Dashboard Content Enhancements (#6289)

Dashboard Content Enhancements
patch-1
MostInterestingBotInTheWorld 2022-12-08 08:42:03 -05:00 committed by GitHub
parent 77b714964f
commit 1ecf1ad13a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
69 changed files with 561 additions and 92 deletions

View File

@ -1,9 +1,14 @@
id: asus-router-panel
info:
name: Asus Router Login Panel
name: Asus Router Login Panel - Detect
author: arafatansari
severity: info
description: Asus router login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: 'Server: httpd/2.0 port:8080'
@ -25,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,15 @@
id: backpack-admin-panel
info:
name: Backpack Admin Login Panel
name: Laravel Backpack Admin Login Panel - Detect
author: shine
severity: info
description: |
An Backpack Admin dashboard was detected.
Laravel Backpack admin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Backpack Admin"
@ -23,3 +27,5 @@ requests:
- 'Backpack Admin'
- 'backpack_alerts'
condition: or
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,16 @@
id: cisco-webvpn-detect
info:
name: Cisco WebVPN Detect
name: Cisco WebVPN Panel - Detect
author: ricardomaia
severity: info
description: Cisco WebVPN panel was detected.
reference:
- https://askanydifference.com/difference-between-cisco-clientless-ssl-vpn-and-anyconnect-with-table/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg=="
@ -38,3 +43,5 @@ requests:
- "webvpncontext=00@.+"
- "webvpn="
condition: or
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: cudatel-panel
info:
name: CudaTel Login Panel
name: CudaTel Login Panel - Detect
author: arafatansari
severity: info
description: CudaTel login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"CudaTel"
@ -25,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,16 @@
id: dradis-pro-panel
info:
name: Dradis Professional Edition Panel
name: Dradis Professional Edition Login Panel - Detect
author: righettod
severity: info
description: Dradis Professional Edition login panel was detected.
reference:
- https://dradisframework.com/ce/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Dradis Professional Edition"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,12 +1,16 @@
id: influxdb-panel
info:
name: InfluxDB Detect
name: InfluxDB Admin Interface Panel - Detect
author: pikpikcu,idealphase
severity: info
description: Open Source Time Series Database, high-speed read and write database.
description: InfluxDB admin interface panel was detected.
reference:
- https://www.influxdata.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"InfluxDB - Admin Interface"
tags: panel,influxdb
@ -32,3 +36,5 @@ requests:
group: 1
regex:
- '<b>InfluxDB<\/b> v([\d.]+)<\/p>'
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: mikrotik-routeros-old
info:
name: MikroTik RouterOS Administration Login
name: MikroTik RouterOS Admin Login Panel - Detect
author: its0x08,DhiyaneshDk
severity: info
description: MikroTik RouterOS admin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"mikrotik routeros > administration"
@ -27,3 +32,5 @@ requests:
group: 1
regex:
- '<div class="top">mikrotik routeros (.[0-9.]+) configuration page</div>'
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: oracle-people-sign-in
info:
name: Oracle Peoplesoft Sign-in
name: Oracle PeopleSoft Login Panel - Detect
author: idealphase
severity: info
description: Oracle PeopleSoft login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Oracle PeopleSoft Sign-in"
tags: oracle,panel
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: orchid-vms-panel
info:
name: Orchid Core VMS Panel Detect
name: Orchid Core VMS Panel - Detect
author: princechaddha
severity: info
description: Orchid Core VMS panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Orchid Core VMS"
tags: panel,orchid
@ -23,3 +28,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: osticket-panel
info:
name: OSTicket Panel Detect
name: osTicket Login Panel - Detect
author: ritikchaddha
severity: info
description: osTicket login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.html:"powered by osTicket"
@ -30,3 +35,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: osticket-install
info:
name: OSTicket Installation
name: osTicket Installer Panel - Detect
author: ritikchaddha
severity: high
description: osTicket installer panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"osTicket Installer"
@ -32,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,12 +1,16 @@
id: otobo-panel
info:
name: OTOBO Login Panel
name: OTOBO Login Panel - Detect
author: princechaddha
severity: info
description: OTOBO is one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management.
description: OTOBO login panel was detected.
reference:
- https://github.com/rotheross/otobo
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"otobo"
tags: panel,otobo
@ -26,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: ourmgmt3-panel
info:
name: OurMGMT3 Admin Panel
name: OurMGMT3 Admin Login Panel - Detect
author: ritikchaddha
severity: info
description: OurMGMT3 admin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"OurMGMT3"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: gxd5-pacs-connexion-utilisateur
info:
name: GXD5 Pacs Connexion utilisateur
name: GXD5 Pacs Connexion Login Panel - Detect
author: dhiyaneshDK
severity: info
description: GXD5 Pacs Connexion panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"GXD5 Pacs Connexion utilisateur"
tags: panel,login
@ -22,3 +27,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: panabit-panel
info:
name: Panabit Panel Detect
name: Panabit Login Panel - Detect
author: ffffffff0x
severity: info
description: Panabit login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
reference:
- https://www.panabit.com/
metadata:
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,16 @@
id: pandora-fms-console
info:
name: Pandora FMS
name: Pandora FMS Mobile Console Login Panel - Detect
author: dhiyaneshDk
severity: info
description: Pandora FMS Mobile Console login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6827
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,edb
requests:
@ -21,3 +26,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: parallels-html-client
info:
name: Parallels HTML5 Client
name: Parallels HTML5 Client Login Panel - Detect
author: pdteam
severity: info
description: Parallels HTML5 Client login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel
requests:
@ -15,3 +20,5 @@ requests:
words:
- "<title>Parallels HTML5 Client</title>"
part: body
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: parallels-hsphere-detect
info:
name: Parallels H-Sphere Detect
name: Parallels H-Sphere Login Panel - Detect
author: ritikchaddha
severity: info
description: Parallels H-Sphere login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Parallels H-Sphere"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: parse-dashboard
info:
name: Parse Dashboard Exposure
name: Parse Dashboard Login Panel - Detect
author: tess
severity: info
description: Parse Dashboard login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Parse Dashboard"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: payroll-management-system-panel
info:
name: Payroll Management System Web Login Panel
name: Payroll Management System Web Login Panel - Detect
author: idealphase
severity: info
description: Payroll Management System Web login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"Admin | Employee's Payroll Management System"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,13 +1,17 @@
id: pega-web-panel
info:
name: Pega Infinity Web Login Panel
name: Pega Infinity Login Panel - Detect
author: powerexploit,righettod
severity: info
description: |
Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation
Pega Infinity login panel was detected.
reference:
- https://www.pega.com/infinity
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Pega Platform"
@ -36,3 +40,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: pentaho-panel
info:
name: Pentaho Panel
name: Pentaho User Console Login Panel - Detect
author: princechaddha,dhiyaneshDK
severity: info
description: Pentaho User Console login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: pentaho
tags: panel,pentaho
@ -17,3 +22,5 @@ requests:
- type: word
words:
- '<title>Pentaho User Console - Login</title>'
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,16 @@
id: persis-panel
info:
name: Persis Panel
name: Persis Panel - Detect
author: righettod
severity: info
description: Persis panel was detected,
reference:
- https://www.persis.de/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"Persis"
@ -38,3 +43,5 @@ requests:
- 301
- 302
condition: or
# Enhanced by md on 2022/12/05

