diff --git a/technologies/daybyday-detect.yaml b/exposed-panels/daybyday-panel.yaml
similarity index 64%
rename from technologies/daybyday-detect.yaml
rename to exposed-panels/daybyday-panel.yaml
index 15aa07c91a..979b9045ae 100644
--- a/technologies/daybyday-detect.yaml
+++ b/exposed-panels/daybyday-panel.yaml
@@ -1,10 +1,12 @@
-id: daybyday-detect
+id: daybyday-panel
info:
- name: DaybydayCRM Detect
- author: pikpikcu
+ name: DaybydayCRM Panel Login
+ author: pikpikcu,daffainfo
severity: info
- tags: tech,daybyday
+ metadata:
+ shodan-query: http.title:"Daybyday"
+ tags: panel,daybyday
requests:
- method: GET
diff --git a/exposed-panels/dolibarr-panel.yaml b/exposed-panels/dolibarr-panel.yaml
new file mode 100644
index 0000000000..1d502057cf
--- /dev/null
+++ b/exposed-panels/dolibarr-panel.yaml
@@ -0,0 +1,39 @@
+id: dolibarr-panel
+
+info:
+ name: Dolibarr Panel Login
+ author: pikpikcu,daffainfo
+ severity: info
+ metadata:
+ shodan-query: http.title:"Dolibarr"
+ tags: panel,dolibarr
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: header
+ words:
+ - 'Set-Cookie: DOLSESSID_'
+
+ - type: word
+ part: body
+ words:
+ - ''
+
+ - type: status
+ status:
+ - 200
+
+ extractors:
+ - type: regex
+ part: body
+ group: 1
+ regex:
+ - '| Dolibarr ([0-9.]+)<\/td>'
+ - ' | Dolibarr ([0-9.]+)<\/td>'
+ - ' Dolibarr ([0-9.]+)<\/div>'
diff --git a/exposed-panels/dotclear-panel.yaml b/exposed-panels/dotclear-panel.yaml
new file mode 100644
index 0000000000..8d9076985c
--- /dev/null
+++ b/exposed-panels/dotclear-panel.yaml
@@ -0,0 +1,27 @@
+id: dotclear-panel
+
+info:
+ name: Dotclear Panel Login
+ author: pikpikcu,daffainfo
+ severity: info
+ metadata:
+ shodan-query: http.title:"Dotclear"
+ tags: panel,dotclear
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/dc2/admin/auth.php"
+ - "{{BaseURL}}/auth.php"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - ''
+ - ' Dotclear'
+ condition: or
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/druid-detect.yaml b/exposed-panels/druid-panel.yaml
similarity index 74%
rename from technologies/druid-detect.yaml
rename to exposed-panels/druid-panel.yaml
index 63b0d5823e..5ac2fd1a81 100644
--- a/technologies/druid-detect.yaml
+++ b/exposed-panels/druid-panel.yaml
@@ -1,10 +1,10 @@
-id: druid-detect
+id: druid-panel
info:
- name: Druid monitor Detect
- author: pikpikcu
+ name: Druid monitor Panel Login
+ author: pikpikcu,daffainfo
severity: info
- tags: tech,druid
+ tags: panel,druid
requests:
- method: GET
@@ -13,7 +13,6 @@ requests:
matchers-condition: and
matchers:
-
- type: word
part: body
words:
diff --git a/technologies/ems-webclient-detect.yaml b/exposed-panels/ems-webclient-panel.yaml
similarity index 57%
rename from technologies/ems-webclient-detect.yaml
rename to exposed-panels/ems-webclient-panel.yaml
index 69f794d1c5..c4caaa5ec3 100644
--- a/technologies/ems-webclient-detect.yaml
+++ b/exposed-panels/ems-webclient-panel.yaml
@@ -1,27 +1,34 @@
-id: ems-webclient-detect
-
-info:
- name: EMS Web Client
- author: pussycat0x
- severity: info
- metadata:
- google-dork: inurl:EMSWebClient/
- tags: tech,ems
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/emswebclient/Login.aspx"
- - "{{BaseURL}}/Login.aspx"
-
- stop-at-first-match: true
- matchers-condition: and
- matchers:
-
- - type: word
- words:
- - "EMS Web Client - Login"
-
- - type: status
- status:
- - 200
\ No newline at end of file
+id: ems-webclient-panel
+
+info:
+ name: EMS Web Client Panel Login
+ author: pussycat0x,daffainfo
+ severity: info
+ metadata:
+ google-dork: inurl:EMSWebClient/
+ tags: panel,ems
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/emswebclient/Login.aspx"
