nuclei-templates/http/exposed-panels/glpi-panel.yaml

50 lines
1.2 KiB
YAML
Raw Normal View History

2022-10-27 20:59:48 +00:00
id: glpi-project_glpi
info:
name: GLPI Panel - Detect
2022-10-27 20:59:48 +00:00
author: dogasantos,daffainfo,ricardomaia,dhiyaneshDk
severity: info
description: GLPI panel was detected.
2022-10-27 20:59:48 +00:00
reference:
- https://glpi-project.org/
- https://www.exploit-db.com/ghdb/7002
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 3
2022-11-03 17:49:55 +00:00
verified: true
shodan-query: http.title:"GLPI"
tags: glpi,edb,panel
http:
- method: GET
path:
2021-08-25 22:09:38 +00:00
- "{{BaseURL}}"
2022-10-27 20:59:48 +00:00
- "{{BaseURL}}/CHANGELOG.md"
- "{{BaseURL}}/glpi/"
2021-08-25 22:09:38 +00:00
2022-10-27 20:59:48 +00:00
redirects: true
max-redirects: 2
stop-at-first-match: false
matchers:
- type: word
2022-10-27 20:59:48 +00:00
case-insensitive: true
words:
2022-10-27 20:59:48 +00:00
- "GLPI"
- "glpi-project.org"
condition: and
extractors:
- type: regex
2022-10-27 20:59:48 +00:00
name: version
part: body
group: 1
regex:
2022-10-27 20:59:48 +00:00
- '(?i)base\.min\.js\?v=([\d.|\d]+)">'
- '(?i)jquery\.min\.js\?v=([\d.|\d]+)">'
- '(?i)# GLPI changes\n\n.*\n.*\n.*\n##\s\[(\d+\.\d+|\d+\.\d+\.\d+)\]'
- '(?i)GLPI.*?([\d.|\d]+).copyright'
# Enhanced by md on 2022/11/16