Seperate technology template (#3430)
* Edit magmi workflow * Add some workflow template + edit some template * Changing some templates * minor update * workflow matcher fixes * tech update * Seperate technology template * Update metabase-panel.yaml * Update lucee-detect.yaml * Update oneblog-detect.yaml * Update dolibarr-panel.yaml * Update dolibarr-panel.yaml * Update dolibarr-panel.yaml * Update gespage-panel.yaml * Update gespage-panel.yaml * Update mautic-crm-panel.yaml * Update kibana-panel.yaml * Update metabase-panel.yaml * Update home-assistant-detect.yaml * Update jitsi-meet-detect.yaml * Update lucee-detect.yaml * Update gotmls-plugin-lfi.yaml * Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml * duplicate template - cves/2020/CVE-2020-11738.yaml Co-authored-by: sandeep <sandeep@projectdiscovery.io> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>patch-1
parent
af6f66a37d
commit
c83d035fff
|
@ -1,10 +1,12 @@
|
||||||
id: daybyday-detect
|
id: daybyday-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: DaybydayCRM Detect
|
name: DaybydayCRM Panel Login
|
||||||
author: pikpikcu
|
author: pikpikcu,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,daybyday
|
metadata:
|
||||||
|
shodan-query: http.title:"Daybyday"
|
||||||
|
tags: panel,daybyday
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
|
@ -0,0 +1,39 @@
|
||||||
|
id: dolibarr-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Dolibarr Panel Login
|
||||||
|
author: pikpikcu,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Dolibarr"
|
||||||
|
tags: panel,dolibarr
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- 'Set-Cookie: DOLSESSID_'
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<meta name="author" content="Dolibarr Development Team">'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
||||||
|
extractors:
|
||||||
|
- type: regex
|
||||||
|
part: body
|
||||||
|
group: 1
|
||||||
|
regex:
|
||||||
|
- '<td align="center">Dolibarr ([0-9.]+)<\/td>'
|
||||||
|
- '<td class="center">Dolibarr ([0-9.]+)<\/td>'
|
||||||
|
- '<div id="infoVersion">Dolibarr ([0-9.]+)<\/div>'
|
|
@ -0,0 +1,27 @@
|
||||||
|
id: dotclear-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Dotclear Panel Login
|
||||||
|
author: pikpikcu,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Dotclear"
|
||||||
|
tags: panel,dotclear
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/dc2/admin/auth.php"
|
||||||
|
- "{{BaseURL}}/auth.php"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- '<body id="dotclear-admin" class="auth">'
|
||||||
|
- '<title>Dotclear</title>'
|
||||||
|
condition: or
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -1,10 +1,10 @@
|
||||||
id: druid-detect
|
id: druid-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Druid monitor Detect
|
name: Druid monitor Panel Login
|
||||||
author: pikpikcu
|
author: pikpikcu,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,druid
|
tags: panel,druid
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -13,7 +13,6 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
|
@ -1,27 +1,34 @@
|
||||||
id: ems-webclient-detect
|
id: ems-webclient-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: EMS Web Client
|
name: EMS Web Client Panel Login
|
||||||
author: pussycat0x
|
author: pussycat0x,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
metadata:
|
metadata:
|
||||||
google-dork: inurl:EMSWebClient/
|
google-dork: inurl:EMSWebClient/
|
||||||
tags: tech,ems
|
tags: panel,ems
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/emswebclient/Login.aspx"
|
- "{{BaseURL}}/emswebclient/Login.aspx"
|
||||||
- "{{BaseURL}}/Login.aspx"
|
- "{{BaseURL}}/Login.aspx"
|
||||||
|
|
||||||
stop-at-first-match: true
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
- type: word
|
||||||
- type: word
|
part: body
|
||||||
words:
|
words:
|
||||||
- "EMS Web Client - Login"
|
- "EMS Web Client - Login"
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
||||||
|
extractors:
|
||||||
|
- type: regex
|
||||||
|
part: body
|
||||||
|
group: 1
|
||||||
|
regex:
|
||||||
|
- 'Web Client Version (.*)</span>'
|
|
@ -1,10 +1,12 @@
|
||||||
id: fortinet-detect
|
id: fortinet-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Fortinet detected
|
name: Fortinet Panel Login
|
||||||
author: pikpikcu,daffainfo
|
author: pikpikcu,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,jboss
|
metadata:
|
||||||
|
shodan-query: http.title:"FORTINET LOGIN"
