remove exploit

• 支持扫描dismap 识别结果文件-f output.txt
• 种类新增 coremail, ecology, eyou, qianxin, ruijie 漏洞
• POC新增 Apache OFBizCVE-2021-29200CVE-2021-30128
• POC新增 Apache SolrCVE-2021-27905
• POC新增 Fastjson 回显 VER-1224-2 VER-1224-3
• POC新增 Oracle WeblogicCVE-2016-0638CVE-2018-3191CVE-2019-2890

• Support scanningdismap recognition result file-f output.txt
• Added coremail, ecology, eyou, qianxin, ruijie vulnerabilities in categories
• POC added Apache OFBizCVE-2021-29200CVE-2021-30128
• POC added Apache SolrCVE-2021-27905
• POC added Fastjson echo VER-1224-2 VER-1224-3
• POC added Oracle WeblogicCVE-2016-0638CVE-2018-3191CVE-2019-2890

• 改用三个Dnslog轮询，感谢@Buzz2d0提供的hyuga.co
• 内置大部分Python第三方依赖库
• 常规RCE的极致误报处理
• 优化结果,显示,参数等功能模块
• 新增多个PoC包括Exchange, Vmware, BIG-IP, Druid, Laravel, Saltstack, Node.JS等
• 修复多个遗留bug

• Use three Dnslog polls instead, thanks to hyuga.co provided by @Buzz2d0
• Built-in most Python third-party dependency libraries
• The extreme false alarm handling of conventional RCE
• Optimization results, display, parameters and other functional modules
• Added multiple PoCs including Exchange, Vmware, BIG-IP, Druid, Laravel, Saltstack, Node.JS, etc.
• Fix multiple remaining bugs

• 优化输出, 新增 json 输出, 格式与 xray 一致.
• 新增 fastjson 和 spring 漏洞扫描和利用.
• 引入 ceye 检测无回显 rce 漏洞.
• 添加 fofa api 和 shodan api 批量扫描.
• 重构 poc 模块, 重构 vulmap 变为模块化.
• 新添自动指纹识别.
• 替换echo命令为随机md5

• Optimize output, add json output, the format is consistent with xray.
• Added fastjson and spring vulnerability scanning and exploitation.
• Introduce ceye to detect the rce vulnerability without echo.
• Add fofa api and shodan api batch scanning.
• Refactored the poc module and refactored vulmap to become modular.
• Added automatic fingerprint recognition.
• Replace the echo command with random md5

• 新增多线程扫描,默认10线程,可自定义,默认开启协程（扫描变得非常快就对了）
• 支持添加代理扫描,支持socks和http代理
• 可自定义User-Agent
• 又改动--debug, exp模式开debug显示request和responses, poc模式显示扫描漏洞列表
• CVE-2016-4437 Apache Shiro新增三个回显gadget（共6个）,key增至5个
• 新增Apache FlinkCVE-2020-17518 &CVE-2020-17519
• 优化批量扫描和输出

• Newly increased thread scanning, default 10 threads, customizable, open coroutine by default (scanning becomes very fast, right)
• Support adding proxy scanning, support socks and http proxy
• Customizable User-Agent
• Another change --debug, open debug in exp mode to display requests and responses, poc mode to display the list of scan vulnerabilities
• CVE-2016-4437 Apache Shiro added three echo gadgets (6 in total), and the key increased to 5
• Added Apache FlinkCVE-2020-17518 &CVE-2020-17519
• Optimize batch scanning and output

• 新增 ActiveMQCVE-2015-5254
• 新增 ActiveMQCVE-2016-3088
• 新增 Apache Struts2 S2-061
• 新增 Apache UnomiCVE-2020-13942
• 新增 ElasticsearchCVE-2014-3120
• 新增 ElasticsearchCVE-2015-1427
• 优化程序滚动输出
• 增加了URL存活检测
• 添加了URL格式检测和拼接，支持ip:port，ip
• 优化了--output输出格式
• 修复多个struts2误报
• 重构--debug功能，为配合-v使用显示requests和reponse
• 修复多个小问题

• 新蹭 WeblogicCVE-2020-14882
• 新蹭 WeblogicCVE-2020-2883
• 新蹭 WeblogicCVE-2020-2555
• 新蹭 DrupalCVE-2019-6340
• 修复了windows中input乱码
• 修复了port提取问题
• 修改了依赖项目
• 修复多个小bug

• 修改了默认检测命令，使用echo替代netstat
• 修复了Drupal、Jenkins、Nexus的POC误报问题
• 重构Weblogic部分POC
• 新增Apache Shiro:CVE-2016-4437
• 新增ThinkPHP:CVE-2019-9082
• 新增ThinkPHP:CVE-2018-20062
• 修复批量模式下漏洞检测失败问题
• 修复批量模式下提取url问题
• 修复多个Bug
• ... ...

2020-10-10
Vulmap First version

• Vulnerability scan
• Vulnerability Exploit
• Custom command
• Batch scan
• File output
• Delayed scan
• Debug mode
• ... ...