daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated templates

patch-10
Prince Chaddha 2023-06-05 14:24:27 +05:30
parent c69b1e7619
commit ae8b2125a1
14 changed files with 35 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
http/credential-stuffing/cloud/atechmedia-codebase.yaml
View File

@ -2,7 +2,7 @@ id: atechmedia-codebase-login-check
info:
name: Atechmedia/Codebase Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid Atechmedia/Codebase account.
reference:
@ -15,17 +15,14 @@ requests:
- |
GET https://identity.atechmedia.com/login HTTP/1.1
Host: identity.atechmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Referer: https://identity.atechmedia.com/login
- |
POST https://identity.atechmedia.com/login HTTP/1.1
Host: identity.atechmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Origin: https://identity.atechmedia.com
Content-Type: application/x-www-form-urlencoded
Referer: https://identity.atechmedia.com/login
Connection: close
utf8=%E2%9C%93&authenticity_token={{url_encode(authenticity_token)}}&username={{username}}&password={{password}}&commit=Login
@ -39,6 +36,7 @@ requests:
internal: true
xpath:
- /html/body/div/div[2]/div/form/input[2]
- type: dsl
dsl:
- username
@ -50,6 +48,7 @@ requests:
part: header
words:
- 'Set-Cookie: user_session'
- type: status
status:
- 302

5
http/credential-stuffing/cloud/atlassian.yaml
View File

@ -2,7 +2,7 @@ id: atlassian-login-check
info:
name: Atlassian Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid atlassian account.
reference:
@ -17,7 +17,6 @@ requests:
Content-Type: application/json
Origin: https://id.atlassian.com
Referer: https://id.atlassian.com/
Connection: close
{"username":"{{username}}","password":"{{password}}","state":{"csrfToken":"{{rand_text_alpha(10, "")}}"}}
@ -26,6 +25,7 @@ requests:
dsl:
- username
- password
attack: pitchfork
matchers-condition: and
matchers:
@ -33,6 +33,7 @@ requests:
part: body
words:
- '"error_description":"Wrong email or password."'
- type: status
status:
- 403

4
http/credential-stuffing/cloud/avnil-pdf-generator.yaml
View File

@ -2,7 +2,7 @@ id: avnil-pdf-generator-check
info:
name: useanvil.com Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid avnil pdf generator account.
reference:
@ -25,6 +25,7 @@ requests:
dsl:
- username
- password
matchers-condition: and
matchers:
- type: word
@ -32,6 +33,7 @@ requests:
words:
- '"email":"'
- '"eid":"'
- type: status
status:
- 200

6
http/credential-stuffing/cloud/chefapi.yaml
View File

@ -15,9 +15,6 @@ requests:
POST https://api.chef.io/login HTTP/1.1
Host: api.chef.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
Content-Length: 160
utf8=%E2%9C%93&authenticity_token=&authenticity_token=&to=https://api.chef.io/login-success&username={{username}}&password={{password}}&commit=Sign+In
@ -27,6 +24,7 @@ requests:
part: header
words:
- 'Location: https://api.chef.io/login-success'
- type: status
status:
- 302
- 302

2
http/credential-stuffing/cloud/codepen.yaml
View File

@ -1,7 +1,7 @@
id: codepen-login-check
info:
name: codepen.io Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid codepen account.
reference:

2
http/credential-stuffing/cloud/datadog.yaml
View File

@ -2,7 +2,7 @@ id: datadog-login-check
info:
name: Datadog Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid datadog account.
reference:

10
http/credential-stuffing/cloud/docker-hub.yaml
View File

@ -2,7 +2,7 @@ id: docker-hub-login-check
info:
name: Docker Hub Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid atlassian account.
reference:
@ -12,13 +12,9 @@ info:
self-contained: true
requests:
- raw:
- |-
- |
POST https://hub.docker.com/v2/users/login HTTP/1.1
Host: hub.docker.com
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.95 Safari/537.36
Connection: close
Content-Type: application/json
{
@ -34,10 +30,12 @@ requests:
part: body
words:
- 'token'
- type: word
part: header
words:
- 'Set-Cookie: token='
- type: status
status:
- 200

5
http/credential-stuffing/cloud/gitea.yaml
View File

@ -2,7 +2,7 @@ id: gitea-login-check
info:
name: gitea.com Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid gitea account.
reference:
@ -12,7 +12,7 @@ info:
self-contained: true
requests:
- raw:
- |-
- |
POST https://gitea.com/user/login HTTP/1.1
Host: gitea.com
Content-Type: application/x-www-form-urlencoded
@ -31,6 +31,7 @@ requests:
part: header
words:
- 'Location: /'
- type: status
status:
- 303

6
http/credential-stuffing/cloud/github.yaml
View File

@ -2,7 +2,7 @@ id: github-login-check
info:
name: Github Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid github account.
reference:
@ -34,6 +34,7 @@ requests:
internal: true
xpath:
- /html/body/div[3]/main/div/div[4]/form/input[1]
- type: xpath
name: timestamp
part: body
@ -41,6 +42,8 @@ requests:
internal: true
xpath:
- /html/body/div[3]/main/div/div[4]/form/div/input[10]
- type: xpath
name: timestamp_secret
part: body
@ -48,6 +51,7 @@ requests:
internal: true
xpath:
- /html/body/div[3]/main/div/div[4]/form/div/input[11]
- type: dsl
dsl:
- username

3
http/credential-stuffing/cloud/postman.yaml
View File

@ -2,7 +2,7 @@ id: postman-login-check
info:
name: Postman Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid postman account.
reference:
@ -42,7 +42,6 @@ requests:
- username
- password
matchers-condition: and
matchers:
- type: dsl
dsl:

5
http/credential-stuffing/cloud/pulmi.yaml
View File

@ -2,7 +2,7 @@ id: pulmi-login-check
info:
name: pulmi.com Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid github account.
reference:
@ -15,12 +15,9 @@ requests:
- |-
POST https://api.pulumi.com/api/console/email/login HTTP/1.1
Host: api.pulumi.com
Content-Length: 48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Content-Type: application/json
Origin: https://app.pulumi.com
Referer: https://app.pulumi.com/
Connection: close
{"emailOrLogin":"{{username}}","password":"{{password}}"}

16
http/credential-stuffing/self-hosted/gitlab.yaml
View File

@ -1,7 +1,7 @@
id: gitlab-login-check-self-hosted
info:
name: Gitlab Login Check Self Hosted
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid login on self hosted Grafana instance.
reference:
@ -20,25 +20,19 @@ http:
- |
GET /users/sign_in HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept-Language: en-US,en;q=0.9,de;q=0.8
Connection: close
- |
POST /users/sign_in HTTP/1.1
Host: {{Hostname}}
Content-Length: 186
Cache-Control: max-age=0
Origin: http://{{Hostname}}
Origin: {{BaseURL}}
DNT: 1
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Referer: http://{{Hostname}}/users/sign_in
Referer: {{BaseURL}}/users/sign_in
Accept-Language: en-US,en;q=0.9,de;q=0.8
Connection: close
authenticity_token={{url_encode(authenticity_token)}}&user%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&user%5Bremember_me%5D=0
cookie-reuse: true
attack: pitchfork
@ -50,12 +44,12 @@ http:
group: 1
regex:
- '"/users/sign_in".*?authenticity_token"\s+value="([^"]+)"'
- type: dsl
dsl:
- username
- password
matchers-condition: and
req-condition: true
matchers:
- type: dsl

6
http/credential-stuffing/self-hosted/grafana.yaml
View File

@ -2,7 +2,7 @@ id: grafana-login-check
info:
name: Grafana Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid login on self hosted Grafana instance.
reference:
@ -23,13 +23,10 @@ requests:
Host: {{Hostname}}
accept: application/json, text/plain, */*
DNT: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: application/json
Origin: {{BaseURL}}
Referer: {{BaseURL}}/login
Accept-Language: en-US,en;q=0.9,de;q=0.8
Cookie: redirect_to=%2F
Connection: close
{"user":"{{username}}","password":"{{password}}"}
@ -38,6 +35,7 @@ requests:
dsl:
- username
- password
matchers-condition: and
matchers:
- type: word

2
http/credential-stuffing/self-hosted/jira.yaml
View File

@ -2,7 +2,7 @@ id: jira-login-check
info:
name: Jira Login Check
author: parthmalhotra, pdresearch
author: parthmalhotra,pdresearch
severity: critical
description: Checks for a valid login on self hosted Jira instance.
reference: