From b14ab006f7f1315634b7dd858a319f71f17c9d70 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 19 Apr 2021 21:23:41 +0530 Subject: [PATCH 1/5] Create saia-web-server-info.yaml --- exposures/configs/saia-web-server-info.yaml | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposures/configs/saia-web-server-info.yaml diff --git a/exposures/configs/saia-web-server-info.yaml b/exposures/configs/saia-web-server-info.yaml new file mode 100644 index 0000000000..2eaa27c713 --- /dev/null +++ b/exposures/configs/saia-web-server-info.yaml @@ -0,0 +1,24 @@ +id: saia-web-server + +info: + name: Saia PCD Web-Server + author: DhiyaneshDk + severity: low + reference: https://www.exploit-db.com/ghdb/6865 + tags: status,info,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/loadtextfile.htm#programinfo" + + matchers-condition: and + matchers: + - type: word + words: + - "Saia PCD Web Server" + part: body + + - type: status + status: + - 200 From 4df6fac68e08e85d282b41016e40c9d03dfd6f81 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 19 Apr 2021 21:33:17 +0530 Subject: [PATCH 2/5] Create polycom-login.yaml --- exposed-panels/polycom-login.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposed-panels/polycom-login.yaml diff --git a/exposed-panels/polycom-login.yaml b/exposed-panels/polycom-login.yaml new file mode 100644 index 0000000000..995705eae2 --- /dev/null +++ b/exposed-panels/polycom-login.yaml @@ -0,0 +1,24 @@ +id: polycom-login + +info: + name: Polycom Login + author: DhiyaneshDk + severity: info + reference: https://www.exploit-db.com/ghdb/6863 + tags: status,info,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/login.html" + + matchers-condition: and + matchers: + - type: word + words: + - "Polycom Login" + part: body + + - type: status + status: + - 200 From 602aefc104e33bfa9c695012a669fa0d2afd6871 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 19 Apr 2021 21:45:39 +0530 Subject: [PATCH 3/5] Create sauter-login.yaml --- exposed-panels/sauter-login.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposed-panels/sauter-login.yaml diff --git a/exposed-panels/sauter-login.yaml b/exposed-panels/sauter-login.yaml new file mode 100644 index 0000000000..391978d33f --- /dev/null +++ b/exposed-panels/sauter-login.yaml @@ -0,0 +1,24 @@ +id: sauter-login + +info: + name: Sauter moduWeb - Login + author: DhiyaneshDk + severity: info + reference: https://www.exploit-db.com/ghdb/6883 + tags: login + +requests: + - method: GET + path: + - "{{BaseURL}}/?locale=en" + + matchers-condition: and + matchers: + - type: word + words: + - Sauter moduWeb - Login + part: body + + - type: status + status: + - 200 From 4e22fee6d3d363867097c4de962e4784324bba49 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 19 Apr 2021 22:18:03 +0530 Subject: [PATCH 4/5] Create exposed-authentication-asmx.yaml --- .../configs/exposed-authentication-asmx.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposures/configs/exposed-authentication-asmx.yaml diff --git a/exposures/configs/exposed-authentication-asmx.yaml b/exposures/configs/exposed-authentication-asmx.yaml new file mode 100644 index 0000000000..d310775e9c --- /dev/null +++ b/exposures/configs/exposed-authentication-asmx.yaml @@ -0,0 +1,24 @@ +id: exposed-authentication.asmx + +info: + name: Exposed Authentication.asmx + author: DhiyaneshDk + severity: low + reference: https://www.exploit-db.com/ghdb/6604 + tags: status,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/_vti_bin/Authentication.asmx?op=Mode" + + matchers-condition: and + matchers: + - type: word + words: + - "Authentication Web Service" + part: body + + - type: status + status: + - 200 From a3b23a2da1f2c5c37ad07dddc40ddb20f9aeb9ed Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Tue, 20 Apr 2021 14:41:34 +0530 Subject: [PATCH 5/5] minor updates --- exposed-panels/polycom-login.yaml | 2 +- exposed-panels/sauter-login.yaml | 2 +- exposures/configs/exposed-authentication-asmx.yaml | 2 +- exposures/configs/saia-web-server-info.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/exposed-panels/polycom-login.yaml b/exposed-panels/polycom-login.yaml index 995705eae2..279b09714f 100644 --- a/exposed-panels/polycom-login.yaml +++ b/exposed-panels/polycom-login.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDk severity: info reference: https://www.exploit-db.com/ghdb/6863 - tags: status,info,exposure + tags: panel requests: - method: GET diff --git a/exposed-panels/sauter-login.yaml b/exposed-panels/sauter-login.yaml index 391978d33f..b98741cab1 100644 --- a/exposed-panels/sauter-login.yaml +++ b/exposed-panels/sauter-login.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDk severity: info reference: https://www.exploit-db.com/ghdb/6883 - tags: login + tags: panel requests: - method: GET diff --git a/exposures/configs/exposed-authentication-asmx.yaml b/exposures/configs/exposed-authentication-asmx.yaml index d310775e9c..74d554612b 100644 --- a/exposures/configs/exposed-authentication-asmx.yaml +++ b/exposures/configs/exposed-authentication-asmx.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDk severity: low reference: https://www.exploit-db.com/ghdb/6604 - tags: status,exposure + tags: config,exposure requests: - method: GET diff --git a/exposures/configs/saia-web-server-info.yaml b/exposures/configs/saia-web-server-info.yaml index 2eaa27c713..91bf6d9d5b 100644 --- a/exposures/configs/saia-web-server-info.yaml +++ b/exposures/configs/saia-web-server-info.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDk severity: low reference: https://www.exploit-db.com/ghdb/6865 - tags: status,info,exposure + tags: config,exposure requests: - method: GET