daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #231 from dwisiswant0/fix-false-positives 

Fix from False-positive Results
patch-1
bauthard 2020-07-11 03:33:19 +05:30 committed by GitHub
parent de35ddc8a5 d634b2710c
commit 292197f823
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 30 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/CVE-2018-19439.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2018-19439
info: info:
name: Cross Site Scripting in Oracle Secure Global Desktop Administration Console name: Cross Site Scripting in Oracle Secure Global Desktop Administration Console
author: madrobot author: madrobot & dwisiswant0
severity: high severity: high
requests: requests:
@ -12,5 +12,5 @@ requests:
matchers: matchers:
- type: word - type: word
words: words:
- "<script>alert(1337)</script>" - "<script>alert(1337)</script><!--</TITLE>"
part: body part: body

2
cves/CVE-2018-5230.yaml
View File

@ -16,5 +16,5 @@ requests:
- 200 - 200
- type: word - type: word
words: words:
- "javascript:alert(1337)" - "SRC=\"javascript:alert(1337)\">"
part: body part: body

9
cves/CVE-2020-8512.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2020-8512
info: info:
name: IceWarp WebMail XSS name: IceWarp WebMail XSS
author: pdnuclei author: pdnuclei & dwisiswant0
severity: medium severity: medium
# source:- https://www.exploit-db.com/exploits/47988 # source:- https://www.exploit-db.com/exploits/47988
@ -13,9 +13,12 @@ requests:
path: path:
- '{{BaseURL}}/webmail/?color="><svg/onload=alert(document.domain)>"' - '{{BaseURL}}/webmail/?color="><svg/onload=alert(document.domain)>"'
- '{{BaseURL}}:32000/webmail/?color="><svg/onload=alert(document.domain)>"' - '{{BaseURL}}:32000/webmail/?color="><svg/onload=alert(document.domain)>"'
matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- "<svg/onload=alert(document.domain)>" - "<svg/onload=alert(document.domain)>\"\">"
part: body part: body
- type: status
status:
- 200

7
files/jolokia.yaml
View File

@ -1,8 +1,8 @@
id: jolokia instance id: jolokia-instance
info: info:
name: Jolokia Version Disclosure name: Jolokia Version Disclosure
author: mavericknerd author: mavericknerd & dwisiswant0
severity: low severity: low
requests: requests:
@ -14,7 +14,10 @@ requests:
matchers: matchers:
- type: word - type: word
words: words:
- '"timestamp":'
- '"protocol":'
- '"agent":' - '"agent":'
condition: and
- type: status - type: status
status: status:
- 200 - 200

20
panels/docker-api.yaml
View File

@ -2,16 +2,28 @@ id: exposed-docker-api
info: info:
name: Exposed Docker API name: Exposed Docker API
author: furkansenan author: furkansenan & dwisiswant0
severity: informative severity: informative
requests: requests:
- method: GET - method: GET
path: path:
- '{{BaseURL}}:2376/version' - "http://{{Hostname}}/version"
- "http://{{Hostname}}:2376/version"
- "http://{{Hostname}}/v1.24/version"
- "http://{{Hostname}}:2376/v1.24/version"
matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- "Version" - "application/json"
- "Docker" part: header
- type: word
words:
- "KernelVersion"
- "BuildTime"
condition: and
part: body part: body
- type: status
status:
- 200