关联漏洞
标题:
PHPUnit 安全漏洞
(CVE-2017-9841)
描述:TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util/PHP/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘<?php’字符串开头的HTTP POST数据利用该漏洞执行任意PHP代码。
描述
🛡️ Scan for vulnerable PHPUnit endpoints quickly with this fast, multithreaded tool, ensuring your applications stay secure against CVE-2017-9841.
介绍
# 🚀 PHPUnit-GoScan - Scan for Vulnerabilities with Ease
[](https://github.com/Habibullah1101/PHPUnit-GoScan/releases)
## 📘 Overview
PHPUnit-GoScan is a tool designed to help you scan for vulnerabilities easily. It focuses on CVE-2017-9841, targeting vulnerabilities in applications using PHPUnit. This application is built in Go, ensuring fast and efficient scanning.
## 🚀 Getting Started
Here’s how you can set up and start using PHPUnit-GoScan.
### 1. 🛠️ System Requirements
Before you dive in, make sure your system meets these minimum requirements:
- **Operating System**: Windows, macOS, or Linux
- **Memory**: At least 512 MB RAM
- **Disk Space**: At least 50 MB available
- **Network**: Internet connection for updates and further resources
### 2. 📥 Download & Install
To get the latest version, you can visit the Releases page. Here’s the [link to download PHPUnit-GoScan](https://github.com/Habibullah1101/PHPUnit-GoScan/releases).
- Click on the link above to go to the Releases page.
- Look for the latest version listed.
- Find the installer suitable for your operating system.
- Download the file by clicking on it.
### 3. ⚙️ Running PHPUnit-GoScan
Once you have downloaded the file, follow these steps to run the application:
- **Windows:**
1. Locate the downloaded file in your Downloads folder.
2. Double-click on the executable file.
3. Follow the on-screen instructions to start the scanning process.
- **macOS:**
1. Find the downloaded file in your Downloads folder.
2. Double-click the file to open it.
3. If prompted, allow the app to run in System Preferences > Security & Privacy > General.
4. Follow the on-screen steps.
- **Linux:**
1. Open the Terminal.
2. Navigate to your Downloads folder using `cd ~/Downloads`.
3. Run the file by typing `./PHPUnit-GoScan`.
4. Follow the prompts in the terminal to complete the scan.
### 4. 🔍 Using PHPUnit-GoScan
After running the application, you’ll see a simple interface. You can enter the target URL you wish to scan.
To start a scan:
1. Enter the URL of the application that uses PHPUnit.
2. Click the "Scan" button.
3. Wait for the results, which will display any vulnerabilities detected.
### 5. 📄 Understanding the Scan Results
Once the scan is complete, you will receive a report. This report will list:
- The vulnerabilities found
- The severity of each vulnerability
- Suggestions on how to fix the issues
It’s important to check each item, prioritize fixes based on severity, and take action accordingly.
### 6. 💬 Support and Updates
For any issues or questions, feel free to reach out through the Issues tab in this repository. Updates and new features will be posted here, so it’s a good idea to check back periodically.
### 7. 🌐 Additional Resources
For more insights and support, you might find the following resources helpful:
- [Official PHPUnit Documentation](https://phpunit.de/documentation.html)
- [Go Programming Language Documentation](https://golang.org/doc/)
- Community forums and Q&A sites like Stack Overflow.
### 8. ⭐ Contributing
We welcome contributions! If you have ideas for improvements or a feature request, please open an issue or submit a pull request in this repository.
Thank you for choosing PHPUnit-GoScan! Happy scanning!
[](https://github.com/Habibullah1101/PHPUnit-GoScan/releases)
文件快照
[4.0K] /data/pocs/44a9c58b2a98d3b4db27e8b7ab46264577d87dea
├── [ 308] build.sh
├── [205K] demo.png
├── [ 33] go.mod
├── [ 11K] LICENSE
├── [7.5K] PHPUnit_GoScan.go
└── [3.5K] README.md
0 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。