问题模块
POC/漏洞扫描 (POC Scan)
严重程度
功能异常 (Malfunction)
问题描述
fscan v2.2.0-rc.1 版本加上-full参数,报错,扫描内网参数如下:
fscan_2.2.0-rc.1_windows_x64.exe -h 192.168.101.1/24 -full
poc报错如下:
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/services": EOF
[*] https://192.168.101.1 code:200 len:1524 title:None
[+] https://192.168.101.2 code:200 len:258 title:None [vmware-esx]
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/services": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/sql.zip": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/sql.zip": EOF
[!] 目标: http://192.168.101.243:80
[!] 漏洞类型: Test Nuclei Example Template
[!] 漏洞名称: Test Nuclei Example Template
[!] 详细信息:
[!] 作者:fscan-dev
[!] 参考链接:https://github.com/shadow1ng/fscan
[!] 描述:This is a test template to demonstrate Nuclei format support in fscan.
[!] It will be automatically converted to fscan format during loading.
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 表达式评估错误: no such key: Set-Cookie
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/1.sql": EOF
[-] 执行POC错误 poc-yaml-shiro-key: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/": EOF
[-] 执行POC错误 poc-yaml-swagger-ui-unauth: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/swagger/ui/index": EOF
[-] 执行POC错误 poc-yaml-tomcat-manager-weak: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/manager/html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 请求发送错误: 请求执行失败: Head "http://192.168.101.1:443/console/j_security_check": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/1.sql": EOF
复现步骤
fscan_2.2.0-rc.1_windows_x64.exe -h 192.168.101.1/24 -full
错误输出
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/services": EOF
[*] https://192.168.101.1 code:200 len:1524 title:None
[+] https://192.168.101.2 code:200 len:258 title:None [vmware-esx]
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/services": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/sql.zip": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/sql.zip": EOF
[!] 目标: http://192.168.101.243:80
[!] 漏洞类型: Test Nuclei Example Template
[!] 漏洞名称: Test Nuclei Example Template
[!] 详细信息:
[!] 作者:fscan-dev
[!] 参考链接:https://github.com/shadow1ng/fscan
[!] 描述:This is a test template to demonstrate Nuclei format support in fscan.
[!] It will be automatically converted to fscan format during loading.
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 表达式评估错误: no such key: Set-Cookie
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/1.sql": EOF
[-] 执行POC错误 poc-yaml-shiro-key: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/": EOF
[-] 执行POC错误 poc-yaml-swagger-ui-unauth: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/swagger/ui/index": EOF
[-] 执行POC错误 poc-yaml-tomcat-manager-weak: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/manager/html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 请求发送错误: 请求执行失败: Head "http://192.168.101.1:443/console/j_security_check": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/1.sql": EOF
fscan 版本
2.2.0-rc (dev)
操作系统
Windows 11
系统架构
amd64 (x86_64)
补充信息
No response
问题模块
POC/漏洞扫描 (POC Scan)
严重程度
功能异常 (Malfunction)
问题描述
fscan v2.2.0-rc.1 版本加上-full参数,报错,扫描内网参数如下:
fscan_2.2.0-rc.1_windows_x64.exe -h 192.168.101.1/24 -full
poc报错如下:
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/services": EOF
[*] https://192.168.101.1 code:200 len:1524 title:None
[+] https://192.168.101.2 code:200 len:258 title:None [vmware-esx]
[-] 执行POC错误 poc-yaml-apache-axis-webservice-detect: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/services": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/sql.zip": EOF
[-] 执行POC错误 poc-yaml-backup-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/sql.zip": EOF
[!] 目标: http://192.168.101.243:80
[!] 漏洞类型: Test Nuclei Example Template
[!] 漏洞名称: Test Nuclei Example Template
[!] 详细信息:
[!] 作者:fscan-dev
[!] 参考链接:https://github.com/shadow1ng/fscan
[!] 描述:This is a test template to demonstrate Nuclei format support in fscan.
[!] It will be automatically converted to fscan format during loading.
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 表达式评估错误: no such key: Set-Cookie
[-] 执行POC错误 poc-yaml-fckeditor-info: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443//fckeditor/_samples/default.html": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/1.sql": EOF
[-] 执行POC错误 poc-yaml-shiro-key: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/": EOF
[-] 执行POC错误 poc-yaml-swagger-ui-unauth: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/swagger/ui/index": EOF
[-] 执行POC错误 poc-yaml-tomcat-manager-weak: 请求发送错误: 请求执行失败: Get "http://192.168.101.1:443/manager/html": EOF
[-] 执行POC错误 poc-yaml-weblogic-console-weak: 请求发送错误: 请求执行失败: Head "http://192.168.101.1:443/console/j_security_check": EOF
[-] 执行POC错误 poc-yaml-sql-file: 请求发送错误: 请求执行失败: Get "http://192.168.101.2:443/1.sql": EOF
复现步骤
错误输出
fscan 版本
2.2.0-rc (dev)
操作系统
Windows 11
系统架构
amd64 (x86_64)
补充信息
No response