crash.software
Projects
Pull Requests
Issues
Builds
scan4all
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY scan4all Commits 2c3f6f08
🤬

  • 放开包的可见性,将在另外一个项目中中更高层次分布式集成 2022-07-26

  • Loading...
  • 51pwn committed 2 years ago
    2c3f6f08
    1 parent 329ed5cd
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2017/CVE-2017-0929.yaml
    skipped 3 lines
    4 4   name: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery
    5 5   author: charanrayudu,meme-lord
    6 6   severity: high
    7  - description: DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
     7 + description: DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about nclruner network resources.
    8 8   reference:
    9 9   - https://hackerone.com/reports/482634
    10 10   - https://nvd.nist.gov/vuln/detail/CVE-2017-0929
    skipped 26 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2017/CVE-2017-9506.yaml
    skipped 3 lines
    4 4   name: Jira IconURIServlet SSRF
    5 5   author: pdteam
    6 6   severity: medium
    7  - description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
     7 + description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of nclruner network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
    8 8   reference:
    9 9   - http://dontpanic.42.nl/2017/12/there-is-proxy-in-your-atlassian.html
    10 10   - https://ecosystem.atlassian.net/browse/OAUTH-344
    skipped 21 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2018/CVE-2018-17246.yaml
    skipped 25 lines
    26 26   matchers:
    27 27   - type: word
    28 28   words:
    29  - - "\"message\":\"An internal server error occurred\""
     29 + - "\"message\":\"An nclruner server error occurred\""
    30 30   part: body
    31 31   
    32 32   - type: word
    skipped 12 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2019/CVE-2019-14312.yaml
    skipped 3 lines
    4 4   name: Aptana Jaxer 1.0.3.4547 - Local File inclusion
    5 5   author: daffainfo
    6 6   severity: medium
    7  - description: Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
     7 + description: Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read nclruner files on the server via a tools/sourceViewer/index.html?filename=../ URI.
    8 8   reference:
    9 9   - https://www.exploit-db.com/exploits/47214
    10 10   - https://www.cvedetails.com/cve/CVE-2019-14312
    skipped 25 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2019/CVE-2019-8451.yaml
    skipped 3 lines
    4 4   name: JIRA SSRF in the /plugins/servlet/gadgets/makeRequest resource
    5 5   author: TechbrunchFR
    6 6   severity: medium
    7  - description: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability
     7 + description: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of nclruner network resources via a Server Side Request Forgery (SSRF) vulnerability
    8 8   due to a logic bug in the JiraWhitelist class.
    9 9   reference:
    10 10   - https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
    skipped 27 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2020/CVE-2020-15148.yaml
    skipped 27 lines
    28 28   - type: word
    29 29   words:
    30 30   - "total"
    31  - - "An internal server error occurred."
     31 + - "An nclruner server error occurred."
    32 32   condition: and
    33 33   
    34 34   - type: status
    skipped 5 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2020/CVE-2020-15505.yaml
    skipped 2 lines
    3 3  # THIS TEMPLATE IS ONLY FOR DETECTING
    4 4  # To carry out further attacks, please see reference[2] below.
    5 5  # This template works by passing a Hessian header, otherwise;
    6  -# it will return a 403 or 500 internal server error. Reference[3].
     6 +# it will return a 403 or 500 nclruner server error. Reference[3].
    7 7   
    8 8  info:
    9 9   name: MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution
    skipped 37 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2020/CVE-2020-28976.yaml
    skipped 3 lines
    4 4   name: Wordpress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated)
    5 5   author: LogicalHunter
    6 6   severity: medium
    7  - description: The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker to make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.
     7 + description: The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker to make a request to any nclruner and external server via /includes/lib/detail.php?subdomain=SSRF.
    8 8   reference:
    9 9   - https://www.exploit-db.com/exploits/49189
    10 10   - https://nvd.nist.gov/vuln/detail/CVE-2020-28976
    skipped 22 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2020/CVE-2020-6308.yaml
    skipped 3 lines
    4 4   name: Unauthenticated Blind SSRF in SAP
    5 5   author: madrobot
    6 6   severity: medium
    7  - description: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
     7 + description: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the nclruner network which is otherwise not accessible externally. On successful exploitation, attacker can scan nclruner network to determine nclruner infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
    8 8   reference:
    9 9   - https://github.com/InitRoot/CVE-2020-6308-PoC
    10 10   - https://launchpad.support.sap.com/#/notes/2943844
    skipped 21 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-21287.yaml
    skipped 36 lines
    37 37   
    38 38   - type: word
    39 39   words:
    40  - - "We encountered an internal error"
     40 + - "We encountered an nclruner error"
    41 41   
    42 42  # Enhanced by mp on 2022/06/27
    43 43   
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-25118.yaml
    skipped 3 lines
    4 4   name: Yoast SEO < 17.3 - Path Disclosure
    5 5   author: DhiyaneshDK
    6 6   severity: medium
    7  - description: The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
     7 + description: The plugin discloses the full nclruner path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
    8 8   reference:
    9 9   - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550
    10 10   - https://nvd.nist.gov/vuln/detail/CVE-2021-25118
    skipped 36 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-33221.yaml
    skipped 3 lines
    4 4   name: CommScope Ruckus IoT Controller - Information Disclosure
    5 5   author: geeknik
    6 6   severity: critical
    7  - description: CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for time and host resolution. It also includes the internal hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).
     7 + description: CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for time and host resolution. It also includes the nclruner hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).
    8 8   reference:
    9 9   - https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf
    10 10   - http://seclists.org/fulldisclosure/2021/May/72
    skipped 34 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-35336.yaml
    skipped 5 lines
    6 6   severity: critical
    7 7   description: Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.
    8 8   reference:
    9  - - https://pratikkhalane91.medium.com/use-of-default-credentials-to-unauthorised-remote-access-of-internal-panel-of-tieline-c1ffe3b3757c
     9 + - https://pratikkhalane91.medium.com/use-of-default-credentials-to-unauthorised-remote-access-of-nclruner-panel-of-tieline-c1ffe3b3757c
    10 10   - https://nvd.nist.gov/vuln/detail/CVE-2021-35336
    11 11   classification:
    12 12   cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    skipped 33 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-46381.yaml
    skipped 3 lines
    4 4   name: D-Link DAP-1620 - Local File Inclusion
    5 5   author: 0x_Akoko
    6 6   severity: high
    7  - description: D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
     7 + description: D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized nclruner files reading [/etc/passwd] and [/etc/shadow].
    8 8   reference:
    9 9   - https://drive.google.com/drive/folders/19OP09msw8l7CJ622nkvnvnt7EKun1eCG?usp=sharing
    10 10   - https://www.dlink.com/en/security-bulletin/
    skipped 23 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2021/CVE-2021-46424.yaml
    skipped 3 lines
    4 4   name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete
    5 5   author: gy741
    6 6   severity: critical
    7  - description: Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
     7 + description: Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system nclruner files, via a DELETE request.
    8 8   reference:
    9 9   - https://dl.packetstormsecurity.net/2205-exploits/tlr2005ksh-filedelete.txt
    10 10   - https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing
    skipped 35 lines
  • ■ ■ ■ ■
    config/nuclei-templates/cves/2022/CVE-2022-23779.yaml
    skipped 3 lines
    4 4   name: Zoho ManageEngine - Internal Hostname Disclosure
    5 5   author: cckuailong
    6 6   severity: medium
    7  - description: Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.
     7 + description: Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The nclruner hostname can be discovered by reading HTTP redirect responses.
    8 8   reference:
    9 9   - https://www.manageengine.com/products/desktop-central/cve-2022-23779.html
    10 10   - https://github.com/fbusr/CVE-2022-23779
    skipped 52 lines
  • ■ ■ ■ ■
    config/nuclei-templates/exposed-panels/barracuda-panel.yaml
    skipped 3 lines
    4 4   name: Barracuda SSL VPN Log In
    5 5   author: dhiyaneshDK
    6 6   severity: info
    7  - description: The Barracuda SSL VPN is an integrated hardware and software solution enabling secure, clientless remote access to internal network resources from any web browser.
     7 + description: The Barracuda SSL VPN is an integrated hardware and software solution enabling secure, clientless remote access to nclruner network resources from any web browser.
