vulcat-v1.0.9
2022.06.16
vulcat-v1.0.9
-
修复了部分已知BUG
-
新增参数和功能:
- 扫描前会对目标进行WAF检测,如果检测到WAF,会询问用户是否继续扫描(yes/No)
- 新增--no-waf和--batch参数
- --no-waf: 禁用WAF检测
- --batch: yes/no的选项不需要用户输入, 程序自动使用默认选项
- 新增POC模板demo2.py,可以根据需求选择不同的模板来自定义POC(demo.py和demo2.py)
- 新增POC:
- ElasticSearch 命令执行 (CVE-2014-3120)
- ElasticSearch Groovy 沙盒绕过&&代码执行 (CVE-2015-1427)
- ElasticSearch 目录穿越 (CVE-2015-3337)
- ElasticSearch 目录穿越 (CVE-2015-5531)
- Atlassian Confluence任意文件包含 (CVE-2015-8399)
- Atlassian Confluence路径遍历和命令执行 (CVE-2019-3396)
- Atlassian Confluence OGNL表达式命令注入 (CVE-2021-26084)
- Atlassian Confluence远程代码执行 (CVE-2022-26134)
- ThinkPHP5.x 远程代码执行 (CVE-2018-1002015)
-
Fixed some known bugs
-
new parameters and functions:
- Before scanning, WAF detection is performed on the target. If WAF detection is detected, the user is asked whether to continue scanning(yes/No)
- new: --no-waf / --batch
- --no-waf: Disable WAF detection
- --batch: The yes/no option does not require user input. The default option is used
- The custom POC template demo2.py is added. You can select different templates based on requirements(demo.py / demo2.py)
- new POC:
- ElasticSearch Remote code execution (CVE-2014-3120)
- ElasticSearch Groovy Sandbox to bypass && RCE (CVE-2015-1427)
- ElasticSearch Directory traversal (CVE-2015-3337)
- ElasticSearch Directory traversal (CVE-2015-5531)
- Atlassian Confluence any file include (CVE-2015-8399)
- Atlassian Confluence Directory traversal && RCE (CVE-2019-3396)
- Atlassian Confluence OGNL expression command injection (CVE-2021-26084)
- Atlassian Confluence Remote code execution (CVE-2022-26134)
- ThinkPHP5.x Remote code execution (CVE-2018-1002015)