From 2e3e99f41ac91038bae1fe35977f75b36d1afaff Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Tue, 9 Apr 2024 23:08:47 +0530
Subject: [PATCH 1/2] Create intelbras-dvr-unauth.yaml

---
 .../intelbras-dvr-unauth.yaml                 | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 http/misconfiguration/intelbras-dvr-unauth.yaml

diff --git a/http/misconfiguration/intelbras-dvr-unauth.yaml b/http/misconfiguration/intelbras-dvr-unauth.yaml
new file mode 100644
index 0000000000..b192f81a67
--- /dev/null
+++ b/http/misconfiguration/intelbras-dvr-unauth.yaml
@@ -0,0 +1,29 @@
+id: intelbras-dvr-unauth
+info:
+  name: Intelbras DVR - Unrestricted Access
+  author: pussycat0x
+  severity: low
+  description: |
+    The HTTP GET request to /cap.js on the server Intelbras DVR reveals several potentially sensitive pieces of information that are not properly protected or encrypted.
+  reference:
+    - https://github.com/netsecfish/intelbras_cap_js
+  metadata:
+    verified: true
+    fofa-query: "<html><head><title>Intelbras</title>"
+  tags: unauth,intelbras,dvr,misconfig
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cap.js"
+
+    matchers:
+      - type: word
+        words:
+          - "var talkTypes="
+          - "var userInfo="
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 264e93dc02afee6961bd7d6329230f99ab3743c8 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Wed, 10 Apr 2024 11:27:55 +0530
Subject: [PATCH 2/2] fix format

---
 http/misconfiguration/intelbras-dvr-unauth.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/http/misconfiguration/intelbras-dvr-unauth.yaml b/http/misconfiguration/intelbras-dvr-unauth.yaml
index b192f81a67..14f5693d5e 100644
--- a/http/misconfiguration/intelbras-dvr-unauth.yaml
+++ b/http/misconfiguration/intelbras-dvr-unauth.yaml
@@ -1,4 +1,5 @@
 id: intelbras-dvr-unauth
+
 info:
   name: Intelbras DVR - Unrestricted Access
   author: pussycat0x
@@ -9,7 +10,7 @@ info:
     - https://github.com/netsecfish/intelbras_cap_js
   metadata:
     verified: true
-    fofa-query: "<html><head><title>Intelbras</title>"
+    fofa-query: body="Intelbras"
   tags: unauth,intelbras,dvr,misconfig
 
 http: