Nginx is a lightweight, high-performance HTTP server, reverse proxy server and email (IMAP/POP3) proxy server. It performs well in handling highly concurrent connections, consumes few system resources, and is widely used in various Web projects. However, attackers can formulate their attack strategies according to the flaws of its related security version.
nginxpwnerThis is one such tool, so let's take a look!
key function
-
Check if the site is using PHP and suggest some Nginx specific tests for PHP sites. -
make use of KyubiTest for path traversal vulnerabilities via misconfigured aliases. -
By setting the off merge_slashesCheck for path traversal vulnerabilities. -
Get the Ngnix version and match the relevant vulnerabilities based on the version.
deployments
Execute the following command to deploy
git clone https://hub.gitmirror.com/https://github.com/stark0de/nginxpwner # used github accelerated source
cd nginxpwner
chmod +x install.sh
. /install.sh
Attention: After the installation is complete, it may reportrequests_rawmodule is missing error. This can be resolved using the following command
pip3 install --break-system-packages requests_raw
usage example
python3 nginxpwner.py https://example.com /tmp/pathlist
Refer to the documentation:https://github.com/stark0de/nginxpwner