View File

@ -1,13 +1,17 @@
id: pfsense-login
info:
name: pfSense Login
name: pfSense Login Panel - Detect
author: idealphase
severity: info
description: free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality.
description: pfSense login panel was detected.
reference:
- https://www.pfsense.org/download/
- https://www.pfsense.org/getting-started/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"pfSense - Login"
google-query: intitle:"pfSense - Login"
@ -34,3 +38,5 @@ requests:
group: 1
regex:
- '<script src="\/js\/pfSense\.js\?(.+)"><\/script>'
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: pgadmin-exposure
info:
name: PostgreSQL - pgAdmin Dasboard Exposure
name: PostgreSQL pgAdmin Dashboard Panel - Detect
author: princechaddha
severity: info
description: PostgreSQL pgAdmin Dashboard panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: unauth,pgadmin,postgres,panel
requests:
@ -25,3 +30,5 @@ requests:
words:
- "<title>pgAdmin"
part: body
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: phabricator-login
info:
name: Phabricator Login
name: Phabricator Login Panel - Detect
author: dhiyaneshDK
severity: info
description: Phabricator login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: html:"phabricator-standard-page"
tags: panel,phabricator
@ -23,3 +28,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: phoronix-panel
info:
name: Phoronix Test Suite Panel Detect
name: Phoronix Test Suite Panel - Detect
author: pikpikcu
severity: info
description: Phoronix Test Suite panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"phoronix-test-suite"
tags: panel,phoronix
@ -29,3 +34,5 @@ requests:
group: 1
regex:
- "<title>Phoronix Test Suite (.*) - Phoromatic - Welcome</title>"
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: php-mailer
info:
name: PHP Mailer Detect
name: PHPMailer Panel - Detect
author: ritikchaddha
severity: unknown
description: PHPMailer panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"PHP Mailer"
@ -24,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/05

View File

@ -1,9 +1,14 @@
id: phpcollab-panel
info:
name: PhpCollab Login Panel
name: phpCollab Login Panel - Detect
author: pikpikcu
severity: info
description: phpCollab login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"PhpCollab"
tags: panel,phpcollab,login
@ -30,3 +35,5 @@ requests:
group: 1
regex:
- '<p id="footer">(.*)</p>'
# Enhanced by md on 2022/12/05

View File

@ -1,11 +1,16 @@
id: phpldap-admin
info:
name: phpLDAPAdmin Login
name: phpLDAPadmin Login Panel - Detect
author: DhiyaneshDk
severity: info
description: phpLDAPadmin login panel was detected.
reference:
- https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5601756213221540/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"phpLDAPAdmin"
@ -26,3 +31,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,13 +1,17 @@
id: phpminiadmin-panel
info:
name: PhpMiniAdmin Panel
name: phpMiniAdmin Login Panel - Detect
author: nullfuzz
severity: info
description: |
phpMiniAdmin is a third-party tool that you can use to manipulate MySQL databases.
phpMiniAdmin login panel was detected.
reference:
- https://github.com/osalabs/phpminiadmin
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.html:"phpMiniAdmin"
@ -31,3 +35,5 @@ requests:
group: 1
regex:
- 'phpMiniAdmin ([0-9._]+)'
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: phpmyadmin-panel
info:
name: phpMyAdmin Panel
name: phpMyAdmin Panel - Detect
author: pdteam
severity: info
description: phpMyAdmin panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:phpMyAdmin
tags: panel,phpmyadmin
@ -37,3 +42,5 @@ requests:
group: 1
regex:
- 'v=([a-z0-9-._]+)'
# Enhanced by md on 2022/12/06

View File

@ -1,13 +1,17 @@
id: phppgadmin-panel
info:
name: phpPgAdmin Panel
name: phpPgAdmin Login Panel - Detect
author: Ganofins,Nullfuzz
severity: info
description: |
phpPgAdmin is a third-party tool that you can use to manipulate PostgreSQL databases.
phpPgAdmin login ipanel was detected.
reference:
- https://docs.cpanel.net/cpanel/databases/phppgadmin/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:phpPgAdmin
@ -32,3 +36,5 @@ requests:
- "status_code == 200"
- "contains(body, '<title>phpPgAdmin')"
condition: and
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: pichome-panel
info:
name: Pichome Panel Detect
name: Pichome Login Panel - Detect
author: ritikchaddha
severity: info
description: Pichome login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.favicon.hash:933976300
@ -30,3 +35,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: piwigo-panel
info:
name: Piwigo panel login
name: Piwigo Login Panel - Detect
author: daffainfo
severity: info
description: Piwigo login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
fofa-query: title="piwigo"
@ -29,3 +34,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: plastic-scm-login
info:
name: Plastic SCM Login
name: Unity Plastic SCM Login Panel - Detect
author: dhiyaneshDK
severity: info
description: Unity Plastic SCM login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Plastic SCM"
tags: panel,plastic
@ -21,3 +26,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: plesk-obsidian-login
info:
name: Plesk Obsidian login panel
name: Plesk Obsidian Login Panel - Detect
author: dhiyaneshDK,daffainfo
severity: info
description: Plesk Obsidian login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.html:"Plesk Obsidian"
@ -29,3 +34,5 @@ requests:
group: 1
regex:
- '(?i)<title>([A-Za-z 0-9.]+)</title>'
# Enhanced by md on 2022/12/06

View File

@ -1,11 +1,16 @@
id: plesk-onyx-login
info:
name: Plesk Onyx Login Panel
name: Plesk Onyx Login Panel - Detect
author: dhiyaneshDK,daffainfo
severity: info
description: Plesk Onyx login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6501
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.html:"Plesk Onyx"
@ -34,3 +39,5 @@ requests:
group: 1
regex:
- 'alt="Plesk Onyx ([0-9.]+)"'
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: polycom-admin-detect
info:
name: Polycom Admin Panel
name: Polycom Admin Panel - Detect
author: e_schultze_
severity: low
description: Polycom admin panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel
requests:
@ -26,3 +31,5 @@ requests:
words:
- "Server: lighttpd"
part: header
# Enhanced by md on 2022/12/06

View File

@ -1,11 +1,16 @@
id: polycom-login
info:
name: Polycom Login
name: Polycom Login Panel - Detect
author: DhiyaneshDk
severity: info
description: Polycom login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6863
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: edb,panel
requests:
@ -23,3 +28,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: powerjob-panel
info:
name: PowerJob Login Panel
name: PowerJob Login Panel - Detect
author: pikpikcu
severity: info
description: PowerJob login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
fofa-query: title="PowerJob"
@ -24,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,11 +1,16 @@
id: powerlogic-ion
info:
name: PowerLogic ION Exposed
name: PowerLogic ION Panel - Detect
author: dhiyaneshDK
severity: low
description: PowerLogic ION panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6810
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,edb
requests:
@ -21,3 +26,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,12 +1,16 @@
id: privx-panel
info:
name: SSH PrivX Login Page
name: SSH PrivX Login Panel - Detect
author: korteke
severity: info
description: A SSH PrivX login page was detected.
description: SSH PrivX login panel was detected.
reference:
- https://www.ssh.com/products/privx/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: title:"PrivX"
tags: panel,privx
@ -26,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,11 +1,16 @@
id: project-insight-login
info:
name: Project Insight - Login
name: Project Insight Login Panel - Detect
author: dhiyaneshDk
severity: info
description: Project Insight login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/7413
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Project Insight - Login"
tags: panel,edb
@ -25,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,12 +1,17 @@
id: projectsend-login
info:
name: ProjectSend login panel
name: ProjectSend Login Panel - Detect
author: idealphase
severity: info
description: ProjectSend login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/7380
- https://github.com/projectsend/projectsend
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
google-query: intext:Provided by ProjectSend
tags: panel,projectsend,edb
@ -38,3 +43,5 @@ requests:
group: 1
regex:
- "version (.*) - Free software"
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: prometheus-exposed-panel
info:
name: Prometheus.io exposed panel
name: Prometheus Panel - Detect
author: organiccrap
severity: low
description: Prometheus panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,prometheus
requests:
@ -15,3 +20,5 @@ requests:
- type: word
words:
- '<title>Prometheus Time Series Collection and Processing Server</title>'
# Enhanced by md on 2022/12/06

View File

@ -1,10 +1,14 @@
id: prometheus-pushgateway-exposed-panel
info:
name: Prometheus Pushgateway exposed panel
name: Prometheus Pushgateway Panel - Detect
author: codexlynx
severity: low
description: Exposed Prometheus Pushgateway panel
description: Prometheus Pushgateway panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,prometheus,pushgateway
requests:
@ -16,3 +20,5 @@ requests:
- type: word
words:
- '<title>Prometheus Pushgateway</title>'
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: pulse-secure-panel
info:
name: Pulse Secure VPN Panel
name: Pulse Secure VPN Login Panel - Detect
author: bsysop
severity: info
description: Pulse Secure VPN login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,pulse,vpn
requests:
@ -25,3 +30,5 @@ requests:
part: body
regex:
- "(?i)/dana-na/css/ds(_[a-f0-9]{64})?.css"
# Enhanced by md on 2022/12/06

View File

@ -1,10 +1,15 @@
id: puppetboard-panel
info:
name: Puppetlabs Puppetboard
name: Puppetboard Panel - Detect
author: c-sh0,daffainfo
severity: info
description: Puppetboard panel was detected.
reference: https://github.com/voxpupuli/puppetboard
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"Puppetboard"
@ -36,3 +41,5 @@ requests:
group: 1
regex:
- '<a href="https://github.com/voxpupuli/puppetboard" target="_blank">([0-9.]+)</a></div>'
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: pure-storage-login
info:
name: Pure Storage Login
name: Pure Storage Login Panel - Detect
author: dhiyaneshDK
severity: info
description: Pure Storage login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Pure Storage Login"
tags: panel,purestorage
@ -22,3 +27,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,11 +1,16 @@
id: pypicloud-panel
info:
name: Pypicloud panel detection
name: PyPICloud Login Panel - Detect
author: Supras
severity: info
description: PyPLCloud login panel was detected.
reference:
- https://pypicloud.readthedocs.io/en/latest/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
google-query: intext:pypicloud
tags: panel,pypicloud
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,13 +1,17 @@
id: qlik-sense-server
info:
name: Qlik Sense Server Detect
name: Qlik Sense Server Panel - Detect
author: ricardomaia
severity: info
description: |
Qlik Sense is a data visualization and discovery product. Qlik Sense Enterprise can be deployed on combinations of on-premise and cloud sites.
Qlik Sense Server panel was detected.
reference:
- https://www.qlik.com/us/products/qlik-sense
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"Qlik-Sense"
@ -40,3 +44,5 @@ requests:
group: 1
regex:
- 'qliksenseserver:((\d+\.)?(\d+\.)?(\*|\d+))'
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: qmail-admin-login
info:
name: QmailAdmin Login
name: QmailAdmin Login Panel - Detect
author: ritikchaddha
severity: info
description: QmailAdmin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: title:"QmailAdmin"
@ -31,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,13 +1,17 @@
id: qnap-photostation-panel
info:
name: PhotoStation Panel
name: QNAP Photo Station Panel - Detect
author: idealphase
severity: info
description: |
Centrally store, manage, and enjoy your full resolution photos across all your devices with QNAP NAS.
QNAP Photo Station panel was detected.
reference:
- https://www.qnap.com/th-th/software/photo-station
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"Photo Station"
@ -29,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,13 +1,17 @@
id: qnap-qts-panel
info:
name: QNAP - QTS login panel
name: QNAP Turbo NAS Login Panel - Detect
author: idealphase,daffainfo
severity: info
description: |
QTS (QNAP Turbo NAS System) is the Turbo NAS Operating System, providing file storage, backup, disaster recovery, security management and virtualization applications for businesses
QNAP QTS login panel was detected.
reference:
- https://www.qnap.com/qts/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: product:"QNAP"
@ -33,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: qualcomm-voip-router
info:
name: Qualcomm 4G LTE WiFi VoIP-Router
name: Qualcomm 4G LTE WiFi VoIP Router Panel - Detect
author: pussycat0x
severity: info
description: Qualcomm 4G LTE Wifi VoIP router panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
fofa-dork: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
tags: panel,qualcomm,iot,router,voip
@ -23,3 +28,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: qualtrics-login
info:
name: Qualtrics Login Panel
name: Qualtrics Login Panel - Detect
author: tess
severity: info
description: Qualtrics login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
tags: panel,qualtrics
@ -24,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: quantum-scalar-detect
info:
name: QUANTUM - Scalar i500 Login Panel Detect
name: Quantum Scalar i500 Login Panel - Detect
author: princechaddha
severity: info
description: Quantum Scalar i500 login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,quantum,scalar
requests:
@ -20,3 +25,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,10 +1,16 @@
id: r-webserver-login
info:
name: R WebServer Login
name: R WebServer Login Panel - Detect
author: pussycat0x
severity: info
reference: https://www.exploit-db.com/ghdb/7132
description: R WebServer login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/7132
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,rwebserver
requests:
@ -21,3 +27,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/06

View File

@ -1,9 +1,14 @@
id: rabbitmq-dashboard
info:
name: RabbitMQ Dashboard
name: RabbitMQ Management Panel - Detect
author: fyoorer
severity: info
description: RabbitMQ Management panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,rabbitmq
requests:
@ -15,3 +20,5 @@ requests:
words:
- "RabbitMQ Management"
part: body
# Enhanced by md on 2022/12/07

