nuclei-templates/panels/sap-recon-detect.yaml

36 lines
857 B
YAML
Raw Normal View History

id: sap-recon-detect
info:
name: SAP RECON Finder
author: samueladi_ & organiccrap
severity: medium
# Source:- https://github.com/chipik/SAP_RECON
2020-07-16 07:00:43 +00:00
# This is detection template, please use above poc to exploit this further.
requests:
- method: GET
path:
- "{{BaseURL}}/CTCWebService/CTCWebServiceBean"
- "{{BaseURL}}/CTCWebService/CTCWebServiceBean?wsdl"
- "{{BaseURL}}/CTCWebService/Config1?wsdl"
matchers-condition: and
matchers:
- type: word
words:
- Method Not Allowed
- Expected request method POST. Found GET.
- Generated by WSDLDefinitionsParser
- bns0:Config1Binding
- wsdl:definitions
- tns:CTCWebServiceSiBinding
condition: or
- type: status
status:
- 405
- 200
condition: or