From d9e859953c345899a7eda48dce07627d9bc29533 Mon Sep 17 00:00:00 2001
From: Evolutionsec <30623287+ks6274@users.noreply.github.com>
Date: Mon, 23 Aug 2021 12:52:33 +0530
Subject: [PATCH 1/2] updates to the phpmyadmin panel detection script
Added another possible path URL for detection phpmyadmin panel and matching condition along with possile title to be detected for confirmation of the exposed phpmyadmin panel.
---
exposed-panels/phpmyadmin-panel.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/exposed-panels/phpmyadmin-panel.yaml b/exposed-panels/phpmyadmin-panel.yaml
index 70390d3b8f..256bd15fd4 100644
--- a/exposed-panels/phpmyadmin-panel.yaml
+++ b/exposed-panels/phpmyadmin-panel.yaml
@@ -20,14 +20,17 @@ requests:
- "{{BaseURL}}/typo3/phpmyadmin/"
- "{{BaseURL}}/web/phpmyadmin/"
- "{{BaseURL}}/xampp/phpmyadmin/"
+ - "{{BaseURL}}/phpMyAdmin/" #add another possible path for phpmyadmin panel detection
+ matchers-condition: or #add matching condition
matchers:
- type: word
words:
- "phpMyAdmin"
+ - "phpMyAdmin " #result pattern with a trailing whitespace.
extractors:
- type: regex
part: body
group: 1
regex:
- - 'v=([a-z0-9-._]+)'
\ No newline at end of file
+ - 'v=([a-z0-9-._]+)'
From 3af12370afea69d7bcd2fd65ab8ce0b841cd0fdf Mon Sep 17 00:00:00 2001
From: sandeep
Date: Mon, 23 Aug 2021 14:24:04 +0530
Subject: [PATCH 2/2] Update phpmyadmin-panel.yaml
---
exposed-panels/phpmyadmin-panel.yaml | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/exposed-panels/phpmyadmin-panel.yaml b/exposed-panels/phpmyadmin-panel.yaml
index 256bd15fd4..51499eeae1 100644
--- a/exposed-panels/phpmyadmin-panel.yaml
+++ b/exposed-panels/phpmyadmin-panel.yaml
@@ -20,13 +20,12 @@ requests:
- "{{BaseURL}}/typo3/phpmyadmin/"
- "{{BaseURL}}/web/phpmyadmin/"
- "{{BaseURL}}/xampp/phpmyadmin/"
- - "{{BaseURL}}/phpMyAdmin/" #add another possible path for phpmyadmin panel detection
- matchers-condition: or #add matching condition
+ - "{{BaseURL}}/phpMyAdmin/"
+
matchers:
- type: word
words:
- - "phpMyAdmin"
- - "phpMyAdmin " #result pattern with a trailing whitespace.
+ - "phpMyAdmin"
extractors:
- type: regex