View File

@ -1,14 +1,17 @@
id: racksnet-login
info:
name: racksnet network automation & management software login
name: Racksnet Login Panel - Detect
author: idealphase
severity: info
description: Start a new dimension of network automation with racksnet®, Cloud and SDN. Because only racksnet® offers you powerful options such as multi-vendor automation, multi-site management and a cloud that
adapts to your needs, instead of the other way around.
description: Racksnet login panel was detected.
reference:
- https://racksnet.com/en/
- https://racksnet.com/en/product-overview/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"My Datacenter - Login"
google-query: intitle:"My Datacenter - Login"
@ -29,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07

View File

@ -1,11 +1,16 @@
id: radius-manager-login
info:
name: Radius Manager Control Panel
name: Radius Manager Admininstration Control Panel Login Panel - Detect
author: dhiyaneshDK
severity: info
description: Radius Manager Administration Control Panel login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6790
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,radius,edb
requests:
@ -24,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07

View File

@ -1,16 +1,20 @@
id: rancher-panel
info:
name: Rancher Login Panel
name: Rancher Login Panel - Detect
author: princechaddha, idealphase
severity: info
description: Rancher is a open-source multi-cluster orchestration platform, lets operations teams deploy, manage and secure enterprise Kubernetes.
description: Rancher login panel was detected.
reference:
- https://github.com/rancher/rancher
- https://rancher.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
verified: true
shodan-query: http.title:"Loading&hellip;"
shodan-query: http.title:"Loading?"
tags: panel,rancher,kubernetes,devops,cloud,login
requests:
@ -23,7 +27,7 @@ requests:
- type: word
part: body
words:
- "<title>Loading&hellip;</title>"
- "<title>Loading?</title>"
- "ember-basic-dropdown-wormhole"
condition: and
@ -37,3 +41,5 @@ requests:
group: 1
regex:
- '<!\-\- ([0-9. ]+)\-\->'
# Enhanced by md on 2022/12/07

View File

@ -1,9 +1,14 @@
id: raspberrymatic-panel
info:
name: RaspberryMatic Panel Detect
name: RaspberryMatic Login Panel - Detect
author: princechaddha
severity: info
description: RaspberryMatic login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.favicon.hash:-578216669
tags: panel,raspberrymatic,iot
@ -25,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07

View File

@ -1,9 +1,14 @@
id: redash-panel
info:
name: Redash Panel Detect
name: Redash Login Panel - Detect
author: princechaddha
severity: info
description: Redash login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.favicon.hash:698624197
tags: panel,redash
@ -25,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07

View File

@ -1,9 +1,14 @@
id: redis-commander-exposure
info:
name: Redis Commander Exposure
name: Redis Commander Panel - Detect
author: dahse89
severity: low
description: Redis Commander panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
reference:
- https://joeferner.github.io/redis-commander/
- https://github.com/joeferner/redis-commander
@ -20,3 +25,5 @@ requests:
words:
- "<title>Redis Commander"
- "redisCommanderBearerToken"
# Enhanced by md on 2022/12/07

View File

@ -1,9 +1,14 @@
id: remkon-manager-panel
info:
name: Remkon Device Manager Login Panel
name: RemKon Device Manager Login Panel - Detect
author: pikpikcu,daffainfo
severity: info
description: RemKon Device Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Remkon Device Manager"
tags: panel,remkon,login
@ -23,3 +28,5 @@ requests:
part: body
words:
- "<title>Remkon Device Manager</title>"
# Enhanced by md on 2022/12/07

View File

@ -1,11 +1,16 @@
id: remote-ui-login
info:
name: Remote UI Login
name: Canon Remote UI Login Panel - Detect
author: dhiyaneshDK
severity: info
description: Canon Remote UI login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/6815
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: panel,edb
requests:
@ -21,3 +26,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07

View File

@ -1,9 +1,14 @@
id: residential-gateway-login
info:
name: Residential Gateway Login
name: Residential Gateway Login Panel - Detect
author: idealphase
severity: info
description: Residential Gateway login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-query: http.title:"Login - Residential Gateway"
google-query: intitle:"Login - Residential Gateway"
@ -28,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by md on 2022/12/07