jeffzh3ng / fuxi Goto Github PK
View Code? Open in Web Editor NEWPenetration Testing Platform
License: MIT License
Penetration Testing Platform
License: MIT License
There is a XSS stored on plugin management, when you upload a plugin with a tag script on it (I tested on plugin name), the app evals the tag when you click on Plugin Info button
#!/usr/bin/python
# -*- coding: utf-8 -*-
import binascii
import socket
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register
from pocsuite.api.utils import url2ip
class TestPOC(POCBase):
name = "Doublepulsar<script>alert()</script>"
vulID = ''
author = ['seebug']
vulType = 'Buffer Overflow'
version = '1.0'
references = ['http://paper.seebug.org/279/']
desc = '''Doublepulsar backdoor'''
dockerfile有写错吗?
无法登录
Website Fingerprint module use WhatWeb to detect technologies in website. Sometime, it's miss and not enough. So, i want to add manual for each website, group website. :D Thanks very much!
我直接用1-65535,检测没通过。。。
我不可能把每个端口都写上啊。。而且现在最新都版本,怎么图表功能也消失了?
报错如下:
[root@bogon ~]# docker run --rm -it -p 5001:5000 -v /opt/data:/data jeffzh3ng/fuxi-scanner:latest --privileged=true
mkdir: cannot create directory ‘/data/pocsuite_plugin’: Permission denied
MongoDB shell version v3.6.6
connecting to: mongodb://127.0.0.1:27017
2018-11-07T00:42:30.999+0800 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: Connection refused
2018-11-07T00:42:31.001+0800 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
connect@src/mongo/shell/mongo.js:251:13
不知道各位有没有遇到?
在学习您的代码,请问UI的生成代码有没?
五一过了你在重写吗??
i got this error fuxi_manage.sh: line 12: ./logs/fuxi_celery.log: No such file or directory
fuxi_manage.sh: line 11: ./logs/fuxi_http.log: No such file or directory while running ./fuxi_manage.sh
扫描出的结果如何导出?
如题
如果部署为发布版,可否增加多用户?
DEPRECATION: uvloop is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at pypa/pip#8559
Running setup.py install for uvloop ... error
error: subprocess-exited-with-error
× Running setup.py install for uvloop did not run successfully.
1.好像没有添加扫描网站cookie信息或者登陆信息地方
2.区域选择中文后无效
[root@localhost ~]#
[root@localhost ~]# docker run -dit -p 5000:5000 -v /opt/data:/data -v /etc/localtime:/etc/localtime jeffzh3ng/fuxi-scanner
9e41946eb22a5d67890d696566526954fd4d7ed63930e87b352fa944216b9762
/usr/bin/docker-current: Error response from daemon: driver failed programming external connectivity on endpoint thirsty_saha (c5ab15c536d6eeb8e9aa3a408dd7465dc5841a90cfd4eb6e81cac33ca668be0d): Bind for 0.0.0.0:5000 failed: port is already allocated.
这是什么情况?
docker pull 下来,登录密码whoami不能登录啊
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.