From 8d3c76b67f5e890db0a6f5a83eb1a134235c85fb Mon Sep 17 00:00:00 2001 From: Chapman Schleiss Date: Tue, 24 May 2022 15:52:24 -0600 Subject: [PATCH 1/4] Adding additional matchers to hp printers without auth --- ...epro-printer.yaml => unauthorized-hp-printer.yaml} | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) rename misconfiguration/hp/{unauthorized-hp-officepro-printer.yaml => unauthorized-hp-printer.yaml} (57%) diff --git a/misconfiguration/hp/unauthorized-hp-officepro-printer.yaml b/misconfiguration/hp/unauthorized-hp-printer.yaml similarity index 57% rename from misconfiguration/hp/unauthorized-hp-officepro-printer.yaml rename to misconfiguration/hp/unauthorized-hp-printer.yaml index 75df2eacb7..bd98e40687 100644 --- a/misconfiguration/hp/unauthorized-hp-officepro-printer.yaml +++ b/misconfiguration/hp/unauthorized-hp-printer.yaml @@ -1,23 +1,24 @@ -id: unauthorized-hp-officepro-printer - +id: unauthorized-hp-printer + info: name: Unauthorized HP office pro printer - author: pussycat0x + author: pussycat0x,r3naissance severity: high metadata: shodan-dork: http.title:"Hp Officejet pro" tags: hp,iot,unauth - + requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/hp/device/webAccess/index.htm?content=security" matchers-condition: and matchers: - type: regex regex: - - 'HP Officejet Pro([ 0-9A-Za-z]+)<\/title>' + - '<title>(HP Officejet Pro([ 0-9A-Za-z]+)|HP Designjet([ 0-9A-Za-z]+).*)<\/title>' - type: status status: From cc2124f496529c06531d5573943b2da97231bef8 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Mon, 20 Jun 2022 10:37:14 +0530 Subject: [PATCH 3/4] Update and rename unauthorized-hp-printer.yaml to unauthorized-printer-hp.yaml --- ...nauthorized-hp-printer.yaml => unauthorized-printer-hp.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename misconfiguration/hp/{unauthorized-hp-printer.yaml => unauthorized-printer-hp.yaml} (90%) diff --git a/misconfiguration/hp/unauthorized-hp-printer.yaml b/misconfiguration/hp/unauthorized-printer-hp.yaml similarity index 90% rename from misconfiguration/hp/unauthorized-hp-printer.yaml rename to misconfiguration/hp/unauthorized-printer-hp.yaml index bd98e40687..2c485f2e3e 100644 --- a/misconfiguration/hp/unauthorized-hp-printer.yaml +++ b/misconfiguration/hp/unauthorized-printer-hp.yaml @@ -1,4 +1,4 @@ -id: unauthorized-hp-printer +id: unauthorized-printer-hp info: name: Unauthorized HP office pro printer From 4330004a20408fc6c8b8cd7994df5a3b15e74cde Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Mon, 20 Jun 2022 10:37:58 +0530 Subject: [PATCH 4/4] Update and rename misconfiguration/unauthorized-hp-printer.yaml to misconfiguration/hp/unauthorized-hp-printer.yaml --- misconfiguration/{ => hp}/unauthorized-hp-printer.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename misconfiguration/{ => hp}/unauthorized-hp-printer.yaml (94%) diff --git a/misconfiguration/unauthorized-hp-printer.yaml b/misconfiguration/hp/unauthorized-hp-printer.yaml similarity index 94% rename from misconfiguration/unauthorized-hp-printer.yaml rename to misconfiguration/hp/unauthorized-hp-printer.yaml index f3974b8ffe..9f69be01e2 100644 --- a/misconfiguration/unauthorized-hp-printer.yaml +++ b/misconfiguration/hp/unauthorized-hp-printer.yaml @@ -1,11 +1,11 @@ id: unauthorized-hp-printer - + info: name: Unauthorized HP Printer author: pussycat0x severity: high tags: hp,iot,unauth - + requests: - method: GET path: