daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated matcher, extractor & info

patch-4
Ritik Chaddha 2024-06-26 13:44:53 +05:30 committed by GitHub
parent 3b02b45a00
commit 968acaac28
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
http/exposures/configs/neo4j-neodash-configexposed.yaml
View File

@ -1,7 +1,7 @@
id: neo4j-neodash-configexposed
id: neo4j-neodash-config
info:
name: Neo4j Neodash Detection
name: Neo4j Neodash Config - Exposure
author: icarot
severity: medium
description: |
@ -10,9 +10,11 @@ info:
cpe: cpe:2.3:a:neo4j:*:*:*:*:*:*:*:*:*
metadata:
max-request: 1
verified: true
vendor: neo4j
product: neodash
tags: config,exposure,credential,neodash,neo4j
shodan-query: title:"NeoDash"
tags: config,exposure,neodash,neo4j
http:
- method: GET
@ -22,18 +24,25 @@ http:
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'standaloneHost'
- 'standalonePort'
- 'standaloneDatabase'
condition: and
- type: word
part: header
words:
- 'application/json'
- type: status
status:
- 200
extractors:
- type: json
name: config.json
name: config
part: body
json:
- '.standaloneHost,.standalonePort,.standaloneDatabase,.standaloneUsername,.standalonePassword,.standaloneDashboardName'
- '.standaloneDatabase,.standaloneUsername,.standalonePassword'