Skip to content

Goby Beta1.7.186
Compare
Choose a tag to compare
@gobysec gobysec released this 11 Aug 10:37
· 25 commits to master since this release
Beta1.7.186
2938d2f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

In this update

• New 1000+ fingerprint rules: expand the scale of enterprise-level application recognition.
• Added extension market: Linked with FOFA query and MSF modules to enhance asset collection and vulnerability verification functions. And open to the community, support user-defined extemsions.
• Support product version recognition: it helps to sort out assets more accurately.
• Support import/export PoC in batch: It is convenient for data migration when Goby version is updated or computer environment is changed.
• New vulnerabilities: CVE-2020-9296, CVE-2020-5410, CVE-2017-11610, CNNVD-202004-1959.
• Added SNMP/TCP brute force cracking.
• Fixed the inaccuracy of Fortios exploit module.
• Fixed some display problems.

Extensions

Developer’s guide:https://gobies.org/docs.html
image

• Extensions-FOFA
The IP and port of the target are queried through FOFA, and put into Goby for scanning.
image

• Extensions-MSF
You need to install the Metasploit environment. For demonstration purposes, only the process of utilizing modules is currently implemented.
image

• Extensions-ExportCsv
image

• Extensions-Http
image

New vulnerabilities

image

CVE-2020-9296 Demo
image

Product version recognition

image

Import/export PoC in batch

image

Assets 5
Loading