+ - "{{BaseURL}}/Login.aspx"
+
+ stop-at-first-match: true
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - "EMS Web Client - Login"
+
+ - type: status
+ status:
+ - 200
+
+ extractors:
+ - type: regex
+ part: body
+ group: 1
+ regex:
+ - 'Web Client Version (.*)'
\ No newline at end of file
diff --git a/technologies/fortinet-detect.yaml b/exposed-panels/fortinet-panel.yaml
similarity index 71%
rename from technologies/fortinet-detect.yaml
rename to exposed-panels/fortinet-panel.yaml
index ad26de136e..073036d9d8 100644
--- a/technologies/fortinet-detect.yaml
+++ b/exposed-panels/fortinet-panel.yaml
@@ -1,10 +1,12 @@
-id: fortinet-detect
+id: fortinet-panel
info:
- name: Fortinet detected
+ name: Fortinet Panel Login
author: pikpikcu,daffainfo
severity: info
- tags: tech,jboss
+ metadata:
+ shodan-query: http.title:"FORTINET LOGIN"
+ tags: panel,fotinet
requests:
- method: GET
diff --git a/exposed-panels/gespage-panel.yaml b/exposed-panels/gespage-panel.yaml
new file mode 100644
index 0000000000..2746f6df2d
--- /dev/null
+++ b/exposed-panels/gespage-panel.yaml
@@ -0,0 +1,34 @@
+id: gespage-panel
+
+info:
+ name: Gespage Panel Login
+ author: pikpikcu,daffainfo
+ severity: info
+ metadata:
+ shodan-query: "Path=/gespage"
+ tags: panel,gespage
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/gespage/webapp/login.xhtml"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - ''
+ - ''
+ condition: and
+
+ - type: status
+ status:
+ - 200
+
+ extractors:
+ - type: regex
+ part: body
+ group: 1
+ regex:
+ - '\(Ver: ([0-9._A-Z]+)\)'
diff --git a/technologies/glpi-cms-detect.yaml b/exposed-panels/glpi-panel.yaml
similarity index 56%
rename from technologies/glpi-cms-detect.yaml
rename to exposed-panels/glpi-panel.yaml
index 422e350661..e557297f14 100644
--- a/technologies/glpi-cms-detect.yaml
+++ b/exposed-panels/glpi-panel.yaml
@@ -1,10 +1,12 @@
-id: glpi-cms-detect
+id: glpi-panel
info:
- name: GLPI Cms Detection
- author: dogasantos
+ name: GLPI Panel Login
+ author: dogasantos,daffainfo
severity: info
- tags: glpi,cms,php
+ metadata:
+ shodan-query: http.title:"GLPI"
+ tags: panel,glpi
requests:
- method: GET
@@ -13,6 +15,7 @@ requests:
- "{{BaseURL}}/glpi/"
- "{{BaseURL}}/glpi2/"
+ stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
@@ -25,3 +28,10 @@ requests:
- type: status
status:
- 200
+
+ extractors:
+ - type: regex
+ part: body
+ group: 1
+ regex:
+ - 'base.min.js?v=(.*)'
\ No newline at end of file
diff --git a/exposed-panels/jaspersoft-panel.yaml b/exposed-panels/jaspersoft-panel.yaml
new file mode 100644
index 0000000000..e1afb10df0
--- /dev/null
+++ b/exposed-panels/jaspersoft-panel.yaml
@@ -0,0 +1,29 @@
+id: jaspersoft-panel
+
+info:
+ name: Jaspersoft Panel Login
+ author: koti2,daffainfo
+ severity: info
+ metadata:
+ shodan-query: http.title:"Jaspersoft"
+ tags: panel,jaspersoft
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/jasperserver/login.html?error=1"
+ - "{{BaseURL}}/jasperserver-pro/login.html?error=1"
+
+ stop-at-first-match: true
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - "TIBCO Jaspersoft: Login"
+ - "Could not login to JasperReports Server"
+ - "About TIBCO JasperReports Server"
+ condition: or
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/jeedom-detect.yaml b/exposed-panels/jeedom-panel.yaml
similarity index 58%
rename from technologies/jeedom-detect.yaml
rename to exposed-panels/jeedom-panel.yaml
index 4154e6b7d0..382c61003f 100644
--- a/technologies/jeedom-detect.yaml
+++ b/exposed-panels/jeedom-panel.yaml
@@ -1,10 +1,12 @@
-id: jeedom-detect
+id: jeedom-panel
info:
- name: Jeedom Detect
- author: pikpikcu
+ name: Jeedom Login Panel
+ author: pikpikcu,daffainfo
