daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1876 from pussycat0x/master 

web-ftp
patch-1
Sandeep Singh 2021-07-13 01:53:15 +05:30 committed by GitHub
parent 3ff00786d3 bf9bf63c7f
commit 920255635b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 265 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
exposures/logs/zm-system-log-detect.yaml Normal file
View File

@ -0,0 +1,23 @@
id: zm-system-log-detect
info:
name: zm-system-log-detect
author: pussycat0x
severity: low
reference: https://www.exploit-db.com/ghdb/6926
tags: logs,zm,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/?view=log"
- "{{BaseURL}}zm/?view=log"
matchers-condition: and
matchers:
- type: word
words:
- "<title>ZM - System Log</title>"
- type: status
status:
- 200

23
iot/brother-printer-detect.yaml Normal file
View File

@ -0,0 +1,23 @@
id: brother-printer-detect
info:
name: Brother Printer
author: pussycat0x
severity: low
reference: https://www.exploit-db.com/ghdb/6889
tags: iot,printer,tech
requests:
- method: GET
path:
- "{{BaseURL}}/general/status.html"
matchers-condition: and
matchers:
- type: word
words:
- "Brother Industries"
- type: status
status:
- 200

22
iot/hp-device-info-detect.yaml Normal file
View File

@ -0,0 +1,22 @@
id: hp-device-info-detect
info:
name: HP LaserJet
author: pussycat0x
severity: low
reference: https://www.exploit-db.com/ghdb/6905
tags: iot,hp
requests:
- method: GET
path:
- "{{BaseURL}}/hp/device/DeviceInformation/View"
matchers-condition: and
matchers:
- type: word
words:
- "Device Information"
- "hp"
condition: and
- type: status
status:
- 200

25
iot/unauthorized-brother-access-detect.yaml Normal file
View File

@ -0,0 +1,25 @@
id: brother-unauthorized-access-detect
info:
name: Brother Printer
author: pussycat0x
severity: medium
reference: https://www.exploit-db.com/ghdb/6889
tags: iot,printer
requests:
- method: GET
path:
- "{{BaseURL}}/net/net/net.html"
matchers-condition: and
matchers:
- type: word
words:
- "Brother Industries"
- "Network Status"
condition: and
- type: status
status:
- 200

24
misconfiguration/unauthorized-hp-printer.yaml Normal file
View File

@ -0,0 +1,24 @@
id: unauthorized-hp-printer
info:
name: Unauthorized HP Printer
author: pussycat0x
severity: high
tags: hp,iot,unauth
requests:
- method: GET
path:
- "{{BaseURL}}/SSI/Auth/ip_snmp.htm"
matchers-condition: and
matchers:
- type: word
words:
- "HP"
- "<h1>SNMP</h1>"
condition: and
- type: status
status:
- 200

24
misconfiguration/wamp-server-configuration.yaml Normal file
View File

@ -0,0 +1,24 @@
id: wamp-server-configuration
info:
name: default-wamp-server-page
author: pussycat0x
severity: medium
description: Wamp default page will expose sensitive configuration and vhosts.
reference: https://www.exploit-db.com/ghdb/6891.
tags: wamp
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'contains(tolower(body), "wampserver")'
- type: status
status:
- 200

33
network/ftp-default-creds.yaml Normal file
View File

@ -0,0 +1,33 @@
id: ftp-default-credentials
info:
name: FTP Service with default credentials
author: pussycat0x
severity: critical
tags: network,ftp,default-login
network:
- payloads:
username:
- admin
- root
- anonymous
password:
- anonymous
- password
- toor
- nas
- guest
- default
- pass1
- stingray
attack: clusterbomb
inputs:
- data: "USER {{username}}\r\nPASS {{password}}\r\n"
host:
- "{{Hostname}}:21"
matchers:
- type: word
words:
- "230"

21
technologies/crush-ftp-detect.yaml Normal file
View File

@ -0,0 +1,21 @@
id: crush-ftp-detect
info:
name: Crush FTP
author: pussycat0x
severity: info
tags: tech,ftp
requests:
- method: GET
path:
- "{{BaseURL}}/WebInterface/login.html"
redirects: true
matchers-condition: and
matchers:
- type: word
words:
- "<title>CrushFTP WebInterface</title>"
- type: status
status:
- 200

23
technologies/web-ftp-detect.yaml Normal file
View File

@ -0,0 +1,23 @@
id: web-ftp-detect
info:
name: Web FTP Detection
author: pussycat0x
severity: info
reference: https://www.exploit-db.com/ghdb/7013
tags: webftp,tech,ftp
requests:
- method: GET
path:
- "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi"
matchers-condition: and
matchers:
- type: word
words:
- "Web-FTP"
- "square login"
- type: status
status:
- 200

25
vulnerabilities/wordpress/wp-plugin-lifterlms.yaml Normal file
View File

@ -0,0 +1,25 @@
id: wordpress-plugins-lifterlms
info:
name: WordPress Plugin lifterlms Listing
author: pussycat0x
severity: low
description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6420
tags: wordpress,listing
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/lifterlms/"
matchers-condition: and
matchers:
- type: word
words:
- "Index of"
- "/wp-content/plugins/lifterlms/"
condition: and
- type: status
status:
- 200

22
vulnerabilities/wordpress/wp-super-forms.yaml Normal file
View File

@ -0,0 +1,22 @@
id: wordpress-super-forms
info:
name: WordPress super-forms
author: pussycat0x
severity: low
description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6776
tags: wordpress,listing
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/super-forms/"
matchers-condition: and
matchers:
- type: word
words:
- "Index of /wp-content/plugins/super-forms/"
- type: status
status:
- 200