commit
41dfa0e69e
|
@ -0,0 +1,44 @@
|
|||
id: prestashop-module-fuzz
|
||||
info:
|
||||
name: Prestashop Modules Enumeration
|
||||
author: meme-lord
|
||||
severity: info
|
||||
tags: fuzz,prestashop
|
||||
|
||||
requests:
|
||||
|
||||
- payloads:
|
||||
path: helpers/wordlists/prestashop-modules.txt
|
||||
|
||||
attack: sniper
|
||||
threads: 50
|
||||
|
||||
raw:
|
||||
- |
|
||||
GET /modules/{{path}}/config.xml HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Accept: application/json, text/plain, */*
|
||||
Accept-Language: en-US,en;q=0.5
|
||||
Referer: {{BaseURL}}
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<module>"
|
||||
- "<name>"
|
||||
- "<displayName>"
|
||||
- "<is_configurable>"
|
||||
- "</module>"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
group: 2
|
||||
regex:
|
||||
- '<version>(<!\[CDATA\[)?([0-9.]+)'
|
|
@ -0,0 +1,639 @@
|
|||
1attributewizardpro
|
||||
AddGoogleStructuredData
|
||||
AddGoogleTagManager
|
||||
Back-to-Top-Module-Prestashop-1.7
|
||||
CBAMP
|
||||
ChangeOrderIndex
|
||||
EuCookieSmart
|
||||
NetLicensing-PrestaShop
|
||||
PS-Get-Free-Shipping
|
||||
PS-Sendy
|
||||
PayPal
|
||||
PrestaShop-Module-Image-Rollover
|
||||
PrestaShop-module-Pays
|
||||
PrestaShop3D
|
||||
PrestaShop_1.6.0.9_Ukraine
|
||||
Prestashop-BBL-Bankwire
|
||||
Prestashop-ProductsScripsAndCss
|
||||
Prestashop-SCB-Bankwire
|
||||
Rasa-Integration-Project
|
||||
Rave-Payment-Gateway-for-Prestashop-1.7
|
||||
SMSIR-Prestashop
|
||||
Security-Lite
|
||||
SimpleCatalog
|
||||
TurkPos-Sanal-Pos-Uygulamasi-Prestashop-Modulu
|
||||
a2hosting
|
||||
a_crisp
|
||||
activecampaign
|
||||
adminlistproduct
|
||||
adpmicrodatos
|
||||
adscale
|
||||
adv_customer
|
||||
advancedeucompliance
|
||||
advancedexport
|
||||
advancedslider
|
||||
algolia
|
||||
alipay
|
||||
also
|
||||
amazzingfilter
|
||||
amzpayments
|
||||
angarbanners
|
||||
angarcmsinfo
|
||||
angarfacebook
|
||||
artisan-doc
|
||||
attributewizardpro
|
||||
attributewizardpro.OLD
|
||||
attributewizardpro_x
|
||||
attributwizardpro
|
||||
authorizeaim
|
||||
autoindex
|
||||
autoupgrade
|
||||
azleasyssl
|
||||
ba_prestashop_invoice
|
||||
backwardcompatibility
|
||||
bamegamenu
|
||||
bankwire
|
||||
becommerce
|
||||
blackholebots
|
||||
blockadvertising
|
||||
blockbanner
|
||||
blockbestsellers
|
||||
blockcart
|
||||
blockcategories
|
||||
blockcms
|
||||
blockcmsinfo
|
||||
blockcontact
|
||||
blockcontactinfos
|
||||
blockcounterz
|
||||
blockcurrencies
|
||||
blockcustomergroup
|
||||
blockcustomerprivacy
|
||||
blockfacebook
|
||||
blocklanguages
|
||||
blocklayered
|
||||
blocklink
|
||||
blockmanufacturer
|
||||
blockmyaccount
|
||||
blockmyaccountfooter
|
||||
blocknewproducts
|
||||
blocknewsletter
|
||||
blockpaymentlogo
|
||||
blockpermanentlinks
|
||||
blockreassurance
|
||||
blockreinsurance
|
||||
blockrss
|
||||
blocksearch
|
||||
blocksharefb
|
||||
blocksocial
|
||||
blockspecials
|
||||
blockstore
|
||||
blocksupplier
|
||||
blocktags
|
||||
blocktopmenu
|
