From 55d54b57c9bc0d797a28add055d939a275d23554 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Mon, 31 Jan 2022 14:56:08 +0700 Subject: [PATCH] Seperate tech and exposed-panels (#3634) * Seperate tech and exposed-panels * Update phpcollab-panel.yaml * Update wondercms-detect.yaml * Update xxljob-panel.yaml * Update yzmcms-panel.yaml * workflow fixes Co-authored-by: Prince Chaddha Co-authored-by: sandeep --- .../openam-panel.yaml | 9 +++-- .../opensis-panel.yaml | 7 +++- .../openx-panel.yaml | 8 ++-- .../phpcollab-panel.yaml | 13 +++++-- .../remkon-manager-panel.yaml | 10 +++-- .../sage-panel.yaml | 13 ++++--- exposed-panels/seeddms-panel.yaml | 31 ++++++++++++++++ exposed-panels/voipmonitor-panel.yaml | 26 +++++++++++++ exposed-panels/wazuh-panel.yaml | 37 +++++++++++++++++++ exposed-panels/webmodule-ee-panel.yaml | 32 ++++++++++++++++ exposed-panels/xxljob-panel.yaml | 30 +++++++++++++++ .../yzmcms-panel.yaml | 20 ++++++---- ...t-page.yaml => default-sitecore-page.yaml} | 0 technologies/pega-detect.yaml | 5 ++- technologies/php-proxy-detect.yaml | 2 +- technologies/redmine-cli-detect.yaml | 6 +-- technologies/sceditor-detect.yaml | 1 + technologies/seeddms-detect.yaml | 21 ----------- technologies/shopware-detect.yaml | 11 ++++-- technologies/strapi-cms-detect.yaml | 26 +++++++++---- technologies/terraform-detect.yaml | 4 +- ...mf-detection.yaml => thinkcmf-detect.yaml} | 12 +++--- technologies/{ => vmware}/vmware-detect.yaml | 0 technologies/{ => vmware}/vmware-horizon.yaml | 0 .../vmware-site-recovery-manager.yaml | 0 .../{ => vmware}/vmware-vrealize-detect.yaml | 0 technologies/voipmonitor-detect.yaml | 24 ------------ technologies/wazuh-detect.yaml | 25 ------------- technologies/webmodule-ee.yaml | 21 ----------- technologies/werkzeug-debugger-detect.yaml | 1 + technologies/wondercms-detect.yaml | 9 +++-- technologies/wuzhicms-detect.yaml | 3 +- technologies/xxljob-admin-detect.yaml | 23 ------------ technologies/yapi-detect.yaml | 3 +- workflows/openam-workflow.yaml | 2 +- workflows/opensis-workflow.yaml | 2 +- workflows/phpcollab-workflow.yaml | 2 +- workflows/sitecore-workflow.yaml | 6 +-- workflows/thinkcmf-workflow.yaml | 2 +- workflows/vmware-workflow.yaml | 2 +- workflows/voipmonitor-workflow.yaml | 2 +- workflows/xxljob-workflow.yaml | 2 +- 42 files changed, 269 insertions(+), 184 deletions(-) rename technologies/openam-detect.yaml => exposed-panels/openam-panel.yaml (87%) rename technologies/opensis-detect.yaml => exposed-panels/opensis-panel.yaml (73%) rename technologies/openx-detect.yaml => exposed-panels/openx-panel.yaml (81%) rename technologies/phpcollab-detect.yaml => exposed-panels/phpcollab-panel.yaml (62%) rename technologies/remkon-manager-detect.yaml => exposed-panels/remkon-manager-panel.yaml (60%) rename technologies/sage-detect.yaml => exposed-panels/sage-panel.yaml (57%) create mode 100644 exposed-panels/seeddms-panel.yaml create mode 100644 exposed-panels/voipmonitor-panel.yaml create mode 100644 exposed-panels/wazuh-panel.yaml create mode 100644 exposed-panels/webmodule-ee-panel.yaml create mode 100644 exposed-panels/xxljob-panel.yaml rename technologies/yzmcms-detect.yaml => exposed-panels/yzmcms-panel.yaml (60%) rename technologies/{sitecore-default-page.yaml => default-sitecore-page.yaml} (100%) delete mode 100644 technologies/seeddms-detect.yaml rename technologies/{thinkcmf-detection.yaml => thinkcmf-detect.yaml} (60%) rename technologies/{ => vmware}/vmware-detect.yaml (100%) rename technologies/{ => vmware}/vmware-horizon.yaml (100%) rename technologies/{ => vmware}/vmware-site-recovery-manager.yaml (100%) rename technologies/{ => vmware}/vmware-vrealize-detect.yaml (100%) delete mode 100644 technologies/voipmonitor-detect.yaml delete mode 100644 technologies/wazuh-detect.yaml delete mode 100644 technologies/webmodule-ee.yaml delete mode 100644 technologies/xxljob-admin-detect.yaml diff --git a/technologies/openam-detect.yaml b/exposed-panels/openam-panel.yaml similarity index 87% rename from technologies/openam-detect.yaml rename to exposed-panels/openam-panel.yaml index 1a58dcf504..c016a77580 100644 --- a/technologies/openam-detect.yaml +++ b/exposed-panels/openam-panel.yaml @@ -1,10 +1,12 @@ -id: openam-detect +id: openam-panel info: - name: Detect OpenAM and OpenSSO + name: OpenAM and OpenSSO Login Panel author: philippedelteil severity: info - tags: tech,openam + metadata: + shodan-query: http.title:"OpenAM" + tags: panel,openam,opensso,login requests: - method: GET @@ -16,6 +18,7 @@ requests: - "{{BaseURL}}/sso/XUI" - "{{BaseURL}}/sso/UI" - "{{BaseURL}}/sso/UI/#login" + - "{{BaseURL}}/opensso/UI/Login" - "{{BaseURL}}/openam/UI/login" - "{{BaseURL}}/openam/UI/#loginlogin" - "{{BaseURL}}/openam/UI/Login" diff --git a/technologies/opensis-detect.yaml b/exposed-panels/opensis-panel.yaml similarity index 73% rename from technologies/opensis-detect.yaml rename to exposed-panels/opensis-panel.yaml index 369162c9c1..ef7852207b 100644 --- a/technologies/opensis-detect.yaml +++ b/exposed-panels/opensis-panel.yaml @@ -1,10 +1,12 @@ id: opensis-detect info: - name: OpenSIS Detect + name: OpenSIS Login Panel author: pikpikcu severity: info - tags: tech,opensis + metadata: + shodan-query: http.title:"openSIS" + tags: panel,opensis,login requests: - method: GET @@ -12,6 +14,7 @@ requests: - "{{BaseURL}}" - "{{BaseURL}}/opensis/index.php" + stop-at-first-match: true matchers-condition: and matchers: - type: word diff --git a/technologies/openx-detect.yaml b/exposed-panels/openx-panel.yaml similarity index 81% rename from technologies/openx-detect.yaml rename to exposed-panels/openx-panel.yaml index b0a7dfcdfd..fffe13bdc0 100644 --- a/technologies/openx-detect.yaml +++ b/exposed-panels/openx-panel.yaml @@ -1,10 +1,12 @@ -id: openx-detect +id: openx-panel info: - name: OpenX detect + name: OpenX Login Panel author: pikpikcu severity: info - tags: tech,openx + metadata: + shodan-query: http.title:"OpenX" + tags: panel,openx,login requests: - method: GET diff --git a/technologies/phpcollab-detect.yaml b/exposed-panels/phpcollab-panel.yaml similarity index 62% rename from technologies/phpcollab-detect.yaml rename to exposed-panels/phpcollab-panel.yaml index 6bfc4b094e..422d2d3ad1 100644 --- a/technologies/phpcollab-detect.yaml +++ b/exposed-panels/phpcollab-panel.yaml @@ -1,22 +1,29 @@ -id: phpcollab-detect +id: phpcollab-panel info: - name: PhpCollab detect + name: PhpCollab Login Panel author: pikpikcu severity: info - tags: tech,phpcollab + metadata: + shodan-query: http.title:"PhpCollab" + tags: panel,phpcollab,login requests: - method: GET path: - "{{BaseURL}}/general/login.php" + matchers-condition: and matchers: - type: word part: body words: - 'PhpCollab' + - type: status + status: + - 200 + extractors: - type: regex part: body diff --git a/technologies/remkon-manager-detect.yaml b/exposed-panels/remkon-manager-panel.yaml similarity index 60% rename from technologies/remkon-manager-detect.yaml rename to exposed-panels/remkon-manager-panel.yaml index 3d74086597..93a67d5d24 100644 --- a/technologies/remkon-manager-detect.yaml +++ b/exposed-panels/remkon-manager-panel.yaml @@ -1,10 +1,12 @@ -id: remkon-manager-detect +id: remkon-manager-panel info: - name: Remkon Device Manager Detect - author: pikpikcu + name: Remkon Device Manager Login Panel + author: pikpikcu,daffainfo severity: info - tags: remkon,tech,panel + metadata: + shodan-query: http.title:"Remkon Device Manager" + tags: panel,remkon,login requests: - method: GET diff --git a/technologies/sage-detect.yaml b/exposed-panels/sage-panel.yaml similarity index 57% rename from technologies/sage-detect.yaml rename to exposed-panels/sage-panel.yaml index 5e8f704a2e..b23444a452 100644 --- a/technologies/sage-detect.yaml +++ b/exposed-panels/sage-panel.yaml @@ -1,10 +1,12 @@ -id: sage-detect +id: sage-panel info: - name: Sage X3 Detect - author: pikpikcu + name: Sage X3 Login Panel + author: pikpikcu,daffainfo severity: info - tags: tech,sage + metadata: + shodan-query: http.title:"Sage X3" + tags: panel,sage,login requests: - method: GET @@ -13,11 +15,12 @@ requests: matchers-condition: and matchers: - - type: word part: body words: - "Sage X3" + - "'/auth/sage-id/registerStart'" + condition: and - type: status status: diff --git a/exposed-panels/seeddms-panel.yaml b/exposed-panels/seeddms-panel.yaml new file mode 100644 index 0000000000..1c699076d9 --- /dev/null +++ b/exposed-panels/seeddms-panel.yaml @@ -0,0 +1,31 @@ +id: seeddms-panel + +info: + name: SeedDMS Login Panel + author: pussycat0x,daffainfo + severity: info + metadata: + shodan-query: http.title:"SeedDMS" + tags: panel,seeddms,login + +requests: + - method: GET + path: + - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" + - "{{BaseURL}}/dms/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" + + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'href="/out/out.ViewFolder.php">SeedDMS' + - 'href="../out/out.ViewFolder.php?folderid=1">SeedDMS' + condition: or + + - type: status + status: + - 200 \ No newline at end of file diff --git a/exposed-panels/voipmonitor-panel.yaml b/exposed-panels/voipmonitor-panel.yaml new file mode 100644 index 0000000000..4858e8d456 --- /dev/null +++ b/exposed-panels/voipmonitor-panel.yaml @@ -0,0 +1,26 @@ +id: voipmonitor-panel + +info: + name: VoipMonitor panel + author: Yanyun + severity: info + metadata: + shodan-query: http.title:"VoIPmonitor" + tags: panel,voipmonitor,login + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "appShareUrl = 'share.voipmonitor.org'" + - "VoIPmonitor" + condition: and \ No newline at end of file diff --git a/exposed-panels/wazuh-panel.yaml b/exposed-panels/wazuh-panel.yaml new file mode 100644 index 0000000000..ce38f35fad --- /dev/null +++ b/exposed-panels/wazuh-panel.yaml @@ -0,0 +1,37 @@ +id: wazuh-panel + +info: + name: Wazuh Login Panel + author: cyllective,daffainfo + severity: info + description: Wazuh - The Open Source Security Platform + reference: https://github.com/wazuh/wazuh + metadata: + shodan-query: http.title:"Wazuh" + tags: panel,wazuh,login + +requests: + - method: GET + path: + - "{{BaseURL}}/app/login" + + matchers: + - type: word + part: body + words: + - '"id":"wazuh"' + - '"title":"Wazuh"' + - '"icon":"plugins/wazuh/img/icon_blue.png"' + - '"url":"/app/wazuh"' + condition: or + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"version":"([0-9.]+)"' \ No newline at end of file diff --git a/exposed-panels/webmodule-ee-panel.yaml b/exposed-panels/webmodule-ee-panel.yaml new file mode 100644 index 0000000000..11a84abdd2 --- /dev/null +++ b/exposed-panels/webmodule-ee-panel.yaml @@ -0,0 +1,32 @@ +id: webmodule-ee-panel + +info: + name: Webmodule Login Panel + author: pussycat0x,daffainfo + severity: info + metadata: + google-dork: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version" + reference: https://www.exploit-db.com/ghdb/7001 + tags: panel,webmodule-ee,login + +requests: + - method: GET + path: + - "{{BaseURL}}/webmodule-ee/login.seam" + + matchers-condition: and + matchers: + - type: word + words: + - "Webmodule" + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'Version: ([0-9.]+)' \ No newline at end of file diff --git a/exposed-panels/xxljob-panel.yaml b/exposed-panels/xxljob-panel.yaml new file mode 100644 index 0000000000..3fd00d6650 --- /dev/null +++ b/exposed-panels/xxljob-panel.yaml @@ -0,0 +1,30 @@ +id: xxljob-panel + +info: + name: XXLJOB Admin Login Panel + author: pdteam,daffainfo + severity: info + tags: panel,xxljob,login + +requests: + - method: GET + path: + - "{{BaseURL}}/xxl-job-admin/toLogin" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "XXLJOB" + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"admin_version":"(.*?)"' diff --git a/technologies/yzmcms-detect.yaml b/exposed-panels/yzmcms-panel.yaml similarity index 60% rename from technologies/yzmcms-detect.yaml rename to exposed-panels/yzmcms-panel.yaml index e7f31c36a2..871681b8e3 100644 --- a/technologies/yzmcms-detect.yaml +++ b/exposed-panels/yzmcms-panel.yaml @@ -1,10 +1,12 @@ -id: yzmcms-detect +id: yzmcms-panel info: - name: YzmCMS Detect - author: pikpikcu + name: YzmCMS Login Panel + author: pikpikcu,daffainfo severity: info - tags: yzmcms,tech + metadata: + shodan-query: http.title:"YzmCMS" + tags: panel,yzmcms,login requests: - method: GET @@ -13,11 +15,13 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - 'Powered By ([0-9.]+)<\/div>' + - '' diff --git a/technologies/redmine-cli-detect.yaml b/technologies/redmine-cli-detect.yaml index 8cb08b7888..4ea5f5fca9 100644 --- a/technologies/redmine-cli-detect.yaml +++ b/technologies/redmine-cli-detect.yaml @@ -16,9 +16,9 @@ requests: - type: word part: body words: - - default - - my_id - - root_url + - "default" + - "my_id" + - "root_url" condition: and - type: status diff --git a/technologies/sceditor-detect.yaml b/technologies/sceditor-detect.yaml index d9b323edea..85fdbfdf69 100644 --- a/technologies/sceditor-detect.yaml +++ b/technologies/sceditor-detect.yaml @@ -18,6 +18,7 @@ requests: - "Ticket BBCode editor - SCEditor" - 'title="SCEditor"' condition: and + - type: status status: - 200 diff --git a/technologies/seeddms-detect.yaml b/technologies/seeddms-detect.yaml deleted file mode 100644 index 307611e1d0..0000000000 --- a/technologies/seeddms-detect.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: seeddms-detect -info: - name: Seeddms- - author: pussycat0x - severity: info - tags: tech -requests: - - method: GET - path: - - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" - - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - words: - - "SeedDMS: Sign in" - - type: status - status: - - 200 \ No newline at end of file diff --git a/technologies/shopware-detect.yaml b/technologies/shopware-detect.yaml index 1ec4dee4f3..d62698b57e 100644 --- a/technologies/shopware-detect.yaml +++ b/technologies/shopware-detect.yaml @@ -5,10 +5,10 @@ info: author: cyllective severity: info description: Detects Shopware CMS - tags: tech,shopware,cms reference: - https://github.com/shopware/shopware - https://github.com/shopware/platform + tags: tech,shopware,cms requests: - method: GET @@ -16,12 +16,17 @@ requests: - "{{BaseURL}}/admin" - "{{BaseURL}}/backend" + matchers-condition: and matchers: - type: word part: body - condition: or words: - 'Realisiert mit Shopware' - 'Realised with Shopware' - 'Shopware Administration (c) shopware AG' - - 