nuclei-templates/http/exposed-panels/glpi-panel.yaml

53 lines
1.4 KiB
YAML
Raw Normal View History

2022-10-27 20:59:48 +00:00
id: glpi-project_glpi
info:
name: GLPI Panel - Detect
2022-10-27 20:59:48 +00:00
author: dogasantos,daffainfo,ricardomaia,dhiyaneshDk
severity: info
description: GLPI panel was detected.
2022-10-27 20:59:48 +00:00
reference:
- https://glpi-project.org/
- https://www.exploit-db.com/ghdb/7002
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
2023-10-14 11:27:55 +00:00
cvss-score: 0
cwe-id: CWE-200
metadata:
vendor: glpi-project
product: glpi
2022-11-03 17:49:55 +00:00
verified: true
2023-10-14 11:27:55 +00:00
max-request: 3
shodan-query: http.title:"GLPI"
tags: glpi,edb,panel
http:
- method: GET
path:
2021-08-25 22:09:38 +00:00
- "{{BaseURL}}"
2022-10-27 20:59:48 +00:00
- "{{BaseURL}}/CHANGELOG.md"
- "{{BaseURL}}/glpi/"
2021-08-25 22:09:38 +00:00
2022-10-27 20:59:48 +00:00
redirects: true
max-redirects: 2
stop-at-first-match: false
matchers:
- type: word
2022-10-27 20:59:48 +00:00
case-insensitive: true
words:
2022-10-27 20:59:48 +00:00
- "GLPI"
- "glpi-project.org"
condition: and
2023-10-14 11:27:55 +00:00
extractors:
- type: regex
2022-10-27 20:59:48 +00:00
name: version
part: body
group: 1
regex:
2022-10-27 20:59:48 +00:00
- '(?i)base\.min\.js\?v=([\d.|\d]+)">'
- '(?i)jquery\.min\.js\?v=([\d.|\d]+)">'
- '(?i)# GLPI changes\n\n.*\n.*\n.*\n##\s\[(\d+\.\d+|\d+\.\d+\.\d+)\]'
- '(?i)GLPI.*?([\d.|\d]+).copyright'
# digest: 490a0046304402204dcbd9851e6c6d64dfefeb7e9baca95736b42c7143f68287a74ea02e3e430ec5022031ba9239ae6441986d1df34a74fecbdbf00bfb3144953ac791f87040b7b35c69:922c64590222798bb761d5b6d8e72950