diff --git a/http/exposed-panels/outsystems-servicecenter-panel.yaml b/http/exposed-panels/outsystems-servicecenter-panel.yaml new file mode 100644 index 0000000000..d234db879d --- /dev/null +++ b/http/exposed-panels/outsystems-servicecenter-panel.yaml @@ -0,0 +1,37 @@ +id: outsystems-servicecenter-panel + +info: + name: OutSystems Service Center Login Panel - Detect + author: righettod + severity: info + description: | + OutSystems Service Center login panel was detected. + reference: + - https://www.outsystems.com/ + metadata: + max-request: 1 + shodan-query: http.html:"outsystems" + verified: true + tags: panel,outsystems,login,detect + +http: + - method: GET + path: + - "{{BaseURL}}/ServiceCenter/Login.aspx" + - "{{BaseURL}}/Login.aspx" + + stop-at-first-match: true + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains_any(to_lower(body), "servicecenter", "outsystems.internal") && contains(to_lower(body), "login")' + condition: and + + extractors: + - type: regex + part: body + group: 1 + regex: + - "environmentName:'([a-zA-Z0-9]+)'"