vulnerscom / burp-vulners-scanner Goto Github PK
View Code? Open in Web Editor NEWVulnerability scanner based on vulners.com search API
License: GNU Lesser General Public License v3.0
Vulnerability scanner based on vulners.com search API
License: GNU Lesser General Public License v3.0
Hi,
Your domain is blocked in my organization. I tried to load the rules manually, but they are not loading.
Is there a way to achieve this?
Otherwise, can that be implemented?
Thanks!
org.json.JSONException: A JSONObject text must end with '}' at 32021 [character 9 line 914]
at org.json.JSONTokener.syntaxError(JSONTokener.java:451)
at org.json.JSONObject.(JSONObject.java:201)
at org.json.JSONTokener.nextValue(JSONTokener.java:380)
at org.json.JSONObject.(JSONObject.java:215)
at org.json.JSONTokener.nextValue(JSONTokener.java:380)
at org.json.JSONObject.(JSONObject.java:215)
at org.json.JSONObject.(JSONObject.java:319)
at burp.HttpClient.parseResponse(HttpClient.java:51)
at burp.HttpClient.get(HttpClient.java:43)
at burp.VulnersService.loadRules(VulnersService.java:133)
at burp.BurpExtender.initPassiveScan(BurpExtender.java:41)
at com.codemagi.burp.PassiveScan.initialize(PassiveScan.java:37)
at com.codemagi.burp.BaseExtender.registerExtenderCallbacks(BaseExtender.java:49)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at burp.gsu.lambda$registerExtenderCallbacks$0(Unknown Source)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
I can see following output in the Error log for this extender:
at burp.fcg.addScanIssue(Unknown Source)
at burp.uvb.addScanIssue(Unknown Source)
at burp.jbf.addScanIssue(Unknown Source)
at burp.VulnersService$1.onScannerSuccess(VulnersService.java:89)
at burp.VulnersRestCallback.onSuccess(VulnersRestCallback.java:42)
at burp.VulnersRestCallback.completed(VulnersRestCallback.java:60)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:82)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:75)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:432)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:325)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:123)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:745)
java.lang.IllegalArgumentException: Invalid offsets: the list should be in sequence and offsets should not overlap.
at burp.fcg.addScanIssue(Unknown Source)
at burp.uvb.addScanIssue(Unknown Source)
at burp.jbf.addScanIssue(Unknown Source)
at burp.VulnersService$1.onScannerSuccess(VulnersService.java:89)
at burp.VulnersRestCallback.onSuccess(VulnersRestCallback.java:42)
at burp.VulnersRestCallback.completed(VulnersRestCallback.java:60)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:82)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:75)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:432)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:325)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:123)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:745)
java.lang.IllegalArgumentException: Invalid offsets: the list should be in sequence and offsets should not overlap.
at burp.fcg.addScanIssue(Unknown Source)
at burp.uvb.addScanIssue(Unknown Source)
at burp.jbf.addScanIssue(Unknown Source)
at burp.VulnersService$1.onFail(VulnersService.java:103)
at burp.VulnersRestCallback.completed(VulnersRestCallback.java:56)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:82)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:75)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:432)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:325)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:123)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:745)
java.lang.IllegalArgumentException: Invalid offsets: the list should be in sequence and offsets should not overlap.
at burp.fcg.addScanIssue(Unknown Source)
at burp.uvb.addScanIssue(Unknown Source)
at burp.jbf.addScanIssue(Unknown Source)
at burp.VulnersService$1.onFail(VulnersService.java:103)
at burp.VulnersRestCallback.completed(VulnersRestCallback.java:56)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:82)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:75)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:432)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:325)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:123)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:745)
Is it possible to fix it? I didn't add/alter any rules, only those default ones, freshly loaded from vulners.com are used.
Thanks
Can you upload this extension to BurpSuite BApp store?
Hello,
I doubt this is a valid finding (high, firm) as it looks to me the server banner was just taken and a lookup was performed:
For this the IIS from 2008R2 shouldn't have been patched. One cannot tell from the outside -- at least not by looking at this banner.
Can this be either taken out or at least changed to info/firm, then at least not supplying the CVEs?
Thx, Dirk
I noticed that activating the use of a proxy and afterwards changing the proxies host and port will not set the proxy correctly. Only changing the option to use a proxy will finally set the altered settings.
for example:
When I open Burp from CMD, and load the newest version of Extender from official BApp store, I can see following exception in CMD window:
C:\Program Files\BurpSuitePro>java -jar burpsuite_pro.jar
com.mashape.unirest.http.exceptions.UnirestException: java.net.UnknownHostException: vulners.com
at com.mashape.unirest.http.HttpClientHelper$1.failed(HttpClientHelper.java:86)
at org.apache.http.concurrent.BasicFuture.failed(BasicFuture.java:134)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler.failed(AbstractClientExchangeHandler.java:419)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler.connectionRequestFailed(AbstractClientExchangeHandler.java:335)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler.access$100(AbstractClientExchangeHandler.java:62)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler$1.failed(AbstractClientExchangeHandler.java:378)
at org.apache.http.concurrent.BasicFuture.failed(BasicFuture.java:134)
at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager$InternalPoolEntryCallback.failed(PoolingNHttpClientConnectionManager.java:503)
at org.apache.http.concurrent.BasicFuture.failed(BasicFuture.java:134)
at org.apache.http.nio.pool.AbstractNIOConnPool.fireCallbacks(AbstractNIOConnPool.java:453)
at org.apache.http.nio.pool.AbstractNIOConnPool.lease(AbstractNIOConnPool.java:285)
at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager.requestConnection(PoolingNHttpClientConnectionManager.java:265)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler.requestConnection(AbstractClientExchangeHandler.java:363)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.start(DefaultClientExchangeHandlerImpl.java:125)
at org.apache.http.impl.nio.client.InternalHttpAsyncClient.execute(InternalHttpAsyncClient.java:141)
at org.apache.http.impl.nio.client.CloseableHttpAsyncClient.execute(CloseableHttpAsyncClient.java:74)
at org.apache.http.impl.nio.client.CloseableHttpAsyncClient.execute(CloseableHttpAsyncClient.java:107)
at org.apache.http.impl.nio.client.CloseableHttpAsyncClient.execute(CloseableHttpAsyncClient.java:91)
at com.mashape.unirest.http.HttpClientHelper.requestAsync(HttpClientHelper.java:102)
at com.mashape.unirest.request.BaseRequest.asJsonAsync(BaseRequest.java:76)
at burp.VulnersService.loadRules(VulnersService.java:165)
at burp.BurpExtender.initPassiveScan(BurpExtender.java:32)
at com.codemagi.burp.PassiveScan.initialize(PassiveScan.java:37)
at com.codemagi.burp.BaseExtender.registerExtenderCallbacks(BaseExtender.java:49)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at burp.mch.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.UnknownHostException: vulners.com
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(Unknown Source)
at java.net.InetAddress.getAddressesFromNameService(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at org.apache.http.impl.conn.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:45)
at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager$InternalAddressResolver.resolveRemoteAddress(PoolingNHttpClientConnectionManager.java:608)
at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager$InternalAddressResolver.resolveRemoteAddress(PoolingNHttpClientConnectionManager.java:579)
at org.apache.http.nio.pool.AbstractNIOConnPool.processPendingRequest(AbstractNIOConnPool.java:426)
at org.apache.http.nio.pool.AbstractNIOConnPool.lease(AbstractNIOConnPool.java:275)
... 19 more
Is it possible you gracefully reported to user (in my case, I'm behind firewall and I need properly set proxy to load the database) that the URL is unreachable, instead throwing this exception?
Thanks
Hi,
thx for your tremendously useful software.
I think there's a misinterpretation of the web server header / banner: Server: Apache-Coyote/1.1
. To my knowledge all version of Tomcat and friends have that banner.
Issue detail
The following vulnerabilities for software Apache Coyote (Tomcat) - 1.1 found:
CVE-2013-4286 - 5.8 - CVE-2013-4286 Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification...
CVE-2013-4590 - 4.3 - CVE-2013-4590 Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML documen...
[..]
CVE-2005-2090 - 4.3 - CVE-2005-2090 Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a...
[..]
Cheers, Dirk
Sep 01, 2018 4:44:42 PM org.apache.http.client.protocol.ResponseProcessCookies processCookies
WARNING: Invalid cookie header: "Set-Cookie: vulnersSession=YV5C4G8V9U5J3NUFO86RIGPNT2ZUVYCP00LC3YN9OPZYZ7S60TL2TVNWZMAIR459BUVC1S8PQZK62XHIYHYMRRRD306U99NCW0P951J5R0CD6S4MEE833F877J6D3OS3:8UhRTZbJHiHdLZoF7j8oUMf9tuw; Domain=.vulners.com; expires=Sat, 01 Sep 2018 14:44:52 GMT; HttpOnly; Max-Age=10; Path=/; Secure". Invalid 'expires' attribute: Sat, 01 Sep 2018 14:44:52 GMT
Sep 01, 2018 4:44:43 PM org.apache.http.client.protocol.ResponseProcessCookies processCookies
WARNING: Invalid cookie header: "Set-Cookie: vulnersSession=BLLNIX9BV3XJNFQKRWW691GYS629ASOC22TQ5AO0LRADDTGEYG8C15I5U5H8H6VK61GYYANGKWPIN1PBKSVMCBNUF6Y5PNLP9OJF4L1FBR23BZ7WV7IZNZYHFFQV56IQ:Wg16vwdvh5JSOHmkDccL054Elv8; Domain=.vulners.com; expires=Sat, 01 Sep 2018 14:44:53 GMT; HttpOnly; Max-Age=10; Path=/; Secure". Invalid 'expires' attribute: Sat, 01 Sep 2018 14:44:53 GMT
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
com.mashape.unirest.http.exceptions.UnirestException: java.lang.IllegalArgumentException: Invalid offsets: the list should be in sequence and offsets should not overlap.
