来源

关联漏洞

描述

全网首发 The first Vite scanner on the entire network Automatic target asset collection via FOFA Multi-threaded concurrent scanning Automatic CSV report generation

介绍

# Vite Dev Server Vulnerability Scanner

### 一个内外网通吃的自动化扫描器
### [中文版说明点击此处](README-CN.md)

[![Python Version](https://img.shields.io/badge/python-3.6%2B-blue)](https://www.python.org/)
[![License](https://img.shields.io/badge/license-MIT-green)](LICENSE)
[![FOFA](https://img.shields.io/badge/FOFA-API-orange)](https://fofa.info/)

An automated tool for scanning Vite development server vulnerabilities. This tool utilizes the FOFA API to collect potential targets and automatically detects specific vulnerabilities.

## Features

- Auto
  - Automatic target asset collection via FOFA
  - Multi-threaded concurrent scanning
  - Automatic CSV report generation

- Manual
  - Manual target asset collection via CIDR
  - Multi-threaded concurrent scanning
  - Import targets from TXT
  - Import payload from TXT
  - Automatic CSV report generation

## Screenshots - Auto Mode
![image](/images/colorful_main.png)
## Screenshots - Manual Mode
![image](/images/manual1.png)

## Requirements

- Python 3
- FOFA API account‘

## Vulnerability Details
- CVE ID: CVE-2025-30208
- Vulnerability Name: Vite Dev Server Unauthorized Access
- Description: The Vite development server contains an unauthorized access vulnerability that allows attackers to access sensitive information through specific URLs.
- Affected Versions: Vite versions >=6.2.0, <=6.2.2, >=6.1.0, <=6.1.1, >=6.0.0, <=6.0.11, >=5.0.0, <=5.4.14, <=4.5.9
- In plain terms: `server.fs.deny` is a configuration option in the Vite development server that restricts access to the server's file system. This option allows developers to set an array of regular expressions to block access to specific files. While this is an important security feature designed to prevent unauthorized access to sensitive files on the server, the mechanism can be bypassed by appending `?raw??` or `?import&raw??` to the URL. If the target file exists, its contents can be directly accessed. This leads to the following potential security risks:
  - Reading arbitrary files on the server
  - Accessing system configuration files
  - Obtaining sensitive application information
  - Probing server directory structure

## Configuration

Create a `.env` file in the project root directory with the following content:

```plaintext
FOFA_EMAIL=your_email@example.com
FOFA_KEY=your_fofa_api_key
COUNTRY=AU
```

Common country codes:
- CN: China
- US: United States
- AU: Austrailia
- DE: Germany
- CA: Canada
- FR: France
- GB: United Kingdom
- IN: India
- JP: Japan
- RU: Russia
- ZA: South Africa
- BR: Brazil
- MX: Mexico
- ES: Spain
- ...etc

## Usage - FOFA

```bash
pip install -r requirements.txt
python main.py
```
## Usage - CIDR

![image](/images/clihelp.png)

```bash
# Install dependencies
pip install -r requirements.txt
# Get help
python manual.py -h

usage: manual.py [-h] [-t TARGETS] [-f FILE] [-p PORTS] [-d DICT]

Vite Dev Server Vulnerability Scanner - Manual Mode

options:
  -h, --help            show this help message and exit
  -t TARGETS, --targets TARGETS
                        Target IP addresses, supports single IP, CIDR format (e.g., 192.168.1.0/24) or
                        domain, separate multiple targets with commas
  -f FILE, --file FILE  Load targets from file (one target per line)
  -p PORTS, --ports PORTS
                        Port list, separate with commas (default: 80,443,3000,5173,8080)
  -d DICT, --dict DICT  Custom dictionary file path (format: one path per line, lines starting with #
                        are ignored)
# Scan 192.168.1.0/24 with default ports
python manual.py -t 192.168.1.0/24
```

## Configuration Parameters

The following parameters can be adjusted in `main.py`:

- `MAX_PAGE`: Maximum number of query pages (default: 5)
- `RESULTS_PER_PAGE`: Results per page (default: 100)
- `TIMEOUT`: Request timeout in seconds (default: 10)
- `MAX_THREADS`: Maximum concurrent threads (default: 20)

## Output

![image](/images/result.png)

Scan results will be saved in `vite_vulnerable_targets.csv` with the following fields:

- url: Target URL
- vulnerable_url: Vulnerability URL
- status_code: HTTP status code
- domain: Domain name
- ip: IP address

## Disclaimer

This tool is intended for security research and authorized testing only. Do not use for illegal purposes. Ensure you have proper authorization before testing any targets.

## License

[MIT License](LICENSE)

## References
- [NTST](https://nvd.nist.gov/vuln/detail/CVE-2025-30208)
- [Github Security Issue](https://github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w)

文件快照

 [4.0K]  /data/pocs/987c7a886dc01cc9c945426dcfab302ee952ee87
├── [4.0K]  images
│   ├── [101K]  clihelp.png
│   ├── [ 97K]  colorful_main.png
│   ├── [838K]  image.png
│   ├── [309K]  manual1.png
│   └── [104K]  result.png
├── [1.0K]  LICENSE
├── [6.9K]  main.py
├── [ 11K]  manual.py
├── [4.3K]  README-CN.md
├── [4.5K]  README.md
├── [ 137]  requiremens.txt
├── [1.8K]  sensitive_files.json
├── [2.6K]  sensitive_urls.txt
└── [  19]  targets.txt

1 directory, 14 files

备注