daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CPE classification to templates (#9420) 

* Add CPE classification to templates

* misc fix

* added tags

* format updates

* Revert "format updates"

This reverts commit b93658be4b50c929d15082258e4d11a15b12cbd8.

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
patch-1
Parth Malhotra 2024-03-26 13:33:04 +05:30 committed by GitHub
parent 4a051fa560
commit 45f35a27ea
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1048 changed files with 2501 additions and 2713 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
http/exposed-panels/3cx-phone-management-panel.yaml
View File

@ -11,16 +11,16 @@ info:
- https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*
metadata:
google-query: intitle:"3CX Phone System Management Console"
max-request: 1
vendor: 3cx
product: 3cx
shodan-query:
- http.title:"3CX Phone System Management Console"
- http.favicon.hash:970132176
google-query: intitle:"3CX Phone System Management Console"
vendor: 3cx
tags: panel,3cx
http:
@ -34,4 +34,4 @@ http:
- "3CX Phone System Management Console"
- "Welcome to the 3CX Management Console"
condition: or
# digest: 4a0a004730450220172be6792feb7c9df15c4e6eba13e6044b8db3314b163e3a3bbd657003600aa3022100b04061e1627c8388b6649115585935b05f9e01e5a796748b60f7229e7f172ea0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220172be6792feb7c9df15c4e6eba13e6044b8db3314b163e3a3bbd657003600aa3022100b04061e1627c8388b6649115585935b05f9e01e5a796748b60f7229e7f172ea0:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/3cx-phone-webclient-management-panel.yaml
View File

@ -11,14 +11,14 @@ info:
- https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*
metadata:
google-query: intitle:"3CX Webclient"
max-request: 1
vendor: 3cx
product: 3cx
shodan-query: http.title:"3CX Webclient"
google-query: intitle:"3CX Webclient"
vendor: 3cx
tags: panel,3cx
http:
@ -32,4 +32,4 @@ http:
- " <title>3CX Webclient</title>"
- '<meta name="description" content="3CX">'
condition: or
# digest: 4a0a00473045022100ba798b363d902a765a8bd74da9adb02b93fe66866d3426cd91f43b94badadce402202e3bc8a47a03fb7ab3d76bfa43eb703edafd9899cb73e3d2bc350fb36b14a5ab:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100ba798b363d902a765a8bd74da9adb02b93fe66866d3426cd91f43b94badadce402202e3bc8a47a03fb7ab3d76bfa43eb703edafd9899cb73e3d2bc350fb36b14a5ab:922c64590222798bb761d5b6d8e72950

11
http/exposed-panels/acemanager-login.yaml
View File

@ -7,12 +7,13 @@ info:
description: ACEManager was detected. ACEManager is a configuration and diagnostic tool for the Sierra Wireless AirLink Raven modems.
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:sierrawireless:airlink_mobility_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: sierrawireless
product: airlink_mobility_manager
fofa-query: app="ACEmanager"
tags: panel,login,tech,acemanager
max-request: 1
product: airlink_mobility_manager
vendor: sierrawireless
tags: panel,login,tech,acemanager,sierrawireless
http:
- method: GET
@ -36,4 +37,4 @@ http:
part: body
regex:
- 'ALEOS Version ([0-9.]+) \| Copyright &co'
# digest: 4b0a00483046022100865ac24abdc17ee86edc51362cbdb554a79dd9392fd9a7a85fbd10f7518cf395022100a17318b4171a822ab53eebe689dd7c9b284989954c7365c553046c59a448656a:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100865ac24abdc17ee86edc51362cbdb554a79dd9392fd9a7a85fbd10f7518cf395022100a17318b4171a822ab53eebe689dd7c9b284989954c7365c553046c59a448656a:922c64590222798bb761d5b6d8e72950

2
http/exposed-panels/acenet-panel.yaml
View File

@ -5,9 +5,9 @@ info:
author: DhiyaneshDk
severity: info
metadata:
fofa-query: body="Login @ Reporter"
max-request: 1
shodan-query: http.favicon.hash:-1595726841
fofa-query: body="Login @ Reporter"
tags: panel,login,acenet,acereporter
http:

1
http/exposed-panels/achecker-panel.yaml
View File

@ -9,7 +9,6 @@ info:
- https://achecker.achecks.ca/checker/index.php
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

4
http/exposed-panels/acrolinx-dashboard.yaml
View File

@ -10,10 +10,10 @@ info:
classification:
cwe-id: CWE-200
metadata:
max-request: 1
shodan-query: http.title:"Acrolinx Dashboard"
fofa-query: title=="Acrolinx Dashboard"
google-query: inurl:"Acrolinx Dashboard"
max-request: 1
shodan-query: http.title:"Acrolinx Dashboard"
tags: acrolinx,panel
http:

4
http/exposed-panels/acti-panel.yaml
View File

@ -5,10 +5,10 @@ info:
author: DhiyaneshDk
severity: info
metadata:
verified: true
fofa-query: app="ACTi-视频监控"
max-request: 1
shodan-query: title:"Web Configurator" html:"ACTi"
fofa-query: app="ACTi-视频监控"
verified: true
tags: acti,panel,login,detect
http:

5
http/exposed-panels/active-admin-exposure.yaml
View File

@ -9,10 +9,11 @@ info:
- https://activeadmin.info/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:activeadmin:activeadmin:*:*:*:*:ruby:*:*:*
metadata:
max-request: 1
vendor: activeadmin
product: activeadmin
vendor: activeadmin
tags: panel,activeadmin
http:
@ -26,4 +27,4 @@ http:
- "active_admin_content"
- "active_admin-"
condition: and
# digest: 4a0a00473045022100f4b51344ef45f62c237bd043971ae4369d46e0c618d676f756fb02b5d83d0a6802201ae1e1bca56e09c43687e4da1ea8ac81497f708b640587059532765318ab6b40:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100f4b51344ef45f62c237bd043971ae4369d46e0c618d676f756fb02b5d83d0a6802201ae1e1bca56e09c43687e4da1ea8ac81497f708b640587059532765318ab6b40:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/activemq-panel.yaml
View File

@ -9,10 +9,11 @@ info:
- https://activemq.apache.org/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: activemq
vendor: apache
tags: panel,activemq,apache
http:
@ -26,4 +27,4 @@ http:
- '<h2>Welcome to the Apache ActiveMQ!</h2>'
- '<title>Apache ActiveMQ</title>'
condition: and
# digest: 4a0a0047304502204997a7763f0c6cdd3bb174dcaf5dcd83aa557a5338628480c1ef11d4a85b0c44022100f27d1d425cddcb075b5cb0a3bc98ffbaf015688acbbe5afb38678fb7ae3830c3:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502204997a7763f0c6cdd3bb174dcaf5dcd83aa557a5338628480c1ef11d4a85b0c44022100f27d1d425cddcb075b5cb0a3bc98ffbaf015688acbbe5afb38678fb7ae3830c3:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/acunetix-login.yaml
View File

@ -7,12 +7,11 @@ info:
description: Acunetix login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: title:"Acunetix"
verified: true
tags: panel,acunetix
http:

2
http/exposed-panels/addonfinance-portal.yaml
View File

@ -6,9 +6,9 @@ info:
severity: info
description: AddOnFinance Portal Panel was detected.
metadata:
verified: "true"
max-request: 1
shodan-query: title:"AddOnFinancePortal"
verified: "true"
tags: panel,addon,finance,detect
http:

4
http/exposed-panels/adhoc-transfer-panel.yaml
View File

@ -6,11 +6,11 @@ info:
severity: info
description: WS_FTP Ad Hoc panel was detected.
metadata:
verified: true
max-request: 1
vendor: progress
product: ws_ftp
shodan-query: http.title:"Ad Hoc Transfer"
vendor: progress
verified: true
tags: panel,wsftp,ad-hoc,detect,login,progress
http:

5
http/exposed-panels/adiscon-loganalyzer.yaml
View File

@ -11,10 +11,11 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: adiscon
product: loganalyzer
vendor: adiscon
tags: adiscon,loganalyzer,syslog,exposure,panel
http:
@ -41,4 +42,4 @@ http:
part: header
words:
- 'text/html'
# digest: 4b0a00483046022100d8e598b4e7b4003d032faf13c9d8e7f4ec1eed74ba4b959f7003036f9e6edf9d022100c6ea391fc522923b946d68e7fe1c762fbee48281b22f248a8ef9445b605b66ef:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100d8e598b4e7b4003d032faf13c9d8e7f4ec1eed74ba4b959f7003036f9e6edf9d022100c6ea391fc522923b946d68e7fe1c762fbee48281b22f248a8ef9445b605b66ef:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/adminer-panel-detect.yaml
View File

@ -9,16 +9,12 @@ info:
- https://blog.sorcery.ie/posts/adminer/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
# <= 4.2.4 can have unauthenticated RCE via SQLite driver
# <= 4.6.2 can have LFI via MySQL LOAD DATA LOCAL
# Most versions have some kind of SSRF usability
# Is generally handy if you find SQL creds
cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:*
metadata:
max-request: 741
vendor: adminer
product: adminer
vendor: adminer
tags: panel,fuzz,adminer,login,sqli
http:
@ -53,4 +49,4 @@ http:
group: 1
regex:
- '<span class="version">([0-9.]+)'
# digest: 4a0a00473045022100f64f91ad2b851fbf184a03c4bf1e4d1264462b4c62a2a825c2395dd935d3fae902201539e562a2183e2e51df437eaa85d80a95fe33e1877e276750a6518d66c27420:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100f64f91ad2b851fbf184a03c4bf1e4d1264462b4c62a2a825c2395dd935d3fae902201539e562a2183e2e51df437eaa85d80a95fe33e1877e276750a6518d66c27420:922c64590222798bb761d5b6d8e72950

7
http/exposed-panels/adminer-panel.yaml
View File

@ -9,12 +9,13 @@ info:
- https://blog.sorcery.ie/posts/adminer/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 8
vendor: adminer
product: adminer
shodan-query: title:"Login - Adminer"
vendor: adminer
verified: true
tags: panel,adminer
http:
@ -51,4 +52,4 @@ http:
group: 1
regex:
- '<span class="version">([0-9.]+)'
# digest: 490a0046304402206c1df25bd9a93c138943bc6f243a77e166c9e3f7f116f5cdeeda35b118dc29df02201022adceffae06610a7c1659a9039c67d0ac812e52628b4a587101709dca7c88:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206c1df25bd9a93c138943bc6f243a77e166c9e3f7f116f5cdeeda35b118dc29df02201022adceffae06610a7c1659a9039c67d0ac812e52628b4a587101709dca7c88:922c64590222798bb761d5b6d8e72950

2
http/exposed-panels/adminset-panel.yaml
View File

@ -8,8 +8,8 @@ info:
classification:
cwe-id: CWE-200
metadata:
max-request: 1
fofa-query: app="AdminSet"
max-request: 1
reference:
- https://github.com/guhongze/adminset/
tags: adminset,panel

5
http/exposed-panels/adobe/adobe-component-login.yaml
View File

@ -9,11 +9,12 @@ info:
- https://www.exploit-db.com/ghdb/6846
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: adobe
product: coldfusion
shodan-query: http.component:"Adobe ColdFusion"
vendor: adobe
tags: panel,adobe,coldfusion,edb
http:
@ -31,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a004830460221008fe7ac8288fbb05e5982f4d71c10a8e010cf14bc15057e25289686b3a7bfa1b9022100aadafc60c7982bc4662c479c194a4e7831e56b612fd34a1aa9c536ecc62e4274:922c64590222798bb761d5b6d8e72950
# digest: 4b0a004830460221008fe7ac8288fbb05e5982f4d71c10a8e010cf14bc15057e25289686b3a7bfa1b9022100aadafc60c7982bc4662c479c194a4e7831e56b612fd34a1aa9c536ecc62e4274:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/adobe/adobe-connect-central-login.yaml
View File

@ -9,10 +9,11 @@ info:
- https://www.adobe.com/products/adobeconnect.html
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: adobe
product: connect
vendor: adobe
tags: adobe,panel,connect-central
http:
@ -30,4 +31,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402204eddbaba41cedf16643ec7014002f8d1e6799b63345138e7d6aa99697d8c411c02202df8a378ba925af77d57bf9cfc1adb687ee4efb57868f93c7f811a61b0712584:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204eddbaba41cedf16643ec7014002f8d1e6799b63345138e7d6aa99697d8c411c02202df8a378ba925af77d57bf9cfc1adb687ee4efb57868f93c7f811a61b0712584:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/adobe/adobe-experience-manager-login.yaml
View File

@ -9,11 +9,12 @@ info:
- https://business.adobe.com/products/experience-manager/adobe-experience-manager.html
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: adobe
product: experience_manager
shodan-query: http.title:"AEM Sign In"
vendor: adobe
tags: panel,aem,adobe
http:
@ -30,4 +31,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022000f9108c9bad8b23f433e2efebac7c3d00987fd73daf31fc71fb710ad29b8717022069d591141306ca21f4b5dfc515c53001b2285a2036b851553205a3d2c67f596a:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022000f9108c9bad8b23f433e2efebac7c3d00987fd73daf31fc71fb710ad29b8717022069d591141306ca21f4b5dfc515c53001b2285a2036b851553205a3d2c67f596a:922c64590222798bb761d5b6d8e72950

6
http/exposed-panels/adobe/aem-crx-package-manager.yaml
View File

@ -9,15 +9,15 @@ info:
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: adobe
product: experience_manager
shodan-query:
- http.title:"AEM Sign In"
- http.component:"Adobe Experience Manager"
vendor: adobe
tags: panel,aem,adobe
http:
@ -39,4 +39,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402201eaec178dec90911e2065a0df508ce976e5bc983773d57730389e2add4eff63902204847143fe1c11f5d9a64f2aa14060c0b8d3cc98e30eefcc85b708f74f737292a:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402201eaec178dec90911e2065a0df508ce976e5bc983773d57730389e2add4eff63902204847143fe1c11f5d9a64f2aa14060c0b8d3cc98e30eefcc85b708f74f737292a:922c64590222798bb761d5b6d8e72950

6
http/exposed-panels/adobe/aem-sling-login.yaml
View File

@ -9,15 +9,15 @@ info:
- https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: adobe
product: experience_manager
shodan-query:
- http.title:"AEM Sign In"
- http.component:"Adobe Experience Manager"
vendor: adobe
tags: panel,aem,adobe,sling
http:
@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502205c31216b2a18b468452da01142d3993b6a97bc3b4dc95120762aae7838e20478022100954065dfdd0291537a6a3f7e8b620781bedf9ed6087d52d1cc5bfede143c15d3:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205c31216b2a18b468452da01142d3993b6a97bc3b4dc95120762aae7838e20478022100954065dfdd0291537a6a3f7e8b620781bedf9ed6087d52d1cc5bfede143c15d3:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/afterlogic-webmail-login.yaml
View File

@ -7,13 +7,13 @@ info:
description: AfterLogic WebMail Login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:afterlogic:aurora:*:*:*:*:*:*:*:*
metadata:
fofa-query: 'X-Server: AfterlogicDAVServer'
max-request: 1
vendor: afterlogic
product: aurora
fofa-query: "X-Server: AfterlogicDAVServer"
vendor: afterlogic
tags: panel,afterlogic,login,detect
http:
@ -34,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100b3b83890ac3ed6f930565ab90adf9e7ec20dcf1335b9c8ee9b3820a1eadca9620221008c5cc24abab5a0212600d85da8589001bf7f5e9fb7742129d1210a1a7678c059:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100b3b83890ac3ed6f930565ab90adf9e7ec20dcf1335b9c8ee9b3820a1eadca9620221008c5cc24abab5a0212600d85da8589001bf7f5e9fb7742129d1210a1a7678c059:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/aircube-dashboard-panel.yaml
View File

@ -7,12 +7,11 @@ info:
description: airCube Dashboard login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.title:"AirCube Dashboard"
verified: true
tags: panel,aircube
http:

3
http/exposed-panels/aircube-login.yaml
View File

@ -7,12 +7,11 @@ info:
description: airCube login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:1249285083
verified: true
tags: panel,aircube,ubiquiti
http:

