daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

moving folder/files around

patch-1
team-projectdiscovery 2021-01-08 22:25:54 +05:30
parent 21ea71e4c1
commit 95d784d9b7
81 changed files with 27 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
default-logins/tomcat-manager-default.yaml → default-logins/apache/tomcat-manager-default.yaml
View File

0
default-logins/grafana-default-credential.yaml → default-logins/grafana/grafana-default-credential.yaml
View File

0
default-logins/rabbitmq-default-admin.yaml → default-logins/rabbitmq/rabbitmq-default-admin.yaml
View File

0
default-logins/solarwinds-default-admin.yaml → default-logins/solarwinds/solarwinds-default-admin.yaml
View File

0
exposed-panels/swagger-panel.yaml → exposed-files/apis/swagger-panel.yaml
View File

0
exposed-files/wadl-files.yaml → exposed-files/apis/wadl-files.yaml
View File

0
exposed-files/wsdl-detect.yaml → exposed-files/apis/wsdl-detect.yaml
View File

0
exposed-files/sql-dump.yaml → exposed-files/backups/sql-dump.yaml
View File

0
exposed-files/zip-backup-files.yaml → exposed-files/backups/zip-backup-files.yaml
View File

0
exposed-files/composer-config.yaml → exposed-files/configs/composer-config.yaml
View File

0
exposed-files/exposed-svn.yaml → exposed-files/configs/exposed-svn.yaml
View File

0
vulnerabilities/git-config-nginxoffbyslash.yaml → exposed-files/configs/git-config-nginxoffbyslash.yaml
View File

0
exposed-files/git-config.yaml → exposed-files/configs/git-config.yaml
View File

0
exposed-files/laravel-env.yaml → exposed-files/configs/laravel-env.yaml
View File

0
exposed-files/magento-config.yaml → exposed-files/configs/magento-config.yaml
View File

0
exposed-files/owncloud-config.yaml → exposed-files/configs/owncloud-config.yaml
View File

0
exposed-files/package-json.yaml → exposed-files/configs/package-json.yaml
View File

0
exposed-files/phpinfo.yaml → exposed-files/configs/phpinfo.yaml
View File

0
exposed-files/redmine-db-config.yaml → exposed-files/configs/redmine-db-config.yaml
View File

0
exposed-files/web-config.yaml → exposed-files/configs/web-config.yaml
View File

0
exposed-files/elmah-log-file.yaml → exposed-files/logs/elmah-log-file.yaml
View File

0
exposed-files/error-logs.yaml → exposed-files/logs/error-logs.yaml
View File

0
exposed-panels/compal.yaml → exposed-panels/compal-panel.yaml
View File

0
exposed-files/public-tomcat-instance.yaml → exposed-panels/public-tomcat-instance.yaml
View File

0
exposed-tokens/tokens/amazon-mws-auth-token-value.yaml → exposed-tokens/aws/amazon-mws-auth-token-value.yaml
View File

0
exposed-tokens/tokens/aws-access-key-value.yaml → exposed-tokens/aws/aws-access-key-value.yaml
View File

0
exposed-tokens/tokens/credentials-disclosure.yaml → exposed-tokens/generic/credentials-disclosure.yaml
View File

0
misconfiguration/generic-detections/general-tokens.yaml → exposed-tokens/generic/general-tokens.yaml
View File

0
exposed-tokens/tokens/http-username-password.yaml → exposed-tokens/generic/http-username-password.yaml
View File

0
exposed-tokens/tokens/fcm-server-key.yaml → exposed-tokens/google/fcm-server-key.yaml
View File

0
exposed-tokens/tokens/google-api-key.yaml → exposed-tokens/google/google-api-key.yaml
View File

0
exposed-tokens/tokens/mailchimp-api-key.yaml → exposed-tokens/mailchimp/mailchimp-api-key.yaml
View File

0
exposed-tokens/tokens/slack-access-token.yaml → exposed-tokens/slack/slack-access-token.yaml
View File

0
exposed-files/apc-info.yaml → misconfiguration/apc-info.yaml
View File

0
misconfiguration/generic-detections/basic-xss-prober.yaml → misconfiguration/basic-xss-prober.yaml
View File

0
exposed-files/cgi-test-page.yaml → misconfiguration/cgi-test-page.yaml
View File

0
exposed-panels/docker-api.yaml → misconfiguration/docker-api.yaml
View File

0
exposed-files/druid-monitor.yaml → misconfiguration/druid-monitor.yaml
View File

0
exposed-files/elasticsearch.yaml → misconfiguration/elasticsearch.yaml
View File

