Merge pull request #1528 from projectdiscovery/DhiyaneshGeek/master

Dhiyanesh geek/master
2021-05-24 01:28:15 +05:30 · 2021-05-24 01:28:15 +05:30 · 6e23c0c207
parent 767b2a84ef 8a182ff0cc
commit 6e23c0c207
7 changed files with 142 additions and 1 deletions
--- a/exposed-panels/cx-cloud-login.yaml
+++ b/exposed-panels/cx-cloud-login.yaml
@ -0,0 +1,18 @@
+id: cx-cloud-login
+
+info:
+  name: CX Cloud
+  author: dhiyaneshDk
+  severity: info
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/cxcum/'
+
+    matchers:
+      - type: word
+        words:
+          - "<title>CX Cloud</title>"
--- a/exposed-panels/plesk-obsidian.yaml
+++ b/exposed-panels/plesk-obsidian.yaml
@ -0,0 +1,23 @@
+id: plesk-obsidian
+
+info:
+  name: Plesk Obsidian
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/6951
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login_up.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Plesk Obsidian'
+
+      - type: status
+        status:
+          - 200
--- a/exposed-panels/plesk-onyx.yaml
+++ b/exposed-panels/plesk-onyx.yaml
@ -17,7 +17,7 @@ requests:
      - type: word
        words:
          - 'Plesk Onyx'
-          - 'Plesk Obsidian'
+
      - type: status
        status:
          - 200
--- a/exposed-panels/server-backup-login.yaml
+++ b/exposed-panels/server-backup-login.yaml
@ -0,0 +1,22 @@
+id: server-backup-login
+
+info:
+  name: Server Backup Manager SE Login
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/6949
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.zul'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Idera Server Backup Manager SE  </title>'
+      - type: status
+        status:
+          - 200
--- a/misconfiguration/cx-cloud-upload-detect.yaml
+++ b/misconfiguration/cx-cloud-upload-detect.yaml
@ -0,0 +1,17 @@
+id: cx-cloud-upload-detect
+
+info:
+  name: CX Cloud Unauthenticated Upload Detect
+  author: dhiyaneshDk
+  severity: info
+  tags: upload
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/upload.jsp'
+    matchers:
+      - type: word
+        words:
+          - "<HEAD><TITLE>Display file upload form to the user</TITLE></HEAD>"
+        condition: and
--- a/misconfiguration/kubeflow-dashboard-unauth.yaml
+++ b/misconfiguration/kubeflow-dashboard-unauth.yaml
@ -0,0 +1,30 @@
+id: kubeflow-dashboard-unauth
+
+info:
+  name: Kubeflow Unauth
+  author: dhiyaneshDk
+  severity: high
+  reference: https://github.com/kubeflow/kubeflow
+  tags: kubeflow,unauth
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pipeline/apis/v1beta1/runs?page_size=5&sort_by=created_at%20desc'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '{"runs":[{"id":'
+          - 'resource_references'
+        condition: and
+        part: body
+
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: status
+        status:
+          - 200
--- a/misconfiguration/pinpoint-unauth.yaml
+++ b/misconfiguration/pinpoint-unauth.yaml
@ -0,0 +1,31 @@
+id: pinpoint-unauth
+
+info:
+  name: PinPoint Unauth
+  author: dhiyaneshDk
+  severity: high
+  reference: https://github.com/pinpoint-apm/pinpoint
+  tags: pippoint,unauth
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/applications.pinpoint'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "applicationName"
+          - "serviceType"
+        condition: and
+        part: body
+
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: status
+        status:
+          - 200