AWVS14 Docker
注:如認為本破解補丁存在某些后門或轉載刪著作權者,請勿使用!
由于傳播、利用此文所提供的資訊而造成的任何直接或者間接的后果及損失,均由使用者本人負責,文章作者不為此承擔任何責任,
XRSec 擁有對此文章的修改和解釋權如欲轉載或傳播此文章,必須保證此文章的完整性,包括著作權宣告等全部內容,未經作者允許,不得任意修改或者增減此文章內容,不得以任何方式將其用于商業目的
Note: if you think that there are some backdoors in this crack patch or those who reprint or delete the copyright, please do not use it!
Any direct or indirect consequences and losses caused by the dissemination and use of the information provided in this article shall be borne by the user himself, and the author of the article shall not bear any responsibility for this.
Xrsec has the right to modify and interpret this article. If you want to reprint or disseminate this article, you must ensure the integrity of this article, including all contents such as copyright notice. Without the permission of the author, the content of this article shall not be modified or increased or decreased arbitrarily, and it shall not be used for commercial purposes in any way
INFO
A new Acunetix Premium update has been released for Windows, Linux, and macOS: 14.4.210816098.
Updates
- Max items shown per page can now be configured
- Updated DeepScan to process hashes in URLs
- Updated Chromium to v92.0.4512.0
- Updated CSV export to include text-only details
- JavaScript library audit now supports merged JavaScript files
- Added support for dev tools in standalone LSR
- Multiple UI updates
- Multiple LSR updates
- The target knowledge base will now be reset when target settings are changed
- Updated the Selenium import to support selectFrame
- Updated the OWASP Top 10 report to include a CVSS score
- Updated the Compliance report to include CWE
- Added an option to enable debug logs for all targets
- Optimisations to the Java and Node.js AcuSensors
- Improved support for Hapi framework in the Node.js AcuSensor
- Added support for find-my-way HTTP router in the Node.js AcuSensor
- Improved ionCube loader-wizard information disclosure check
- Improved cache poisoning DOS checks
- Improved detection of Apache Struts2 remote command execution (S2-052)
- Improved detection of directory traversal vulnerabilities
- Added option to skip testing of login form configured for the Target
- Improved handling of Custom 404 pages
Fixes
- Fixed multiple crashes in the scanner
- Fixed an issue causing some requests to be done to restricted links
- Addressed multiple DeepScan issues
- Paused scans can now be aborted
- Fixed an XPath injection false positive
- Fixed a Bitrix open redirect false positive
- Fixed a Spring boot actuator false negative
- Fixed an issue in the .NET sensor manager – not showing buttons on lower resolutions
Preview
Use
docker run -it -d \
--name awvs \
-p 3443:3443 \
xrsec/awvs:latest
# registry.cn-hangzhou.aliyuncs.com/xrsec/awvs:latest
# --restart=always Automatic restart
https://ip:3443
awvs@awvs.com
Awvs@awvs.com
BuildFile
Dockerfile
FROM ubuntu:18.04
LABEL maintainer="xrsec"
LABEL mail="troy@zygd.site"
RUN mkdir /awvs
COPY awvs.sh /awvs
COPY Dockerfile /awvs
COPY xaa /awvs
COPY xab /awvs
COPY xac /awvs
COPY xad /awvs
COPY xae /awvs
COPY awvs_listen.zip /awvs
COPY hosts /etc/hosts
# init
# RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak \
# && sed -i "s/archive.ubuntu/mirrors.aliyun/g" /etc/apt/sources.list \
# && sed -i "s/security.ubuntu/mirrors.aliyun/g" /etc/apt/sources.list \
# && apt update -y \
RUN apt update -y \
&& apt upgrade -y \
&& apt-get install wget libxdamage1 libgtk-3-0 libasound2 libnss3 libxss1 libx11-xcb-dev libxshmfence1 sudo libgbm-dev curl ncurses-bin unzip -y