    8 8   classification:
    9 9   cwe-id: CWE-200
    10 10   tags: barracuda,panel,vpn
    skipped 18 lines
  • ■ ■ ■ ■
    config/nuclei-templates/exposures/tokens/generic/credentials-disclosure.yaml
    skipped 401 lines
    402 402   - "(?i)[\"']?jdbc[_-]?databaseurl[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    403 403   - "(?i)[\"']?itest[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    404 404   - "(?i)[\"']?ios[_-]?docs[_-]?deploy[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    405  - - "(?i)[\"']?internal[_-]?secrets[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
     405 + - "(?i)[\"']?nclruner[_-]?secrets[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    406 406   - "(?i)[\"']?integration[_-]?test[_-]?appid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    407 407   - "(?i)[\"']?integration[_-]?test[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    408 408   - "(?i)[\"']?index[_-]?name[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    skipped 305 lines
  • ■ ■ ■ ■
    config/nuclei-templates/file/keys/credential-exposure.yaml
    skipped 409 lines
    410 410   - "(?i)[\"']?jdbc[_-]?databaseurl[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    411 411   - "(?i)[\"']?itest[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    412 412   - "(?i)[\"']?ios[_-]?docs[_-]?deploy[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    413  - - "(?i)[\"']?internal[_-]?secrets[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
     413 + - "(?i)[\"']?nclruner[_-]?secrets[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    414 414   - "(?i)[\"']?integration[_-]?test[_-]?appid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    415 415   - "(?i)[\"']?integration[_-]?test[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    416 416   - "(?i)[\"']?index[_-]?name[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
    skipped 305 lines
  • ■ ■ ■ ■
    config/nuclei-templates/file/perl/perl-scanner.yaml
    skipped 94 lines
    95 95   regex:
    96 96   - 'glob'
    97 97   - type: regex
    98  - # Remember that sensitive data get copied on fork. For example, a random number generator's internal state will get duplicated, and the child may start outputting identical number streams.
     98 + # Remember that sensitive data get copied on fork. For example, a random number generator's nclruner state will get duplicated, and the child may start outputting identical number streams.
    99 99   regex:
    100 100   - 'fork'
    101 101   - type: regex
    skipped 5 lines
  • ■ ■ ■ ■
    config/nuclei-templates/iot/targa-camera-ssrf.yaml
    skipped 5 lines
    6 6   severity: high
    7 7   description: Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in the Selea ANPR camera within several functionalities. The application parses user supplied data in the POST JSON parameters
    8 8   'ipnotify_address' and 'url' to construct an image request or check DNS for IP notification. Since no validation is carried out on the parameters, an attacker can specify an external domain and force the application
    9  - to make an HTTP request to an arbitrary destination host. This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the internal network through
     9 + to make an HTTP request to an arbitrary destination host. This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the nclruner network through
    10 10   the affected application.
    11 11   reference:
    12 12   - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5617.php
    skipped 18 lines
  • ■ ■ ■ ■
    config/nuclei-templates/miscellaneous/ntlm-directories.yaml
    skipped 4 lines
    5 5   author: puzzlepeaches,incogbyte
    6 6   severity: info
    7 7   reference:
    8  - - https://medium.com/swlh/internal-information-disclosure-using-hidden-ntlm-authentication-18de17675666
     8 + - https://medium.com/swlh/nclruner-information-disclosure-using-hidden-ntlm-authentication-18de17675666
    9 9   tags: misc,fuzz,windows
    10 10   
    11 11  requests:
    skipped 71 lines
  • ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
    1  -id: aem-querybuilder-internal-path-read
     1 +id: aem-querybuilder-nclruner-path-read
    2 2   
    3 3  info:
    4 4   name: AEM QueryBuilder Internal Path Read
    skipped 26 lines
  • ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/iis-internal-ip-disclosure.yaml
    1  -id: iis-internal-ip-disclosure
     1 +id: iis-nclruner-ip-disclosure
    2 2   
    3 3  info:
    4 4   name: IIS Internal IP Disclosure Template
    skipped 36 lines
  • ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/openbmcs/openbmcs-ssrf.yaml
    skipped 5 lines
    6 6   severity: high
    7 7   description: Unauthenticated Server-Side Request Forgery (SSRF) and Remote File Include (RFI) vulnerability exists in OpenBMCS within its functionalities. The application parses user supplied data in the POST parameter
    8 8   'ip' to query a server IP on port 81 by default. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary
    9  - destination host. This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the internal network through the affected application, allows hijacking
     9 + destination host. This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the nclruner network through the affected application, allows hijacking
    10 10   the current session of the user, execute cross-site scripting code or changing the look of the page and content modification on current display
    11 11   reference:
    12 12   - https://www.exploit-db.com/exploits/50670
    skipped 24 lines
  • ■ ■ ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/proxy/open-proxy-internal.yaml
    1  -id: open-proxy-internal
     1 +id: open-proxy-nclruner
    2 2   
    3 3  info:
    4 4   name: Open Proxy To Internal Network
    5 5   author: sullo
    6 6   severity: high
    7  - description: The host is configured as a proxy which allows access to other hosts on the internal network.
     7 + description: The host is configured as a proxy which allows access to other hosts on the nclruner network.
    8 8   reference:
    9  - - https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/
     9 + - https://blog.projectdiscovery.io/abusing-reverse-proxies-nclruner-access/
    10 10   - https://en.wikipedia.org/wiki/Open_proxy
    11 11   - https://www.acunetix.com/vulnerabilities/web/apache-configured-to-run-as-proxy/
    12 12   classification:
    skipped 102 lines
  • ■ ■ ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/proxy/open-proxy-localhost.yaml
    skipped 3 lines
    4 4   name: Open Proxy to Other Web Ports via Proxy's localhost Interface
    5 5   author: sullo
    6 6   severity: high
    7  - description: The host is configured as a proxy which allows access to web ports on the host's internal interface.
     7 + description: The host is configured as a proxy which allows access to web ports on the host's nclruner interface.
    8 8   reference:
    9  - - https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/
     9 + - https://blog.projectdiscovery.io/abusing-reverse-proxies-nclruner-access/
    10 10   - https://en.wikipedia.org/wiki/Open_proxy
    11 11   - https://www.acunetix.com/vulnerabilities/web/apache-configured-to-run-as-proxy/
    12 12   classification:
    skipped 52 lines
  • ■ ■ ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/proxy/open-proxy-portscan.yaml
    skipped 3 lines
    4 4   name: Open Proxy to Ports on the Proxy's localhost Interface
    5 5   author: sullo
    6 6   severity: high
    7  - description: The host is configured as a proxy which allows access to its internal interface
     7 + description: The host is configured as a proxy which allows access to its nclruner interface
    8 8   reference:
    9  - - https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/
     9 + - https://blog.projectdiscovery.io/abusing-reverse-proxies-nclruner-access/
    10 10   - https://en.wikipedia.org/wiki/Open_proxy
    11 11   - https://www.acunetix.com/vulnerabilities/web/apache-configured-to-run-as-proxy/
    12 12   classification:
    skipped 53 lines
  • ■ ■ ■ ■
    config/nuclei-templates/misconfiguration/sonarqube-public-projects.yaml
    skipped 4 lines
    5 5   author: sickwell
    6 6   severity: low
    7 7   reference:
    8  - - https://next.sonarqube.com/sonarqube/web_api/api/components/suggestions?internal=true
     8 + - https://next.sonarqube.com/sonarqube/web_api/api/components/suggestions?nclruner=true
    9 9   tags: sonarqube,misconfig
    10 10   
    11 11  requests:
    skipped 18 lines
  • ■ ■ ■ ■ ■ ■
    config/nuclei-templates/vulnerabilities/magento/magento-cacheleak.yaml
    skipped 4 lines
    5 5   author: TechbrunchFR
    6 6   severity: high
    7 7   description: Magento Cacheleak is an implementation vulnerability, result of bad implementation of web-server configuration for Magento platform. Magento was developed to work under the Apache web-server which
    8  - natively works with .htaccess files, so all needed configuration directives specific for various internal Magento folders were placed in .htaccess files. When Magento is installed on web servers that are ignoring
    9  - .htaccess files (such as nginx), an attacker can get access to internal Magento folders (such as the Magento cache directory) and extract sensitive information from cache files.
     8 + natively works with .htaccess files, so all needed configuration directives specific for various nclruner Magento folders were placed in .htaccess files. When Magento is installed on web servers that are ignoring
     9 + .htaccess files (such as nginx), an attacker can get access to nclruner Magento folders (such as the Magento cache directory) and extract sensitive information from cache files.
    10 10   reference:
    11 11   - https://support.hypernode.com/en/best-practices/security/how-to-secure-magento-cacheleak
    12 12   - https://www.acunetix.com/vulnerabilities/web/magento-cacheleak/
    skipped 28 lines
  • ■ ■ ■ ■
    pkg/naabu/v2/pkg/runner/options.go
    skipped 103 lines
    104 104   )
    105 105   
    106 106   flagSet.CreateGroup("rate-limit", "Rate-limit",
    107  - flagSet.IntVar(&options.Threads, "c", 25, "general internal worker threads"),
     107 + flagSet.IntVar(&options.Threads, "c", 25, "general nclruner worker threads"),
    108 108   flagSet.IntVar(&options.Rate, "rate", DefaultRateSynScan, "packets to send per second"),
    109 109   )
    110 110   
    skipped 155 lines
  • ■ ■ ■ ■
    pkg/naabu/v2/pkg/scan/scan.go
    skipped 20 lines
    21 21   "golang.org/x/net/proxy"
    22 22  )
    23 23   
    24  -// State determines the internal scan state
     24 +// State determines the nclruner scan state
    25 25  type State int
    26 26   
    27 27  const (
    skipped 543 lines
  • pocs_go/weblogic/CVE_2019_2725.go
    Unable to diff as some line is too long.
  • pocs_go/weblogic/CVE_2019_2729.go
    Unable to diff as some line is too long.
  • ■ ■ ■ ■
    pocs_yml/ymlFiles/kibana-cve-2018-17246.yml
    skipped 7 lines
    8 8   method: GET
    9 9   path: /api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd
    10 10   follow_redirects: false
    11  - expression: response.headers["kbn-name"] == "kibana" && response.content_type.contains("application/json") && response.body.bcontains(bytes("\"statusCode\":500")) && response.body.bcontains(bytes("\"message\":\"An internal server error occurred\""))
     11 + expression: response.headers["kbn-name"] == "kibana" && response.content_type.contains("application/json") && response.body.bcontains(bytes("\"statusCode\":500")) && response.body.bcontains(bytes("\"message\":\"An nclruner server error occurred\""))
    12 12  expression: r0()
    13 13  detail:
    14 14   author: canc3s(https://github.com/canc3s)
    skipped 5 lines
  • projectdiscovery/nuclei_Yaml/internal/colorizer/colorizer.go projectdiscovery/nuclei_Yaml/nclruner/colorizer/colorizer.go
    Content is identical
  • projectdiscovery/nuclei_Yaml/internal/runner/banner.go projectdiscovery/nuclei_Yaml/nclruner/runner/banner.go
    Content is identical
  • projectdiscovery/nuclei_Yaml/internal/runner/defaults.go projectdiscovery/nuclei_Yaml/nclruner/runner/defaults.go
    Content is identical
  • projectdiscovery/nuclei_Yaml/internal/runner/doc.go projectdiscovery/nuclei_Yaml/nclruner/runner/doc.go
    Content is identical
  • projectdiscovery/nuclei_Yaml/internal/runner/healthcheck.go projectdiscovery/nuclei_Yaml/nclruner/runner/healthcheck.go
    Content is identical
  • ■ ■ ■ ■
    projectdiscovery/nuclei_Yaml/internal/runner/options.go projectdiscovery/nuclei_Yaml/nclruner/runner/options.go
    skipped 69 lines
    70 70   // Load the resolvers if user asked for them
    71 71   loadResolvers(options)
    72 72   
    73  - // removes all cli variables containing payloads and add them to the internal struct
     73 + // removes all cli variables containing payloads and add them to the nclruner struct
    74 74   for key, value := range options.Vars.AsMap() {
    75 75   if fileutil.FileExists(value.(string)) {
    76 76   _ = options.Vars.Del(key)
    skipped 132 lines
  • projectdiscovery/nuclei_Yaml/internal/runner/proxy.go projectdiscovery/nuclei_Yaml/nclruner/runner/proxy.go
    Content is identical
  • ■ ■ ■ ■
    projectdiscovery/nuclei_Yaml/internal/runner/runner.go projectdiscovery/nuclei_Yaml/nclruner/runner/runner.go
    skipped 19 lines
    20 20   "go.uber.org/atomic"
    21 21   "go.uber.org/ratelimit"
    22 22   
    23  - "github.com/hktalent/scan4all/projectdiscovery/nuclei_Yaml/internal/colorizer"
     23 + "github.com/hktalent/scan4all/projectdiscovery/nuclei_Yaml/nclruner/colorizer"
    24 24   "github.com/projectdiscovery/gologger"
    25 25   "github.com/projectdiscovery/nuclei/v2/pkg/catalog"
    26 26   "github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
    skipped 618 lines
  • projectdiscovery/nuclei_Yaml/internal/runner/templates.go projectdiscovery/nuclei_Yaml/nclruner/runner/templates.go
    Content is identical
  • ■ ■ ■ ■
    projectdiscovery/nuclei_Yaml/internal/runner/update.go projectdiscovery/nuclei_Yaml/nclruner/runner/update.go
    skipped 199 lines
    200 200   return latestVersion, currentVersion, nil
    201 201  }
    202 202   
    203  -// readInternalConfigurationFile reads the internal configuration file for nuclei
     203 +// readInternalConfigurationFile reads the nclruner configuration file for nuclei
    204 204  func (r *Runner) readInternalConfigurationFile(configDir string) error {
    205 205   templatesConfigFile := filepath.Join(configDir, nucleiConfigFilename)
    206 206   if _, statErr := os.Stat(templatesConfigFile); !os.IsNotExist(statErr) {
    skipped 404 lines
  • ■ ■ ■ ■ ■ ■
    projectdiscovery/nuclei_Yaml/nuclei_yaml.go
    skipped 3 lines
    4 4   "bytes"
    5 5   "encoding/json"
    6 6   "github.com/hktalent/scan4all/lib/util"
    7  - runner2 "github.com/hktalent/scan4all/projectdiscovery/nuclei_Yaml/internal/runner"
     7 + runner2 "github.com/hktalent/scan4all/projectdiscovery/nuclei_Yaml/nclruner/runner"
    8 8   "github.com/projectdiscovery/fileutil"
    9 9   "github.com/projectdiscovery/goflags"
    10 10   "github.com/projectdiscovery/gologger"
    skipped 298 lines
    309 309   // flagSet.BoolVarP(&options.DebugRequests, "debug-req", "dreq", false, "show all sent requests"),
    310 310   // flagSet.BoolVarP(&options.DebugResponse, "debug-resp", "dresp", false, "show all received responses"),
    311 311   // flagSet.NormalizedOriginalStringSliceVarP(&options.Proxy, "proxy", "p", []string{}, "list of http/socks5 proxy to use (comma separated or file input)"),
    312  - // flagSet.BoolVarP(&options.ProxyInternal, "proxy-internal", "pi", false, "proxy all internal requests"),
     312 + // flagSet.BoolVarP(&options.ProxyInternal, "proxy-nclruner", "pi", false, "proxy all nclruner requests"),
    313 313   // flagSet.StringVarP(&options.TraceLogFile, "trace-log", "tlog", "", "file to write sent requests trace log"),
    314 314   // flagSet.StringVarP(&options.ErrorLogFile, "error-log", "elog", "", "file to write sent requests error log"),
    315 315   // flagSet.BoolVar(&options.Version, "version", false, "show nuclei version"),
    skipped 65 lines
  • ■ ■ ■ ■
    static/usage.md
    skipped 23 lines
    24 24   -exclude-cdn, -ec skip full port scans for CDN's (only checks for 80,443)
    25 25   
    26 26  RATE-LIMIT:
    27  - -c int general internal worker threads (default 25)
     27 + -c int general nclruner worker threads (default 25)
    28 28   -rate int packets to send per second (default 1000)
    29 29   
    30 30  OUTPUT:
    skipped 36 lines
Please wait...
Page is in error, reload to recover