severity: info
- tags: tech,jeedom
+ metadata:
+ shodan-query: http.title:"Jeedom"
+ tags: panel,jeedom
requests:
- method: GET
@@ -13,11 +15,12 @@ requests:
matchers-condition: and
matchers:
-
- type: word
part: body
words:
- "Jeedom"
+ - "JEEDOM_PRODUCT_NAME"
+ condition: and
- type: status
status:
diff --git a/exposed-panels/kibana-panel.yaml b/exposed-panels/kibana-panel.yaml
new file mode 100644
index 0000000000..ad3530bfef
--- /dev/null
+++ b/exposed-panels/kibana-panel.yaml
@@ -0,0 +1,26 @@
+id: kibana-panel
+
+info:
+ name: Kibana Panel Login
+ author: petruknisme,daffainfo
+ severity: info
+ metadata:
+ shodan-query: http.title:"Kibana"
+ tags: panel,kibana
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/login"
+
+ matchers-condition: or
+ matchers:
+ - type: word
+ part: body
+ words:
+ - "Kibana"
+
+ - type: word
+ part: header
+ words:
+ - "Kbn-Name:"
diff --git a/technologies/landrayoa-detect.yaml b/exposed-panels/landrayoa-panel.yaml
similarity index 77%
rename from technologies/landrayoa-detect.yaml
rename to exposed-panels/landrayoa-panel.yaml
index 250f0654c9..105a663d34 100644
--- a/technologies/landrayoa-detect.yaml
+++ b/exposed-panels/landrayoa-panel.yaml
@@ -1,10 +1,10 @@
-id: landrayoa-detect
+id: landrayoa-panel
info:
- name: LandrayOA detect
+ name: LandrayOA Panel Login
author: YanYun
severity: info
- tags: tech,landrayoa
+ tags: panel,landrayoa
requests:
- method: GET
@@ -16,11 +16,14 @@ requests:
- type: status
status:
- 200
+
- type: word
+ part: body
words:
- 'lui_login_input_username'
- 'lui_login_input_password'
condition: and
+
- type: word
words:
- 'isopen='
diff --git a/exposed-panels/mautic-crm-panel.yaml b/exposed-panels/mautic-crm-panel.yaml
new file mode 100644
index 0000000000..d728240998
--- /dev/null
+++ b/exposed-panels/mautic-crm-panel.yaml
@@ -0,0 +1,27 @@
+id: mautic-crm-panel
+
+info:
+ name: Mautic CRM Panel Login
+ author: cyllective,daffainfo
+ severity: info
+ description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms, questionnaires, reports, etc.
+ reference: https://github.com/mautic/mautic
+ tags: tech,mautic,crm
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/s/login"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - 'Mautic'
+ - 'var mauticBasePath'
+ condition: and
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/metabase-detect.yaml b/exposed-panels/metabase-panel.yaml
similarity index 80%
rename from technologies/metabase-detect.yaml
rename to exposed-panels/metabase-panel.yaml
index 3a865ab0e7..0834bf34c6 100644
--- a/technologies/metabase-detect.yaml
+++ b/exposed-panels/metabase-panel.yaml
@@ -1,11 +1,13 @@
-id: metabase-version-detect
+id: metabase-panel
info:
- name: Detect Metabase Version
- author: revblock
+ name: Metabase Login Panel
+ author: revblock,daffainfo
description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source
+ metadata:
+ shodan-query: http.title:"Metabase"
severity: info
- tags: tech,metabase
+ tags: panel,metabase
requests:
- method: GET
@@ -14,17 +16,16 @@ requests:
matchers-condition: and
matchers:
-
- type: status
status:
- 200
- type: word
+ part: body
words:
- "Metabase"
- "window.MetabaseBootstrap"
- "window.MetabaseRoot"
- part: body
condition: and
extractors:
diff --git a/exposed-panels/opencast-detect.yaml b/exposed-panels/opencast-detect.yaml
new file mode 100644
index 0000000000..081794ccb0
--- /dev/null
+++ b/exposed-panels/opencast-detect.yaml
@@ -0,0 +1,25 @@
+id: opencast-panel
+
+info:
+ name: Opencast Panel Login
+ author: cyllective,daffainfo
+ severity: info
+ description: The free and open source solution for automated video capture and distribution at scale.
+ reference: https://github.com/opencast/opencast
+ tags: panel,opencast
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}/admin-ng/login.html"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - 'Opencast'
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/clockwork-php-page.yaml b/exposures/logs/clockwork-php-page.yaml
similarity index 100%
rename from technologies/clockwork-php-page.yaml
rename to exposures/logs/clockwork-php-page.yaml
diff --git a/technologies/chevereto-detect.yaml b/technologies/chevereto-detect.yaml
index 070a428307..59ba07f6fa 100644
--- a/technologies/chevereto-detect.yaml
+++ b/technologies/chevereto-detect.yaml
@@ -4,12 +4,14 @@ info:
name: Chevereto detect
author: pikpikcu
severity: info
+ metadata:
+ shodan-query: http.title:"Centreon"
tags: tech,chevereto
requests:
- method: GET
path:
- - "{{BaseURL}}/login"
+ - "{{BaseURL}}"
matchers-condition: and
matchers:
@@ -18,6 +20,10 @@ requests:
regex:
- 'content="Chevereto(.*)">'
+ - type: status
+ status:
+ - 200
+
extractors:
- type: regex
part: body
diff --git a/technologies/craft-cms-detect.yaml b/technologies/craft-cms-detect.yaml
index ffd1e49a96..5c060a9d32 100644
--- a/technologies/craft-cms-detect.yaml
+++ b/technologies/craft-cms-detect.yaml
@@ -15,7 +15,6 @@ requests:
redirects: true
max-redirects: 2
-
matchers:
- type: word
part: header
diff --git a/technologies/crush-ftp-detect.yaml b/technologies/crush-ftp-detect.yaml
deleted file mode 100644
index ec9d334733..0000000000
--- a/technologies/crush-ftp-detect.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-id: crush-ftp-detect
-
-info:
- name: Crush FTP
- author: pussycat0x
- severity: info
- tags: tech,ftp
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/WebInterface/login.html"
-
- redirects: true
- matchers-condition: and
- matchers:
- - type: word
- words:
- - "CrushFTP WebInterface"
- - type: status
- status:
- - 200
\ No newline at end of file
diff --git a/technologies/lighttpd-default.yaml b/technologies/default-lighttpd-page.yaml
similarity index 100%
rename from technologies/lighttpd-default.yaml
rename to technologies/default-lighttpd-page.yaml
diff --git a/technologies/dolibarr-detect.yaml b/technologies/dolibarr-detect.yaml
deleted file mode 100644
index 77a8f82fdc..0000000000
--- a/technologies/dolibarr-detect.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: dolibarr-detect
-
-info:
- name: Dolibarr detect
- author: pikpikcu
- severity: info
- tags: tech,dolibarr
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}"
-
- matchers:
- - type: regex
- part: body
- regex:
- - 'Dolibarr - Login Dolibarr(.*)'
-
- extractors:
- - type: regex
- part: body
- group: 1
- regex:
- - 'center">(.*) | '
diff --git a/technologies/dotclear-detect.yaml b/technologies/dotclear-detect.yaml
deleted file mode 100644
index 7d622ff72a..0000000000
--- a/technologies/dotclear-detect.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-id: dotclear-detect
-
-info:
- name: Dotclear Detect
- author: pikpikcu
- severity: info
- tags: tech,dotclear
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/dc2/admin/auth.php"
- - "{{BaseURL}}/auth.php"
-
- matchers-condition: and
- matchers:
- - type: word
- words:
- - "Dotclear"
- - type: status
- status:
- - 200
diff --git a/technologies/fanruanoa-detect.yaml b/technologies/fanruanoa-detect.yaml
index 52ab6ec6ad..d78d5cd18b 100644
--- a/technologies/fanruanoa-detect.yaml
+++ b/technologies/fanruanoa-detect.yaml
@@ -13,6 +13,7 @@ requests:
- "{{BaseURL}}/WebReport/ReportServer"
- "{{BaseURL}}/ReportServer"
+ stop-at-first-match: true
matchers-condition: and
matchers:
- type: status
diff --git a/technologies/gespage-detect.yaml b/technologies/gespage-detect.yaml
deleted file mode 100644
index f64facbc02..0000000000