||||
blockuserinfo
|
||||
blockviewed
|
||||
blockwishlist
|
||||
bluesnap
|
||||
bnclearcarts
|
||||
bonmarkup
|
||||
boxdropshipment
|
||||
boxtal-connect-prestashop
|
||||
bpostshm
|
||||
brainweboptionaldni
|
||||
brinkscheckout
|
||||
bvkpaymentfees
|
||||
carriercompare
|
||||
cartabandonmentpro
|
||||
cartabandonmentproOld
|
||||
cashondelivery
|
||||
checkyourdata
|
||||
cheque
|
||||
chronopost
|
||||
cleancarroussel
|
||||
cleverppc
|
||||
clickline
|
||||
clientlogin
|
||||
cloudswipe-prestashop
|
||||
codwfeeplus
|
||||
columnadverts
|
||||
columnadverts2
|
||||
compta-vente
|
||||
connect2pay-prestashop-module
|
||||
contactform
|
||||
convermax
|
||||
countdowntimerbar
|
||||
cronjobs
|
||||
crossselling
|
||||
customerfield
|
||||
customers
|
||||
cy_multibankwire
|
||||
dashactivity
|
||||
dashgoals
|
||||
dashproducts
|
||||
dashtrends
|
||||
dateofdelivery
|
||||
deactivateproducts
|
||||
demo-cqrs-hooks-usage-module
|
||||
demonstration
|
||||
desjardins
|
||||
doctrine
|
||||
dotpay
|
||||
dpdfrance
|
||||
dpdgroup
|
||||
dpdpoland
|
||||
easymarketing
|
||||
ebay
|
||||
ecopresto
|
||||
editorderpro
|
||||
editorial
|
||||
emailgenerator
|
||||
emarketing
|
||||
envoimoinscher
|
||||
erpillicopresta
|
||||
esat-prestashop
|
||||
etdoptimizer
|
||||
etranslation
|
||||
eurovatgenerator
|
||||
everblock
|
||||
everpsblog
|
||||
everpsclickandcollect
|
||||
everpscss
|
||||
everpscustomerconnect
|
||||
everpsorderoptions
|
||||
everpspopup
|
||||
example-modules
|
||||
example_module_mailtheme
|
||||
expresscache
|
||||
expressmailing
|
||||
faceshop
|
||||
famebit
|
||||
fasardixml
|
||||
favicon_notification
|
||||
favoriteproducts
|
||||
fbsample-addcolumninprodlist
|
||||
fbsample-advconfig
|
||||
fbsample-bocontroller
|
||||
fbsample-bologactivity
|
||||
fbsample-botraining
|
||||
fbsample-callbundle
|
||||
fbsample-console
|
||||
fbsample-extracustomerfield
|
||||
fbsample-jsaddvariable
|
||||
fbsample-order
|
||||
fbsample-orderconditions
|
||||
fbsample_legacyvsmodern
|
||||
fbsample_messageoftheday
|
||||
fedexcarrier
|
||||
feedaty
|
||||
feeder
|
||||
fianetfraud
|
||||
fianetsceau
|
||||
fieldbannerslider
|
||||
fieldbestsellers
|
||||
fieldblockcategories
|
||||
fieldblocksearch
|
||||
fieldblockwishlist
|
||||
fieldblogcategories
|
||||
fieldblogpopularposts
|
||||
fieldblogrecentposts
|
||||
fieldblogsearch
|
||||
fieldblogtags
|
||||
fieldbrandslider
|
||||
fieldcompare
|
||||
fieldcustomaddtabs
|
||||
fieldhtmlblock
|
||||
fieldmegamenu
|
||||
fieldonecateproductslider
|
||||
fieldpopupnewsletter
|
||||
fieldproductcates
|
||||
fieldproductcomments
|
||||
fieldsizechart
|
||||
fieldslideshow
|
||||
fieldspecialproduct
|
||||
fieldspecialproductdeal
|
||||
fieldstaticblocks
|
||||
fieldstaticfooter
|
||||
fieldtabcateslider
|
||||
fieldtabproductsisotope
|
||||
fieldtestimonials
|
||||
fieldthemecustomizer
|
||||
fieldvmegamenu
|
||||
firebaseauthenticator
|
||||
firstdata
|
||||
followup
|
||||
followup/mails/pt
|
||||
fontmanager
|
||||
fop_console
|
||||
fop_customcss
|
||||
frenet_prestashop
|
||||
gadwords
|
||||
gamification
|
||||
gamifications
|
||||
ganalytics
|
||||
gapi
|
||||
gapps
|
||||
gateway-prestashop-module
|
||||
globkurier
|
||||
gmseofields
|
||||
gointerpay
|
||||
googletag
|
||||
graphartichow
|
||||
graphgooglechart
|
||||
graphnvd3
|
||||
graphvisifire
|
||||
graphxmlswfcharts
|
||||
gridhtml
|
||||
gshoppingfeed
|
||||
gsitemap
|
||||
gwadvancedinvoice
|
||||
hipay
|
||||
hipaymobileivr
|
||||
holidaysmode
|
||||
homecategoriez
|
||||
homefeatured
|
||||
homepageadvertise
|
||||
homepageadvertise2
|
||||
homeslider
|
||||
idx_config
|
||||
ifthenpay_mbway
|
||||
importerosc
|
||||
iqitadditionaltabs
|
||||
iqitaddthisplugin
|
||||
iqitcompare
|
||||
iqitcontactpage
|
||||
iqitcookielaw
|
||||
iqitcountdown
|
||||
iqitcrossselling
|
||||
iqitdashboardnews
|
||||
iqitelementor
|
||||
iqitemailsubscriptionconf
|
||||
iqitextendedproduct
|
||||
iqitfreedeliverycount
|
||||
iqithtmlandbanners
|
||||
iqitlinksmanager
|
||||
iqitmegamenu
|
||||
iqitpopup
|
||||
iqitproductsnav
|
||||
iqitproducttags
|
||||
iqitsearch
|
||||
iqitsizecharts
|
||||
iqitsociallogin
|
||||
iqitthemeeditor
|
||||
iqitwishlist
|
||||
jbx_menu
|
||||
jk_opengraph
|
||||
jph_mymodule
|
||||
jro_homepageadvertise
|
||||
jsonws
|
||||
jxcompareproduct
|
||||
jxwishlist
|
||||
kbmarketplace
|
||||
kiala
|
||||
kialasmall
|
||||
klikandpay
|
||||
komfortkasse-prestashop
|
||||
kuantokusta
|
||||
labodata-prestashop
|
||||
layerslider
|
||||
lendingclub
|
||||
lgcomments
|
||||
lgfreeshippingzones
|
||||
lgseoredirect
|
||||
liveperson
|
||||
loyalty
|
||||
loyaltylion
|
||||
mailalerts
|
||||
mailjet
|
||||
masseditproduct
|
||||
mautic-prestashop
|
||||
mcps_popup
|
||||
mediafinanz
|
||||
mercadopagobr
|
||||
merchantware
|
||||
migrationpro
|
||||
mobfirst
|
||||
modules
|
||||
moloni
|
||||
mondialrelay
|
||||
monetivo-prestashop
|
||||
ms_category_color
|
||||
ms_products_override
|
||||
multibanco
|
||||
my_first_module_for_presta
|
||||
myhreflang
|
||||
netreviews
|
||||
newsletter
|
||||
newsletterpopupli
|
||||
nimblepayment
|
||||
nosto-prestashop
|
||||
nostotagging
|
||||
nqgatewayneteven
|
||||
nvn_export_orders
|
||||
odexportproducts
|
||||
ogone
|
||||
olark
|
||||
onboarding
|
||||
oneandonehosting
|
||||
only18plus
|
||||
openfactura-prestashop
|
||||
openpayprestashop
|
||||
orderfees_shipping
|
||||
orderfiles
|
||||
oscmigrationpro
|
||||
ovhhosting
|
||||
packlinkpro
|
||||
pagesnotfound
|
||||
pagseguro
|
||||
paymentexample
|
||||
paypal
|
||||
paypalmx
|
||||
paypalusa
|
||||
payplug
|
||||
paysera
|
||||
payulatam
|
||||
peinau-plugin-prestashop
|
||||
pgc-prestashop
|
||||
ph_blog_column_custom
|
||||
ph_relatedposts
|
||||
ph_simpleblog
|
||||
phfbchat
|
||||
phpist_github
|
||||
phpistcustomerregistrationblocker
|
||||
pigmbhpaymill
|
||||
pixelcrush-prestashop
|
||||
pixelfeed
|
||||
pk_flexmenu
|
||||
pk_vertflexmenu
|
||||
plugin-prestashop-1.6.x
|
||||
plugin-prestashop-1.7.x
|
||||
posbestsellers
|
||||
poscountdown
|
||||
posfeaturedproducts
|
||||
posfeatureproduct
|
||||
posfraction
|
||||
poslistcategories
|
||||
poslistcategory
|
||||
poslistcategoryproducts
|
||||
poslogo
|
||||
posmegamenu
|
||||
posmodeproduct
|
||||
posnewproducts
|
||||
posproductcates
|
||||
posrotatorimg
|
||||
posscroll
|
||||
possearchcategories
|
||||
posslideshow
|
||||
posslideshows
|
||||
posspecialproduct
|
||||
posspecialproducts
|
||||
posspecialsproducts
|
||||
posstaticblocks
|
||||
posstaticfooter
|
||||
postabcateslider
|
||||
postabproduct
|
||||
postabproductslider
|
||||
postcodenl
|
||||
postestimonials
|
||||
posthemeoptions
|
||||
posvegamenu
|
||||
powatag
|
||||
ppb
|
||||
prestacollege
|
||||
prestafraud
|
||||
prestahop-module
|
||||
prestaliexpress
|
||||
prestapay
|
||||
prestapopup
|
||||
prestasex
|
||||
prestashippingeasy
|
||||
prestashop
|
||||
prestashop-1.6
|
||||
prestashop-1.6.1.6
|
||||
prestashop-1.7
|
||||
prestashop-auto-exploit
|
||||
prestashop-clean-urls
|
||||
prestashop-dashcalendar
|
||||
prestashop-datalayer-tracking
|
||||
prestashop-dotfiles
|
||||
prestashop-ee
|
||||
prestashop-exportorders
|
||||
prestashop-homeyoutube
|
||||
prestashop-intergration
|
||||
prestashop-localeswitcher
|
||||
prestashop-module
|
||||
prestashop-multishopselector
|
||||
prestashop-payment-integration-novalnet
|
||||
prestashop-paymentrestrictionsip
|
||||
prestashop-payrexx-gateway
|
||||
prestashop-plugin
|
||||
prestashop-pod-payment
|
||||
prestashop-pod-sso
|
||||
prestashop-seo-tk
|
||||
prestashop-shopping-cart-message
|
||||
prestashop-souin
|
||||
prestashop-trovaprezzi
|
||||
prestashop-youtube-module
|
||||
prestashop17
|
||||
prestasms
|
||||
prestastats
|
||||
pricealert
|
||||
pricerounding
|
||||
produck-prestashop-module
|
||||
productcomments
|
||||
productcover
|
||||
productfinder16
|
||||
productpageadverts
|
||||
productpaymentlogos
|
||||
productscategory
|
||||
productsticker
|
||||
producttooltip
|
||||
protectedshops
|
||||
przelewy24
|
||||
ps-training
|
||||
ps-yme
|
||||
ps_WhatsappButton
|
||||
ps_accounts
|
||||
ps_advertising
|
||||
ps_banner
|
||||
ps_bestsellers
|
||||
ps_brandlist
|
||||
ps_buybuttonlite
|
||||
ps_carriercomparison
|
||||
ps_cashondelivery
|
||||
ps_categoryproducts
|
||||
ps_categorytree
|
||||
ps_checkout
|
||||
ps_checkpayment
|
||||
ps_contactinfo
|
||||
ps_crossselling
|
||||
ps_currencyselector
|
||||
ps_customeraccountlinks
|
||||
ps_customersignin
|
||||
ps_customtext
|
||||
ps_dataprivacy
|
||||
ps_emailalerts
|
||||
ps_emailgenerator
|
||||
ps_emailsmanager
|
||||
ps_emailsubscription
|
||||
ps_eventbus
|
||||
ps_facebook
|
||||
ps_facetedsearch
|
||||
ps_faviconnotificationbo
|
||||
ps_featuredproducts
|
||||
ps_feeder
|
||||
ps_googleanalytics
|
||||
ps_imageslider
|
||||
ps_languageselector
|
||||
ps_legalcompliance
|
||||
ps_linklist
|
||||
ps_livetranslation
|
||||
ps_mainmenu
|
||||
ps_mbo
|
||||
ps_metrics
|
||||
ps_native
|
||||
ps_newproducts
|
||||
ps_pagaqui
|
||||
ps_productinfo
|
||||
ps_quality_checklist_opquast
|
||||
ps_qualityassurance
|
||||
ps_reminder
|
||||
ps_rssfeed
|
||||
ps_searchbar
|
||||
ps_searchbarjqauto
|
||||
ps_sharebuttons
|
||||
ps_shoppingcart
|
||||
ps_socialfollow
|
||||
ps_specials
|
||||
ps_supplierlist
|
||||
ps_test
|
||||
ps_themecusto
|
||||
ps_viewedproduct
|
||||
ps_wirepayment
|
||||
psaddonsconnect
|
||||
pscartabandonmentpro
|
||||
pscleaner
|
||||
psgdpr
|
||||
psgiftcards
|
||||
psograph
|
||||
psphipay
|
||||
pspixel
|
||||
psrichsnippets
|
||||
pssupport
|
||||
rc_pganalytics
|
||||
realexredirect
|
||||
recaptcha
|
||||
referralprogram
|
||||
referralprogram/mails/pt
|
||||
reforestaction
|
||||
rem42_webservices
|
||||
remarkety
|
||||
revsliderprestashop
|
||||
revws
|
||||
safeshops
|
||||
sakgiok_latinurls
|
||||
sbe-challenge-phase4
|
||||
scamstop
|
||||
sd_eicmslinks
|
||||
securitypatch
|
||||
sekeywords
|
||||
sellstrom
|
||||
sendinblue
|
||||
sendtoafriend
|
||||
sensbitdhl
|
||||
sensbitinpost
|
||||
sensbitpaczkawruchu
|
||||
seoexpert
|
||||
seur
|
||||
sfkhreflang
|
||||
shiptomyid
|
||||
shiptopay
|
||||
shopgate
|
||||
shopimporter
|
||||
shoppingfluxexport
|
||||
simplerecaptcha
|
||||
simpleslideshow
|
||||
simplifycommerce
|
||||
sitemappro
|
||||
skebby
|
||||
skrill
|
||||
smartblog
|
||||
smartblogaddthisbutton
|
||||
smartbloghomelatestnews
|
||||
smprestaspeed
|
||||
smseourl
|
||||
social-login-prestashop
|
||||
sociallikes
|
||||
socialsharing
|
||||
socolissimo
|
||||
sofortbanking
|
||||
solrsearch
|
||||
soopabanners
|
||||
soopamobile
|
||||
stampsdotcom
|
||||
statsbestcategories
|
||||
statsbestcustomers
|
||||
statsbestmanufacturers
|
||||
statsbestproducts
|
||||
statsbestsuppliers
|
||||
statsbestvouchers
|
||||
statscarrier
|
||||
statscatalog
|
||||
statscheckup
|
||||
statsdata
|
||||
statsequipment
|
||||
statsforecast
|
||||
statsgeolocation
|
||||
statslive
|
||||
statsnewsletter
|
||||
statsorigin
|
||||
statspersonalinfos
|
||||
statsproduct
|
||||
statsprofitmargin
|
||||
statsregistrations
|
||||
statssales
|
||||
statssearch
|
||||
statsstock
|
||||
statsvisits
|
||||
stickngo
|
||||
storecommander
|
||||
stripe_official
|
||||
super-model
|
||||
tagmanager
|
||||
tawkto
|
||||
tdpsthemeoptionpanel
|
||||
text_simple
|
||||
textmaster
|
||||
themeconfigurator
|
||||
themeinstallator
|
||||
thirtybees-instamojo
|
||||
tinkoffcredit1.6
|
||||
tntcarrier
|
||||
trackingfront
|
||||
training
|
||||
translatools
|
||||
trustedshops
|
||||
twenga
|
||||
twengabid
|
||||
twengafeed
|
||||
upscarrier
|
||||
uspbar
|
||||
uspscarrier
|
||||
vatnumber
|
||||
videostab
|
||||
vtermslideshow
|
||||
vtermslidesshow
|
||||
vtpayment
|
||||
watermark
|
||||
wdoptionpanel
|
||||
welcome
|
||||
wg24themeadministration
|
||||
whatsapp
|
||||
whyloginascustomer
|
||||
xipblog
|
||||
xipblogdisplayposts
|
||||
yotpo
|
||||
yousticeresolutionsystem
|
||||
youtube_video
|
||||
zeleriscarrier
|
||||
zivosite
|
||||
zopimfree
|
Loading…
Reference in New Issue