From a8374ddcfba070546450d258b598bea61833f527 Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Thu, 9 Dec 2021 18:36:24 +0530 Subject: [PATCH] fix: fixed network templates (#3306) --- network/cisco-smi-exposure.yaml | 2 +- network/clickhouse-unauth.yaml | 2 +- network/detect-addpac-voip-gateway.yaml | 2 +- network/detect-jabber-xmpp.yaml | 2 +- network/detect-rsyncd.yaml | 2 +- network/expn-mail-detect.yaml | 2 +- network/exposed-adb.yaml | 2 +- network/exposed-redis.yaml | 2 +- network/exposed-zookeeper.yaml | 2 +- network/ftp-default-credentials.yaml | 2 +- network/ftp-weak-credentials.yaml | 2 +- network/ganglia-xml-grid-monitor.yaml | 2 +- network/iplanet-imap-detect.yaml | 2 +- network/memcached-stats.yaml | 2 +- network/mongodb-detect.yaml | 2 +- network/mongodb-unauth.yaml | 2 +- network/mysql-native-password.yaml | 2 +- network/printers-info-leak.yaml | 2 +- network/rdp-detect.yaml | 2 +- network/samba-detect.yaml | 2 +- network/sap-router-info-leak.yaml | 2 +- network/sap-router.yaml | 2 +- network/smb-v1-detection.yaml | 2 +- network/smtp-detection.yaml | 2 +- network/starttls-mail-detect.yaml | 2 +- network/tidb-native-password.yaml | 2 +- network/tidb-unauth.yaml | 2 +- network/totemomail-smtp-detect.yaml | 2 +- network/unauth-ftp.yaml | 2 +- network/vnc-detect.yaml | 5 ++++- network/vsftpd-detection.yaml | 2 +- 31 files changed, 34 insertions(+), 31 deletions(-) diff --git a/network/cisco-smi-exposure.yaml b/network/cisco-smi-exposure.yaml index 212bbf0f1b..de1d9fa723 100644 --- a/network/cisco-smi-exposure.yaml +++ b/network/cisco-smi-exposure.yaml @@ -24,7 +24,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:4786" + - "{{Host}}:4786" matchers: - type: word diff --git a/network/clickhouse-unauth.yaml b/network/clickhouse-unauth.yaml index 5dbabdf85b..fe5531d2b7 100644 --- a/network/clickhouse-unauth.yaml +++ b/network/clickhouse-unauth.yaml @@ -15,7 +15,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:9000" + - "{{Host}}:9000" read-size: 100 diff --git a/network/detect-addpac-voip-gateway.yaml b/network/detect-addpac-voip-gateway.yaml index ab6397c908..046a2ee37e 100644 --- a/network/detect-addpac-voip-gateway.yaml +++ b/network/detect-addpac-voip-gateway.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:23" + - "{{Host}}:23" matchers: - type: word diff --git a/network/detect-jabber-xmpp.yaml b/network/detect-jabber-xmpp.yaml index 7dbfdd8e64..a2492d1715 100644 --- a/network/detect-jabber-xmpp.yaml +++ b/network/detect-jabber-xmpp.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:5222" + - "{{Host}}:5222" matchers: - type: word diff --git a/network/detect-rsyncd.yaml b/network/detect-rsyncd.yaml index 3083708997..5dd5a819c5 100644 --- a/network/detect-rsyncd.yaml +++ b/network/detect-rsyncd.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:873" + - "{{Host}}:873" matchers: - type: word diff --git a/network/expn-mail-detect.yaml b/network/expn-mail-detect.yaml index 77402b1b1c..729fe47f7a 100644 --- a/network/expn-mail-detect.yaml +++ b/network/expn-mail-detect.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:25" + - "{{Host}}:25" matchers: - type: word diff --git a/network/exposed-adb.yaml b/network/exposed-adb.yaml index cce28b6272..f22afd96b4 100644 --- a/network/exposed-adb.yaml +++ b/network/exposed-adb.yaml @@ -17,7 +17,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:5555" + - "{{Host}}:5555" matchers: - type: word diff --git a/network/exposed-redis.yaml b/network/exposed-redis.yaml index 12ec2926da..97e2ee11d5 100644 --- a/network/exposed-redis.yaml +++ b/network/exposed-redis.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:6379" + - "{{Host}}:6379" read-size: 2048 matchers-condition: and diff --git a/network/exposed-zookeeper.yaml b/network/exposed-zookeeper.yaml index c531fd85e5..e06d9aac78 100644 --- a/network/exposed-zookeeper.yaml +++ b/network/exposed-zookeeper.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:2181" + - "{{Host}}:2181" read-size: 2048 matchers: diff --git a/network/ftp-default-credentials.yaml b/network/ftp-default-credentials.yaml index d49482dad6..b8b7460d62 100644 --- a/network/ftp-default-credentials.yaml +++ b/network/ftp-default-credentials.yaml @@ -12,7 +12,7 @@ network: - data: "USER anonymous\r\nPASS anonymous\r\n" host: - "{{Hostname}}:21" - - "{{Hostname}}" + - "{{Host}}" matchers: - type: word diff --git a/network/ftp-weak-credentials.yaml b/network/ftp-weak-credentials.yaml index ba537cbaa2..dd1b457eb8 100644 --- a/network/ftp-weak-credentials.yaml +++ b/network/ftp-weak-credentials.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}:21" - - "{{Hostname}}" + - "{{Host}}" attack: clusterbomb payloads: diff --git a/network/ganglia-xml-grid-monitor.yaml b/network/ganglia-xml-grid-monitor.yaml index 972659afdc..8e6d859526 100644 --- a/network/ganglia-xml-grid-monitor.yaml +++ b/network/ganglia-xml-grid-monitor.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:8649" + - "{{Host}}:8649" read-size: 2048 matchers: diff --git a/network/iplanet-imap-detect.yaml b/network/iplanet-imap-detect.yaml index abc5eeaec7..8762652b37 100644 --- a/network/iplanet-imap-detect.yaml +++ b/network/iplanet-imap-detect.yaml @@ -13,7 +13,7 @@ network: - data: "\n" host: - "{{Hostname}}" - - "{{Hostname}}:110" + - "{{Host}}:110" matchers: - type: word diff --git a/network/memcached-stats.yaml b/network/memcached-stats.yaml index 78f65c7e75..0ebe549791 100644 --- a/network/memcached-stats.yaml +++ b/network/memcached-stats.yaml @@ -12,7 +12,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:11211" + - "{{Host}}:11211" read-size: 2048 matchers: diff --git a/network/mongodb-detect.yaml b/network/mongodb-detect.yaml index 88928bafde..ecdf398c9c 100644 --- a/network/mongodb-detect.yaml +++ b/network/mongodb-detect.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:27017" + - "{{Host}}:27017" read-size: 2048 matchers: diff --git a/network/mongodb-unauth.yaml b/network/mongodb-unauth.yaml index 4348e90446..8aa84c1d0a 100644 --- a/network/mongodb-unauth.yaml +++ b/network/mongodb-unauth.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:27017" + - "{{Host}}:27017" read-size: 2048 matchers: - type: word diff --git a/network/mysql-native-password.yaml b/network/mysql-native-password.yaml index 3303abcd3b..faf759dea2 100644 --- a/network/mysql-native-password.yaml +++ b/network/mysql-native-password.yaml @@ -10,7 +10,7 @@ info: network: - host: - "{{Hostname}}" - - "{{Hostname}}:3306" + - "{{Host}}:3306" matchers: - type: word diff --git a/network/printers-info-leak.yaml b/network/printers-info-leak.yaml index 280acaf662..3b98af129b 100644 --- a/network/printers-info-leak.yaml +++ b/network/printers-info-leak.yaml @@ -10,7 +10,7 @@ network: - inputs: - data: "@PJL INFO STATUS\n" host: - - "{{Hostname}}:9100" + - "{{Host}}:9100" matchers: - type: word words: diff --git a/network/rdp-detect.yaml b/network/rdp-detect.yaml index a8e62c9e89..051db6c51d 100644 --- a/network/rdp-detect.yaml +++ b/network/rdp-detect.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:3389" + - "{{Host}}:3389" matchers: - type: word diff --git a/network/samba-detect.yaml b/network/samba-detect.yaml index 1dd94f2eda..d431065d27 100644 --- a/network/samba-detect.yaml +++ b/network/samba-detect.yaml @@ -12,7 +12,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:139" + - "{{Host}}:139" matchers: - type: word diff --git a/network/sap-router-info-leak.yaml b/network/sap-router-info-leak.yaml index 90a388155b..3424a5d2cf 100644 --- a/network/sap-router-info-leak.yaml +++ b/network/sap-router-info-leak.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:3299" + - "{{Host}}:3299" read-size: 2048 matchers: diff --git a/network/sap-router.yaml b/network/sap-router.yaml index 55dc59278d..23b62d2605 100644 --- a/network/sap-router.yaml +++ b/network/sap-router.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:3299" + - "{{Host}}:3299" read-size: 1024 matchers: diff --git a/network/smb-v1-detection.yaml b/network/smb-v1-detection.yaml index ef70dc9c0d..e622b77b62 100644 --- a/network/smb-v1-detection.yaml +++ b/network/smb-v1-detection.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:445" + - "{{Host}}:445" matchers: - type: word diff --git a/network/smtp-detection.yaml b/network/smtp-detection.yaml index 9d259ae5dd..422432f0d4 100644 --- a/network/smtp-detection.yaml +++ b/network/smtp-detection.yaml @@ -11,7 +11,7 @@ network: - data: "\r\n" host: - "{{Hostname}}" - - "{{Hostname}}:25" + - "{{Host}}:25" matchers: - type: word words: diff --git a/network/starttls-mail-detect.yaml b/network/starttls-mail-detect.yaml index 372d47faba..84a931f336 100644 --- a/network/starttls-mail-detect.yaml +++ b/network/starttls-mail-detect.yaml @@ -14,7 +14,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:25" + - "{{Host}}:25" matchers: - type: word diff --git a/network/tidb-native-password.yaml b/network/tidb-native-password.yaml index 91aa175cb7..ae6539a8dd 100644 --- a/network/tidb-native-password.yaml +++ b/network/tidb-native-password.yaml @@ -10,7 +10,7 @@ info: network: - host: - "{{Hostname}}" - - "{{Hostname}}:4000" + - "{{Host}}:4000" matchers: - type: word diff --git a/network/tidb-unauth.yaml b/network/tidb-unauth.yaml index ec0dc15c58..19374b668c 100644 --- a/network/tidb-unauth.yaml +++ b/network/tidb-unauth.yaml @@ -16,7 +16,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:4000" + - "{{Host}}:4000" read-size: 1024 diff --git a/network/totemomail-smtp-detect.yaml b/network/totemomail-smtp-detect.yaml index 7eecf58266..fb7658504d 100644 --- a/network/totemomail-smtp-detect.yaml +++ b/network/totemomail-smtp-detect.yaml @@ -13,7 +13,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:25" + - "{{Host}}:25" matchers: - type: word diff --git a/network/unauth-ftp.yaml b/network/unauth-ftp.yaml index 1eaae23dd2..a228cb9043 100644 --- a/network/unauth-ftp.yaml +++ b/network/unauth-ftp.yaml @@ -12,8 +12,8 @@ network: - data: "USER anonymous\r\nPASS nuclei\r\n" host: + - "{{Host}}:21" - "{{Hostname}}" - - "{{Hostname}}:21" matchers: - type: word diff --git a/network/vnc-detect.yaml b/network/vnc-detect.yaml index 7a0687aefd..8f747a471a 100644 --- a/network/vnc-detect.yaml +++ b/network/vnc-detect.yaml @@ -9,11 +9,14 @@ network: - inputs: - data: "\r\n" host: - - "{{Hostname}}:5900" + - "{{Host}}:5900" + - "{{Hostname}}" + matchers: - type: word words: - "RFB" + extractors: - type: regex part: body diff --git a/network/vsftpd-detection.yaml b/network/vsftpd-detection.yaml index 5f57aa183f..542af6907f 100644 --- a/network/vsftpd-detection.yaml +++ b/network/vsftpd-detection.yaml @@ -12,8 +12,8 @@ network: - data: "USER anonymous\r\nPASS pussycat0x\r\n" host: + - "{{Host}}:21" - "{{Hostname}}" - - "{{Hostname}}:21" matchers: - type: word