--- a/technologies/gespage-detect.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-id: gespage-detect
-
-info:
- name: Gespage Detect
- author: pikpikcu
- severity: info
- tags: tech,gespage
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/gespage/webapp/login.xhtml"
-
- matchers-condition: and
- matchers:
-
- - type: word
- part: body
- words:
- - "Login utilisateur Gespage"
-
- - type: status
- status:
- - 200
diff --git a/technologies/gilacms-detect.yaml b/technologies/gilacms-detect.yaml
index 335b1b291e..4718a54ca3 100644
--- a/technologies/gilacms-detect.yaml
+++ b/technologies/gilacms-detect.yaml
@@ -12,9 +12,9 @@ requests:
- "{{BaseURL}}"
- "{{BaseURL}}/user"
+ stop-at-first-match: true
matchers-condition: and
matchers:
-
- type: word
part: body
words:
diff --git a/technologies/graphiql-detect.yaml b/technologies/graphiql-detect.yaml
index e5dc4547a3..e78a5f94dd 100644
--- a/technologies/graphiql-detect.yaml
+++ b/technologies/graphiql-detect.yaml
@@ -12,8 +12,13 @@ requests:
path:
- "{{BaseURL}}"
+ matchers-condition: and
matchers:
- type: word
part: body
words:
- - 'GraphiQL'
\ No newline at end of file
+ - '<title>GraphiQL'
+
+ - type: status
+ status:
+ - 200
\ No newline at end of file
diff --git a/technologies/graylog-api-browser.yaml b/technologies/graylog-api-browser.yaml
index 98799a87c0..e2a056083f 100644
--- a/technologies/graylog-api-browser.yaml
+++ b/technologies/graylog-api-browser.yaml
@@ -10,6 +10,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}/api/api-browser/"
+
matchers-condition: and
matchers:
- type: word
@@ -19,6 +20,7 @@ requests:
- "REST API browser"
- "swagger"
condition: and
+
- type: status
status:
- 200
diff --git a/technologies/gunicorn-detect.yaml b/technologies/gunicorn-detect.yaml
index 56f5080384..4ad26a0ab4 100644
--- a/technologies/gunicorn-detect.yaml
+++ b/technologies/gunicorn-detect.yaml
@@ -3,7 +3,8 @@ id: gunicorn-detect
info:
name: Detect Gunicorn Server
author: joanbono
- description: Gunicorn Python WSGI HTTP Server for UNIX - https://github.com/benoitc/gunicorn
+ description: Gunicorn Python WSGI HTTP Server for UNIX
+ reference: https://github.com/benoitc/gunicorn
severity: info
tags: tech,gunicorn
diff --git a/technologies/harbor-detect.yaml b/technologies/harbor-detect.yaml
index 1ede65a8df..d20e4657cf 100644
--- a/technologies/harbor-detect.yaml
+++ b/technologies/harbor-detect.yaml
@@ -9,7 +9,7 @@ info:
requests:
- method: GET
path:
- - '{{BaseURL}}/'
+ - '{{BaseURL}}'
matchers-condition: and
matchers:
diff --git a/technologies/home-assistant-detect.yaml b/technologies/home-assistant-detect.yaml
new file mode 100644
index 0000000000..593b211b99
--- /dev/null
+++ b/technologies/home-assistant-detect.yaml
@@ -0,0 +1,25 @@
+id: home-assistant-detect
+
+info:
+ name: Home Assistant Detect
+ author: fabaff,daffainfo
+ severity: info
+ metadata:
+ shodan-query: http.title:"Home Assistant"
+ tags: tech,iot
+
+requests:
+ - method: GET
+ path:
+ - "{{BaseURL}}"
+
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - '<title>Home Assistant'
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/home-assistant.yaml b/technologies/home-assistant.yaml
deleted file mode 100644
index dfb82e44b7..0000000000
--- a/technologies/home-assistant.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-id: home-assistant
-
-info:
- name: Detect Home Assistant
- author: fabaff
- severity: info
- tags: tech,iot
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}"
- matchers:
- - type: word
- words:
- - "Home Assistant"
diff --git a/technologies/hp-blade-admin-detect.yaml b/technologies/hp-blade-admin-detect.yaml
index 14f3da8032..e36866e17f 100644
--- a/technologies/hp-blade-admin-detect.yaml
+++ b/technologies/hp-blade-admin-detect.yaml
@@ -4,7 +4,8 @@ info:
name: HP BladeSystem Onboard Administrator
author: pussycat0x
severity: info
- reference: https://www.shodan.io/search?query=http.title%3A%22HP+BladeSystem%22
+ metadata:
+ shodan-query: http.title:"HP BladeSystem"
tags: panel,hp
requests:
diff --git a/technologies/influxdb-detect.yaml b/technologies/influxdb-detect.yaml
index 7a9538b3aa..dc4cc49a71 100644
--- a/technologies/influxdb-detect.yaml
+++ b/technologies/influxdb-detect.yaml
@@ -4,6 +4,8 @@ info:
name: InfluxDB Detect
author: pikpikcu
severity: info
+ metadata:
+ shodan-query: http.title:"InfluxDB - Admin Interface"
tags: tech,influxdb
requests:
@@ -13,7 +15,6 @@ requests:
matchers-condition: and
matchers:
-
- type: word
part: body
words:
diff --git a/technologies/itop-detect.yaml b/technologies/itop-detect.yaml
deleted file mode 100644
index daf68e81e2..0000000000
--- a/technologies/itop-detect.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-id: itop-detect
-
-info:
- name: iTop Detect
- author: pikpikcu
- severity: info
- tags: tech,itop
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/pages/UI.php"
-
- matchers-condition: and
- matchers:
-
- - type: word
- part: body
- words:
- - "iTop login"
-
- - type: status
- status:
- - 200
diff --git a/technologies/jaspersoft-detect.yaml b/technologies/jaspersoft-detect.yaml
deleted file mode 100644
index e26ad12b3f..0000000000
--- a/technologies/jaspersoft-detect.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-id: jaspersoft-detect
-
-info:
- name: Jaspersoft detected
- author: koti2
- severity: info
- tags: tech,jaspersoft
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/jasperserver/login.html?error=1"
- matchers:
- - type: word
- words:
- - "TIBCO Jaspersoft: Login"
- - "Could not login to JasperReports Server"
- - "About TIBCO JasperReports Server"
- condition: or
diff --git a/technologies/jboss-detect.yaml b/technologies/jboss-detect.yaml
index ea29326cde..cbb93dd2b2 100644
--- a/technologies/jboss-detect.yaml
+++ b/technologies/jboss-detect.yaml
@@ -11,6 +11,7 @@ requests:
path:
- "{{BaseURL}}"
+ matchers-condition: and
matchers:
- type: word
part: body
@@ -19,3 +20,7 @@ requests:
- "Welcome to JBoss Application Server"
- "JBoss EAP 7"
condition: or
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/jenkins-detect.yaml b/technologies/jenkins-detect.yaml
index 4153223310..db5021ca32 100644
--- a/technologies/jenkins-detect.yaml
+++ b/technologies/jenkins-detect.yaml
@@ -2,7 +2,7 @@ id: jenkins-detect
info:
name: Jenkins detect (version)
- author: philippdelteil
+ author: philippdelteil,daffainfo
severity: info
tags: tech,jenkins
@@ -10,16 +10,19 @@ requests:
- method: GET
path:
- "{{BaseURL}}"
+
matchers-condition: and
matchers:
- type: word
words:
- "X-Jenkins"
+ - "X-Jenkins-Session"
part: header
+ condition: and
- type: word
words:
- - "<title>Sign in [Jenkins]"
+ - "Dashboard [Jenkins]"
part: body
extractors:
diff --git a/technologies/jitsi-meet.yaml b/technologies/jitsi-meet-detect.yaml
similarity index 65%
rename from technologies/jitsi-meet.yaml
rename to technologies/jitsi-meet-detect.yaml
index 745a2c98e6..459d7da2ed 100644
--- a/technologies/jitsi-meet.yaml
+++ b/technologies/jitsi-meet-detect.yaml
@@ -1,11 +1,12 @@
-id: jitsi-meet
+id: jitsi-meet-detect
info:
- name: Jitsi Meet Page
+ name: Jitsi Meet Page Detect
author: dhiyaneshDK
severity: info
- reference: https://www.shodan.io/search?query=http.title%3A%22Jitsi+Meet%22
- tags: tech
+ metadata:
+ shodan-query: http.title:"Jitsi Meet"
+ tags: tech,jitsi
requests:
- method: GET
@@ -15,8 +16,10 @@ requests:
matchers-condition: and
matchers:
- type: word
+ part: body
words:
- "Jitsi Meet"
+
- type: status
status:
- 200
diff --git a/technologies/jolokia.yaml b/technologies/jolokia-detect.yaml
similarity index 95%
rename from technologies/jolokia.yaml
rename to technologies/jolokia-detect.yaml
index 957b898273..7c44fa8403 100644
--- a/technologies/jolokia.yaml
+++ b/technologies/jolokia-detect.yaml
@@ -1,4 +1,4 @@
-id: jolokia-instance
+id: jolokia-detect
info:
name: Jolokia Version Disclosure
diff --git a/technologies/kibana-detect.yaml b/technologies/kibana-detect.yaml
deleted file mode 100644
index c64939b6df..0000000000
--- a/technologies/kibana-detect.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-id: kibana-detect
-
-info:
- name: Kibana Service Detection
- author: petruknisme
- severity: info
- tags: tech,kibana
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/login?next=%2F"
- - "{{BaseURL}}/bundles/login.bundle.js"
- - "{{BaseURL}}/bundles/kibana.style.css"
-
- matchers:
- - type: word
- words:
- - "Kibana"
- - "kibanaLoaderWrap"
- - "kibanaLoader"
- - "xpack"
- - "Elasticsearch B.V"
- condition: or
\ No newline at end of file
diff --git a/technologies/kong-detect.yaml b/technologies/kong-detect.yaml
index 39e4d58bb7..aa380e4267 100644
--- a/technologies/kong-detect.yaml
+++ b/technologies/kong-detect.yaml
@@ -2,7 +2,8 @@ id: kong-detect
info:
name: Detect Kong
author: geeknik
- description: The Cloud-Native API Gateway - https://github.com/Kong/kong
+ description: The Cloud-Native API Gateway
+ reference: https://github.com/Kong/kong
severity: info
tags: tech,kong
diff --git a/technologies/linkerd-badrule-detect.yaml b/technologies/linkerd-detect.yaml
similarity index 100%
rename from technologies/linkerd-badrule-detect.yaml
rename to technologies/linkerd-detect.yaml
diff --git a/technologies/lucee-detect.yaml b/technologies/lucee-detect.yaml
index ae7e0c7860..0387d7f2ce 100644
--- a/technologies/lucee-detect.yaml
+++ b/technologies/lucee-detect.yaml
@@ -11,8 +11,8 @@ requests:
path:
- "{{BaseURL}}"
+ matchers-condition: and
matchers:
-
- type: regex
part: header
regex:
@@ -20,3 +20,7 @@ requests:
- "(?i)X-CB-Server: LUCEE"
- "(?i)X-IDG-Appserver: Lucee"
condition: or
+
+ - type: status
+ status:
+ - 200
diff --git a/technologies/mautic-crm-detect.yaml b/technologies/mautic-crm-detect.yaml
deleted file mode 100644
index 9d2f535e1d..0000000000
--- a/technologies/mautic-crm-detect.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-id: mautic-crm-detect
-
-info:
- name: mautic crm detect
- author: cyllective
- severity: info
- description: Detects Mautic CRM
- tags: tech,mautic,crm
- reference:
- - https://github.com/mautic/mautic
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/s/login"
-
- matchers-condition: or
- matchers:
- - type: word
- part: body
- condition: or
- words:
- - 'Mautic'
- - 'MoinMoin Powered'
- '
Python Powered'
+ - type: status
+ status:
+ - 200
+
extractors:
- type: regex
part: body
diff --git a/technologies/mrtg-detect.yaml b/technologies/mrtg-detect.yaml
index 96f95f15d6..c081f714b4 100644
--- a/technologies/mrtg-detect.yaml
+++ b/technologies/mrtg-detect.yaml
@@ -3,7 +3,8 @@ id: mrtg-detect
info:
name: Detect MRTG
author: geeknik
- description: The Multi Router Traffic Grapher -- https://oss.oetiker.ch/mrtg/
+ description: The Multi Router Traffic Grapher
+ reference: https://oss.oetiker.ch/mrtg/
severity: info
tags: tech,mrtg
@@ -14,6 +15,7 @@ requests:
- "{{BaseURL}}/mrtg/"
- "{{BaseURL}}/MRTG/"
+ stop-at-first-match: true
matchers-condition: and
matchers:
- type: status
diff --git a/technologies/nifi-detech.yaml b/technologies/nifi-detech.yaml
index 837e4c43fd..725823f16e 100644
--- a/technologies/nifi-detech.yaml
+++ b/technologies/nifi-detech.yaml
@@ -17,13 +17,16 @@ requests:
- "{{BaseURL}}/system-diagnostics"
- "{{BaseURL}}/nifi-api/access/config"
+ stop-at-first-match: true
matchers-condition: and
matchers:
- type: regex
+ part: body
regex:
- "supportsLogin"
- "disconnectedNodeAcknowledged"
- "(aggregate|node)Snapshots?"
