Merge branch 'main' into lucee-default-login
commit
aae073c655
|
@ -1,22 +0,0 @@
|
|||
name: 🗑️ Cache Purge
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
# Wait for 5 minutes
|
||||
- name: Wait for 2 minutes
|
||||
run: sleep 120
|
||||
|
||||
- name: Purge cache
|
||||
uses: jakejarvis/cloudflare-purge-action@master
|
||||
env:
|
||||
CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }}
|
||||
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
|
|
@ -9,6 +9,7 @@ on:
|
|||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Yamllint
|
||||
|
|
|
@ -11,6 +11,7 @@ on:
|
|||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
|
|
|
@ -9,6 +9,7 @@ on:
|
|||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
|
|
|
@ -9,6 +9,7 @@ on:
|
|||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
|
|
|
@ -26,6 +26,7 @@ on:
|
|||
- 'http/default-logins/ibm/ibm-dcec-default-login.yaml'
|
||||
- 'http/default-logins/ibm/ibm-dsc-default-login.yaml'
|
||||
- 'http/default-logins/ibm/ibm-hmc-default-login.yaml'
|
||||
- 'http/default-logins/ibm/imm-default-login.yaml'
|
||||
- 'http/exposed-panels/c2/meduza-stealer.yaml'
|
||||
- 'http/exposed-panels/cisco-unity-panel.yaml'
|
||||
- 'http/exposed-panels/connectwise-panel.yaml'
|
||||
|
@ -40,6 +41,7 @@ on:
|
|||
- 'http/exposed-panels/opinio-panel.yaml'
|
||||
- 'http/exposed-panels/rocketchat-panel.yaml'
|
||||
- 'http/exposures/configs/sphinxsearch-config.yaml'
|
||||
- 'http/misconfiguration/cloudflare-rocketloader-htmli.yaml'
|
||||
- 'http/misconfiguration/installer/connectwise-setup.yaml'
|
||||
- 'http/technologies/ibm/ibm-decision-runner.yaml'
|
||||
- 'http/technologies/ibm/ibm-decision-server-runtime.yaml'
|
||||
|
@ -51,6 +53,7 @@ on:
|
|||
workflow_dispatch:
|
||||
jobs:
|
||||
triggerRemoteWorkflow:
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Trigger Remote Workflow with curl
|
||||
|
|
|
@ -6,6 +6,7 @@ on:
|
|||
jobs:
|
||||
Update:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- name: Check out repository code
|
||||
uses: actions/checkout@v4
|
||||
|
|
|
@ -21,6 +21,7 @@ http/default-logins/ibm/ibm-dcbc-default-login.yaml
|
|||
http/default-logins/ibm/ibm-dcec-default-login.yaml
|
||||
http/default-logins/ibm/ibm-dsc-default-login.yaml
|
||||
http/default-logins/ibm/ibm-hmc-default-login.yaml
|
||||
http/default-logins/ibm/imm-default-login.yaml
|
||||
http/exposed-panels/c2/meduza-stealer.yaml
|
||||
http/exposed-panels/cisco-unity-panel.yaml
|
||||
http/exposed-panels/connectwise-panel.yaml
|
||||
|
@ -35,6 +36,7 @@ http/exposed-panels/openvas-panel.yaml
|
|||
http/exposed-panels/opinio-panel.yaml
|
||||
http/exposed-panels/rocketchat-panel.yaml
|
||||
http/exposures/configs/sphinxsearch-config.yaml
|
||||
http/misconfiguration/cloudflare-rocketloader-htmli.yaml
|
||||
http/misconfiguration/installer/connectwise-setup.yaml
|
||||
http/technologies/ibm/ibm-decision-runner.yaml
|
||||
http/technologies/ibm/ibm-decision-server-runtime.yaml
|
||||
|
|
|
@ -32,3 +32,6 @@ files:
|
|||
- http/cves/2020/CVE-2020-28351.yaml
|
||||
- http/vulnerabilities/oracle/oracle-ebs-xss.yaml
|
||||
- http/cves/2021/CVE-2021-28164.yaml
|
||||
- http/fuzzing/wordpress-themes-detect.yaml
|
||||
- http/fuzzing/mdb-database-file.yaml
|
||||
- http/fuzzing/iis-shortname.yaml
|
|
@ -9,11 +9,22 @@ info:
|
|||
reference:
|
||||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287
|
||||
- https://www.exploit-db.com/exploits/47502
|
||||
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html
|
||||
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html
|
||||
- http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 8.8
|
||||
cve-id: CVE-2019-14287
|
||||
cwe-id: CWE-755
|
||||
epss-score: 0.34299
|
||||
epss-percentile: 0.96958
|
||||
cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
vendor: canonical
|
||||
product: ubuntu_linux
|
||||
vendor: sudo_project
|
||||
product: sudo
|
||||
tags: cve,cve2019,sudo,code,linux,privesc,local,canonical
|
||||
|
||||
self-contained: true
|
||||
|
@ -36,4 +47,4 @@ code:
|
|||
- '!contains(code_1_response, "root")'
|
||||
- 'contains(code_2_response, "root")'
|
||||
condition: and
|
||||
# digest: 4b0a00483046022100f4f8e722b5f42a0123c6f1f8f54ac645f9d05fcd3cfef40c38b610291978a5e00221009d44ff15e4eea65e3fcb18aeece52355879b009f9a7246c145abdaf23807e2ea:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402205d953c6f0c1352f39f1035d518dc38cffe2165dfb1f4ddd270434e7dbb790c1102200423935d03c0eafff4702b083c0d5da821affb591901209cd6d087644114abdf:922c64590222798bb761d5b6d8e72950
|
|
@ -10,8 +10,20 @@ info:
|
|||
- https://medium.com/mii-cybersec/privilege-escalation-cve-2021-3156-new-sudo-vulnerability-4f9e84a9f435
|
||||
- https://blog.qualys.com/vulnerabilities-threat-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
|
||||
- https://infosecwriteups.com/baron-samedit-cve-2021-3156-tryhackme-76d7dedc3cff
|
||||
- http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
|
||||
- http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 7.8
|
||||
cve-id: CVE-2021-3156
|
||||
cwe-id: CWE-193
|
||||
epss-score: 0.97085
|
||||
epss-percentile: 0.99752
|
||||
cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
vendor: sudo_project
|
||||
product: sudo
|
||||
tags: cve,cve2021,sudo,code,linux,privesc,local,kev
|
||||
|
||||
self-contained: true
|
||||
|
@ -28,4 +40,4 @@ code:
|
|||
- "malloc(): memory corruption"
|
||||
- "Aborted (core dumped)"
|
||||
condition: and
|
||||
# digest: 490a00463044022074b8ca1a10aca438432f3b6e55023b9c80357eb5a6f2ac795774b7d44e85188e02201a3af75f86a975548121afe1ab1faf6ade2d1e89d05200b4e6990e97af56af36:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220494a1c88897c9697f8d55a15b5ba0990a64225974efa03ca485ae5ebe4c2bcf0022019eb5fcd9dd61429f3964b64b263aec23e0193b30d695284d275818b9c38812d:922c64590222798bb761d5b6d8e72950
|
|
@ -21,8 +21,8 @@ info:
|
|||
cvss-score: 7.8
|
||||
cve-id: CVE-2023-2640
|
||||
cwe-id: CWE-863
|
||||
epss-score: 0.00047
|
||||
epss-percentile: 0.14754
|
||||
epss-score: 0.00174
|
||||
epss-percentile: 0.53697
|
||||
cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -54,4 +54,4 @@ code:
|
|||
- '!contains(code_1_response, "(root)")'
|
||||
- 'contains(code_2_response, "(root)")'
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100a20c4d30517d6bd96f1a97d3fca9e29bd1f686eeb9192a3f503a5bddffeda9fe022020188e4f25e79706197eab61598d64679c02828a0aedf7f496b5fbe14707ec90:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100b7d65ed4d77da164c62392e9367361cd521cd12c1746e27d4865c7913b4250910220243bd991082f86b48587a9ec336c51a545db1464e12ebbbfc0ee5128bc2cb27f:922c64590222798bb761d5b6d8e72950
|
|
@ -10,16 +10,21 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2023-4911
|
||||
- https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
|
||||
- https://www.youtube.com/watch?v=1iV-CD9Apn8
|
||||
- http://www.openwall.com/lists/oss-security/2023/10/05/1
|
||||
- http://www.openwall.com/lists/oss-security/2023/10/13/11
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 7.8
|
||||
cve-id: CVE-2023-4911
|
||||
cwe-id: CWE-787
|
||||
cpe: cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*
|
||||
cwe-id: CWE-787,CWE-122
|
||||
epss-score: 0.0171
|
||||
epss-percentile: 0.87439
|
||||
cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
vendor: glibc
|
||||
tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local
|
||||
vendor: gnu
|
||||
product: glibc
|
||||
tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev
|
||||
|
||||
self-contained: true
|
||||
code:
|
||||
|
@ -34,4 +39,4 @@ code:
|
|||
- type: word
|
||||
words:
|
||||
- "139" # Segmentation Fault Exit Code
|
||||
# digest: 4a0a004730450220420ab1d35c89225b917a344669e743fa83b79698910c4f87a5124f2dfaae54cd022100d122ece9eaba7f9bfc32d229e79d56b127da02ce4e5cf4034ecebfd9da56a9a2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100f0ab74cd6ae5323c4a571e6c858cbbb8ced3b3b2b8dbb8d8c65b380a03a28f8302203aced1de4878bced98bb7d6bd296b9187a2d4795325e1f62debb338f363295f5:922c64590222798bb761d5b6d8e72950
|
|
@ -9,15 +9,21 @@ info:
|
|||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2023-6246
|
||||
- https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt
|
||||
- https://access.redhat.com/security/cve/CVE-2023-6246
|
||||
- https://bugzilla.redhat.com/show_bug.cgi?id=2249053
|
||||
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 7.8
|
||||
cve-id: CVE-2023-6246
|
||||
cwe-id: CWE-787
|
||||
cwe-id: CWE-787,CWE-122
|
||||
epss-score: 0.00383
|
||||
epss-percentile: 0.72435
|
||||
cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
vendor: glibc
|
||||
vendor: gnu
|
||||
product: glibc
|
||||
tags: cve,cve2023,code,glibc,linux,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -33,4 +39,4 @@ code:
|
|||
- type: word
|
||||
words:
|
||||
- "127" # Segmentation Fault Exit Code
|
||||
# digest: 4a0a00473045022100fec914f6ee85b53ab611e26476cba7da42e11cdcb33c935a2d003c74c7312b1302207b65c84f8435932f1aa050019f6aaf899442187cf9630df934cf9086bd94a2f6:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100816db78414b7bafd0437ce9725201733ffd4c96f285f1cdbe48e08e348e67372022040042ed5d64ab0b2bc48789dd519af760226f155f1764ee76b460937ee89a839:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/choom/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,choom,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4a0a0047304502203b1238ca7d9be64f51e9162022deaf76b02898053cbb3511377e76228d3d79ef0221008b6aa349a17b0a16a0d0949f1797c8e111d2498185b88fe99c326c60c59167c9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100cd0a7dc9b51ef8f3f850d3fde75e025e13c61b464ac044825ac70107c66db1de0220290c09bd78a4e25f5cabc659f9441a3c168a1ca2c226f0ddf9316de01eb30461:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/find/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,find,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4b0a0048304602210093227e768a659e1747e4dd5d82e25ade3f152549f159b967327082c90677fc5e022100ba7d7a12344d88ac9ec3c0832b25af9d1ef25fe4470e6963b2f3ae814c844e89:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402207f55b1ac220ad114cf5cd2341a388a3860f134489b662ff708d8553b7156207a02201bddad6e9a46aa5b077f01de8b269b2797007741d8c6f38b9ddc7724462497e5:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/lua/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,lua,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4a0a00473045022033fd3387c3085b4f8e3a7ced68a4e324ba82f7e683a8c29e5ab32c1975a8fe4b02210097eb732caf95609123a361436265388bba8c2c95fcba6ddaf6504d3a5b19c19f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202ed356f302529ce69de66a24987b78693c5d679a4340425ad29a76fa63db81ab022100a1157d5ab30c98ef4366d8cba600703686a43211b15ce7d17e4fc07a79db5a8f:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/mysql/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,mysql,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4b0a00483046022100fa6772f8e48a5c9ac87ddba3ecc262a59d16d9cba527623da8f5cdf9509e44880221008cff1c5a77c27a1f59d943884498c8d1499da98e6ecf7e1d63851de4ae9fa76c:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502205cfddd58041ea672c83a850b34e77b9b635e71f934118d2a1ab9ab3ca660e13b022100eec2e1232af1d0b4686fc284278197db41fa3a289488abb2936a1186b85e3e26:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/node/
|
||||
metadata:
|
||||
max-request: 4
|
||||
verified: true
|
||||
max-request: 4
|
||||
tags: code,linux,node,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -53,4 +53,4 @@ code:
|
|||
- 'contains(code_3_response, "root")'
|
||||
- 'contains(code_4_response, "root")'
|
||||
condition: or
|
||||
# digest: 4b0a00483046022100e32f25ba4a83d9d265aa187532f0090ba2fdf1beb89235113b4caeed36413ac30221008ecd529618da3ad2ed65e939b4233529614a005b87fd760bbeeb95de2e78746f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100c2fb7e0f1c8874aa30b7cbf614269bbd607e7679a738d4e4b6e6d5cafdf8faa1022100af88ace2a97d251334aeefafdfbd07471443304b4505d49f1edf432f53b5e43a:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/rc/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,rc,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4a0a004730450220665e08a8d241b76abc6c9f908b6c953eeebccc153af1c165958c388f1a57c3eb02210091d8e2364f4c48b2fd9d8b64222760ce398677386e5d185fc86425ea5ed10527:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202a315bdc26f4d35efa4a6f698d5324b05e6f7d849772f27996dd0e04ac0edd5b022100cb3566b03c81b4ced70cb1bf221db42da3f9262c3ce4790664bc215a0b623abf:922c64590222798bb761d5b6d8e72950
|
|
@ -8,8 +8,8 @@ info:
|
|||
The run-parts command in Linux is used to run all the executable files in a directory. It is commonly used for running scripts or commands located in a specific directory, such as system maintenance scripts in /etc/cron.daily. The run-parts command provides a convenient way to execute multiple scripts or commands in a batch manner.
|
||||
reference: https://gtfobins.github.io/gtfobins/run-parts/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,run-parts,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -45,4 +45,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 490a00463044022055bdbe38258f303b3247dcaaec655d2aca77ff0d5e3d83a8e763840384618a7c02204591a5abce03bc68b647b84a4a4fd59da6d3713256d3494aadc43cf2076778dd:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022058411677d700beae571edc83b5da8ff31eaa193dac73ba1515a220842ccabc8d0220151cca60c8ad28b2934984be7d6a187d3dd02ee9cac9a5cc3cd0af97273c6bca:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/strace/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,strace,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4a0a004730450221008a56962d3e0bfec8153fae52f4693ee5b8065098d3b7c5e16b5c2f481dcaaeb8022077e7fc1be8079fde76cbf09b10718038a4e013725c9955a91d5b024d02bdd27f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202b121064fdd29dfb40970b3956fcfb830cc7150f895b56913870f21c1f2f5e85022100fd214757ef5ac44a07cfc6fcdcf6da1fe59cd2b44f98829f01fc6af0c58045d8:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/torify/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,torify,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 4a0a00473045022100fe967badaa42178c43d6c5f965ebd2205cd5636ddceeece364aedd793b317d1902207ad0bc797b16421928d1ec9016ba53809758b9f7603effab908a27decbc3cc74:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a004830460221008ca7aa24f7f8fa13b8d43c96981d8fd78a382752f6e2c69dfab164443972b747022100d307d8b9c2054d4731db696fc13198afed46d5b1215a6899b56533661240fc91:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/view/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,view,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 490a0046304402207dc9a1ca06fcde2705d1a72ee2f792eff2f81f5d00def77fa54eec5d7717c19e02200c984a4f0d0cf94baa16c355ab52265f3dd281cac5bdd92f8ef9242efc087166:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100ed64ed48009962a92006b2ce803d0c5189e91ced727a841bc8c31e5d98d1a9b5022009f19b7df531fecde9b1303555d1ec29ba63a49ca1c439b6f48f46552d2d4bb4:922c64590222798bb761d5b6d8e72950
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://gtfobins.github.io/gtfobins/xargs/
|
||||
metadata:
|
||||
max-request: 3
|
||||
verified: true
|
||||
max-request: 3
|
||||
tags: code,linux,xargs,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -46,4 +46,4 @@ code:
|
|||
- 'contains(code_2_response, "root")'
|
||||
- 'contains(code_3_response, "root")'
|
||||
condition: or
|
||||
# digest: 490a0046304402205fac35cdd5142e3afd382d38b77be0b7105cfc23884e7ac5cbba8aa91cfc2bb002202b6c7ebae29c5c300052a85a39f3e30b71788d590bc40b797c1ee96c1f00f267:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022052f887093022e061b40da1eae5a8b4aa8a5f267dfd5f22db005a9076db73cc9a02210093f126e5d0229cf686f3c547dc3466e89afb2a7bf57bbeb790acf65376fcd047:922c64590222798bb761d5b6d8e72950
|
|
@ -7,8 +7,8 @@ info:
|
|||
reference:
|
||||
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-etc-shadow
|
||||
metadata:
|
||||
max-request: 2
|
||||
verified: true
|
||||
max-request: 2
|
||||
tags: code,linux,privesc,local
|
||||
|
||||
self-contained: true
|
||||
|
@ -42,4 +42,4 @@ code:
|
|||
words:
|
||||
- "Not readable and not writable"
|
||||
negative: true
|
||||
# digest: 490a004630440220516036fa8622068621421ac043a6fb20b6551a6ca3d7851726474cfff7e4d9f902205a1a9ce09b5827f39e2311e6716793a917e29383f5e4d4a4b9a56925afa68e61:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402206152b0b3fe7a164b5583cb921d799f47fdcf9f30da2c32cbbb7248aa7068a13102200b3f49d97a93659dc9f1b56c518921e7e3597478d55eddb1cfc6a76dd45cb968:922c64590222798bb761d5b6d8e72950
|
|
@ -1,5 +1,4 @@
|
|||
id: dns-rebinding
|
||||
|
||||
info:
|
||||
name: DNS Rebinding Attack
|
||||
author: ricardomaia
|
||||
|
@ -10,6 +9,8 @@ info:
|
|||
- https://capec.mitre.org/data/definitions/275.html
|
||||
- https://payatu.com/blog/dns-rebinding/
|
||||
- https://heimdalsecurity.com/blog/dns-rebinding/
|
||||
metadata:
|
||||
max-request: 2
|
||||
tags: redirect,dns,network
|
||||
|
||||
dns:
|
||||
|
@ -20,7 +21,7 @@ dns:
|
|||
- type: regex
|
||||
part: answer
|
||||
regex:
|
||||
- 'IN.*A.(\s)*(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})(127\.0\.0\.1|\b10\.\d{1,3}\.\d{1,3}\.\d{1,3}\b|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})$'
|
||||
- 'IN\s+A\s+(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})$'
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
|
@ -28,35 +29,22 @@ dns:
|
|||
name: IPv4
|
||||
group: 1
|
||||
regex:
|
||||
- 'IN.*A.(\s)*(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})(127\.0\.0\.1|\b10\.\d{1,3}\.\d{1,3}\.\d{1,3}\b|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})'
|
||||
- 'IN\s+A\s+(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})'
|
||||
|
||||
- name: "{{FQDN}}"
|
||||
type: AAAA
|
||||
matchers:
|
||||
# IPv6 Compressed
|
||||
# IPv6 Compressed and Full
|
||||
- type: regex
|
||||
part: answer
|
||||
regex:
|
||||
- "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{0,4}:){0,5}(:[0-9a-fA-F]{0,4}){1,2}(:)?)$"
|
||||
|
||||
# IPv6
|
||||
- type: regex
|
||||
part: answer
|
||||
regex:
|
||||
- "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{1,4}:){0,5}([0-9a-fA-F]{1,4}:){1,2}[0-9a-fA-F]{1,4})$"
|
||||
- "IN\\s+AAAA\\s+(fd[0-9a-fA-F]{2}(:[0-9a-fA-F]{0,4}){0,7})"
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: answer
|
||||
name: IPv6_Compressed
|
||||
name: IPv6_ULA
|
||||
group: 1
|
||||
regex:
|
||||
- "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{0,4}:){0,5}(:[0-9a-fA-F]{0,4}){1,2}(:)?)$"
|
||||
|
||||
- type: regex
|
||||
part: answer
|
||||
name: IPv6
|
||||
group: 1
|
||||
regex:
|
||||
- "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{1,4}:){0,5}([0-9a-fA-F]{1,4}:){1,2}[0-9a-fA-F]{1,4})$"
|
||||
# digest: 4a0a004730450221009a895344f0f4bf8d0444566a7a2392d2074708d88d29a0922ebb71935290785702200a338fe1517c225d45750b08f80f3a903cd5925a32c542b5559f0202173732be:922c64590222798bb761d5b6d8e72950
|
||||
- "IN\\s+AAAA\\s+(fd[0-9a-fA-F]{2}(:[0-9a-fA-F]{0,4}){0,7})"
|
||||
# digest: 4b0a00483046022100f31fd9369022bcafe6da846b246069391f1c22137b8024bb71905634ffa56673022100ea3679256b9518c8853b42432e216d4da6ff3e88ebee349b67e8e8ba7d8a13e1:922c64590222798bb761d5b6d8e72950
|
|
@ -1,4 +1,4 @@
|
|||
id: linkedin-client-id
|
||||
id: linkedin-id
|
||||
|
||||
info:
|
||||
name: Linkedin Client ID
|
||||
|
@ -13,4 +13,4 @@ file:
|
|||
- type: regex
|
||||
regex:
|
||||
- "(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}"
|
||||
# digest: 4a0a004730450220331335d5d455d18c7d9c53325bd405f4c3af22856d39f387f303fc93bbea1047022100e773cfaf03d6e40a9c7bed4c68de155acaa563c01f97dab67d1d89641bf8ec4e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220331335d5d455d18c7d9c53325bd405f4c3af22856d39f387f303fc93bbea1047022100e773cfaf03d6e40a9c7bed4c68de155acaa563c01f97dab67d1d89641bf8ec4e:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -20,7 +20,7 @@ info:
|
|||
cve-id: CVE-2018-25031
|
||||
cwe-id: CWE-20
|
||||
epss-score: 0.00265
|
||||
epss-percentile: 0.64105
|
||||
epss-percentile: 0.65414
|
||||
cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -30,7 +30,6 @@ info:
|
|||
shodan-query: http.component:"Swagger"
|
||||
fofa-query: icon_hash="-1180440057"
|
||||
tags: headless,cve,cve2018,swagger,xss,smartbear
|
||||
|
||||
headless:
|
||||
- steps:
|
||||
- args:
|
||||
|
@ -71,4 +70,4 @@ headless:
|
|||
words:
|
||||
- "swagger"
|
||||
case-insensitive: true
|
||||
# digest: 4a0a00473045022013f081ac9ee7ec2705ebf232439f9b18c17b162f4e3bfc4485638f324af817df022100e3e262210320011237b59f2a16f32a64e4ad8aba204a3c0f23a4ecda48368644:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220276c4920b8b15fde2802ab2d829106243bfa1d1b5eec02e3ea13925bb1a2367f022012c9b9cb6e5b2906f68da10c6d0aa5c7462f847f906fc82ae576ac26db37fbbb:922c64590222798bb761d5b6d8e72950
|
|
@ -20,8 +20,8 @@ info:
|
|||
cvss-score: 9.8
|
||||
cve-id: CVE-2014-6271
|
||||
cwe-id: CWE-78
|
||||
epss-score: 0.97564
|
||||
epss-percentile: 0.99999
|
||||
epss-score: 0.97559
|
||||
epss-percentile: 0.99997
|
||||
cpe: cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 8
|
||||
|
@ -58,4 +58,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502203c32ed699b5b5784b8f6eddd60a3c06b1a1c8dbefd3024f425307f8f793e0f64022100e4987775a712348ab69dbb368677664e21d2d753a3ba22ab15c2dcd0d426cf49:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022022d9c0adae74cdc979a9807c7b6c229b34bbaf77fdf9fb5edbd4263a3e3d939d022100bff54d932fc7f8bc11b979b2289b87a588833b45578f1945d5e8dc9a7021354b:922c64590222798bb761d5b6d8e72950
|
|
@ -21,7 +21,7 @@ info:
|
|||
cve-id: CVE-2014-8799
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.17844
|
||||
epss-percentile: 0.95686
|
||||
epss-percentile: 0.96002
|
||||
cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
@ -50,4 +50,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502206a7436cc97bf8ecebcb667d7af15dcf23669c6fe4558d8041af31eb305bc605e022100f724c31ae974833f30f077f071146f044c59dd077af802bcc254aaa7e7f82ee2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100c44ca338e0e27aef8473eed734aaf201ffdbd8635955e4b8e4cbfb37f596bd5802202fa69ab04ca34891ed8896145cbd8e1af1443228c1e766e1cc8f6591c0e74f45:922c64590222798bb761d5b6d8e72950
|
|
@ -20,8 +20,8 @@ info:
|
|||
cvss-score: 9.8
|
||||
cve-id: CVE-2018-17431
|
||||
cwe-id: CWE-287
|
||||
epss-score: 0.11315
|
||||
epss-percentile: 0.94677
|
||||
epss-score: 0.11416
|
||||
epss-percentile: 0.95073
|
||||
cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 2
|
||||
|
@ -50,4 +50,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502206e56a0d536dfc8d4ed10ae0505f2d2548b6c986854d0813c6e8185acc66756d9022100e74e57bbb9b04d2860f174d0f9effbef03a265a0ada954ea317f3fffa89a12ca:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100b58e1f2764198a04cdc831884ce49a67189b6a1988fcf7e27f9d82ed83cd2a3402206c36044d3ad9e30032c1e67d471ee256bb7602b09812ffc7830995d5808c7ff1:922c64590222798bb761d5b6d8e72950
|
|
@ -15,13 +15,14 @@ info:
|
|||
- https://wordpress.org/plugins/jsmol2wp/
|
||||
- https://github.com/sullo/advisory-archives/blob/master/wordpress-jsmol2wp-CVE-2018-20463-CVE-2018-20462.txt
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2018-20463
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
cve-id: CVE-2018-20463
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.01939
|
||||
epss-percentile: 0.87393
|
||||
epss-percentile: 0.88289
|
||||
cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -53,4 +54,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502205f9aeadd874f5fdf363e87acc0ec34f995e53677d28cbc33b27cf113d9de2b03022100c5b000d74f0180cb372d2dd355622f03e7cb2b5180ac3cb0e6f0660049f49dba:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a004830460221008b0f6a4e144ec0a4f5fb0f772930b5da535472e941723be6c675589ac426a8b5022100bef4cc125a636184009e644aeb5fa64c4a868c49d7c081e63409ed228515e3ed:922c64590222798bb761d5b6d8e72950
|
|
@ -20,8 +20,8 @@ info:
|
|||
cvss-score: 6.1
|
||||
cve-id: CVE-2020-24223
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.00976
|
||||
epss-percentile: 0.81758
|
||||
epss-score: 0.0069
|
||||
epss-percentile: 0.79602
|
||||
cpe: cpe:2.3:a:mara_cms_project:mara_cms:7.5:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
@ -49,4 +49,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100c973b82339421ec3089eac4ceee54851fb8db56c023e4110994b8c16b279307f022100ba5f5c61a9f8acb6755ba89ca34bb684ee60ac4e1e7c96f40f0688789b22e49a:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502203465eb756d9c1c2a642192e678566a419006885438b5721b7a8b54470650a994022100a3b09f8d55baad75a18b6eb7fab36fd7cf976201304457c717358dd7b6fa2862:922c64590222798bb761d5b6d8e72950
|
|
@ -14,13 +14,15 @@ info:
|
|||
- https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274
|
||||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21805
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-21805
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/ARPSyndicate/kenzer-templates
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2021-21805
|
||||
cwe-id: CWE-78
|
||||
epss-score: 0.97374
|
||||
epss-percentile: 0.99892
|
||||
epss-percentile: 0.99895
|
||||
cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -52,4 +54,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100f2a3e97b98df27aafb1f8001f577c595d1cbb4fed075db594314502fbf283bd602204b4e9e0d429dacbd3c7672f6fd16118bbc7e73d54077c27d333a19e89ac0f5db:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220239da739e577f078def3474254759fb447a0e1c7ae5e5c894fc15f3748b3752b022039afb1da09e145478b68a7981ab742ece2729a5f473a12d97e7c259b4bddafb6:922c64590222798bb761d5b6d8e72950
|
|
@ -21,7 +21,7 @@ info:
|
|||
cve-id: CVE-2021-22873
|
||||
cwe-id: CWE-601
|
||||
epss-score: 0.00922
|
||||
epss-percentile: 0.81209
|
||||
epss-percentile: 0.82474
|
||||
cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -49,4 +49,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
|
||||
# digest: 490a0046304402206825e5ab8251fc139a7b9f7ac5b06687ca56ae1e65ed767ca11c20c7930c7e1f02205a2f6d3c6d66a885a07cd69568accc9951b72dc883ed9cc1f62f561083da2e0c:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502201f562b389b6a5f97abaafe839123249c8bfc49d20d8cc12c06a61ee23b840795022100e4d6049c15f40c1564d2e55b52873ca91a7030a85feb7605ebf54ce291e513d5:922c64590222798bb761d5b6d8e72950
|
|
@ -6,26 +6,26 @@ info:
|
|||
severity: critical
|
||||
description: |
|
||||
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections.
|
||||
remediation: Fixed in 3.4.12
|
||||
reference:
|
||||
- https://wpscan.com/vulnerability/763c08a0-4b2b-4487-b91c-be6cc2b9322e/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-24849
|
||||
- https://wordpress.org/plugins/wc-multivendor-marketplace/
|
||||
remediation: Fixed in 3.4.12
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2021-24849
|
||||
cwe-id: CWE-89
|
||||
cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:*
|
||||
epss-score: 0.00199
|
||||
epss-percentile: 0.56492
|
||||
cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
vendor: wclovers
|
||||
product: frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible
|
||||
product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible"
|
||||
framework: wordpress
|
||||
publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace"
|
||||
verified: true
|
||||
max-request: 3
|
||||
vendor: wclovers
|
||||
tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,wpscan,sqli
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
@ -67,4 +67,4 @@ http:
|
|||
- 'contains(header, "application/json")'
|
||||
- 'contains(body, "success")'
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100ac9faa851954e06269fcb6c1d2c78475a2f575683ef8f476b96450a5671b359102205d7f4ea4de3b3c6db211c706adcd4be8f13de39a9098990f182b0f2008efc79a:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100ef54cd087054515b6ef2f1935d258ecea55b3abf384cd95798b8cd351a5f1fe90220070a59d1e5a3ab49e8fc248e2ddc238e33958d75f7b3cfc5700b5018b8116f82:922c64590222798bb761d5b6d8e72950
|
|
@ -18,8 +18,8 @@ info:
|
|||
cwe-id: CWE-22
|
||||
cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
shodan-query: title:"openSIS"
|
||||
shodan-query: "title:\"openSIS\""
|
||||
max-request: 2
|
||||
tags: cve,cve2021,lfi,os4ed,opensis,authenticated
|
||||
|
||||
http:
|
||||
|
@ -42,4 +42,4 @@ http:
|
|||
- 'contains(body_1, "openSIS")'
|
||||
- "status_code == 200"
|
||||
condition: and
|
||||
# digest: 490a004630440220206394b303ab92ce65590e2c61e6eb5e9914219a5a0651ae69009a3f224109ff02207e729d1c062d3bd2e445a39a036992cc281564407a764e7f7ced5f02879f1034:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100924b4c785059886c8131bde539e1106c1be30952a7fea88bd992cb9cc3e7aca202204c4c3c880b323df6c23378c766e00dd0222716aa49f384cbc8f4c37b7c9ab38f:922c64590222798bb761d5b6d8e72950
|
|
@ -21,7 +21,7 @@ info:
|
|||
cve-id: CVE-2022-0776
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.001
|
||||
epss-percentile: 0.40832
|
||||
epss-percentile: 0.40075
|
||||
cpe: cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:*
|
||||
metadata:
|
||||
vendor: revealjs
|
||||
|
@ -48,4 +48,4 @@ headless:
|
|||
part: extract
|
||||
words:
|
||||
- "true"
|
||||
# digest: 4a0a00473045022015776ab1f8ee5f7cbd078059bc34167a0b8ca0a11a1bda34723f7ec03d31b6c302210098d1c6a54ecbafb3158390aea2498590fe70df9d78d3266d388274859a641533:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100822f5151d594a59ff99bde533919eb403ddd05ab8d041ea5963a1c88f81d84320221008c8e17c078665f80ff1f6815e2f071996a8d9e4712b43e3bf775f0c2db3e0e12:922c64590222798bb761d5b6d8e72950
|
|
@ -22,7 +22,7 @@ info:
|
|||
cve-id: CVE-2022-26263
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.00147
|
||||
epss-percentile: 0.50638
|
||||
epss-percentile: 0.49633
|
||||
cpe: cpe:2.3:a:yonyou:u8\+:13.0:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -43,4 +43,4 @@ headless:
|
|||
- '<frame src="javascript:console.log(document.domain)"'
|
||||
- 'webhelp4.js'
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100a72f95b8648b73eb2e4cf2ea58e09902bdd87b68ed16d6258763f77029657162022064b391ae3ee631c189007bc15526ede89c3be32159ec215d129a1840544b297e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100c124eb614790888649b3ad794123f8a4d5127efb6b3dfcccc25a1431ae2dd660022100bdd24ef15743a8543fc37ed7a7e4a0399762873c6016d5cd6a811baa514a747d:922c64590222798bb761d5b6d8e72950
|
|
@ -22,7 +22,7 @@ info:
|
|||
cve-id: CVE-2022-30776
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.00112
|
||||
epss-percentile: 0.44504
|
||||
epss-percentile: 0.43631
|
||||
cpe: cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -52,4 +52,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502203171cb9a5a9125732f06bba74b71efc2e09ae7c92ad33bcca6e6356b5d541fe702210081422e4791a4a926b08807deffab9bf4cb8eab98c0f9897922d586b01218bf06:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502210098e7e92637618d4c3c5540938565842f9d2479c1b7a7ca9a9333b2e0bf64a29b022077e0d1d54bd671842a9ba69fdbad1ed67e8c6f085c3235fde69b2d9e18009833:922c64590222798bb761d5b6d8e72950
|
|
@ -6,28 +6,29 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
|
||||
impact: |
|
||||
An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches.
|
||||
remediation: |
|
||||
This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting mentioned in the support article.
|
||||
reference:
|
||||
- https://tenable.com/security/research/tra-2022-30
|
||||
- https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect
|
||||
- https://github.com/JoshuaMart/JoshuaMart
|
||||
impact: |
|
||||
An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches.
|
||||
remediation: |
|
||||
This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting mentioned in the support article.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.1
|
||||
cve-id: CVE-2022-38131
|
||||
cwe-id: CWE-601
|
||||
cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:*
|
||||
epss-score: 0.0006
|
||||
epss-percentile: 0.23591
|
||||
cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
product: connect
|
||||
shodan-query: "http.favicon.hash:217119619"
|
||||
fofa-query: "app=\"RStudio-Connect\""
|
||||
max-request: 1
|
||||
verified: true
|
||||
vendor: rstudio
|
||||
product: connect
|
||||
shodan-query: http.favicon.hash:217119619
|
||||
fofa-query: app="RStudio-Connect"
|
||||
tags: tenable,cve,cve2022,redirect,rstudio
|
||||
|
||||
http:
|
||||
|
@ -46,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 307
|
||||
# digest: 4a0a00473045022100e9632f43574d44779bc09a10a78cb6835cc4b0179a707b395efecda59dcb8b5402205a72129b99d873d786c6aa9062e142a0b02192b31aa930c1a234a6d61558b479:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100aed598584561fa1188599f4a3fa2ff5ae9149e94b624fef3be306a7a74429c3f02201c02b4ebc6bfa15076a56527dc53df6e0be1e5d7f890dbc1558b26e30d35059b:922c64590222798bb761d5b6d8e72950
|
|
@ -18,8 +18,8 @@ info:
|
|||
cvss-score: 7.5
|
||||
cve-id: CVE-2022-4140
|
||||
cwe-id: CWE-552
|
||||
epss-score: 0.01317
|
||||
epss-percentile: 0.84504
|
||||
epss-score: 0.00932
|
||||
epss-percentile: 0.82572
|
||||
cpe: cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -54,4 +54,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100c309f56d1bc6b8b3ad4aeedfea6624e9072d042193f145856563965410ce9e7c022100cc3f6acff92ea09cb461e67964a2e5973fbb82fdd391e5176e287a0be8c759c1:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402200691e9b2e104e67432ef4041648aca88eaa5a1fc58bbc764da8a0cf8240733da022015c0a0d07bcd6552d8c77f685c7c9bc595e3e7e9f3d8bf9b201968fcd4af75b4:922c64590222798bb761d5b6d8e72950
|
|
@ -17,7 +17,7 @@ info:
|
|||
cve-id: CVE-2023-0552
|
||||
cwe-id: CWE-601
|
||||
epss-score: 0.00086
|
||||
epss-percentile: 0.35637
|
||||
epss-percentile: 0.34914
|
||||
cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -38,4 +38,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$'
|
||||
# digest: 4a0a004730450221008eccfd0ecd7398b3566c5cfec47a5d3396899495831dabbee13a144918b2127e0220232a7e35aba58e28f2c38ac75f7f4558d7419e63c82e7b145dba6569f3e52fcf:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402201ab8dcd9693d8e9c7b7e3c2ac162de7610f21d7c3523e623a005ecdeababa57902203039fe388db8f4aef6c49c40a2cff545792484a6dda13261675b612810c874f9:922c64590222798bb761d5b6d8e72950
|
|
@ -22,7 +22,7 @@ info:
|
|||
cve-id: CVE-2023-26255
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.15138
|
||||
epss-percentile: 0.95348
|
||||
epss-percentile: 0.95663
|
||||
cpe: cpe:2.3:a:stagil:stagil_navigation:*:*:*:*:*:jira:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
@ -52,4 +52,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502203d3f6c5452e186ee057389d3819be8e0fb41db7582a366b90ee39072f3c7d77f022100a9a161043ec3d29f43d105a2fd562bb509c5f7b85392ff6516cb29dde828f5b9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450221009eff1cfcd9afb5c04d7b263baaf2ff4faf43631d4e6eaf033ca3c6b8fd85de5d022060065320c9d8eac58e06f71ddabfeaecb433875fa230c89a4015e129415c44f3:922c64590222798bb761d5b6d8e72950
|
|
@ -6,28 +6,29 @@ info:
|
|||
severity: critical
|
||||
description: |
|
||||
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site.
|
||||
remediation: |
|
||||
Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available.
|
||||
reference:
|
||||
- https://www.tenable.com/security/research/tra-2023-2
|
||||
- https://wordpress.org/plugins/gift-voucher/
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/JoshuaMart/JoshuaMart
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site.
|
||||
remediation: |
|
||||
Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2023-28662
|
||||
cwe-id: CWE-89
|
||||
cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:*
|
||||
epss-score: 0.00076
|
||||
epss-percentile: 0.31593
|
||||
cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
vendor: codemenschen
|
||||
product: gift_vouchers
|
||||
product: "gift_vouchers"
|
||||
framework: wordpress
|
||||
fofa-query: body="/wp-content/plugins/gift-voucher/"
|
||||
fofa-query: "body=\"/wp-content/plugins/gift-voucher/\""
|
||||
max-request: 2
|
||||
tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
@ -59,4 +60,4 @@ http:
|
|||
- status_code == 500
|
||||
- contains(body, 'critical error')
|
||||
condition: and
|
||||
# digest: 490a00463044022009c58d25fec3c30e1ad3887484383645315f8e71fe821a509bf323cff77eb615022072f0bfae8790782eb15f69313e0ba60c76e9b1431b1bd18cf6842ca56ad685a9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100897f4b8dcfa22ad10a9b4881331ba0166610d2d1f177506cf60e47094c3bfbea022100b256673611bdf13504dc6bf1875ba960441fb7f9bb60ec748474e98d2c76d3fc:922c64590222798bb761d5b6d8e72950
|
|
@ -13,13 +13,14 @@ info:
|
|||
- https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939
|
||||
- https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2023-32563
|
||||
- https://github.com/mayur-esh/vuln-liners
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2023-32563
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.43261
|
||||
epss-percentile: 0.97013
|
||||
epss-score: 0.42647
|
||||
epss-percentile: 0.97218
|
||||
cpe: cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 2
|
||||
|
@ -56,4 +57,4 @@ http:
|
|||
part: body_2
|
||||
words:
|
||||
- "CVE-2023-32563"
|
||||
# digest: 4b0a0048304602210095f0377361174bf0f18bb6b480904a01bad012dd184abcf963d328e084a7cf45022100aa4c0a0aad45a19e6fb8fd3dc956cc89ac088f8ed744c630eb9b9cd5d1ad38ee:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220277c51026fc6ee497604b9edf835b895ebb5f041702564b51386e1aff926cdd502206a64318799d865c7590bca991daf364669b8257fa8d74439d3aada9f801eb608:922c64590222798bb761d5b6d8e72950
|
|
@ -6,14 +6,14 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
users can execute code without authentication. An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable.
|
||||
remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability
|
||||
reference:
|
||||
- https://blog.qualys.com/product-tech/2023/12/08/opencms-unauthenticated-xxe-vulnerability-cve-2023-42344
|
||||
- https://labs.watchtowr.com/xxe-you-can-depend-on-me-opencms/
|
||||
remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
max-request: 2
|
||||
fofa-query: "OpenCms-9.5.3"
|
||||
verified: true
|
||||
tags: cve,cve2023,xxe,opencms
|
||||
|
||||
http:
|
||||
|
@ -36,4 +36,4 @@ http:
|
|||
- "root:.*:0:0:"
|
||||
- "invalidArgument"
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100927a1bd7a3c4f8af7b6989155be518f1259a6cdd15ba59dad7785280d7c5ec9702203e99452c03ab5e09e1ef1627473fb5a1ebe79a654ad369b1e2190145c98e9b32:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502207dccf8dee9a6e05f16f56533d13329cf5bb1cac34d72692fef62fd33077527e20221009e14b0264ffda37db9a79c357a04a6512985d7c64cc6157addf5246d2ec24d1e:922c64590222798bb761d5b6d8e72950
|
|
@ -16,8 +16,9 @@ info:
|
|||
cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
vendor: ivanti
|
||||
product: connect_secure
|
||||
shodan-query: html:"welcome.cgi?p=logo"
|
||||
product: "connect_secure"
|
||||
shodan-query: "html:\"welcome.cgi?p=logo\""
|
||||
max-request: 2
|
||||
tags: cve,cve2023,kev,auth-bypass,ivanti
|
||||
|
||||
http:
|
||||
|
@ -48,4 +49,4 @@ http:
|
|||
- 'contains(body_2, "block_message")'
|
||||
- 'contains(header_2, "application/json")'
|
||||
condition: and
|
||||
# digest: 490a0046304402204614c79e65441e3043a41452c64e73db844daaec0a04ff4ec5d9999c51825f83022077d76a1a7ab3b0ab8fb364824bfe94bcf6ad07ef3fc21736ac56399d12397a58:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402204ad3fa1c2d287f2d56aad453123f1b51f179ee3f12ab4a01a78e376c8d3de46b022044b7912e398ea01a9fb5d948d162710fb8ece66b2fc48b8a9c82b38568a12c03:922c64590222798bb761d5b6d8e72950
|
|
@ -14,14 +14,15 @@ info:
|
|||
cvss-score: 5.4
|
||||
cve-id: CVE-2023-52085
|
||||
cwe-id: CWE-22
|
||||
cpe: cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*
|
||||
epss-score: 0.00046
|
||||
epss-percentile: 0.12483
|
||||
cpe: cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
vendor: wintercms
|
||||
product: winter
|
||||
shodan-query: title:"Winter CMS"
|
||||
fofa-query: title="Winter CMS"
|
||||
shodan-query: "title:\"Winter CMS\""
|
||||
fofa-query: "title=\"Winter CMS\""
|
||||
max-request: 4
|
||||
tags: cve,cve2023,authenticated,lfi,wintercms
|
||||
|
||||
http:
|
||||
|
@ -68,4 +69,4 @@ http:
|
|||
regex:
|
||||
- '<input name="_token" type="hidden" value="([0-9a-zA-Z]{40})">'
|
||||
internal: true
|
||||
# digest: 490a0046304402205dc4e3489b8db4f6e587d569813f9eec4372432d2ed1350de8d8bc00c7d01a8d02207363f5db9a634f3a0973e7e364948a39da565ec0b5ea0f3ac1276c0fc7027331:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100edda67cd80bdd516aa4f6241fa72a9e1d6c1e240eb1d40d35ae9c44143ff025902206f496f8d850ad284d589527d8abd90bf13aa0414c007dad56d79ba9c57d33c59:922c64590222798bb761d5b6d8e72950
|
|
@ -6,25 +6,26 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
|
||||
remediation: |
|
||||
Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability.
|
||||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2023-6831
|
||||
- https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
|
||||
- https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314
|
||||
remediation: |
|
||||
Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
||||
cvss-score: 8.1
|
||||
cve-id: CVE-2023-6831
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.000460000
|
||||
epss-percentile: 0.126930000
|
||||
cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*
|
||||
epss-score: 0.00046
|
||||
epss-percentile: 0.12693
|
||||
metadata:
|
||||
verified: true
|
||||
vendor: lfprojects
|
||||
product: mlflow
|
||||
shodan-query: http.title:"mlflow"
|
||||
shodan-query: "http.title:\"mlflow\""
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: cve,cve2023,mlflow,pathtraversal,lfprojects
|
||||
|
||||
http:
|
||||
|
@ -58,4 +59,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 500
|
||||
# digest: 490a0046304402202e05b1ca433f0cc3ad8178fa3db634d613c180a5d76bd1907daf5a29b102f02f0220546c974febbb5121e3697cfc1e76620c450e31cee055c94cd0b25375648e38ba:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022032f829866528954cdb8ce1c5298787430b08b1d4550ab556b77f078e362da3e102207691a8b5b4639a9faf128176e590b98fc0841775bb6df00b97a7253772fe498a:922c64590222798bb761d5b6d8e72950
|
|
@ -6,24 +6,25 @@ info:
|
|||
severity: critical
|
||||
description: |
|
||||
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
|
||||
impact: |
|
||||
Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations.
|
||||
remediation: |
|
||||
To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0.
|
||||
reference:
|
||||
- https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2023-6909
|
||||
- https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
|
||||
impact: |
|
||||
Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations.
|
||||
remediation: |
|
||||
To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
|
||||
cvss-score: 9.3
|
||||
cve-id: CVE-2023-6909
|
||||
cwe-id: CWE-29
|
||||
metadata:
|
||||
max-request: 5
|
||||
verified: true
|
||||
vendor: lfprojects
|
||||
product: mlflow
|
||||
shodan-query: http.title:"mlflow"
|
||||
shodan-query: "http.title:\"mlflow\""
|
||||
tags: cve,cve2023,mlflow,lfi
|
||||
|
||||
http:
|
||||
|
@ -90,4 +91,4 @@ http:
|
|||
json:
|
||||
- '.run.info.run_id'
|
||||
internal: true
|
||||
# digest: 4a0a00473045022057cab29fe3d00006c6db44ac420a34cecdad60ef71ae6159d9d1870d61d97420022100cd6d7114a977b54c1190e1a9a7002626d05b41874dccf1e9e5d38cacc7082c6d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100dc4c33652fcf1a1d0dc29690ac81838de82d0c439cc405cb3b0296d4e10cb855022100b3a49f754395ee217ea12cc561be556cc6c3a8da3facee851d5f37fdbab72d61:922c64590222798bb761d5b6d8e72950
|
|
@ -15,14 +15,15 @@ info:
|
|||
cvss-score: 8.8
|
||||
cve-id: CVE-2024-0713
|
||||
cwe-id: CWE-434
|
||||
cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:*
|
||||
epss-score: 0.00061
|
||||
epss-percentile: 0.2356
|
||||
cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
vendor: monitorr
|
||||
product: monitorr
|
||||
verified: true
|
||||
fofa-query: icon_hash="-211006074"
|
||||
fofa-query: "icon_hash=\"-211006074\""
|
||||
max-request: 2
|
||||
tags: cve,cve2024,file-upload,intrusive,monitorr
|
||||
|
||||
variables:
|
||||
|
@ -66,4 +67,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502200e99cf7ecbba3a0c88653fc454cb5715d7085e0678ab470e4b7cfbf4dd198e8d022100e47a621b93eaabb8881e48cae80b9cc8c0596a437fc9b8ac0921a63beee74506:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402201b9bb4536c3d56e915516c2b0156629ce6f3689a312eddd8d0694b86aa144e1902203d8dccbcbba044b30e6fff72ceb7f66bf40a9bf6f3130c3f3b11b0ec3c30a863:922c64590222798bb761d5b6d8e72950
|
|
@ -6,17 +6,17 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component.