at com.mashape.unirest.http.HttpClientHelper$1.failed(HttpClientHelper.java:86)
at org.apache.http.concurrent.BasicFuture.failed(BasicFuture.java:134)
at org.apache.http.impl.nio.client.AbstractClientExchangeHandler.failed(AbstractClientExchangeHandler.java:419)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.exception(HttpAsyncRequestExecutor.java:154)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:278)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:123)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.IllegalArgumentException: Invalid offsets: the list should be in sequence and offsets should not overlap.
at burp.v0d.addScanIssue(Unknown Source)
at burp.nb.addScanIssue(Unknown Source)
at burp.aph.addScanIssue(Unknown Source)
at burp.VulnersService$1.onScannerSuccess(VulnersService.java:89)
at burp.VulnersRestCallback.onSuccess(VulnersRestCallback.java:42)
at burp.VulnersRestCallback.completed(VulnersRestCallback.java:60)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:82)
at com.mashape.unirest.http.HttpClientHelper$1.completed(HttpClientHelper.java:75)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:432)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:325)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
... 10 more
Hi, in burp-vulners-scanner-1.2, duplicate classes with the same fully-qualified name org.objectweb.asm.Type.getObjectType are included in two different libraries, i.e., org.ow2.asm:asm:5.0.3 and asm:asm:3.0.
According to "first declaration wins" class loading strategy, only this class in asm:asm:3.0 can be loaded, and that in org.ow2.asm:asm:5.0.3 will be shadowed.
By further analyzing, your project expects to invoke method org.objectweb.asm.Type.getObjectType in org.ow2.asm:asm:5.0.3. As it has been shadowed, so that this method defined in asm:asm:3.0 are actually forced to be referenced via the following invocation path:
<burp.VulnersService: checkSoftware(Ljava/lang/String;Lburp/models/Software;Lburp/IHttpRequestResponse;Ljava/util/List;)V> /root/sensor/unzip/burp-vulners-scanner-1.2/target/classes
<com.googlecode.concurrentlinkedhashmap.ConcurrentHashMapV8: get(Ljava/lang/Object;)Ljava/lang/Object;> /root/.m2/repository/com/googlecode/concurrentlinkedhashmap/concurrentlinkedhashmap-lru/1.4.2/concurrentlinkedhashmap-lru-1.4.2.jar
<org.apache.commons.lang3.time.DurationFormatUtils$Token: equals(Ljava/lang/Object;)Z> /root/.m2/repository/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar
<org.objectweb.asm.tree.analysis.BasicValue: toString()Ljava/lang/String;> /root/.m2/repository/org/ow2/asm/asm-analysis/5.0.3/asm-analysis-5.0.3.jar
<org.objectweb.asm.tree.analysis.BasicValue: <clinit>()V> /root/.m2/repository/org/ow2/asm/asm-analysis/5.0.3/asm-analysis-5.0.3.jar
<org.objectweb.asm.Type: getObjectType(Ljava/lang/String;)Lorg/objectweb/asm/Type;>
Workaround solution:
An easy way to workaround the problem is reversing the declaration order of these two libraries (i.e., reverse the declaration order of httpclient and maven-resolver-transport-http) in pom file.
Then, according to "first declaration wins" class loading strategy, class org.objectweb.asm.Type.getObjectType in org.ow2.asm:asm:5.0.3 can be loaded (the version that burp-vulners-scanner-1.2 expects to reference by static analysis).
This fix will not affect other libraries or class, except the above duplicate class.
