Skip to content

vulcat-v1.0.9
Compare
Choose a tag to compare
@CLincat CLincat released this 16 Jun 06:41
· 22 commits to main since this release
vulcat-v1.0.9
ba309df

2022.06.16
vulcat-v1.0.9

  • 修复了部分已知BUG

  • 新增参数和功能:

  1. 扫描前会对目标进行WAF检测,如果检测到WAF,会询问用户是否继续扫描(yes/No)
  2. 新增--no-waf和--batch参数
  3. --no-waf: 禁用WAF检测
  4. --batch: yes/no的选项不需要用户输入, 程序自动使用默认选项
  5. 新增POC模板demo2.py,可以根据需求选择不同的模板来自定义POC(demo.py和demo2.py)
  • 新增POC:
  1. ElasticSearch 命令执行 (CVE-2014-3120)
  2. ElasticSearch Groovy 沙盒绕过&&代码执行 (CVE-2015-1427)
  3. ElasticSearch 目录穿越 (CVE-2015-3337)
  4. ElasticSearch 目录穿越 (CVE-2015-5531)
  5. Atlassian Confluence任意文件包含 (CVE-2015-8399)
  6. Atlassian Confluence路径遍历和命令执行 (CVE-2019-3396)
  7. Atlassian Confluence OGNL表达式命令注入 (CVE-2021-26084)
  8. Atlassian Confluence远程代码执行 (CVE-2022-26134)
  9. ThinkPHP5.x 远程代码执行 (CVE-2018-1002015)

  • Fixed some known bugs

  • new parameters and functions:

  1. Before scanning, WAF detection is performed on the target. If WAF detection is detected, the user is asked whether to continue scanning(yes/No)
  2. new: --no-waf / --batch
  3. --no-waf: Disable WAF detection
  4. --batch: The yes/no option does not require user input. The default option is used
  5. The custom POC template demo2.py is added. You can select different templates based on requirements(demo.py / demo2.py)
  • new POC:
  1. ElasticSearch Remote code execution (CVE-2014-3120)
  2. ElasticSearch Groovy Sandbox to bypass && RCE (CVE-2015-1427)
  3. ElasticSearch Directory traversal (CVE-2015-3337)
  4. ElasticSearch Directory traversal (CVE-2015-5531)
  5. Atlassian Confluence any file include (CVE-2015-8399)
  6. Atlassian Confluence Directory traversal && RCE (CVE-2019-3396)
  7. Atlassian Confluence OGNL expression command injection (CVE-2021-26084)
  8. Atlassian Confluence Remote code execution (CVE-2022-26134)
  9. ThinkPHP5.x Remote code execution (CVE-2018-1002015)
Assets 3
Loading