diff --git a/exposed-panels/adobe-connect-central-login.yaml b/exposed-panels/adobe-connect-central-login.yaml new file mode 100644 index 0000000000..1218c9f8d7 --- /dev/null +++ b/exposed-panels/adobe-connect-central-login.yaml @@ -0,0 +1,23 @@ +id: adobe-connect-central-login + +info: + name: Adobe Connect Central Login + author: dhiyaneshDk + severity: info + tags: adobe,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/system/login" + + matchers-condition: and + matchers: + - type: word + words: + - 'Adobe Connect Central Login' + part: body + + - type: status + status: + - 200 diff --git a/misconfiguration/adobe/adobe-connect-username-exposure.yaml b/misconfiguration/adobe/adobe-connect-username-exposure.yaml new file mode 100644 index 0000000000..088b39ad5e --- /dev/null +++ b/misconfiguration/adobe/adobe-connect-username-exposure.yaml @@ -0,0 +1,26 @@ +id: adobe-connect-username-exposure + +info: + name: Adobe Connect Username Exposure + reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html + author: dhiyaneshDk + severity: low + tags: adobe,disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}/system/help/support" + + matchers-condition: and + matchers: + - type: word + words: + - 'Administrators name:' + - 'Support Administrators email address:' + part: body + condition: and + + - type: status + status: + - 200 diff --git a/misconfiguration/adobe/adobe-connect-version.yaml b/misconfiguration/adobe/adobe-connect-version.yaml new file mode 100644 index 0000000000..6dab2e7f2e --- /dev/null +++ b/misconfiguration/adobe/adobe-connect-version.yaml @@ -0,0 +1,28 @@ +id: adobe-connect-version + +info: + name: Adobe Connect Central Version + author: dhiyaneshDk + severity: info + tags: adobe + +requests: + - method: GET + path: + - "{{BaseURL}}/version.txt" + + matchers-condition: and + matchers: + - type: word + words: + - 'package=' + part: body + + - type: word + words: + - 'text/plain' + part: header + + - type: status + status: + - 200