afrog | Go Ecosystem Directory

Bot releases are hidden (Show)

Published by zan8in 8 months ago

反连功能大更新

新增 -oob 参数，指定扫描使用的反连平台，默认 ceyeio，目前支持平台：ceyeio、dnslogcn、alphalog(自搭建)、eyes(自搭建)。陆续还会增加新的反连平台支持，欢迎推荐反连平台。
afrog -t example.com -oob dnslogcn
新增 oob 功能，代替旧版 reverse（将废弃）。具体用法：

id: oob-demo
set:
    oob: oob()
    oobHTTP: oob.HTTP // http://xxxxxx.dnslog.cn
    oobDNS: oob.DNS // xxxxxx.dnslog.cn
rules:
    r0:
        request:
            method: GET
            path: /?url={{oobHTTP}}
        expression: oobcheck(oob,"http",3)
    r1:
        request:
            method: POST
            path: /test
            body: cmd=ping+{{oobDNS}}
        expression: oobcheck(oob,"dns",3)
expression: r0() || r1()

oob(): 声明一个 oob 对象
oobHTTP: 获取 http 协议信息 http://xxxxxx.dnslog.cn/
oobDNS: 获取 dns 协议信息 xxxxxx.dnslog.cn
oobcheck(oob, "dns", 3)：检查反连结果，参数1是 oob 对象，参数2是检查的协议 http 或 dns，参数3是验证请求延时访问时间（秒）

废弃 reverse.jndi 相关功能，由 oob.DNS 代替

新版反连示例

afrog -t example.com -oob dnslogcn  // 使用 dnslog.cn
afrog -t example.com -oob alphalog   // 使用 alphalog ，需自搭建反连服务
afrog -t example.com -oob xray     // 使用 xray 反连，需自搭建反连服务
afrog -t example.com                // 默认使用 ceyeio

注意事项

随着新版本的发布，所有历史 PoC 的 newReverse() 方法均已升级为新版的 oob() 方法。为确保兼容性和功能完整性，我们强烈建议所有用户尽快升级至 3.0.1 版本。否则，之后的版本可能无法支持旧版的反连功能。

新版 oob() 功能需要修改 afrog-config.yaml 配置文件
afrog-config.yaml 会自动创建在 c:/users/yourname/.config/afrog/afrog-config.yaml ，linux系统是 ~/.config/afrog/afrog-config.yaml 文件。

afrog-config.yaml 配置如下：

server: :16868
reverse:
  ceye:
    api-key: "your ceye api key"
    domain: "your ceye"
  dnslogcn:
    domain: dnslog.cn
  jndi:
    jndi_address: ""
    ldap_port: ""
    api_port: ""
  eye:
    host: ""
    token: ""
    domain: ""
  alphalog:
    domain: yourdnslog.sh
    api_url: "http://yourdnslog.sh/"
  xray:
    x_token: "xraytest"
    domain: dnslogus.top
    api_url: "http://x.1x.0.xx:8777"
webhook:
  dingtalk:
    tokens:
      - ""
    at_mobiles:
      - ""
    at_all: false
    range: high,critical
cyberspace:
  zoom_eyes:
    - ""

afrog - Release 3.0.0 人生如戏.戏如梦

Published by zan8in 8 months ago

就是换了个大版本号，啥也没怎么动，就是这么任性 ^_^

【新增】Repeat 函数，重复一个字符串多次，并返回重复后的字符串。用法： repeat("a", 8179) 返回一个由字符 "a" 重复 8179 次组成的字符串。
【优化】可恨的Windows命令行不支持漂亮的进度条，所以我只能简化显示。

afrog - v2.6.1

Published by zan8in over 1 year ago

We have performed urgent repairs on Yonyou NC PoCs to ensure accurate vulnerability scanning. Thank you, @wuha0926 , for discovering and assisting in resolving the issue.
Thank you, @zhizhuoshuma, for optimizing the kingdee-erp-binaryformatterproxy-deserial PoCs.

