v10.0.0 prep

2024-09-12 12:48:15 +07:00 · 2024-09-12 12:48:15 +07:00 · b8a9bbae1b
parent 3a55809850
commit b8a9bbae1b
5 changed files with 3 additions and 52 deletions
--- a/helpers/wordlists/wordpress-plugins.txt
+++ b/helpers/wordlists/wordpress-plugins.txt
@ -93679,7 +93679,6 @@ wp-mail-fix-multiple-send
 wp-mail-gateway
 wp-mail-listeleyici
 wp-mail-log
-wp-mail-logging
 wp-mail-manager
 wp-mail-options
 wp-mail-rest-api
--- a/http/cves/2007/CVE-2007-2449.yaml
+++ b/http/cves/2007/CVE-2007-2449.yaml
@ -19,7 +19,7 @@ info:
    shodan-query: title:"Apache Tomcat"
  tags: cve,cve2007,apache,misconfig,tomcat,xss

-requests:
+http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp"
--- a/http/cves/2024/CVE-2024-41667.yaml
+++ b/http/cves/2024/CVE-2024-41667.yaml
@ -23,7 +23,7 @@ info:
    verified: true
  tags: cve,cve2024,intrusive,openam,ssti,authenticated

-flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6) && http(7) && http(8) && http(9) http(10) && http(11) && http(12)
+flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6) && http(7) && http(8) && http(9) && http(10) && http(11) && http(12)

 variables:
  username: "{{username}}"
--- a/http/technologies/wordpress/plugins/wp-mail-logging.yaml
+++ b/http/technologies/wordpress/plugins/wp-mail-logging.yaml
@ -1,48 +0,0 @@
-id: wordpress-wp-mail-logging
-
-info:
-  name: WP Mail Logging Detection
-  author: ricardomaia
-  severity: info
-  reference:
-    - https://wordpress.org/plugins/wp-mail-logging/
-  metadata:
-    plugin_namespace: wp-mail-logging
-    wpscan: https://wpscan.com/plugin/wp-mail-logging
-  tags: tech,wordpress,wp-plugin,top-200
-
-http:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/wp-mail-logging/readme.txt"
-
-    payloads:
-      last_version: helpers/wordpress/plugins/wp-mail-logging.txt
-
-    extractors:
-      - type: regex
-        part: body
-        internal: true
-        name: internal_detected_version
-        group: 1
-        regex:
-          - '(?i)Stable.tag:\s?([\w.]+)'
-
-      - type: regex
-        part: body
-        name: detected_version
-        group: 1
-        regex:
-          - '(?i)Stable.tag:\s?([\w.]+)'
-
-    matchers-condition: or
-    matchers:
-      - type: dsl
-        name: "outdated_version"
-        dsl:
-          - compare_versions(internal_detected_version, concat("< ", last_version))
-
-      - type: regex
-        part: body
-        regex:
-          - '(?i)Stable.tag:\s?([\w.]+)'
--- a/http/vulnerabilities/imo/imo-rce.yaml
+++ b/http/vulnerabilities/imo/imo-rce.yaml
@ -32,7 +32,7 @@ http:
        part: body
        words:
          - 'imo'
-        case-insensitve: true
+        case-insensitive: true
        internal: true

  - raw: