Merge pull request #3062 from DhiyaneshGeek/master

SiteCore Templates
2021-11-03 23:49:42 +05:30 · 2021-11-03 23:49:42 +05:30 · 6f02c12942
parent 67f3530dbf aefa9e2fd1
commit 6f02c12942
4 changed files with 85 additions and 0 deletions
--- a/exposed-panels/sitecore-login.yaml
+++ b/exposed-panels/sitecore-login.yaml
@ -0,0 +1,24 @@
+id: sitecore-login
+
+info:
+  name: SiteCore Login
+  author: dhiyaneshDK
+  severity: info
+  metadata:
+    shodan-query: 'http.title:"Welcome to Sitecore"'
+  tags: panel,sitecore
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/sitecore/login/default.aspx'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '/sitecore/shell/Themes/Standard/Default/Login.css'
+
+      - type: status
+        status:
+          - 200
--- a/misconfiguration/sitecore-debug-page.yaml
+++ b/misconfiguration/sitecore-debug-page.yaml
@ -0,0 +1,24 @@
+id: sitecore-debug-page
+
+info:
+  name: SiteCore Debug Page
+  author: dhiyaneshDK
+  severity: low
+  metadata:
+    shodan-query: 'http.title:"Welcome to Sitecore"'
+  tags: debug,sitecore
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sitecore/'"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'extranet\Anonymous'
+
+      - type: status
+        status:
+          - 404
--- a/technologies/sitecore-default-page.yaml
+++ b/technologies/sitecore-default-page.yaml
@ -0,0 +1,24 @@
+id: sitecore-default-page
+
+info:
+  name: Sitecore Default Page
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    shodan-query: http.title:"Welcome to Sitecore"
+  tags: tech,sitecore
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Welcome to Sitecore"
+
+      - type: status
+        status:
+          - 200
--- a/workflows/sitecore-workflow.yaml
+++ b/workflows/sitecore-workflow.yaml
@ -0,0 +1,13 @@
+id: sitecore-workflow
+
+info:
+  name: SiteCore Security Checks
+  author: pdteam
+  description: A simple workflow that runs all SiteCore related nuclei templates on a given target.
+
+workflows:
+  - template: technologies/sitecore-default-page.yaml
+  - template: exposed-panels/sitecore-login.yaml
+    subtemplates:
+      - tags: vulnerabilities/sitecore-pre-auth-rce.yaml
+      - template: misconfiguration/sitecore-debug-page.yaml