'Shopware 5 - Backend (c) shopware AG' \ No newline at end of file + - 'Shopware 5 - Backend (c) shopware AG' + condition: or + + - type: status + status: + - 200 \ No newline at end of file diff --git a/technologies/strapi-cms-detect.yaml b/technologies/strapi-cms-detect.yaml index 1008f11d25..ac071e4a30 100644 --- a/technologies/strapi-cms-detect.yaml +++ b/technologies/strapi-cms-detect.yaml @@ -1,22 +1,32 @@ id: strapi-cms-detect info: - name: strapi CMS detect - author: cyllective + name: Strapi CMS detect + author: cyllective,daffainfo severity: info - description: Detects strapi CMS + description: Open source Node.js Headless CMS to easily build customisable APIs + reference: https://github.com/strapi/strapi tags: tech,strapi,cms - reference: - - https://github.com/strapi/strapi requests: - method: GET path: - - "{{BaseURL}}/admin/auth/login" + - "{{BaseURL}}/admin/init" matchers: - type: word part: body - condition: or words: - - 'Strapi Admin' \ No newline at end of file + - '"data"' + - '"uuid"' + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"strapiVersion":"([0-9.]+)"' \ No newline at end of file diff --git a/technologies/terraform-detect.yaml b/technologies/terraform-detect.yaml index 4a458c77e2..6786954f8f 100644 --- a/technologies/terraform-detect.yaml +++ b/technologies/terraform-detect.yaml @@ -17,8 +17,8 @@ requests: - type: word part: body words: - - access_key - - terraform + - "access_key" + - "terraform" condition: and - type: status diff --git a/technologies/thinkcmf-detection.yaml b/technologies/thinkcmf-detect.yaml similarity index 60% rename from technologies/thinkcmf-detection.yaml rename to technologies/thinkcmf-detect.yaml index 6cc404174d..c4136da57d 100644 --- a/technologies/thinkcmf-detection.yaml +++ b/technologies/thinkcmf-detect.yaml @@ -1,10 +1,10 @@ id: thinkcmf-detection info: - name: ThinkCMF Detection - author: pikpikcu + name: Detect ThinkCMF + author: pikpikcu,daffainfo severity: info - tags: thinkcmf + tags: panel,thinkcmf,login requests: - method: GET @@ -13,12 +13,10 @@ requests: matchers-condition: and matchers: - - type: word + part: body words: - - "X-Powered-By: ThinkCMF" - part: header - condition: and + - '' - type: status status: diff --git a/technologies/vmware-detect.yaml b/technologies/vmware/vmware-detect.yaml similarity index 100% rename from technologies/vmware-detect.yaml rename to technologies/vmware/vmware-detect.yaml diff --git a/technologies/vmware-horizon.yaml b/technologies/vmware/vmware-horizon.yaml similarity index 100% rename from technologies/vmware-horizon.yaml rename to technologies/vmware/vmware-horizon.yaml diff --git a/technologies/vmware-site-recovery-manager.yaml b/technologies/vmware/vmware-site-recovery-manager.yaml similarity index 100% rename from technologies/vmware-site-recovery-manager.yaml rename to technologies/vmware/vmware-site-recovery-manager.yaml diff --git a/technologies/vmware-vrealize-detect.yaml b/technologies/vmware/vmware-vrealize-detect.yaml similarity index 100% rename from technologies/vmware-vrealize-detect.yaml rename to technologies/vmware/vmware-vrealize-detect.yaml diff --git a/technologies/voipmonitor-detect.yaml b/technologies/voipmonitor-detect.yaml deleted file mode 100644 index 4c7ee9c7eb..0000000000 --- a/technologies/voipmonitor-detect.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: voipmonitor-detect - -info: - name: VoipMonitor detect - author: Yanyun - severity: info - tags: tech,voipmonitor - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'share.voipmonitor.org' - - 'VoIPmonitor' - condition: and \ No newline at end of file diff --git a/technologies/wazuh-detect.yaml b/technologies/wazuh-detect.yaml deleted file mode 100644 index 2961a8e89c..0000000000 --- a/technologies/wazuh-detect.