vulmon / vulmap Goto Github PK
View Code? Open in Web Editor NEWVulmap Online Local Vulnerability Scanners Project
Home Page: https://vulmon.com
License: GNU General Public License v3.0
Vulmap Online Local Vulnerability Scanners Project
Home Page: https://vulmon.com
License: GNU General Public License v3.0
The tools should add the operating system version in the inventory. So the vulnerabilities associated to Windows system (and affectinf SMB or other built-in module) can be known
Hi,
The Linux script runs only on Debian based distros. When executing on RHEL I get the following:
/bin/sh: dpkg-query: command not found
[Info] Vulnerability scan started...
[Info] Default Mode. Check vulnerabilities of installed packages...
[Status] Total Exploits: 0
The function may be expanded to run a specific one based on the Distro:
https://github.com/vulmon/Vulmap/blob/master/Vulmap-Linux/vulmap-linux.py#L224
Is there going to be support for RHEL, and are you open to pull requests?
Thanks!
Hi, I just ran vulmap on my workstation that is running Debian 9 (stretch) plus selected backports. I was shown a large number of exploitable vulnerabilities, most of which seemed bogus.
My hunch is that the long list of ancient CVE-listed bugs for file
(see below) is shown because your service does not take into account the epoch in the version number.
If necessary, please refer to deb-version(5) for details on how to interpret version strings on Debian and derivative distributions.
[*] Vulnerability Found!
[>] Product: file 1:5.30-1+deb9u2
[+] CVEID: CVE-2004-1304 Score: 10 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2004-1304
[*] Available Exploits!!!
[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=24784 (File ELF 4.x - Header Buffer Overflow)
[+] CVEID: CVE-2009-3930 Score: 9.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2009-3930
[+] CVEID: CVE-2007-1536 Score: 9.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-1536
[*] Available Exploits!!!
[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=29753 (File(1) 4.13 - Command File_PrintF Integer Underflow)
[+] CVEID: CVE-2007-2026 Score: 7.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-2026
[+] CVEID: CVE-2014-9653 Score: 7.5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9653
[+] CVEID: CVE-2019-8907 Score: 6.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8907
[+] CVEID: CVE-2019-8904 Score: 6.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8904
[+] CVEID: CVE-2019-8905 Score: 6.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8905
[+] CVEID: CVE-2019-8906 Score: 6.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8906
[+] CVEID: CVE-2009-1515 Score: 6.8 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2009-1515
[+] CVEID: CVE-2007-2799 Score: 5.1 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-2799
[+] CVEID: CVE-2014-9652 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9652
[+] CVEID: CVE-2014-9621 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9621
[+] CVEID: CVE-2014-9620 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9620
[+] CVEID: CVE-2014-8116 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-8116
[+] CVEID: CVE-2014-8117 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-8117
[+] CVEID: CVE-2014-3478 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3478
[+] CVEID: CVE-2014-3538 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3538
[+] CVEID: CVE-2013-7345 Score: 5 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2013-7345
[+] CVEID: CVE-2003-0102 Score: 4.6 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2003-0102
[*] Available Exploits!!!
[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=22324 (File 3.x - Local Stack Overflow Code Execution (1))
[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=22325 (File 3.x - Local Stack Overflow Code Execution (2))
[+] CVEID: CVE-2018-10360 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2018-10360
[+] CVEID: CVE-2014-3587 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3587
[+] CVEID: CVE-2014-3479 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3479
[+] CVEID: CVE-2014-3487 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3487
[+] CVEID: CVE-2014-0207 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-0207
[+] CVEID: CVE-2014-3480 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3480
[+] CVEID: CVE-2014-2270 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-2270
[+] CVEID: CVE-2012-1571 Score: 4.3 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2012-1571
[+] CVEID: CVE-2017-1000249 Score: 2.1 URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2017-1000249
close this issue
normally, when the CVEs of a vulnerable application are returned, only those with a higher CVSS value are shown.
Would it be possible to return all the CVEs from the application or to have them sorted by date of publication?
Can you improve the Windows Script to make scan on remote computers ?
These CVE's are dated 10 years before this firefox version was even released.
firefox 69.0.3 CVE-2009-2469 10 https://vulmon.com/vulnerabilitydetails?qid=CVE-2009-2469
firefox 69.0.3 CVE-2007-2176 10 https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-2176
how to scan one asset only on local network! or this is not supported!
_@DESKTOP-GG23M21-wsl- Vulmap-Linux$ python3 vulmap-linux.py -a
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
██╗ ██╗ ██╗██╗ ██╗██╗ ███╗ ███╗ █████╗ ██████╗
╚██╗ ██║ ██║██║ ██║██║ ████╗ ████║██╔══██╗██╔══██╗
╚██╗ ██║ ██║██║ ██║██║ ██╔████╔██║███████║██████╔╝
██╔╝ ╚██╗ ██╔╝██║ ██║██║ ██║╚██╔╝██║██╔══██║██╔═══╝
██╔╝███████╗╚████╔╝ ╚██████╔╝███████╗██║ ╚═╝ ██║██║ ██║██║
╚═╝ ╚══════╝ ╚═══╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝
===================================================================
\ Vulmon Mapper v2.2 /
\ www.vulmon.com /
\=============================================================/
[Info] Vulnerability scan started...
[Info] All Exploit Mode. All exploit download mode starting...
[Status] Total Exploits: 0
any ideas?
when have IOS and android script?
Hi,
it seems the APIs are broken, as the software always return no results, even if it is vulnerable
{'message': '', 'status': '1004', 'status_message': 'no result'}
The following result is on a machine with known vulnerabilities and a working internet connection:
[Info] Vulnerability scan started...
[Info] Default Mode. Check vulnerabilities of installed packages...
[Status] Total Exploits: 0
Let me know if you need additional details
when I use https://vulmon.com/scannerapi_vv211 to get exploits info, I get response like this: 'message': 'You have reached your monthly 100 requests limit.', 'status': '1015', 'status_message': 'Rate limiting error'. How can I break the limit ?
Dear Team,
In case client machine does not have python installed, can you have plan to release a bash version ? This would be awesome, and great help for the community.
It may be possible to read directly from the result of dpkg-l
or yum list installed
like this
dpkg -l > softwares
python vulmap.py softwares
This can be very useful in some situations.
I tried to run the script on an Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-1025-aws x86_64). The simplejson package is the one that came with Ubuntu through apt:
$ apt list --installed | grep simplejson
python3-simplejson/focal,now 3.16.0-2ubuntu2 amd64 [installed,automatic]
This is the result from python3 vulmap-linux.py
:
[Info] Default Mode. Check vulnerabilities of installed packages...
Traceback (most recent call last):
File "vulmap-linux.py", line 312, in <module>
vulnerabilityScan()
File "vulmap-linux.py", line 268, in vulnerabilityScan
outResults(queryData)
File "vulmap-linux.py", line 102, in outResults
response = sendRequest(queryData)
File "vulmap-linux.py", line 93, in sendRequest
response = (requests.post(url, data=body, headers=headers)).json()
File "/usr/lib/python3/dist-packages/requests/models.py", line 897, in json
return complexjson.loads(self.text, **kwargs)
File "/usr/lib/python3/dist-packages/simplejson/__init__.py", line 518, in loads
return _default_decoder.decode(s)
File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 370, in decode
obj, end = self.raw_decode(s)
File "/usr/lib/python3/dist-packages/simplejson/decoder.py", line 400, in raw_decode
return self.scan_once(s, idx=_w(s, idx).end())
simplejson.errors.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
(OS Build 17134.2026)
For some reason it fails for me:
PS C:\Users\USERNAME> iex(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/vulmon/Vulmap/master
/Vulmap-Windows/vulmap-windows.ps1')
>>
Exception calling "DownloadString" with "1" argument(s): "The request was aborted: Could not create SSL/TLS secure chan
nel."
At line:1 char:1
+ iex(New-Object Net.WebClient).DownloadString('https://raw.githubuserc ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : WebException
/bin/sh: dpkg-query: command not found
It would be cool to see what Vulmap can find in these free testing environments.
https://docs.travis-ci.com/user/languages/python/#running-python-tests-on-multiple-operating-systems
API is responding but constantly pumping out a 'no result' verdict regardless of what I run it against, even tried running it against a 12 month old version of chrome and got 'no result'. Working internet connect and known vulnerable software but still get the below response, running on win10:
{'message': '', 'status': '1004', 'status_message': 'no result'}
[Info] Vulnerability scan started...
Invoke-WebRequest : The remote server returned an error: (500) Internal Server Error.
At line:110 char:21
return (Invoke-WebRequest -Uri https://vulmon.com/scannerapi_vv21 ...
CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
[Info] Default Mode. Check vulnerabilities of installed packages...
[Status] Total Exploits: 0
Let me know if you need additional details
Description :
Click jacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.
Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.
POC:
UI REDRESSINGImpact:
Any User can be lured in to click on whats look like a functionality of the website but is actually an attackers frame button containing some malicious javascript code or redirection code leading the user to a vulnerable site . And as the vulnerability persists even after the user is logged in which makes it even more sever.
Suggested Fix:
Add an iframe destroyer in the page headers.
I suggest to replace all instances of http with https, e.g.
https://vulmon.com/scannerapi?...
https://vulmon.com/downloadexploit?...
...
When i run Vulmap, it doesn't output the vulnerabilities.
The output i get is:
Vulmap started...
Collecting software inventory...
Software inventory collected
Vulnerability scanning started...
Checked 89 items
Vulmon.com Api returned message:
Done.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.