daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated templates

patch-10
Prince Chaddha 2023-06-05 14:24:27 +05:30
parent c69b1e7619
commit ae8b2125a1
14 changed files with 35 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
http/credential-stuffing/cloud/atechmedia-codebase.yaml
View File

@ -2,7 +2,7 @@ id: atechmedia-codebase-login-check
info: info:
name: Atechmedia/Codebase Login Check name: Atechmedia/Codebase Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid Atechmedia/Codebase account. description: Checks for a valid Atechmedia/Codebase account.
reference: reference:
@ -15,17 +15,14 @@ requests:
- | - |
GET https://identity.atechmedia.com/login HTTP/1.1 GET https://identity.atechmedia.com/login HTTP/1.1
Host: identity.atechmedia.com Host: identity.atechmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Referer: https://identity.atechmedia.com/login Referer: https://identity.atechmedia.com/login
- | - |
POST https://identity.atechmedia.com/login HTTP/1.1 POST https://identity.atechmedia.com/login HTTP/1.1
Host: identity.atechmedia.com Host: identity.atechmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Origin: https://identity.atechmedia.com Origin: https://identity.atechmedia.com
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
Referer: https://identity.atechmedia.com/login Referer: https://identity.atechmedia.com/login
Connection: close
utf8=%E2%9C%93&authenticity_token={{url_encode(authenticity_token)}}&username={{username}}&password={{password}}&commit=Login utf8=%E2%9C%93&authenticity_token={{url_encode(authenticity_token)}}&username={{username}}&password={{password}}&commit=Login
@ -39,6 +36,7 @@ requests:
internal: true internal: true
xpath: xpath:
- /html/body/div/div[2]/div/form/input[2] - /html/body/div/div[2]/div/form/input[2]
- type: dsl - type: dsl
dsl: dsl:
- username - username
@ -50,6 +48,7 @@ requests:
part: header part: header
words: words:
- 'Set-Cookie: user_session' - 'Set-Cookie: user_session'
- type: status - type: status
status: status:
- 302 - 302

5
http/credential-stuffing/cloud/atlassian.yaml
View File

@ -2,7 +2,7 @@ id: atlassian-login-check
info: info:
name: Atlassian Login Check name: Atlassian Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid atlassian account. description: Checks for a valid atlassian account.
reference: reference:
@ -17,7 +17,6 @@ requests:
Content-Type: application/json Content-Type: application/json
Origin: https://id.atlassian.com Origin: https://id.atlassian.com
Referer: https://id.atlassian.com/ Referer: https://id.atlassian.com/
Connection: close
{"username":"{{username}}","password":"{{password}}","state":{"csrfToken":"{{rand_text_alpha(10, "")}}"}} {"username":"{{username}}","password":"{{password}}","state":{"csrfToken":"{{rand_text_alpha(10, "")}}"}}
@ -26,6 +25,7 @@ requests:
dsl: dsl:
- username - username
- password - password
attack: pitchfork attack: pitchfork
matchers-condition: and matchers-condition: and
matchers: matchers:
@ -33,6 +33,7 @@ requests:
part: body part: body
words: words:
- '"error_description":"Wrong email or password."' - '"error_description":"Wrong email or password."'
- type: status - type: status
status: status:
- 403 - 403

4
http/credential-stuffing/cloud/avnil-pdf-generator.yaml
View File

@ -2,7 +2,7 @@ id: avnil-pdf-generator-check
info: info:
name: useanvil.com Login Check name: useanvil.com Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid avnil pdf generator account. description: Checks for a valid avnil pdf generator account.
reference: reference:
@ -25,6 +25,7 @@ requests:
dsl: dsl:
- username - username
- password - password
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
@ -32,6 +33,7 @@ requests:
words: words:
- '"email":"' - '"email":"'
- '"eid":"' - '"eid":"'
- type: status - type: status
status: status:
- 200 - 200