我们已对 Yonyou NC PoCs 进行紧急修复，以确保扫描能够准确检测漏洞，感谢 @wuha0926 发现并协助修复问题。
感谢 @zhizhuoshuma 对 kingdee-erp-binaryformatterproxy-deserial PoCs 进行优化。

afrog - v2.6.0 月亮代表我的心

Published by zan8in over 1 year ago

The moon represents my heart.
Add:

The new feature, -append-poc / -ap, allows specifying one or multiple PoC files or directories to be merged with the built-in PoC for scanning together.
Rawhttp supports HTTP/socks5 proxies.
Celebrate! The total number of Afro PoCs has exceeded 1000! The current total is 1018.

月亮代表我的心
新增

新增 -append-poc / -ap 功能，允许指定一个或多个PoC文件或目录，以与内置PoC合并后一起进行扫描。
rawhttp 支持 HTTP/socks5 代理
庆祝！afrog PoC 的总数突破了1000个！目前总数为1018个。

afrog - v2.5.6

Published by zan8in over 1 year ago

We have fixed a potential false-positive issue with PoC CVE-2022-23131, making it more reliable and accurate in detecting actual vulnerabilities.

afrog - v2.5.5

Published by zan8in over 1 year ago

Fix:

Fix -pd command, some PoC content is not printed completely

修复：

修复 -pd 命令，部分 PoC 内容打印不全问题

PoC:

累计：951

afrog - v2.5.3

Published by zan8in over 1 year ago

Add:
-target / -t now supports multiple URLs, such as: afrog -t example.com,hackerone.com,nmap.org
Add JNDI reverse connection functionality.
Add the afrog calling library and a demonstration example.

新增：
-target / -t 现在支持多个 URL，比如：afrog -t example.com,hackerone.com,nmap.org
添加 JNDI 反连功能
添加 afrog 调用库和演示示例

afrog - v2.5.2

Published by zan8in over 1 year ago

Add:
-mrbs Dynamically set the maximum size of the http response body (default 2m)
remove poc shiro-key-detect

新增：
命令 -mrbs 动态设置 http 响应 body 的最大值（默认 2m）
删除 PoC shiro-key-detect

afrog - v2.5.1

Published by zan8in over 1 year ago

Add
Writing TCP/UDP POC files using YAML
Writing POC files for Go programming language using YAML
The Shiro Key detection script by default checks 20 keys.
Optimization
Resolve the path error issue during program updates with the "-update" command.
Enhance the console prompt messages
Disable the "-up" command and switch to automatic execution.
Change the notification level for the unconfigured reverse connection platform to Info
By default, target access is not monitored. Please enable it using the "-monitor-targets" or "-mt" command
Remove duplicate PoC: hikvision-applyct-fastjson-rce
新增
使用 YAML 编写 TCP/UDP 的 POC 文件
使用 YAML 调用 Go 语言的 POC 文件
Shiro Key 检测脚本默认检测 20 个 Key
优化
解决 -update 程序更新时的路径错误问题
改进控制台提示信息
禁用 -up 命令，改为自动执行
将反连平台未配置的提示等级改为 Info
默认情况下不会监视目标访问，请使用 "-monitor-targets" 或 "-mt" 命令进行启用
删除重复 PoC: hikvision-applyct-fastjson-rce

afrog - v2.3.2

Published by zan8in over 1 year ago

Add:

The result will be written to the JSON file, but it will not include the request and response content.
Writes a JSON file including all vulnerability results.
The "disable-output-html" command can be used to prevent the automatic generation of an HTML report, and its priority is higher than the "-o" command.
PoC script info information adds three fields affected, solutions, and created

Optimization:

Duplicated PoC removed: springboot-env-unauth
When performing an update operation, the -up command prompt is not friendly enough
Scan in order of increasing security risk level

新增：

使用命令参数 -json 或 -j，将漏洞结果写入 JSON 文件，不包括 request 和 response
使用命令参数 -json-all 或 -ja，将漏洞结果写入 JSON 文件，包括 request 和 response
使用 disable-output-html 命令可以禁止生成 HTML 报告，该命令的优先级高于 -o 命令。
PoC 脚本 info 信息增加 affected、solutions、created 三个字段

优化：

已移除重复的PoC: springboot-env-unauth
执行更新操作时，-up 命令提示不够友好
按照从低到高的安全风险级别顺序进行扫描
优化 url.path 编码问题

afrog - v2.3.1

Published by zan8in over 1 year ago

Urgent update:

