New Templates added (#3913)

* Add files via upload

* Auto Generated CVE annotations [Wed Mar 16 11:29:14 UTC 2022] 🤖

* Auto Generated New Template Addition List [Wed Mar 16 13:48:01 UTC 2022] 🤖

* moving templates into jolokia directory

* duplicate of jolokia-unauthenticated-lfi

* merged similar templates into one with updated matchers

* Auto Generated New Template Addition List [Wed Mar 23 10:21:57 UTC 2022] 🤖

* Delete .new-additions

* Auto Generated New Template Addition List [Wed Mar 23 10:22:29 UTC 2022] 🤖

* conflict update

* Auto Generated New Template Addition List [Wed Mar 23 10:23:39 UTC 2022] 🤖

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
patch-1
pussycat0x 2022-03-23 15:56:30 +05:30 committed by GitHub
parent 468709381b
commit c6e264a04e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 133 additions and 2 deletions

View File

@ -0,0 +1,73 @@
id: jolokia-info-disclosure
info:
name: Jolokia - Information disclosure
author: pussycat0x
severity: medium
reference:
- https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
- https://github.com/laluka/jolokia-exploitation-toolkit
tags: jolokia,springboot,mbean,tomcat
requests:
- method: GET
path:
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
- "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
- "{{BaseURL}}/actuator/jolokia/read/java.lang:type=Memory"
- "{{BaseURL}}/jolokia/read/java.lang:type=Memory"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
- "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
matchers-condition: or
matchers:
- type: word
name: memory
words:
- '"java.lang:type=Memory"'
- type: word
name: implementation-vendor
words:
- '"attribute":"ImplementationVendor"'
- type: word
name: implementation-version
words:
- '"attribute":"ImplementationVersion"'
- type: word
name: implementation-name
words:
- '"attribute":"ImplementationName"'
- type: word
name: specification-vendor
words:
- '"attribute":"SpecificationVendor"'
- type: word
name: mbean-serverid
words:
- '"attribute":"MBeanServerId"'
- type: word
name: specification-name
words:
- '"attribute":"SpecificationName"'
- type: word
name: specification-version
words:
- '"attribute":"SpecificationVersion'

View File

@ -0,0 +1,28 @@
id: jolokia-list
info:
name: Jolokia - List
author: pussycat0x
severity: low
reference:
- https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
- https://github.com/laluka/jolokia-exploitation-toolkit
tags: jolokia,springboot,tomcat
requests:
- method: GET
path:
- "{{BaseURL}}/jolokia/list"
- "{{BaseURL}}/actuator/jolokia/list"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- '"type":"list"'

View File

@ -0,0 +1,30 @@
id: jolokia-mbean-search
info:
name: Jolokia -Searching MBeans
author: pussycat0x
severity: low
reference:
- https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
- https://github.com/laluka/jolokia-exploitation-toolkit
tags: jolokia,springboot,mbean,tomcat
requests:
- method: GET
path:
- "{{BaseURL}}/jolokia/search/*:test=test"
- "{{BaseURL}}/actuator/jolokia/search/*:test=test"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- '"type":"search"'
- '"value":'
condition: and

View File

@ -8,7 +8,7 @@ info:
reference:
- https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
- https://github.com/laluka/jolokia-exploitation-toolkit
tags: jolokia,lfi
tags: jolokia,springboot,tomcat,lfi
requests:
- method: GET