6
http/credential-stuffing/cloud/chefapi.yaml
View File

@ -15,9 +15,6 @@ requests:
POST https://api.chef.io/login HTTP/1.1 POST https://api.chef.io/login HTTP/1.1
Host: api.chef.io Host: api.chef.io
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
Content-Length: 160
utf8=%E2%9C%93&authenticity_token=&authenticity_token=&to=https://api.chef.io/login-success&username={{username}}&password={{password}}&commit=Sign+In utf8=%E2%9C%93&authenticity_token=&authenticity_token=&to=https://api.chef.io/login-success&username={{username}}&password={{password}}&commit=Sign+In
@ -27,6 +24,7 @@ requests:
part: header part: header
words: words:
- 'Location: https://api.chef.io/login-success' - 'Location: https://api.chef.io/login-success'
- type: status - type: status
status: status:
- 302 - 302

2
http/credential-stuffing/cloud/codepen.yaml
View File

@ -1,7 +1,7 @@
id: codepen-login-check id: codepen-login-check
info: info:
name: codepen.io Login Check name: codepen.io Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid codepen account. description: Checks for a valid codepen account.
reference: reference:

2
http/credential-stuffing/cloud/datadog.yaml
View File

@ -2,7 +2,7 @@ id: datadog-login-check
info: info:
name: Datadog Login Check name: Datadog Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid datadog account. description: Checks for a valid datadog account.
reference: reference:

10
http/credential-stuffing/cloud/docker-hub.yaml
View File

@ -2,7 +2,7 @@ id: docker-hub-login-check
info: info:
name: Docker Hub Login Check name: Docker Hub Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid atlassian account. description: Checks for a valid atlassian account.
reference: reference:
@ -12,13 +12,9 @@ info:
self-contained: true self-contained: true
requests: requests:
- raw: - raw:
- |- - |
POST https://hub.docker.com/v2/users/login HTTP/1.1 POST https://hub.docker.com/v2/users/login HTTP/1.1
Host: hub.docker.com Host: hub.docker.com
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.95 Safari/537.36
Connection: close
Content-Type: application/json Content-Type: application/json
{ {
@ -34,10 +30,12 @@ requests:
part: body part: body
words: words:
- 'token' - 'token'
- type: word - type: word
part: header part: header
words: words:
- 'Set-Cookie: token=' - 'Set-Cookie: token='
- type: status - type: status
status: status:
- 200 - 200

5
http/credential-stuffing/cloud/gitea.yaml
View File

@ -2,7 +2,7 @@ id: gitea-login-check
info: info:
name: gitea.com Login Check name: gitea.com Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid gitea account. description: Checks for a valid gitea account.
reference: reference:
@ -12,7 +12,7 @@ info:
self-contained: true self-contained: true
requests: requests:
- raw: - raw:
- |- - |
POST https://gitea.com/user/login HTTP/1.1 POST https://gitea.com/user/login HTTP/1.1
Host: gitea.com Host: gitea.com
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
@ -31,6 +31,7 @@ requests:
part: header part: header
words: words:
- 'Location: /' - 'Location: /'
- type: status - type: status
status: status:
- 303 - 303

6
http/credential-stuffing/cloud/github.yaml
View File

@ -2,7 +2,7 @@ id: github-login-check
info: info:
name: Github Login Check name: Github Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid github account. description: Checks for a valid github account.
reference: reference:
@ -34,6 +34,7 @@ requests:
internal: true internal: true
xpath: xpath:
- /html/body/div[3]/main/div/div[4]/form/input[1] - /html/body/div[3]/main/div/div[4]/form/input[1]
- type: xpath - type: xpath
name: timestamp name: timestamp
part: body part: body
@ -41,6 +42,8 @@ requests:
internal: true internal: true
xpath: xpath:
- /html/body/div[3]/main/div/div[4]/form/div/input[10] - /html/body/div[3]/main/div/div[4]/form/div/input[10]
- type: xpath - type: xpath
name: timestamp_secret name: timestamp_secret
part: body part: body
@ -48,6 +51,7 @@ requests:
internal: true internal: true
xpath: xpath:
- /html/body/div[3]/main/div/div[4]/form/div/input[11] - /html/body/div[3]/main/div/div[4]/form/div/input[11]
- type: dsl - type: dsl
dsl: dsl:
- username - username

3
http/credential-stuffing/cloud/postman.yaml
View File

@ -2,7 +2,7 @@ id: postman-login-check
info: info:
name: Postman Login Check name: Postman Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid postman account. description: Checks for a valid postman account.
reference: reference:
@ -42,7 +42,6 @@ requests:
- username - username
- password - password
matchers-condition: and
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:

