Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-1858 PoC — Apache Tomcat SSL Anonymous Cipher 配置信息泄露漏洞

Source
https://github.com/anthophilee/A2SV--SSL-VUL-Scan
Associated Vulnerability
Title:Apache Tomcat SSL Anonymous Cipher 配置信息泄露漏洞 (CVE-2007-1858)
Description:The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
Description
A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https://github.com/hahwul/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device
Readme
# A2SV--SSL-VUL-Scan
A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https://github.com/hahwul/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device
File Snapshot

 [4.0K]  /data/pocs/f200fa5da5db4b02575d71bb8b3864f8b86f9cac
└── [ 734]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →