commit
b7eaa213ee
|
@ -12,6 +12,10 @@ info:
|
|||
- https://attackerkb.com/topics/08O94gYdF1/cve-2021-38647
|
||||
- https://censys.io/blog/understanding-the-impact-of-omigod-cve-2021-38647/
|
||||
- https://github.com/microsoft/omi
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.80
|
||||
cve-id: CVE-2021-38647
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
id: amcrest-login
|
||||
|
||||
info:
|
||||
name: Amcrest Login
|
||||
author: DhiyaneshDK
|
||||
severity: info
|
||||
reference: https://www.exploit-db.com/ghdb/7273
|
||||
metadata:
|
||||
shodan-dork: html:"amcrest"
|
||||
google-dork: intext:"amcrest" "LDAP User"
|
||||
tags: panel,camera
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "Amcrest Technologies"
|
||||
- "LDAPUser"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -0,0 +1,26 @@
|
|||
id: intelbras-login
|
||||
|
||||
info:
|
||||
name: Intelbras Login
|
||||
author: DhiyaneshDK
|
||||
severity: info
|
||||
reference: https://www.exploit-db.com/ghdb/7272
|
||||
metadata:
|
||||
shodan-dork: http.title:"Intelbras"
|
||||
google-dork: intitle:"Intelbras" "All Rights Reserved" -.com
|
||||
tags: panel
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/login.html'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>Intelbras</title>"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -0,0 +1,33 @@
|
|||
id: automation-direct
|
||||
|
||||
info:
|
||||
name: Automation Direct
|
||||
author: DhiyaneshDK
|
||||
severity: info
|
||||
reference: https://www.exploit-db.com/ghdb/7295
|
||||
metadata:
|
||||
shodan-dork: http.title:"C-more -- the best HMI presented by AutomationDirect"
|
||||
google-dork: intitle:"C-more -- the best HMI presented by AutomationDirect"
|
||||
tags: panel,iot
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/index.html'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<TITLE>C-more -- the best HMI presented by AutomationDirect</TITLE>"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
group: 1
|
||||
regex:
|
||||
- '<P align="right">([A-Za-z. 0-9]+)<\/P>'
|
|
@ -0,0 +1,26 @@
|
|||
id: netsurveillance-web
|
||||
|
||||
info:
|
||||
name: NETSurveillance WEB
|
||||
author: DhiyaneshDK
|
||||
severity: info
|
||||
reference: https://www.exploit-db.com/ghdb/7288
|
||||
metadata:
|
||||
shodan-dork: http.title:"NETSurveillance WEB"
|
||||
google-dork: intitle:"NETSurveillance WEB"
|
||||
tags: tech,iot
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/Login.htm'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>NetSurveillance WEB</title>"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -0,0 +1,33 @@
|
|||
id: tileserver-gl
|
||||
|
||||
info:
|
||||
name: TileServer GL
|
||||
author: DhiyaneshDK
|
||||
severity: info
|
||||
reference: https://www.exploit-db.com/ghdb/7296
|
||||
metadata:
|
||||
shodan-dork: http.title:"TileServer GL - Server for vector and raster maps with GL styles"
|
||||
google-dork: intitle:"TileServer GL - Server for vector and raster maps with GL styles"
|
||||
tags: tech
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>TileServer GL - Server for vector and raster maps with GL styles</title>"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
group: 1
|
||||
regex:
|
||||
- 'Powered by TileServer GL \(([a-z- 0-9.]+)\)'
|
Loading…
Reference in New Issue