Shulou(Shulou.com)05/31 Report--

This article mainly shows you "what a tool Vulmap is". The content is simple and clear. I hope it can help you solve your doubts. Let the editor lead you to study and learn this article "what is Vulmap?"

Vulmap

Vulmap is a powerful Web vulnerability scanning and verification tool, which can scan Web containers, Web servers, Web middleware, CMS and other Web programs, and has the function of vulnerability exploitation. The majority of security researchers can use Vulmap to detect whether the target has specific vulnerabilities, and can use the vulnerability exploitation function to verify the real existence of vulnerabilities.

Vulmap currently has vulnerability scanning (poc) and vulnerability exploitation (exp) modes. Use "- m" to select which mode to use, default poc mode, and support "- f" batch target scanning, "- o" file output results and other major functions in poc mode. For more functions, please see options or python3 vulmap.py-h. Poc function will no longer be available in vulnerability exploitation exp mode. Instead, the vulnerability is exploited directly, and the results are fed back to further verify whether the vulnerability exists and can be exploited.

Tool installation

First, we need to install and configure the Python 3 environment on our local system, and we recommend Python 3.7 or later.

Researchers can use the following commands to clone the source code of the project locally and complete the installation and configuration of dependent components and tools:

Dependent environment pip install-r requirements.txt# Linux & MacOS & Windowspython vulmap.py-u http://example.com tool options required for git clone https://github.com/zhzyker/vulmap.git# installation optional parameter:-h,-- help displays this help message and exits-u URL,-- url URL target URL (example:-u "http://example.com")-f FILE -- file FILE selects a target list file. Each url must be distinguished by lines (example:-f "/ home/user/list.txt")-m MODE.-- mode MODE mode supports "poc" and "exp". You can omit this option and enter "poc" mode-an APP by default. -- app APP specifies Web container, Web server, Web middleware or CMD (for example: "weblogic") if it is not specified, it scans all-c CMD by default,-- cmd CMD custom commands executed by remote commands, defaults to echo-v VULN,-- vuln VULN exploits the vulnerability, and requires specifying the vulnerability number (example:-v "CVE-2020-2729")-o -- output FILE text mode output result (example:-o "result.txt")-- list displays a list of supported vulnerabilities-- debug Debug mode, showing request and responses-- delay DELAY delay time, how often is sent. Default 0s-timeout TIMEOUT timeout The default 10s tool uses samples to test all vulnerabilities PoC:python3 vulmap.py-u http://example.com for RCE vulnerabilities, custom commands to detect whether there are vulnerabilities For example, use DNSlog:python3 vulmap.py-u http://example.com-c "ping xxx.xxx" to check whether there are struts2 vulnerabilities in http://example.com for vulnerabilities that are not returned: python3 vulmap.py-u http://example.com-a struts2python3 vulmap.py-u http://example.com-m poc-a struts2 WebLogic CVE-2019-2729 exploits for http://example.com:7001: python3 vulmap.py-u http:/ / example.com:7001-v CVE-2019-2729python3 vulmap.py-u http://example.com:7001-m exp-v CVE-2019-2729 batch scan url:python3 vulmap.py-f list.txt scan results in list.txt are exported to result.txt:python3 vulmap.py-u http://example.com:7001-o result.txt supported leak list 8.5.3 (except 8.4.8) drupalgeddon2 rce | | Drupal | | CVE-2019-6340 | Y | Y | < 8.6.10 | Drupal core restful remote code execution | | Elasticsearch | CVE-2014-3120 | Y | Y | < 1.2, elasticsearch remote code execution | | Elasticsearch | CVE-2015-1427 | Y | Y | 1.4.0 < 1.4.3, elasticsearch remote code execution | | Jenkins | CVE-2017-1000353 | Y | N |

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.