nuclei-templates/http/exposed-panels/arcserve-panel.yaml

id: arcserve-panel

info:
  name: ArcServe Panel - Detect
  author: DhiyaneshDk
  severity: info
  reference:
    - https://twitter.com/HunterMapping/status/1674267368359444480
    - https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe
  classification:
    cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: arcserve
    product: udp
    shodan-query:
      - http.favicon.hash:-1889244460
      - http.favicon.hash:"-1889244460"
    fofa-query: icon_hash="-1889244460"
  tags: panel,login,arcserve,detect

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Arcserve UDP"
          - "/arcserve.js"
        condition: or

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100b0fe46eeedfd7d75402634ec0af24f6657e3c725d982e73fc172b4356fb2492a022100be2368c6c77c1d134fe9952c35b1ccfc337e1bd72bffdead5ea76b23853d6b96:922c64590222798bb761d5b6d8e72950
HunterMapping Trending Panels 2023-06-29 09:08:44 +00:00			`id: arcserve-panel`

			`info:`
updated matchers 2023-07-04 11:17:01 +00:00			`name: ArcServe Panel - Detect`
HunterMapping Trending Panels 2023-06-29 09:08:44 +00:00			`author: DhiyaneshDk`
			`severity: info`
			`reference:`
			`- https://twitter.com/HunterMapping/status/1674267368359444480`
			`- https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe`
Add CPE classification to templates (#9420) * Add CPE classification to templates * misc fix * added tags * format updates * Revert "format updates" This reverts commit b93658be4b50c929d15082258e4d11a15b12cbd8. --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2024-03-26 08:03:04 +00:00			`classification:`
			`cpe: cpe:2.3:a:arcserve:udp::::::::`
HunterMapping Trending Panels 2023-06-29 09:08:44 +00:00			`metadata:`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`verified: true`
templateman update 2023-10-14 11:27:55 +00:00			`max-request: 1`
Revert "TemplateMan Update [Mon Apr 8 11:30:07 UTC 2024] :robot:" This reverts commit 433dda4ae5b824564b44075bb95a96ecdbe263a6. 2024-04-08 11:34:33 +00:00			`vendor: arcserve`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`product: udp`
			`shodan-query:`
			`- http.favicon.hash:-1889244460`
			`- http.favicon.hash:"-1889244460"`
			`fofa-query: icon_hash="-1889244460"`
updated matchers 2023-07-04 11:17:01 +00:00			`tags: panel,login,arcserve,detect`
HunterMapping Trending Panels 2023-06-29 09:08:44 +00:00
			`http:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
updated matchers 2023-07-04 11:17:01 +00:00			`- "Arcserve UDP"`
			`- "/arcserve.js"`
			`condition: or`
HunterMapping Trending Panels 2023-06-29 09:08:44 +00:00
			`- type: status`
			`status:`
			`- 200`
Auto Template Signing [Sat Jun 8 16:02:16 UTC 2024] :robot: 2024-06-08 16:02:17 +00:00			`# digest: 4b0a00483046022100b0fe46eeedfd7d75402634ec0af24f6657e3c725d982e73fc172b4356fb2492a022100be2368c6c77c1d134fe9952c35b1ccfc337e1bd72bffdead5ea76b23853d6b96:922c64590222798bb761d5b6d8e72950`