daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/misconfiguration/aem/aem-groovyconsole.yaml

42 lines
1.3 KiB
YAML
Raw Normal View History

Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
id: aem-groovyconsole
info:
Dashboard Content Enhancements (#4238) Dashboard Content Enhancements
2022-04-25 14:35:07 +00:00
name: AEM Groovy Console Discovery
Updated author names
2021-06-09 12:20:56 +00:00
author: Dheerajmadhukar
Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
severity: critical
Dashboard Content Enhancements (#4238) Dashboard Content Enhancements
2022-04-25 14:35:07 +00:00
description: An Adobe Experience Manager Groovy console was discovered. This can possibly lead to remote code execution.
Added additional path
2021-09-08 07:28:02 +00:00
reference:
- https://hackerone.com/reports/672243
- https://twitter.com/XHackerx007/status/1435139576314671105
Update aem-groovyconsole.yaml
2022-07-26 03:37:44 +00:00
metadata:
Added max request counter of each template
2023-04-28 08:11:21 +00:00
max-request: 2
Update aem-groovyconsole.yaml
2022-07-26 03:37:44 +00:00
shodan-query: http.component:"Adobe Experience Manager"
add misconfig tag to templates in http/misconfiguration
2023-06-02 23:20:49 +00:00
tags: aem,adobe,hackerone,misconfig
Update aem-groovyconsole.yaml
2020-12-28 14:39:15 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
- method: GET
path:
- "{{BaseURL}}/groovyconsole"
Added additional path
2021-09-08 07:28:02 +00:00
- "{{BaseURL}}/etc/groovyconsole.html"
templateman update
2023-10-14 11:27:55 +00:00
Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
headers:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en-US,en;q=0.9,hi;q=0.8
Added additional path
2021-09-08 07:28:02 +00:00
stop-at-first-match: true
templateman update
2023-10-14 11:27:55 +00:00
Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
matchers-condition: and
matchers:
- type: word
words:
- "<title>Groovy Console</title>"
- "Run Script"
- "Groovy Web Console"
part: body
Update aem-groovyconsole.yaml
2020-12-28 14:39:15 +00:00
condition: and
Added additional path
2021-09-08 07:28:02 +00:00
Create aem-groovyconsole.yaml
2020-12-26 19:20:25 +00:00
- type: status
status:
Dashboard Content Enhancements (#4238) Dashboard Content Enhancements
2022-04-25 14:35:07 +00:00
- 200
TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] :robot:
2023-10-20 11:41:13 +00:00
# digest: 4a0a00473045022043264a058b3f40cbb321ac1f9acaea06487cca638c087673eb48026c5fd0357c022100c4f8b8138448c20109589a47d17deb0ed23d8cd236ae29842aeb545dc53a9d07:922c64590222798bb761d5b6d8e72950