A Modified version of TCC's Osprey poc framework......

Related tags

Security related resourcesfirece-fish
Overview

fierce-fish Python 3.9

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架

  • PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!!

  • osprey

  • For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼,一种比鱼鹰还要凶猛的鱼,由于是osprey的改写版所以取此命名漏洞盒子PoC框架,寓意快,精,准,凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发),是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口,可供灵活调用,也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt
  • 若执行脚本还是报错,可以根据报错信息提示缺失的模块,手动执行命令(pip3 install ‘缺失模块名'),进行安装...

使用

  • 获取帮助列表:
$ python osprey.py --help
  • 最简单的用法,针对一个目标URL,发起一个PoC做检测:
$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名 poc名称 poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection vb_2017_0060 Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read vb_2021_0001 Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information vb_2021_0002 Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection vb_2021_0003 LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection vb_2021_0004 LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read vb_2021_0005 Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE vb_2021_0006 Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password vb_2021_0007 Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection vb_2021_0008 Weaver OA 8 SQL injection
Weaver OA Bsh RCE vb_2021_0009 Weaver OA Bsh RCE
Citrix XenMobile Read FIle vb_2021_0010 Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882 vb_2021_0011 Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read vb_2021_0012 Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read vb_2021_0013 Jinher OA Arbitrary File Read
LanProxy Server Read File vb_2021_0014 LanProxy Server Read File
YApi Remote Code Execute vb_2021_0015 YApi Remote Code Execute
SaltStack RCE CVE-2020-11651 vb_2021_0016 SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage vb_2021_0017 Coremail Server Information Leakage
AonarQube Api Information Leakage vb_2021_0018 AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage vb_2021_0019 Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage vb_2021_0020 MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage vb_2021_0021 ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE vb_2021_0022 IceWarp WebClient Basic RCE
ShowDoc File Upload vb_2021_0023 ShowDoc File Upload
Duoke-Web-Server-SQLInjection vb_2021_0024 Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read vb_2021_0025 yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak vb_2021_0026 zhongqingnabo_information_leak
Apache Druid RCE vb_2021_0027 Apache Druid RCE
Apache Kylin Xielou ReadFile vb_2021_0028 Apache Kylin Xielou ReadFile
Apache Flink Read File vb_2021_0029 Apache Flink Read File
Apache Flink Rce vb_2021_0030 Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead vb_2021_0031 3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE vb_2021_0032 IceWarp WebClient Basic RCE
亿赛通命令执行漏洞 vb_2021_0033 亿赛通命令执行漏洞
Atlassian Jira Information disclosure vb_2021_0034 Atlassian Jira Information disclosure
LANLING OA file read vb_2021_0035 LANLING OA file read
CISCO Read-Only Path Traversal Vuln vb_2021_0036 CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell vb_2021_0037 Seeyon_Ajax_Getshell
待补充 vb_2021_0038 待补充
待补充 vb_2021_0039 待补充
待补充 vb_2021_0040 待补充
待补充 vb_2021_0041 待补充
zyxel_nbg2105_bypass_auth vb_2021_0042 zyxel_nbg2105_bypass_auth
HIKVISION_file_read vb_2021_0043 HIKVISION_file_read
CVE_2021_41773_poc_and_exploit vb_2021_0044 CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit vb_2021_0045 CVE_2021_42013_poc_and_exploit

特点

  1. 体积小
  1. 检测效果精准,可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC,请参考 osprey编写规范和要求说明

后续会在本仓库长期更新最新的POC & EXP。:)

Owner
lUc1f3r11
trapped in the darkest nightmare...
lUc1f3r11
GitHub Repository
Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

Tim Blazytko 133 Dec 18, 2022
A tool to extract the IdP cert from vCenter backups and log in as Administrator

vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

Horizon 3 AI Inc 343 Dec 31, 2022
Hack any account sending fake nitro QR code (only for educational purpose)

DISCORD_ACCOUNT_HACKING_TOOL ( EDUCATIONAL PURPOSE ) Hack any account sending fake nitro QR code (only for educational purpose) Start my program token

Novy 7 Jan 07, 2022
telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)

CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp

Gray Programmerz 66 Dec 08, 2022
Phoenix Framework is an environment for writing, testing and using exploit code.

Phoenix Framework is an environment for writing, testing and using exploit code. 🖼 Screenshots 🎪 Community PwnWiki Forums 🔑 Licen

42 Aug 09, 2022
Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code ✅ 🎈 ・Description First it

Rdimo 25 Aug 13, 2022
Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

Amino, Inc 140 Dec 16, 2022
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.

Dlint Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure. The most important thing I have done as a progra

Dlint 127 Dec 27, 2022
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye

MotionEye/MotionEyeOS Authenticated RCE A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye. You need administrator crede

Matt 1 Apr 18, 2022
An easy-to-use wrapper for NTFS-3G on macOS

ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us

Matthew Go 34 Dec 01, 2022
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard

This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard to form a 16-character password which is unpredictable and cannot easily be memorised.

Mohammad Shaad Shaikh 1 Nov 23, 2021
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain

Mohammadreza Sarayloo 382 Jan 01, 2023
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

EntySec 5 May 10, 2022
Extendable payload obfuscation and delivery framework

NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently

123 Dec 19, 2022
Seamless deployment and management of cybersecurity solutions 🏗️

Description 🖼️ Background 👴🏼 Vision 📜 Concepts 💬 Solutions' Lifecycle. Operations ⭕ Functionalities 🚀 Supported Cybersecurity Solutions 📦 Insta

MutableSecurity 36 Nov 10, 2022
INFO 3350/6350, Spring 2022, Cornell

Information Science 3350/6350 Text mining for history and literature Staff and sections Instructor: Matthew Wilkens Graduate TAs: Federica Bologna, Ro

Wilkens Teaching 6 Feb 21, 2022
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods

Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky

Seohong Park 6 Aug 02, 2022