安装:
注:所有github.com都要加上https
git clone github.com/vulsio/go-cve-dictionary.git
cd go-cve-dictionary/
go build
下载历年的NVD
./go-cve-dictionary fetch nvd
./go-cve-dictionary --bind="0.0.0.0" server
cd ..
git clone github.com/vulsio/goval-dictionary.git
cd goval-dictionary
go mod tidy
go build
cp goval-dictionary ../go-cve-dictionary
cd ..
完全静态编译
yum install glibc-static -y
go build -a -ldflags "-extldflags "-static" -X 'github.com/future-architect/vuls/config.Version=v0.19.0' -X 'github.com/future-architect/vuls/config.Revision=build-20211221_100415_2b7294a'" -o vuls ./cmd/vuls
git clone github.com/future-architect/vuls.git
cd vuls
go mod tody
make
cp vuls ../go-cve-dictionary
cd ..
git clone github.com/vulsio/gost.git
cd gost
go build
cp gost ../go-cve-dictionary
cd ..
git clone github.com/vulsio/go-exploitdb.git
cd go-exploitdb
go build
cp go-exploitdb ../go-cve-dictionary
cd ..
git clone github.com/vulsio/go-msfdb.git
cd go-msfdb
go build
cp go-msfdb ../go-cve-dictionary
cd ..
git clone github.com/vulsio/go-kev.git
cd go-kev
go build
cp go-kev ../go-cve-dictionary
cd ..
./goval-dictionary fetch redhat 6 7 8
./gost fetch redhat
./go-exploitdb fetch exploitdb
./go-msfdb fetch msfdb
./go-kev fetch kevuln
配置文件
cat config.toml
[servers]
[servers.localhost]
host = "localhost"
port = "local"
测试
./vuls configtest
[Dec 13 16:33:36] INFO [localhost] vuls-v0.19.0-build-20211213_162349_2b7294a
[Dec 13 16:33:36] INFO [localhost] Validating config...
[Dec 13 16:33:36] INFO [localhost] Detecting Server/Container OS...
[Dec 13 16:33:36] INFO [localhost] Detecting OS of servers...
[Dec 13 16:33:36] INFO [localhost] (1/1) Detected: localhost: centos 7.9.2009
[Dec 13 16:33:36] INFO [localhost] Detecting OS of containers...
[Dec 13 16:33:36] INFO [localhost] Checking Scan Modes...
[Dec 13 16:33:36] INFO [localhost] Checking dependencies...
[Dec 13 16:33:36] INFO [localhost] Dependencies ... Pass
[Dec 13 16:33:36] INFO [localhost] Checking sudo settings...
[Dec 13 16:33:36] INFO [localhost] Sudo... Pass
[Dec 13 16:33:36] INFO [localhost] It can be scanned with fast scan mode even if warn or err messages are displayed due to lack of dependent packages or sudo settings in fast-root or deep scan mode
[Dec 13 16:33:36] INFO [localhost] Scannable servers are below...
localhost
扫描
./vuls scan
[Dec 13 16:37:50] INFO [localhost] vuls-v0.19.0-build-20211213_162349_2b7294a
[Dec 13 16:37:50] INFO [localhost] Start scanning
[Dec 13 16:37:50] INFO [localhost] config: /root/go-mod/go-cve-dictionary/config.toml
[Dec 13 16:37:50] INFO [localhost] Validating config...
[Dec 13 16:37:50] INFO [localhost] Detecting Server/Container OS...
[Dec 13 16:37:50] INFO [localhost] Detecting OS of servers...
[Dec 13 16:37:50] INFO [localhost] (1/1) Detected: localhost: centos 7.9.2009
[Dec 13 16:37:50] INFO [localhost] Detecting OS of containers...
[Dec 13 16:37:50] INFO [localhost] Checking Scan Modes...
[Dec 13 16:37:50] INFO [localhost] Detecting Platforms...
[Dec 13 16:37:51] INFO [localhost] (1/1) localhost is running on other
[Dec 13 16:37:51] INFO [localhost] Scanning OS pkg in fast mode
[Dec 13 16:37:55] INFO [localhost] Scanning listen port...
[Dec 13 16:37:55] INFO [localhost] Using Port Scanner: Vuls built-in Scanner
Scan Summary
================
localhost centos7.9.2009 809 installed, 122 updatable
查看报告
vuls report
阅读(593) | 评论(0) | 转发(0) |