0
exposed-files/exposed-kibana.yaml → misconfiguration/exposed-kibana.yaml
View File

0
exposed-files/jkstatus-manager.yaml → misconfiguration/jkstatus-manager.yaml
View File

0
exposed-panels/kubernetes-pods.yaml → misconfiguration/kubernetes-pods.yaml
View File

0
technologies/linkerd-ssrf-detect.yaml → misconfiguration/linkerd-ssrf-detect.yaml
View File

0
exposed-files/php-errors.yaml → misconfiguration/php-errors.yaml
View File

0
exposed-files/shell-history.yaml → misconfiguration/shell-history.yaml
View File

0
exposed-files/tomcat-scripts.yaml → misconfiguration/tomcat-scripts.yaml
View File

0
exposed-files/firebase-detect.yaml → technologies/firebase-detect.yaml
View File

0
exposed-files/jolokia.yaml → technologies/jolokia.yaml
View File

52
vulnerabilities/crlf-injection.yaml
View File

@ -1,25 +1,27 @@
id: crlf-injection
info:
name: CRLF injection
author: melbadry9 & nadino & xElkomy
severity: low
description: Improper sanitization of CRLF sequences.
requests:
- method: GET
path:
- "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
- "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" # unicode bypass
- "{{BaseURL}}/%0DSet-Cookie:crlfinjection=crlfinjection"
- "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
- "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection"
- "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.." # Apache
- "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" # CVE-2016-4975
- "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection"
matchers:
- type: regex
regex:
- '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
part: header
id: open-redirect
info:
name: Open redirect Detection
author: melbadry9 & Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1 & geeknik
severity: low
description: A user-controlled input redirect users to an external website.
requests:
- method: GET
path:
- "{{BaseURL}}/evil.com/"
- "{{BaseURL}}/evil.com//"
- "{{BaseURL}}///;@evil.com"
- "{{BaseURL}}///evil.com/%2F.."
- "{{BaseURL}}/////evil.com"
- "{{BaseURL}}//evil.com/%2F.."
- "{{BaseURL}}//evil.com/..;/css"
- "{{BaseURL}}/evil%E3%80%82com"
- "{{BaseURL}}/%5Cevil.com"
- "{{BaseURL}}/?Page=evil.com&_url=evil.com&callback=evil.com&checkout_url=evil.com&content=evil.com&continue=evil.com&continueTo=evil.com&counturl=evil.com&data=evil.com&dest=evil.com&dest_url=evil.com&dir=evil.com&document=evil.com&domain=evil.com&done=evil.com&download=evil.com&feed=evil.com&file=evil.com&host=evil.com&html=evil.com&http=evil.com&https=evil.com&image=evil.com&image_src=evil.com&image_url=evil.com&imageurl=evil.com&include=evil.com&langTo=evil.com&media=evil.com&navigation=evil.com&next=evil.com&open=evil.com&out=evil.com&page=evil.com&page_url=evil.com&pageurl=evil.com&path=evil.com&picture=evil.com&port=evil.com&proxy=evil.com&redir=evil.com&redirect=evil.com&redirectUri=evil.com&redirectUrl=evil.com&reference=evil.com&referrer=evil.com&req=evil.com&request=evil.com&retUrl=evil.com&return=evil.com&returnTo=evil.com&return_path=evil.com&return_to=evil.com&rurl=evil.com&show=evil.com&site=evil.com&source=evil.com&src=evil.com&target=evil.com&to=evil.com&uri=evil.com&url=evil.com&val=evil.com&validate=evil.com&view=evil.com&window=evil.com&redirect_to=evil.com"
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
part: header

0
misconfiguration/generic-detections/top-15-xss.yaml → vulnerabilities/generic/top-15-xss.yaml
View File

0
exposed-panels/jenkins-asyncpeople.yaml → vulnerabilities/jenkins/jenkins-asyncpeople.yaml
View File

0
misconfiguration/jenkins-stack-trace.yaml → vulnerabilities/jenkins/jenkins-stack-trace.yaml
View File

0
misconfiguration/unauthenticated-jenkin-dashboard.yaml → vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
View File

0
misconfiguration/jira-service-desk-signup.yaml → vulnerabilities/jira/jira-service-desk-signup.yaml
View File

0
misconfiguration/jira-unauthenticated-dashboards.yaml → vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
View File

0
misconfiguration/jira-unauthenticated-popular-filters.yaml → vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml
View File

0
misconfiguration/jira-unauthenticated-projects.yaml → vulnerabilities/jira/jira-unauthenticated-projects.yaml
View File

0
misconfiguration/jira-unauthenticated-user-picker.yaml → vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
View File

0
vulnerabilities/moodle-filter-jmol-lfi.yaml → vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
View File

0
vulnerabilities/moodle-filter-jmol-xss.yaml → vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
View File

27
vulnerabilities/open-redirect.yaml
View File

@ -1,27 +0,0 @@
id: open-redirect
info:
name: Open redirect Detection
author: melbadry9 & Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1 & geeknik
severity: low
description: A user-controlled input redirect users to an external website.
requests:
- method: GET
path:
- "{{BaseURL}}/evil.com/"
- "{{BaseURL}}/evil.com//"
- "{{BaseURL}}///;@evil.com"
- "{{BaseURL}}///evil.com/%2F.."
- "{{BaseURL}}/////evil.com"
- "{{BaseURL}}//evil.com/%2F.."
- "{{BaseURL}}//evil.com/..;/css"
- "{{BaseURL}}/evil%E3%80%82com"
- "{{BaseURL}}/%5Cevil.com"
- "{{BaseURL}}/?Page=evil.com&_url=evil.com&callback=evil.com&checkout_url=evil.com&content=evil.com&continue=evil.com&continueTo=evil.com&counturl=evil.com&data=evil.com&dest=evil.com&dest_url=evil.com&dir=evil.com&document=evil.com&domain=evil.com&done=evil.com&download=evil.com&feed=evil.com&file=evil.com&host=evil.com&html=evil.com&http=evil.com&https=evil.com&image=evil.com&image_src=evil.com&image_url=evil.com&imageurl=evil.com&include=evil.com&langTo=evil.com&media=evil.com&navigation=evil.com&next=evil.com&open=evil.com&out=evil.com&page=evil.com&page_url=evil.com&pageurl=evil.com&path=evil.com&picture=evil.com&port=evil.com&proxy=evil.com&redir=evil.com&redirect=evil.com&redirectUri=evil.com&redirectUrl=evil.com&reference=evil.com&referrer=evil.com&req=evil.com&request=evil.com&retUrl=evil.com&return=evil.com&returnTo=evil.com&return_path=evil.com&return_to=evil.com&rurl=evil.com&show=evil.com&site=evil.com&source=evil.com&src=evil.com&target=evil.com&to=evil.com&uri=evil.com&url=evil.com&val=evil.com&validate=evil.com&view=evil.com&window=evil.com&redirect_to=evil.com"
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
part: header

0
vulnerabilities/oracle-ebs-bispgraph-file-access.yaml → vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
View File

0
vulnerabilities/rails6-xss.yaml → vulnerabilities/rails/rails6-xss.yaml
View File

0
vulnerabilities/springboot-actuators-jolokia-xxe.yaml → vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
View File

0
vulnerabilities/springboot-h2-db-rce.yaml → vulnerabilities/springboot/springboot-h2-db-rce.yaml
View File

0
vulnerabilities/vmware-vcenter-lfi-linux.yaml → vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
View File

0
vulnerabilities/vmware-vcenter-lfi.yaml → vulnerabilities/vmware/vmware-vcenter-lfi.yaml
View File

0
vulnerabilities/easy-wp-smtp-listing.yaml → vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
View File

0
vulnerabilities/w3c-total-cache-ssrf.yaml → vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
View File

0
misconfiguration/wordpress-accessible-wpconfig.yaml → vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
View File

0
exposed-files/wordpress-db-backup.yaml → vulnerabilities/wordpress/wordpress-db-backup.yaml
View File

0
exposed-files/wordpress-debug-log.yaml → vulnerabilities/wordpress/wordpress-debug-log.yaml
View File

0
exposed-files/wordpress-directory-listing.yaml → vulnerabilities/wordpress/wordpress-directory-listing.yaml
View File

0
vulnerabilities/wordpress-emails-verification-for-woocommerce.yaml → vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
View File

0
exposed-files/wordpress-emergency-script.yaml → vulnerabilities/wordpress/wordpress-emergency-script.yaml
View File

0
exposed-files/wordpress-installer-log.yaml → vulnerabilities/wordpress/wordpress-installer-log.yaml
View File

0
vulnerabilities/wordpress-social-metrics-tracker.yaml → vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
View File

0
exposed-files/wordpress-tmm-db-migrate.yaml → vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
View File

0
exposed-files/wordpress-user-enumeration.yaml → vulnerabilities/wordpress/wordpress-user-enumeration.yaml
View File

0
vulnerabilities/wordpress-wordfence-xss.yaml → vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
View File

0
vulnerabilities/wordpress-wpcourses-info-disclosure.yaml → vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
View File