From 8836a4d9b63796f51b78baa40ca2e9b8e12fc9ea Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 29 Nov 2022 09:52:46 -0500 Subject: [PATCH] Dashboard Content Enhancements (#6181) Dashboard Content Enhancements --- exposed-panels/apache-jmeter-dashboard.yaml | 9 ++++++++- exposed-panels/apache/public-tomcat-manager.yaml | 8 ++++++-- exposed-panels/dplus-dashboard.yaml | 9 ++++++++- exposed-panels/fastpanel-hosting-control-panel.yaml | 9 ++++++++- exposed-panels/lacie-panel.yaml | 9 ++++++++- exposed-panels/lancom-router-panel.yaml | 9 ++++++++- exposed-panels/landrayoa-panel.yaml | 11 +++++++++-- exposed-panels/lansweeper-login.yaml | 9 ++++++++- exposed-panels/lantronix-webmanager-panel.yaml | 9 ++++++++- exposed-panels/lenovo-thinkserver-panel.yaml | 9 ++++++++- exposed-panels/leostream-panel.yaml | 9 ++++++++- exposed-panels/librenms-login.yaml | 9 ++++++++- exposed-panels/liferay-portal.yaml | 9 ++++++++- exposed-panels/linkerd-panel.yaml | 10 ++++++++-- exposed-panels/linksys-wifi-login.yaml | 9 ++++++++- exposed-panels/livehelperchat-admin-panel.yaml | 9 ++++++++- exposed-panels/livezilla-login-panel.yaml | 9 ++++++++- exposed-panels/logitech-harmony-portal.yaml | 9 ++++++++- exposed-panels/looker-panel.yaml | 9 ++++++++- exposed-panels/lucee-login.yaml | 9 ++++++++- exposed-panels/maestro-login-panel.yaml | 9 ++++++++- exposed-panels/magento-admin-panel.yaml | 11 ++++++++--- exposed-panels/mailhog-panel.yaml | 10 ++++++++-- exposed-panels/mailwatch-login.yaml | 9 ++++++++- exposed-panels/mantisbt-panel.yaml | 9 ++++++++- exposed-panels/matomo-login-portal.yaml | 12 +++++++++--- exposed-panels/mcloud-panel.yaml | 9 ++++++++- exposed-panels/meshcentral-login.yaml | 9 ++++++++- exposed-panels/metabase-panel.yaml | 10 ++++++++-- exposed-panels/metersphere-login.yaml | 11 +++++++++-- exposed-panels/mfiles-web-detect.yaml | 9 ++++++++- exposed-panels/microfocus-filr-panel.yaml | 9 ++++++++- exposed-panels/microfocus-vibe-panel.yaml | 9 ++++++++- exposed-panels/microsoft-exchange-panel.yaml | 10 ++++++++-- exposed-panels/mikrotik-routeros.yaml | 9 ++++++++- exposed-panels/mini-start-page.yaml | 9 ++++++++- exposed-panels/minio-browser.yaml | 11 +++++++++-- 37 files changed, 298 insertions(+), 49 deletions(-) diff --git a/exposed-panels/apache-jmeter-dashboard.yaml b/exposed-panels/apache-jmeter-dashboard.yaml index 8aff125683..59da4097c4 100644 --- a/exposed-panels/apache-jmeter-dashboard.yaml +++ b/exposed-panels/apache-jmeter-dashboard.yaml @@ -1,9 +1,14 @@ id: apache-jmeter-dashboard info: - name: Apache JMeter Dashboard + name: Apache JMeter Dashboard Login Panel - Detect author: tess severity: low + description: Apache JMeter Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Apache JMeter Dashboard" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index 0ef97a598a..fd0d90bd5c 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -1,11 +1,13 @@ id: public-tomcat-manager info: - name: Apache Tomcat Manager Disclosure + name: Apache Tomcat Manager Login Panel - Detect author: Ahmed Sherif,geeknik,sinKettu severity: info - description: An Apache Tomcat Manager panel was discovered. + description: Apache Tomcat Manager login panel was detected. classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: shodan-query: title:"Apache Tomcat" @@ -30,3 +32,5 @@ requests: - 401 - 200 condition: or + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/dplus-dashboard.yaml b/exposed-panels/dplus-dashboard.yaml index 646cc7cd88..34d4f532e2 100644 --- a/exposed-panels/dplus-dashboard.yaml +++ b/exposed-panels/dplus-dashboard.yaml @@ -1,9 +1,14 @@ id: dplus-dashboard info: - name: DPLUS Dashboard Exposure + name: DPLUS Dashboard Panel - Detect author: tess severity: info + description: DPLUS Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"DPLUS Dashboard" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml index 6f30946ac4..5d016caeca 100644 --- a/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -1,9 +1,14 @@ id: fastpanel-hosting-control-panel info: - name: Fastpanel Hosting Control Panel + name: FASTPANEL Login Panel - Detect author: pikpikcu severity: info + description: FASTPANEL login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FASTPANEL HOSTING CONTROL" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lacie-panel.yaml b/exposed-panels/lacie-panel.yaml index 24e65f2388..9f89c482eb 100644 --- a/exposed-panels/lacie-panel.yaml +++ b/exposed-panels/lacie-panel.yaml @@ -1,11 +1,16 @@ id: lacie-panel info: - name: LaCie Login Panel + name: LaCie Login Panel - Detect author: dhiyaneshDK severity: info + description: LaCie login panel was detected. reference: - https://www.exploit-db.com/ghdb/7118 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,lacie,login,edb requests: @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lancom-router-panel.yaml b/exposed-panels/lancom-router-panel.yaml index 28365a2baf..6f6eb3610c 100644 --- a/exposed-panels/lancom-router-panel.yaml +++ b/exposed-panels/lancom-router-panel.yaml @@ -1,9 +1,14 @@ id: lancom-router-panel info: - name: Lancom Router Panel + name: Lancom Router Login Panel - Detect author: __Fazal,daffainfo severity: info + description: Lancom router login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: "true" shodan-query: html:"LANCOM Systems GmbH" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/landrayoa-panel.yaml b/exposed-panels/landrayoa-panel.yaml index 105a663d34..4084b11962 100644 --- a/exposed-panels/landrayoa-panel.yaml +++ b/exposed-panels/landrayoa-panel.yaml @@ -1,9 +1,14 @@ id: landrayoa-panel info: - name: LandrayOA Panel Login + name: Landray Login Panel - Detect author: YanYun severity: info + description: Landray login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,landrayoa requests: @@ -27,4 +32,6 @@ requests: - type: word words: - 'isopen=' - part: header \ No newline at end of file + part: header + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lansweeper-login.yaml b/exposed-panels/lansweeper-login.yaml index 07c55c4edd..630d667216 100644 --- a/exposed-panels/lansweeper-login.yaml +++ b/exposed-panels/lansweeper-login.yaml @@ -1,9 +1,14 @@ id: lansweeper-login info: - name: Lansweeper Login + name: Lansweeper Login Panel - Detect author: divya_mudgal severity: info + description: Lansweeper login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Lansweeper - Login" @@ -31,3 +36,5 @@ requests: group: 1 regex: - '"\/js\/CustomControls\.js\?([0-9.]+)" type="text\/javascript"' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lantronix-webmanager-panel.yaml b/exposed-panels/lantronix-webmanager-panel.yaml index f04c316ccd..c1651dee1d 100644 --- a/exposed-panels/lantronix-webmanager-panel.yaml +++ b/exposed-panels/lantronix-webmanager-panel.yaml @@ -1,9 +1,14 @@ id: lantronix-webmanager-panel info: - name: Lantronix WEB-Manager Panel + name: Lantronix Web Manager Login Panel- Detect author: princechaddha severity: info + description: Lantronix Web Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,lantronix requests: @@ -29,3 +34,5 @@ requests: group: 1 regex: - ">Version ([0-9.]+)" + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lenovo-thinkserver-panel.yaml b/exposed-panels/lenovo-thinkserver-panel.yaml index 966fa89347..8d3eee5036 100644 --- a/exposed-panels/lenovo-thinkserver-panel.yaml +++ b/exposed-panels/lenovo-thinkserver-panel.yaml @@ -1,9 +1,14 @@ id: lenovo-thinkserver-panel info: - name: Lenovo ThinkServer System Manager Panel Detect + name: Lenovo ThinkServer System Manager Login Panel - Detect author: princechaddha severity: info + description: Lenovo ThinkServer System Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,thinkserver,lenovo requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/leostream-panel.yaml b/exposed-panels/leostream-panel.yaml index 7419ff5654..17cb41720a 100644 --- a/exposed-panels/leostream-panel.yaml +++ b/exposed-panels/leostream-panel.yaml @@ -1,11 +1,16 @@ id: leostream-panel info: - name: Leostream Panel Detect + name: Leostream Login Panel - Detect author: praetorian-thendrickson severity: info + description: Leostream login panel was detected. reference: - https://leostream.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Leostream" tags: panel,leostream @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/librenms-login.yaml b/exposed-panels/librenms-login.yaml index 73613bcbd1..ed1f68b7ed 100644 --- a/exposed-panels/librenms-login.yaml +++ b/exposed-panels/librenms-login.yaml @@ -1,9 +1,14 @@ id: librenms-login info: - name: LibreNMS Login Panel + name: LibreNMS Login Panel - Detect author: pikpikcu severity: info + description: LibreNMS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: title="librenms" tags: librenms,panel @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/liferay-portal.yaml b/exposed-panels/liferay-portal.yaml index 6695bd7c6e..8036cc8898 100644 --- a/exposed-panels/liferay-portal.yaml +++ b/exposed-panels/liferay-portal.yaml @@ -1,12 +1,17 @@ id: liferay-portal info: - name: Liferay Portal Detect + name: Liferay Login Panel - Detect author: organiccrap,dwisiswant0,ricardomaia severity: info + description: Liferay login panel was detected, reference: - https://www.liferay.com/ - https://github.com/mzer0one/CVE-2020-7961-POC + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:129457226 @@ -43,3 +48,5 @@ requests: group: 2 regex: - '(i?)Liferay-Portal:.*?(\d+\.?.*?)\s' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/linkerd-panel.yaml b/exposed-panels/linkerd-panel.yaml index 2c74961a16..e5eeec3a13 100644 --- a/exposed-panels/linkerd-panel.yaml +++ b/exposed-panels/linkerd-panel.yaml @@ -1,11 +1,15 @@ id: linkerd-panel info: - name: Linkered Panel Exposure + name: Linkerd Panel - Detect author: tess severity: high description: | - Linkerd is a service mesh for Kubernetes. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and security—all without requiring any changes to your code. + Linkerd panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"data-controller-namespace" @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/linksys-wifi-login.yaml b/exposed-panels/linksys-wifi-login.yaml index f9c33687b1..26793c25a6 100644 --- a/exposed-panels/linksys-wifi-login.yaml +++ b/exposed-panels/linksys-wifi-login.yaml @@ -1,9 +1,14 @@ id: linksys-wifi-login info: - name: Linksys Smart Wi-Fi + name: Linksys Smart Wi-Fi Login Panel - Detect author: pussycat0x severity: info + description: Linksys Smart Wi-Fi login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-dork: http.title:"Linksys Smart WI-FI" tags: tech,panel,linksys,iot @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/livehelperchat-admin-panel.yaml b/exposed-panels/livehelperchat-admin-panel.yaml index 2bba46024e..3c0eca26c8 100644 --- a/exposed-panels/livehelperchat-admin-panel.yaml +++ b/exposed-panels/livehelperchat-admin-panel.yaml @@ -1,9 +1,14 @@ id: livehelperchat-admin-panel info: - name: Live Helper Chat Admin Panel + name: Live Helper Chat Admin Login Panel - Detect author: ritikchaddha severity: info + description: Live Helper Chat admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Live Helper Chat" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/livezilla-login-panel.yaml b/exposed-panels/livezilla-login-panel.yaml index 33956e2e56..4a0a74b230 100644 --- a/exposed-panels/livezilla-login-panel.yaml +++ b/exposed-panels/livezilla-login-panel.yaml @@ -1,9 +1,14 @@ id: livezilla-login-panel info: - name: Livezilla login detect + name: LiveZilla Login Panel - Detect author: __Fazal severity: info + description: LiveZilla login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,livezilla,login requests: @@ -20,3 +25,5 @@ requests: - type: word words: - 'LiveZilla' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/logitech-harmony-portal.yaml b/exposed-panels/logitech-harmony-portal.yaml index fbe026710d..f048fe2c92 100644 --- a/exposed-panels/logitech-harmony-portal.yaml +++ b/exposed-panels/logitech-harmony-portal.yaml @@ -1,9 +1,14 @@ id: logitech-harmony-portal info: - name: Logitech Harmony Pro Installer Portal + name: Logitech Harmony Pro Installer Portal Login Panel - Detect author: ritikchaddha severity: info + description: Logitech Harmony Pro Installer Portal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Logitech Harmony Pro Installer" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/looker-panel.yaml b/exposed-panels/looker-panel.yaml index db48eccd42..310c01fb0b 100644 --- a/exposed-panels/looker-panel.yaml +++ b/exposed-panels/looker-panel.yaml @@ -1,9 +1,14 @@ id: looker-panel info: - name: Looker Login Panel + name: Looker Login Panel - Detect author: ritikchaddha,daffainfo severity: info + description: Looker login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan: http.html:"lookerVersion" @@ -32,3 +37,5 @@ requests: group: 1 regex: - "lookerVersion: '([0-9.]+)'," + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lucee-login.yaml b/exposed-panels/lucee-login.yaml index 0f2c5cc1a1..09ba7aa553 100644 --- a/exposed-panels/lucee-login.yaml +++ b/exposed-panels/lucee-login.yaml @@ -1,9 +1,14 @@ id: lucee-login info: - name: Lucee Web/Server Administrator Login + name: Lucee Web and Lucee Server Admin Login Panel - Detect author: dhiyaneshDK severity: info + description: Lucee admin login panels were detected in both Web and Server tabs. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Lucee" tags: panel,lucee @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/maestro-login-panel.yaml b/exposed-panels/maestro-login-panel.yaml index 0c8155515d..2fc4e87cff 100644 --- a/exposed-panels/maestro-login-panel.yaml +++ b/exposed-panels/maestro-login-panel.yaml @@ -1,9 +1,14 @@ id: maestro-login-panel info: - name: Maestro - LuCI Login Panel + name: Maestro LuCI Login Panel - Detect author: tess severity: info + description: Maestro LuCI login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: http.title:"Maestro - LuCI" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/magento-admin-panel.yaml b/exposed-panels/magento-admin-panel.yaml index 9c43c0555f..8c51cac254 100644 --- a/exposed-panels/magento-admin-panel.yaml +++ b/exposed-panels/magento-admin-panel.yaml @@ -1,14 +1,17 @@ id: magento-admin-panel info: - name: Exposed Magento Admin Panel + name: Magento Admin Login Panel - Detect author: TechbrunchFR,ritikchaddha severity: info description: | - As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site - from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access. + Magento admin login panel was detected. reference: - https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.component:"Magento" @@ -30,3 +33,5 @@ requests: - "Magento" - "Admin Panel" condition: and + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mailhog-panel.yaml b/exposed-panels/mailhog-panel.yaml index 2996bdc448..92c381465e 100644 --- a/exposed-panels/mailhog-panel.yaml +++ b/exposed-panels/mailhog-panel.yaml @@ -1,13 +1,17 @@ id: mailhog-panel info: - name: MailHog Panel Detect + name: MailHog Panel - Detect author: kh4sh3i severity: info description: | - MailHog is an email testing tool for developers + MailHog panel was detected. reference: - https://github.com/mailhog/MailHog + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"mailhog" @@ -30,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mailwatch-login.yaml b/exposed-panels/mailwatch-login.yaml index f42a3f602c..8f3d7c1fa4 100644 --- a/exposed-panels/mailwatch-login.yaml +++ b/exposed-panels/mailwatch-login.yaml @@ -1,9 +1,14 @@ id: mailwatch-login info: - name: MailWatch Login Page + name: MailWatch Login Panel - Detect author: oppsec severity: info + description: MailWatch login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"MailWatch Login Page" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mantisbt-panel.yaml b/exposed-panels/mantisbt-panel.yaml index faac08a841..b3dd3a83f5 100644 --- a/exposed-panels/mantisbt-panel.yaml +++ b/exposed-panels/mantisbt-panel.yaml @@ -1,11 +1,16 @@ id: mantisbt-panel info: - name: MantisBT Login Panel + name: MantisBT Login Panel - Detect author: makyotox,daffainfo severity: info + description: MantisBT login panel was detected. reference: - https://www.mantisbt.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:662709064 @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/matomo-login-portal.yaml b/exposed-panels/matomo-login-portal.yaml index cd65ce7f5a..39dcf78793 100644 --- a/exposed-panels/matomo-login-portal.yaml +++ b/exposed-panels/matomo-login-portal.yaml @@ -1,10 +1,14 @@ id: matomo-login-portal info: - name: Matomo Login Portal + name: Matomo Login Panel - Detect author: Arr0way severity: info - description: Matomo provides website analytics + description: Matomo logjn panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,matomo requests: @@ -22,4 +26,6 @@ requests: words: - "Sign in" - "Matomo" - condition: and \ No newline at end of file + condition: and + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mcloud-panel.yaml b/exposed-panels/mcloud-panel.yaml index 41c28dc8c3..38f25d2c06 100644 --- a/exposed-panels/mcloud-panel.yaml +++ b/exposed-panels/mcloud-panel.yaml @@ -1,9 +1,14 @@ id: mcloud-panel info: - name: MCloud Panel Exposure + name: mCloud Login Panel - Detect author: ritikchaddha severity: high + description: mCloud login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"mcloud-installer-web" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/meshcentral-login.yaml b/exposed-panels/meshcentral-login.yaml index 6327f1cf0b..c79a49412d 100644 --- a/exposed-panels/meshcentral-login.yaml +++ b/exposed-panels/meshcentral-login.yaml @@ -1,9 +1,14 @@ id: meshcentral-login info: - name: MeshCentral - Login + name: MeshCentral Login Panel - Detect author: dhiyaneshDk severity: info + description: MeshCentral login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"MeshCentral - Login" tags: panel,meshcentral @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/metabase-panel.yaml b/exposed-panels/metabase-panel.yaml index b06f3bb0a0..47c7aaf79a 100644 --- a/exposed-panels/metabase-panel.yaml +++ b/exposed-panels/metabase-panel.yaml @@ -1,10 +1,14 @@ id: metabase-panel info: - name: Metabase Login Panel + name: Metabase Login Panel - Detect author: revblock,daffainfo severity: info - description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source + description: Metabase login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Metabase" tags: panel,metabase,login @@ -34,3 +38,5 @@ requests: group: 1 regex: - '"(v\d+.\d+.\d+)"' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/metersphere-login.yaml b/exposed-panels/metersphere-login.yaml index fe00dc59a4..39b91c62e5 100644 --- a/exposed-panels/metersphere-login.yaml +++ b/exposed-panels/metersphere-login.yaml @@ -1,11 +1,16 @@ id: metersphere-login info: - name: Metersphere Login + name: MeterSphere Login Panel - Detect author: pdteam severity: info + description: MeterSphere login panel was detected. reference: - https://github.com/metersphere/metersphere + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,metersphere requests: @@ -32,4 +37,6 @@ requests: - type: dsl dsl: - - "contains(tolower(all_headers), 'ms_session_id')" \ No newline at end of file + - "contains(tolower(all_headers), 'ms_session_id')" + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mfiles-web-detect.yaml b/exposed-panels/mfiles-web-detect.yaml index 99d777aae2..50b65f181b 100644 --- a/exposed-panels/mfiles-web-detect.yaml +++ b/exposed-panels/mfiles-web-detect.yaml @@ -1,11 +1,16 @@ id: mfiles-web-detect info: - name: M-Files Web Panel Detect + name: M-Files Web Login Panel - Detect author: Nodauf severity: info + description: M-Files Web login panel was detected. reference: - https://www.m-files.com/about/trust-center/security-advisories/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"M-Files Web" @@ -31,3 +36,5 @@ requests: - 'M-Files user' - 'M-Files authentication' condition: or + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microfocus-filr-panel.yaml b/exposed-panels/microfocus-filr-panel.yaml index 781d44db0e..8ffbd9413f 100644 --- a/exposed-panels/microfocus-filr-panel.yaml +++ b/exposed-panels/microfocus-filr-panel.yaml @@ -1,9 +1,14 @@ id: microfocus-filr-panel info: - name: Micro Focus Filr Panel + name: Micro Focus Filr Login Panel - Detect author: ritikchaddha severity: info + description: Micro Focus Filr login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Micro Focus Filr" @@ -24,3 +29,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microfocus-vibe-panel.yaml b/exposed-panels/microfocus-vibe-panel.yaml index 8e3f017757..96a7710465 100644 --- a/exposed-panels/microfocus-vibe-panel.yaml +++ b/exposed-panels/microfocus-vibe-panel.yaml @@ -1,9 +1,14 @@ id: microfocus-vibe-panel info: - name: Micro Focus Vibe Login Panel + name: Micro Focus Vibe Login Panel - Detect author: ritikchaddha severity: info + description: Micro Focus Vibe login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Micro Focus Vibe" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microsoft-exchange-panel.yaml b/exposed-panels/microsoft-exchange-panel.yaml index fca701bd58..3e51d1d1cd 100644 --- a/exposed-panels/microsoft-exchange-panel.yaml +++ b/exposed-panels/microsoft-exchange-panel.yaml @@ -1,12 +1,16 @@ id: microsoft-exchange-panel info: - name: Microsoft Exchange Control Panel + name: Microsoft Exchange Admin Center Login Panel - Detect author: r3dg33k severity: info - description: Publicly accessible Microsoft Exchange Server Control Panel + description: Microsoft Exchange Admin Center login panel was detected. reference: - https://docs.microsoft.com/en-us/answers/questions/58814/block-microsoft-exchange-server-2016-exchange-admi.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: microsoft,panel,exchange requests: @@ -23,3 +27,5 @@ requests: - type: word words: - 'Exchange Admin Center' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index 254984ed65..7766dea048 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -1,11 +1,16 @@ id: mikrotik-routeros info: - name: MikroTik RouterOS Login + name: MikroTik Router OS Login Panel - Detect author: gy741 severity: info + description: MikroTik Router OS login panel was detected. reference: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mini-start-page.yaml b/exposed-panels/mini-start-page.yaml index 015fa09fd5..77877e656c 100644 --- a/exposed-panels/mini-start-page.yaml +++ b/exposed-panels/mini-start-page.yaml @@ -1,11 +1,16 @@ id: mini-start-page info: - name: Miniweb Start Page + name: Miniweb Start Page Login Panel - Detect author: dhiyaneshDk severity: info + description: Miniweb Start Page login panel was detected. reference: - https://www.exploit-db.com/ghdb/6500 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: edb,panel requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/minio-browser.yaml b/exposed-panels/minio-browser.yaml index 44e2d3f49b..5a6cd68604 100644 --- a/exposed-panels/minio-browser.yaml +++ b/exposed-panels/minio-browser.yaml @@ -1,9 +1,14 @@ id: minio-browser info: - name: MinIO Browser + name: MinIO Browser Login Panel - Detect author: pikpikcu severity: info + description: MinIO Browser login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"MinIO Browser" tags: panel,minio @@ -21,4 +26,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/11/28