daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Dashboard Text Enhancements (#3901) 

Dashboard Text Enhancements
patch-1
MostInterestingBotInTheWorld 2022-03-14 09:44:54 -04:00 committed by GitHub
parent 4e3f843e15
commit 85e3b22db8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 172 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
default-logins/viewpoint/trilithic-viewpoint-login.yaml
View File

@ -4,9 +4,13 @@ info:
name: Trilithic Viewpoint Default Login
author: davidmckennirey
severity: high
description: |
Searches for default admin credentials for the (discontinued) Trilithic Viewpoint application.
description: Trilithic Viewpoint application default admin credentials were discovered. Note this product has been discontinued.
tags: default-login,trilithic,viewpoint
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -36,4 +40,6 @@ requests:
- '"authorized":true'
- 'redirectUrl'
part: body
condition: and
condition: and
# Enhanced by mp on 2022/03/13

14
default-logins/visionhub/visionhub-default-login.yaml
View File

@ -4,9 +4,15 @@ info:
name: VisionHub Default Login
author: Techryptic (@Tech)
severity: high
description: Default Login of admin:admin on VisionHub application.
description: VisionHub application default admin credentials were discovered.
tags: visionhub,default-login
reference: https://www.qognify.com/products/visionhub/
reference:
- https://www.qognify.com/products/visionhub/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -31,4 +37,6 @@ requests:
- type: status
status:
- 200
- 200
# Enhanced by mp on 2022/03/13

16
default-logins/weblogic/weblogic-weak-login.yaml
View File

@ -1,11 +1,19 @@
id: weblogic-weak-login
info:
name: WebLogic weak login
name: WebLogic Default Login
author: pdteam
description: WebLogic default login credentials were discovered.
severity: high
tags: default-login,weblogic
reference: https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password
reference:
- https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password
- https://www.s-squaresystems.com/weblogic-default-admin-users-password-change/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -55,4 +63,6 @@ requests:
- type: status
status:
- 302
- 302
# Enhanced by mp on 2022/03/14

12
default-logins/wifisky/wifisky-default-login.yaml
View File

@ -5,6 +5,14 @@ info:
author: pikpikcu
severity: high
tags: default-login,wifisky
description: Wifisky default admin credentials were discovered.
reference:
- https://securityforeveryone.com/tools/wifisky-default-password-scanner
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -42,4 +50,6 @@ requests:
- type: status
status:
- 200
- 200
# Enhanced by mp on 2022/03/13

12
default-logins/wso2/wso2-default-login.yaml
View File

@ -4,8 +4,16 @@ info:
name: WSO2 Management Console Default Login
author: cocxanh
severity: high
reference: https://docs.wso2.com/display/UES100/Accessing+the+Management+Console
description: WSO2 Management Console default admin credentials were discovered.
reference:
- https://docs.wso2.com/display/UES100/Accessing+the+Management+Console
- https://is.docs.wso2.com/en/5.12.0/learn/multi-attribute-login/
tags: default-login,wso2
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -31,3 +39,5 @@ requests:
- "JSESSIONID"
part: header
condition: and
# Enhanced by mp on 2022/03/13

16
default-logins/xerox/xerox7-default-login.yaml
View File

@ -1,12 +1,18 @@
id: xerox7-default-login
info:
name: Xerox WorkCentre 7xxx - Default Login
name: Xerox WorkCentre 7xxx Printer Default Login
author: MiroslavSotak
severity: high
description: Testing default credentials admin:1111 on Xerox WorkCentre 7xxx printer.
description: "Xerox WorkCentre 7xxx printer. default admin credentials admin:1111 were discovered."
tags: xerox,default-login
reference: https://www.support.xerox.com/en-us/article/en/x_wc7556_en-O23530
reference:
- https://www.support.xerox.com/en-us/article/en/x_wc7556_en-O23530
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -43,4 +49,6 @@ requests:
- "invalid"
- "errmsg"
condition: or
negative: true
negative: true
# Enhanced by mp on 2022/03/13

11
default-logins/xxljob/xxljob-default-login.yaml
View File

@ -5,7 +5,14 @@ info:
author: pdteam
severity: high
tags: default-login,xxljob
reference: https://github.com/xuxueli/xxl-job
description: XXL-JOB default admin credentials were discovered.
reference:
- https://github.com/xuxueli/xxl-job
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -42,3 +49,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/03/14

12
default-logins/zabbix/zabbix-default-login.yaml
View File

@ -3,8 +3,16 @@ id: zabbix-default-login
info:
name: Zabbix Default Login
author: pdteam
severity: critical
severity: high
description: Zabbix default admin credentials were discovered.
tags: zabbix,default-login
reference:
- https://openbaton.github.io/documentation/zabbix-server-configuration-3.0/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -33,3 +41,5 @@ requests:
- type: status
status:
- 302
# Enhanced by mp on 2022/03/13

12
default-logins/zmanda/zmanda-default-login.yaml
View File

@ -4,9 +4,15 @@ info:
name: Zmanda Default Login
author: Techryptic (@Tech)
severity: high
description: Default Login of admin:admin on Zmanda application.
reference: https://www.zmanda.com
description: "Zmanda default admin credentials admin:admin were discovered."
reference:
- https://www.zmanda.com
tags: zmanda,default-login
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
@ -34,3 +40,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/03/13

14
dns/azure-takeover-detection.yaml
View File

@ -1,11 +1,19 @@
id: azure-takeover-detection
info:
name: Azure takeover detection
name: Microsoft Azure Takeover Detection
author: pdteam
severity: high
description: Microsoft Azure is vulnerable to subdomain takeover attacks. Subdomain takeovers are a common, high-severity threat for organizations that regularly create and delete many resources. A subdomain takeover can occur when a DNS record points to a deprovisioned Azure resource.
tags: dns,takeover,azure
reference: https://godiego.co/posts/STO/
reference:
- https://godiego.co/posts/STO/
- https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
- https://cystack.net/research/subdomain-takeover-chapter-two-azure-services/
classification:
cvss-score: 7.2
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cwe-id: CWE-404
dns:
- name: "{{FQDN}}"
@ -43,3 +51,5 @@ dns:
group: 1
regex:
- "IN\tCNAME\t(.+)"
# Enhanced by mp on 2022/03/13

13
dns/cname-fingerprint.yaml
View File

@ -4,7 +4,16 @@ info:
name: CNAME Fingerprint
author: pdteam
severity: info
description: A CNAME DNS record was discovered.
tags: dns,cname
reference:
- https://www.theregister.com/2021/02/24/dns_cname_tracking/
- https://www.ionos.com/digitalguide/hosting/technical-matters/cname-record/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -19,4 +28,6 @@ dns:
- type: regex
group: 1
regex:
- "IN\tCNAME\t(.+)"
- "IN\tCNAME\t(.+)"
# Enhanced by mp on 2022/03/13

12
dns/cname-service-detection.yaml
View File

@ -1,10 +1,18 @@
id: cname-service-detection
info:
name: cname service detection
name: CNAME Service Detection
author: pdteam
severity: info
description: A CNAME service was detected.
tags: dns,service
reference:
- https://ns1.com/resources/cname
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -31,3 +39,5 @@ dns:
name: wix
words:
- "wixdns.net"
# Enhanced by mp on 2022/03/13

10
dns/detect-dangling-cname.yaml
View File

@ -1,8 +1,9 @@
id: detect-dangling-cname
info:
name: Detect Dangling cname
name: CNAME Detect Dangling
author: pdteam,nytr0gen
description: A CNAME detect dangling condition was discovered. Most commonly this relates to failing to remove records from the zone once they are no longer needed.
severity: info
tags: dns,takeover
reference:
@ -10,6 +11,11 @@ info:
- https://nominetcyber.com/dangling-dns-is-no-laughing-matter/
- https://nabeelxy.medium.com/dangling-dns-records-are-a-real-vulnerability-361f2a29d37f
- https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -30,3 +36,5 @@ dns:
group: 1
regex:
- "IN\tCNAME\t(.+)"
# Enhanced by mp on 2022/03/13

8
dns/dns-waf-detect.yaml
View File

@ -3,8 +3,14 @@ id: dns-waf-detect
info:
name: DNS WAF Detection
author: lu4nx
description: A DNS WAF was detected.
severity: info
tags: tech,waf,dns
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -164,3 +170,5 @@ dns:
name: edns
words:
- ".iidns.com"
# Enhanced by mp on 2022/03/13

13
dns/dnssec-detection.yaml
View File

@ -2,11 +2,18 @@ id: dnssec-detection
info:
name: DNSSEC Detection
description: A template to check if Delegation of Signing (DS) record provides information about a signed zone file when DNSSEC enabled.
description: Domain Name System Security Extensions (DNSSEC) are enabled. The Delegation of Signing (DS) record provides information about a signed zone file when DNSSEC enabled.
author: pdteam
severity: info
tags: dns,dnssec
reference: https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
reference:
- https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en
- https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -17,3 +24,5 @@ dns:
group: 1
regex:
- "IN\tDS\t(.+)"
# Enhanced by mp on 2022/03/14

13
dns/ec2-detection.yaml
View File

@ -1,11 +1,18 @@
id: ec2-detection
info:
name: AWS EC2 detection
name: AWS EC2 Detection
author: melbadry9
severity: info
description: Amazon Elastic Compute Cloud (EC2) detected.
tags: dns,ec2,aws
reference: https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
reference:
- https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cve-id:
cwe-id: CWE-200
dns:
- name: "{{FQDN}}"
@ -16,3 +23,5 @@ dns:
regex:
- "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
- "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
# Enhanced by mp on 2022/03/14