daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more tags for panels

patch-1
sandeep 2021-04-06 12:55:57 +05:30
parent 5a3cda689b
commit 97d133022f
118 changed files with 129 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dns/azure-takeover-detection.yaml
View File

@ -2,7 +2,7 @@ id: azure-takeover-detection
info:
name: Azure takeover detection
author: "pdnuclei - projectdiscovery.io"
author: pdteam
severity: high
tags: dns,takeover

1
exposed-panels/active-admin-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: ActiveAdmin Admin Dasboard Exposure
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/activemq-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache ActiveMQ Exposure
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/acunetix-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Acunetix Panel detector
author: joanbono
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/adminer-panel.yaml
View File

@ -4,6 +4,7 @@ info:
author: random-robbie & meme-lord
severity: info
reference: https://blog.sorcery.ie/posts/adminer/
tags: panel
# <= 4.2.4 can have unauthenticated RCE via SQLite driver
# <= 4.6.2 can have LFI via MySQL LOAD DATA LOCAL

1
exposed-panels/adobe-component-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6846
tags: panel
requests:
- method: GET

1
exposed-panels/advance-setup.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6819
tags: panel
requests:
- method: GET

1
exposed-panels/aims-password-mgmt-client.yaml
View File

@ -4,6 +4,7 @@ info:
name: Aims Password Management Client Detect
author: iamthefrogy
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/aims-password-portal.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6576
tags: panel
requests:
- method: GET

1
exposed-panels/airflow-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Airflow Exposure / Unauthenticated Access
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/ambari-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Ambari Exposure / Unauthenticated Access
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/ansible-tower-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Ansible Tower Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

2
exposed-panels/atlassian-crowd-panel.yaml
View File

@ -4,6 +4,8 @@ info:
name: Atlassian Crowd panel detect
author: organiccrap
severity: info
tags: panel
requests:
- method: GET
path:

1
exposed-panels/blue-iris-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6814
tags: panel
requests:
- method: GET

1
exposed-panels/checkmarx-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Checkmarx WebClient detector
author: joanbono
severity: info
tags: panel
requests:
- method: GET

2
exposed-panels/cisco-asa-panel.yaml
View File

@ -4,7 +4,7 @@ info:
name: Cisco ASA VPN panel detect
author: organiccrap
severity: info
tags: cisco
tags: cisco,panel
requests:
- method: GET

2
exposed-panels/cisco-finesse-login.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6824
tags: cisco
tags: panel,cisco
requests:
- method: GET

2
exposed-panels/cisco-integrated-login.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/3859
tags: cisco
tags: panel,cisco
requests:
- method: GET

2
exposed-panels/cisco-sd-wan.yaml
View File

@ -5,7 +5,7 @@ info:
author: z3bd
severity: info
reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
tags: cisco
tags: panel,cisco
requests:
- method: GET

2
exposed-panels/cisco-security-details.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6708
tags: cisco
tags: panel,cisco
requests:
- method: GET

4
exposed-panels/citrix-adc-gateway-detect.yaml
View File

@ -1,8 +1,11 @@
id: citrix-adc-gateway-panel
info:
name: Citrix ADC Gateway detect
author: organiccrap
severity: info
tags: panel
requests:
- method: GET
path:
@ -10,6 +13,7 @@ requests:
- '{{BaseURL}}/logon/LogonPoint/custom.html'
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
matchers:
- type: word
words:

1
exposed-panels/citrix-vpn-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Citrix VPN Detection
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/compal-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Compal CH7465LG panel detect
author: fabaff
severity: info
tags: panel
requests:
- method: GET

2
exposed-panels/couchdb-exposure.yaml
View File

@ -3,6 +3,7 @@ info:
name: couchdb exposure
author: organiccrap
severity: low
tags: panel
requests:
- method: GET
@ -18,6 +19,7 @@ requests:
- Erlang OTP/
part: header
condition: and
- type: status
status:
- 200

1
exposed-panels/couchdb-fauxton.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache CouchDB Fauxton Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

3
exposed-panels/crush-ftp-login.yaml
View File

@ -1,10 +1,11 @@
id: crushFTP-login
id: crushftp-login
info:
name: CrushFTP WebInterface
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6591
tags: panel
requests:
- method: GET

1
exposed-panels/crxde-lite.yaml
View File

@ -4,6 +4,7 @@ info:
name: CRXDE Lite
author: nadino
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/d-link-wireless.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6784
tags: panel
requests:
- method: GET

1
exposed-panels/django-admin-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Python Django Admin Panel
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/druid-console-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Alibaba Druid Console Exposure
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/exposed-pagespeed-global-admin.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache PageSpeed Global Admin Dashboard Exposure
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/exposed-webalizer.yaml
View File

@ -4,6 +4,7 @@ info:
name: Publicly exposed Webalizer Interface
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/fiorilaunchpad-logon.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6793
tags: panel
requests:
- method: GET

1
exposed-panels/flink-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Flink Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/fortinet-fortigate-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Fortinet FortiGate SSL VPN Panel
author: bsysop
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/fortiweb-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Fortinet FortiWeb Login Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/github-enterprise-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Detect Github Enterprise
author: ehsahil
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/gitlab-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Detect Gitlab
author: ehsahil
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/globalprotect-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: PaloAlto Networks GlobalProtect Panel
author: organiccrap
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/go-anywhere-client.yaml
View File

@ -4,6 +4,7 @@ info:
name: GoAnywhere client login detection
author: iamthefrogy
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/grafana-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Grafana panel detect
author: organiccrap
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/hadoop-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Hadoop Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/hivemanager-login-panel.yaml
View File

@ -3,6 +3,7 @@ info:
name: HiveManager Login panel
author: binaryfigments
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/hmc-hybris-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: SAP Hybris Management Console
author: dogasantos
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/identityguard-selfservice-entrust.yaml
View File

@ -4,6 +4,7 @@ info:
name: IdentityGuard Self-Service by Entrust
author: nodauf
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/iomega-lenovo-emc-shared-nas-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Iomega Lenovo EMC with shared NAS
author: e_schultze_
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/jfrog.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6797
tags: panel
requests:
- method: GET

1
exposed-panels/jira-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Detect Jira Issue Management Software
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/jmx-console.yaml
View File

@ -3,6 +3,7 @@ info:
name: JMX Console
author: Yash Anand @yashanand155
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/joomla-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Joomla Panel
author: github.com/its0x08
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/kafka-connect-ui.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Kafka Connect UI Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/kafka-monitoring.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Kafka Monitor Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/kafka-topics-ui.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Kafka Topics UI Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/keenetic-web-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6817
tags: panel
requests:
- method: GET

1
exposed-panels/key-cloak-admin-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Keycloak Admin Panel
author: incogbyte
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/kubernetes-dashboard.yaml
View File

@ -4,6 +4,7 @@ info:
name: Kubernetes Console Exposure
author: pdteam
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/manage-engine-admanager-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Manage Engine ADManager Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/microsoft-exchange-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6739
tags: panel
requests:
- method: GET

1
exposed-panels/mini-start-page.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDk
severity: info
reference: https://www.exploit-db.com/ghdb/6500
tags: panel
requests:
- method: GET

1
exposed-panels/mobileiron-login.yaml
View File

@ -4,6 +4,7 @@ info:
name: MobileIron Login
author: dhiyaneshDK & @dwisiswant0
Severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/nessus-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Nessus Panel detector
author: joanbono
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/netlify-cms.yaml
View File

@ -4,6 +4,7 @@ info:
name: Netlify CMS Admin Panel
author: sullo
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/netscaler-gateway.yaml
View File

@ -4,6 +4,7 @@ info:
name: Netscaler gateway
author: joeldeleep
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/oipm-detect.yaml
View File

@ -3,6 +3,7 @@ info:
name: One Identity Password Manager detection
author: nodauf
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/oki-data.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/5937
tags: panel
requests:
- method: GET

1
exposed-panels/open-stack-dashboard-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6464
tags: panel
requests:
- method: GET

1
exposed-panels/pandora-fms-console.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDk
severity: info
reference: https://www.exploit-db.com/ghdb/6827
tags: panel
requests:
- method: GET

1
exposed-panels/parallels-html-client.yaml
View File

@ -4,6 +4,7 @@ info:
name: Parallels HTML5 Client
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/phpmyadmin-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: phpMyAdmin Panel
author: pdteam
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/plesk-onyx.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6501
tags: panel
requests:
- method: GET

1
exposed-panels/polycom-admin-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Polycom Admin Panel
author: e_schultze_
severity: low
tags: panel
requests:
- method: GET

1
exposed-panels/powerlogic-ion.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: low
reference: https://www.exploit-db.com/ghdb/6810
tags: panel
requests:
- method: GET

4
exposed-panels/prometheus-exporter-detect.yaml
View File

@ -4,8 +4,8 @@ info:
author: jarijaas
severity: info
description: Prometheus exporter detector
# See https://github.com/prometheus/prometheus/wiki/Default-port-allocations
tags: panel
reference: https://github.com/prometheus/prometheus/wiki/Default-port-allocations
requests:
- method: GET

1
exposed-panels/public-tomcat-manager.yaml
View File

@ -4,6 +4,7 @@ info:
name: tomcat manager disclosure
author: Ahmed Sherif & geeknik
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/pulse-secure-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: Pulse Secure VPN Panel
author: bsysop
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/rabbitmq-dashboard.yaml
View File

@ -4,6 +4,7 @@ info:
name: RabbitMQ Dashboard
author: fyoorer
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/radius-manager.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6790
tags: panel
requests:
- method: GET

1
exposed-panels/remote-ui-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6815
tags: panel
requests:
- method: GET

1
exposed-panels/rocketmq-console-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache RocketMQ Console Exposure
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/rsa-self-service.yaml
View File

@ -4,6 +4,7 @@ info:
name: Detect RSA Self-Service Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sap-hana-xsengine-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: SAP HANA XSEngine Admin Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sap-netweaver-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: SAP NetWeaver Portal detect
author: organiccrap
severity: info
tags: panel
# SAP Netweaver default creds - SAP*/06071992 or TMSADM/$1Pawd2&

1
exposed-panels/sap-recon-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: SAP RECON Finder
author: samueladi_ & organiccrap
severity: medium
tags: panel
# Source:- https://github.com/chipik/SAP_RECON
# This is detection template, please use above poc to exploit this further.

1
exposed-panels/selenoid-ui-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Selenoid UI Dashboard Exposure
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/setup-page-exposure.yaml
View File

@ -5,6 +5,7 @@ info:
author: pdteam
severity: medium
description: Misconfiguration on Zenphoto version < 1.5.X which lead to sensitive information disclosure
tags: panel
requests:
- method: GET

1
exposed-panels/sitefinity-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6722
tags: panel
requests:
- method: GET

1
exposed-panels/siteomat-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6624
tags: panel
requests:
- method: GET

1
exposed-panels/solarwinds-orion.yaml
View File

@ -4,6 +4,7 @@ info:
name: SolarWinds Orion Panel
author: puzzlepeaches
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/solr-exposure.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Solr Exposure
author: pdteam
severity: medium
tags: panel
requests:
- method: GET

1
exposed-panels/sonarqube-login.yaml
View File

@ -4,6 +4,7 @@ info:
name: SonarQube panel detect
author: dhiyaneshDk
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sonicwall-management-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: SonicWall Management Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sonicwall-sslvpn-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: SonicWall Virtual Office SSLVPN Panel
author: PR3R00T
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sophos-fw-version-detect.yaml
View File

@ -4,6 +4,7 @@ info:
name: Sophos Firewall version detection
author: organiccrap
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/sphider-login.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6641
tags: panel
requests:
- method: GET

1
exposed-panels/supervpn-panel.yaml
View File

@ -4,6 +4,7 @@ info:
name: SuperVPN panel detect
author: organiccrap
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/tikiwiki-cms.yaml
View File

@ -4,6 +4,7 @@ info:
name: Tiki Wiki CMS Groupware
author: chron0x
severity: info
tags: panel
requests:
- method: GET

4
exposed-panels/tomcat-manager-pathnormalization.yaml
View File

@ -3,7 +3,9 @@ info:
name: Tomcat Manager Path Normalization
author: organiccrap
severity: info
# https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
reference: https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
tags: panel
requests:
- method: GET
path:

1
exposed-panels/total-web.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: info
reference: https://www.exploit-db.com/ghdb/6811
tags: panel
requests:
- method: GET

1
exposed-panels/traefik-dashboard.yaml
View File

@ -4,6 +4,7 @@ info:
name: Traefik Dashboard
author: schniggie & StreetOfHackerR007
severity: info
tags: panel
requests:
- method: GET

1
exposed-panels/tuxedo-connected-controller.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDk
severity: info
reference: https://www.exploit-db.com/ghdb/6486
tags: panel
requests:
- method: GET

Some files were not shown because too many files have changed in this diff Show More