nuclei-templates/http/exposed-panels/somansa-dlp-detect.yaml

40 lines
1.1 KiB
YAML
Raw Normal View History

id: somansa-dlp-detect
info:
name: Somansa DLP Login Panel - Detect
author: gy741,ritikchaddha
severity: info
description: Somansa DLP login panel was detected.
reference:
- https://www.somansa.com/solution/integrated_solution/dlp/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cwe-id: CWE-200
metadata:
verified: true
2023-10-14 11:27:55 +00:00
max-request: 2
shodan-query: http.html:"DLP system"
tags: panel,somansa,dlp
http:
- method: GET
path:
- "{{BaseURL}}/DLPCenter/loginform.sms"
- "{{BaseURL}}/DLPCenter/images/favicon.ico"
stop-at-first-match: true
2023-10-14 11:27:55 +00:00
matchers-condition: or
matchers:
- type: word
part: body
words:
- "/DLPCenter/js/"
- "SOMANSA"
condition: and
case-insensitive: true
- type: dsl
dsl:
- "status_code==200 && (\"-1217239281\" == mmh3(base64_py(body)))"
# digest: 4a0a00473045022053b1148a89c4dd4071fc0c8d2ade3e4a3ff249b7eaed9a41379ad74b781e8a4a02210087edfa04aa70a110eb29b07a1c97c81bee17d4abef87bc3b1f951b2dab1b02b2:922c64590222798bb761d5b6d8e72950