|
||||
reference:
|
||||
- https://github.com/getrebuild/rebuild
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2024-1021
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources.
|
||||
remediation: |
|
||||
Apply the latest security patches or updates provided by Rebuild to fix this vulnerability.
|
||||
reference:
|
||||
- https://github.com/getrebuild/rebuild
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2024-1021
|
||||
metadata:
|
||||
max-request: 1
|
||||
max-request: 2
|
||||
verified: true
|
||||
fofa-query: icon_hash="871154672"
|
||||
fofa-query: "icon_hash=\"871154672\""
|
||||
tags: cve2024,cve,rebuild,ssrf
|
||||
|
||||
http:
|
||||
|
@ -32,4 +32,4 @@ http:
|
|||
- '!contains(body_1, "<h1> Interactsh Server </h1>")'
|
||||
- 'status_code_2 == 200'
|
||||
condition: and
|
||||
# digest: 4a0a004730450220098225bea96b8668687e7dfe13e7567202130b05bf6e23cffcc70cb83386d700022100f078d24ac95ac54515557e84e1bc60404c9d6d59cfa0604f82e5d03baaf841e6:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220491492872c6924a820f6183de45c341dbc8838eec5bd79f241a7a8e007817a4d022100bcf486a787a7ac18c43f5a856e8edf8c68546b59012e7c096bbc48085b3ce175:922c64590222798bb761d5b6d8e72950
|
|
@ -6,14 +6,14 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site.
|
||||
remediation: |
|
||||
Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25.
|
||||
reference:
|
||||
- https://www.tenable.com/security/research/tra-2024-02
|
||||
- https://wordpress.org/plugins/html5-video-player
|
||||
- https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site.
|
||||
remediation: |
|
||||
Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
||||
cvss-score: 8.6
|
||||
|
@ -21,7 +21,8 @@ info:
|
|||
cwe-id: CWE-89
|
||||
metadata:
|
||||
verified: true
|
||||
fofa-query: '"wordpress" && body="html5-video-player"'
|
||||
fofa-query: "\"wordpress\" && body=\"html5-video-player\""
|
||||
max-request: 1
|
||||
tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player
|
||||
|
||||
http:
|
||||
|
@ -36,4 +37,4 @@ http:
|
|||
- 'contains(header, "application/json")'
|
||||
- 'contains_all(body, "created_at", "video_id")'
|
||||
condition: and
|
||||
# digest: 4b0a0048304602210082f5c18e0ac8422e532f5581f775dfd9a57d7c059cf6f41622d7a00306bfa3c6022100d0500ab738261efc3de306be7f8149c4a2f98b4c1560c26fe3617520ce9dd6e9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100fa33c5d3e6fdd93832d18b7feaeceaab7dc13294ca6117b62c0cf322a734e7d3022100bec7347a690ebaf2785ae5b325485392dbdb16005fd15b862aca9a8930646034:922c64590222798bb761d5b6d8e72950
|
|
@ -6,25 +6,26 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload.
|
||||
impact: |
|
||||
Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act.
|
||||
reference:
|
||||
- https://github.com/advisories/GHSA-ghmw-rwh8-6qmr
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2024-21645
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
impact: |
|
||||
Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
||||
cvss-score: 5.3
|
||||
cve-id: CVE-2024-21645
|
||||
cwe-id: CWE-74
|
||||
cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:*
|
||||
epss-score: 0.00046
|
||||
epss-percentile: 0.13723
|
||||
cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
vendor: pyload
|
||||
product: pyload
|
||||
shodan-query: title:"pyload"
|
||||
shodan-query: "title:\"pyload\""
|
||||
max-request: 2
|
||||
tags: cve,cve2024,pyload,authenticated,injection
|
||||
|
||||
variables:
|
||||
|
@ -59,4 +60,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100e4681bad6b75b2295f0256953d1d293a42d79e61b3607a307caf6cc5b040ccbb02201912657be888fe3a799ada24aaa1de05d3667731e84900bedb0e556a187f2dfc:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402203cbf3ae7a02a2a68165345f0bd855eb6ab923669c8d2aa78f2922e0baee747f702201104ac76e942d9f3bff9d59b6e4227e4d59ff27e41aeca67e1138508b572d5b9:922c64590222798bb761d5b6d8e72950
|
|
@ -18,8 +18,9 @@ info:
|
|||
cpe: cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*
|
||||
metadata:
|
||||
vendor: ivanti
|
||||
product: connect_secure
|
||||
product: "connect_secure"
|
||||
shodan-query: "html:\"welcome.cgi?p=logo\""
|
||||
max-request: 1
|
||||
tags: cve,cve2024,kev,ssrf,ivanti
|
||||
|
||||
http:
|
||||
|
@ -43,4 +44,4 @@ http:
|
|||
- '/dana-na/'
|
||||
- 'WriteCSS'
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100fefc6637185b28b4af8b503bdb7b89401fc591c34cb6082b20322ac0f1ad67c8022027e634cbc733ad699766de6d8eb8f22b6368d0b663cd28cbd957eaaf37f51838:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022031bba2e0349c9af3102196e00e85678ddbb51ba287e5d624558a50a3bbaa6be20221008a362ec4ef64ece7ab22636b902c72df49e1f72c519731e5c2eb22dec2db5c76:922c64590222798bb761d5b6d8e72950
|
|
@ -8,7 +8,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.0.1?topic=users-tutorial-getting-started-decision-center-business-console
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: title="Decision Center | Business Console"
|
||||
shodan-query: "title=\"Decision Center | Business Console\""
|
||||
max-request: 1
|
||||
tags: ibm,default-login,decision-center
|
||||
|
||||
http:
|
||||
|
@ -42,4 +43,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502205523a863445a05acb27e5d7ae6cb824465b467afcd5bf3f7f916c78ff4853b54022100f6e82a4f9f222831b97dcb7bf5d0a3410048123eface5f0840f9571b5c31ac2d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022016a80ca652cc1c45b3f6d4c92fce061f9fc9d9cb8d9cfe96626d34be23038086022100bc041f5982bff0cd5c6c76e96a375e3be9dcfdd433a205870a938cc378c23418:922c64590222798bb761d5b6d8e72950
|
|
@ -8,7 +8,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: html="Decision Center Enterprise console"
|
||||
shodan-query: "html=\"Decision Center Enterprise console\""
|
||||
max-request: 1
|
||||
tags: ibm,default-login,decision-center
|
||||
|
||||
http:
|
||||
|
@ -42,4 +43,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100f49bccdf778836b24be61c1c569daa47361ed0b8f9f3b1832055b5bc2a007f1502206ce043ef3f1813f97d2ff4376fadf94112238eed01bfb77c3d404179a8b760b4:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100eda449ebab75e6434f62e1e6ad214e7a3a4cbc01f47209e6f2367427fc73892f02202b8e060110bc0d3aed5fc0e773daa6416705f332e863b1f851a004b1364615be:922c64590222798bb761d5b6d8e72950
|
|
@ -8,7 +8,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.8.0?topic=center-overview-decision
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: title:"Rule Execution Server"
|
||||
shodan-query: "title:\"Rule Execution Server\""
|
||||
max-request: 1
|
||||
tags: ibm,default-login,decision-server
|
||||
|
||||
http:
|
||||
|
@ -43,4 +44,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100e2da7214e13a57c4441de262e1f4377d8decac405644528c512f6298514f47ac022100f1ac476ef1244aed60da4511ef21547cb5d7cbd6238124f45f040fadc6796b39:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220196e8fb1a9ddef98855c38f2719f3c5405d7c51e90772f82c6d35c0d7596cc06022100cc5faf04711e248eb7c4c8b2fd597c8346977de7602568861691790ec7a56b1b:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,45 @@
|
|||
id: imm-default-login
|
||||
|
||||
info:
|
||||
name: Integrated Management Module - Default Login
|
||||
author: jpg0mez
|
||||
severity: high
|
||||
description: |
|
||||
Integrated Management Module default login credentials were discovered.
|
||||
reference:
|
||||
- https://pubs.lenovo.com/x3650-m4/t_logging_web_interface
|
||||
- https://www.ibm.com/docs/en/tcs-service?topic=oip-logging-imm-web-interface
|
||||
classification:
|
||||
cwe-id: CWE-798
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
fofa-query: "integrated management module"
|
||||
shodan-query: html:"ibmdojo"
|
||||
tags: imm,ibm,default-login
|
||||
|
||||
http:
|
||||
- method: POST
|
||||
path:
|
||||
- "{{BaseURL}}/data/login"
|
||||
body: "user=USERID&password=PASSW0RD"
|
||||
|
||||
redirects: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<authResult>0</authResult>"
|
||||
- 'authResult":"0'
|
||||
condition: or
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "index-console.php"
|
||||
- "home.php"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402201d12ea2cf004fcd15a9a7a2d3986082c7bd2a2a7ad9523d89183c9586208c57a02206569360cb03dad0fbea7cf165d042bb73702d00f9eba0232f855974bf34e3f62:922c64590222798bb761d5b6d8e72950
|
|
@ -7,8 +7,9 @@ info:
|
|||
reference:
|
||||
- https://documentation.softwareag.com/
|
||||
metadata:
|
||||
shodan-query: "http.favicon.hash:-234335289"
|
||||
max-request: 5
|
||||
verified: true
|
||||
shodan-query: http.favicon.hash:-234335289
|
||||
tags: default-login,webmethod
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
@ -63,4 +64,4 @@ http:
|
|||
- Invalid credentials
|
||||
negative: true
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100c2ff9832495b567326f60a3290cab01226778deef5fb3b3cc77288024507dce7022035ca48f6387403fbaccecdec948c4473ce0e90f135fc8b17cc5c3c28c8d54d70:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220115d89c488b0862bb1273fe0b0298087afa5b74b011991ae1cebba5921795590022100a3bbc39dba847eadccd27ed89d597a41e3a4508393fae04c9c017f35f0b9db36:922c64590222798bb761d5b6d8e72950
|
|
@ -7,9 +7,9 @@ info:
|
|||
description: |
|
||||
A Cisco Unity Connection instance was detected.
|
||||
metadata:
|
||||
max-request: 1
|
||||
shodan-query: "html:\"Cisco Unity Connection\""
|
||||
max-request: 2
|
||||
verified: true
|
||||
shodan-query: html:"Cisco Unity Connection"
|
||||
tags: panel,cisco,unity,login,detect
|
||||
|
||||
http:
|
||||
|
@ -34,4 +34,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100b1511ab2c16490a2f975b2fd30864f88018c742c6626a0c64e3eb2618fc49268022100cf03b79efdd063e6993de7f99619d304eb5ee60478c860e34719be46169c8757:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022022e561912a02fb0baa91f246eebc3a05855972f2bab1224383889c1dfc20e20b02201a6bfd866f1ed3a945fb0c8a615a7b41244c13f0286921c37b72d89b08e95e70:922c64590222798bb761d5b6d8e72950
|
|
@ -1,20 +1,19 @@
|
|||
id: dockge-panel
|
||||
|
||||
info:
|
||||
name: Dockge Panel - Detect
|
||||
author: rxerium
|
||||
severity: info
|
||||
description: |
|
||||
A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager
|
||||
reference:
|
||||
- https://github.com/louislam/dockge
|
||||
- https://dockge.kuma.pet/
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
shodan-query: title:"Dockge"
|
||||
tags: panel,dockge,login
|
||||
|
||||
info:
|
||||
name: Dockge Panel - Detect
|
||||
author: rxerium
|
||||
severity: info
|
||||
description: |
|
||||
A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager
|
||||
reference:
|
||||
- https://github.com/louislam/dockge
|
||||
- https://dockge.kuma.pet/
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: "title:\"Dockge\""
|
||||
tags: panel,dockge,login
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
|
@ -32,4 +31,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402207b4b31e89b41d54ec47a046fbbfcff3b303e68aff67845ca51b890588d9c2f180220712c5d5677eb71010f6ec9f123f1f4a074bc531998dba39a0c8a287a7e5cf40d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502204b3172c4c1a24716f7a36595e882653be64ea2699acebc7150c9bb87487c4b7302210091e20d9ea7ba962951c9bd8836bb065e490b7c99eda7f2b34b8209c155ebd94b:922c64590222798bb761d5b6d8e72950
|
|
@ -5,12 +5,13 @@ info:
|
|||
author: righettod
|
||||
severity: info
|
||||
description: |
|
||||
EasyJOB login panel was detected.
|
||||
EasyJOB login panel was detected.
|
||||
reference:
|
||||
- https://www.en.because-software.com/software/easyjob/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Log in - easyJOB"
|
||||
shodan-query: "http.title:\"Log in - easyJOB\""
|
||||
max-request: 1
|
||||
tags: panel,easyjob,login
|
||||
|
||||
http:
|
||||
|
@ -31,4 +32,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- 'easyJOB\s+([0-9.]+)'
|
||||
# digest: 4a0a004730450220411982e48718601305b05a93c91be6a680ce993e5e110400b0dabbff753fe0bb02210091af5cbecc2fd766de347dad93c4a3e105a0d3f5a4a8f7a002bdb838c3bc2fad:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100f82e7fbb4c360cb536e24b99b8f65c91e8d46ebbc0f45a156d6074c154e202a402203334ffeaa0ca0e92f85d5ddcfd516f44ec9fbc55655b5351d2e193726e2b2248:922c64590222798bb761d5b6d8e72950
|
|
@ -7,12 +7,11 @@ info:
|
|||
description: GoAnywhere Managed File Transfer login panel was detected.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
shodan-query: "http.html:\"GoAnywhere Managed File Transfer\""
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: http.html:"GoAnywhere Managed File Transfer"
|
||||
max-request: 2
|
||||
tags: panel,goanywhere,login,filetransfer
|
||||
|
||||
http:
|
||||
|
@ -35,4 +34,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100947f00fcac2bdcc793453ed15706359afde89947675258107183adb0f5b622f7022100e9295654f6ab5e2e2c8f63f28b7e99923b92cca82532de2b9314927aecaf52c6:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502206418902cc87923995e4a87a3036d1a138bae03cb012fde34e44df55ce4504dac022100cac92b3dee719aff4f1d10544579c719236bf9dca63006ef5e0e0741aee209b2:922c64590222798bb761d5b6d8e72950
|
|
@ -11,7 +11,8 @@ info:
|
|||
vendor: gotify
|
||||
product: server
|
||||
verified: true
|
||||
shodan-query: http.title:"Gotify"
|
||||
shodan-query: "http.title:\"Gotify\""
|
||||
max-request: 1
|
||||
tags: panel,gotify,login,detect
|
||||
|
||||
http:
|
||||
|
@ -32,4 +33,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '"version":"([0-9.]+)"'
|
||||
# digest: 4b0a00483046022100c306600c5a3f75ebdbc6d89aeb4a9042c616f870d869819424686889a568b7880221008c14b6498f5d7f935e09fe01a8f4bda2c761f2692a59202766cb798135336ae9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402204ed0fc61c5fdaec5869843788c59849c687bfe8b39891df7eab06b029e516749022055341de709d14d202015b389e25139b06ed1398ab952f6a2a39cd2ecf6a343de:922c64590222798bb761d5b6d8e72950
|
|
@ -13,9 +13,9 @@ info:
|
|||
cvss-score: 5.3
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
max-request: 2
|
||||
vendor: grails
|
||||
product: grails
|
||||
max-request: 2
|
||||
tags: grails,panel
|
||||
|
||||
http:
|
||||
|
@ -34,4 +34,4 @@ http:
|
|||
words:
|
||||
- "Sorry, remote connections ('webAllowOthers') are disabled on this server"
|
||||
negative: true
|
||||
# digest: 4a0a0047304502204ea638d90bf728298450d4bf071d113ae80087d4e5001d971617212faf1e375c022100dac85d19d2f65956875f904ce9e025a55c229cae307af3e03fa7708c190b8ef6:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100f7857a61a4ccdef275c890a466396f0aef331e21c33e1ab4e86f6cd2c4f3c4a4022025d9b94b715dc2b8c625ba3a8111008a7f2039dd829d7b2bef2414ba73e51ced:922c64590222798bb761d5b6d8e72950
|
|
@ -9,7 +9,8 @@ info:
|
|||
- https://www.haivision.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Haivision Gateway"
|
||||
shodan-query: "http.title:\"Haivision Gateway\""
|
||||
max-request: 1
|
||||
tags: panel,haivision,login,detect
|
||||
|
||||
http:
|
||||
|
@ -23,4 +24,4 @@ http:
|
|||
- 'status_code == 200'
|
||||
- 'contains_any(body, "<title>Haivision Gateway", "content=\"Haivision Gateway")'
|
||||
condition: and
|
||||
# digest: 4b0a0048304602210086238eba9398bb797b00f86ef36db758f4962c0d8247070cf8b2554bdbc4b649022100c49ebd06f35893af713c00909b8f98abbae0f3ab6230d799ad0acf6147196e68:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402200b774f9123ccefe48635e129de64e264ee5b5b5882a63118c8e59935903bd895022057bd039a93248ba6b03b8c1078549b1e74b89f06fef7cc311d719dc909801370:922c64590222798bb761d5b6d8e72950
|
|
@ -1,17 +1,17 @@
|
|||
id: haivision-media-platform-panel
|
||||
|
||||
info:
|
||||
name: Haivision Media Platform Login Panel - Detect
|
||||
author: righettod
|
||||
severity: info
|
||||
description: Haivision Media Platform login panel was detected.
|
||||
reference:
|
||||
- https://www.haivision.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Haivision Media Platform"
|
||||
tags: panel,haivision,login,detect
|
||||
|
||||
info:
|
||||
name: Haivision Media Platform Login Panel - Detect
|
||||
author: righettod
|
||||
severity: info
|
||||
description: Haivision Media Platform login panel was detected.
|
||||
reference:
|
||||
- https://www.haivision.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: "http.title:\"Haivision Media Platform\""
|
||||
max-request: 1
|
||||
tags: panel,haivision,login,detect
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
|
@ -23,4 +23,4 @@ http:
|
|||
- 'status_code == 200'
|
||||
- 'contains_any(body, "<title>Haivision Media Platform", "content=\"Haivision Network Video")'
|
||||
condition: and
|
||||
# digest: 4a0a00473045022100852a82de658ce3156eed4bb9e4faf88dd4e709f258d2f188cd2aaa6f07d6e85a022079da3770440c2b448ce933600e28d1644f9a9747c3008c9e3b7f2d1f978f9e98:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402205b887d409f93bb8c6bca75ccede4fb4ede2c9c827e9b47af66ef16486efe5bed022013582e7154224d6596931d51c61ce2b4c11d03fc9682a4b29f4731c8cd797b21:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: html:"Decision Center Enterprise console"
|
||||
shodan-query: "html:\"Decision Center Enterprise console\""
|
||||
max-request: 1
|
||||
tags: panel,ibm,login,detect,decision-center
|
||||
|
||||
http:
|
||||
|
@ -30,4 +31,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c1586e66a4f5b442e8b98fc0197d38db06f862c0aa724aad823686560f8af3150220651109acecc6891e0802e326f21c5261822dbc69bee767c5e4eb04cd73c0026e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450221008667c30c6129e740f22587180d65bef7ea8c9bc5e42073143338ea019a73840d022004dfe32d460d9554f364fc00d8db42df22960b4dbfde97ec9101a158366ad22e:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.12.0?topic=overview-introducing-rule-execution-server
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: title:"Rule Execution Server"
|
||||
shodan-query: "title:\"Rule Execution Server\""
|
||||
max-request: 1
|
||||
tags: panel,ibm,login,detect,decision-server
|
||||
|
||||
http:
|
||||
|
@ -30,4 +31,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502204d00e79a36864310511d3945c877939d641c2eacd7d408a2786aa413851bacd0022100f12605169ab70c9beb895a8691d7cb6f2ca099f3c6bdc7ffe6c2f7b818010135:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100f8a6779c2c863e990a8f3761c1fbc8d9a2aac9c60e69c8feb80a9b48a5660cf102207f75f60642c2257b39595c992440af15edf913738771b226230ebd0d27350410:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,8 @@ info:
|
|||
- https://www.ibm.com/docs/en/odm/8.12.0
|
||||
metadata:
|
||||
verified: true
|
||||
fofa-query: title="Decision Center | Business Console"
|
||||
fofa-query: "title=\"Decision Center | Business Console\""
|
||||
max-request: 1
|
||||
tags: panel,ibm,login,detect,decision-center
|
||||
|
||||
http:
|
||||
|
@ -28,4 +29,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100d52dbff62d09aa1893a69601b6ebddcee476872b7bb74d935c4e313e8d76578e0220590a89cfb7fc87044c7c7dd5e7def60b1c02374a7671d2affc6a164a3045e4a8:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100b3e217aca2f0e7f4749d018a3aa54ce7d31b691b0feace4be2ea8945691b24a002210092adc4f4e4095474a2915ebe62b11db7981f79fe08a1ce086adc6ddfd2c7811a:922c64590222798bb761d5b6d8e72950
|
|
@ -10,10 +10,10 @@ info:
|
|||
- https://www.ivanti.com/products/connect-secure-vpn
|
||||
metadata:
|
||||
vendor: ivanti
|
||||
product: connect_secure
|
||||
product: "connect_secure"
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: title:"Ivanti Connect Secure"
|
||||
max-request: 2
|
||||
shodan-query: "title:\"Ivanti Connect Secure\""
|
||||
tags: panel,connectsecure,login
|
||||
|
||||
http:
|
||||
|
@ -35,4 +35,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100d585f9e252400d8b89e35a904465bc72b1832386ab12f0554abcefd5a8be293e02202a923fe7c0fc9e7ee34ae5f72b28a5683ab136b9a664779fc942b61847b84a52:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100c4feca263103f90d4e4077e98702f3dd3dbf5c455ecfb5ed45115b96ad11372c022100ba71de0184707063914de8dee85d4e4930735f2609448a0470e38c0198003b7a:922c64590222798bb761d5b6d8e72950
|
|
@ -10,12 +10,11 @@ info:
|
|||
- https://www.juniper.net/documentation/us/en/software/jweb-ex/jweb-ex-application-package/topics/concept/ex-series-j-web-interface-overview.html
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0.0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
max-request: 2
|
||||
max-request: 1
|
||||
verified: true
|
||||
shodan-query: http.title:"Juniper Web Device Manager"
|
||||
shodan-query: "http.title:\"Juniper Web Device Manager\""
|
||||
tags: panel,juniper,vpn,login
|
||||
|
||||
http:
|
||||
|
@ -43,4 +42,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- 'var modelphpStr = "(.*?)";'
|
||||
# digest: 4b0a00483046022100fc6761f1e20dc648ed664ad95d12ebbf947321c37644528bc30edc2a7bc4918d0221009f32657ac7c105b55a5dbe72bb6f2d59f11c4f73563b60a96c5153f99d25b636:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502205ca23f303d8fa1ef26270300c55737695329a18b419a0eaa9c633ec3d476a6b902210089ea66b95ddb52fa15accc8bebc0824d44dc509c97674017cf72d1a0ba8c0997:922c64590222798bb761d5b6d8e72950
|
|
@ -10,13 +10,12 @@ info:
|
|||
- https://github.com/provectus/kafka-ui
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
vendor: provectus
|
||||
product: ui
|
||||
platform: kafka
|
||||
max-request: 1
|
||||
max-request: 2
|
||||
tags: panel,kafka,apache,detect
|
||||
|
||||
http:
|
||||
|
@ -45,4 +44,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '"v([0-9.]+)"'
|
||||
# digest: 490a004630440220120fd70d830d5673b6694bc74d5d5cdd0f17420aba4ae2000532dbcb795c6584022001816294148c66bde9fe384d304fd6f1b4bbedafc160454c3f9e0b5183f4e601:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502210091554843ef5d12adad3dd9e9d9ba5b82adc7a34ba448aaf4e12449bad284693e022034ed2d535005bac5972abee730948bb14439734f919d1b516f886b50ff402038:922c64590222798bb761d5b6d8e72950
|
|
@ -9,7 +9,8 @@ info:
|
|||
- https://kopano.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Kopano WebApp"
|
||||
shodan-query: "http.title:\"Kopano WebApp\""
|
||||
max-request: 1
|
||||
tags: panel,kopano,login,detect
|
||||
|
||||
http:
|
||||
|
@ -33,4 +34,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '\?kv([0-9.]+)"'
|
||||
# digest: 4a0a0047304502205ae240e238fffb87a0154ac0e19299328e5fd7f4e02f7cd8b5e0c74e304c8166022100ec2e323a3aa419e061a0504a4864efde49aa02f6272eb5b8c511960367a042e1:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220499c97ef6976f50be4391e8eeb0ddfeb3fcbe37bec5a7fe24d71c473e6b3d673022070949daf15a245428269d09199e9f2377b400261229944d98137f800b4e0f3a8:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,8 @@ info:
|
|||
- https://github.com/linagora/linshare
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"LinShare"
|
||||
shodan-query: "http.title:\"LinShare\""
|
||||
max-request: 3
|
||||
tags: panel,linshare,login,detect
|
||||
|
||||
http:
|
||||
|
@ -30,4 +31,4 @@ http:
|
|||
- 'status_code == 200'
|
||||
- 'contains_any(body, "<title>LinShare", "x-ng-app=\"linshareAdminApp")'
|
||||
condition: and
|
||||
# digest: 4a0a0047304502207dcbdcd3215abf97fd2c12ef382bf488ddfa0f31ff0f717491fd3b0bf6bd9368022100b838aab3468abf4fe5755bfdb54b4a238263bda36c0ea794d661efa2b18880f8:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100ca5993c797cf75bbaa9653d71b58a8c69d527adaceac8589f0e96b9e49c8d38f02207eac6b0a379abc14b4907532c15a5ad9f9f62ef6b0852286904753a93af8019c:922c64590222798bb761d5b6d8e72950
|
|
@ -8,8 +8,8 @@ info:
|
|||
vendor: odoo
|
||||
product: odoo
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: title:"Odoo"
|
||||
max-request: 2
|
||||
shodan-query: "title:\"Odoo\""
|
||||
tags: login,panel,odoo
|
||||
|
||||
http:
|
||||
|
@ -45,4 +45,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a004630440220707a0ae00d1082eab525a8dd1c86273d1a6d36c87ccc41367ec1d472f295d59702204b2823224a468e81d9b3eeee82d9007b0b600f36a1f6e6380a9e19d89c1f4673:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202c94e6e7ce327a1d5e088428410c9e0bb977cfd163434b7a8e449af58b032a9c0221009dbebd38cac6453fb54b396854eae6bcef87f5f70980bf2b82610cfb98fdcb54:922c64590222798bb761d5b6d8e72950
|
|
@ -1,18 +1,18 @@
|
|||
id: passbolt-panel
|
||||
|
||||
info:
|
||||
name: Passbolt Login Panel
|
||||
author: righettod
|
||||
severity: info
|
||||
description: |
|
||||
Passbolt login panel was detected.
