daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

standardize network template tags

patch-1
ErikOwen 2023-07-24 11:27:05 -07:00
parent b007c09328
commit 67a02bb507
62 changed files with 72 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
network/cves/2017/CVE-2017-5645.yaml
View File

@ -23,7 +23,7 @@ info:
max-request: 2
vendor: apache
product: log4j
tags: vulhub,network,apache,log4j,rce,deserialization,oast
tags: vulhub,network,apache,log4j,rce,deserialization,oast,cve
variables:
end: "\r\n"
tcp:

2
network/cves/2020/CVE-2020-11981.yaml
View File

@ -19,7 +19,7 @@ info:
max-request: 2
shodan-query: product:"redis"
verified: true
tags: network,redis,unauth,apache,airflow,vulhub,intrusive
tags: network,redis,unauth,apache,airflow,vulhub,intrusive,cve
variables:
data: "*3\r\n$5\r\nLPUSH\r\n$7\r\ndefault\r\n$936\r\n{\"content-encoding\": \"utf-8\", \"properties\": {\"priority\": 0, \"delivery_tag\": \"f29d2b4f-b9d6-4b9a-9ec3-029f9b46e066\", \"delivery_mode\": 2, \"body_encoding\": \"base64\", \"correlation_id\": \"ed5f75c1-94f7-43e4-ac96-e196ca248bd4\", \"delivery_info\": {\"routing_key\": \"celery\", \"exchange\": \"\"}, \"reply_to\": \"fb996eec-3033-3c10-9ee1-418e1ca06db8\"}, \"content-type\": \"application/json\", \"headers\": {\"retries\": 0, \"lang\": \"py\", \"argsrepr\": \"(100, 200)\", \"expires\": null, \"task\": \"airflow.executors.celery_executor.execute_command\", \"kwargsrepr\": \"{}\", \"root_id\": \"ed5f75c1-94f7-43e4-ac96-e196ca248bd4\", \"parent_id\": null, \"id\": \"ed5f75c1-94f7-43e4-ac96-e196ca248bd4\", \"origin\": \"gen1@132f65270cde\", \"eta\": null, \"group\": null, \"timelimit\": [null, null]}, \"body\": \""

2
network/detection/activemq-openwire-transport-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"ActiveMQ OpenWire transport"'
tags: network,activemq
tags: network,activemq,detect
tcp:
- inputs:

2
network/detection/apache-activemq-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"Apache ActiveMQ"'
tags: network,activemq,oss
tags: network,activemq,oss,detect
tcp:
- inputs:

2
network/detection/axigen-mail-server-detect.yaml
View File

@ -11,7 +11,7 @@ info:
verified: true
fofa-query: app="axigen-Mail-Server"
shodan-query: product:"Axigen"
tags: network,axigen
tags: network,axigen,detect
tcp:
- inputs:

2
network/detection/cisco-finger-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"Cisco fingerd"
tags: network,finger
tags: network,finger,detect
tcp:
- inputs:

2
network/detection/clamav-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'port:3310 product:"ClamAV"'
tags: network,clamav
tags: network,clamav,detect
tcp:
- inputs:

2
network/detection/cql-native-transport.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: "cassandra"
tags: network,cassandra,cql
tags: network,cassandra,cql,detect
tcp:
- inputs:

2
network/detection/detect-addpac-voip-gateway.yaml
View File

@ -12,7 +12,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: network,addpac,apos,voip
tags: network,addpac,apos,voip,detect
metadata:
max-request: 2

2
network/detection/detect-jabber-xmpp.yaml
View File

@ -11,7 +11,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: network,jabber,xmpp,messaging
tags: network,jabber,xmpp,messaging,detect
metadata:
max-request: 2

2
network/detection/dropbear-cbc-ciphers.yaml
View File

@ -14,7 +14,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"Dropbear sshd"'
tags: network,ssh,dropbear
tags: network,ssh,dropbear,detect
tcp:
- inputs:

2
network/detection/finger-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: port:"79" action
tags: network,finger
tags: network,finger,detect
tcp:
- inputs:

2
network/detection/gnu-inetutils-ftpd-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"GNU Inetutils FTPd"'
tags: network,ftp,smartgateway,gnu,inetutils
tags: network,ftp,smartgateway,gnu,inetutils,detect
tcp:
- inputs:

2
network/detection/gopher-detect.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: network,gopher
tags: network,gopher,detect
metadata:
max-request: 2

2
network/detection/ibm-d2b-database-server.yaml
View File

@ -16,7 +16,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"IBM DB2 Database Server"
tags: network,ibm,database,db,db2
tags: network,ibm,database,db,db2,detect
tcp:
- inputs:

2
network/detection/iplanet-imap-detect.yaml
View File

@ -13,7 +13,7 @@ info:
metadata:
max-request: 2
fofa-query: app="iPlanet-Messaging-Server-5.2" && protocol="imap"
tags: network,imap
tags: network,imap,detect
tcp:
- inputs:

2
network/detection/java-rmi-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: Java Remote Method Invocation Protocol - Detect
author: F1tz
severity: info
tags: network,rmi,java
tags: network,rmi,java,detect
description: |
Java Remote Method Invocation protocol is susceptible to information disclosure. It allows for unauthenticated network attacks, which can result in unauthorized operating system takeover including arbitrary code execution.
classification:

2
network/detection/microsoft-ftp-service.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: "Microsoft FTP Service"
tags: network,ftp,microsoft
tags: network,ftp,microsoft,detect
tcp:

2
network/detection/mikrotik-ftp-server-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"MikroTik router ftpd"'
tags: network,ftp,mikrotik,router
tags: network,ftp,mikrotik,router,detect
tcp:
- inputs:

2
network/detection/mikrotik-routeros-api.yaml
View File

@ -14,7 +14,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"MikroTik RouterOS API Service"
tags: network,mikrotik
tags: network,mikrotik,detect
tcp:
- inputs:

2
network/detection/mongodb-detect.yaml
View File

@ -12,7 +12,7 @@ info:
cwe-id: CWE-200
reference:
- https://github.com/orleven/Tentacle
tags: network,mongodb
tags: network,mongodb,detect
metadata:
max-request: 2

2
network/detection/mysql-detect.yaml
View File

@ -14,7 +14,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"MySQL"
tags: network,mysql,db
tags: network,mysql,db,detect
tcp:
- inputs:

2
network/detection/openssh-detect.yaml
View File

@ -16,7 +16,7 @@ info:
- http://seclists.org/fulldisclosure/2016/Jul/51
- https://nvd.nist.gov/vuln/detail/CVE-2016-6210
- https://nvd.nist.gov/vuln/detail/CVE-2018-15473
tags: seclists,network,ssh,openssh
tags: seclists,network,ssh,openssh,detect
metadata:
max-request: 2

2
network/detection/pgsql-detect.yaml
View File

@ -17,7 +17,7 @@ info:
max-request: 2
verified: true
shodan-query: port:5432 product:"PostgreSQL"
tags: network,postgresql,db
tags: network,postgresql,db,detect
tcp:
- inputs:

2
network/detection/proftpd-server-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"ProFTPD"'
tags: network,ftp,proftpd
tags: network,ftp,proftpd,detect
tcp:
- inputs:

2
network/detection/rabbitmq-detect.yaml
View File

@ -12,7 +12,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"RabbitMQ"
tags: network,rabbitmq,oss
tags: network,rabbitmq,oss,detect
tcp:
- inputs:

2
network/detection/rdp-detect.yaml
View File

@ -13,7 +13,7 @@ info:
metadata:
max-request: 2
verified: true
tags: network,windows,rdp
tags: network,windows,rdp,detect
tcp:
- inputs:

2
network/detection/redis-detect.yaml
View File

@ -12,7 +12,7 @@ info:
max-request: 4
shodan-query: product:"redis"
verified: true
tags: network,redis
tags: network,redis,detect
tcp:
- inputs:

2
network/detection/riak-detect.yaml
View File

@ -9,7 +9,7 @@ info:
max-request: 2
verified: true
shodan-query: product:"Riak"
tags: network,oss
tags: network,oss,detect
tcp:
- inputs:

2
network/detection/rpcbind-portmapper-detect.yaml
View File

@ -14,7 +14,7 @@ info:
max-request: 2
verified: true
shodan-query: port:"111"
tags: network,rpcbind,portmap
tags: network,rpcbind,portmap,detect
tcp:
- inputs:

2
network/detection/rsyncd-service-detect.yaml
View File

@ -12,7 +12,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: network,rsyncd
tags: network,rsyncd,detect
metadata:
max-request: 2

2
network/detection/samba-detect.yaml
View File

@ -11,7 +11,7 @@ info:
classification:
cwe-id: CWE-200
remediation: Always apply the latest security patch.
tags: network,smb,samba
tags: network,smb,samba,detect
metadata:
max-request: 2

2
network/detection/sap-router.yaml
View File

@ -4,7 +4,7 @@ info:
name: SAPRouter Detection
author: randomstr1ng
severity: info
tags: network,sap
tags: network,sap,detect
description: |
SAProuter is a software application that provides a remote connection between our customer's network and SAP.
metadata:

2
network/detection/smb-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: SMB Detection
author: pussycat0x
severity: low
tags: network,windows,smb,service
tags: network,windows,smb,service,detect
description: |
SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to compromise large-scale systems.
metadata:

2
network/detection/smtp-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: SMTP Service Detection
author: pussycat0x
severity: info
tags: network,service,smtp
tags: network,service,smtp,detect
description: |
SMTP is part of the application layer of the TCP/IP protocol. Using a process called “store and forward,” SMTP moves your email on and across networks.
metadata:

2
network/detection/sshd-dropbear-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"Dropbear sshd"'
tags: network,ssh,dropbear
tags: network,ssh,dropbear,detect
tcp:

2
network/detection/starttls-mail-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: STARTTLS Mail Server Detection
author: r3dg33k
severity: info
tags: mail,starttls,network
tags: mail,starttls,network,detect
description: |
STARTTLS is an email protocol command that tells an email server that an email client, including an email client running in a web browser, wants to turn an existing insecure connection into a secure one.
metadata:

22
network/detection/teamspeak3-detect.yaml
View File

@ -1,16 +1,16 @@
id: teamspeak3-detect
info:
name: TeamSpeak 3 ServerQuery Detection
author: pussycat0x
severity: info
description: |
ServerQuery is a commandline based administration tool/feature of TeamSpeak 3 server.
metadata:
max-request: 2
shodan-query: product:"TeamSpeak 3 ServerQuery"
verified: true
tags: network,service,teamspeak3
info:
name: TeamSpeak 3 ServerQuery Detection
author: pussycat0x
severity: info
description: |
ServerQuery is a commandline based administration tool/feature of TeamSpeak 3 server.
metadata:
max-request: 2
shodan-query: product:"TeamSpeak 3 ServerQuery"
verified: true
tags: network,service,teamspeak3,detect
tcp:
- inputs:
- data: "\r\n"

2
network/detection/telnet-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: port:23 telnet
tags: network,telnet
tags: network,telnet,detect
tcp:
- inputs:

2
network/detection/totemomail-smtp-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: Totemomail SMTP Server Detection
author: princechaddha
severity: info
tags: mail,smtp,network,totemomail
tags: mail,smtp,network,totemomail,detect
description: |
Totemomail is a comprehensive email solution designed to address all aspects of digital communication security.
metadata:

2
network/detection/vmware-authentication-daemon-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"VMware Authentication Daemon"'
tags: network,vmware,authenticated
tags: network,vmware,authenticated,detect
tcp:

2
network/detection/vnc-service-detect.yaml
View File

@ -7,7 +7,7 @@ info:
description: A Virtual Network Computing (VNC) service was detected.
classification:
cwe-id: CWE-200
tags: network,vnc,service
tags: network,vnc,service,detect
metadata:
max-request: 2

2
network/detection/weblogic-iiop-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: Weblogic IIOP Protocol Detection
author: F1tz
severity: info
tags: network,weblogic
tags: network,weblogic,detect
description: |
The IIOP (Internet Inter-ORB Protocol) protocol makes it possible for distributed programs written in different programming languages to communicate over the Internet.
metadata:

2
network/detection/weblogic-t3-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: Weblogic T3 Protocol Detection
author: F1tz,milo2012,wdahlenb
severity: info
tags: network,weblogic
tags: network,weblogic,detect
description: |
T3 is the protocol used to transport information between WebLogic servers and other types of Java programs.
metadata:

2
network/detection/xlight-ftp-service-detect.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: 'product:"Xlight ftpd"'
tags: network,ftp,xlight
tags: network,ftp,xlight,detect
tcp:

2
network/enumeration/niagara-fox-info-enum.yaml
View File

@ -12,7 +12,7 @@ info:
shodan-query: 'product:"Niagara Fox"'
reference:
- https://nmap.org/nsedoc/scripts/fox-info.html
tags: network,fox,niagara
tags: network,fox,niagara,enum
tcp:
- inputs:

2
network/exposures/exposed-adb.yaml
View File

@ -9,7 +9,7 @@ info:
- https://doublepulsar.com/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20
- https://www.hackeracademy.org/how-to-hack-android-device-with-adb-android-debugging-bridge
- https://www.securezoo.com/2018/06/thousands-of-android-devices-leave-debug-port-5555-exposed/
tags: network,adb,rce,android
tags: network,adb,rce,android,exposure
metadata:
max-request: 2

2
network/exposures/exposed-dockerd.yaml
View File

@ -10,7 +10,7 @@ info:
max-request: 2
verified: true
shodan-query: port:2375 product:"docker"
tags: network,docker
tags: network,docker,exposure
tcp:
- inputs:

2
network/exposures/exposed-redis.yaml
View File

@ -9,7 +9,7 @@ info:
- https://redis.io/topics/security
metadata:
max-request: 4
tags: network,redis,unauth
tags: network,redis,unauth,exposure
tcp:
- inputs:

2
network/exposures/exposed-zookeeper.yaml
View File

@ -7,7 +7,7 @@ info:
description: Apache ZooKeeper was able to be accessed without any required authentication.
reference:
- https://zookeeper.apache.org/security.html
tags: network,zookeeper,unauth
tags: network,zookeeper,unauth,exposure
metadata:
max-request: 2

2
network/misconfig/apache-rocketmq-broker-unauth.yaml
View File

@ -13,7 +13,7 @@ info:
max-request: 2
shodan-query: title:"RocketMQ"
verified: true
tags: network,rocketmq,broker,apache,unauth
tags: network,rocketmq,broker,apache,unauth,misconfig
tcp:
- inputs:

2
network/misconfig/clamav-unauth.yaml
View File

@ -15,7 +15,7 @@ info:
reference:
- https://seclists.org/nmap-dev/2016/q2/201
- https://bugzilla.clamav.net/show_bug.cgi?id=11585
tags: network,clamav,unauth,seclists
tags: network,clamav,unauth,seclists,misconfig
tcp:
- inputs:

2
network/misconfig/clickhouse-unauth.yaml
View File

@ -5,7 +5,7 @@ info:
author: lu4nx
severity: high
description: ClickHouse was able to be accessed with no required authentication in place.
tags: network,clickhouse,unauth
tags: network,clickhouse,unauth,misconfig
metadata:
max-request: 2

2
network/misconfig/ganglia-xml-grid-monitor.yaml
View File

@ -7,7 +7,7 @@ info:
description: Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids.
reference:
- http://ganglia.info/
tags: ganglia,network
tags: ganglia,network,misconfig
metadata:
max-request: 2

2
network/misconfig/memcached-stats.yaml
View File

@ -4,7 +4,7 @@ info:
name: Memcached stats disclosure
author: pdteam
severity: low
tags: network,memcached
tags: network,memcached,misconfig
description: |
Memcached stats is used to return server statistics such as PID, version, connections, etc.
metadata:

2
network/misconfig/mongodb-unauth.yaml
View File

@ -10,7 +10,7 @@ info:
- https://book.hacktricks.xyz/pentesting/27017-27018-mongodb
- https://www.mongodb.com/features/mongodb-authentication
remediation: Enable Authentication in MongoDB
tags: network,mongodb,unauth
tags: network,mongodb,unauth,misconfig
metadata:
max-request: 2

2
network/misconfig/mysql-native-password.yaml
View File

@ -11,7 +11,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: network,mysql,bruteforce,db
tags: network,mysql,bruteforce,db,misconfig
metadata:
max-request: 2

2
network/misconfig/printers-info-leak.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
reference:
- https://book.hacktricks.xyz/pentesting/9100-pjl
tags: network,iot,printer
tags: network,iot,printer,misconfig
description: |
Unauthorized access to printers allows attackers to print, eavesdrop sensitive documents.
metadata:

2
network/misconfig/sap-router-info-leak.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://securityforeveryone.com/tools/saprouter-routing-information-leakage-vulnerability-scanner
- https://support.sap.com/en/tools/connectivity-tools/saprouter.html
tags: network,sap
tags: network,sap,misconfig
metadata:
max-request: 2

2
network/misconfig/tidb-native-password.yaml
View File

@ -9,7 +9,7 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
tags: network,tidb,bruteforce,db
tags: network,tidb,bruteforce,db,misconfig
metadata:
max-request: 2

2
network/misconfig/tidb-unauth.yaml
View File

@ -8,7 +8,7 @@ info:
metadata:
max-request: 2
zoomeye-query: tidb +port:"4000"
tags: network,tidb,unauth
tags: network,tidb,unauth,misconfig
tcp:
- inputs:

2
network/misconfig/unauth-psql.yaml
View File

@ -12,7 +12,7 @@ info:
max-request: 2
shodan-query: port:5432 product:"PostgreSQL"
verified: "true"
tags: network,postgresql,db,unauth
tags: network,postgresql,db,unauth,misconfig
tcp:
- inputs: