Merge pull request #10059 from projectdiscovery/pussycat0x-patch-12

Create mantisbt-anonymous-login.yaml
2024-06-21 13:37:19 +08:00 · 2024-06-21 13:37:19 +08:00 · 66f92edd3d
parent 2bc4553c79 a9be608299
commit 66f92edd3d
1 changed files with 32 additions and 0 deletions
--- a/http/default-logins/mantisbt/mantisbt-anonymous-login.yaml
+++ b/http/default-logins/mantisbt/mantisbt-anonymous-login.yaml
@ -0,0 +1,32 @@
+id: mantisbt-anonymous-login
+
+info:
+  name: mantisbt - Anonymous Login
+  author: pussycat0x
+  severity: medium
+  description: |
+    mantisbt Anonymous login were discovered.
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: http.favicon.hash:662709064
+  tags: default-logins,anonymous,mantisbt,default-login
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/my_view_page.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'user-info">anonymous"'
+          - 'My View'
+          - 'Roadmap'
+        condition: and
+
+      - type: status
+        status:
+          - 200