6
http/exposed-panels/airflow-panel.yaml
View File

@ -9,13 +9,13 @@ info:
- https://airflow.apache.org/docs/apache-airflow/stable/security/webserver.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-668
cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: apache
product: airflow
shodan-query: title:"Sign In - Airflow"
vendor: apache
tags: panel,apache,airflow,admin
http:
@ -37,4 +37,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502206016072b756086a65638dd7a27a3daed3f439a9ebfd0b038d75df90811894693022100aa5e98541fecf4eb3dbc32d0370d1e3632e14efea9ad78d861b2744c3dd314c1:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502206016072b756086a65638dd7a27a3daed3f439a9ebfd0b038d75df90811894693022100aa5e98541fecf4eb3dbc32d0370d1e3632e14efea9ad78d861b2744c3dd314c1:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/airnotifier-panel.yaml
View File

@ -7,12 +7,11 @@ info:
description: AirNotifier login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.title:"AirNotifier"
verified: true
tags: panel,airnotifier
http:

5
http/exposed-panels/akamai-cloudtest.yaml
View File

@ -9,10 +9,11 @@ info:
- https://techdocs.akamai.com/cloudtest/docs
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:akamai:cloudtest:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: akamai
product: cloudtest
vendor: akamai
tags: panel,akamai
http:
@ -31,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450220089f63c24470dc3c0e93f40631ae7fdd33a00288525afc2ad57452b9b424b554022100d5138c2e86fc01098801295ad5b6b8a51cc47261c4fd86cc03a13d2c8c6326bc:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220089f63c24470dc3c0e93f40631ae7fdd33a00288525afc2ad57452b9b424b554022100d5138c2e86fc01098801295ad5b6b8a51cc47261c4fd86cc03a13d2c8c6326bc:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/alfresco-detect.yaml
View File

@ -9,10 +9,11 @@ info:
- https://www.alfresco.com/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:alfresco:alfresco:*:*:*:*:android:*:*:*
metadata:
max-request: 1
vendor: alfresco
product: alfresco
vendor: alfresco
tags: alfresco,tech,panel
http:
@ -40,4 +41,4 @@ http:
- 'Enterprise v.*([0-9]\.[0-9]+\.[0-9]+)'
- 'Community v.*([0-9]\.[0-9]+\.[0-9]+)'
- 'Community Early Access v.*([0-9]\.[0-9]+\.[0-9]+)'
# digest: 4b0a00483046022100f4c9642b7a26440f474ca98c370c9be406217ef912de324372df61393a952ce2022100cc51722dda2e795966014a5773f2a1a9e786698c826b7cb264da4dfc0e190427:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f4c9642b7a26440f474ca98c370c9be406217ef912de324372df61393a952ce2022100cc51722dda2e795966014a5773f2a1a9e786698c826b7cb264da4dfc0e190427:922c64590222798bb761d5b6d8e72950

7
http/exposed-panels/allied-telesis-exposure.yaml
View File

@ -9,15 +9,14 @@ info:
- https://www.alliedtelesis.com/in/en
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
vendor: allied_telesis
product: device_gui
shodan-query: title:"Allied Telesis Device GUI"
tags: panel,allied
vendor: allied_telesis
verified: true
tags: panel,allied,allied_telesis
http:
- method: GET

6
http/exposed-panels/ambari-exposure.yaml
View File

@ -7,12 +7,12 @@ info:
description: An Apache Ambari panel was discovered.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-668
cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: ambari
vendor: apache
tags: panel,apache,ambari,exposure
http:
@ -26,4 +26,4 @@ http:
- '<title>Ambari</title>'
- 'href="http://www.apache.org/licenses/LICENSE-2.0"'
condition: and
# digest: 4a0a00473045022031735cf6b7fade6b43cda240c60cd438baed81c04d87c990d7fb254fb4300e89022100c82323053ac45945d11a88b54dac81da1e4a2910dd883732fb65a17f681919cd:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022031735cf6b7fade6b43cda240c60cd438baed81c04d87c990d7fb254fb4300e89022100c82323053ac45945d11a88b54dac81da1e4a2910dd883732fb65a17f681919cd:922c64590222798bb761d5b6d8e72950

7
http/exposed-panels/amcrest-login.yaml
View File

@ -9,12 +9,13 @@ info:
- https://www.exploit-db.com/ghdb/7273
classification:
cwe-id: CWE-200
cpe: cpe:2.3:h:amcrest:ip2m-853ew:*:*:*:*:*:*:*:*
metadata:
google-query: intext:"amcrest" "LDAP User"
max-request: 1
vendor: amcrest
product: ip2m-853ew
shodan-query: html:"amcrest"
google-query: intext:"amcrest" "LDAP User"
vendor: amcrest
tags: panel,camera,amcrest,edb
http:
@ -33,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022069a1a772b70c24e9e78e706a324cd2bbdc11339b7cac46510614d4a00a8ee87f022100efbff145369d03b078b025176e869230c726f24898be629c8921ab275612d3b1:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022069a1a772b70c24e9e78e706a324cd2bbdc11339b7cac46510614d4a00a8ee87f022100efbff145369d03b078b025176e869230c726f24898be629c8921ab275612d3b1:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/ametys-admin-login.yaml
View File

@ -7,10 +7,11 @@ info:
description: An Ametys admin login panel was discovered.
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:ametys:ametys:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: ametys
product: ametys
vendor: ametys
tags: panel,ametys,cms
http:
@ -36,4 +37,4 @@ http:
group: 1
regex:
- '&nbsp;([0-9.]+)</span>'
# digest: 4a0a00473045022061339796d3bd10640177e6c71c4ac7719bea24380e5fe196818b31287033a21f022100ec967042a2fd168389adaa5345b4f3051c51374cfaaa8bfc0fd06b598dd76505:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022061339796d3bd10640177e6c71c4ac7719bea24380e5fe196818b31287033a21f022100ec967042a2fd168389adaa5345b4f3051c51374cfaaa8bfc0fd06b598dd76505:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/amp-application-panel.yaml
View File

@ -7,15 +7,15 @@ info:
description: Application Management Panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:cubecoders:amp:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: cubecoders
product: amp
shodan-query: title:"AMP - Application Management Panel"
tags: panel,amp
vendor: cubecoders
verified: true
tags: panel,amp,cubecoders
http:
- method: GET
@ -32,4 +32,4 @@ http:
part: header
words:
- "text/html"
# digest: 490a0046304402200b41669d3e828b8e0a14fb220fff916e1a7da7eddb2419e3e1b5afa71cf42f9f022062f00ca09f59c46b4d3ff07fdeab917d543a95cea7cacec1f9592bda567a35c9:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402200b41669d3e828b8e0a14fb220fff916e1a7da7eddb2419e3e1b5afa71cf42f9f022062f00ca09f59c46b4d3ff07fdeab917d543a95cea7cacec1f9592bda567a35c9:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/ampache-panel.yaml
View File

@ -7,14 +7,14 @@ info:
description: Ampache login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 3
vendor: ampache
product: ampache
shodan-query: http.title:"For the Love of Music"
vendor: ampache
verified: true
tags: panel,ampache
http:
@ -45,4 +45,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100cea0d58b5b907cecdbb83372c738ff683555dd6bfccb2bd29e7e31938bee696c02205eaee53c24438279ca10c7624cffc538d8b580efa01db698a3140f4d4ba4e25a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100cea0d58b5b907cecdbb83372c738ff683555dd6bfccb2bd29e7e31938bee696c02205eaee53c24438279ca10c7624cffc538d8b580efa01db698a3140f4d4ba4e25a:922c64590222798bb761d5b6d8e72950

25
http/exposed-panels/amprion-gridloss-panel.yaml
View File

@ -1,18 +1,17 @@
id: amprion-gridloss-panel
info:
name: Amprion Grid Loss Login Panel - Detect
author: righettod
severity: info
description: |
Amprion Grid Loss login panel was detected.
reference:
- https://www.amprion.net/index-2.html
metadata:
max-request: 1
verified: true
tags: panel,amprion,login,detect
info:
name: Amprion Grid Loss Login Panel - Detect
author: righettod
severity: info
description: |
Amprion Grid Loss login panel was detected.
reference:
- https://www.amprion.net/index-2.html
metadata:
max-request: 1
verified: true
tags: panel,amprion,login,detect
http:
- method: GET
path:

3
http/exposed-panels/anaqua-login-panel.yaml
View File

@ -8,12 +8,11 @@ info:
Checks for the presence of Anaqua login page
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: title:"Anaqua User Sign On""
verified: true
tags: anaqua,login,panel
http:

10
http/exposed-panels/ansible-tower-exposure.yaml
View File

@ -10,15 +10,15 @@ info:
- https://docs.ansible.com/ansible-tower/latest/html/release-notes/index.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
metadata:
google-query: intitle:"Ansible Tower"
max-request: 1
vendor: redhat
product: ansible_tower
shodan-query: title:"Ansible Tower"
google-query: intitle:"Ansible Tower"
tags: panel,ansible
vendor: redhat
tags: panel,ansible,redhat
http:
- method: GET
@ -38,4 +38,4 @@ http:
part: body
regex:
- 'href="\/static\/assets\/favicon\.ico\?v=(.+)" \/>'
# digest: 490a0046304402205fd4b0a283e05c6c78ffc56df4a503db839210dec5bea5ddb9435c64e5b82eb602205a232d8da7cf75bb361163b6913c228f22b2f9ab9220dc9954d1ce95855feb91:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205fd4b0a283e05c6c78ffc56df4a503db839210dec5bea5ddb9435c64e5b82eb602205a232d8da7cf75bb361163b6913c228f22b2f9ab9220dc9954d1ce95855feb91:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/apache-jmeter-dashboard.yaml
View File

@ -7,14 +7,14 @@ info:
description: Apache JMeter Dashboard login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:apache:jmeter:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: apache
product: jmeter
shodan-query: title:"Apache JMeter Dashboard"
vendor: apache
verified: true
tags: apache,jmeter,panel
http:
@ -34,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100c9b6c0bfa9624e6f744b22d8fbac3efb135cc3a01186224b60255d94e88708c1022100f7091c4637689880dd2c70ea9bbaaf567c938bff34e5840288434daf5ea21ea1:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c9b6c0bfa9624e6f744b22d8fbac3efb135cc3a01186224b60255d94e88708c1022100f7091c4637689880dd2c70ea9bbaaf567c938bff34e5840288434daf5ea21ea1:922c64590222798bb761d5b6d8e72950

9
http/exposed-panels/apache/apache-apisix-panel.yaml
View File

@ -7,11 +7,12 @@ info:
description: An Apache APISIX login panel was detected.
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: apache
product: apisix
fofa-query: title="Apache APISIX Dashboard"
max-request: 1
product: apisix
vendor: apache
tags: apache,apisix,panel
http:
@ -29,4 +30,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450220710a3aa7c907a20517e2f84a1530ec9db7d1ee1f95a7e939d9f4af1c4dfa224202210082a4e5540d4150aa8fc97f06d620b25898e719c16ea1641ece7c77709e2ccd0f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220710a3aa7c907a20517e2f84a1530ec9db7d1ee1f95a7e939d9f4af1c4dfa224202210082a4e5540d4150aa8fc97f06d620b25898e719c16ea1641ece7c77709e2ccd0f:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/apache/apache-mesos-panel.yaml
View File

@ -7,15 +7,15 @@ info:
description: Apache Mesos panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:apache:mesos:*:*:*:*:jenkins:*:*:*
metadata:
verified: true
fofa-query: app="APACHE-MESOS"
max-request: 2
vendor: apache
product: mesos
shodan-query: http.title:"Mesos"
fofa-query: app="APACHE-MESOS"
vendor: apache
verified: true
tags: panel,apache,mesos
http:
@ -38,4 +38,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100ad69e97dafffffc371736c0e3f887de98d060f7e6312a0c60f0ddfc295c14ea702205ae9d54dee856bcb885262e177e17f8cffa1622bbfd03862e443e0a9b67361e1:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100ad69e97dafffffc371736c0e3f887de98d060f7e6312a0c60f0ddfc295c14ea702205ae9d54dee856bcb885262e177e17f8cffa1622bbfd03862e443e0a9b67361e1:922c64590222798bb761d5b6d8e72950

6
http/exposed-panels/apache/public-tomcat-manager.yaml
View File

@ -7,13 +7,13 @@ info:
description: Apache Tomcat Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: apache
product: tomcat
shodan-query: title:"Apache Tomcat"
vendor: apache
tags: panel,tomcat,apache
http:
@ -36,4 +36,4 @@ http:
- 401
- 200
condition: or
# digest: 4a0a00473045022100e74fc0fa862d783d8d15dc4d4086080ddd89523d1c97a259a08aa123f0d524b002205f148d54b5f068354b3c7831b0405207a2afea9fbdfbae9a88292dfb74ac29d3:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e74fc0fa862d783d8d15dc4d4086080ddd89523d1c97a259a08aa123f0d524b002205f148d54b5f068354b3c7831b0405207a2afea9fbdfbae9a88292dfb74ac29d3:922c64590222798bb761d5b6d8e72950

2
http/exposed-panels/apigee-panel.yaml
View File

@ -9,9 +9,9 @@ info:
reference:
- https://cloud.google.com/apigee?hl=en
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:"-839356603"
verified: true
tags: panel,apigee,login
http:

8
http/exposed-panels/appsmith-web-login.yaml
View File

@ -9,14 +9,14 @@ info:
- https://www.appsmith.com
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: appsmith
product: appsmith
shodan-query: http.title:"appsmith"
vendor: appsmith
verified: true
tags: panel,appsmith
http:
@ -34,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502205c195e2a8c15d35fba17d0b3447b3968557b7292f2ec556fb4cc49cb375938f80221009098d1f589e1e7aa4e4e6b4159553358e6e24311cbaced24c81d317ab09f5d93:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205c195e2a8c15d35fba17d0b3447b3968557b7292f2ec556fb4cc49cb375938f80221009098d1f589e1e7aa4e4e6b4159553358e6e24311cbaced24c81d317ab09f5d93:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/appspace-panel.yaml
View File

@ -7,12 +7,14 @@ info:
description: Appspace is the workplace experience platform for your whole team that lets you manage it all from employee communications to your physical office spaces.
reference:
- https://www.appspace.com/
classification:
cpe: cpe:2.3:a:appspace:appspace:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 3
vendor: appspace
product: appspace
shodan-query: title:"Appspace"
vendor: appspace
verified: true
tags: appspace,panel,detect
http:
@ -42,4 +44,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100e239891f60774594dba36b7bf81c9c62698fb62234c827cd62e1f67259c089bf0221008d2696f832dba0932bbbadd848c4298012e038d37787291735922da1dfc9aa72:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100e239891f60774594dba36b7bf81c9c62698fb62234c827cd62e1f67259c089bf0221008d2696f832dba0932bbbadd848c4298012e038d37787291735922da1dfc9aa72:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/appsuite-panel.yaml
View File

@ -4,13 +4,15 @@ info:
name: Appsuite Login Panel - Detect
author: DhiyaneshDK
severity: info
classification:
cpe: cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: open-xchange
product: open-xchange_appsuite
shodan-query: html:"Appsuite"
tags: panel,appsuite,detect
vendor: open-xchange
verified: true
tags: panel,appsuite,detect,open-xchange
http:
- method: GET
@ -32,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402202d2830375179f183ed048fed6e7d6cfcb22767beb6b8fd99538ec2d6ea27682702201545802a3b39929e733dd4890b34236e1ccba6abfdeeaf04a98d6506a6bf37f0:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402202d2830375179f183ed048fed6e7d6cfcb22767beb6b8fd99538ec2d6ea27682702201545802a3b39929e733dd4890b34236e1ccba6abfdeeaf04a98d6506a6bf37f0:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/appwrite-panel.yaml
View File

@ -7,14 +7,14 @@ info:
description: Appwrite login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: appwrite
product: appwrite
shodan-query: http.favicon.hash:-633108100
vendor: appwrite
verified: true
tags: panel,appwrite,detect
http:
@ -28,4 +28,4 @@ http:
- type: dsl
dsl:
- "status_code==200 && (\"-633108100\" == mmh3(base64_py(body)))"
# digest: 4b0a00483046022100d592ee534639b6ef4af41afc316140e11a0638e7f509c4d560f73b90d3f42d4b022100c35cbd3f54b9c2674e2d273ac5c59896d883dd9a197847773e81e3c130bbce51:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100d592ee534639b6ef4af41afc316140e11a0638e7f509c4d560f73b90d3f42d4b022100c35cbd3f54b9c2674e2d273ac5c59896d883dd9a197847773e81e3c130bbce51:922c64590222798bb761d5b6d8e72950

1
http/exposed-panels/aptus-panel.yaml
View File

@ -7,7 +7,6 @@ info:
description: Aptus login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

5
http/exposed-panels/aqua-enterprise-panel.yaml
View File

@ -10,13 +10,12 @@ info:
- https://www.aquasec.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
google-query: intitle:"Aqua Cloud Native Security Platform"
max-request: 1
shodan-query: http.title:"Aqua Enterprise" || http.title:"Aqua Cloud Native Security Platform"
google-query: intitle:"Aqua Cloud Native Security Platform"
verified: true
tags: panel,aqua,aquasec
http:

8
http/exposed-panels/arangodb-web-Interface.yaml
View File

@ -8,12 +8,14 @@ info:
ArangoDB Web Interface was detected.
reference:
- https://www.arangodb.com/docs/stable/
classification:
cpe: cpe:2.3:a:arangodb:arangodb:*:*:*:*:*:*:*:*
metadata:
verified: "true"
max-request: 1
vendor: arangodb
product: arangodb
shodan-query: http.title:"ArangoDB Web Interface"
vendor: arangodb
verified: "true"
tags: panel,arangodb,login
http:
@ -30,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100d47d5e0d07d42a6cfdcc503f551ae175f4570e80d52a52c5e91960d728465a0c02203c48a7de3a3af6dffe1dd1c9c7cc28df84ea4d06e3edb34ff4e73451213f1552:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100d47d5e0d07d42a6cfdcc503f551ae175f4570e80d52a52c5e91960d728465a0c02203c48a7de3a3af6dffe1dd1c9c7cc28df84ea4d06e3edb34ff4e73451213f1552:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/arcgis/arcgis-panel.yaml
View File

@ -9,11 +9,12 @@ info:
- https://enterprise.arcgis.com/en/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:esri:arcgis_enterprise:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: esri
product: arcgis_enterprise
tags: docs,arcgis,cms,panel
vendor: esri
tags: docs,arcgis,cms,panel,esri
http:
- method: GET
@ -43,5 +44,6 @@ http:
part: body
group: 2
regex:
- '(Released Version:</strong>[\n\t ]+(([0-9]+(.[0-9]+)?(.[0-9]+)?)([\n\t ]+\([A-Za-z]+[\t ]+20[0-9][0-9]\))?))'
# digest: 4a0a00473045022100e75ef14aaa920efb3f04275804e5dc93d31bb6478ffff53265f604014c63769002201f0f010c5ae3c87e8d0ec2d9fd6a14974cec6cc94ca052136230e9accf7d1009:922c64590222798bb761d5b6d8e72950
- '(Released Version:</strong>[\n\t ]+(([0-9]+(.[0-9]+)?(.[0-9]+)?)([\n\t
]+\([A-Za-z]+[\t ]+20[0-9][0-9]\))?))'
# digest: 4a0a00473045022100e75ef14aaa920efb3f04275804e5dc93d31bb6478ffff53265f604014c63769002201f0f010c5ae3c87e8d0ec2d9fd6a14974cec6cc94ca052136230e9accf7d1009:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/arcgis/arcgis-services.yaml
View File

@ -7,13 +7,15 @@ info:
description: Check for the existence of the "/arcgis/rest/services" path on an ArcGIS server.
reference:
- https://enterprise.arcgis.com/en/
classification:
cpe: cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: esri
product: arcgis_server
shodan-query: title:"ArcGIS"
tags: panel,arcgis,rest,api,detect
vendor: esri
verified: true
tags: panel,arcgis,rest,api,detect,esri
http:
- method: GET
@ -38,4 +40,4 @@ http:
group: 1
regex:
- 'Current Version:\s*<\/b>\s*([0-9.]+)'
# digest: 4a0a004730450221009957b431fdc4e2ecd02a59552b435df5c3e7b836796357ef590c8ac7753cc5d602206aba5c3c02b0c2353e0081e8f7a3dc1efd42244d9f120255a13698bf1b7e56d8:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221009957b431fdc4e2ecd02a59552b435df5c3e7b836796357ef590c8ac7753cc5d602206aba5c3c02b0c2353e0081e8f7a3dc1efd42244d9f120255a13698bf1b7e56d8:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/archibus-webcentral-panel.yaml
View File

@ -9,14 +9,14 @@ info:
- https://archibus.com/products/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:archibus:web_central:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 3
vendor: archibus
product: web_central
shodan-query: http.favicon.hash:889652940
vendor: archibus
verified: true
tags: panel,archibus
http:
@ -45,4 +45,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100acebe06186240ea3099092b2eb0142a4b3b833bcf457fa5248eee96ca55dbca1022100e0205027c5c36ea662087509a06cbffbc9a91bddb10c36bd07ef7e41fd643bc2:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100acebe06186240ea3099092b2eb0142a4b3b833bcf457fa5248eee96ca55dbca1022100e0205027c5c36ea662087509a06cbffbc9a91bddb10c36bd07ef7e41fd643bc2:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/arcserve-panel.yaml
View File

@ -7,13 +7,15 @@ info:
reference:
- https://twitter.com/HunterMapping/status/1674267368359444480
- https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe
classification:
cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:*
metadata:
verified: true
fofa-query: icon_hash="-1889244460"
max-request: 1
vendor: arcserve
product: udp
shodan-query: http.favicon.hash:-1889244460
fofa-query: icon_hash="-1889244460"
vendor: arcserve
verified: true
tags: panel,login,arcserve,detect
http:
@ -33,4 +35,4 @@ http:
- type: status
status:
- 200
# digest: 490a004630440220037201480d44ab08f6c20ece9e3101291de4df70c01c63fafa803af239e27ee402203f8cf9b2bb3dd9dc2ca6593b476273b6e251b2ba14a92025c103dd9aab8fe248:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220037201480d44ab08f6c20ece9e3101291de4df70c01c63fafa803af239e27ee402203f8cf9b2bb3dd9dc2ca6593b476273b6e251b2ba14a92025c103dd9aab8fe248:922c64590222798bb761d5b6d8e72950

10
http/exposed-panels/arris-modem-detect.yaml
View File

@ -7,15 +7,15 @@ info:
description: ARRIS Touchstone Telephony Modem status panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:h:commscope:dg3450:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: commscope
product: dg3450
shodan-query: html:"phy.htm"
tags: panel,arris
vendor: commscope
verified: true
tags: panel,arris,commscope
http:
- method: GET
@ -32,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022030f2af3a833342caf1961d7bd00cf084e14b13a58488b7f64caf710fc50a4298022027cd37e109089e5ce2327025d563a48974636d4258af2babc6ee3de4341b4e3c:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022030f2af3a833342caf1961d7bd00cf084e14b13a58488b7f64caf710fc50a4298022027cd37e109089e5ce2327025d563a48974636d4258af2babc6ee3de4341b4e3c:922c64590222798bb761d5b6d8e72950

4
http/exposed-panels/aspcms-backend-panel.yaml
View File

@ -9,9 +9,9 @@ info:
reference:
- https://github.com/GREENHAT7/pxplan/blob/main/goby_pocs/Aspcms_Backend_Leak.json
metadata:
verified: true
max-request: 2
fofa-query: app="ASPCMS"
max-request: 2
verified: true
tags: panel,login,aspcms,admin
http:

3
http/exposed-panels/aspect-control-panel.yaml
View File

@ -8,12 +8,11 @@ info:
ASPECT Control Panel login was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:1011076161
verified: true
tags: panel,aspect,login
http:

2
http/exposed-panels/asus-aicloud-panel.yaml
View File

@ -8,9 +8,9 @@ info:
reference:
- https://www.asus.com/in/content/aicloud/
metadata:
verified: "true"
max-request: 1
shodan-query: title:"AiCloud"
verified: "true"
tags: panel,asus,aicloud,detect
http:

3
http/exposed-panels/asus-router-panel.yaml
View File

@ -7,12 +7,11 @@ info:
description: Asus router login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: 'Server: httpd/2.0 port:8080'
verified: true
tags: panel,asus,router,iot
http:

10
http/exposed-panels/atlantis-detect.yaml
View File

@ -9,15 +9,15 @@ info:
- https://github.com/runatlantis/atlantis
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:runatlantis:atlantis:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: runatlantis
product: atlantis
shodan-query: http.favicon.hash:-1706783005
tags: panel,atlantis
vendor: runatlantis
verified: true
tags: panel,atlantis,runatlantis
http:
- method: GET
@ -36,4 +36,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100c301049d4e575acc0141cfe0b4f8a23315199387e43d40eca9671615299eef20022100e9ce9d00f3e4655c0c9aa5066ef7f62882ea023c320ccc5e18c30ca401479666:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c301049d4e575acc0141cfe0b4f8a23315199387e43d40eca9671615299eef20022100e9ce9d00f3e4655c0c9aa5066ef7f62882ea023c320ccc5e18c30ca401479666:922c64590222798bb761d5b6d8e72950

2
http/exposed-panels/atlassian-bamboo-panel.yaml
View File

@ -9,9 +9,9 @@ info:
reference:
- https://www.atlassian.com/software/bamboo
metadata:
verified: true
max-request: 1
shodan-query: http.title:"Bamboo"
verified: true
tags: panel,bamboo,login,detect
http:

9
http/exposed-panels/atlassian-crowd-panel.yaml
View File

@ -9,11 +9,12 @@ info:
- https://www.atlassian.com/
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: atlassian
product: crowd
category: sso
max-request: 1
product: crowd
vendor: atlassian
tags: panel,atlassian
http:
@ -34,4 +35,4 @@ http:
regex:
- 'value="Version:&nbsp;([\d.]+)'
part: body
# digest: 4a0a0047304502201a8cdf08c9afe0a3ec8cffa0c088f4d74e13ff16631c84b97cf38f543cf8ca90022100c1ef3365591f5bc26a9283f84b1d4f833d38860e4b35c662b7ca25895f1abac5:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201a8cdf08c9afe0a3ec8cffa0c088f4d74e13ff16631c84b97cf38f543cf8ca90022100c1ef3365591f5bc26a9283f84b1d4f833d38860e4b35c662b7ca25895f1abac5:922c64590222798bb761d5b6d8e72950

2
http/exposed-panels/atvise-login.yaml
View File

@ -11,8 +11,8 @@ info:
classification:
cwe-id: CWE-200
metadata:
max-request: 1
google-query: intitle:"atvise - next generation"
max-request: 1
tags: panel,atvise,edb
http:

2
http/exposed-panels/audiobookshelf-panel.yaml
View File

@ -7,9 +7,9 @@ info:
reference:
- https://github.com/advplyr/audiobookshelf
metadata:
verified: true
max-request: 2
shodan-query: title:"Audiobookshelf"
verified: true
tags: panel,audiobookshelf,detect
http:

3
http/exposed-panels/audiocodes-detect.yaml
View File

@ -7,12 +7,11 @@ info:
description: AudioCodes login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.html:"Audiocodes"
verified: true
tags: panel,audiocodes
http:

2
http/exposed-panels/authelia-panel.yaml
View File

@ -10,9 +10,9 @@ info:
- https://github.com/authelia/authelia
- https://www.authelia.com/
metadata:
verified: true
max-request: 1
shodan-query: title:"Login - Authelia"
verified: true
tags: login,panel,authelia
http:

2
http/exposed-panels/automatisch-panel.yaml
View File

@ -10,9 +10,9 @@ info:
- https://automatisch.io/
- https://github.com/automatisch/automatisch
metadata:
verified: true
max-request: 2
shodan-query: title:"Automatisch"
verified: true
tags: panel,automatisch,detect
http:

2
http/exposed-panels/autoset-detect.yaml
View File

@ -7,9 +7,9 @@ info:
reference:
- http://autoset.net/xe/
metadata:
verified: true
max-request: 1
shodan-query: title:"AutoSet"
verified: true
tags: tech,php,autoset,apache
http:

6
http/exposed-panels/avantfax-panel.yaml
View File

@ -9,13 +9,13 @@ info:
- http://www.avantfax.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-668
cpe: cpe:2.3:a:avantfax:avantfax:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: avantfax
product: avantfax
shodan-query: http.title:"AvantFAX - Login"
vendor: avantfax
tags: panel,avantfax,login
http:
@ -40,4 +40,4 @@ http:
group: 1
regex:
- '<p align="center">([0-9.]+)<\/p>'
# digest: 4a0a00473045022077964a4406530cdfae5207e2476c76618931232f7ae7795a88f883e108ab2cac02210094d57d97c4a6b6584f81eb1de8210ceb8ae29a22bb77d01d6e2f959b622c4e31:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022077964a4406530cdfae5207e2476c76618931232f7ae7795a88f883e108ab2cac02210094d57d97c4a6b6584f81eb1de8210ceb8ae29a22bb77d01d6e2f959b622c4e31:922c64590222798bb761d5b6d8e72950

6
http/exposed-panels/avaya/avayaaura-cm-panel.yaml
View File

@ -7,12 +7,12 @@ info:
description: Avaya Aura Communication Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: avaya
product: aura_communication_manager
vendor: avaya
tags: panel,avaya
http:
@ -32,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402202d48e726eb3008bfa9d7a7cf6b0bbac9a62b29a23e6036b8d9fe923bdf853b51022040c6f4b80d06bc3e03422fed5a899f6486af1e85d1f7a4a4671cf72076ee4012:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402202d48e726eb3008bfa9d7a7cf6b0bbac9a62b29a23e6036b8d9fe923bdf853b51022040c6f4b80d06bc3e03422fed5a899f6486af1e85d1f7a4a4671cf72076ee4012:922c64590222798bb761d5b6d8e72950

6
http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml
View File

@ -7,12 +7,12 @@ info:
description: Avaya Aura System Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: avaya
product: aura_system_manager
vendor: avaya
tags: panel,avaya
http:
@ -39,4 +39,4 @@ http:
group: 1
regex:
- "</sup> System Manager ([a-z0-9.]+)</h1>"
# digest: 490a0046304402200bd9c9a61ec0197ffa28a9b0176a8708de7c7e80f51221926a05c5227555f9ae0220432ba47748c91bd0a83fbcb5765ebdb8d90fb81c848e259124ae36bb8bc24d3a:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402200bd9c9a61ec0197ffa28a9b0176a8708de7c7e80f51221926a05c5227555f9ae0220432ba47748c91bd0a83fbcb5765ebdb8d90fb81c848e259124ae36bb8bc24d3a:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/aviatrix-panel.yaml
View File

@ -9,11 +9,12 @@ info:
- https://docs.aviatrix.com/HowTos/controller_config.html
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: aviatrix
product: controller
shodan-query: http.title:"Aviatrix Cloud Controller"
vendor: aviatrix
tags: panel,aviatrix
http:
@ -33,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100c88970185b5c41c5ba06ebac223060129598e9fdfb814278653d7b67c3bf909d02205ea8c379fd5325f139ac8f1e27608b585225a2ea18e421505e99f0ce4893d90f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c88970185b5c41c5ba06ebac223060129598e9fdfb814278653d7b67c3bf909d02205ea8c379fd5325f139ac8f1e27608b585225a2ea18e421505e99f0ce4893d90f:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/avigilon-panel.yaml
View File

@ -7,14 +7,14 @@ info:
description: Avigilon login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:avigilon:avigilon_control_center:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: avigilon
product: avigilon_control_center
shodan-query: http.title:"Login - Avigilon Control Center"
vendor: avigilon
verified: true
tags: panel,avigilon
http:
@ -39,4 +39,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100e6224a90f6ffdac53c40c3ce6753ddebdfaceec4778fefb5dac2587e7846a4330220046e5bec1a08c054acc2e983136c13d257f5798a509cb0ae26c0f3d578c8978b:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e6224a90f6ffdac53c40c3ce6753ddebdfaceec4778fefb5dac2587e7846a4330220046e5bec1a08c054acc2e983136c13d257f5798a509cb0ae26c0f3d578c8978b:922c64590222798bb761d5b6d8e72950

1
http/exposed-panels/avtech-avn801-camera-panel.yaml
View File

@ -9,7 +9,6 @@ info:
- http://www.avtech.com.tw
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

2
http/exposed-panels/aws-ec2-autoscale.yaml
View File

@ -7,9 +7,9 @@ info:
reference:
- https://www.facebook.com/photo/?fbid=620605120110011&set=a.467014098802448
metadata:
verified: true
max-request: 1
shodan-query: html:"AWS EC2 Auto Scaling Lab"
verified: true
tags: exposure,ec2,aws,amazon,panel
http:

8
http/exposed-panels/aws-opensearch-login.yaml
View File

@ -9,13 +9,13 @@ info:
- https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:amazon:opensearch:*:*:*:*:maven:*:*:*
metadata:
max-request: 1
vendor: amazon
product: opensearch
tags: panel,opensearch,aws
vendor: amazon
tags: panel,opensearch,aws,amazon
http:
- method: GET
@ -31,4 +31,4 @@ http:
- type: word
words:
- "Please login to OpenSearch Dashboards"
# digest: 4a0a00473045022100c4d1b67b698ab893a50fe37fd0cca8d4ac2ab8eb248422bc3b6dca60e63e7124022007e26bd87bd62b4085865a8f61e2d95001d0d890955748fa3d551e06eec5967a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c4d1b67b698ab893a50fe37fd0cca8d4ac2ab8eb248422bc3b6dca60e63e7124022007e26bd87bd62b4085865a8f61e2d95001d0d890955748fa3d551e06eec5967a:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/axel-webserver.yaml
View File

@ -7,13 +7,12 @@ info:
description: Axel WebServer panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
fofa-query: app="AxelWebServer"
max-request: 1
shodan-query: http.title:"Axel"
fofa-query: app="AxelWebServer"
verified: true
tags: panel,axel,webserver
http:

2
http/exposed-panels/axway-api-manager-panel.yaml
View File

@ -5,9 +5,9 @@ info:
author: johnk3r
severity: info
metadata:
verified: true
max-request: 1
shodan-query: http.title:"Axway API Manager Login"
verified: true
tags: panel,axway,detect
http:

8
http/exposed-panels/axway-securetransport-panel.yaml
View File

@ -10,14 +10,14 @@ info:
- https://www.axway.com/en/products/managed-file-transfer/securetransport
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: axway
product: securetransport
shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434
vendor: axway
verified: true
tags: panel,axway,securetransport
http:
@ -49,4 +49,4 @@ http:
group: 1
regex:
- '"SecureTransport", "([0-9.]+)",'
# digest: 4a0a004730450220598e95a1603de8fcbdb6a800020400230e48833f90f9b46cc436bfa2768c9f8f0221008f2119718bd7b1380e58f0bd143683a4fa8d4ed415aaaf285c7ffd4b45501ef1:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220598e95a1603de8fcbdb6a800020400230e48833f90f9b46cc436bfa2768c9f8f0221008f2119718bd7b1380e58f0bd143683a4fa8d4ed415aaaf285c7ffd4b45501ef1:922c64590222798bb761d5b6d8e72950

12
http/exposed-panels/axway-securetransport-webclient.yaml
View File

@ -9,14 +9,14 @@ info:
- https://www.axway.com/en/products/managed-file-transfer/securetransport
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: axway
product: securetransport
google-query: intitle:"ST Web Client"
max-request: 1
product: securetransport
vendor: axway
verified: true
tags: panel,axway,securetransport,webclient
http:
@ -34,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502202c18c3a94ed23be0a1943bb61bb048bce10266d51aa6a4d0edfde9b8c510bfd00221008c09b35dbd32dc7d84627e2fd6aed2d72672619968115417fee5f90c11167ac2:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502202c18c3a94ed23be0a1943bb61bb048bce10266d51aa6a4d0edfde9b8c510bfd00221008c09b35dbd32dc7d84627e2fd6aed2d72672619968115417fee5f90c11167ac2:922c64590222798bb761d5b6d8e72950

9
http/exposed-panels/axxon-client-panel.yaml
View File

@ -10,13 +10,14 @@ info:
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cwe-id: CWE-200
cpe: cpe:2.3:a:axxonsoft:axxon_next:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: axxonsoft
product: axxon_next
shodan-query: title:"Axxon Next client"
tags: panel,axxon,vms,login,detect
vendor: axxonsoft
verified: true
tags: panel,axxon,vms,login,detect,axxonsoft
http:
- method: GET
@ -33,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022048015cc49159e33329eb6fad32e5b1147dd8670ddfaba6b81d0693a76aa757900220613d92c0ed43ee222ed246336183269f2bf4874943234615b9c880a35ef2a082:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022048015cc49159e33329eb6fad32e5b1147dd8670ddfaba6b81d0693a76aa757900220613d92c0ed43ee222ed246336183269f2bf4874943234615b9c880a35ef2a082:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/backpack/backpack-admin-panel.yaml
View File

@ -8,12 +8,11 @@ info:
Laravel Backpack admin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: title:"Backpack Admin"
verified: true
tags: panel,backpack,admin
http:

1
http/exposed-panels/bazarr-login.yaml
View File

@ -9,7 +9,6 @@ info:
- https://www.bazarr.media/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

6
http/exposed-panels/bedita-panel.yaml
View File

@ -9,13 +9,13 @@ info:
- https://www.bedita.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:bedita:bedita:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: bedita
product: bedita
shodan-query: http.title:"BEdita"
vendor: bedita
tags: panel,bedita
http:
@ -40,4 +40,4 @@ http:
group: 1
regex:
- 'target="besite">(.*)</a><br>'
# digest: 4a0a0047304502203a43112a0109263a92644069b27142147d71fc5b6ce7209f81d1643d91f22c08022100e015567bb6d46e99c1d6f7e5746de37a3d21415cc16982b54df460f00f3d9743:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502203a43112a0109263a92644069b27142147d71fc5b6ce7209f81d1643d91f22c08022100e015567bb6d46e99c1d6f7e5746de37a3d21415cc16982b54df460f00f3d9743:922c64590222798bb761d5b6d8e72950

7
http/exposed-panels/beego-admin-dashboard.yaml
View File

@ -12,12 +12,13 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
cpe: cpe:2.3:a:beego:beego:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: beego
product: beego
shodan-query: html:"Beego Admin Dashboard"
vendor: beego
verified: true
tags: panel,beego,unauth
http:
@ -42,4 +43,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100ec542820ed2546585b5ee19fbc6e2dda08999a03d92b1c980aec3aa63dcb922d022100883555aeabdedaa79acd51d0fdc57ebd7c5dc3cb43de2698ce583111efa68cde:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100ec542820ed2546585b5ee19fbc6e2dda08999a03d92b1c980aec3aa63dcb922d022100883555aeabdedaa79acd51d0fdc57ebd7c5dc3cb43de2698ce583111efa68cde:922c64590222798bb761d5b6d8e72950

1
http/exposed-panels/beyondtrust-login-server.yaml
View File

@ -9,7 +9,6 @@ info:
- https://www.beyondtrust.com/brand
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

1
http/exposed-panels/beyondtrust-panel.yaml
View File

@ -7,7 +7,6 @@ info:
description: BeyondTrust login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

1
http/exposed-panels/bigant-login-panel.yaml
View File

@ -7,7 +7,6 @@ info:
description: BigAnt admin login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

5
http/exposed-panels/bigbluebutton-login.yaml
View File

@ -9,10 +9,11 @@ info:
- https://github.com/bigbluebutton/greenlight
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:bigbluebutton:greenlight:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: bigbluebutton
product: greenlight
vendor: bigbluebutton
tags: panel,bigbluebutton
http:
@ -34,4 +35,4 @@ http:
group: 1
regex:
- 'Greenlight<\/a>\. (.*)'
# digest: 490a0046304402204368d4bdd2b4e463d7eef5f73f123c6b3859e898cba7714343181849ebda6450022026e40141c6ccdadd05d8adf4720e4841b35ec996ab702f1e8fefb7d772e6f64e:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204368d4bdd2b4e463d7eef5f73f123c6b3859e898cba7714343181849ebda6450022026e40141c6ccdadd05d8adf4720e4841b35ec996ab702f1e8fefb7d772e6f64e:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/bigfix-login.yaml
View File

@ -9,12 +9,11 @@ info:
- https://www.hcltechsw.com/bigfix
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
google-query: intitle:"BigFix"
max-request: 1
shodan-query: http.title:"BigFix"
google-query: intitle:"BigFix"
tags: panel,bigfix
http:

6
http/exposed-panels/bigip-rest-panel.yaml
View File

@ -12,13 +12,13 @@ info:
- https://clouddocs.f5.com/products/big-iq/mgmt-api/v5.4/ApiReferences/bigiq_api_ref/r_auth_login.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: f5
product: big-ip_access_policy_manager
shodan-query: http.title:"BIG-IP&reg;-+Redirect" +"Server"
vendor: f5
tags: panel,bigip,f5
http:
@ -36,4 +36,4 @@ http:
- type: status
status:
- 401
# digest: 4b0a00483046022100d744b6216e4ba63151701895eb853a6459c0b379b94f143b031bc2353420dfad022100f67c1600ffada42e984b371b002c3caa5db3f6409a8d0f45ac02ce69c6e98441:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100d744b6216e4ba63151701895eb853a6459c0b379b94f143b031bc2353420dfad022100f67c1600ffada42e984b371b002c3caa5db3f6409a8d0f45ac02ce69c6e98441:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/biotime-panel.yaml
View File

@ -7,12 +7,11 @@ info:
description: BioTime Web login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 2
shodan-query: http.title:"BioTime"
verified: true
tags: panel,biotime
http:

8
http/exposed-panels/bitdefender-gravityzone.yaml
View File

@ -7,14 +7,14 @@ info:
description: Bitdefender GravityZone panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: bitdefender
product: gravityzone
shodan-query: title:"Bitdefender GravityZone"
vendor: bitdefender
verified: true
tags: panel,bitdefender
http:
@ -32,4 +32,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100ca9f5c8d30437562c49b5cd4af3735802b92fbe6b8ed30dc1c26b5f356f815b502205d6b8602cca02360fc4b81022a3230dedd6e6ad57ef58ab04cbba91236abbb4f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100ca9f5c8d30437562c49b5cd4af3735802b92fbe6b8ed30dc1c26b5f356f815b502205d6b8602cca02360fc4b81022a3230dedd6e6ad57ef58ab04cbba91236abbb4f:922c64590222798bb761d5b6d8e72950

5
http/exposed-panels/bitrix-panel.yaml
View File

@ -7,10 +7,11 @@ info:
description: Bitrix24 is a unified work space that places a complete set of business tools into a single, intuitive interface.
classification:
cwe-id: CWE-200
cpe: cpe:2.3:a:bitrix:bitrix24:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: bitrix
product: bitrix24
vendor: bitrix
tags: panel,bitrix,login
http:
@ -33,4 +34,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100c7af9b5a4cd7b69a85d1e2660e5e8e8ca6247d29a419d4a1d3d72b32f22a4563022100de0bee98d37d52135fed6325bb731f4941b77b491c4c5781655da5b57c4c3ac5:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c7af9b5a4cd7b69a85d1e2660e5e8e8ca6247d29a419d4a1d3d72b32f22a4563022100de0bee98d37d52135fed6325bb731f4941b77b491c4c5781655da5b57c4c3ac5:922c64590222798bb761d5b6d8e72950

8
http/exposed-panels/bitwarden-vault-panel.yaml
View File

@ -6,12 +6,14 @@ info:
severity: info
reference:
- https://bitwarden.com/?utm_source=google&utm_medium=cpc&utm_campaign=AW_ALL_NU_CL_Bitwarden_en_GSN_DTMB_Brand-Login_KW:Brand-Login_Consolidated&utm_content=646427936792&utm_term=bitwarden%20vault%20login|kwd-826827349840&hsa_acc=2567950947&hsa_cam=19621984700&hsa_grp=145977914135&hsa_ad=646427936792&hsa_src=g&hsa_tgt=kwd-826827349840&hsa_kw=bitwarden%20vault%20login&hsa_mt=e&hsa_net=adwords&hsa_ver=3&gad=1&gclid=Cj0KCQjwpompBhDZARIsAFD_Fp-07Mni-xzuKd5Ewi6I7qzRTdZOYSxMsMVvKVWhGm5qg2KUiY2Z7SQaAvSIEALw_wcB
classification:
cpe: cpe:2.3:a:bitwarden:bitwarden:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: bitwarden
product: bitwarden
shodan-query: title:"Bitwarden Web Vault"
vendor: bitwarden
verified: true
tags: panel,bitwarden,vault,detect
http:
@ -34,4 +36,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502201c520cd2bd808d55b5bebedae2913311d3ca6386d8b48f6b4b0d3ce4c8099766022100a8b05e3c05409b86d9fe3bd6de38513ae0a3bdb3d1c4e425db7b898f0a4fd426:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201c520cd2bd808d55b5bebedae2913311d3ca6386d8b48f6b4b0d3ce4c8099766022100a8b05e3c05409b86d9fe3bd6de38513ae0a3bdb3d1c4e425db7b898f0a4fd426:922c64590222798bb761d5b6d8e72950

3
http/exposed-panels/black-duck-panel.yaml
View File

@ -11,12 +11,11 @@ info:
- https://www.synopsys.com/software-integrity/security-testing/software-composition-analysis.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.title:"Black Duck"
verified: true
tags: panel,blackduck,synopsys
http:

10
http/exposed-panels/bloofoxcms-login-panel.yaml
View File

@ -4,12 +4,14 @@ info:
name: bloofoxCMS Login Panel - Detect
author: theamanrawat
severity: info
classification:
cpe: cpe:2.3:a:bloofox:bloofoxcms:*:*:*:*:*:*:*:*
metadata:
verified: "true"
fofa-query: Powered by bloofoxCMS
max-request: 2
vendor: bloofox
product: bloofoxcms
fofa-query: "Powered by bloofoxCMS"
vendor: bloofox
verified: "true"
tags: panel,bloofox,cms
http:
@ -37,4 +39,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502207dd20f96273e7205ddf8a024a1a0ffca5beb3a48017a9d9d06740024588b2131022100be394901a63df2d94986e8350fdd11236ead7723c0d28aedf455bf6aa609a4c7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502207dd20f96273e7205ddf8a024a1a0ffca5beb3a48017a9d9d06740024588b2131022100be394901a63df2d94986e8350fdd11236ead7723c0d28aedf455bf6aa609a4c7:922c64590222798bb761d5b6d8e72950

1
http/exposed-panels/blue-iris-login.yaml
View File

@ -10,7 +10,6 @@ info:
- https://blueirissoftware.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

1
http/exposed-panels/bmc-panel-detect.yaml
View File

@ -7,7 +7,6 @@ info:
description: BMC Discovery Outpost admin panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
max-request: 1

3
http/exposed-panels/bmc/bmc-discovery-panel.yaml
View File

@ -9,12 +9,11 @@ info:
- https://docs.bmc.com/docs/discovery/documentation-home-1098837931.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: http.title:"BMC Software"
verified: true
tags: panel,bmc
http:

11
http/exposed-panels/bolt-cms-panel.yaml
View File

@ -9,13 +9,13 @@ info:
- https://github.com/bolt/bolt
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0
cwe-id: CWE-200
cpe: cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: boltcms
product: bolt
tags: panel,bolt,cms,login
vendor: boltcms
tags: panel,bolt,cms,login,boltcms
http:
- method: GET
@ -37,11 +37,12 @@ http:
- '<script src="/app/view/js/bolt.js"></script>'
- '<script src="/app/view/js/bolt.min.js"'
- '<script src="/assets/bolt.js"></script>'
- 'Bolt requires JavaScript to function properly and continuing without it might corrupt or erase data.'
- 'Bolt requires JavaScript to function properly and continuing without
it might corrupt or erase data.'
- 'Bolt » Login'
- 'Cookies are required to log on to Bolt. Please allow cookies.'
- type: status
status:
- 200
# digest: 4b0a00483046022100a544c7f167ea27ae7a4696c99464bcc77043e72b1dd5a75f42205aaddf506a8c022100d6634703c2bc2ec459a8055bc9fff161dc526f100b3e55f7a5f9c8d54c35a5d3:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a544c7f167ea27ae7a4696c99464bcc77043e72b1dd5a75f42205aaddf506a8c022100d6634703c2bc2ec459a8055bc9fff161dc526f100b3e55f7a5f9c8d54c35a5d3:922c64590222798bb761d5b6d8e72950

Some files were not shown because too many files have changed in this diff Show More