frloudet
commented
1 year ago Hello @KGorbakon! Have you looked at our cve-hash-harvester project? It's been a while I have not used it so I do not have a big list of hashes ready for you but it is designed for what you are trying to do. It basically pulls down one by one docker images of the gitlab versions you pass it as parameter, calculate hashes for them, and keep that in a mongoDB. It is a bit time/cpu intensive but it is feasible on a laptop.
KGorbakon
@codeEmitter @frloudet Hi! I'm developing a new nuclei template for CVE-2022-2884. Since it is impossible to reliably verify the presence of a vulnerability within the framework of the nuclei's functionality, i decided to add version fingerprinting. I looked at how this is implemented using unique hashes in templates for CVE-2021-22205, CVE-2022-0735, CVE-2022-1162, CVE-2022-2185 and prepared a list of vulnerable versions inside a text file in the repository. Installing all these versions manually will be an overkill task, so I would like to ask you to help me find a way to view them (if you have access to the old version of the program). Sorry to bother you in such a strange way, I couldn't find your other contacts. With best wishes, thank you in advance!