daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: misconfiguration/proxy/open-proxy-portscan.yaml by Chris

patch-1
sullo 2022-01-21 14:06:29 -05:00
parent 3b7bcda337
commit 0229c3f001
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
misconfiguration/proxy/open-proxy-portscan.yaml
View File

@ -3,7 +3,7 @@ id: open-proxy-portscan
info:
name: Open Proxy to Ports on the Proxy's localhost Interface
author: sullo
severity: High
severity: high
tags: exposure,config,proxy,misconfig,fuzz
description: The host is configured as a proxy which allows access to its internal interface
remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports.
@ -56,7 +56,9 @@ requests:
- type: dsl
condition: or
dsl:
- (!regex("(?i)FTP",body_1)) && (!regex("(?i)FTP",body_2)) && (regex("(?i)FTP\b",body_3))
- (!regex("(?i)SSH-[\d.]+-\w+",body_1)) && (!regex("(?i)SSH-[\d.]+-\w+",body_2)) && (regex("(?i)SSH-[\d.]+-\w+",body_4))
- (!regex("(?i)POP3",body_1)) && (!regex("(?i)POP3",body_2)) && (regex("(?i)POP3\b",body_6))
- (!regex("(?i)FTP",body_1)) && (!regex("(?i)FTP",body_2)) && (regex("(?i)FTP",body_3))
- (!regex("(?i)SSH-[.]+-+",body_1)) && (!regex("(?i)SSH-[.]+-+",body_2)) && (regex("(?i)SSH-[.]+-+",body_4))
- (!regex("(?i)POP3",body_1)) && (!regex("(?i)POP3",body_2)) && (regex("(?i)POP3",body_6))
- (!regex("(?i)SMTP",body_1)) && (!regex("(?i)SMTP",body_2)) && ((regex("(?i)SMTP",body_5)) || (regex("(?i)SMTP",body_7)) || (regex("(?i)SMTP",body_8)))
# Updated by Chris on 2022/01/21