# && apt-get install wget libxdamage1 libgtk-3-0 libasound2 libnss3 libxss1 libx11-xcb-dev sudo libgbm-dev curl ncurses-bin unzip -y \
# && mv /etc/apt/sources.list.bak /etc/apt/sources.list
# init_install
RUN cat /awvs/xaa /awvs/xab /awvs/xac /awvs/xad /awvs/xae > /awvs/awvs_x86.sh \
&& chmod 777 /awvs/awvs_x86.sh \
&& sed -i "s/read -r dummy/#read -r dummy/g" /awvs/awvs_x86.sh \
&& sed -i "s/pager=\"more\"/pager=\"cat\"/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -r ans/ans=yes/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p \" Hostname \[\$host_name\]:\" hn/hn=awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/host_name=\$(hostname)/host_name=awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p \" Hostname \[\$host_name\]:\" hn/awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p ' Email: ' master_user/master_user=awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -sp ' Password: ' master_password/master_password=Awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -sp ' Password again: ' master_password2/master_password2=Awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/systemctl/\# systemctl/g" /awvs/awvs_x86.sh \
&& /bin/bash /awvs/awvs_x86.sh
# init_listen
RUN chmod 777 /awvs/awvs.sh \
&& unzip /awvs/awvs_listen.zip -d /home/acunetix/.acunetix/data/license/ \
&& chmod 444 /home/acunetix/.acunetix/data/license/license_info.json \
&& chown acunetix:acunetix /home/acunetix/.acunetix/data/license/wa_data.dat
ENTRYPOINT [ "/awvs/awvs.sh"]
EXPOSE 3443
# ENV TZ='Asia/Shanghai'
# ENV LANG 'zh_CN.UTF-8'
STOPSIGNAL SIGQUIT
CMD ["/awvs/awvs.sh"]
awvs.sh
#!/bin/bash
clear
echo -e "\033[1;31m ______ _ _ _ \033[0m"
echo -e "\033[1;32m | ____| | | | | (_) \033[0m"
echo -e "\033[1;33m | |__ __ _ | |__| | __ _ _ \033[0m"
echo -e "\033[1;34m | __| / _\` | | __ | / _\` | | | \033[0m"
echo -e "\033[1;35m | | | (_| | | | | | | (_| | | | \033[0m"
echo -e "\033[1;36m |_| \__,_| |_| |_| \__,_| |_| \033[0m"
echo -e "\033[1;34m -------------- \033[0m"
echo -e "\033[1;31m __ __ ____ \033[0m"
echo -e "\033[1;32m \ \/ / | _ \ ___ ___ ___ \033[0m"
echo -e "\033[1;33m \ / | |_) | / __| / _ \ / __| \033[0m"
echo -e "\033[1;34m / \ | _ < \__ \ | __/ | (__ \033[0m"
echo -e "\033[1;35m /_/\_\ |_| \_\ |___/ \___| \___| \n\033[0m"
echo -e "\033[1;31m Thank's fahai && TimeLine Sec \n\033[0m"
echo -e "\033[1;32m [ help ] \033[0m"
echo -e "\033[1;35m [ https://www.fahai.org/index.php/archives/140/ ] \033[0m"
echo -e "\033[1;33m [ https://blog.zygd.site/AWVS14%20Docker.html ] \n\033[0m"
su -l acunetix -c /home/acunetix/.acunetix/start.sh
awvs_x86.sh
https://www.fahai.org/index.php/archives/140/
Latest 14.3.210628104
INFO
Version 14 build 14.3.210628104 for Windows, Linux and macOS – 28th June 2021
Updates
- Target Knowledgebase will be reset when Target Settings are changed
- Updated SSL/TLS Certificate expiry threshold notification from 30 days to 60 days
Fixes
- Fixed: OWASP compliance report template to not be available in some Editions
- Fixed: Some scripts where not observing Excluded paths configured in Target settings
ip:3443
awvs@awvs.com
Awvs@awvs.com
Preview
Install
docker run -it -d \
--name awvs \
-p 3443:3443 \
xrsec/awvs:v14
# registry.cn-hangzhou.aliyuncs.com/xrsec/awvs:v14
BuildFile
Dockerfile
FROM ubuntu:18.04
LABEL maintainer="xrsec"
LABEL mail="troy@zygd.site"
RUN mkdir /awvs
COPY awvs.sh /awvs
COPY Dockerfile /awvs
