As we all know, when a new security vulnerability is announced, it will attract a lot of attention. How to quickly find websites with vulnerabilities is very important for hackers.
Spending too much time searching for your goals will result in you missing out on more opportunities and money.
ZoomEye is a powerful cyberspace mapping tool that can help us find the assets we need. Just visit https://www.zoomeye.hk and check the Query Description on the right side of the search box. Trust me, these syntaxes are very simple.
In this article, I will use ZoomEye to quickly find which websites use vulnerable components. And use some techniques to quickly verify vulnerabilities.
I get very excited when I see details about a new vulnerability on Twitter, and I want to look for websites that have the vulnerability.
I checked the relevant information of CVE-2024–23334 and found that it is a directory traversal vulnerability related to aiohttp. When aiohttp < 3.9.2, if the follow_symlinks option is set to True, it will not check whether the read file is located in the set root directory.
Therefore, you need to look for websites that contain aiohttp components. But it’s not easy for newbies.
Fortunately, ZoomEye has already classified it to help us find components quickly. I entered app: “aiohttp”, and in the search results, I saw the content I hoped for through the banner. How kind aiohttp is.
I often use a combination of ZoomEye and Nuclei to verify vulnerabilities. Nuclei is a powerful scanning tool based on YAML and has rich plugins.
The active community has a steady stream of scanning plug-ins. Whenever new vulnerabilities are announced, you will definitely be surprised when you go to Nuclei’s template warehouse.
So I went to the Nuclei template repository to look for CVE-2024–23334 and found the relevant template.(https://github.com/projectdiscovery/nuclei-templates/blob/603f8a96e40ab87788e859b5224c32f4f123fc96/http/cves/2024/CVE-2024-23334.yaml)
Of course, you can choose to find the target on the ZoomEye query page, but it will be faster to download the assets. Generally speaking, 500 items are enough.
Just like this, you can quickly scan out vulnerable websites. And ZoomEye will frequently update these websites to ensure their survival.
If I use the downloaded file, I just need to specify the file, and modify the command.
nuclei -t ./http/cves/2024/CVE-2024-23334.yaml -l test.txtLikewise, I saw the article about CVE-2024–20767 today and wanted to look for these vulnerable websites.
As usual I used ZoomEye to search for app: “Adobe ColdFusion” and found the related website.
Then I went to the Nuclei template repository to look for the PoC.
The next step is to scan these websites in batches. Good luck!
I will often share interesting ZoomEye syntax on my homepage: https://twitter.com/HuTa0kj
You are also welcome to join the official discussion group.
Telegram channel: https://t.me/+dUkJzl6rPHxjNDIx
facebook group: https://www.facebook.com/groups/909299587651507
discord group: https://discord.gg/GtHdyZbuFv