[INFO] burp-vulners-scanner:burp-vulners-scanner:jar:1.2
[INFO] +- com.codemagi:burp-suite-utils:jar:LATEST:compile
[INFO] | - net.portswigger.burp.extender:burp-extender-api:jar:LATEST:compile
[INFO] +- com.intellij:forms_rt:jar:7.0.3:compile
[INFO] | +- asm:asm-commons:jar:3.0:compile
[INFO] | | - asm:asm-tree:jar:3.0:compile
[INFO] | | - asm:asm:jar:3.0:compile
[INFO] | +- com.jgoodies:forms:jar:1.1-preview:compile
[INFO] | - jdom:jdom:jar:1.0:compile
[INFO] +- org.jtwig:jtwig-core:jar:5.85.3.RELEASE:compile
[INFO] | +- org.jtwig:jtwig-reflection:jar:5.85.3.RELEASE:compile
[INFO] | | +- (com.google.guava:guava:jar:18.0:compile - omitted for duplicate)
[INFO] | | +- (org.apache.commons:commons-lang3:jar:3.1:compile - omitted for duplicate)
[INFO] | | - (org.slf4j:slf4j-api:jar:1.7.12:compile - omitted for duplicate)
[INFO] | +- com.google.guava:guava:jar:18.0:compile
[INFO] | +- org.apache.commons:commons-lang3:jar:3.1:compile
[INFO] | +- org.parboiled:parboiled-java:jar:1.1.7:compile
[INFO] | | +- org.parboiled:parboiled-core:jar:1.1.7:compile
[INFO] | | +- org.ow2.asm:asm:jar:5.0.3:compile
[INFO] | | +- org.ow2.asm:asm-tree:jar:5.0.3:compile
[INFO] | | | - (org.ow2.asm:asm:jar:5.0.3:compile - omitted for duplicate)
[INFO] | | +- org.ow2.asm:asm-analysis:jar:5.0.3:compile
[INFO] | | | - (org.ow2.asm:asm-tree:jar:5.0.3:compile - omitted for duplicate)
[INFO] | | - org.ow2.asm:asm-util:jar:5.0.3:compile
[INFO] | | - (org.ow2.asm:asm-tree:jar:5.0.3:compile - omitted for duplicate)
[INFO] | +- org.slf4j:slf4j-api:jar:1.7.12:compile
[INFO] | - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:jar:1.4.2:compile
[INFO] - org.json:json:jar:20160810:compile
Thank you very much.
Best,
Coco
I installed the extension from the BApp store and am browsing a target web app that clearly has many software version disclosures through various HTTP response headers (.NET MVC application on IIS). I also have Logger++ running. At no point does the extension identify any of the the response headers, and at no point does the extension attempt to reach out to the vulners database. The only time the vulners extension generates any network activity is when I load the detection signatures through its configuration interface. Is this extension still functional? is this project still supported?
Given a site "www.notrealsite.com" with header: X-Powered-By: PHP/5.3.3
The extension outputs:
[Vulners] start check for domain www.notrealsite.com for software PHP, headers/5.3.3 : https://vulners.com/api/v3/burp/software/?software=cpe%3A%2Fa%3Aphp%3Aphp&version=5.3.3&type=cpe
But does not report anything in Burp.
Opening this URL manually:
https://vulners.com/api/v3/burp/software/?software=cpe%3A%2Fa%3Aphp%3Aphp&version=5.3.3&type=cpe
returns this:
{
"result": "warning",
"data": {
"warning": "Too much results - 70 for the query (cpe:"cpe:/a:php:php" AND (cpe:5.3.3* OR (description:"5.3.3" AND NOT ("before version 5.3.3" OR "< 5.3.3" OR "less than 5.3.3" OR "before 5.3.3" OR "prior to 5.3.3")))) OR (description:"php" AND description:"5.3.3" AND title:"php" AND bulletinFamily:exploit AND NOT ("before version 5.3.3" OR "< 5.3.3" OR "less than 5.3.3" OR "before 5.3.3" OR "prior to 5.3.3") AND -type:seebug) with software:cpe:/a:php:php version:5.3.3",
"errorCode": 402
}
}
I should mention i am using Burp 2.0.12beta
I'm testing a website generated with Sitefinity vulnerable version (https://vulners.com/nessus/TELERIK_UI_FOR_ASPNET_AJAX_CVE-2017-9248.NASL). There are few tags in the source code with its references:
<meta name="Generator" content="Sitefinity 8.0.5700.0 PE" />
<link href="/Telerik.Web.UI.WebResource.axd?d=db0VBNCGqiCBC3Vgke_pPFchlOHtWXWZy5yiIL7Xkw4BKD4t0egHi-CSQGlanoHiwNHz42KiKocVdBEET-qqRKf7mRxdch7uo9JWF6hDykNfKCdduw1nCwUiwqEWEwuKQ2&t=63524329720342&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d8.0.5700.0
<script type="text/javascript">
--
| //<![CDATA[
| ;(function() {
| function loadHandler() {
| var hf = $get('ctl05_TSSM');
| if (!hf._RSSM_init) { hf._RSSM_init = true; hf.value = ''; }
| hf.value += ';Telerik.Sitefinity.Resources, Version=8.0.5700.0, Culture=neutral, PublicKeyToken=b28c218413bd3:en:da474b-bbb5-4a2a-9b18-29b468be39f7:7a90d6a:d271177c:dff30785';
(the binaries strings were modified).
However, burp plugin does not detect it. Please add a rule for it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.