fgeek / pyfiscan Goto Github PK

View Code? Open in Web Editor NEW

556.0 556.0 115.0 3.32 MB

Free web-application vulnerability and version scanner

License: Other

Python 66.00% PHP 34.00%

pyfiscan's People

Contributors

Stargazers

Watchers

Forkers

iiska jannecederberg sabl0r joneskoo greggles securityigi kerravon site5 master2be1 cyberintruder keyman9848 martijnbraam cinno syst0m go-spider movingname wuyouzi llovoll insightglacier bbghunter 5up3rc y0d4a ang3ll caineqt bluebear171 tobey123 paran0ids0ul hax0rg1rl jsklein kuteminh11 littlecho h0r57 chubbymaggie a2wharrison p0w3rfulxsploit jacielaurelio lexluga rajivraj popmedd grant555 ksmaheshkumar szliuyujie evil5hadow riviera12345 rasarab subc0ol ykankaya mrhacker46 magnologan raymondseger foxweek sdhacker qianniaoge seabreg preventions star-bob django554 modulexcite kakuye shivam043 rkreddypandu 1454325915 tquentin j0t4-p3 goudarpraveengoudar motikan2010 raystyle ra2003 ap3255 nfm-8 all-the-time salomalo mashaz deepanjalkumar securestep9 swarupsro shad0wcry silentsoul04 sk3lk0 hartl3y94 zeroc00i haraprasadghosh vmaas-in blakduk ghbook ppzhoucl attacker-codeninja 8l4nk opoet7 official-blackhat13 cyb3rhex hxlxmjxbbxs deviantops d3m0nicw0lf str23x petrosyanmk15 pyking zxc2007 stickybit001 salahgapr

pyfiscan's Issues

False-posivites with Git-version of Gallery3

Current fingerprint detects false-posivites with Git-version of Gallery3.

Mailer should send emails with header Date

Mailer should send emails with header Date. Thanks for reporting Tuukka Kivilahti.

Claroline netsparker advisory

https://www.netsparker.com/critical-xss-vulnerabilities-in-claronline/

Is this fixed?

Add support for older Drupal versions

At least Drupal 5 and 6 are still supported before 8 is released.

Mailer should send only one email per receiver

Mailer should send only one email per receiver. Requested by Henri Strand.

Add support for BigTree CMS

Currently there is no fixed in version for latest issues. Makes it pretty hard to communicate with end users.

CVE-2013-4879
CVE-2013-4880
CVE-2013-4881
CVE-2013-5313

phpMyAdmin CVE-2014-4955/CVE-2014-4986/CVE-2014-4987

Add functionality for several issues to fingerprints

Change code so that one application can have multiple issues in fingerprint. This can be used for e.g. affected version ranges in the future.

e107 CVE-2013-7305 CVE-2013-2750 CVE-2014-1846

Dolibarr multiple security vulnerabilities

http://forelsec.blogspot.fi/2013/10/dolibarr-340-multiple-vulnerabilities.html

Does these have CVE? Listed in OSVDB?

CMSMS CVE-2014-0334, CVE-2014-2092

Post processing needs a check for old files e.g. backups

phpBB3 makes backups in update to location includes/install/update/old
Joomla creates temporary files in update to location tmp/install_4ee88b2db4c46
concrete5: files/tmp/1323955337/concrete5.4.2.1

Create new fingerprint template

Figure out proper content
Add examples
Change previous fingerprints to new template

Template should include following:

CWE
CVSS2
CVE
OSVDB
Secunia (SAXXXX)
Publication date
Fixed date
Fixed in version
CPE
ISS X-Force ID
SecurityTracker Alert ID
Vendor URL
Vendor changelog or scm urls

Jara

Jara has several unfixed vulnerabilities for many years now. Detection should say not to use this software.

Open installations: WordPress

Attacker can install the WordPress using remote database and after that execute arbitrary PHP.

This requires new post processing functionality.

References:

Coppermine regexp matches CPG MiniCMS Plugin

2013-08-24 21:49:57 ERROR is_not_secure:166 Traceback (most recent call last):
File "pyfiscan.py", line 164, in is_not_secure
return map(int, secure_version.split('.')) > map(int, file_version.split('.'))
ValueError: invalid literal for int() with base 10: ''

From file:
# CPG MiniCMS Plugin for Coppermine Photo Gallery

claroline/inc/installedVersion.inc.php:$new_version = '1.11.9';

Check if this also affects web-ui updates
Test from 1.6.x to 1.7.x
Test from 1.7.x to 2.x
Test from 2.x to 3.x