nuclei-templates/http/technologies/microstrategy-detect.yaml

59 lines
1.6 KiB
YAML
Raw Permalink Normal View History

2021-10-21 15:10:37 +00:00
id: microstrategy-detect
info:
name: MicroStrategy Instances Detection Template
author: philippedelteil,Retr02332
severity: info
description: Detect if MicroStrategy instances exist in your URLS
metadata:
max-request: 16
2023-10-14 11:27:55 +00:00
tags: microstrategy,panel,tech
2021-10-21 15:10:37 +00:00
http:
2021-10-21 15:10:37 +00:00
- method: GET
path:
- "{{BaseURL}}/{{path}}"
payloads:
path:
- MicroStrategy/servlet/mstrWebAdmin/
- MicroStrategy/servlet/mstrWebAdmin
- MicroStrategy/servlet/taskProc/
- MicroStrategy/servlet/taskProc
- MicroStrategy/servlet/mstrWeb/
- MicroStrategy/servlet/mstrWeb
- MicroStrategy/
- MicroStrategy
- servlet/mstrWebAdmin/
- servlet/mstrWebAdmin
- servlet/taskProc/
- servlet/taskProc
- servlet/mstrWeb/
- servlet/mstrWeb
- asp/Main.aspx
- MicroStrategy/asp
2021-10-22 10:36:36 +00:00
2021-10-22 17:15:06 +00:00
stop-at-first-match: true
2021-10-22 10:36:36 +00:00
matchers:
- type: dsl
2021-10-22 17:15:06 +00:00
condition: or
2021-10-22 10:36:36 +00:00
dsl:
- 'contains(body, "MicroStrategy, Incorporated.")'
- 'contains(body, "microstrategy.servletName")'
- 'contains(body, "mstrHiddenInput")'
extractors:
- type: regex
part: body
group: 1
regex:
- 'ProductHelp/([0-9.A-Z]+)'
- type: regex
part: body
group: 1
regex:
- 'WELCOME. MicroStrategy ([0-9]+)'
# digest: 4b0a00483046022100bfea2298db5ce833db3230dd2b2c0a0287cc5b720cebd118c25578a1b658f6680221009da1b968a466fac0fe362e98d24738b89178daea8fde2789f0881b3f33d81717:922c64590222798bb761d5b6d8e72950