From 34507f10c0c9cc6de5368c2ded372e75cb2a35fd Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 1 Dec 2022 00:22:59 -0500 Subject: [PATCH 1/3] Create etherpad-open.yaml --- vulnerabilities/other/etherpad-open.yaml | 26 ++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 vulnerabilities/other/etherpad-open.yaml diff --git a/vulnerabilities/other/etherpad-open.yaml b/vulnerabilities/other/etherpad-open.yaml new file mode 100644 index 0000000000..4a460ccbda --- /dev/null +++ b/vulnerabilities/other/etherpad-open.yaml @@ -0,0 +1,26 @@ +id: etherpad-open + +info: + name: Etherpad open instance + author: philippedelteil + description: Finds Etherpad instances that allow adding new notes without authentication + severity: low + metadata: + - shodan-query: http.html:"index.createOpenPad" + tags: etherpad + +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - "index.createOpenPad" + - "index.newPad" + condition: and + part: body + - type: status + status: + - 200 From 1e3ee33306dd8f40afcadf5bdb22578ec8bd4c24 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 11:30:13 +0530 Subject: [PATCH 2/3] Update and rename etherpad-open.yaml to unauth-etherpad.yaml --- ...etherpad-open.yaml => unauth-etherpad.yaml} | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) rename vulnerabilities/other/{etherpad-open.yaml => unauth-etherpad.yaml} (54%) diff --git a/vulnerabilities/other/etherpad-open.yaml b/vulnerabilities/other/unauth-etherpad.yaml similarity index 54% rename from vulnerabilities/other/etherpad-open.yaml rename to vulnerabilities/other/unauth-etherpad.yaml index 4a460ccbda..a9974b4609 100644 --- a/vulnerabilities/other/etherpad-open.yaml +++ b/vulnerabilities/other/unauth-etherpad.yaml @@ -1,26 +1,30 @@ -id: etherpad-open +id: unauth-etherpad info: - name: Etherpad open instance + name: Unauthenticated Etherpad author: philippedelteil - description: Finds Etherpad instances that allow adding new notes without authentication severity: low + description: | + Finds Etherpad instances that allow adding new notes without authentication. metadata: - - shodan-query: http.html:"index.createOpenPad" - tags: etherpad + verified: true + shodan-query: http.html:"index.createOpenPad" + tags: etherpad,misconfig,unauth requests: - method: GET path: - - "{{BaseURL}}" + - '{{BaseURL}}' + matchers-condition: and matchers: - type: word + part: body words: - "index.createOpenPad" - "index.newPad" condition: and - part: body + - type: status status: - 200 From e98a068684c935c8d480e78b1336e0e4a88fcbd4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 11:30:55 +0530 Subject: [PATCH 3/3] Rename vulnerabilities/other/unauth-etherpad.yaml to misconfiguration/unauth-etherpad.yaml --- {vulnerabilities/other => misconfiguration}/unauth-etherpad.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {vulnerabilities/other => misconfiguration}/unauth-etherpad.yaml (100%) diff --git a/vulnerabilities/other/unauth-etherpad.yaml b/misconfiguration/unauth-etherpad.yaml similarity index 100% rename from vulnerabilities/other/unauth-etherpad.yaml rename to misconfiguration/unauth-etherpad.yaml