ascotbe / medusa Goto Github PK

View Code? Open in Web Editor NEW

2.1K 44.0 337.0 65.03 MB

:cat2:Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

Home Page: http://medusa.ascotbe.com

License: GNU General Public License v3.0

Python 62.61% JavaScript 6.84% HTML 0.07% Vue 29.15% Shell 0.60% Dockerfile 0.72%

poc exp payload medusa cve xss readteam dnslog virus email

medusa's Introduction

Welcome to Medusa

👉About `Medusa`

The project is licensed under GPL.Free for non-commercial use.

Due to the lack of front -end, the project restart time is unknown. If you can provide help, please submit the issue

中文文档 | EnglishDocumentation

💡Document

http://medusa.ascotbe.com

📋`Web` Ver. installation instructions

https://medusa.ascotbe.com/Documentation/#/Installation

👾Web interface

🍀Updating logs

http://medusa.ascotbe.com/Documentation/#/UpDataLog

💚Discussion

If you find that the corresponding vulnerability cannot be scanned by the plug-in, please submit the [Bug] issue
If you have any problems that cannot be solved by the documentation, please submit an issue of [help]
If you have any good comments or ideas, please submit [idea] issue

⚠️Disclaimer

Add the following content to the original protocol:

If there is any ambiguity, the Chinese version of the description shall be the only explanation
Commercial use after secondary development is prohibited in this project
Unauthorized commercial use is prohibited for this project
This project is only for the safe construction activities of enterprises that are legally authorized. When using this project for testing, you should ensure that the behavior complies with local laws and regulations and has obtained sufficient authorization.
If you have any illegal behavior in the process of using this project, you need to bear the corresponding consequences yourself, and we will not bear any legal and joint liabilities.
Before using this project, please read carefully and fully understand the content of each clause. Restrictions, exemption clauses or other clauses involving your major rights and interests may be bolded, underlined, etc. to remind you to pay attention. Unless you have fully read, fully understood and accepted all the terms of this agreement, please do not use this item. Your use behavior or your acceptance of this agreement in any other express or implied manner shall be deemed to have been read and agreed to be bound by this agreement.

🌴Contributors

🏁Timeline

medusa's People

Contributors

Stargazers

Watchers

Forkers

nigacat423 radtek adamin1990 wifido harry1080 thatqier a099 s884812 attackgithub eviladan0s gayhub-blackerie 303donatello iiiusky sry309 jaythespazz jindaxia god-god-god pt001 kpli0rn cclauss songofhack webvul barryzm dumasss163 sumpacle bh2uol yizhimanpadewoniu insightglacier 5up3rc b1gd0g thinks520 arashiailing sholway c0d1007 lubyruffy imulmul totoro1520 lihongdeng htesiege wcxxxxx underwood12 heartsleep thelostworldfree blackmady kq00 h1d3r maikefee pyking 1979139113 zsdlove kingking888 crackercat r4b3rt wuwoweishui happytan555 alanlonglong ershu1 jojoli123 xalxl 876054426 alenihao kong-f yemo-memeda on1sm zk953874391 rassec 5l1v3r1 chdlong sunpeak xiaoyoutai bzlxqxq echocipher mmg1 kenuoseclab sobinge splendidmata j4ckzh0u k4ubb yut0u jerusalemsbell burnymcdull hdyang998 taomamba xisafe quinn-yan egeyyr yzz-00 zerolugithub huangyuan666 02bx happysharegithub nothingonyoumoon soliontheroad secsystem cyhellolab pingyangcst asdfasadfasfa 2b45 flexer2018 chen-alexander

medusa's Issues

[Bug]ValueError: source code string cannot contain null bytes

Describe the bug||描述错误
from Modules.OA.Tongda import TongdaOfficeAnywhereArbitraryFileUploadAndFileInclusionVulnerability
ValueError: source code string cannot contain null bytes

[Bug]执行50%后提示完成，停在Scan is complete, please see the ScanResult file不退出

在执行全部模块扫描时，能够生成扫描结果文件，但有两个问题

模块只扫描到50%,不再继续，直接提示Scan is complete
提示Scan is complete, please see the ScanResult file，但不退出

重现

./python3.9/bin/python MedusaScan.py -u http://192.168.1.1:9090

提示如下

[ + ] Use default port detection module
[ + ] Scanning target domain: http://192.168.1.1:9090
[ + ] Scanning across modules: AllMod
[ + ] Medusa scan progress bar:  50%|####4    | 121/244 [00:01<00:01, 70.89it/s]
[ ! ] Scan is complete, please see the ScanResult file

系统环境

macos 11.1
python3.9.1x64
Medusa 当前git clone

Request failed with status code 404

当前使用的操作系统

macOS
Windows
Linux

描述错误

登录注册界面提示Request failed with status code 404

重现步骤

用的宝塔面板搭建

接口位置

http://medusa.lilysama.top/#/login

日志内容

Please specify a different user using the --uid option.