COPY xaa /awvs
COPY xab /awvs
COPY xac /awvs
COPY xad /awvs
COPY xae /awvs
COPY xaf /awvs
COPY awvs_listen.zip /awvs
# init
# RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak \
# && sed -i "s/archive.ubuntu/mirrors.aliyun/g" /etc/apt/sources.list \
# && sed -i "s/security.ubuntu/mirrors.aliyun/g" /etc/apt/sources.list \
# && apt update -y \
RUN apt update -y \
&& apt upgrade -y \
&& apt-get install wget libxdamage1 libgtk-3-0 libasound2 libnss3 libxss1 libx11-xcb-dev sudo libgbm-dev curl ncurses-bin unzip -y
# && apt-get install wget libxdamage1 libgtk-3-0 libasound2 libnss3 libxss1 libx11-xcb-dev sudo libgbm-dev curl ncurses-bin unzip -y \
# && mv /etc/apt/sources.list.bak /etc/apt/sources.list
# init_install
RUN cat /awvs/xaa /awvs/xab /awvs/xac /awvs/xad /awvs/xae /awvs/xaf > /awvs/awvs_x86.sh \
&& chmod 777 /awvs/awvs_x86.sh \
&& sed -i "s/read -r dummy/#read -r dummy/g" /awvs/awvs_x86.sh \
&& sed -i "s/pager=\"more\"/pager=\"cat\"/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -r ans/ans=yes/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p \" Hostname \[\$host_name\]:\" hn/hn=awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/host_name=\$(hostname)/host_name=awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p \" Hostname \[\$host_name\]:\" hn/awvs/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -p ' Email: ' master_user/master_user=awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -sp ' Password: ' master_password/master_password=Awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/read -sp ' Password again: ' master_password2/master_password2=Awvs@awvs.com/g" /awvs/awvs_x86.sh \
&& sed -i "s/systemctl/\# systemctl/g" /awvs/awvs_x86.sh \
&& /bin/bash /awvs/awvs_x86.sh
# init_listen
RUN chmod 777 /awvs/awvs.sh \
&& unzip -d /awvs/awvs_listen /awvs/awvs_listen.zip \
&& chmod 444 /awvs/awvs_listen/license_info.json \
&& cp /awvs/awvs_listen/wvsc /home/acunetix/.acunetix/v_210628104/scanner/ \
&& cp /awvs/awvs_listen/license_info.json /home/acunetix/.acunetix/data/license/ \
&& cp /awvs/awvs_listen/wa_data.dat /home/acunetix/.acunetix/data/license/ \
&& chown acunetix:acunetix /home/acunetix/.acunetix/data/license/wa_data.dat
ENTRYPOINT [ "/awvs/awvs.sh"]
EXPOSE 3443
# ENV TZ='Asia/Shanghai'
# ENV LANG 'zh_CN.UTF-8'
STOPSIGNAL SIGQUIT
CMD ["/awvs/awvs.sh"]
awvs.sh
#!/bin/bash
clear
echo -e "\033[1;31m ______ _ _ _ \033[0m"
echo -e "\033[1;32m | ____| | | | | (_) \033[0m"
echo -e "\033[1;33m | |__ __ _ | |__| | __ _ _ \033[0m"
echo -e "\033[1;34m | __| / _\` | | __ | / _\` | | | \033[0m"
echo -e "\033[1;35m | | | (_| | | | | | | (_| | | | \033[0m"
echo -e "\033[1;36m |_| \__,_| |_| |_| \__,_| |_| \033[0m"
echo -e "\033[1;34m -------------- \033[0m"
echo -e "\033[1;31m __ __ ____ \033[0m"
echo -e "\033[1;32m \ \/ / | _ \ ___ ___ ___ \033[0m"
echo -e "\033[1;33m \ / | |_) | / __| / _ \ / __| \033[0m"
echo -e "\033[1;34m / \ | _ < \__ \ | __/ | (__ \033[0m"
echo -e "\033[1;35m /_/\_\ |_| \_\ |___/ \___| \___| \n\033[0m"
echo -e "\033[1;31m Thank's fahai && TimeLine Sec \n\033[0m"
echo -e "\033[1;32m [ help ] \033[0m"
echo -e "\033[1;35m [ https://www.fahai.org/index.php/archives/128/ ] \033[0m"
echo -e "\033[1;33m [ https://blog.zygd.site/AWVS14%20Docker.html ] \n\033[0m"
su -l acunetix -c /home/acunetix/.acunetix/start.sh
awvs_x86.sh
https://www.fahai.org/index.php/archives/128/
轉載請註明出處,本文鏈接:https://www.uj5u.com/qianduan/295663.html
標籤:其他
上一篇:Ajax入門
下一篇:深拷貝與淺拷貝