BUG:

Solve the problem that the intranet cannot be used due to version check

Added:

command -disable-update-check, -duc disable automatic update check

Revise:

Now update-poc will be executed automatically, to disable this function, please use -duc command

紧急更新

BUG：

解决 版本检查 导致内网无法使用问题

新增：

命令 -disable-update-check，-duc 禁用自动更新检查

修改：

现在 update-poc 会自动执行，禁用这个功能，请使用 -duc 命令

afrog - v2.3.0

Published by zan8in over 1 year ago

Added:

command -poc-detail / -pd, view poc details (full file name, no suffix)
Command -monitor-targets / -mt, monitor target survival in real time during scanning, enabled by default

Optimization:

Command -poc-list / -pl, view poc list (file name, vulnerability name, vulnerability level and author)

新增：

命令 -poc-detail / -pd，查看 poc 详情 (完整文件名，后缀可无)
命令 -monitor-targets / -mt，在扫描中实时监控目标存活，默认开启

优化：

命令 -poc-list / -pl，查看 poc 列表（文件名、漏洞名、漏洞等级和作者）

afrog - Release 2.2.2 Zhang Jike, I advise you to be kind

Published by zan8in over 1 year ago

bug:

Fix afrog html report XSS vulnerability

optimization:

Simplified URL blacklist mechanism
Optimize http/s detection function
Optimized file upload (all) PoC
Optimize RCE (all) PoC

delete:

Remove Fingerprint fingerprint recognition and command parameters (replacement tool pyxis)
Remove uncommon command parameters

PoC:

Added 52 PoCs
Validate and optimize n multiple PoCs
Remove PoC csz-cms-multiple-blind-sql-injection
Remove PoC phpstudy-nginx-wrong-resolve
Built-in several private PoC

修复：
- 修复 afrog html 报告 XSS 漏洞

优化：
- 简化 URL 黑名单机制
- 优化 http/s 检测功能
- 优化文件上传 (所有) PoC
- 优化 RCE (所有) PoC

删除：
- 去掉 Fingerprint 指纹识别及命令参数 (替代工具 pyxis)
- 去掉不常用命令参数

PoC:
- 新增 52 PoC
- 验证和优化 n 多个 PoC
- 删除 PoC csz-cms-multiple-blind-sql-injection
- 删除 PoC phpstudy-nginx-wrong-resolve
- 内置几个 private PoC

afrog - Release 2.2.1 The Wandering Earth II

Published by zan8in over 1 year ago

Merge many fingerprint pocs into the panel-detect.yaml file to reduce the number of http requests
Console print date format, 2023-01-01 changed to 01-01
Simplified afrog-config configuration

Fixed: invalid -fc configuration
Tip: Configure the -c command, which can increase the concurrency speed very quickly

将多个 panel 指纹探测合并到文件 panel-detect.yaml，大幅减少 http 请求
精简控制台日期打印，2023-01-01 改为 01-01
精简 afrog-config 配置信息

解决：-fc 命令配置无效问题
提示：配置 -c 命令能明显提高扫描速度

afrog - v2.2.0 Bright Future

Published by zan8in almost 2 years ago

Added optional -onlyfinger/-of option for fingerprint scan only
Added CEL function year、shortyear、month、day 、timestamp_sencond, eg: tongda-oa-api-ali-upload.yaml
Added Boolean type attribute verified , default false, verified PoC is true
Added rule attribute expressions , a request to verify multiple rules

afrog - v2.1.1 I wanna be one of the great.

Published by zan8in almost 2 years ago

Fixed a bug with high false positives in fingerprint
Added optional -json option for write output in JSON format, eg: -json result.json

afrog - 2.1.0 Lost in your uniqueness even though we are all ordinary.

Published by zan8in almost 2 years ago

新增 -update 将 afrog 引擎更新到最新发布的版本
新增 -proxy 使用 http/socks5 代理列表（逗号分隔或文件输入）
新增 -rate-limit、concurrency、fingerprint-concurrency、max-host-error、retries、timeout 等参数
修复 html 报告（返回多个请求记录）URL 不准确的 BUG
优化 banner 展示界面（模仿 nuclei）
屏蔽 GoPoc 功能（暂时）