|
||||
reference:
|
||||
- https://www.passbolt.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Passbolt | Open source password manager for teams"
|
||||
tags: panel,passbolt,login
|
||||
|
||||
info:
|
||||
name: Passbolt Login Panel
|
||||
author: righettod
|
||||
severity: info
|
||||
description: |
|
||||
Passbolt login panel was detected.
|
||||
reference:
|
||||
- https://www.passbolt.com/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: "http.title:\"Passbolt | Open source password manager for teams\""
|
||||
max-request: 1
|
||||
tags: panel,passbolt,login
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
|
@ -31,4 +31,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '(?i)v=([0-9a-z.-]+)'
|
||||
# digest: 4b0a00483046022100cd46bf88248b5f3ddfbaf30d8f17602a0168b6080418f686067b8482f9b37b570221008b497e1c5529c20f6202974940db3d83ca0be3737bab1799bd727c314e17a142:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402207f1b9037354038919a4460781c2f126b5ca46c7d67c0af2aa6f9653d51573ce2022048ad39d72b06d3603428ca396cf315280273241fbf01fe026e55d2d9f9a4f964:922c64590222798bb761d5b6d8e72950
|
|
@ -7,13 +7,12 @@ info:
|
|||
description: phpMyAdmin panel was detected.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
shodan-query: "http.title:phpMyAdmin"
|
||||
vendor: phpmyadmin
|
||||
product: phpmyadmin
|
||||
max-request: 12
|
||||
shodan-query: http.title:phpMyAdmin
|
||||
max-request: 13
|
||||
tags: panel,phpmyadmin
|
||||
|
||||
http:
|
||||
|
@ -46,4 +45,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- 'v=([a-z0-9-._]+)'
|
||||
# digest: 490a0046304402203073d075e05bc85ce417b3db20f3c9b6c7a32c22768f7ad39c75ffa91712bb4d022006c2a3c1552f7209c345f11c66087db13eef087aff98dead27a5c4a6f0fa4f54:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402205a7d1860670db2b7c7fe2c51ee5bca11729bf56ee88e3194b9f7cb90959a3ad10220664c394c6cca2ebeceb2166bc8a9d4c78b949ac13ebd420bc441fc7a22adc6af:922c64590222798bb761d5b6d8e72950
|
|
@ -7,14 +7,13 @@ info:
|
|||
description: Proofpoint Protection Server panel was detected.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
product: "proofpoint protection server"
|
||||
shodan-query: "http.favicon.hash:942678640"
|
||||
verified: true
|
||||
max-request: 1
|
||||
max-request: 2
|
||||
vendor: proofpoint
|
||||
product: proofpoint protection server
|
||||
shodan-query: http.favicon.hash:942678640
|
||||
tags: panel,proofpoint,login,detect
|
||||
|
||||
http:
|
||||
|
@ -41,4 +40,4 @@ http:
|
|||
part: header
|
||||
words:
|
||||
- 'PPSAUTH='
|
||||
# digest: 4a0a00473045022100da651ce3e96c872c09b0efeb7f24ce435691efb6047687fa2f980969c7d32add02206cedee1a6d93fb48ac0d8c6a50883823566a3fdc0b0946e3a3d17921b76ed292:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100a1b58b379feb7b3d65301bdfd4395652cad8294c5edae415ecc4d47669e3ad1a02207e32ff2739b36c0e05a467df6fbef59f1ef6c6383b4ec9a75dbc21729f14efae:922c64590222798bb761d5b6d8e72950
|
|
@ -5,9 +5,9 @@ info:
|
|||
author: dadevel
|
||||
severity: info
|
||||
metadata:
|
||||
max-request: 2
|
||||
vendor: pulsesecure
|
||||
product: pulse_connect_secure
|
||||
max-request: 2
|
||||
tags: pulse,panel
|
||||
|
||||
http:
|
||||
|
@ -40,4 +40,4 @@ http:
|
|||
part: body
|
||||
regex:
|
||||
- "(?i)<string>([^<]+)</string>"
|
||||
# digest: 4a0a0047304502203aa1cb77ba86704bad2c198c7fbf07c028f96dfe80cb8d6860fbec949ba9b314022100dbe4fbc3fd5b5fb9a25b9f45063a4c986bbe786b109f9356b2da46be1eb8b4af:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100f823e5c127aced792ff96e8e9214476b414af4e1353f299d1e59d51b537e6fd3022100b1c6a628c41e09ad48d649a5dca0b9f6051955009d9de2338a4237d51322544b:922c64590222798bb761d5b6d8e72950
|
|
@ -9,7 +9,8 @@ info:
|
|||
- https://www.rocket.chat/
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: http.title:"Rocket.Chat"
|
||||
shodan-query: "http.title:\"Rocket.Chat\""
|
||||
max-request: 1
|
||||
tags: panel,rocketchat,login,detect
|
||||
|
||||
http:
|
||||
|
@ -25,4 +26,4 @@ http:
|
|||
- 'status_code == 200'
|
||||
- 'contains_any(body, "<title>Rocket.Chat", "content=\"Rocket.Chat")'
|
||||
condition: and
|
||||
# digest: 490a00463044022012e5cbbf245707dd32c566958b4c6fa7a07f06f418139ec7a81026c1f90de09a0220096635ca065674713ac77f3b305157cbfba0635b3f6e7d7da94cf8ed3f1ac1e7:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220213f92e33c7b93bd760a281dff3427b796dcb4eed73ed550941fb16abddd89180220080a30ead625b8491cb47333aff0f5d45158897773064a2aeb1baddffe94683a:922c64590222798bb761d5b6d8e72950
|
|
@ -5,14 +5,15 @@ info:
|
|||
author: righettod
|
||||
severity: info
|
||||
description: |
|
||||
Sentry login panel was detected.
|
||||
Sentry login panel was detected.
|
||||
reference:
|
||||
- https://sentry.io/
|
||||
metadata:
|
||||
vendor: sentry
|
||||
product: sentry
|
||||
verified: true
|
||||
shodan-query: http.title:"Login | Sentry"
|
||||
shodan-query: "http.title:\"Login | Sentry\""
|
||||
max-request: 1
|
||||
tags: panel,sentry,login
|
||||
|
||||
http:
|
||||
|
@ -36,4 +37,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '(?i)"current":\s*"([0-9a-z.-]+)"'
|
||||
# digest: 4b0a00483046022100bc11bbc2da0eeaaeb02cfdf576e886aaad2dbc0fbf346c43f5d8242aafd24ac102210087c344fb3a27ea65932c1a1adbd8ede83fcc91914d7c39027ae096ec8cd72ac0:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100b04d058d31690931f321b078a2ac12a98dbfae03861caadbc878766143783e2902207291a26d57c10aaa7dfedba3b543e898aa150509733c646e144fcd58a5758175:922c64590222798bb761d5b6d8e72950
|
|
@ -9,10 +9,10 @@ info:
|
|||
reference:
|
||||
- https://www.truenas.com
|
||||
metadata:
|
||||
vendor: ixsystems
|
||||
product: truenas
|
||||
verified: true
|
||||
max-request: 1
|
||||
vendor: ixsystems
|
||||
product: truenas
|
||||
shodan-query: html:"TrueNAS"
|
||||
tags: login,panel,truenas
|
||||
|
||||
|
@ -33,4 +33,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100dd1d5fd20c54a80d0f7d2631323b4434a2da43d683ca143da2f976cf8ab372d702201c583fae3cb0276990d9ad033e8461d795c1c7eba84d733b30cb0b2a45e60d26:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100ece185971ecd556127979d86bf7200c50f67dfaf61bb545570d1df063fd788a2022100ddaefbef6ccd73cfd9d33ba6612bfab01cd89d1c688769cc5159cfee1588d464:922c64590222798bb761d5b6d8e72950
|
|
@ -5,11 +5,12 @@ info:
|
|||
author: righettod
|
||||
severity: info
|
||||
description: |
|
||||
Vista Web login panel was detected.
|
||||
Vista Web login panel was detected.
|
||||
reference:
|
||||
- https://resa.aero/solutions-operations-facturation/vista-web/
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
tags: panel,vistaweb,login
|
||||
|
||||
http:
|
||||
|
@ -30,4 +31,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- 'v=([0-9.]+)'
|
||||
# digest: 4b0a004830460221009afbf2bd9a3f5bfffe7e6d92b5b3f4423102532bd1114541c5258759f24bc380022100e1677ad6b53c0e42ddb24ee59efd95a0682281006b56d46e0fb15a195598ffda:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100e75b80b7677ce3d46ea55b865e0c89ab12384a99ff0b565ec6e4dd49f1090a3102207c7e6629206f24058e677de683d5e3a191e9b14095a37db1469d6bfe1d00ac7b:922c64590222798bb761d5b6d8e72950
|
|
@ -10,9 +10,9 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
max-request: 59
|
||||
shodan-query: "http.title:\"swagger\""
|
||||
verified: true
|
||||
max-request: 57
|
||||
shodan-query: http.title:"swagger"
|
||||
tags: exposure,api,swagger
|
||||
|
||||
http:
|
||||
|
@ -105,4 +105,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- " @version (v[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})"
|
||||
# digest: 4a0a00473045022100d3639a8b44e797aa3fc7cca0bb5778f14f0d9d59ab15483940be419fa21321fa02204cbbcd636969871ac6d8cea4cb7aada40b6938b1f3314f3c235d4a80a1550bbd:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220699b1c75442a856dcd0637850a4464835dd00335e1ec2f4345bebd359e25f9af022100e79a9981d9c1330730d4f4b9fe6a2785c38be6e2ee9ad19f1df3d38694a5f97d:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,7 @@ info:
|
|||
cvss-score: 5.3
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
max-request: 1440
|
||||
max-request: 1305
|
||||
tags: exposure,backup
|
||||
|
||||
http:
|
||||
|
@ -127,4 +127,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450221009e9e29e2bc6fa477a5ef35e682ed0677d6cd6457e0516add7ba7b3657dea242c0220573cc11dd5d3c17b8bb3226a23ac6bfa501b1c7f5e337c1fdfe79e581abadeb9:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100a51f2952c9c24769da7d9ad5fa3f8ad2c01a800385052b494e5cf8b8cd2b0b2002210086e92de1a4bcde1fb7758917220ed3470e42201e239106f349d60c0e28d6452b:922c64590222798bb761d5b6d8e72950
|
|
@ -8,10 +8,9 @@ info:
|
|||
reference: https://www.awstats.org/docs/awstats_setup.html
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
max-request: 3
|
||||
max-request: 4
|
||||
tags: config,exposure,awstats
|
||||
|
||||
http:
|
||||
|
@ -36,4 +35,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100a1d5304bdbe5718f9bb640888a5db388a5558f54e61dd1b5154393c62febb940022100a7d26343bf553aacbf42a7d583dc4bb2d4222a7fe0d08eae43078c91e82029f2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220627e9e39ded451b53e2044aebb66514409fa81010ab0676b9ac36403755c30110221009aeb142c34946a6588ea2a98ebfece9603c77169ee688104cc8e6408be7b3c0d:922c64590222798bb761d5b6d8e72950
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/roundcube-log-disclosure.json
|
||||
metadata:
|
||||
max-request: 12
|
||||
max-request: 16
|
||||
tags: exposure,logs
|
||||
|
||||
http:
|
||||
|
@ -57,4 +57,4 @@ http:
|
|||
- type: dsl
|
||||
dsl:
|
||||
- content_length
|
||||
# digest: 4a0a0047304502210092febbf3f9906523788e68550f93dd10480ff15eb53ab20a8c452c482c7cd380022061f77b2b8a8ae9439fe60c5d02731b99246b700d7d38cac9608bced9885ba4a3:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100f29f0edc0fd1c21ddc672864cdd1b0e8f9b6bf2fd245e63e3a18e009f87dda4802210094fc7c7162920f3d1b9a810729c4ac860b27bb6b73a4fe837009758cf4ee4fae:922c64590222798bb761d5b6d8e72950
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: 0xcrypto
|
||||
severity: info
|
||||
metadata:
|
||||
max-request: 98135
|
||||
max-request: 100563
|
||||
tags: fuzzing,bruteforce,wordpress
|
||||
|
||||
http:
|
||||
|
@ -35,4 +35,4 @@ http:
|
|||
regex:
|
||||
- "===\\s(.*)\\s===" # extract the plugin name
|
||||
- "(?m)Stable tag: ([0-9.]+)" # extract the plugin version
|
||||
# digest: 4b0a00483046022100bc606e0746f263229a02d000cd84aafb581fcdf5d93f151e4de17e328f47291b022100a600a40ce1fbd7cab94ccc994cd355edf9dc15ed337d21d28b414705b5324161:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022011ffc9134eaa01b62eddcdbbc33af59e33613478dd206665d9f12d60ea4fe114022100a6845b777b51f0d3959d009a91f612b73b13c9a5dc6fe6d058bd37994d64fe6a:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,40 @@
|
|||
id: cloudflare-rocketloader-htmli
|
||||
|
||||
info:
|
||||
name: Cloudflare Rocket Loader - HTML Injection
|
||||
author: j3ssie
|
||||
severity: low
|
||||
description: |
|
||||
The Rocket Loader feature in Cloudflare allow attackers to inject arbitrary HTML into the website. This can be used to perform various attacks such as phishing, defacement, etc.
|
||||
reference:
|
||||
- https://developers.cloudflare.com/speed/optimization/content/rocket-loader/enable/
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
tags: misconfig,cloudflare,htmli
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/cdn-cgi/image/width=1000,format=auto/https://raw.githubusercontent.com/simple-icons/simple-icons/develop/icons/cloudflare.svg"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- 'Cloudflare'
|
||||
- '<svg'
|
||||
- 'M16.5088 16.8447c.1475-.5068.0908-.9707-.1553-1.3154-.2246-.3164-.6045-.499-1.0615-.5205l-'
|
||||
- '1475.5068-.0918.9707.1543 1.3164.2256.3164.6055.498'
|
||||
condition: and
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- 'image/svg+xml'
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502203f1f9450ea215136ca621ee9dbedce3ae4455abcc8dd73db23c5e0cdde586076022100f02e51d462db656b75f00a878d4608aed164f4cc5492a86cb73fd88a1665a085:922c64590222798bb761d5b6d8e72950
|
|
@ -10,8 +10,9 @@ info:
|
|||
- https://github.com/thewhiteh4t/killcast/blob/ee81cfa03c963d47d3335770fcea2ca48bddeabf/killcast.py#L100C25-L100C43
|
||||
- https://rithvikvibhu.github.io/GHLocalApi/#section/Google-Home-Local-API/Authentication
|
||||
metadata:
|
||||
shodan-query: "Chromecast"
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: Chromecast
|
||||
tags: google,chromecast,detect
|
||||
|
||||
http:
|
||||
|
@ -32,4 +33,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450221009d996dd528a6470315f3ef08c7de657ec6203185d235eb7877324aeb51c17c29022078f0723a1a04cc66cea30f0a15c736c5701e1062d0d40436d5f177e847865396:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502206c214513406d47d4e688761e11149e983c02c3e47bdfa1f4d01fab2aa15ff11d0221009b017586aea846fc0befea354637be19778ec8c58b0fb2c49e2f28e65855dc2a:922c64590222798bb761d5b6d8e72950
|
|
@ -10,7 +10,8 @@ info:
|
|||
- https://www.ibm.com/products/operational-decision-manager
|
||||
metadata:
|
||||
verified: true
|
||||
fofa-query: icon_hash="707491698"
|
||||
fofa-query: "icon_hash=\"707491698\""
|
||||
max-request: 1
|
||||
tags: ibm,decision-center,tech,detect
|
||||
|
||||
http:
|
||||
|
@ -28,4 +29,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100a59aa313dd5de76ccd37ff23f84ea70c006cf6902d856db566f35dd35a4091250221008aa670d5443398d03af2bd250cf3d43d379ff8c32783e9f9de3bb9c7af63ad0e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220145ded2786c1d6f03455e511dd78e011fec59080659837fcc214ab4d5fa13b930220173f1a21d9016bd6415376e6b6963b1964e29cc705c87c6b10ee14d6f0eeb176:922c64590222798bb761d5b6d8e72950
|
|
@ -6,9 +6,9 @@ info:
|
|||
severity: info
|
||||
description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/
|
||||
metadata:
|
||||
max-request: 1
|
||||
shodan-query: html:"Lucee"
|
||||
fofa-query: app="Lucee-Engine"
|
||||
max-request: 2
|
||||
shodan-query: "html:\"Lucee\""
|
||||
fofa-query: "app=\"Lucee-Engine\""
|
||||
tags: tech,lucee
|
||||
|
||||
http:
|
||||
|
@ -32,4 +32,4 @@ http:
|
|||
part: body
|
||||
words:
|
||||
- "Lucee Function Reference"
|
||||
# digest: 4b0a004830460221009cbb7989d4159df62b80311c4b24621afd93f9f1c267f67d5d9992aa4f746d88022100eaf1f5b6e10de1cad3a3355357d159832bc74ca148707f7e1d870d9f584eaadf:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022075f26792907c6d74be5f38bbe41be081199595519e306502ecd4bdfee409f2f7022100b02b3b2ac7b94271edb6835e15e0b302f6270605125e9312412d075effba137d:922c64590222798bb761d5b6d8e72950
|
|
@ -7,9 +7,9 @@ info:
|
|||
reference:
|
||||
- https://github.com/wy876/POC/blob/main/%E5%A4%A7%E5%8D%8E%E6%99%BA%E6%85%A7%E5%9B%AD%E5%8C%BA%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0bitmap%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="dahua-智慧园区综合管理平台"
|
||||
fofa-query: "app=\"dahua-智慧园区综合管理平台\""
|
||||
verified: true
|
||||
max-request: 2
|
||||
tags: dahua,file-upload,rce,intrusive
|
||||
|
||||
variables:
|
||||
|
@ -52,4 +52,4 @@ http:
|
|||
- type: word
|
||||
words:
|
||||
- '{{base64_decode(cmd)}}'
|
||||
# digest: 4a0a00473045022009c46747d650cd806bef81cb8b51b52e3c3a94a7cbb6fbb72beade04a7678dec022100c4fcafe37da8546deda019b41760816d1192f34ff4d3360004be40b77df0ba92:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450221008c4101e68960b20bdad91dc8e4d8edf035a1ca8a553743675b01f8066845822302207ae43e513af6df97734ecf94b9d11bd42601908eab43645c75dc5a823a18fcee:922c64590222798bb761d5b6d8e72950
|
|
@ -10,8 +10,8 @@ info:
|
|||
cvss-score: 7.2
|
||||
cwe-id: CWE-79
|
||||
metadata:
|
||||
max-request: 3
|
||||
parameters: q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p,month,page_id,password,terms,token,type,unsubscribe_token,api,api_key,begindate,callback,categoryid,csrf_token,email,emailto,enddate,immagine,item,jsonp,l,lang,list_type,year
|
||||
max-request: 29
|
||||
parameters: "q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p,month,page_id,password,terms,token,type,unsubscribe_token,api,api_key,begindate,callback,categoryid,csrf_token,email,emailto,enddate,immagine,item,jsonp,l,lang,list_type,year"
|
||||
tags: xss,generic,fuzz
|
||||
|
||||
http:
|
||||
|
@ -74,4 +74,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100a7b920830c1fe829ec26cb2a2c505a3b1b801f637d99d185f080fe0a9a17aa9502202ae7e3e6f0316b1ce7a02f6f61c51736d4ae6d6961922122207011be90b6f860:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220422fa88099c081d3188fb7d1e5615710b29e2f5ec74a4daccf72f1faa714fcda02210093290ee6f988d9ad886291b9c801bbdd358e83fdcdd779ecbf65413328fc6d0d:922c64590222798bb761d5b6d8e72950
|
|
@ -12,8 +12,8 @@ info:
|
|||
cvss-score: 6.1
|
||||
cwe-id: CWE-601
|
||||
metadata:
|
||||
max-request: 12
|
||||
shodan-query: html:"/bitrix/"
|
||||
max-request: 14
|
||||
shodan-query: "html:\"/bitrix/\""
|
||||
tags: redirect,bitrix,packetstorm
|
||||
|
||||
http:
|
||||
|
@ -48,4 +48,4 @@ http:
|
|||
status:
|
||||
- 302
|
||||
- 301
|
||||
# digest: 4a0a00473045022100b42f4e5a0aa4dcf2c88baaf563fe737cade93b81d8cd40676c53d88fe290ff920220055f13878b2915fb27467e87af6dc8c0e3e0a317d100a8250fbdbe3d95a3020b:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402205ce8e79a14884270f893e65babcab7e2383c15ba7a71e150408b0fe9150aed060220651eeb289954926626e24a265855d52be83bac39a8e0e3f080b6ea68d0f0b7e0:922c64590222798bb761d5b6d8e72950
|
|
@ -8,7 +8,7 @@ info:
|
|||
- https://github.com/OWASP/vbscan
|
||||
- https://blog.sucuri.net/2017/01/vbulletin-malware-hackers-compete-backdoor-control.html
|
||||
metadata:
|
||||
max-request: 31
|
||||
max-request: 21
|
||||
tags: backdoor,php,vbulletin,rce
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
@ -56,4 +56,4 @@ http:
|
|||
- "contains(body, '{{md5(num)}}')"
|
||||
- "status_code == 200"
|
||||
condition: and
|
||||
# digest: 490a004630440220140a0cd4a972dda1d19412bb1e411cb1c793fc888c041a14c388fb4f7427bea00220254b7d65fbccf04f5bb9c23aacbd313a19ae1075233dcbde2dea106657624abe:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202fa822365b053aafd4cd03da9826f7140e6cfd857029a00d083dd3b45a2cce5c022100946ced87dca459a6de74ea9f7c130a746df5abd23ccef62da928695500a06423:922c64590222798bb761d5b6d8e72950
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue