Bot releases are visible (Hide)
Published by github-actions[bot] about 1 year ago
- Added PoC for backup file detection
- Customize global cookies and will not overwrite the cookies of the original POC
optimization - afrog API has been synchronized with the latest features
- 新增备份文件检测的 PoC
- 自定义全局 cookie,不会覆盖原 POC 的 cookie
- 新增一批 HVV2023 PoCs
Published by github-actions[bot] about 1 year ago
Add
- Added PoC for backup file detection
- Customize global cookies and will not overwrite the cookies of the original POC
Optimization
- afrog API has been synchronized with the latest features
新增
- 新增备份文件检测的 PoC
- 自定义全局 cookie,不会覆盖原 POC 的 cookie
- 新增一批 HVV2023 PoCs
优化
- afrog API 已同步最新功能
Published by github-actions[bot] about 1 year ago
- Resolved the issue of console output content being escaped #76.
- The issue of incorrect version when using the
go install ..afrog/v2command has been resolved. - Added 24 new PoCs, totaling 1105 PoCs.
- 解决 console 输出内容被转义问题 #76
- 解决了使用
go install ..afrog/v2命令时版本不正确的问题。 - 新增 24 PoC,共 1105 个 PoC
Published by github-actions[bot] about 1 year ago
Add:
-
Version 2.7.8 introduced the Eye.sh backlink configuration option. For more detailed information, please refer to the afrog wiki.
-
In order to mitigate the impact of a large number of requests on the reverse-link platform and enhance the accuracy of POC validation, an independent concurrent rate control is implemented for POCs that require support from the reverse-link platform.(The "smart" parameter does not affect the concurrency of reverse-link POCs)
新增:
- 2.7.8 版本引入了 Eye.sh 反链配置项,有关详细信息,请参阅 afrog wiki。
最终效果示例可参考 afrog-config.yaml,如需添加 "eye" 相关内容,请在删除 afrog-config.yaml 后重新启动 afrog,系统将自动生成新的 afrog-config.yaml。
示例:
reverse:
ceye:
api-key: "bba3368******630b8fca0"
domain: "*****.ceye.io"
jndi:
jndi_address: "x.x.x.x"
ldap_port: "1389"
api_port: "34567"
eye:
token: "1f****4d"
domain: "****.eyes.sh"
-
为了减少大量请求对反链平台造成的影响,并提高POC验证的准确性,对需要反链平台支持的POC进行独立的并发速率控制。("smart" 参数不会影响反向链 POC 的并发数量)
-
-reverse-rate-limit/-rrl 和 -reverse-concurrency/-rc 这两个参数用于调控反链平台支持的 PoC 并发速率,建议不要设置得过高。
修复:
- eoffice-v9-file-upload 严重误报问题
- CVE-2023-38646、CVE-2021-36260
Published by github-actions[bot] about 1 year ago
Add:
- "POC Execution Duration Monitor": This monitor tracks and records the execution time of each POC to identify the POC with the longest execution time.
- "Vulnerability Scanner Breakpoint": Once a vulnerability is detected, the scanning program will immediately halt the scan and report the identified vulnerability.
新增:
- -pedm "POC Execution Duration Monitor"(POC执行时长监视器):监控并记录各个POC执行的时间,以便识别执行时间最长的POC。当一个POC执行时间超过1分钟时,将会触发提醒,接着每隔1分钟提醒一次,直到该POC执行完毕。
- "Vulnerability Scanner Breakpoint"(漏洞扫描断点):在发现漏洞后,扫描程序将立即停止扫描并报告该漏洞。此功能通常用于避免触发防火墙等情况下的过多扫描。
优化:
- "arcgis-default-password"(ArcGIS默认口令):将ArcGIS的3个Admin/Manager/Rest默认口令的PoC合并为一个。
- 对于 "mysql-detect" 和 "CVE-2023-25573",进行误报修复。
- 针对CVE-2023-25157,提升扫描速度。
Published by github-actions[bot] about 1 year ago
Add:
- "POC Execution Duration Monitor": This monitor tracks and records the execution time of each POC to identify the POC with the longest execution time.
- "Vulnerability Scanner Breakpoint": Once a vulnerability is detected, the scanning program will immediately halt the scan and report the identified vulnerability.
新增:
- -pedm "POC Execution Duration Monitor"(POC执行时长监视器):监控并记录各个POC执行的时间,以便识别执行时间最长的POC。当一个POC执行时间超过1分钟时,将会触发提醒,接着每隔1分钟提醒一次,直到该POC执行完毕。
- "Vulnerability Scanner Breakpoint"(漏洞扫描断点):在发现漏洞后,扫描程序将立即停止扫描并报告该漏洞。此功能通常用于避免触发防火墙等情况下的过多扫描。
优化:
- "arcgis-default-password"(ArcGIS默认口令):将ArcGIS的3个Admin/Manager/Rest默认口令的PoC合并为一个。
- 对于 "mysql-detect" 和 "CVE-2023-25573",进行误报修复。
- 针对CVE-2023-25157,提升扫描速度。
Published by github-actions[bot] about 1 year ago
optimization:
- Fix the false positive problem of ecology-filedownloadforoutdoc-sqli
- Fix CVE-2023-28432 rule writing error
- Fix CVE-2021-22205 rule writing error
优化:
- 修复 ecology-filedownloadforoutdoc-sqli 误报问题
- 修复 CVE-2023-28432 规则编写错误问题
- 修复 CVE-2021-22205 规则编写错误问题
Published by github-actions[bot] over 1 year ago
Add
● -ep, --exclude-pocs,pocs to exclude from the scan (comma-separated)
● -epf, --exclude-pocs-file,list of pocs to exclude from scan (file)
新增命令
● -ep, --exclude-pocs,可用于排除扫描中的 POC(以逗号分隔)
● -epf, --exclude-pocs-file,可用于从扫描中排除 POC 列表(以文件形式提供)
Published by github-actions[bot] over 1 year ago
Changing the backlink alive check to concurrent execution.
Add go poc : ecology-filedownloadforoutdoc-sqli
Poc Count: 1041
将反链存活检查改为并发执行
新增 go poc : ecology-filedownloadforoutdoc-sqli
Poc 总数: 1041
Published by github-actions[bot] over 1 year ago
● Add anti-link platform survival detection function
● Add extractor functionality to extract sensitive information such as version numbers
● Delete PoC: CNVD-2021-15824、t-soft-e-commerce4-urunadi-stored-xss、clicshopping-v2-xss
● 新增反链平台存活检测功能
● 新增提取器 extractors 功能,可提取版本号等敏感信息
● 删除 PoC : CNVD-2021-15824、t-soft-e-commerce4-urunadi-stored-xss、clicshopping-v2-xss
Published by github-actions[bot] over 1 year ago
● Improvement: Enhance the functionality of the -s and -S commands. Currently, we have added support for using -s and -S simultaneously in both -pl and scan filtering.
● -smart Intelligent adjustment of concurrency based on changes in the total number of assets being scanned.
● Add built-in functions toUpper and toLower.
● 改进 -s 和 -S 命令的功能。目前,我们已经支持在 -pl 和扫描过滤中同时使用 -s 和 -S
● -smart 根据资产总数的扫描变化,智能调整并发数。
● 新增内置函数 toUpper 和 toLower
afrog 2.7.0 新功能小技巧:
① 搜索“用友”存在的高危和紧急漏洞 afrog -pl -s yonyou,用友 -S high,critical
② 搭配本地的POC一同搜索“用友”存在的高危和紧急漏洞afrog -pl -s yonyou,用友 -S high,critical -ap "d:/mypoc1,e:/mypoc2"
③ 扫描“用友”存在的高危和紧急漏洞 afrog -T urls.txt -s yonyou,用友 -S high,critical
Published by zan8in over 1 year ago
-
We have performed urgent repairs on Yonyou NC PoCs to ensure accurate vulnerability scanning. Thank you, @wuha0926 , for discovering and assisting in resolving the issue.
-
Thank you, @zhizhuoshuma, for optimizing the kingdee-erp-binaryformatterproxy-deserial PoCs.
-
我们已对 Yonyou NC PoCs 进行紧急修复,以确保扫描能够准确检测漏洞,感谢 @wuha0926 发现并协助修复问题。
-
感谢 @zhizhuoshuma 对 kingdee-erp-binaryformatterproxy-deserial PoCs 进行优化。
Published by zan8in over 1 year ago
The moon represents my heart.
Add:
- The new feature, -append-poc / -ap, allows specifying one or multiple PoC files or directories to be merged with the built-in PoC for scanning together.
- Rawhttp supports HTTP/socks5 proxies.
- Celebrate! The total number of Afro PoCs has exceeded 1000! The current total is 1018.
月亮代表我的心
新增
- 新增 -append-poc / -ap 功能,允许指定一个或多个PoC文件或目录,以与内置PoC合并后一起进行扫描。
- rawhttp 支持 HTTP/socks5 代理
- 庆祝!afrog PoC 的总数突破了1000个!目前总数为1018个。
Published by zan8in over 1 year ago
We have fixed a potential false-positive issue with PoC CVE-2022-23131, making it more reliable and accurate in detecting actual vulnerabilities.
Published by zan8in over 1 year ago
Fix:
Fix -pd command, some PoC content is not printed completely
修复:
- 修复 -pd 命令,部分 PoC 内容打印不全问题
PoC:
累计:951
Published by zan8in over 1 year ago
Add:
-target / -t now supports multiple URLs, such as: afrog -t example.com,hackerone.com,nmap.org
Add JNDI reverse connection functionality.
Add the afrog calling library and a demonstration example.
新增:
-target / -t 现在支持多个 URL,比如:afrog -t example.com,hackerone.com,nmap.org
添加 JNDI 反连功能
添加 afrog 调用库和演示示例
Published by zan8in over 1 year ago
Add:
-mrbs Dynamically set the maximum size of the http response body (default 2m)
remove poc shiro-key-detect
新增:
命令 -mrbs 动态设置 http 响应 body 的最大值(默认 2m)
删除 PoC shiro-key-detect
Published by zan8in over 1 year ago
Add
Writing TCP/UDP POC files using YAML
Writing POC files for Go programming language using YAML
The Shiro Key detection script by default checks 20 keys.
Optimization
Resolve the path error issue during program updates with the "-update" command.
Enhance the console prompt messages
Disable the "-up" command and switch to automatic execution.
Change the notification level for the unconfigured reverse connection platform to Info
By default, target access is not monitored. Please enable it using the "-monitor-targets" or "-mt" command
Remove duplicate PoC: hikvision-applyct-fastjson-rce
新增
使用 YAML 编写 TCP/UDP 的 POC 文件
使用 YAML 调用 Go 语言的 POC 文件
Shiro Key 检测脚本默认检测 20 个 Key
优化
解决 -update 程序更新时的路径错误问题
改进控制台提示信息
禁用 -up 命令,改为自动执行
将反连平台未配置的提示等级改为 Info
默认情况下不会监视目标访问,请使用 "-monitor-targets" 或 "-mt" 命令进行启用
删除重复 PoC: hikvision-applyct-fastjson-rce
Published by zan8in over 1 year ago
Add:
- The result will be written to the JSON file, but it will not include the request and response content.
- Writes a JSON file including all vulnerability results.
- The "disable-output-html" command can be used to prevent the automatic generation of an HTML report, and its priority is higher than the "-o" command.
- PoC script info information adds three fields affected, solutions, and created
Optimization:
- Duplicated PoC removed: springboot-env-unauth
- When performing an update operation, the -up command prompt is not friendly enough
- Scan in order of increasing security risk level
新增:
- 使用命令参数 -json 或 -j,将漏洞结果写入 JSON 文件,不包括 request 和 response
- 使用命令参数 -json-all 或 -ja,将漏洞结果写入 JSON 文件,包括 request 和 response
- 使用 disable-output-html 命令可以禁止生成 HTML 报告,该命令的优先级高于 -o 命令。
- PoC 脚本 info 信息增加 affected、solutions、created 三个字段
优化:
- 已移除重复的PoC: springboot-env-unauth
- 执行更新操作时,-up 命令提示不够友好
- 按照从低到高的安全风险级别顺序进行扫描
- 优化 url.path 编码问题
Published by zan8in over 1 year ago
Urgent update:
BUG:
- Solve the problem that the intranet cannot be used due to
version check
Added:
- command -disable-update-check, -duc disable automatic update check
Revise:
- Now update-poc will be executed automatically, to disable this function, please use -duc command
紧急更新
BUG:
- 解决
版本检查导致内网无法使用问题
新增:
- 命令 -disable-update-check,-duc 禁用自动更新检查
修改:
- 现在 update-poc 会自动执行,禁用这个功能,请使用 -duc 命令