+ condition: or
- type: status
status:
diff --git a/technologies/node-red-detect.yaml b/technologies/node-red-detect.yaml
index a0fd837d44..562f02c523 100644
--- a/technologies/node-red-detect.yaml
+++ b/technologies/node-red-detect.yaml
@@ -13,7 +13,6 @@ requests:
matchers-condition: and
matchers:
-
- type: word
part: body
words:
diff --git a/technologies/octobercms-detect.yaml b/technologies/octobercms-detect.yaml
index 1b5b221c6c..20db628a6b 100644
--- a/technologies/octobercms-detect.yaml
+++ b/technologies/octobercms-detect.yaml
@@ -14,6 +14,7 @@ requests:
- "{{BaseURL}}"
- "{{BaseURL}}/modules/system/assets/js/framework.combined-min.js"
+ stop-at-first-match: true
redirects: true
max-redirects: 1
matchers:
diff --git a/technologies/oidc-detect.yaml b/technologies/oidc-detect.yaml
index f87bf320d2..eade1914d6 100644
--- a/technologies/oidc-detect.yaml
+++ b/technologies/oidc-detect.yaml
@@ -11,6 +11,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}/.well-known/openid-configuration"
+
matchers-condition: and
matchers:
- type: status
diff --git a/technologies/olivetti-crf-detect.yaml b/technologies/olivetti-crf-detect.yaml
index a54a16fb8e..7034c9514e 100644
--- a/technologies/olivetti-crf-detect.yaml
+++ b/technologies/olivetti-crf-detect.yaml
@@ -1,9 +1,11 @@
id: olivetti-crf-detect
+
info:
name: Olivetti CRF Detect
author: pussycat0x
severity: info
- reference: https://www.shodan.io/search?query=http.title%3A%22Olivetti+CRF%22
+ metadata:
+ shodan-query: http.title:"Olivetti CRF"
tags: tech,olivetti
requests:
diff --git a/technologies/oneblog-detect.yaml b/technologies/oneblog-detect.yaml
index 72fa47957b..f6ff236ad9 100644
--- a/technologies/oneblog-detect.yaml
+++ b/technologies/oneblog-detect.yaml
@@ -2,22 +2,23 @@ id: oneblog-detect
info:
name: OneBlog Detect
- author: pikpikcu
+ author: pikpikcu,daffainfo
severity: info
tags: tech,oneblog
requests:
- method: GET
path:
- - "{{BaseURL}}/passport/login/"
+ - "{{BaseURL}}"
matchers-condition: and
matchers:
-
- type: word
part: body
words:
- - "
OneBlog开源博客后台管理系统"
+ - '
OneBlog开源博客后台管理系统'
+ - '
Opencast'
diff --git a/technologies/openx-detect.yaml b/technologies/openx-detect.yaml
index 9d76d1fab6..b0a7dfcdfd 100644
--- a/technologies/openx-detect.yaml
+++ b/technologies/openx-detect.yaml
@@ -9,8 +9,10 @@ info:
requests:
- method: GET
path:
- - "{{BaseURL}}/www/admin/"
+ - "{{BaseURL}}/www/admin/index.php"
+ - "{{BaseURL}}/admin/index.php"
+ stop-at-first-match: true
matchers-condition: and
matchers:
- type: regex
@@ -27,4 +29,4 @@ requests:
part: body
group: 1
regex:
- - 'content="(.*)- http://www.openx.org">'
+ - '(.*)- http://www.openx.org'
diff --git a/technologies/wondercms-detect.yaml b/technologies/wondercms-detect.yaml
index b244d32945..3edc662811 100644
--- a/technologies/wondercms-detect.yaml
+++ b/technologies/wondercms-detect.yaml
@@ -13,7 +13,6 @@ requests:
matchers-condition: and
matchers:
-
- type: word
part: body
words:
diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml
index e4d1e7aacc..8839d627ce 100644
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@@ -11,7 +11,7 @@ info:
requests:
- method: GET
path:
- - "{{RootURL}}"
+ - "{{BaseURL}}"
redirects: true
max-redirects: 2
diff --git a/technologies/wordpress-gotmls-detect.yaml b/technologies/wordpress-gotmls-detect.yaml
deleted file mode 100644
index f9fb7b85d9..0000000000
--- a/technologies/wordpress-gotmls-detect.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: wordpress-gotmls-detect
-
-info:
- name: Detect WordPress Plugin Anti-Malware Security and Bruteforce Firewall
- author: vsh00t
- reference: https://www.exploit-db.com/exploits/50107
- severity: info
- tags: wordpress,wp-plugin,gotmls
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/wp-admin/admin-ajax.php?action={{randstr}}&file=../../../../../../../../../Windows/win.ini"
-
- matchers-condition: and
- matchers:
- - type: word
- part: header
- words:
- - "gotmls"
-
- - type: status
- status:
- - 302
-
- extractors:
- - type: kval
- part: header
- kval:
- - location
diff --git a/technologies/linkerd-service-detect.yaml b/vulnerabilities/linkerd/linkerd-ssrf.yaml
similarity index 100%
rename from technologies/linkerd-service-detect.yaml
rename to vulnerabilities/linkerd/linkerd-ssrf.yaml