nuclei-templates/exposed-panels/rundeck-login.yaml

id: rundeck-login

info:
  name: Rundeck Login Panel - Detect
  author: DhiyaneshDk, daffainfo
  severity: info
  description: Rundeck login panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
    shodan-query: title:"Rundeck"
  tags: panel,rundeck

requests:
  - method: GET
    path:
      - '{{BaseURL}}/user/login'

    host-redirects: true
    max-redirects: 2
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'alt="Rundeck"'
          - '/assets/rundeck' ## For old rundeck
        condition: or

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - 'utm_medium=([0-9.]+)-'
          - 'data-version-string=\"([0-9.-]+)\"' ## Detection version on old rundeck
          - '<span class="version">([0-9.-]+)<\/span>' ## Detection on very old rudneck

# Enhanced by md on 2023/01/03
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`id: rundeck-login`

			`info:`
Dashboard Content Enhancements (#6469) Dashboard Content Enhancements 2023-01-05 14:57:06 +00:00			`name: Rundeck Login Panel - Detect`
Update rundeck-login.yaml 2022-10-25 10:53:09 +00:00			`author: DhiyaneshDk, daffainfo`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`severity: info`
Dashboard Content Enhancements (#6469) Dashboard Content Enhancements 2023-01-05 14:57:06 +00:00			`description: Rundeck login panel was detected.`
			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
			`cvss-score: 0.0`
			`cwe-id: CWE-200`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`metadata:`
			`verified: true`
Update rundeck-login.yaml 2022-08-01 17:06:24 +00:00			`shodan-query: title:"Rundeck"`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`tags: panel,rundeck`

			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/user/login'`

Update rundeck-login.yaml 2022-10-25 10:53:09 +00:00			`host-redirects: true`
			`max-redirects: 2`
fix: false negative rundeck - Fix false negative rundeck by changing the matcher - Added version detection for old rundeck and new rundeck 2022-10-23 08:15:28 +00:00			`matchers-condition: and`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`matchers:`
			`- type: word`
			`part: body`
			`words:`
Update rundeck-login.yaml 2022-10-25 10:53:09 +00:00			`- 'alt="Rundeck"'`
			`- '/assets/rundeck' ## For old rundeck`
Update rundeck-login.yaml 2022-10-23 15:32:18 +00:00			`condition: or`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00
fix: false negative rundeck - Fix false negative rundeck by changing the matcher - Added version detection for old rundeck and new rundeck 2022-10-23 08:15:28 +00:00			`- type: status`
			`status:`
			`- 200`

			`extractors:`
			`- type: regex`
Create rundeck-login.yaml 2022-08-01 08:15:48 +00:00			`part: body`
fix: false negative rundeck - Fix false negative rundeck by changing the matcher - Added version detection for old rundeck and new rundeck 2022-10-23 08:15:28 +00:00			`group: 1`
			`regex:`
Update rundeck-login.yaml 2022-10-25 10:53:09 +00:00			`- 'utm_medium=([0-9.]+)-'`
			`- 'data-version-string=\"([0-9.-]+)\"' ## Detection version on old rundeck`
			`- '<span class="version">([0-9.-]+)<\/span>' ## Detection on very old rudneck`
Dashboard Content Enhancements (#6469) Dashboard Content Enhancements 2023-01-05 14:57:06 +00:00
			`# Enhanced by md on 2023/01/03`