Merge pull request #1757 from pussycat0x/master

New template added
2021-06-24 02:02:42 +05:30 · 2021-06-24 02:02:42 +05:30 · 89b4fdf8ed
parent d16bf38838 07b0b7a1f2
commit 89b4fdf8ed
4 changed files with 105 additions and 0 deletions
--- a/misconfiguration/phpmyadmin-sql.php-server.yaml
+++ b/misconfiguration/phpmyadmin-sql.php-server.yaml
@ -0,0 +1,26 @@
+id: phpmyadmin-misconfiguration
+
+info:
+  name: Sensitive data exposure
+  author: pussycat0x
+  severity: high
+  description: Unauthenticated phpmyadmin leads to exposure of sensitive information
+  reference: https://www.exploit-db.com/ghdb/6997
+  tags: phpmyadmin,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/phpmyadmin/index.php?db=information_schema"
+      - "{{BaseURL}}/phpMyAdmin/index.php?db=information_schema"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "var db    = 'information_schema';"
+          - "var opendb_url = 'db_structure.php';"
+        condition: and
+      - type: status
+        status:
+          - 200
--- a/technologies/webmodule-ee.yaml
+++ b/technologies/webmodule-ee.yaml
@ -0,0 +1,21 @@
+id: webmodule-ee-detection
+info:
+  name: Webmodule Detection
+  author: pussycat0x
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/7001
+  tags: webmodule-ee,tech
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webmodule-ee/login.seam"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Webmodule</title>"
+
+      - type: status
+        status:
+          - 200
--- a/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml
+++ b/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml
@ -0,0 +1,30 @@
+id: alfacgiapi-wordpress
+info:
+  name: alfacgiapi
+  author: pussycat0x
+  severity: low
+  description: Searches for sensitive directories present in the ALFA_DATA.
+  reference: https://www.exploit-db.com/ghdb/6999
+  tags: wordpress,listing
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-includes/ALFA_DATA/"
+      - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/"
+      - "{{BaseURL}}/ALFA_DATA/alfacgiapi/"
+      - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+      - type: word
+        words:
+          - "/wp-content/plugins/"
+          - "/wp-includes/ALFA_DATA/"
+          - "/ALFA_DATA/alfacgiapi/"
+          - "/cgi-bin/ALFA_DATA/alfacgiapi/"
+        condition: or
+      - type: status
+        status:
+          - 200
--- a/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml
@ -0,0 +1,28 @@
+id: wp-123contactform-plugin-listing
+
+info:
+  name: WordPress 123ContactForm Plugin Directory Listing
+  author: pussycat0x
+  severity: low
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: |
+     - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html
+     - https://www.exploit-db.com/ghdb/6979
+  tags: wordpress,listing
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/123contactform-for-wordpress/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "/123contactform-for-wordpress"
+        condition: and
+
+      - type: status
+        status:
+          - 200