5
http/credential-stuffing/cloud/pulmi.yaml
View File

@ -2,7 +2,7 @@ id: pulmi-login-check
info: info:
name: pulmi.com Login Check name: pulmi.com Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid github account. description: Checks for a valid github account.
reference: reference:
@ -15,12 +15,9 @@ requests:
- |- - |-
POST https://api.pulumi.com/api/console/email/login HTTP/1.1 POST https://api.pulumi.com/api/console/email/login HTTP/1.1
Host: api.pulumi.com Host: api.pulumi.com
Content-Length: 48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Content-Type: application/json Content-Type: application/json
Origin: https://app.pulumi.com Origin: https://app.pulumi.com
Referer: https://app.pulumi.com/ Referer: https://app.pulumi.com/
Connection: close
{"emailOrLogin":"{{username}}","password":"{{password}}"} {"emailOrLogin":"{{username}}","password":"{{password}}"}

16
http/credential-stuffing/self-hosted/gitlab.yaml
View File

@ -1,7 +1,7 @@
id: gitlab-login-check-self-hosted id: gitlab-login-check-self-hosted
info: info:
name: Gitlab Login Check Self Hosted name: Gitlab Login Check Self Hosted
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid login on self hosted Grafana instance. description: Checks for a valid login on self hosted Grafana instance.
reference: reference:
@ -20,25 +20,19 @@ http:
- | - |
GET /users/sign_in HTTP/1.1 GET /users/sign_in HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
Accept-Language: en-US,en;q=0.9,de;q=0.8
Connection: close
- | - |
POST /users/sign_in HTTP/1.1 POST /users/sign_in HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
Content-Length: 186
Cache-Control: max-age=0 Cache-Control: max-age=0
Origin: http://{{Hostname}} Origin: {{BaseURL}}
DNT: 1 DNT: 1
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Referer: {{BaseURL}}/users/sign_in
Referer: http://{{Hostname}}/users/sign_in
Accept-Language: en-US,en;q=0.9,de;q=0.8 Accept-Language: en-US,en;q=0.9,de;q=0.8
Connection: close
authenticity_token={{url_encode(authenticity_token)}}&user%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&user%5Bremember_me%5D=0 authenticity_token={{url_encode(authenticity_token)}}&user%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&user%5Bremember_me%5D=0
cookie-reuse: true cookie-reuse: true
attack: pitchfork attack: pitchfork
@ -50,12 +44,12 @@ http:
group: 1 group: 1
regex: regex:
- '"/users/sign_in".*?authenticity_token"\s+value="([^"]+)"' - '"/users/sign_in".*?authenticity_token"\s+value="([^"]+)"'
- type: dsl - type: dsl
dsl: dsl:
- username - username
- password - password
matchers-condition: and
req-condition: true req-condition: true
matchers: matchers:
- type: dsl - type: dsl

6
http/credential-stuffing/self-hosted/grafana.yaml
View File

@ -2,7 +2,7 @@ id: grafana-login-check
info: info:
name: Grafana Login Check name: Grafana Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid login on self hosted Grafana instance. description: Checks for a valid login on self hosted Grafana instance.
reference: reference:
@ -23,13 +23,10 @@ requests:
Host: {{Hostname}} Host: {{Hostname}}
accept: application/json, text/plain, */* accept: application/json, text/plain, */*
DNT: 1 DNT: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: application/json content-type: application/json
Origin: {{BaseURL}} Origin: {{BaseURL}}
Referer: {{BaseURL}}/login Referer: {{BaseURL}}/login
Accept-Language: en-US,en;q=0.9,de;q=0.8
Cookie: redirect_to=%2F Cookie: redirect_to=%2F
Connection: close
{"user":"{{username}}","password":"{{password}}"} {"user":"{{username}}","password":"{{password}}"}
@ -38,6 +35,7 @@ requests:
dsl: dsl:
- username - username
- password - password
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word

2
http/credential-stuffing/self-hosted/jira.yaml
View File

@ -2,7 +2,7 @@ id: jira-login-check
info: info:
name: Jira Login Check name: Jira Login Check
author: parthmalhotra, pdresearch author: parthmalhotra,pdresearch
severity: critical severity: critical
description: Checks for a valid login on self hosted Jira instance. description: Checks for a valid login on self hosted Jira instance.
reference: reference: