daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'projectdiscovery:master' into master

patch-1
clem9669 2022-10-26 16:01:04 +00:00 committed by GitHub
parent 50850140b0 4b0b3ce39a
commit 2be1284293
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 500 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.new-additions
View File

@ -1,6 +1,7 @@
cves/2022/CVE-2022-0147.yaml
cves/2022/CVE-2022-1007.yaml
cves/2022/CVE-2022-1057.yaml
cves/2022/CVE-2022-40879.yaml
cves/2022/CVE-2022-41840.yaml
cves/2022/CVE-2022-43014.yaml
cves/2022/CVE-2022-43015.yaml
@ -8,9 +9,12 @@ cves/2022/CVE-2022-43016.yaml
cves/2022/CVE-2022-43017.yaml
cves/2022/CVE-2022-43018.yaml
default-logins/others/opencats-default-login.yaml
exposed-panels/acunetix-login.yaml
exposed-panels/beego-admin-dashboard.yaml
exposed-panels/code-server-login.yaml
exposed-panels/git-repository-browser.yaml
exposed-panels/gitblit-panel.yaml
exposed-panels/kubernetes-web-view.yaml
exposed-panels/liferay-portal.yaml
exposed-panels/maestro-login-panel.yaml
exposed-panels/opencats-panel.yaml
@ -29,19 +33,29 @@ exposures/files/cargo-lock-package.yaml
exposures/files/cargo-toml-file.yaml
exposures/files/db-xml-file.yaml
misconfiguration/cadvisor-exposure.yaml
misconfiguration/discourse-installer.yaml
misconfiguration/dokuwiki-installer.yaml
misconfiguration/express-stack-trace.yaml
misconfiguration/gitea-installer.yaml
misconfiguration/joomla-installer.yaml
misconfiguration/limesurvey-installer.yaml
misconfiguration/magento-installer.yaml
misconfiguration/matomo-installer.yaml
misconfiguration/mautic-installer.yaml
misconfiguration/nopcommerce-installer.yaml
misconfiguration/opensis-installer.yaml
misconfiguration/owncloud-installer-exposure.yaml
misconfiguration/phpbb-installer.yaml
misconfiguration/piwik-installer.yaml
misconfiguration/redash-installer.yaml
misconfiguration/springboot/springboot-conditions.yaml
misconfiguration/suitecrm-installer.yaml
misconfiguration/tiny-rss-installer.yaml
misconfiguration/typo3-installer.yaml
misconfiguration/umbraco-installer.yaml
misconfiguration/vtiger-installer.yaml
network/clamav-unauth.yaml
network/detection/clamav-detect.yaml
network/detection/vmware-authentication-daemon-detect.yaml
technologies/express-default-page.yaml
token-spray/api-nytimes.yaml

43
cves/2022/CVE-2022-40879.yaml Normal file
View File

@ -0,0 +1,43 @@
id: CVE-2022-40879
info:
name: kkFileView 4.1.0 - Cross-Site Scripting
author: arafatansari
severity: medium
description: |
kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the parameter 'errorMsg.'
reference:
- https://github.com/kekingcn/kkFileView/issues/389
- https://nvd.nist.gov/vuln/detail/CVE-2022-40879
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-29349
cwe-id: CWE-79
metadata:
verified: true
shodan-query: http.html:"kkFileView"
tags: cve,cve2022,kkFileView,xss
requests:
- method: GET
path:
- "{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<img src=1 onerror=alert(document.domain)>=PQ</p>'
- '该文件不'
condition: and
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

33
exposed-panels/acunetix-login.yaml Normal file
View File

@ -0,0 +1,33 @@
id: acunetix-login
info:
name: Acunetix Login Panel Detect
author: tess
severity: info
metadata:
verified: true
shodan-query: title:"Acunetix"
tags: panel,acunetix
requests:
- method: GET
path:
- '{{BaseURL}}/#/login'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>Acunetix</title>"
- "assets/images/invicti-acunetix-logo.svg"
condition: or
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

35
exposed-panels/beego-admin-dashboard.yaml Normal file
View File

@ -0,0 +1,35 @@
id: beego-admin-dashboard
info:
name: Beego Admin Dashboard
author: DhiyaneshDk
severity: medium
reference:
- https://twitter.com/shaybt12/status/1584112903577567234/photo/1
metadata:
verified: true
shodan-query: html:"Beego Admin Dashboard"
tags: panel,beego,unauth
requests:
- method: GET
path:
- '{{BaseURL}}/listconf?command=conf'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Welcome to Beego Admin Dashboard'
- 'Configurations'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

34
exposed-panels/kubernetes-web-view.yaml Normal file
View File

@ -0,0 +1,34 @@
id: kubernetes-web-view
info:
name: Kubernetes Web View
author: tess
severity: medium
metadata:
verified: true
shodan-query: title:"Kubernetes Web View"
tags: pane,misconfig,kubernetes,k8s
requests:
- method: GET
path:
- '{{BaseURL}}'
- '{{BaseURL}}/clusters/local'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Kubernetes Web View</title>'
- 'a href="https://codeberg.org/hjacobs/kube-web-view'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

30
exposed-panels/nessus-panel.yaml
View File

@ -1,28 +1,30 @@
id: nessus-panel-detect
id: nessus-panel
info:
name: Nessus Panel detector
author: joanbono
name: Nessus Panel Detect
author: joanbono,tess
severity: info
tags: panel
metadata:
verified: true
shodan-query: title:"Nessus"
tags: panel,nessus
requests:
- method: GET
path:
- "{{BaseURL}}"
- "{{BaseURL}}/server/status"
matchers-condition: and
matchers-condition: or
matchers:
- type: word
words:
- '{"code":200,"progress":null,"status":"ready"}'
part: body
- type: word
part: header
words:
- 'NessusWWW'
part: header
- type: status
status:
- 200
- type: word
part: body
words:
- "<title>Nessus</title>"
- "window.location = '/unsupported6.html';"
condition: and

33
misconfiguration/discourse-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: discourse-installer
info:
name: Discourse Installer Exposure
author: DhiyaneshDk
severity: unknown
metadata:
verified: true
shodan-query: title:"Discourse Setup"
tags: misconfig,discourse,install
requests:
- method: GET
path:
- '{{BaseURL}}/finish-installation/register'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Discourse Setup'
- 'Register Admin Account'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/dokuwiki-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: dokuwiki-installer
info:
name: DokuWiki Install Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: title:"DokuWiki"
tags: misconfig,dokuwiki,install,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/install.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "DokuWiki Installer"
- "Superuser"
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/joomla-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: joomla-installer
info:
name: Joomla! Installer Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: title:"Joomla Web Installer"
tags: misconfig,joomla,install
requests:
- method: GET
path:
- '{{BaseURL}}/installation/index.php'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Joomla! Web Installer'
- 'Configuration'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/magento-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: magento-installer
info:
name: Magento Installation Wizard
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: html:"Magento Installation"
tags: misconfig,magento,install,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/index.php/install/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Magento Installation Wizard"
- "Welcome to Magento's Installation Wizard!"
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

31
misconfiguration/opensis-installer.yaml Normal file
View File

@ -0,0 +1,31 @@
id: opensis-installer
info:
name: openSIS Installation Wizard
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: title:"openSIS"
tags: misconfig,opensis,install,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/install/index.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "openSIS Installer"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/phpbb-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: phpbb-installer
info:
name: phpBB Installation File Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: html:"Installation Panel"
tags: misconfig,phpbb,install,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/install/app.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Installation Panel"
- "Introduction"
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/tiny-rss-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: tiny-rss-installer
info:
name: Tiny Tiny RSS Installer Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: title:"Tiny Tiny RSS - Installer"
tags: misconfig,tiny,install
requests:
- method: GET
path:
- '{{BaseURL}}/install/'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Tiny Tiny RSS - Installer'
- 'Test configuration'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/umbraco-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: umbraco-installer
info:
name: Umbraco Install Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: title:"Install Umbraco"
tags: misconfig,umbraco,install,oss
requests:
- method: GET
path:
- '{{BaseURL}}/install'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Install Umbraco'
- 'umbracoInstallPageBody'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

33
misconfiguration/vtiger-installer.yaml Normal file
View File

@ -0,0 +1,33 @@
id: vtiger-installer
info:
name: Vtiger CRM Installer Exposure
author: DhiyaneshDk
severity: high
metadata:
verified: true
shodan-query: html:"Welcome to Vtiger CRM"
tags: misconfig,vtiger,install,exposure
requests:
- method: GET
path:
- '{{BaseURL}}/index.php?module=Install&view=Index'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Installation Wizard'
- 'Welcome to Vtiger CRM'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

29
network/detection/clamav-detect.yaml Normal file
View File

@ -0,0 +1,29 @@
id: clamav-detect
info:
name: ClamAV Server Detect
author: pussycat0x
severity: info
description: |
Clam AntiVirus is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses.
metadata:
verified: true
shodan-query: 'port:3310 product:"ClamAV"'
tags: network,clamav
network:
- inputs:
- data: "VERSION"
host:
- "{{Hostname}}"
- "{{Host}}:3310"
matchers:
- type: regex
regex:
- 'ClamAV ([0-9.]+)'
extractors:
- type: regex
regex:
- "ClamAV ([0-9.]+)"

2
technologies/azure-kubernetes-service.yaml
View File

@ -4,7 +4,7 @@ info:
name: Detect Azure Kubernetes Service
author: dhiyaneshDk
severity: info
tags: tech,azure,k8s
tags: tech,azure,k8s,kubernetes
requests:
- method: GET