daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7497 from projectdiscovery/exploitware-fb-templates 

New 20 Templates
patch-1
pussycat0x 2023-06-21 09:48:15 +05:30 committed by GitHub
parent 82f980e517 2408054a2d
commit 1df10b0b9e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 613 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
http/exposed-panels/aws-ec2-autoscale.yaml Normal file
View File

@ -0,0 +1,31 @@
id: aws-ec2-autoscale
info:
name: AWS EC2 Auto Scaling Lab
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=620605120110011&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: html:"AWS EC2 Auto Scaling Lab"
tags: exposure,ec2,aws,amazon
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'AWS EC2 Auto Scaling Lab'
- 'EC2 Instance Metadata'
condition: and
- type: status
status:
- 200

29
http/exposed-panels/crontab-ui.yaml Normal file
View File

@ -0,0 +1,29 @@
id: crontab-ui
info:
name: Crontab UI - Dashboard Exposure
author: DhiyaneshDk
severity: high
reference:
- https://www.facebook.com/photo/?fbid=629288492575007&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: html:"Crontab UI"
tags: exposure,crontab,ui
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Crontab UI</title>'
- type: status
status:
- 200

30
http/exposed-panels/eos-http-browser.yaml Normal file
View File

@ -0,0 +1,30 @@
id: eos-http-browser
info:
name: EOS HTTP Browser
author: DhiyaneshDk
severity: medium
reference:
- https://www.facebook.com/photo/?fbid=634930085344181&set=pcb.634929508677572
metadata:
max-request: 2
verified: true
shodan-query: title:"EOS HTTP Browser"
tags: exposure,eos,httpbrowser
http:
- method: GET
path:
- "{{BaseURL}}"
- "{{BaseURL}}/eos/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'STAT TEST'
- type: status
status:
- 200

31
http/exposed-panels/glowroot-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: glowroot-panel
info:
name: Glowroot - Panel
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo?fbid=618105097026680&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"Glowroot"
tags: panel,login,glowroot
http:
- method: GET
path:
- "{{BaseURL}}/login"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Glowroot'
- 'Change my password'
condition: and
- type: status
status:
- 200

29
http/exposed-panels/pdi-device-page.yaml Normal file
View File

@ -0,0 +1,29 @@
id: pdi-device-page
info:
name: PDI Intellifuel - Device Page
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo?fbid=629130339257489&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: html:"PDI Intellifuel"
tags: exposure,pdi,intellifuel
http:
- method: GET
path:
- "{{BaseURL}}/index.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Intellifuel Device page'
- type: status
status:
- 200

31
http/exposed-panels/selfcheck-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: selfcheck-panel
info:
name: SelfCheck System Manager - Panel
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=607747024729154&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"SelfCheck System Manager"
tags: panel,login,selfcheck,systemmanager
http:
- method: GET
path:
- "{{BaseURL}}/SystemManager/Account/SignIn"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>SelfCheck System Manager</title>'
- 'Sign In'
condition: and
- type: status
status:
- 200

31
http/exposed-panels/teradek-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: teradek-panel
info:
name: Teradek Cube Administrative Console - Panel
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=612496907587499&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"Teradek Cube Administrative Console"
tags: panel,login,teradek
http:
- method: GET
path:
- "{{BaseURL}}/login.cs"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Teradek Cube Administrative Console'
- 'Password:'
condition: and
- type: status
status:
- 200

29
http/exposed-panels/tigase-xmpp-server.yaml Normal file
View File

@ -0,0 +1,29 @@
id: tigase-xmpp-server
info:
name: Tigase XMPP Server - Exposure
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=617926933711163&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"Tigase XMPP Server"
tags: tigase,xmpp,server,panel,exposure
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Tigase XMPP Server</title>'
- type: status
status:
- 200

34
http/exposed-panels/tup-openframe.yaml Normal file
View File

@ -0,0 +1,34 @@
id: tup-openframe
info:
name: T-Up OpenFrame
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=642772827893240&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: http.favicon.hash:824580113
tags: exposure,login,tup,openframe
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'T-Up OpenFrame'
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

31
http/exposed-panels/webcomco-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: webcomco-panel
info:
name: WebcomCo - Panel
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=626548889515634&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"WebcomCo"
tags: panel,webcomco,login
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>WebcomCo</title>'
- type: status
status:
- 200

33
http/misconfiguration/apache-impala.yaml Normal file
View File

@ -0,0 +1,33 @@
id: apache-impala
info:
name: Apache Impala - Exposure
author: DhiyaneshDk
severity: medium
reference:
- https://www.facebook.com/photo/?fbid=627585602745296&set=pcb.627585619411961
metadata:
max-request: 1
verified: true
shodan-query: http.favicon.hash:587330928
tags: misconfig,apache,impala
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Apache Impala'
- 'Process Info'
condition: and
- type: status
status:
- 200

34
http/misconfiguration/aws-ec2-status.yaml Normal file
View File

@ -0,0 +1,34 @@
id: aws-ec2-status
info:
name: Amazon EC2 Status
author: DhiyaneshDk
severity: info
reference:
- https://www.facebook.com/photo/?fbid=644887334348456&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: html:"Amazon EC2 Status"
tags: misconfig,ec2,aws,amazon
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Amazon EC2 Status</title>'
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

29
http/misconfiguration/dynamic-container-host.yaml Normal file
View File

@ -0,0 +1,29 @@
id: dynamic-container-host
info:
name: Dynamics Container Host - Detect
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo/?fbid=631801132323743&set=pcb.631801782323678
metadata:
max-request: 1
verified: true
shodan-query: title:"Dynamics Container Host"
tags: exposure,dynamic,container
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Dynamics Container Host</title>'
- type: status
status:
- 200

31
http/misconfiguration/flask-redis-docker.yaml Normal file
View File

@ -0,0 +1,31 @@
id: flask-redis-docker
info:
name: Flask Redis Queue Docker - Exposure
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo/?fbid=623621413141715&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"Flask + Redis Queue + Docker"
tags: misconfig,exposure,flask,redis,docker
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>Flask + Redis Queue + Docker</title>'
- type: status
status:
- 200

31
http/misconfiguration/gopher-server.yaml Normal file
View File

@ -0,0 +1,31 @@
id: gopher-server
info:
name: Gopher Server - Exposure
author: DhiyaneshDk
severity: medium
reference:
- https://www.facebook.com/photo/?fbid=627579942745862&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"Gopher Server"
tags: misconfig,gopher,server
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Gopher Server'
- 'Environment Variables'
condition: and
- type: status
status:
- 200

31
http/misconfiguration/perfsonar-toolkit.yaml Normal file
View File

@ -0,0 +1,31 @@
id: perfsonar-toolkit
info:
name: perfSONAR Toolkit - Exposure
author: DhiyaneshDk
severity: medium
reference:
- https://www.facebook.com/photo?fbid=619180260252497&set=pcb.619180283585828
metadata:
max-request: 1
verified: true
shodan-query: title:"perfSONAR"
tags: misconfig,perfsonar,toolkit
http:
- method: GET
path:
- "{{BaseURL}}/toolkit/"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>perfSONAR Toolkit</title>'
- type: status
status:
- 200

31
http/misconfiguration/phpnow-works.yaml Normal file
View File

@ -0,0 +1,31 @@
id: phpnow-works
info:
name: PHPnow works - Exposure
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo/?fbid=618545156982674&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: "PHPnow works"
tags: misconfig,phpnow,exposure
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>PHPnow Works!</title>'
- 'Server Information'
condition: and
- type: status
status:
- 200

29
http/misconfiguration/smokeping-grapher.yaml Normal file
View File

@ -0,0 +1,29 @@
id: smokeping-grapher
info:
name: SmokePing Latency Page for Network Latency Grapher
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo/?fbid=620494143454442&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"SmokePing Latency Page for Network Latency Grapher"
tags: misconfig,smokeping,latency,grapher
http:
- method: GET
path:
- "{{BaseURL}}/smokeping/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'SmokePing Latency Page for'
- type: status
status:
- 200

31
http/misconfiguration/v2x-control.yaml Normal file
View File

@ -0,0 +1,31 @@
id: v2x-control
info:
name: V2X Control - Dashboard Exposure
author: DhiyaneshDk
severity: low
reference:
- https://www.facebook.com/photo/?fbid=606940284809828&set=a.467014098802448
metadata:
max-request: 1
verified: true
shodan-query: title:"V2X Control"
tags: misconfig,exposure,v2x,control
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>V2X control</title>'
- 'Chemtronics'
condition: and
- type: status
status:
- 200

27
http/technologies/default-apache-miracle.yaml Normal file
View File

@ -0,0 +1,27 @@
id: default-apache-miracle
info:
name: Default Apache Miracle Linux Web Server Page
author: DhiyaneshDK
severity: info
metadata:
max-request: 1
verified: true
shodan-query: title:"Apache Miracle Linux Web Server"
tags: tech,default-page,apache,miracle
http:
- method: GET
path:
- '{{BaseURL}}'
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<TITLE>Apache Miracle Linux Web Server</TITLE>'
- type: status
status:
- 200