Merge pull request #5645 from projectdiscovery/updating-tags

Update OAST tags
2022-10-12 16:00:04 +05:30 · 2022-10-12 16:00:04 +05:30 · 5dad2b1179
parent 3d6180be7e fa56e9eca9
commit 5dad2b1179
10 changed files with 17 additions and 47 deletions
--- a/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml
+++ b/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml
@ -15,19 +15,15 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"Cisco Unified"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,cisco,kev
+  tags: cve,cve2021,rce,jndi,log4j,cisco,kev,oast

 requests:
  - raw:
      - |
        POST /ccmadmin/j_security_check HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}/ccmadmin/showHome.do
--- a/vulnerabilities/cisco/cisco-vmanage-log4j.yaml
+++ b/vulnerabilities/cisco/cisco-vmanage-log4j.yaml
@ -17,17 +17,13 @@ info:
  metadata:
    shodan-query: title:"vManage"
    verified: "true"
-  tags: log4j,cisco,tenable,cve,cve2021,rce,jndi,kev
+  tags: log4j,cisco,tenable,cve,cve2021,rce,jndi,kev,oast

 requests:
  - raw:
      - |
        POST /j_security_check HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}
--- a/vulnerabilities/other/graylog-log4j.yaml
+++ b/vulnerabilities/other/graylog-log4j.yaml
@ -15,19 +15,16 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"Graylog Web Interface"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,graylog,kev
+  tags: cve,cve2021,rce,jndi,log4j,graylog,kev,oast

 requests:
  - raw:
      - |
        POST /api/system/sessions HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
        Accept: application/json
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        X-Requested-With: XMLHttpRequest
        X-Requested-By: XMLHttpRequest
        Content-Type: application/json
--- a/vulnerabilities/other/jamf-pro-log4j.yaml
+++ b/vulnerabilities/other/jamf-pro-log4j.yaml
@ -15,19 +15,15 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"Jamf Pro"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,jamfpro,kev
+  tags: cve,cve2021,rce,jndi,log4j,jamfpro,kev,oast

 requests:
  - raw:
      - |
        POST / HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}
--- a/vulnerabilities/other/metabase-log4j.yaml
+++ b/vulnerabilities/other/metabase-log4j.yaml
@ -17,7 +17,7 @@ info:
  metadata:
    shodan-query: title:"Metabase"
    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,metabase,kev
+  tags: cve,cve2021,rce,jndi,log4j,metabase,kev,oast

 requests:
  - method: GET
--- a/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
+++ b/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
@ -17,9 +17,9 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"OpenNMS Web Console"
-    verified: "true"
-  tags: jndi,log4j,rce,opennms,cve,cve2021,kev
+  tags: jndi,log4j,rce,opennms,cve,cve2021,kev,oast

 requests:
  - raw:
--- a/vulnerabilities/other/rundeck-log4j.yaml
+++ b/vulnerabilities/other/rundeck-log4j.yaml
@ -17,17 +17,13 @@ info:
  metadata:
    shodan-query: title:"Rundeck"
    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,rundeck,kev
+  tags: cve,cve2021,rce,jndi,log4j,rundeck,kev,oast

 requests:
  - raw:
      - |
        POST /j_security_check HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Origin: {{BaseURL}}
        Connection: close
--- a/vulnerabilities/vmware/vmware-hcx-log4j.yaml
+++ b/vulnerabilities/vmware/vmware-hcx-log4j.yaml
@ -15,19 +15,16 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"VMware HCX"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,vmware,kev
+  tags: cve,cve2021,rce,jndi,log4j,vmware,kev,oast

 requests:
  - raw:
      - |
        POST /hybridity/api/sessions HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
        Accept: application/json
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/json
        Origin: {{BaseURL}}

--- a/vulnerabilities/vmware/vmware-nsx-log4j.yaml
+++ b/vulnerabilities/vmware/vmware-nsx-log4j.yaml
@ -15,19 +15,15 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: html:"vmw_nsx_logo-black-triangle-500w.png"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,graylog,kev
+  tags: cve,cve2021,rce,jndi,log4j,graylog,kev,oast

 requests:
  - raw:
      - |
        POST /login HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}/login.jsp
--- a/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml
+++ b/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml
@ -15,19 +15,15 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-917
  metadata:
+    verified: true
    shodan-query: title:"vRealize Operations Manager"
-    verified: "true"
-  tags: cve,cve2021,rce,jndi,log4j,vmware,kev
+  tags: cve,cve2021,rce,jndi,log4j,vmware,kev,oast

 requests:
  - raw:
      - |
        POST /ui/login.action HTTP/1.1
        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
-        Accept: */*
-        Accept-Language: en-US,en;q=0.5
-        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
        X-Requested-With: XMLHttpRequest
        Origin: {{BaseURL}}