daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/misconfiguration/intelbras-dvr-unauth.yaml

32 lines
937 B
YAML
Raw Normal View History

Create intelbras-dvr-unauth.yaml
2024-04-09 17:38:47 +00:00
id: intelbras-dvr-unauth
fix format
2024-04-10 05:57:55 +00:00
Create intelbras-dvr-unauth.yaml
2024-04-09 17:38:47 +00:00
info:
name: Intelbras DVR - Unrestricted Access
author: pussycat0x
severity: low
description: |
The HTTP GET request to /cap.js on the server Intelbras DVR reveals several potentially sensitive pieces of information that are not properly protected or encrypted.
reference:
- https://github.com/netsecfish/intelbras_cap_js
metadata:
verified: true
fix format
2024-04-10 05:57:55 +00:00
fofa-query: body="Intelbras"
Create intelbras-dvr-unauth.yaml
2024-04-09 17:38:47 +00:00
tags: unauth,intelbras,dvr,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/cap.js"
fix-fp
2024-04-10 06:06:03 +00:00
matchers-condition: and
Create intelbras-dvr-unauth.yaml
2024-04-09 17:38:47 +00:00
matchers:
- type: word
words:
- "var talkTypes="
- "var userInfo="
condition: and
- type: status
status:
- 200
Auto Template Signing [Wed Apr 10 06:11:05 UTC 2024] :robot:
2024-04-10 06:11:05 +00:00
# digest: 4b0a00483046022100b2359609df1fe072500810987d11a7518106d6f42f328fe08e941f6a1ceb5ca5022100b98795795d35f59eb3728e60b4cba5cb6ccecabdf19d800d15c1f3d78e81646c:922c64590222798bb761d5b6d8e72950