A Modified version of TCC's Osprey poc framework......

Last update: Dec 30, 2022

Related tags

Security related resources firece-fish

Overview

fierce-fish

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写，去掉臃肿功能的精简版本poc框架

PS：真的用不惯其它臃肿的功能，不过作为一个收集漏洞poc && exp的框架还是非常不错的！！！
osprey
For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼，一种比鱼鹰还要凶猛的鱼，由于是osprey的改写版所以取此命名漏洞盒子PoC框架，寓意快，精，准，凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发)，是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口，可供灵活调用，也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt

若执行脚本还是报错，可以根据报错信息提示缺失的模块，手动执行命令(pip3 install ‘缺失模块名')，进行安装...

使用

获取帮助列表：

$ python osprey.py --help

最简单的用法，针对一个目标URL，发起一个PoC做检测：

$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名	poc名称	poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection	vb_2017_0060	Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read	vb_2021_0001	Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information	vb_2021_0002	Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection	vb_2021_0003	LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection	vb_2021_0004	LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read	vb_2021_0005	Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE	vb_2021_0006	Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password	vb_2021_0007	Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection	vb_2021_0008	Weaver OA 8 SQL injection
Weaver OA Bsh RCE	vb_2021_0009	Weaver OA Bsh RCE
Citrix XenMobile Read FIle	vb_2021_0010	Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882	vb_2021_0011	Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read	vb_2021_0012	Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read	vb_2021_0013	Jinher OA Arbitrary File Read
LanProxy Server Read File	vb_2021_0014	LanProxy Server Read File
YApi Remote Code Execute	vb_2021_0015	YApi Remote Code Execute
SaltStack RCE CVE-2020-11651	vb_2021_0016	SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage	vb_2021_0017	Coremail Server Information Leakage
AonarQube Api Information Leakage	vb_2021_0018	AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage	vb_2021_0019	Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage	vb_2021_0020	MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage	vb_2021_0021	ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE	vb_2021_0022	IceWarp WebClient Basic RCE
ShowDoc File Upload	vb_2021_0023	ShowDoc File Upload
Duoke-Web-Server-SQLInjection	vb_2021_0024	Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read	vb_2021_0025	yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak	vb_2021_0026	zhongqingnabo_information_leak
Apache Druid RCE	vb_2021_0027	Apache Druid RCE
Apache Kylin Xielou ReadFile	vb_2021_0028	Apache Kylin Xielou ReadFile
Apache Flink Read File	vb_2021_0029	Apache Flink Read File
Apache Flink Rce	vb_2021_0030	Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead	vb_2021_0031	3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE	vb_2021_0032	IceWarp WebClient Basic RCE
亿赛通命令执行漏洞	vb_2021_0033	亿赛通命令执行漏洞
Atlassian Jira Information disclosure	vb_2021_0034	Atlassian Jira Information disclosure
LANLING OA file read	vb_2021_0035	LANLING OA file read
CISCO Read-Only Path Traversal Vuln	vb_2021_0036	CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell	vb_2021_0037	Seeyon_Ajax_Getshell
待补充	vb_2021_0038	待补充
待补充	vb_2021_0039	待补充
待补充	vb_2021_0040	待补充
待补充	vb_2021_0041	待补充
zyxel_nbg2105_bypass_auth	vb_2021_0042	zyxel_nbg2105_bypass_auth
HIKVISION_file_read	vb_2021_0043	HIKVISION_file_read
CVE_2021_41773_poc_and_exploit	vb_2021_0044	CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit	vb_2021_0045	CVE_2021_42013_poc_and_exploit

特点

体积小

检测效果精准，可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC，请参考 osprey编写规范和要求说明

A Modified version of TCC's Osprey poc framework......

Related tags

Overview

fierce-fish

简介

安装

使用

目前已收录漏洞POC及EXP

特点

poc编写说明相关文档

后续会在本仓库长期更新最新的POC & EXP。:)

Owner

lUc1f3r11

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

MayorSec DNS Enumeration Tool

Automatic SQL injection and database takeover tool

An intranet tool for easily intranet pentesting

DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE

Discord-keylogger - Discord keylogger With Python

A tool to extract the IdP cert from vCenter backups and log in as Administrator

Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Example for the NFT 3D Collectibles using Blender Scripting (Python).

vulnerable APIs

Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet

POC for detecting the Log4Shell (Log4J RCE) vulnerability

An advanced multi-threaded, multi-client python reverse shell for hacking linux systems

Implementation of an attack on a tropical algebra discrete logarithm based protocol

Solución al reto BBVA Contigo, Hack BBVA 2021

APKLeaks - Scanning APK file for URIs, endpoints & secrets.

ONT Analysis Toolkit (OAT)

Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Extensive Python3 network scanner, simplified.