Vulmap Versions Save

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

v0.9

2 years ago

remove exploit

v0.8

2 years ago
  • 支持扫描 dismap 识别结果文件 -f output.txt
  • 种类新增 coremail, ecology, eyou, qianxin, ruijie 漏洞
  • POC新增 Apache OFBiz CVE-2021-29200 CVE-2021-30128
  • POC新增 Apache Solr CVE-2021-27905
  • POC新增 Fastjson 回显 VER-1224-2 VER-1224-3
  • POC新增 Oracle Weblogic CVE-2016-0638 CVE-2018-3191 CVE-2019-2890
  • Support scanning dismap recognition result file -f output.txt
  • Added coremail, ecology, eyou, qianxin, ruijie vulnerabilities in categories
  • POC added Apache OFBiz CVE-2021-29200 CVE-2021-30128
  • POC added Apache Solr CVE-2021-27905
  • POC added Fastjson echo VER-1224-2 VER-1224-3
  • POC added Oracle Weblogic CVE-2016-0638 CVE-2018-3191 CVE-2019-2890

v0.7

3 years ago
  • 改用三个Dnslog轮询,感谢@Buzz2d0提供的hyuga.co
  • 内置大部分Python第三方依赖库
  • 常规RCE的极致误报处理
  • 优化结果,显示,参数等功能模块
  • 新增多个PoC包括Exchange, Vmware, BIG-IP, Druid, Laravel, Saltstack, Node.JS等
  • 修复多个遗留bug
  • Use three Dnslog polls instead, thanks to hyuga.co provided by @Buzz2d0
  • Built-in most Python third-party dependency libraries
  • The extreme false alarm handling of conventional RCE
  • Optimization results, display, parameters and other functional modules
  • Added multiple PoCs including Exchange, Vmware, BIG-IP, Druid, Laravel, Saltstack, Node.JS, etc.
  • Fix multiple remaining bugs

v0.6

3 years ago
  • 优化输出, 新增 json 输出, 格式与 xray 一致.
  • 新增 fastjson 和 spring 漏洞扫描和利用.
  • 引入 ceye 检测无回显 rce 漏洞.
  • 添加 fofa api 和 shodan api 批量扫描.
  • 重构 poc 模块, 重构 vulmap 变为模块化.
  • 新添自动指纹识别.
  • 替换echo命令为随机md5
  • Optimize output, add json output, the format is consistent with xray.
  • Added fastjson and spring vulnerability scanning and exploitation.
  • Introduce ceye to detect the rce vulnerability without echo.
  • Add fofa api and shodan api batch scanning.
  • Refactored the poc module and refactored vulmap to become modular.
  • Added automatic fingerprint recognition.
  • Replace the echo command with random md5

v0.5

3 years ago
  • 新增多线程扫描,默认10线程,可自定义,默认开启协程(扫描变得非常快就对了)
  • 支持添加代理扫描,支持socks和http代理
  • 可自定义User-Agent
  • 又改动--debug, exp模式开debug显示request和responses, poc模式显示扫描漏洞列表
  • CVE-2016-4437 Apache Shiro新增三个回显gadget(共6个),key增至5个
  • 新增Apache Flink CVE-2020-17518 & CVE-2020-17519
  • 优化批量扫描和输出
  • Newly increased thread scanning, default 10 threads, customizable, open coroutine by default (scanning becomes very fast, right)
  • Support adding proxy scanning, support socks and http proxy
  • Customizable User-Agent
  • Another change --debug, open debug in exp mode to display requests and responses, poc mode to display the list of scan vulnerabilities
  • CVE-2016-4437 Apache Shiro added three echo gadgets (6 in total), and the key increased to 5
  • Added Apache Flink CVE-2020-17518 & CVE-2020-17519
  • Optimize batch scanning and output

0.4

3 years ago
  • 新增 ActiveMQ CVE-2015-5254
  • 新增 ActiveMQ CVE-2016-3088
  • 新增 Apache Struts2 S2-061
  • 新增 Apache Unomi CVE-2020-13942
  • 新增 Elasticsearch CVE-2014-3120
  • 新增 Elasticsearch CVE-2015-1427
  • 优化程序滚动输出
  • 增加了URL存活检测
  • 添加了URL格式检测和拼接,支持ip:port,ip
  • 优化了--output输出格式
  • 修复多个struts2误报
  • 重构--debug功能,为配合-v使用显示requests和reponse
  • 修复多个小问题

v0.3

3 years ago
  • 新蹭 Weblogic CVE-2020-14882
  • 新蹭 Weblogic CVE-2020-2883
  • 新蹭 Weblogic CVE-2020-2555
  • 新蹭 Drupal CVE-2019-6340
  • 修复了windows中input乱码
  • 修复了port提取问题
  • 修改了依赖项目
  • 修复多个小bug

v0.2

3 years ago
  • 修改了默认检测命令,使用echo替代netstat
  • 修复了Drupal、Jenkins、Nexus的POC误报问题
  • 重构Weblogic部分POC
  • 新增Apache Shiro: CVE-2016-4437
  • 新增ThinkPHP: CVE-2019-9082
  • 新增ThinkPHP: CVE-2018-20062
  • 修复批量模式下漏洞检测失败问题
  • 修复批量模式下提取url问题
  • 修复多个Bug
  • ... ...

v0.1

3 years ago

2020-10-10 Vulmap First version

  • Vulnerability scan
  • Vulnerability Exploit
  • Custom command
  • Batch scan
  • File output
  • Delayed scan
  • Debug mode
  • ... ...