misc updates
parent
d58d0d472f
commit
65ce478c0e
|
@ -8,11 +8,11 @@ info:
|
|||
- https://www.exploit-db.com/exploits/43342
|
||||
- http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html
|
||||
severity: critical
|
||||
tags: cve,cve2017,rce,vpn,paloalto,globalprotect
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.80
|
||||
cve-id: CVE-2017-15944
|
||||
tags: cve,cve2017,rce,vpn,panos,globalprotect
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -24,9 +24,9 @@ requests:
|
|||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "@start@Success@end@"
|
||||
part: body
|
||||
|
||||
- type: status
|
||||
status:
|
||||
|
|
|
@ -2,16 +2,16 @@ id: CVE-2018-10141
|
|||
|
||||
info:
|
||||
name: GlobalProtect Login page XSS
|
||||
severity: medium
|
||||
author: dhiyaneshDk
|
||||
description: GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
|
||||
severity: medium
|
||||
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-10141
|
||||
tags: globalprotect,xss,cve,cve2018,vpn
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.10
|
||||
cve-id: CVE-2018-10141
|
||||
cwe-id: CWE-79
|
||||
tags: cve,cve2018,panos,vpn,globalprotect,xss
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
@ -21,14 +21,14 @@ requests:
|
|||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- 'var valueUser = "j";-alert(1)-"x";'
|
||||
part: body
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/html"
|
||||
part: header
|
||||
|
||||
- type: status
|
||||
status:
|
||||
|
|
|
@ -6,7 +6,7 @@ info:
|
|||
severity: high
|
||||
description: Default Login of admin:admin on Palo Alto Networks PAN-OS application.
|
||||
reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks.
|
||||
tags: paloalto,panos,default-login
|
||||
tags: panos,default-login
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -17,19 +17,19 @@ requests:
|
|||
|
||||
user={{username}}&passwd={{password}}&challengePwd=&ok=Login
|
||||
|
||||
attack: pitchfork
|
||||
payloads:
|
||||
username:
|
||||
- admin
|
||||
password:
|
||||
- admin
|
||||
attack: pitchfork
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "Set-Cookie: PHPSESSID"
|
||||
part: header
|
||||
|
||||
- type: word
|
||||
words:
|
||||
|
|
|
@ -4,7 +4,7 @@ info:
|
|||
name: PaloAlto Networks GlobalProtect Panel
|
||||
author: organiccrap
|
||||
severity: info
|
||||
tags: panel
|
||||
tags: panel,panos
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
@ -12,6 +12,7 @@ requests:
|
|||
- "{{BaseURL}}/global-protect/login.esp"
|
||||
- "{{BaseURL}}/sslmgr"
|
||||
|
||||
stop-at-first-match: true
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
|
|
Loading…
Reference in New Issue