关联漏洞
标题:
PHPUnit 安全漏洞
(CVE-2017-9841)
描述:TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util/PHP/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘<?php’字符串开头的HTTP POST数据利用该漏洞执行任意PHP代码。
描述
"Argus" is a security tool designed to scan a list of websites for a known vulnerability in the PHPUnit framework, specifically the CVE-2017-9841 vulnerability. The tool attempts to exploit this vulnerability to verify its existence.
介绍
# Argus PHPUnit Scanner
<img width="358" height="358" alt="image" src="https://github.com/user-attachments/assets/e10d6173-c6cf-42ed-8ae6-c89d88493da9" />
A sophisticated security tool designed to detect PHPUnit eval-stdin.php vulnerabilities in web applications. Named after Argus Panoptes, the all-seeing giant with a hundred eyes from Greek mythology, this tool vigilantly watches over web applications to identify vulnerable installations of PHPUnit that could lead to remote code execution.
## 🔍 Features
- **Multi-threaded scanning** for efficient testing of multiple targets
- **Intelligent payload generation** with unique identifiers for accurate validation
- **Multiple vulnerability path checking** across common web application structures
- **Automatic response validation** to confirm actual vulnerabilities
- **Detailed logging** of vulnerable sites and errors
- **Colorful terminal output** with real-time progress tracking
- **Configurable timeout and retry mechanisms** for reliable scanning
## 📋 Requirements
- Python 3.6+
- Required Python packages (see installation section)
- List of target domains/IPs to scan
## 🚀 Installation
1. Clone the repository:
```
git clone https://github.com/joelindra/Argus.git
cd Argus
```
2. Install the required dependencies:
```
pip install -r requirements.txt
```
Or install dependencies manually:
```
pip install requests colorama tqdm pyfiglet termcolor urllib3
```
## 💻 Usage
1. Create a text file containing a list of target websites (one per line)
2. Run the script:
```
python3 argus.py
```
3. When prompted, enter:
- The path to your target list file
- The number of concurrent threads to use (default: 10)
4. The scanner will begin checking each site for the PHPUnit vulnerability
## 📊 Output
The script creates a `results` directory containing:
- `vulnerable_[timestamp].txt` - Detailed information about vulnerable sites
- `errors_[timestamp].txt` - Error logs for debugging
## 🔍 How It Works
Just as Argus Panoptes kept watch with his hundred eyes, this tool works by:
1. Attempting to access various paths where the vulnerable `eval-stdin.php` file is commonly found
2. Sending specially crafted PHP code that generates a unique fingerprint
3. Analyzing responses to confirm code execution
4. Recording confirmed vulnerabilities for further investigation
## ⚠️ Disclaimer
This tool is intended for legitimate security testing with proper authorization. Using this tool against systems without explicit permission may be illegal. The author is not responsible for any misuse of this software.
## 👨💻 Author
**Joel Indra**
- GitHub: [github.com/joelindra](https://github.com/joelindra)
## 📜 License
This project is licensed under the MIT License - see the LICENSE file for details.
文件快照
[4.0K] /data/pocs/9de35e57e483ff7b7103bc7e8de5e857ff8e617f
├── [9.3K] argus.py
├── [2.8K] README.md
└── [ 50] requirements.txt
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。