nuclei-templates/http/exposed-panels/grafana-detect.yaml

id: grafana-detect

info:
  name: Grafana Login Panel - Detect
  author: organiccrap,AdamCrosser,bhutch
  severity: info
  description: Grafana login panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    max-request: 1
    vendor: grafana
    product: grafana
    shodan-query: title:"Grafana"
    category: devops
  tags: panel,grafana,detect

http:
  - method: GET
    path:
      - "{{BaseURL}}/login"

    matchers:
      - type: word
        part: body
        words:
          - "<title>Grafana</title>"

    extractors:
      - type: regex
        name: version
        part: body
        group: 1
        regex:
          - '\"version\"\:\"([0-9.]+)\"}'
          - '\"subTitle\":\"Grafana v([0-9.]+)'

      - type: kval
        kval:
          - version
# digest: 4a0a00473045022007536053f52444ca4ccea8b018464a891575f81760a541a83635496b19983fca02210097f60c0c45dfa0b7c93a31a53284ad763b326f8cfa6270609e23ab1c0b3352fd:922c64590222798bb761d5b6d8e72950
pending pull 2020-04-22 06:42:01 +00:00			`id: grafana-detect`

			`info:`
Dashboard Content Enhancements (#6105) Dashboard Content Enhancements 2022-11-19 01:50:30 +00:00			`name: Grafana Login Panel - Detect`
Merge branch 'main' into grafana-detect 2023-06-28 03:54:25 +00:00			`author: organiccrap,AdamCrosser,bhutch`
uniform severity update 2020-08-03 21:52:00 +00:00			`severity: info`
Dashboard Content Enhancements (#6105) Dashboard Content Enhancements 2022-11-19 01:50:30 +00:00			`description: Grafana login panel was detected.`
			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
templateman update 2023-10-14 11:27:55 +00:00			`cvss-score: 0`
Dashboard Content Enhancements (#6105) Dashboard Content Enhancements 2022-11-19 01:50:30 +00:00			`cwe-id: CWE-200`
Update grafana-detect.yaml 2022-07-07 10:16:00 +00:00			`metadata:`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`max-request: 1`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00			`vendor: grafana`
			`product: grafana`
templateman update 2023-10-14 11:27:55 +00:00			`shodan-query: title:"Grafana"`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00			`category: devops`
			`tags: panel,grafana,detect`
pending pull 2020-04-22 06:42:01 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
pending pull 2020-04-22 06:42:01 +00:00			`- method: GET`
			`path:`
			`- "{{BaseURL}}/login"`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00
pending pull 2020-04-22 06:42:01 +00:00			`matchers:`
			`- type: word`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00			`part: body`
pending pull 2020-04-22 06:42:01 +00:00			`words:`
Update syntax 2020-05-25 08:13:15 +00:00			`- "<title>Grafana</title>"`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00
Update grafana-detect.yaml Tests: nuclei -t nuclei-templates/exposed-panels/grafana-detect.yaml -u https://grafana.aa.com nuclei -t nuclei-templates/exposed-panels/grafana-detect.yaml -u https://insights.bpost.cloud 2021-06-19 00:07:06 +00:00			`extractors:`
			`- type: regex`
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00			`name: version`
Update grafana-detect.yaml Tests: nuclei -t nuclei-templates/exposed-panels/grafana-detect.yaml -u https://grafana.aa.com nuclei -t nuclei-templates/exposed-panels/grafana-detect.yaml -u https://insights.bpost.cloud 2021-06-19 00:07:06 +00:00			`part: body`
			`group: 1`
			`regex:`
Update grafana-detect.yaml Older versions of Grafana were not previously discovered, because an update somewhere between 6.4.3 and 6.7.2 changed the frontend code for revealing the version of Grafana being used: <a href="https://grafana.com" target="_blank">Grafana</a><span>v6.4.3 (commit: 3a2bfb7)</span> for example. Even older code did not use any explicit HTML. This new regex correctly detects all versions of Grafana, from 1.0.0 to the current version. 2022-12-08 22:48:22 +00:00			`- '\"version\"\:\"([0-9.]+)\"}'`
Update grafana-detect.yaml 2023-06-27 12:49:53 +00:00			`- '\"subTitle\":\"Grafana v([0-9.]+)'`
Dashboard Content Enhancements (#6105) Dashboard Content Enhancements 2022-11-19 01:50:30 +00:00
Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490) * Update Confluence Version * Added Application Category * Updated Grafana Template * Updated WordPress Template * Update grafana-detect.yaml * Update jenkins-detect.yaml * Update Jira Detection Template * Update Tomcat Template * Update Atlassian Crowd Template * misc update * workflow fix --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-06-24 22:25:54 +00:00			`- type: kval`
			`kval:`
			`- version`
Auto Template Signing [Thu Oct 19 13:13:50 UTC 2023] :robot: 2023-10-19 13:13:52 +00:00			`# digest: 4a0a00473045022007536053f52444ca4ccea8b018464a891575f81760a541a83635496b19983fca02210097f60c0c45dfa0b7c93a31a53284ad763b326f8cfa6270609e23ab1c0b3352fd:922c64590222798bb761d5b6d8e72950`