From 89267754b8221ef2d2fff3b806ba9fec875bf766 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Mon, 4 Mar 2024 19:38:47 +0100 Subject: [PATCH 1/2] Add files via upload --- .../webtransferclient-panel.yaml | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 http/exposed-panels/webtransferclient-panel.yaml diff --git a/http/exposed-panels/webtransferclient-panel.yaml b/http/exposed-panels/webtransferclient-panel.yaml new file mode 100644 index 0000000000..c440e41ea9 --- /dev/null +++ b/http/exposed-panels/webtransferclient-panel.yaml @@ -0,0 +1,25 @@ +id: webtransferclient-panel + +info: + name: Web Transfer Client Login Panel - Detect + author: righettod + severity: info + description: Progress Web Transfer Client login panel was detected. + reference: + - https://www.progress.com/ftp-server/web-transfer + metadata: + verified: true + shodan-query: http.title:"Web Transfer Client" + tags: panel,webtransferclient,login,detect + +http: + - method: GET + path: + - "{{BaseURL}}/ThinClient/WTM/public/index.html" + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(body, "Web Transfer Client")' + condition: and \ No newline at end of file From 60d787cac05a88cf572dfb2610144cfbf7394d67 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 5 Mar 2024 13:59:12 +0530 Subject: [PATCH 2/2] Update and rename webtransferclient-panel.yaml to webtransfer-client-panel.yaml --- ...ansferclient-panel.yaml => webtransfer-client-panel.yaml} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename http/exposed-panels/{webtransferclient-panel.yaml => webtransfer-client-panel.yaml} (85%) diff --git a/http/exposed-panels/webtransferclient-panel.yaml b/http/exposed-panels/webtransfer-client-panel.yaml similarity index 85% rename from http/exposed-panels/webtransferclient-panel.yaml rename to http/exposed-panels/webtransfer-client-panel.yaml index c440e41ea9..b1eeec5cf3 100644 --- a/http/exposed-panels/webtransferclient-panel.yaml +++ b/http/exposed-panels/webtransfer-client-panel.yaml @@ -1,4 +1,4 @@ -id: webtransferclient-panel +id: webtransfer-client-panel info: name: Web Transfer Client Login Panel - Detect @@ -8,6 +8,7 @@ info: reference: - https://www.progress.com/ftp-server/web-transfer metadata: + max-request: 1 verified: true shodan-query: http.title:"Web Transfer Client" tags: panel,webtransferclient,login,detect @@ -22,4 +23,4 @@ http: dsl: - 'status_code == 200' - 'contains(body, "<title>Web Transfer Client")' - condition: and \ No newline at end of file + condition: and