misc changes

2021-05-28 08:41:58 +05:30 · 2021-05-28 08:41:58 +05:30 · 2348650a50
parent 31af679725
commit 2348650a50
4 changed files with 49 additions and 24 deletions
--- a/exposures/files/wordpress-installation.yaml
+++ b/exposures/files/wordpress-installation.yaml
@ -1,22 +0,0 @@
-id: wordpress-installation
-info:
-  name: Wordpress Installation
-  author: princechaddha
-  severity: high
-  tags: wordpress,exposure
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "/wp-admin/install.php"
-        part: header
-
-      - type: status
-        status:
-          - 302
--- a/vulnerabilities/wordpress/wp-config-setup.yaml
+++ b/vulnerabilities/wordpress/wp-config-setup.yaml
@ -0,0 +1,23 @@
+id: wp-config-setup
+
+info:
+  name: WordPress Setup Configuration
+  author: princechaddha
+  severity: high
+  reference: https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/
+  tags: wordpress
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/setup-config.php?step=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Below you should enter your database connection details."
+
+      - type: status
+        status:
+          - 200
--- a/vulnerabilities/wordpress/wp-install.yaml
+++ b/vulnerabilities/wordpress/wp-install.yaml
@ -0,0 +1,25 @@
+id: wp-install
+
+info:
+  name: WordPress Exposed Installation
+  author: princechaddha
+  severity: high
+  reference: https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/
+  tags: wordpress
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/install.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>WordPress &rsaquo; Installation</title>"
+          - "Site Title"
+        condition: and
+
+      - type: status
+        status:
+          - 200
--- a/workflows/wordpress-workflow.yaml
+++ b/workflows/wordpress-workflow.yaml
@ -32,5 +32,4 @@ workflows:
          - template: cves/2020/CVE-2020-35489.yaml
          - template: cves/2021/CVE-2021-24146.yaml
          - template: cves/2021/CVE-2021-24176.yaml
-          - template: vulnerabilities/wordpress/
-          - template: exposures/files/wordpress-installation.yaml
+          - template: vulnerabilities/wordpress/