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wazuh-detect - -info: - name: wazuh detect - author: cyllective - severity: info - description: Detects wazuh - tags: tech,wazuh - reference: - - https://github.com/wazuh/wazuh - -requests: - - method: GET - path: - - "{{BaseURL}}/app/login" - - matchers: - - type: word - part: body - condition: or - words: - - '"id":"wazuh"' - - '"title":"Wazuh"' - - '"icon":"plugins/wazuh/img/icon_blue.png"' - - '"url":"/app/wazuh"' diff --git a/technologies/webmodule-ee.yaml b/technologies/webmodule-ee.yaml deleted file mode 100644 index 6245dc8a7a..0000000000 --- a/technologies/webmodule-ee.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: webmodule-ee-detection -info: - name: Webmodule Detection - author: pussycat0x - severity: info - reference: https://www.exploit-db.com/ghdb/7001 - tags: webmodule-ee,tech - -requests: - - method: GET - path: - - "{{BaseURL}}/webmodule-ee/login.seam" - matchers-condition: and - matchers: - - type: word - words: - - "Webmodule" - - - type: status - status: - - 200 diff --git a/technologies/werkzeug-debugger-detect.yaml b/technologies/werkzeug-debugger-detect.yaml index aa90f4c1a3..1e941addba 100644 --- a/technologies/werkzeug-debugger-detect.yaml +++ b/technologies/werkzeug-debugger-detect.yaml @@ -10,6 +10,7 @@ requests: - method: GET path: - "{{BaseURL}}/console" + matchers: - type: word words: diff --git a/technologies/wondercms-detect.yaml b/technologies/wondercms-detect.yaml index 3edc662811..197bd631c4 100644 --- a/technologies/wondercms-detect.yaml +++ b/technologies/wondercms-detect.yaml @@ -11,14 +11,15 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and matchers: + - type: word + part: header + words: + - "Set-Cookie: wondercms_" + - type: word part: body words: - "Powered by WonderCMS" - "https://www.wondercms.com" condition: and - - type: status - status: - - 200 diff --git a/technologies/wuzhicms-detect.yaml b/technologies/wuzhicms-detect.yaml index ef54b2627d..f03576c6db 100644 --- a/technologies/wuzhicms-detect.yaml +++ b/technologies/wuzhicms-detect.yaml @@ -13,11 +13,12 @@ requests: matchers-condition: and matchers: - - type: word part: body words: - "Powered by wuzhicms" + - "五指CMS" + condition: or - type: status status: diff --git a/technologies/xxljob-admin-detect.yaml b/technologies/xxljob-admin-detect.yaml deleted file mode 100644 index 0c4858b393..0000000000 --- a/technologies/xxljob-admin-detect.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: xxljob-admin-detect - -info: - name: XXLJOB Admin Login - author: pdteam - severity: info - tags: tech,xxljob - -requests: - - method: GET - path: - - "{{BaseURL}}/xxl-job-admin/toLogin" - - matchers-condition: and - matchers: - - - type: word - words: - - "XXLJOB" - - - type: status - status: - - 200 \ No newline at end of file diff --git a/technologies/yapi-detect.yaml b/technologies/yapi-detect.yaml index 77facc8b00..79e1414787 100644 --- a/technologies/yapi-detect.yaml +++ b/technologies/yapi-detect.yaml @@ -4,6 +4,8 @@ info: name: YApi Detect author: pikpikcu severity: info + metadata: + shodan-query: http.title:"YApi" tags: tech,yapi requests: @@ -13,7 +15,6 @@ requests: matchers-condition: and matchers: - - type: word part: body words: diff --git a/workflows/openam-workflow.yaml b/workflows/openam-workflow.yaml index 421ca20fb0..afa92cc956 100644 --- a/workflows/openam-workflow.yaml +++ b/workflows/openam-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all OpenAM related nuclei templates on a given target. workflows: - - template: technologies/openam-detect.yaml + - template: exposed-panels/openam-panel.yaml subtemplates: - tags: openam diff --git a/workflows/opensis-workflow.yaml b/workflows/opensis-workflow.yaml index 1057c9605d..bd0bb44b4d 100644 --- a/workflows/opensis-workflow.yaml +++ b/workflows/opensis-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all OpenSIS related nuclei templates on a given target. workflows: - - template: technologies/opensis-detect.yaml + - template: exposed-panels/opensis-panel.yaml subtemplates: - tags: opensis diff --git a/workflows/phpcollab-workflow.yaml b/workflows/phpcollab-workflow.yaml index ae6fbb3dd4..75dac215b2 100644 --- a/workflows/phpcollab-workflow.yaml +++ b/workflows/phpcollab-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all PhpCollab related nuclei templates on a given target. workflows: - - template: technologies/phpcollab-detect.yaml + - template: exposed-panels/phpcollab-panel.yaml subtemplates: - tags: phpcollab diff --git a/workflows/sitecore-workflow.yaml b/workflows/sitecore-workflow.yaml index cfeab5b32a..2dc2a27e36 100644 --- a/workflows/sitecore-workflow.yaml +++ b/workflows/sitecore-workflow.yaml @@ -6,8 +6,6 @@ info: description: A simple workflow that runs all SiteCore related nuclei templates on a given target. workflows: - - template: technologies/sitecore-default-page.yaml - - template: exposed-panels/sitecore-login.yaml + - template: technologies/default-sitecore-page.yaml subtemplates: - - tags: vulnerabilities/sitecore-pre-auth-rce.yaml - - template: misconfiguration/sitecore-debug-page.yaml \ No newline at end of file + - tags: sitecore \ No newline at end of file diff --git a/workflows/thinkcmf-workflow.yaml b/workflows/thinkcmf-workflow.yaml index 854e22fc6d..434483bb2c 100644 --- a/workflows/thinkcmf-workflow.yaml +++ b/workflows/thinkcmf-workflow.yaml @@ -5,6 +5,6 @@ info: description: A simple workflow that runs all ThinkCMF related nuclei templates on a given target. workflows: - - template: technologies/thinkcmf-detection.yaml + - template: technologies/thinkcmf-detect.yaml subtemplates: - tags: thinkcmf \ No newline at end of file diff --git a/workflows/vmware-workflow.yaml b/workflows/vmware-workflow.yaml index 6e79031d43..9ed0ed41ed 100644 --- a/workflows/vmware-workflow.yaml +++ b/workflows/vmware-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all VMware Pipeline related nuclei templates on a given target. workflows: - - template: technologies/vmware-detect.yaml + - template: technologies/vmware/vmware-detect.yaml subtemplates: - tags: vmware diff --git a/workflows/voipmonitor-workflow.yaml b/workflows/voipmonitor-workflow.yaml index 3082fdc3f2..a007c4a27c 100644 --- a/workflows/voipmonitor-workflow.yaml +++ b/workflows/voipmonitor-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all VoipMonitor related nuclei templates on a given target. workflows: - - template: technologies/voipmonitor-detect.yaml + - template: exposed-panels/voipmonitor-panel.yaml subtemplates: - tags: voipmonitor diff --git a/workflows/xxljob-workflow.yaml b/workflows/xxljob-workflow.yaml index 374a019255..d3605a9c90 100644 --- a/workflows/xxljob-workflow.yaml +++ b/workflows/xxljob-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all XXL-JOB related nuclei templates on a given target. workflows: - - template: technologies/xxljob-admin-detect.yaml + - template: exposed-panels/xxljob-panel.yaml subtemplates: - template: default-logins/xxljob/xxljob-default-login.yaml