misc updates

patch-1
sandeep 2022-03-31 22:44:10 +05:30
parent 58e853ec7c
commit 3c7b3156fc
3 changed files with 9 additions and 4 deletions

View File

@ -9,7 +9,9 @@ info:
- https://www.3cx.com/phone-system/ - https://www.3cx.com/phone-system/
- https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88 - https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
metadata: metadata:
shodan-query: http.title:"3CX Phone System Management Console" shodan-query:
- http.title:"3CX Phone System Management Console"
- http.favicon.hash:970132176
google-query: intitle:"3CX Phone System Management Console" google-query: intitle:"3CX Phone System Management Console"
tags: panel,3cx tags: panel,3cx
@ -21,5 +23,6 @@ requests:
matchers: matchers:
- type: word - type: word
words: words:
- "<title>3CX Phone System Management Console</title>" - "3CX Phone System Management Console"
- "Welcome to the 3CX Management Console" - "Welcome to the 3CX Management Console"
condition: or

View File

@ -1,11 +1,10 @@
id: 3cx-phone-webclient-management-panel id: 3cx-phone-webclient-management-panel
info: info:
name: 3CX Phone System Webclient Management Console Detect name: 3CX Phone System Webclient Management Console
author: idealphase author: idealphase
severity: info severity: info
reference: reference:
- https://www.3cx.com/
- https://www.3cx.com/phone-system/ - https://www.3cx.com/phone-system/
- https://www.3cx.com/blog/unified-communications/client-apps/ - https://www.3cx.com/blog/unified-communications/client-apps/
- https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88 - https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
@ -24,3 +23,4 @@ requests:
words: words:
- " <title>3CX Webclient</title>" - " <title>3CX Webclient</title>"
- '<meta name="description" content="3CX">' - '<meta name="description" content="3CX">'
condition: or

View File

@ -445,6 +445,8 @@ requests:
name: "3cx-phone-system" name: "3cx-phone-system"
dsl: dsl:
- "status_code==200 && (\"970132176\" == mmh3(base64_py(body)))" - "status_code==200 && (\"970132176\" == mmh3(base64_py(body)))"
- "status_code==200 && (\"970132176\" == mmh3(base64_py(body)))"
condition: or
- type: dsl - type: dsl
name: "bluehost" name: "bluehost"