2023-10-20 12:24:27 +00:00
|
|
|
id: opache-control-panel
|
2023-10-16 20:00:54 +00:00
|
|
|
|
|
|
|
info:
|
2023-10-20 12:24:27 +00:00
|
|
|
name: Opache control Panel - Unauthenticated Access
|
2023-10-16 20:00:54 +00:00
|
|
|
author: pussycat0x
|
2023-10-20 12:24:27 +00:00
|
|
|
severity: medium
|
2023-10-16 20:00:54 +00:00
|
|
|
metadata:
|
2023-10-20 12:24:27 +00:00
|
|
|
verified: true
|
2023-10-22 12:16:24 +00:00
|
|
|
max-request: 2
|
2023-10-20 12:24:27 +00:00
|
|
|
shodan-query: http.title:"Opcache Control Panel"
|
|
|
|
tags: misconfig,opache,exposure
|
2023-10-16 20:00:54 +00:00
|
|
|
|
|
|
|
http:
|
|
|
|
- method: GET
|
|
|
|
path:
|
2023-10-20 12:09:22 +00:00
|
|
|
- "{{BaseURL}}"
|
2023-10-16 20:00:54 +00:00
|
|
|
- "{{BaseURL}}/ocp.php"
|
|
|
|
|
2023-10-20 12:09:22 +00:00
|
|
|
stop-at-first-match: true
|
2023-10-16 20:00:54 +00:00
|
|
|
matchers:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
|
|
|
- 'status_code == 200'
|
2023-10-20 12:24:27 +00:00
|
|
|
- 'contains_all(body, "Opcache Control Panel", "Reset", "Files")'
|
2023-10-20 12:09:22 +00:00
|
|
|
condition: and
|
2023-10-23 07:14:07 +00:00
|
|
|
|
|
|
|
# digest: 490a0046304402200dc418f68724d9828a2047b5c49a05682cd0121b12f4bf74295913517fb53e1a02200503b7fb86f474909081135a8b895af0b78fca0c48a53b05e95912e6dad2c140:922c64590222798bb761d5b6d8e72950
|