Giter Site home page Giter Site logo

jabdy86 / apachetomcatscanner Goto Github PK

View Code? Open in Web Editor NEW

This project forked from p0dalirius/apachetomcatscanner

0.0 0.0 0.0 2.04 MB

A python script to scan for Apache Tomcat server vulnerabilities.

Home Page: https://podalirius.net/

License: GNU General Public License v3.0

Python 99.19% Makefile 0.81%

apachetomcatscanner's Introduction

A python script to scan for Apache Tomcat server vulnerabilities.
PyPI GitHub release (latest by date) Python pip build YouTube Channel Subscribers

Features

  • Multithreaded workers to search for Apache tomcat servers.
  • Multiple target sources accepted:
    • Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets.
    • Reading targets line by line from a file.
    • Reading individual targets (IP/DNS/CIDR) from -tt/--target option.
    • Reading individual targets URLs from -tu/--target-url option.
  • Custom list of ports to test.
  • Tests for /manager/html accessibility.
  • Tests for default credentials to access the Tomcat Manager.
  • List the CVEs of each version with the --list-cves option, print detailed CVEs descriptions with --show-cves-descriptions

Installation

You can now install it from PyPI (latest version is PyPI) with this command:

sudo python3 -m pip install apachetomcatscanner

Usage

$ ./ApacheTomcatScanner.py -h
Apache Tomcat Scanner v3.4 - by @podalirius_

usage: ApacheTomcatScanner.py [-h] [-v] [--debug] [-C] [--show-cves-descriptions] [-T THREADS] [-s] [--no-colors] [--only-http] [--only-https] [--export-xlsx EXPORT_XLSX] [--export-json EXPORT_JSON] [--export-sqlite EXPORT_SQLITE]
                              [-PI PROXY_IP] [-PP PROXY_PORT] [-rt REQUEST_TIMEOUT] [--tomcat-username TOMCAT_USERNAME] [--tomcat-usernames-file TOMCAT_USERNAMES_FILE] [--tomcat-password TOMCAT_PASSWORD]
                              [--tomcat-passwords-file TOMCAT_PASSWORDS_FILE] [-tf TARGETS_FILE] [-tt TARGET] [-tu TARGET_URL] [-tp TARGET_PORTS] [-ad AUTH_DOMAIN] [-ai AUTH_DC_IP] [-au AUTH_USER] [-ap AUTH_PASSWORD]
                              [-ah AUTH_HASHES] [--ldaps] [--subnets]

A python script to scan for Apache Tomcat server vulnerabilities.

options:
  -h, --help            show this help message and exit
  -v, --verbose         Verbose mode. (default: False)
  --debug               Debug mode, for huge verbosity. (default: False)
  -C, --list-cves       List CVE ids affecting each version found. (default: False)
  --show-cves-descriptions
                        Show description of found CVEs. (default: False)
  -T THREADS, --threads THREADS
                        Number of threads (default: 250)
  -s, --servers-only    If querying ActiveDirectory, only get servers and not all computer objects. (default: False)
  --no-colors           Disable colored output. (default: False)
  --only-http           Scan only with HTTP scheme. (default: False, scanning with both HTTP and HTTPs)
  --only-https          Scan only with HTTPs scheme. (default: False, scanning with both HTTP and HTTPs)

Export results:
  --export-xlsx EXPORT_XLSX
                        Output XLSX file to store the results in.
  --export-json EXPORT_JSON
                        Output JSON file to store the results in.
  --export-sqlite EXPORT_SQLITE
                        Output SQLITE3 file to store the results in.

Advanced configuration:
  -PI PROXY_IP, --proxy-ip PROXY_IP
                        Proxy IP.
  -PP PROXY_PORT, --proxy-port PROXY_PORT
                        Proxy port
  -rt REQUEST_TIMEOUT, --request-timeout REQUEST_TIMEOUT
                        Set the timeout of HTTP requests.
  --tomcat-username TOMCAT_USERNAME
                        Single tomcat username to test for login.
  --tomcat-usernames-file TOMCAT_USERNAMES_FILE
                        File containing a list of tomcat usernames to test for login
  --tomcat-password TOMCAT_PASSWORD
                        Single tomcat password to test for login.
  --tomcat-passwords-file TOMCAT_PASSWORDS_FILE
                        File containing a list of tomcat passwords to test for login

Targets:
  -tf TARGETS_FILE, --targets-file TARGETS_FILE
                        Path to file containing a line by line list of targets.
  -tt TARGET, --target TARGET
                        Target IP, FQDN or CIDR.
  -tu TARGET_URL, --target-url TARGET_URL
                        Target URL to the tomcat manager.
  -tp TARGET_PORTS, --target-ports TARGET_PORTS
                        Target ports to scan top search for Apache Tomcat servers.
  -ad AUTH_DOMAIN, --auth-domain AUTH_DOMAIN
                        Windows domain to authenticate to.
  -ai AUTH_DC_IP, --auth-dc-ip AUTH_DC_IP
                        IP of the domain controller.
  -au AUTH_USER, --auth-user AUTH_USER
                        Username of the domain account.
  -ap AUTH_PASSWORD, --auth-password AUTH_PASSWORD
                        Password of the domain account.
  -ah AUTH_HASHES, --auth-hashes AUTH_HASHES
                        LM:NT hashes to pass the hash for this user.
  --ldaps               Use LDAPS (default: False)
  --subnets             Get all subnets from the domain and use them as targets (default: False)

Example

You can also list the CVEs of each version with the --list-cves option:

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.

apachetomcatscanner's People

Contributors

p0dalirius avatar darkiros avatar sandr0x00 avatar luemmelsec avatar s0meguy1 avatar cosad3s avatar tjni avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.