crash.software
Projects
Pull Requests
Issues
Builds
afrog
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY afrog Commits 9a4fffa3
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■
    README.md
    1 1  <h1 align="center">afrog</h1>
    2  -<p align="center">Fast and customisable vulnerability scanner based on simple YAML based CEL-GO.<br/>❤️POC <b>[425]</b> <br/>��Like please tag stars��⭐</p>
     2 +<p align="center">Fast and customisable vulnerability scanner based on simple YAML based CEL-GO.<br/>❤️POC <b>[434]</b> <br/>��Like please tag stars��⭐</p>
    3 3   
    4 4  <p align="center" dir="auto">
    5 5   <a href="https://github.com/zan8in/afrog/tree/main/afrog-pocs">POC directory</a> •
    skipped 224 lines
  • ■ ■ ■ ■
    README_zh.md
    1 1  <h1 align="center">afrog</h1>
    2  -<p align="center">一款基于 YAML 语法模板的定制化快速漏洞扫描器<br/>❤️POC 欢迎投递<br/>共 <b>[425]</b> 个<br/>��喜欢请点赞��⭐,不迷路</p>
     2 +<p align="center">一款基于 YAML 语法模板的定制化快速漏洞扫描器<br/>❤️POC 欢迎投递<br/>共 <b>[434]</b> 个<br/>��喜欢请点赞��⭐,不迷路</p>
    3 3   
    4 4  <p align="center" dir="auto">
    5 5   <a href="https://github.com/zan8in/afrog/tree/main/afrog-pocs">POC 仓库</a> •
    skipped 220 lines
  • ■ ■ ■ ■ ■ ■
    pocs/phpmyadmin-misconfiguration.yaml
     1 +id: phpmyadmin-misconfiguration
     2 + 
     3 +info:
     4 + name: Sensitive data exposure
     5 + author: pussycat0x
     6 + severity: high
     7 + description: Unauthenticated phpmyadmin leads to exposure of sensitive information
     8 + reference:
     9 + - https://www.exploit-db.com/ghdb/6997
     10 + 
     11 +rules:
     12 + r0:
     13 + request:
     14 + method: GET
     15 + path: /phpmyadmin/index.php?db=information_schema
     16 + expression: |
     17 + response.status == 200 && response.body.bcontains(b'var db = 'information_schema';') && response.body.bcontains(b'var opendb_url = 'db_structure.php';')
     18 + r1:
     19 + request:
     20 + method: GET
     21 + path: /phpMyAdmin/index.php?db=information_schema
     22 + expression: |
     23 + response.status == 200 && response.body.bcontains(b'var db = 'information_schema';') && response.body.bcontains(b'var opendb_url = 'db_structure.php';')
     24 +expression: r0() || r1()
  • ■ ■ ■ ■ ■ ■
    pocs/phpmyadmin-setup.yaml
     1 +id: phpmyadmin-setup
     2 + 
     3 +info:
     4 + name: Publicly Accessible Phpmyadmin Setup
     5 + author: sheikhrishad,thevillagehacker
     6 + severity: medium
     7 + 
     8 +rules:
     9 + r0:
     10 + request:
     11 + method: GET
     12 + path: /phpmyadmin/scripts/setup.php
     13 + expression: |
     14 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     15 + r1:
     16 + request:
     17 + method: GET
     18 + path: /_phpmyadmin/scripts/setup.php
     19 + expression: |
     20 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     21 + r2:
     22 + request:
     23 + method: GET
     24 + path: /forum/phpmyadmin/scripts/setup.php
     25 + expression: |
     26 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     27 + r3:
     28 + request:
     29 + method: GET
     30 + path: /php/phpmyadmin/scripts/setup.php
     31 + expression: |
     32 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     33 + r4:
     34 + request:
     35 + method: GET
     36 + path: /typo3/phpmyadmin/scripts/setup.php
     37 + expression: |
     38 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     39 + r5:
     40 + request:
     41 + method: GET
     42 + path: /web/phpmyadmin/scripts/setup.php
     43 + expression: |
     44 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     45 + r6:
     46 + request:
     47 + method: GET
     48 + path: /xampp/phpmyadmin/scripts/setup.php
     49 + expression: |
     50 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     51 + r7:
     52 + request:
     53 + method: GET
     54 + path: /sysadmin/phpMyAdmin/scripts/setup.php
     55 + expression: |
     56 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     57 + r8:
     58 + request:
     59 + method: GET
     60 + path: /phpmyadmin/setup/index.php
     61 + expression: |
     62 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     63 + r9:
     64 + request:
     65 + method: GET
     66 + path: /pma/setup/index.php
     67 + expression: |
     68 + response.status == 200 && response.body.bcontains(b'You want to configure phpMyAdmin using web interface') && response.body.bcontains(b'<title>phpMyAdmin setup</title>')
     69 +expression: r0() || r1() || r2() || r3() || r4() || r5() || r6() || r7() || r8() || r9()
  • ■ ■ ■ ■ ■ ■
    pocs/pma-server-import.yaml
     1 +id: pma-server-import
     2 + 
     3 +info:
     4 + name: PhpMyAdmin Server Import
     5 + author: Cristi vlad (@cristivlad25)
     6 + severity: high
     7 + description: Finds Unauthenticated PhpMyAdmin Server Import Pages.
     8 + 
     9 +rules:
     10 + r0:
     11 + request:
     12 + method: GET
     13 + path: /pma/server_import.php
     14 + expression: |
     15 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     16 + r1:
     17 + request:
     18 + method: GET
     19 + path: /phpmyadmin/server_import.php
     20 + expression: |
     21 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     22 + r2:
     23 + request:
     24 + method: GET
     25 + path: /phpMyAdmin 2/server_import.php
     26 + expression: |
     27 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     28 + r3:
     29 + request:
     30 + method: GET
     31 + path: /db/server_import.php
     32 + expression: |
     33 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     34 + r4:
     35 + request:
     36 + method: GET
     37 + path: /server_import.php
     38 + expression: |
     39 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     40 + r5:
     41 + request:
     42 + method: GET
     43 + path: /PMA/server_import.php
     44 + expression: |
     45 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     46 + r6:
     47 + request:
     48 + method: GET
     49 + path: /admin/server_import.php
     50 + expression: |
     51 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     52 + r7:
     53 + request:
     54 + method: GET
     55 + path: /admin/pma/server_import.php
     56 + expression: |
     57 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     58 + r8:
     59 + request:
     60 + method: GET
     61 + path: /phpMyAdmin/server_import.php
     62 + expression: |
     63 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     64 + r9:
     65 + request:
     66 + method: GET
     67 + path: /admin/phpMyAdmin/server_import.php
     68 + expression: |
     69 + response.status == 200 && response.body.bcontains(b'File to import') && response.body.bcontains(b'Location of the text file')
     70 +expression: r0() || r1() || r2() || r3() || r4() || r5() || r6() || r7() || r8() || r9()
Please wait...
Page is in error, reload to recover