User information: uid=0 euid=0 gid=0 egid=0

warnings.warn(RuntimeWarning(ROOT_DISCOURAGED.format(

-------------- celery@VM-4-10-ubuntu v5.0.5 (singularity)
--- ***** -----
-- ******* ---- Linux-5.4.0-42-generic-x86_64-with-glibc2.29 2022-05-19 15:21:33

*** --- * ---
** ---------- [config]
** ---------- .> app: Medusa:0x7fdcd62eb6a0
** ---------- .> transport: redis://:**@127.0.0.1:6379/6
** ---------- .> results: redis://:**@127.0.0.1:6379/6
*** --- * --- .> concurrency: 4 (solo)
-- ******* ---- .> task events: OFF (enable -E to monitor tasks in this worker)
--- ***** -----
-------------- [queues]
.> celery exchange=celery(direct) key=celery

[tasks]
. Web.ApplicationCollection.CollectionWork.AppleCollectionWork
. Web.CVE.GithubMonitoring.Github.Monitor
. Web.FileAcquisition.Receive.Pack
. Web.Mail.Email.SendMail
. Web.SystemInfo.HardwareInfo.Monitor
. Web.TrojanOrVirus.TrojanInterface.CompileCode
. Web.TrojanOrVirus.TrojanInterface.CompilePortableExecutableFile

[2022-05-19 15:21:33,250: INFO/Beat] beat: Starting...
[2022-05-19 15:21:33,252: INFO/MainProcess] Connected to redis://:**@127.0.0.1:6379/6
[2022-05-19 15:21:33,255: INFO/MainProcess] mingle: searching for neighbors
[2022-05-19 15:21:33,259: INFO/Beat] Scheduler: Sending due task GithubCveMonitor (Web.CVE.GithubMonitoring.Github.Monitor)
[2022-05-19 15:21:33,266: INFO/Beat] Scheduler: Sending due task HardwareInfoMonitor (Web.SystemInfo.HardwareInfo.Monitor)
[2022-05-19 15:21:34,264: INFO/MainProcess] mingle: all alone
[2022-05-19 15:21:34,272: WARNING/MainProcess] /usr/local/lib/python3.8/dist-packages/celery/fixups/django.py:203: UserWarning: Using settings.DEBUG leads to a memory
leak, never use this setting in production environments!
warnings.warn('''Using settings.DEBUG leads to a memory

[2022-05-19 15:21:34,272: INFO/MainProcess] celery@VM-4-10-ubuntu ready.
[2022-05-19 15:21:34,274: INFO/MainProcess] Received task: Web.CVE.GithubMonitoring.Github.Monitor[3e43d6f6-8907-4774-ba3f-f83beab745ba]
[2022-05-19 15:21:34,912: INFO/MainProcess] Task Web.CVE.GithubMonitoring.Github.Monitor[3e43d6f6-8907-4774-ba3f-f83beab745ba] succeeded in 0.6376296439993894s: None
[2022-05-19 15:21:34,914: INFO/MainProcess] Received task: Web.SystemInfo.HardwareInfo.Monitor[402ae60a-091b-40c5-8eb4-3edabb87417b]
[2022-05-19 15:21:35,916: INFO/MainProcess] Web_DatabaseHub_HardwareUsageRateInfo(class)_init(def)
[2022-05-19 15:21:35,916: WARNING/MainProcess] table HardwareUsageRateInfo already exists
[2022-05-19 15:21:35,925: INFO/MainProcess] Task Web.SystemInfo.HardwareInfo.Monitor[402ae60a-091b-40c5-8eb4-3edabb87417b] succeeded in 1.0106860129999404s: None
[2022-05-19 15:21:53,273: INFO/Beat] Scheduler: Sending due task HardwareInfoMonitor (Web.SystemInfo.HardwareInfo.Monitor)
[2022-05-19 15:21:53,275: INFO/MainProcess] Received task: Web.SystemInfo.HardwareInfo.Monitor[45ffadc6-9373-49a3-b4e3-4f4717190118]
[2022-05-19 15:21:54,277: INFO/MainProcess] Web_DatabaseHub_HardwareUsageRateInfo(class)_init(def)
[2022-05-19 15:21:54,277: WARNING/MainProcess] table HardwareUsageRateInfo already exists
[2022-05-19 15:21:54,286: INFO/MainProcess] Task Web.SystemInfo.HardwareInfo.Monitor[45ffadc6-9373-49a3-b4e3-4f4717190118] succeeded in 1.010255667999445s: None
[2022-05-19 15:22:13,281: INFO/Beat] Scheduler: Sending due task HardwareInfoMonitor (Web.SystemInfo.HardwareInfo.Monitor)
[2022-05-19 15:22:13,283: INFO/MainProcess] Received task: Web.SystemInfo.HardwareInfo.Monitor[6ac1b7ed-cda9-4b31-9780-67916629ed59]
[2022-05-19 15:22:14,285: INFO/MainProcess] Web_DatabaseHub_HardwareUsageRateInfo(class)_init(def)
[2022-05-19 15:22:14,285: WARNING/MainProcess] table HardwareUsageRateInfo already exists
[2022-05-19 15:22:14,294: INFO/MainProcess] Task Web.SystemInfo.HardwareInfo.Monitor[6ac1b7ed-cda9-4b31-9780-67916629ed59] succeeded in 1.0110462570009986s: None
[2022-05-19 15:22:33,264: INFO/Beat] Scheduler: Sending due task GithubCveMonitor (Web.CVE.GithubMonitoring.Github.Monitor)
[2022-05-19 15:22:33,266: INFO/MainProcess] Received task: Web.CVE.GithubMonitoring.Github.Monitor[b99341ea-fd88-4471-a2a0-c37ce1451906]
[2022-05-19 15:22:33,281: INFO/Beat] Scheduler: Sending due task HardwareInfoMonitor (Web.SystemInfo.HardwareInfo.Monitor)
[2022-05-19 15:22:37,927: INFO/MainProcess] Task Web.CVE.GithubMonitoring.Github.Monitor[b99341ea-fd88-4471-a2a0-c37ce1451906] succeeded in 4.66045487700103s: None
[2022-05-19 15:22:37,929: INFO/MainProcess] Received task: Web.SystemInfo.HardwareInfo.Monitor[e991e80d-19dc-443f-9ab1-c410e217855c]
[2022-05-19 15:22:38,931: INFO/MainProcess] Web_DatabaseHub_HardwareUsageRateInfo(class)_init(def)
[2022-05-19 15:22:38,931: WARNING/MainProcess] table HardwareUsageRateInfo already exists
[2022-05-19 15:22:38,939: INFO/MainProcess] Task Web.SystemInfo.HardwareInfo.Monitor[e991e80d-19dc-443f-9ab1-c410e217855c] succeeded in 1.010053665999294s: None

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

美杜莎

need a way to quickly build on localhost

这是一个什么样的功能？

Could you provide a way to build the project in own local environment without domain .Just for test and know about medusa

这个功能可以解决什么问题？

to run in local environment

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

新功能需求

这是一个什么样的功能？

建议增加
1、CVE监控
2、自定义推送功能，可将平台信息通过Server酱、BARK等平台推送到手机
3、部署文档在Ubuntu 20.04.3 LTS已不适用，建议更新。

这个功能可以解决什么问题？

建议增加
1、CVE监控
2、自定义推送功能，可将平台信息通过Server酱、BARK等平台推送到手机
3、部署文档在Ubuntu 20.04.3 LTS已不适用，建议更新。

额外描述

建议增加
1、CVE监控
2、自定义推送功能，可将平台信息通过Server酱、BARK等平台推送到手机
3、部署文档在Ubuntu 20.04.3 LTS已不适用，建议更新。

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

可以不配置域名或证书吗

这是一个什么样的功能？

可以不配置域名或证书吗

这个功能可以解决什么问题？

可以不配置域名或证书吗

额外描述

可以不配置域名或证书吗

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

Windows下运行乱码

环境：python3.7+win10

docker安装失败

当前使用的操作系统

macOS
Windows
Linux

描述错误

部署失败

重现步骤

docker部署失败了

接口位置

https://github.com/Ascotbe/Medusa/

日志内容

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

[help]安装后，第一次使用，报这个错是什么问题？感谢回复

s2wcn@debian:~/Medusa$ sudo python3 MedusaScan.py -u https://www.ascotbe.com
Traceback (most recent call last):
File "MedusaScan.py", line 3, in
from Modules.Confluence import Confluence
File "/home/s2wcn/Medusa/Modules/Confluence/Confluence.py", line 3, in
from Modules.Confluence import AtlassianConfluencePathTraversalAndCommandExecutionVulnerability
File "/home/s2wcn/Medusa/Modules/Confluence/AtlassianConfluencePathTraversalAndCommandExecutionVulnerability.py", line 5, in
import ClassCongregation
File "/home/s2wcn/Medusa/ClassCongregation.py", line 3, in
from fake_useragent import UserAgent
ModuleNotFoundError: No module named 'fake_useragent'

requirement 中的 random 似乎没有这个包

1 bs4
2 fake-useragent
3 requests
4 urllib3
5 python-nmap
6 PyMySQL
7 IPy
8 scrapy
9 tqdm
10 dnspython
11 tldextract
12 random <-------------

dsf

当前使用的操作系统

macOS
Windows
Linux

描述错误

执行./install.sh xxx npm报错

重现步骤

npm ERR! code ENOTFOUND
npm ERR! errno ENOTFOUND
npm ERR! network request to http://registry.cnpmjs.org/highcharts failed, reason: getaddrinfo ENOTFOUND registry.cnpmjs.org registry.cnpmjs.org:80
npm ERR! network This is a problem related to network connectivity.
npm ERR! network In most cases you are behind a proxy or have bad network settings.
npm ERR! network
npm ERR! network If you are behind a proxy, please make sure that the
npm ERR! network 'proxy' config is set properly.  See: 'npm help config'

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2022-10-08T12_07_18_794Z-debug.log
The command '/bin/sh -c npm install highcharts --save  --registry=http://registry.cnpmjs.org' returned a non-zero code: 1
Unable to find image 'medusa_web:latest' locally
docker: Error response from daemon: pull access denied for medusa_web, repository does not exist or may require 'docker login': denied: requested access to the resource is denied.
See 'docker run --help'.

接口位置

lllsdfsdf

日志内容

ssdfsdfsdf

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

关于安装方式的优化

这是一个什么样的功能？

Vue的部分建议直接build好了放到镜像来，docker重编译总会出现很多奇奇怪怪的问题~

PS：你们这个commit记录真的看着不迷糊吗？

这个功能可以解决什么问题？

简化安装

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

使用命令 python3 MedusaScan.py -f -test.txt -PR 1-65535 扫描端口报错

使用命令 python3 MedusaScan.py -f -test.txt -PR 1-65535 扫描端口报错
Process Process-1:
Traceback (most recent call last):
File "/usr/local/python3/lib/python3.8/multiprocessing/process.py", line 315, in _bootstrap
self.run()
File "/usr/local/python3/lib/python3.8/multiprocessing/process.py", line 108, in run
self._target(*self._args, **self._kwargs)
File "MedusaScan.py", line 150, in Port
ClassCongregation.PortScan(Url).Start(**kwargs)
File "/root/Medusa/ClassCongregation.py", line 129, in Start
for Port in self.CustomizePortList:
AttributeError: 'PortScan' object has no attribute 'CustomizePortList'
那个pip3 install -r Medusa.txt 安装时候没有报错 nmap 也安装了

docker 安装报错

安装爆错

当前使用的操作系统

macOS
Windows
Linux

描述错误

系统环境ubuntu18.04

重现步骤

1、使用docker安装，按照文档来，提示Unable to find image 'medusa_web:latest' locally
去dockerhub找了下，没有这个镜像，该如何解决
2、直接http安装，安装步骤来，run.sh执行中爆错，提示80端口已经被占用（服务器新建的服务器，不存在其他任何服务干扰）

接口位置

无

日志内容

无

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

Docker构建和运行出现bug,无法正常运行，多次排查bug仍无法解决&&服务器上运行后崩溃&&登录图片验证码刷新不出来

当前使用的操作系统

macOS
Windows
Linux

描述错误

docker 运行出错，无法成功构建，按照bug排查，尝试了多种可能问题，一天了任无法解决。

重现步骤

1.ascotbe/medusa:latest镜像打包成Medusa.tat.gz放入本地Medusa目录

2.腾讯云服务器和MACOS 上运行docker build -t medusa_web .均报错，无法成功构建
bug1:
#36 3.187 npm ERR! code ENOENT
#36 3.190 npm ERR! syscall open
#36 3.190 npm ERR! path /Medusa/Vue/package.json
#36 3.195 npm ERR! enoent ENOENT: no such file or directory, open '/Medusa/Vue/package.json'
bug2:
Fail at the [email protected] serve script
3.本地服务器搭建后首次运行登录图片验证码无法刷新。重启重新再运行无法跑成功。Vue 目录下运行npm run serve 先是崩溃，后直接报错

问题排查了一天，无法解决。希望能获取帮助。帮忙解决问题

接口位置

null

日志内容

1.docker
=> ERROR [32/41] RUN npm run serve 3.2s

[32/41] RUN npm run serve:
#36 3.187 npm ERR! code ENOENT
#36 3.190 npm ERR! syscall open
#36 3.190 npm ERR! path /Medusa/Vue/package.json
#36 3.191 npm ERR! errno -2
#36 3.195 npm ERR! enoent ENOENT: no such file or directory, open '/Medusa/Vue/package.json'
#36 3.196 npm ERR! enoent This is related to npm not being able to find a file.
#36 3.196 npm ERR! enoent
#36 3.210
#36 3.210 npm ERR! A complete log of this run can be found in:
#36 3.211 npm ERR! /root/.npm/_logs/2022-01-02T10_53_10_314Z-debug.log

executor failed running [/bin/sh -c npm run serve]: exit code: 254

2.服务器Vue目录下执行后bug日志

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

[help]问题还是没解决

s2wcn@debian:/Medusa$ pip3 install dubbo-py
Requirement already satisfied: dubbo-py in /home/s2wcn/.local/lib/python3.7/site-packages (0.2.2)
Requirement already satisfied: kazoo in /home/s2wcn/.local/lib/python3.7/site-packages (from dubbo-py) (2.8.0)
Requirement already satisfied: six in /usr/lib/python3/dist-packages (from kazoo->dubbo-py) (1.12.0)
s2wcn@debian:/Medusa$ sudo python3 MedusaScan.py -u https://www.ascotbe.com
Traceback (most recent call last):
File "MedusaScan.py", line 17, in
from Modules.Dubbo import Dubbo
File "/home/s2wcn/Medusa/Modules/Dubbo/Dubbo.py", line 3, in
from Modules.Dubbo import DubboProviderDefaultAntiSequenceVulnerability
File "/home/s2wcn/Medusa/Modules/Dubbo/DubboProviderDefaultAntiSequenceVulnerability.py", line 7, in
from dubbo.codec.hessian2 import new_object
ModuleNotFoundError: No module named 'dubbo'

win下运行报错

在安装Medusa.txt时最后报错：
Could not find a version that satisfies the requirement nonebot==1.5.0

运行时报错：ModuleNotFoundError: No module named 'fake_useragent'
但此前fake_user模块安装是正常的

[Bug]

Describe the bug||描述错误
冲着有中文提示的 DEMO 来的，英文早都看腻了。

To Reproduce||重现

两个错误，
一个是安装时
pip3 install -r Medusa.txt
ERROR: Cannot install -r Medusa.txt (line 25) and cryptography==3.1.1 because these package versions have conflicting dependencies.

The conflict is caused by:
The user requested cryptography==3.1.1
mitmproxy 4.0.4 depends on cryptography<2.4 and >=2.1.4

To fix this you could try to:

loosen the range of package versions you've specified
remove package versions to allow pip attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/user_guide/#fixing-conflicting-dependencies

一个是运行时
python3 MedusaScan.py -u www.xxxxxxx.com or python3 MedusaScan.py -u https://www.xxxxxxx.com

都会提示 unsupported operand type(s) for +: 'NoneType' and 'str'

Process Process-116:
Traceback (most recent call last):
File "/usr/Medusa/Modules/Cms/EasyTalk/EasyTalkSQLInjectionVulnerability10.py", line 28, in medusa
payload_url = url + payload
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3.8/multiprocessing/process.py", line 315, in _bootstrap
self.run()
File "/usr/lib/python3.8/multiprocessing/process.py", line 108, in run
self._target(*self._args, **self._kwargs)
File "/usr/Medusa/Modules/OA/Weaver/WeaverDatabaseConfigurationLeakVulnerability.py", line 41, in medusa
l = ClassCongregation.ErrorLog().Write("Plugin Name:"++" || Target Url:"+url,e)#调用写入类
TypeError: can only concatenate str (not "NoneType") to str
[ + ] Medusa scan progress bar: 100%|####################################################################################################################################################################| 242/242 [00:04<00:00, 58.69it/s]
[ + ] Medusa cleanup thread progress: 0%| | 0/242 [00:00<?, ?it/s]Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by ysoserial.payloads.CommonsCollections5 (file:/usr/Medusa/Tool/ysoserial.jar) to field javax.management.BadAttributeValueExpException.val
WARNING: Please consider reporting this to the maintainers of ysoserial.payloads.CommonsCollections5
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
WARNING:root:got EOF error, stop recv loop!
[ ! ] Unable to get dnslog, please replace ceye!
[ ! ] Unable to get dnslog, please replace ceye!
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
WARNING:root:
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true

Related system description:||相关系统说明:

Kali Lunix

Additional context||其他内容

[help] QQ

获取不到验证码，也登陆不了该怎么办qwq

[help] 启动web后验证码出不来 XMLHttpRequest报错

Describe the bug||描述错误

前端界面出来了但是加载不到验证码我试了用postman请求9999端口的验证码接口是通的请大佬帮忙看下我的错误

Screenshots||截图
F12报错截图

登录界面

/Medusa/Vue/faceConfig.js配置截图

Related system description:||相关系统说明:

centos7 WEB部署的

redis配置如果使用带特殊符号的密码提示密码无效

Describe the bug||描述错误
当redis的密码包含 !@# 等特殊符号,时 redis连接不上

To Reproduce||重现
Steps to reproduce the behavior and paste the relevant data package:||重现行为的步骤，并贴上相关的数据包：

redis使用带 !@# 等符号的密码

2.Medusa config配置文件配置相同的密码
Medusa 提示密码无效

Related system description:||相关系统说明:

Linux Centos7
python 3.7
java 8
Medusa Web master分支代码

猜测: 配置文件里的密码可能需要转义
如果密码不用单引号和双引号包围, 并用“\” 转译字符实际测试无效

[help] redis配置的问题

redis访问默认localhost:6379如何修改呢我尝试在本机安装了一个redis 端口密码等都是默认的还是无法连接到请问该如何配置 config.py文件已经设置但没生效

Screenshots||截图

Detailed system version, kernel and other information||详细的系统版本，内核等信息
Python related version number||Python相关的版本号
Project version number||项目版本号

medusa安装请解惑

这是一个什么样的功能？

您好，我通过手动安装无法安装，只能按照您所提供文档中的docker安装进行，在执行完./install.sh -u xxxx.com -d xxxxxxx.com -s xxxxxx.com此条命令后该去哪里配置文档中所说的dnslog、主站与邮件域名，文档中图片内容无法找到，而且./install.sh执行完毕后并没有看到容器产生，该去哪里运行medusa容器呢

这个功能可以解决什么问题？

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

安装吐了手动 docker 都安装不起不是npm 报错就是网络问题就算勉强安装起验证码还加载不出来

当前使用的操作系统

macOS
Windows
Linux

描述错误

安装吐了手动 docker 都安装不起不是npm 报错就是网络问题就算勉强安装起验证码还加载不出来

重现步骤

安装吐了 手动 docker 都安装不起 不是npm 报错就是网络问题 就算勉强安装起验证码还加载不出来

接口位置

安装吐了手动 docker 都安装不起不是npm 报错就是网络问题就算勉强安装起验证码还加载不出来

日志内容

安装吐了手动 docker 都安装不起不是npm 报错就是网络问题就算勉强安装起验证码还加载不出来

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

web版本，docker里的Medusa没有start.sh文件

can you make it as docker image

it need py3 and a lot of modules , it's very convenient to make it as docker image

[Bug]Web版本使用docker搭建后访问提示“Network Error”

Describe the bug||描述错误
A clear and concise description of what the bug is.||清楚简洁地说明错误是什么。

web版本按照docker安装的步骤进行，搭建完成中间没有报错，但登录时提示“Network Error”

To Reproduce||重现
Steps to reproduce the behavior and paste the relevant data package:||重现行为的步骤，并贴上相关的数据包：

Go to '...'
Click on '....'
Scroll down to '....'
See error

Screenshots||截图
If applicable, add screenshots to help explain your problem.||如果适用，请添加屏幕截图以帮助解释您的问题。
报错截图如下：https://raw.githubusercontent.com/si1entgr0/si1egimg/master/20210310145117.png

Related system description:||相关系统说明:

Detailed system version, kernel and other information||详细的系统版本，内核等信息
Python related version number||Python相关的版本号
Project version number||项目版本号

Linux localhost.localdomain 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Docker version 20.10.2, build 2291f61

Log content||日志内容
Please post the log content of the error time period||请贴上报错时间段的日志内容关内容

Additional context||其他内容
Write relevant content that needs to be added here.||这边写上需要补充的相关内容

qq

请教一个dnslog自建的配置

当前使用的操作系统

macOS
Windows
Linux

描述错误

配置咨询

重现步骤

我自用域名test.aaaa.com，目前xss服务正常，配置dns设置如下：
新建A记录
ns1.aaaa.com    服务器ip
ns2.aaaa.com    服务器ip

修改第二个域名bbbb.com的NS解析为ns1.aaaa.com ,ns2.aaaa.com 

修改nginx配置为：
server { #这个是接管所有的关于dnslogtest.ascotbe.com的子域名
    listen       80;
    server_name  *.bbbb.com;
    location / {
        proxy_pass  http://127.0.0.1:8888;
        proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;       
    }
}


修改config.py配置为：
domain_name_system_address="bbbb.com" #用户用来接收数据的DNSLOG域名

因为一直无法获取dns记录，所以想请教一下

接口位置

无

日志内容

无

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

你好，git监控能不能按照项目创建时间排序

这是一个什么样的功能？

是这个样子的，你按照项目更新时间来排序，有些很久的项目更新了就置顶了，GIThub监控是想看最新有什么漏洞出现

所以你能不能【按照项目创建时间】来排序

谢谢

这个功能可以解决什么问题？

是这个样子的，你按照项目更新时间来排序，有些很久的项目更新了就制定了，GIThub监控是想看最新有什么漏洞出现

所以你能不能【按照项目创建时间】来排序

谢谢

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

how fix this

root@kali:~/Desktop/Medusa-master# python3 MedusaScan.py -f sub.txt

| / |____ ||__ |_ |____ | | | | | |
| |/| | _ | | | | | | | || | | | | |
| | | || | |_____| | | | | || |/ // /
|| ||| | //_|| |||_____/
||

  Blog  https://www.ascotbe.com  |  v0.92

Traceback (most recent call last):
File "MedusaScan.py", line 158, in
Subdomain=args.Subdomain#开启子域名枚举
AttributeError: 'Namespace' object has no attribute 'Subdomain'

docker版本安装不成功

当前使用的操作系统

macOS
Windows
Linux

描述错误

docker版本安装不成功

重现步骤

docker版本安装不成功

接口位置

https://github.com/

日志内容

Step 33/45 : RUN npm install highcharts --save --registry=https://registry.npmmirror.com/
---> Running in efaf780b62b1
npm notice created a lockfile as package-lock.json. You should commit this file.

[email protected]
added 1 package from 1 contributor in 1.983s
Removing intermediate container efaf780b62b1
---> 810f0bf9bba3
Step 34/45 : RUN npm run build
---> Running in 8be113601e39

[email protected] build /Medusa/Vue
vue-cli-service build

sh: 1: vue-cli-service: not found
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! [email protected] build: vue-cli-service build
npm ERR! spawn ENOENT
npm ERR!
npm ERR! Failed at the [email protected] build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2022-10-03T19_36_28_284Z-debug.log
The command '/bin/sh -c npm run build' returned a non-zero code: 1
Unable to find image 'medusa_web:latest' locally
docker: Error response from daemon: pull access denied for medusa_web, repository does not exist or may require 'docker login': denied: requested access to the resource is denied.
See 'docker run --help'.
[ + ] redis password change to ---> xxx
[ + ] modify registration required key ---> xxx
[ + ] modify the secret required for forgot password ---> xxx

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

什么都扫不出来是什么鬼

比如，我自建的一个靶场是存在struts2漏洞的，用正常的扫描器扫描是可以扫出来的：

而用美杜莎什么都扫不来，扫了好几遍都扫不来。

weblogic这个模块是不是没写完呢

这个文件是空的

web版本 docker 里面木有 start.sh文件

1.web版本 docker 里面木有 start.sh文件
2.qq群收费金额显示NaN元无法加入群

[help]日志里还提示些其他问题，不知道对扫描结果有无影响

#32

日志里还提示些其他问题，不知道对扫描结果有无影响。
1. list index out of range
2. Body ('提交') is not valid Latin-1. Use body.encode('utf-8') if you want to send it encoded in UTF-8.
3. must be of type str or bytes, not <class 'tuple'>
4. WARNING: Failed to parse: http://192.168.1.1:9090%s/index.php/
5. 我环境java是11的版本

WARNING: Illegal reflective access by ysoserial.payloads.CommonsCollections5 (file:/aa/tools/Medusa/Tool/ysoserial.jar) to field javax.management.BadAttributeValueExpException.val
WARNING: Please consider reporting this to the maintainers of ysoserial.payloads.CommonsCollections5
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

WARNING: 'NoneType' object has no attribute 'group'
WARNING: Value for header {Content-Type: ('application/x-www-form-urlencoded',)} must be of type str or bytes, not <class 'tuple'>

下面是部分日志

2021-01-02 19:57:02,550 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:Struts2RemoteCodeExecutionVulnerability59 || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:02,550 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: list index out of range
2021-01-02 19:57:02,982 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:Struts2RemoteCodeExecutionVulnerability61 || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:02,983 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: list index out of range
2021-01-02 19:57:03,710 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:OneCaitongElectronicProcurementSystemUploadsArbitraryFiles2 || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:03,710 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: 'latin-1' codec can't encode characters in position 260-261: Body ('提交') is not valid Latin-1. Use body.encode('utf-8') if you want to send it encoded in UTF-8.
2021-01-02 19:57:03,982 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:B2BbuilderHeadSQLInjectionVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:03,983 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: Value for header {Accept: ('text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',)} must be of type str or bytes, not <class 'tuple'>
2021-01-02 19:57:04,763 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:PhpwebArbitraryFileUploadVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:04,763 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: 'NoneType' object has no attribute 'group'
2021-01-02 19:57:05,106 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:CsCMSSQLInjectionVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:05,106 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: Failed to parse: http://192.168.1.1:9090%s/index.php/dance/so/key/?key=%252527)%20%2561%256E%2564%201=2%20union%20%2573%2565%256C%2565%2563%2574%201,md5(1231231234),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42%23
2021-01-02 19:57:06,482 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:EnableQArbitraryFileUploadVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:06,482 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: 'latin-1' codec can't encode characters in position 282-283: Body ('提交') is not valid Latin-1. Use body.encode('utf-8') if you want to send it encoded in UTF-8.
2021-01-02 19:57:06,923 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:EmlogSQLInjectionVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:06,923 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: Failed to parse: http://192.168.1.1:9090content/plugins/kl_album/kl_album_ajax_do.php
2021-01-02 19:57:07,632 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:CitrixGatewayPathTraversalVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,632 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: Value for header {Content-Type: ('application/x-www-form-urlencoded',)} must be of type str or bytes, not <class 'tuple'>
2021-01-02 19:57:07,663 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:Struts2RemoteCodeExecutionVulnerability1 || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,663 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: HTTPConnectionPool(host='192.168.1.1', port=9090): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x10f601e80>, 'Connection to 192.168.1.1 timed out. (connect timeout=5)'))
2021-01-02 19:57:07,837 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:NginxDirectoryTraversalVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,837 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: HTTPConnectionPool(host='192.168.1.1', port=9090): Max retries exceeded with url: /files../ (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x110f313a0>, 'Connection to 192.168.1.1 timed out. (connect timeout=5)'))
2021-01-02 19:57:07,942 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:SeeyouSystemFrameworkVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,942 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: can only concatenate list (not "str") to list
2021-01-02 19:57:07,942 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:SeeyouSystemFrameworkVulnerability || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,942 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: can only concatenate list (not "str") to list
2021-01-02 19:57:07,971 - /aa/tools/Medusa/ClassCongregation.py[line:449] - INFO: Plugin Name:SolrRemoteCodeExecutionVulnerability2 || Target Url:http://192.168.1.1:9090
2021-01-02 19:57:07,971 - /aa/tools/Medusa/ClassCongregation.py[line:450] - WARNING: Expecting value: line 1 column 1 (char 0)

[help] 扫描结果保存在哪，为什么我看到是空的

[ + ] Scanning across modules: AllMod
[ + ] Medusa scan progress bar: 100%|####################################################################################################################################################################| 241/241 [00:09<00:00, 24.99it/s]
[ + ] Medusa cleanup thread progress: 100%|##############################################################################################################################################################| 241/241 [02:04<00:00, 1.93it/s]
[ ! ] Scan is complete, please see the ScanResult file

遇到两个问题

第一个：qq群密码是什么啊？我试过了
https://github.com/Ascotbe/Medusa.git
http://medusa.ascotbe.com/Documentation/#/
https://www.ascotbe.com/Loophole
全部不对。。。。。。

第二个问题：
我部署的是docker环境，已经部署好了，但是打开之后验证码显示不出来，提示网络错误。这种情况应该怎么解决？
按理说docker环境应该是开箱即用啊，不存在需要进去再调整前后端对接。
而且我用docker exec id号进去想执行命令，发现docker自动死掉了。

JAVA Bug

Describe the bug
截图

相关系统说明:

mac os 11.1 bigsur
python3.9
rostta2

java --version
openjdk 15.0.1 2020-10-20
OpenJDK Runtime Environment Zulu15.28+1013-CA (build 15.0.1+9)
OpenJDK 64-Bit Server VM Zulu15.28+1013-CA (build 15.0.1+9, mixed mode)

建议插件使用key words方式调用

类似perun那种，使用关键字调用插件如-search

大佬，建议加入一下泛微的rce漏洞

medusa:latest image can't pull issue

当前使用的操作系统

macOS
Windows
Linux

描述错误

ascotbe/medusa:latest image can't pull

重现步骤

docker pull ascotbe/medusa:latest

接口位置

null

日志内容

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

[help]又是一个错误

s2wcn@debian:~/Medusa$ sudo python3 MedusaScan.py -u https://www.ascotbe.com
Traceback (most recent call last):
File "MedusaScan.py", line 17, in
from Modules.Dubbo import Dubbo
File "/home/s2wcn/Medusa/Modules/Dubbo/Dubbo.py", line 3, in
from Modules.Dubbo import DubboProviderDefaultAntiSequenceVulnerability
File "/home/s2wcn/Medusa/Modules/Dubbo/DubboProviderDefaultAntiSequenceVulnerability.py", line 7, in
from dubbo.codec.hessian2 import new_object
ModuleNotFoundError: No module named 'dubbo'

s2wcn@debian:~/Medusa$ pip3 install dubbo
Collecting dubbo
Could not install packages due to an EnvironmentError: 404 Client Error: Not Found for url: https://pypi.org/simple/dubbo/

[Bug]运行失败，提示无法导入通达oa

安装方式

这是一个什么样的功能？

一键安装

这个功能可以解决什么问题？

我装了3个小时没成功，各位大佬麻烦了

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

不是完整版的吗

当前使用的操作系统

macOS
Windows
Linux

描述错误

部署失败

重现步骤

不是完整版的吗

接口位置

http

日志内容

这不是重复的 issue

我已经搜索了现有 issue，以确保该错误尚未被报告。

怎么注册不了呢

dokcer搭建后，点击注册一直提示服务器崩溃啦

test

这是一个什么样的功能？

test

这个功能可以解决什么问题？

test

额外描述

No response

这不是重复的功能请求

我已经搜索了现有 issue，以确保这项功能尚未被请求。

ascotbe / medusa Goto Github PK

medusa's Introduction

Welcome to Medusa

👉About Medusa

中文文档 | EnglishDocumentation

💡Document

📋Web Ver. installation instructions

👾Web interface

🍀Updating logs

💚Discussion

⚠️Disclaimer

🌴Contributors

🏁Timeline

medusa's People

Contributors

Stargazers

Watchers

Forkers

medusa's Issues

在执行全部模块扫描时，能够生成扫描结果文件，但有两个问题

重现

系统环境

当前使用的操作系统

描述错误

重现步骤

接口位置

相关环境说明

日志内容

这不是重复的 issue

这是一个什么样的功能？

这个功能可以解决什么问题？

额外描述

这不是重复的功能请求

这是一个什么样的功能？

这个功能可以解决什么问题？

额外描述

这不是重复的功能请求

这是一个什么样的功能？

这个功能可以解决什么问题？

额外描述

这不是重复的功能请求

当前使用的操作系统

描述错误

重现步骤

接口位置

相关环境说明

日志内容

这不是重复的 issue

当前使用的操作系统

描述错误

重现步骤

接口位置

相关环境说明

日志内容

这不是重复的 issue

这是一个什么样的功能？

这个功能可以解决什么问题？

额外描述

这不是重复的功能请求

当前使用的操作系统

描述错误

重现步骤

接口位置

相关环境说明

日志内容

这不是重复的 issue

当前使用的操作系统

描述错误

重现步骤

接口位置

相关环境说明

日志内容

1.docker => ERROR [32/41] RUN npm run serve 3.2s

这不是重复的 issue

这是一个什么样的功能？

这个功能可以解决什么问题？

额外描述

这不是重复的功能请求

当前使用的操作系统

描述错误

👉About `Medusa`

📋`Web` Ver. installation instructions

1.docker
=> ERROR [32/41] RUN npm run serve 3.2s