe-id: CWE-918
18+
metadata:
19+
shodan-query: http.component:"Atlassian Jira"
1820
tags: cve,cve2019,atlassian,jira,ssrf,oast
1921

2022
requests:

config/nuclei-templates/cves/2020/CVE-2020-11110.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@ info:
1616
cvss-score: 6.1
1717
cve-id: CVE-2020-11110
1818
cwe-id: CWE-79
19+
metadata:
20+
shodan-query: title:"Grafana"
1921
tags: cve,cve2020,xss,grafana
2022

2123
requests:

config/nuclei-templates/cves/2020/CVE-2020-14179.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ info:
1212
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1313
cvss-score: 5.3
1414
cve-id: CVE-2020-14179
15+
metadata:
16+
shodan-query: http.component:"Atlassian Jira"
1517
tags: cve,cve2020,atlassian,jira,exposure,disclosure
1618

1719
requests:

config/nuclei-templates/cves/2020/CVE-2020-14181.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 5.3
1515
cve-id: CVE-2020-14181
1616
cwe-id: CWE-200
17+
metadata:
18+
shodan-query: http.component:"Atlassian Jira"
1719
tags: cve,cve2020,atlassian,jira
1820

1921
requests:

config/nuclei-templates/cves/2020/CVE-2020-1938.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,9 @@ info:
1515
cvss-score: 9.8
1616
cve-id: CVE-2020-1938
1717
cwe-id: CWE-269
18-
tags: cve,cve2020,apache,tomcat,lfi,network,kev
18+
metadata:
19+
shodan-query: title:"Apache Tomcat"
20+
tags: cve,cve2020,apache,tomcat,lfi,network,kev,cisa
1921

2022
network:
2123
- inputs:

config/nuclei-templates/cves/2020/CVE-2020-27982.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 6.1
1515
cve-id: CVE-2020-27982
1616
cwe-id: CWE-79
17+
metadata:
18+
shodan-query: title:"icewarp"
1719
tags: cve,cve2020,xss,icewarp
1820

1921
requests:

config/nuclei-templates/cves/2020/CVE-2020-29453.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ info:
1313
cvss-score: 5.3
1414
cve-id: CVE-2020-29453
1515
cwe-id: CWE-22
16+
metadata:
17+
shodan-query: http.component:"Atlassian Jira"
1618
tags: cve,cve2020,atlassian,jira,lfi
1719

1820
requests:

config/nuclei-templates/cves/2020/CVE-2020-36289.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ info:
1414
cvss-score: 5.3
1515
cve-id: CVE-2020-36289
1616
cwe-id: CWE-200
17+
metadata:
18+
shodan-query: http.component:"Atlassian Jira"
1719
tags: cve,cve2020,jira,atlassian,unauth
1820

1921
requests:

0 commit comments

Comments
 (0)