From 1af81491eb03eba001162812fc4a5822eb3b0a0f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 10 Dec 2021 19:13:48 +0530 Subject: [PATCH 1/2] Create thruk-detect.yaml --- exposed-panels/thruk-detect.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/thruk-detect.yaml diff --git a/exposed-panels/thruk-detect.yaml b/exposed-panels/thruk-detect.yaml new file mode 100644 index 0000000000..9807758568 --- /dev/null +++ b/exposed-panels/thruk-detect.yaml @@ -0,0 +1,28 @@ +id: thruk-detect + +info: + name: thruk detect + author: ffffffff0x + severity: info + metadata: + fofa-query: title=="Thruk Monitoring Webinterface" + tags: thruk,tech + +requests: + - method: GET + path: + - "{{BaseURL}}" + + redirects: true + max-redirects: 2 + matchers-condition: or + matchers: + - type: word + part: body + words: + - 'Thruk Monitoring Webinterface' + + - type: word + part: header + words: + - "/thruk/cgi-bin/login.cgi?thruk/" From e3bbe8f1cd6adef7ec954c90f80421ef126092a5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 14 Dec 2021 00:03:10 +0530 Subject: [PATCH 2/2] Update and rename thruk-detect.yaml to thruk-login.yaml --- .../{thruk-detect.yaml => thruk-login.yaml} | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename exposed-panels/{thruk-detect.yaml => thruk-login.yaml} (62%) diff --git a/exposed-panels/thruk-detect.yaml b/exposed-panels/thruk-login.yaml similarity index 62% rename from exposed-panels/thruk-detect.yaml rename to exposed-panels/thruk-login.yaml index 9807758568..5a2d189906 100644 --- a/exposed-panels/thruk-detect.yaml +++ b/exposed-panels/thruk-login.yaml @@ -1,4 +1,4 @@ -id: thruk-detect +id: thruk-login info: name: thruk detect @@ -6,23 +6,23 @@ info: severity: info metadata: fofa-query: title=="Thruk Monitoring Webinterface" - tags: thruk,tech + tags: thruk,panel requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/" redirects: true max-redirects: 2 - matchers-condition: or + matchers-condition: and matchers: - type: word part: body words: - - 'Thruk Monitoring Webinterface' + - 'Thruk Monitoring Webinterface' - type: word part: header words: - - "/thruk/cgi-bin/login.cgi?thruk/" + - "thruk_test="