2021-10-21 15:10:37 +00:00
|
|
|
id: microstrategy-detect
|
|
|
|
|
|
|
|
info:
|
|
|
|
name: MicroStrategy Instances Detection Template
|
|
|
|
author: philippedelteil,Retr02332
|
|
|
|
severity: info
|
|
|
|
description: Detect if MicroStrategy instances exist in your URLS
|
2023-04-28 08:11:21 +00:00
|
|
|
metadata:
|
|
|
|
max-request: 16
|
2023-10-14 11:27:55 +00:00
|
|
|
tags: microstrategy,panel,tech
|
2021-10-21 15:10:37 +00:00
|
|
|
|
2023-04-27 04:28:59 +00:00
|
|
|
http:
|
2021-10-21 15:10:37 +00:00
|
|
|
- method: GET
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/{{path}}"
|
|
|
|
|
|
|
|
payloads:
|
|
|
|
path:
|
|
|
|
- MicroStrategy/servlet/mstrWebAdmin/
|
|
|
|
- MicroStrategy/servlet/mstrWebAdmin
|
|
|
|
- MicroStrategy/servlet/taskProc/
|
|
|
|
- MicroStrategy/servlet/taskProc
|
|
|
|
- MicroStrategy/servlet/mstrWeb/
|
|
|
|
- MicroStrategy/servlet/mstrWeb
|
|
|
|
- MicroStrategy/
|
|
|
|
- MicroStrategy
|
|
|
|
- servlet/mstrWebAdmin/
|
|
|
|
- servlet/mstrWebAdmin
|
|
|
|
- servlet/taskProc/
|
|
|
|
- servlet/taskProc
|
|
|
|
- servlet/mstrWeb/
|
|
|
|
- servlet/mstrWeb
|
|
|
|
- asp/Main.aspx
|
|
|
|
- MicroStrategy/asp
|
2021-10-22 10:36:36 +00:00
|
|
|
|
2021-10-22 17:15:06 +00:00
|
|
|
stop-at-first-match: true
|
2021-10-22 10:36:36 +00:00
|
|
|
matchers:
|
|
|
|
- type: dsl
|
2021-10-22 17:15:06 +00:00
|
|
|
condition: or
|
2021-10-22 10:36:36 +00:00
|
|
|
dsl:
|
|
|
|
- 'contains(body, "MicroStrategy, Incorporated.")'
|
|
|
|
- 'contains(body, "microstrategy.servletName")'
|
|
|
|
- 'contains(body, "mstrHiddenInput")'
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
- type: regex
|
|
|
|
part: body
|
|
|
|
group: 1
|
|
|
|
regex:
|
|
|
|
- 'ProductHelp/([0-9.A-Z]+)'
|
|
|
|
|
|
|
|
- type: regex
|
|
|
|
part: body
|
|
|
|
group: 1
|
|
|
|
regex:
|
|
|
|
- 'WELCOME. MicroStrategy ([0-9]+)'
|
2023-10-20 11:41:13 +00:00
|
|
|
|
|
|
|
# digest: 4b0a00483046022100bfea2298db5ce833db3230dd2b2c0a0287cc5b720cebd118c25578a1b658f6680221009da1b968a466fac0fe362e98d24738b89178daea8fde2789f0881b3f33d81717:922c64590222798bb761d5b6d8e72950
|