daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Seperate tech and exposed-panels (#3634) 

* Seperate tech and exposed-panels

* Update phpcollab-panel.yaml

* Update wondercms-detect.yaml

* Update xxljob-panel.yaml

* Update yzmcms-panel.yaml

* workflow fixes

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
patch-1
Muhammad Daffa 2022-01-31 14:56:08 +07:00 committed by GitHub
parent 211f02d79d
commit 55d54b57c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
42 changed files with 269 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
technologies/openam-detect.yaml → exposed-panels/openam-panel.yaml
View File

@ -1,10 +1,12 @@
id: openam-detect
id: openam-panel
info:
name: Detect OpenAM and OpenSSO
name: OpenAM and OpenSSO Login Panel
author: philippedelteil
severity: info
tags: tech,openam
metadata:
shodan-query: http.title:"OpenAM"
tags: panel,openam,opensso,login
requests:
- method: GET
@ -16,6 +18,7 @@ requests:
- "{{BaseURL}}/sso/XUI"
- "{{BaseURL}}/sso/UI"
- "{{BaseURL}}/sso/UI/#login"
- "{{BaseURL}}/opensso/UI/Login"
- "{{BaseURL}}/openam/UI/login"
- "{{BaseURL}}/openam/UI/#loginlogin"
- "{{BaseURL}}/openam/UI/Login"

7
technologies/opensis-detect.yaml → exposed-panels/opensis-panel.yaml
View File

@ -1,10 +1,12 @@
id: opensis-detect
info:
name: OpenSIS Detect
name: OpenSIS Login Panel
author: pikpikcu
severity: info
tags: tech,opensis
metadata:
shodan-query: http.title:"openSIS"
tags: panel,opensis,login
requests:
- method: GET
@ -12,6 +14,7 @@ requests:
- "{{BaseURL}}"
- "{{BaseURL}}/opensis/index.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word

8
technologies/openx-detect.yaml → exposed-panels/openx-panel.yaml
View File

@ -1,10 +1,12 @@
id: openx-detect
id: openx-panel
info:
name: OpenX detect
name: OpenX Login Panel
author: pikpikcu
severity: info
tags: tech,openx
metadata:
shodan-query: http.title:"OpenX"
tags: panel,openx,login
requests:
- method: GET

13
technologies/phpcollab-detect.yaml → exposed-panels/phpcollab-panel.yaml
View File

@ -1,22 +1,29 @@
id: phpcollab-detect
id: phpcollab-panel
info:
name: PhpCollab detect
name: PhpCollab Login Panel
author: pikpikcu
severity: info
tags: tech,phpcollab
metadata:
shodan-query: http.title:"PhpCollab"
tags: panel,phpcollab,login
requests:
- method: GET
path:
- "{{BaseURL}}/general/login.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>PhpCollab</title>'
- type: status
status:
- 200
extractors:
- type: regex
part: body

10
technologies/remkon-manager-detect.yaml → exposed-panels/remkon-manager-panel.yaml
View File

@ -1,10 +1,12 @@
id: remkon-manager-detect
id: remkon-manager-panel
info:
name: Remkon Device Manager Detect
author: pikpikcu
name: Remkon Device Manager Login Panel
author: pikpikcu,daffainfo
severity: info
tags: remkon,tech,panel
metadata:
shodan-query: http.title:"Remkon Device Manager"
tags: panel,remkon,login
requests:
- method: GET

13
technologies/sage-detect.yaml → exposed-panels/sage-panel.yaml
View File

@ -1,10 +1,12 @@
id: sage-detect
id: sage-panel
info:
name: Sage X3 Detect
author: pikpikcu
name: Sage X3 Login Panel
author: pikpikcu,daffainfo
severity: info
tags: tech,sage
metadata:
shodan-query: http.title:"Sage X3"
tags: panel,sage,login
requests:
- method: GET
@ -13,11 +15,12 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>Sage X3</title>"
- "'/auth/sage-id/registerStart'"
condition: and
- type: status
status:

31
exposed-panels/seeddms-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: seeddms-panel
info:
name: SeedDMS Login Panel
author: pussycat0x,daffainfo
severity: info
metadata:
shodan-query: http.title:"SeedDMS"
tags: panel,seeddms,login
requests:
- method: GET
path:
- "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
- "{{BaseURL}}/dms/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
redirects: true
max-redirects: 2
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'href="/out/out.ViewFolder.php">SeedDMS</a>'
- 'href="../out/out.ViewFolder.php?folderid=1">SeedDMS</a>'
condition: or
- type: status
status:
- 200

26
exposed-panels/voipmonitor-panel.yaml Normal file
View File

@ -0,0 +1,26 @@
id: voipmonitor-panel
info:
name: VoipMonitor panel
author: Yanyun
severity: info
metadata:
shodan-query: http.title:"VoIPmonitor"
tags: panel,voipmonitor,login
requests:
- method: GET
path:
- '{{BaseURL}}'
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "appShareUrl = 'share.voipmonitor.org'"
- "VoIPmonitor"
condition: and

37
exposed-panels/wazuh-panel.yaml Normal file
View File

@ -0,0 +1,37 @@
id: wazuh-panel
info:
name: Wazuh Login Panel
author: cyllective,daffainfo
severity: info
description: Wazuh - The Open Source Security Platform
reference: https://github.com/wazuh/wazuh
metadata:
shodan-query: http.title:"Wazuh"
tags: panel,wazuh,login
requests:
- method: GET
path:
- "{{BaseURL}}/app/login"
matchers:
- type: word
part: body
words:
- '&quot;id&quot;:&quot;wazuh&quot;'
- '&quot;title&quot;:&quot;Wazuh&quot;'
- '&quot;icon&quot;:&quot;plugins/wazuh/img/icon_blue.png&quot;'
- '&quot;url&quot;:&quot;/app/wazuh&quot;'
condition: or
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '&quot;version&quot;:&quot;([0-9.]+)&quot;'

32
exposed-panels/webmodule-ee-panel.yaml Normal file
View File

@ -0,0 +1,32 @@
id: webmodule-ee-panel
info:
name: Webmodule Login Panel
author: pussycat0x,daffainfo
severity: info
metadata:
google-dork: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
reference: https://www.exploit-db.com/ghdb/7001
tags: panel,webmodule-ee,login
requests:
- method: GET
path:
- "{{BaseURL}}/webmodule-ee/login.seam"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Webmodule</title>"
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- 'Version: ([0-9.]+)'

30
exposed-panels/xxljob-panel.yaml Normal file
View File

@ -0,0 +1,30 @@
id: xxljob-panel
info:
name: XXLJOB Admin Login Panel
author: pdteam,daffainfo
severity: info
tags: panel,xxljob,login
requests:
- method: GET
path:
- "{{BaseURL}}/xxl-job-admin/toLogin"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<a><b>XXL</b>JOB</a>"
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"admin_version":"(.*?)"'

20
technologies/yzmcms-detect.yaml → exposed-panels/yzmcms-panel.yaml
View File

@ -1,10 +1,12 @@
id: yzmcms-detect
id: yzmcms-panel
info:
name: YzmCMS Detect
author: pikpikcu
name: YzmCMS Login Panel
author: pikpikcu,daffainfo
severity: info
tags: yzmcms,tech
metadata:
shodan-query: http.title:"YzmCMS"
tags: panel,yzmcms,login
requests:
- method: GET
@ -13,11 +15,13 @@ requests:
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- 'Powered By <a href="http://www.yzmcms.com"'
- 'Powered By YzmCMS'
condition: or
- type: status
status:
- 200

0
technologies/sitecore-default-page.yaml → technologies/default-sitecore-page.yaml
View File

5
technologies/pega-detect.yaml
View File

@ -14,12 +14,15 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"description" :"The Pega API'
- type: status
status:
- 200
- type: word
part: header
words:
- 'application/json'
part: header

2
technologies/php-proxy-detect.yaml
View File

@ -29,4 +29,4 @@ requests:
part: body
group: 1
regex:
- 'PHP\-Proxy<\/a> ([0-9.]+)<\/div>'
- '<meta name="version" content="([0-9.]+)">'

6
technologies/redmine-cli-detect.yaml
View File

@ -16,9 +16,9 @@ requests:
- type: word
part: body
words:
- default
- my_id
- root_url
- "default"
- "my_id"
- "root_url"
condition: and
- type: status

1
technologies/sceditor-detect.yaml
View File

@ -18,6 +18,7 @@ requests:
- "<title>Ticket BBCode editor - SCEditor</title>"
- 'title="SCEditor"'
condition: and
- type: status
status:
- 200

21
technologies/seeddms-detect.yaml
View File

@ -1,21 +0,0 @@
id: seeddms-detect
info:
name: Seeddms-
author: pussycat0x
severity: info
tags: tech
requests:
- method: GET
path:
- "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- "<title>SeedDMS: Sign in</title>"
- type: status
status:
- 200

11
technologies/shopware-detect.yaml
View File

@ -5,10 +5,10 @@ info:
author: cyllective
severity: info
description: Detects Shopware CMS
tags: tech,shopware,cms
reference:
- https://github.com/shopware/shopware
- https://github.com/shopware/platform
tags: tech,shopware,cms
requests:
- method: GET
@ -16,12 +16,17 @@ requests:
- "{{BaseURL}}/admin"
- "{{BaseURL}}/backend"
matchers-condition: and
matchers:
- type: word
part: body
condition: or
words:
- 'Realisiert mit Shopware'
- 'Realised with Shopware'
- 'Shopware Administration (c) shopware AG'
- '<title>Shopware 5 - Backend (c) shopware AG</title>'
- '<title>Shopware 5 - Backend (c) shopware AG</title>'
condition: or
- type: status
status:
- 200

26
technologies/strapi-cms-detect.yaml
View File

@ -1,22 +1,32 @@
id: strapi-cms-detect
info:
name: strapi CMS detect
author: cyllective
name: Strapi CMS detect
author: cyllective,daffainfo
severity: info
description: Detects strapi CMS
description: Open source Node.js Headless CMS to easily build customisable APIs
reference: https://github.com/strapi/strapi
tags: tech,strapi,cms
reference:
- https://github.com/strapi/strapi
requests:
- method: GET
path:
- "{{BaseURL}}/admin/auth/login"
- "{{BaseURL}}/admin/init"
matchers:
- type: word
part: body
condition: or
words:
- '<title>Strapi Admin</title>'
- '"data"'
- '"uuid"'
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"strapiVersion":"([0-9.]+)"'

4
technologies/terraform-detect.yaml
View File

@ -17,8 +17,8 @@ requests:
- type: word
part: body
words:
- access_key
- terraform
- "access_key"
- "terraform"
condition: and
- type: status

12
technologies/thinkcmf-detection.yaml → technologies/thinkcmf-detect.yaml
View File

@ -1,10 +1,10 @@
id: thinkcmf-detection
info:
name: ThinkCMF Detection
author: pikpikcu
name: Detect ThinkCMF
author: pikpikcu,daffainfo
severity: info
tags: thinkcmf
tags: panel,thinkcmf,login
requests:
- method: GET
@ -13,12 +13,10 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "X-Powered-By: ThinkCMF"
part: header
condition: and
- '<meta name="author" content="ThinkCMF">'
- type: status
status:

0
technologies/vmware-detect.yaml → technologies/vmware/vmware-detect.yaml
View File

0
technologies/vmware-horizon.yaml → technologies/vmware/vmware-horizon.yaml
View File

0
technologies/vmware-site-recovery-manager.yaml → technologies/vmware/vmware-site-recovery-manager.yaml
View File

0
technologies/vmware-vrealize-detect.yaml → technologies/vmware/vmware-vrealize-detect.yaml
View File

24
technologies/voipmonitor-detect.yaml
View File

@ -1,24 +0,0 @@
id: voipmonitor-detect
info:
name: VoipMonitor detect
author: Yanyun
severity: info
tags: tech,voipmonitor
requests:
- method: GET
path:
- '{{BaseURL}}'
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- 'share.voipmonitor.org'
- 'VoIPmonitor'
condition: and

25
technologies/wazuh-detect.yaml
View File

@ -1,25 +0,0 @@
id: wazuh-detect
info:
name: wazuh detect
author: cyllective
severity: info
description: Detects wazuh
tags: tech,wazuh
reference:
- https://github.com/wazuh/wazuh
requests:
- method: GET
path:
- "{{BaseURL}}/app/login"
matchers:
- type: word
part: body
condition: or
words:
- '&quot;id&quot;:&quot;wazuh&quot;'
- '&quot;title&quot;:&quot;Wazuh&quot;'
- '&quot;icon&quot;:&quot;plugins/wazuh/img/icon_blue.png&quot;'
- '&quot;url&quot;:&quot;/app/wazuh&quot;'

21
technologies/webmodule-ee.yaml
View File

@ -1,21 +0,0 @@
id: webmodule-ee-detection
info:
name: Webmodule Detection
author: pussycat0x
severity: info
reference: https://www.exploit-db.com/ghdb/7001
tags: webmodule-ee,tech
requests:
- method: GET
path:
- "{{BaseURL}}/webmodule-ee/login.seam"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Webmodule</title>"
- type: status
status:
- 200

1
technologies/werkzeug-debugger-detect.yaml
View File

@ -10,6 +10,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}/console"
matchers:
- type: word
words:

9
technologies/wondercms-detect.yaml
View File

@ -11,14 +11,15 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: header
words:
- "Set-Cookie: wondercms_"
- type: word
part: body
words:
- "Powered by WonderCMS"
- "https://www.wondercms.com"
condition: and
- type: status
status:
- 200

3
technologies/wuzhicms-detect.yaml
View File

@ -13,11 +13,12 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Powered by wuzhicms"
- "五指CMS"
condition: or
- type: status
status:

23
technologies/xxljob-admin-detect.yaml
View File

@ -1,23 +0,0 @@
id: xxljob-admin-detect
info:
name: XXLJOB Admin Login
author: pdteam
severity: info
tags: tech,xxljob
requests:
- method: GET
path:
- "{{BaseURL}}/xxl-job-admin/toLogin"
matchers-condition: and
matchers:
- type: word
words:
- "<a><b>XXL</b>JOB</a>"
- type: status
status:
- 200

3
technologies/yapi-detect.yaml
View File

@ -4,6 +4,8 @@ info:
name: YApi Detect
author: pikpikcu
severity: info
metadata:
shodan-query: http.title:"YApi"
tags: tech,yapi
requests:
@ -13,7 +15,6 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:

2
workflows/openam-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all OpenAM related nuclei templates on a given target.
workflows:
- template: technologies/openam-detect.yaml
- template: exposed-panels/openam-panel.yaml
subtemplates:
- tags: openam

2
workflows/opensis-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all OpenSIS related nuclei templates on a given target.
workflows:
- template: technologies/opensis-detect.yaml
- template: exposed-panels/opensis-panel.yaml
subtemplates:
- tags: opensis

2
workflows/phpcollab-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all PhpCollab related nuclei templates on a given target.
workflows:
- template: technologies/phpcollab-detect.yaml
- template: exposed-panels/phpcollab-panel.yaml
subtemplates:
- tags: phpcollab

6
workflows/sitecore-workflow.yaml
View File

@ -6,8 +6,6 @@ info:
description: A simple workflow that runs all SiteCore related nuclei templates on a given target.
workflows:
- template: technologies/sitecore-default-page.yaml
- template: exposed-panels/sitecore-login.yaml
- template: technologies/default-sitecore-page.yaml
subtemplates:
- tags: vulnerabilities/sitecore-pre-auth-rce.yaml
- template: misconfiguration/sitecore-debug-page.yaml
- tags: sitecore

2
workflows/thinkcmf-workflow.yaml
View File

@ -5,6 +5,6 @@ info:
description: A simple workflow that runs all ThinkCMF related nuclei templates on a given target.
workflows:
- template: technologies/thinkcmf-detection.yaml
- template: technologies/thinkcmf-detect.yaml
subtemplates:
- tags: thinkcmf

2
workflows/vmware-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all VMware Pipeline related nuclei templates on a given target.
workflows:
- template: technologies/vmware-detect.yaml
- template: technologies/vmware/vmware-detect.yaml
subtemplates:
- tags: vmware

2
workflows/voipmonitor-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all VoipMonitor related nuclei templates on a given target.
workflows:
- template: technologies/voipmonitor-detect.yaml
- template: exposed-panels/voipmonitor-panel.yaml
subtemplates:
- tags: voipmonitor

2
workflows/xxljob-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all XXL-JOB related nuclei templates on a given target.
workflows:
- template: technologies/xxljob-admin-detect.yaml
- template: exposed-panels/xxljob-panel.yaml
subtemplates:
- template: default-logins/xxljob/xxljob-default-login.yaml