|
||||||
|
tags: panel,fotinet
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
|
@ -0,0 +1,34 @@
|
||||||
|
id: gespage-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Gespage Panel Login
|
||||||
|
author: pikpikcu,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: "Path=/gespage"
|
||||||
|
tags: panel,gespage
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/gespage/webapp/login.xhtml"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<link rel="stylesheet" href="css/gespage.css" />'
|
||||||
|
- '<link rel="stylesheet" href="css/menugrey.css" />'
|
||||||
|
condition: and
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
||||||
|
extractors:
|
||||||
|
- type: regex
|
||||||
|
part: body
|
||||||
|
group: 1
|
||||||
|
regex:
|
||||||
|
- '\(Ver: ([0-9._A-Z]+)\)'
|
|
@ -1,10 +1,12 @@
|
||||||
id: glpi-cms-detect
|
id: glpi-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: GLPI Cms Detection
|
name: GLPI Panel Login
|
||||||
author: dogasantos
|
author: dogasantos,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: glpi,cms,php
|
metadata:
|
||||||
|
shodan-query: http.title:"GLPI"
|
||||||
|
tags: panel,glpi
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -13,6 +15,7 @@ requests:
|
||||||
- "{{BaseURL}}/glpi/"
|
- "{{BaseURL}}/glpi/"
|
||||||
- "{{BaseURL}}/glpi2/"
|
- "{{BaseURL}}/glpi2/"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
|
@ -25,3 +28,10 @@ requests:
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
||||||
|
extractors:
|
||||||
|
- type: regex
|
||||||
|
part: body
|
||||||
|
group: 1
|
||||||
|
regex:
|
||||||
|
- 'base.min.js?v=(.*)'
|
|
@ -0,0 +1,29 @@
|
||||||
|
id: jaspersoft-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Jaspersoft Panel Login
|
||||||
|
author: koti2,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Jaspersoft"
|
||||||
|
tags: panel,jaspersoft
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/jasperserver/login.html?error=1"
|
||||||
|
- "{{BaseURL}}/jasperserver-pro/login.html?error=1"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "TIBCO Jaspersoft: Login"
|
||||||
|
- "Could not login to JasperReports Server"
|
||||||
|
- "About TIBCO JasperReports Server"
|
||||||
|
condition: or
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -1,10 +1,12 @@
|
||||||
id: jeedom-detect
|
id: jeedom-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Jeedom Detect
|
name: Jeedom Login Panel
|
||||||
author: pikpikcu
|
author: pikpikcu,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,jeedom
|
metadata:
|
||||||
|
shodan-query: http.title:"Jeedom"
|
||||||
|
tags: panel,jeedom
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -13,11 +15,12 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
- "<title>Jeedom</title>"
|
- "<title>Jeedom</title>"
|
||||||
|
- "JEEDOM_PRODUCT_NAME"
|
||||||
|
condition: and
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
|
@ -0,0 +1,26 @@
|
||||||
|
id: kibana-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Kibana Panel Login
|
||||||
|
author: petruknisme,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Kibana"
|
||||||
|
tags: panel,kibana
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/login"
|
||||||
|
|
||||||
|
matchers-condition: or
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- "<title>Kibana</title>"
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- "Kbn-Name:"
|
|
@ -1,10 +1,10 @@
|
||||||
id: landrayoa-detect
|
id: landrayoa-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: LandrayOA detect
|
name: LandrayOA Panel Login
|
||||||
author: YanYun
|
author: YanYun
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,landrayoa
|
tags: panel,landrayoa
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -16,11 +16,14 @@ requests:
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
|
part: body
|
||||||
words:
|
words:
|
||||||
- 'lui_login_input_username'
|
- 'lui_login_input_username'
|
||||||
- 'lui_login_input_password'
|
- 'lui_login_input_password'
|
||||||
condition: and
|
condition: and
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
words:
|
words:
|
||||||
- 'isopen='
|
- 'isopen='
|
|
@ -0,0 +1,27 @@
|
||||||
|
id: mautic-crm-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Mautic CRM Panel Login
|
||||||
|
author: cyllective,daffainfo
|
||||||
|
severity: info
|
||||||
|
description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms, questionnaires, reports, etc.
|
||||||
|
reference: https://github.com/mautic/mautic
|
||||||
|
tags: tech,mautic,crm
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/s/login"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<title>Mautic</title>'
|
||||||
|
- 'var mauticBasePath'
|
||||||
|
condition: and
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -1,11 +1,13 @@
|
||||||
id: metabase-version-detect
|
id: metabase-panel
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Detect Metabase Version
|
name: Metabase Login Panel
|
||||||
author: revblock
|
author: revblock,daffainfo
|
||||||
description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source
|
description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Metabase"
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,metabase
|
tags: panel,metabase
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -14,17 +16,16 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
|
part: body
|
||||||
words:
|
words:
|
||||||
- "<title>Metabase</title>"
|
- "<title>Metabase</title>"
|
||||||
- "window.MetabaseBootstrap"
|
- "window.MetabaseBootstrap"
|
||||||
- "window.MetabaseRoot"
|
- "window.MetabaseRoot"
|
||||||
part: body
|
|
||||||
condition: and
|
condition: and
|
||||||
|
|
||||||
extractors:
|
extractors:
|
|
@ -0,0 +1,25 @@
|
||||||
|
id: opencast-panel
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Opencast Panel Login
|
||||||
|
author: cyllective,daffainfo
|
||||||
|
severity: info
|
||||||
|
description: The free and open source solution for automated video capture and distribution at scale.
|
||||||
|
reference: https://github.com/opencast/opencast
|
||||||
|
tags: panel,opencast
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/admin-ng/login.html"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<title>Opencast</title>'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -4,12 +4,14 @@ info:
|
||||||
name: Chevereto detect
|
name: Chevereto detect
|
||||||
author: pikpikcu
|
author: pikpikcu
|
||||||
severity: info
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Centreon"
|
||||||
tags: tech,chevereto
|
tags: tech,chevereto
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/login"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
@ -18,6 +20,10 @@ requests:
|
||||||
regex:
|
regex:
|
||||||
- 'content="Chevereto(.*)">'
|
- 'content="Chevereto(.*)">'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: body
|
part: body
|
||||||
|
|
|
@ -15,7 +15,6 @@ requests:
|
||||||
|
|
||||||
redirects: true
|
redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
id: crush-ftp-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Crush FTP
|
|
||||||
author: pussycat0x
|
|
||||||
severity: info
|
|
||||||
tags: tech,ftp
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/WebInterface/login.html"
|
|
||||||
|
|
||||||
redirects: true
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
words:
|
|
||||||
- "<title>CrushFTP WebInterface</title>"
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 200
|
|
|
@ -1,25 +0,0 @@
|
||||||
id: dolibarr-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Dolibarr detect
|
|
||||||
author: pikpikcu
|
|
||||||
severity: info
|
|
||||||
tags: tech,dolibarr
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}"
|
|
||||||
|
|
||||||
matchers:
|
|
||||||
- type: regex
|
|
||||||
part: body
|
|
||||||
regex:
|
|
||||||
- '<title>Dolibarr - Login Dolibarr(.*)</title>'
|
|
||||||
|
|
||||||
extractors:
|
|
||||||
- type: regex
|
|
||||||
part: body
|
|
||||||
group: 1
|
|
||||||
regex:
|
|
||||||
- 'center">(.*)</td>'
|
|
|
@ -1,22 +0,0 @@
|
||||||
id: dotclear-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Dotclear Detect
|
|
||||||
author: pikpikcu
|
|
||||||
severity: info
|
|
||||||
tags: tech,dotclear
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/dc2/admin/auth.php"
|
|
||||||
- "{{BaseURL}}/auth.php"
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
words:
|
|
||||||
- "<title>Dotclear</title>"
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 200
|
|
|
@ -13,6 +13,7 @@ requests:
|
||||||
- "{{BaseURL}}/WebReport/ReportServer"
|
- "{{BaseURL}}/WebReport/ReportServer"
|
||||||
- "{{BaseURL}}/ReportServer"
|
- "{{BaseURL}}/ReportServer"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: status
|
- type: status
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
id: gespage-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Gespage Detect
|
|
||||||
author: pikpikcu
|
|
||||||
severity: info
|
|
||||||
tags: tech,gespage
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/gespage/webapp/login.xhtml"
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
|
|
||||||
- type: word
|
|
||||||
part: body
|
|
||||||
words:
|
|
||||||
- "<title>Login utilisateur Gespage</title>"
|
|
||||||
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 200
|
|
|
@ -12,9 +12,9 @@ requests:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
- "{{BaseURL}}/user"
|
- "{{BaseURL}}/user"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
|
|
|
@ -12,8 +12,13 @@ requests:
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
- '<title>GraphiQL'
|
- '<title>GraphiQL'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -10,6 +10,7 @@ requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/api/api-browser/"
|
- "{{BaseURL}}/api/api-browser/"
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
|
@ -19,6 +20,7 @@ requests:
|
||||||
- "REST API browser"
|
- "REST API browser"
|
||||||
- "swagger"
|
- "swagger"
|
||||||
condition: and
|
condition: and
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
||||||
|
|
|
@ -3,7 +3,8 @@ id: gunicorn-detect
|
||||||
info:
|
info:
|
||||||
name: Detect Gunicorn Server
|
name: Detect Gunicorn Server
|
||||||
author: joanbono
|
author: joanbono
|
||||||
description: Gunicorn Python WSGI HTTP Server for UNIX - https://github.com/benoitc/gunicorn
|
description: Gunicorn Python WSGI HTTP Server for UNIX
|
||||||
|
reference: https://github.com/benoitc/gunicorn
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,gunicorn
|
tags: tech,gunicorn
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@ info:
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/'
|
- '{{BaseURL}}'
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
id: home-assistant-detect
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Home Assistant Detect
|
||||||
|
author: fabaff,daffainfo
|
||||||
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"Home Assistant"
|
||||||
|
tags: tech,iot
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<title>Home Assistant</title>'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -1,16 +0,0 @@
|
||||||
id: home-assistant
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Detect Home Assistant
|
|
||||||
author: fabaff
|
|
||||||
severity: info
|
|
||||||
tags: tech,iot
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}"
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
words:
|
|
||||||
- "<title>Home Assistant</title>"
|
|
|
@ -4,7 +4,8 @@ info:
|
||||||
name: HP BladeSystem Onboard Administrator
|
name: HP BladeSystem Onboard Administrator
|
||||||
author: pussycat0x
|
author: pussycat0x
|
||||||
severity: info
|
severity: info
|
||||||
reference: https://www.shodan.io/search?query=http.title%3A%22HP+BladeSystem%22
|
metadata:
|
||||||
|
shodan-query: http.title:"HP BladeSystem"
|
||||||
tags: panel,hp
|
tags: panel,hp
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
|
|
|
@ -4,6 +4,8 @@ info:
|
||||||
name: InfluxDB Detect
|
name: InfluxDB Detect
|
||||||
author: pikpikcu
|
author: pikpikcu
|
||||||
severity: info
|
severity: info
|
||||||
|
metadata:
|
||||||
|
shodan-query: http.title:"InfluxDB - Admin Interface"
|
||||||
tags: tech,influxdb
|
tags: tech,influxdb
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
|
@ -13,7 +15,6 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
id: itop-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: iTop Detect
|
|
||||||
author: pikpikcu
|
|
||||||
severity: info
|
|
||||||
tags: tech,itop
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/pages/UI.php"
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
|
|
||||||
- type: word
|
|
||||||
part: body
|
|
||||||
words:
|
|
||||||
- "<title>iTop login</title>"
|
|
||||||
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 200
|
|
|
@ -1,19 +0,0 @@
|
||||||
id: jaspersoft-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Jaspersoft detected
|
|
||||||
author: koti2
|
|
||||||
severity: info
|
|
||||||
tags: tech,jaspersoft
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/jasperserver/login.html?error=1"
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
words:
|
|
||||||
- "TIBCO Jaspersoft: Login"
|
|
||||||
- "Could not login to JasperReports Server"
|
|
||||||
- "About TIBCO JasperReports Server"
|
|
||||||
condition: or
|
|
|
@ -11,6 +11,7 @@ requests:
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
|
@ -19,3 +20,7 @@ requests:
|
||||||
- "<title>Welcome to JBoss Application Server"
|
- "<title>Welcome to JBoss Application Server"
|
||||||
- "JBoss EAP 7"
|
- "JBoss EAP 7"
|
||||||
condition: or
|
condition: or
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
|
@ -2,7 +2,7 @@ id: jenkins-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Jenkins detect (version)
|
name: Jenkins detect (version)
|
||||||
author: philippdelteil
|
author: philippdelteil,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,jenkins
|
tags: tech,jenkins
|
||||||
|
|
||||||
|
@ -10,16 +10,19 @@ requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
words:
|
words:
|
||||||
- "X-Jenkins"
|
- "X-Jenkins"
|
||||||
|
- "X-Jenkins-Session"
|
||||||
part: header
|
part: header
|
||||||
|
condition: and
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
words:
|
words:
|
||||||
- "<title>Sign in [Jenkins]</title>"
|
- "<title>Dashboard [Jenkins]</title>"
|
||||||
part: body
|
part: body
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
id: jitsi-meet
|
id: jitsi-meet-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Jitsi Meet Page
|
name: Jitsi Meet Page Detect
|
||||||
author: dhiyaneshDK
|
author: dhiyaneshDK
|
||||||
severity: info
|
severity: info
|
||||||
reference: https://www.shodan.io/search?query=http.title%3A%22Jitsi+Meet%22
|
metadata:
|
||||||
tags: tech
|
shodan-query: http.title:"Jitsi Meet"
|
||||||
|
tags: tech,jitsi
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -15,8 +16,10 @@ requests:
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
|
part: body
|
||||||
words:
|
words:
|
||||||
- "<title>Jitsi Meet</title>"
|
- "<title>Jitsi Meet</title>"
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
- 200
|
- 200
|
|
@ -1,4 +1,4 @@
|
||||||
id: jolokia-instance
|
id: jolokia-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Jolokia Version Disclosure
|
name: Jolokia Version Disclosure
|
|
@ -1,24 +0,0 @@
|
||||||
id: kibana-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Kibana Service Detection
|
|
||||||
author: petruknisme
|
|
||||||
severity: info
|
|
||||||
tags: tech,kibana
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/login?next=%2F"
|
|
||||||
- "{{BaseURL}}/bundles/login.bundle.js"
|
|
||||||
- "{{BaseURL}}/bundles/kibana.style.css"
|
|
||||||
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
words:
|
|
||||||
- "<title>Kibana</title>"
|
|
||||||
- "kibanaLoaderWrap"
|
|
||||||
- "kibanaLoader"
|
|
||||||
- "xpack"
|
|
||||||
- "Elasticsearch B.V"
|
|
||||||
condition: or
|
|
|
@ -2,7 +2,8 @@ id: kong-detect
|
||||||
info:
|
info:
|
||||||
name: Detect Kong
|
name: Detect Kong
|
||||||
author: geeknik
|
author: geeknik
|
||||||
description: The Cloud-Native API Gateway - https://github.com/Kong/kong
|
description: The Cloud-Native API Gateway
|
||||||
|
reference: https://github.com/Kong/kong
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,kong
|
tags: tech,kong
|
||||||
|
|
||||||
|
|
|
@ -11,8 +11,8 @@ requests:
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: regex
|
- type: regex
|
||||||
part: header
|
part: header
|
||||||
regex:
|
regex:
|
||||||
|
@ -20,3 +20,7 @@ requests:
|
||||||
- "(?i)X-CB-Server: LUCEE"
|
- "(?i)X-CB-Server: LUCEE"
|
||||||
- "(?i)X-IDG-Appserver: Lucee"
|
- "(?i)X-IDG-Appserver: Lucee"
|
||||||
condition: or
|
condition: or
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
id: mautic-crm-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: mautic crm detect
|
|
||||||
author: cyllective
|
|
||||||
severity: info
|
|
||||||
description: Detects Mautic CRM
|
|
||||||
tags: tech,mautic,crm
|
|
||||||
reference:
|
|
||||||
- https://github.com/mautic/mautic
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/s/login"
|
|
||||||
|
|
||||||
matchers-condition: or
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
part: body
|
|
||||||
condition: or
|
|
||||||
words:
|
|
||||||
- '<title>Mautic</title>'
|
|
||||||
- '<div class="mautic-logo'
|
|
||||||
|
|
||||||
- type: regex
|
|
||||||
part: body
|
|
||||||
condition: or
|
|
||||||
regex:
|
|
||||||
- 'var\s+?mautic(?:BasePath|BaseUrl|AjaxUrl|AjaxCsrf|AssetPrefix|Content|Env|Lang)\s+?='
|
|
||||||
- 'Copyright \d{4} Mautic\. All Rights Reserved\.'
|
|
|
@ -14,6 +14,7 @@ requests:
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
|
@ -22,6 +23,10 @@ requests:
|
||||||
- '<a href="http://moinmo.in/" title="This site uses the MoinMoin Wiki software.">MoinMoin Powered</a>'
|
- '<a href="http://moinmo.in/" title="This site uses the MoinMoin Wiki software.">MoinMoin Powered</a>'
|
||||||
- '<a href="http://moinmo.in/Python" title="MoinMoin is written in Python.">Python Powered</a>'
|
- '<a href="http://moinmo.in/Python" title="MoinMoin is written in Python.">Python Powered</a>'
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: body
|
part: body
|
||||||
|
|
|
@ -3,7 +3,8 @@ id: mrtg-detect
|
||||||
info:
|
info:
|
||||||
name: Detect MRTG
|
name: Detect MRTG
|
||||||
author: geeknik
|
author: geeknik
|
||||||
description: The Multi Router Traffic Grapher -- https://oss.oetiker.ch/mrtg/
|
description: The Multi Router Traffic Grapher
|
||||||
|
reference: https://oss.oetiker.ch/mrtg/
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,mrtg
|
tags: tech,mrtg
|
||||||
|
|
||||||
|
@ -14,6 +15,7 @@ requests:
|
||||||
- "{{BaseURL}}/mrtg/"
|
- "{{BaseURL}}/mrtg/"
|
||||||
- "{{BaseURL}}/MRTG/"
|
- "{{BaseURL}}/MRTG/"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: status
|
- type: status
|
||||||
|
|
|
@ -17,13 +17,16 @@ requests:
|
||||||
- "{{BaseURL}}/system-diagnostics"
|
- "{{BaseURL}}/system-diagnostics"
|
||||||
- "{{BaseURL}}/nifi-api/access/config"
|
- "{{BaseURL}}/nifi-api/access/config"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
|
part: body
|
||||||
regex:
|
regex:
|
||||||
- "supportsLogin"
|
- "supportsLogin"
|
||||||
- "disconnectedNodeAcknowledged"
|
- "disconnectedNodeAcknowledged"
|
||||||
- "(aggregate|node)Snapshots?"
|
- "(aggregate|node)Snapshots?"
|
||||||
|
condition: or
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
|
|
|
@ -13,7 +13,6 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
|
|
|
@ -14,6 +14,7 @@ requests:
|
||||||
- "{{BaseURL}}"
|
- "{{BaseURL}}"
|
||||||
- "{{BaseURL}}/modules/system/assets/js/framework.combined-min.js"
|
- "{{BaseURL}}/modules/system/assets/js/framework.combined-min.js"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
redirects: true
|
redirects: true
|
||||||
max-redirects: 1
|
max-redirects: 1
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -11,6 +11,7 @@ requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/.well-known/openid-configuration"
|
- "{{BaseURL}}/.well-known/openid-configuration"
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: status
|
- type: status
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
id: olivetti-crf-detect
|
id: olivetti-crf-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Olivetti CRF Detect
|
name: Olivetti CRF Detect
|
||||||
author: pussycat0x
|
author: pussycat0x
|
||||||
severity: info
|
severity: info
|
||||||
reference: https://www.shodan.io/search?query=http.title%3A%22Olivetti+CRF%22
|
metadata:
|
||||||
|
shodan-query: http.title:"Olivetti CRF"
|
||||||
tags: tech,olivetti
|
tags: tech,olivetti
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
|
|
|
@ -2,22 +2,23 @@ id: oneblog-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: OneBlog Detect
|
name: OneBlog Detect
|
||||||
author: pikpikcu
|
author: pikpikcu,daffainfo
|
||||||
severity: info
|
severity: info
|
||||||
tags: tech,oneblog
|
tags: tech,oneblog
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/passport/login/"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
- "<title>OneBlog开源博客后台管理系统</title>"
|
- '<title>OneBlog开源博客后台管理系统</title>'
|
||||||
|
- '<meta name="keywords" content="OneBlog'
|
||||||
|
condition: or
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
id: openam-detection
|
id: openam-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Detect OpenAM and OpenSSO
|
name: Detect OpenAM and OpenSSO
|
|
@ -1,21 +0,0 @@
|
||||||
id: opencast-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Opencast detect
|
|
||||||
author: cyllective
|
|
||||||
severity: info
|
|
||||||
description: Detects Opencast
|
|
||||||
tags: tech,opencast
|
|
||||||
reference:
|
|
||||||
- https://github.com/opencast/opencast
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/admin-ng/login.html"
|
|
||||||
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
part: body
|
|
||||||
words:
|
|
||||||
- '<title>Opencast</title>'
|
|
|
@ -9,8 +9,10 @@ info:
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/www/admin/"
|
- "{{BaseURL}}/www/admin/index.php"
|
||||||
|
- "{{BaseURL}}/admin/index.php"
|
||||||
|
|
||||||
|
stop-at-first-match: true
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
|
@ -27,4 +29,4 @@ requests:
|
||||||
part: body
|
part: body
|
||||||
group: 1
|
group: 1
|
||||||
regex:
|
regex:
|
||||||
- 'content="(.*)- http://www.openx.org">'
|
- '(.*)- http://www.openx.org'
|
||||||
|
|
|
@ -13,7 +13,6 @@ requests:
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
|
|
|
@ -11,7 +11,7 @@ info:
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{RootURL}}"
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
redirects: true
|
redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
id: wordpress-gotmls-detect
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: Detect WordPress Plugin Anti-Malware Security and Bruteforce Firewall
|
|
||||||
author: vsh00t
|
|
||||||
reference: https://www.exploit-db.com/exploits/50107
|
|
||||||
severity: info
|
|
||||||
tags: wordpress,wp-plugin,gotmls
|
|
||||||
|
|
||||||
requests:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/wp-admin/admin-ajax.php?action={{randstr}}&file=../../../../../../../../../Windows/win.ini"
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
part: header
|
|
||||||
words:
|
|
||||||
- "gotmls"
|
|
||||||
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 302
|
|
||||||
|
|
||||||
extractors:
|
|
||||||
- type: kval
|
|
||||||
part: header
|
|
||||||
kval:
|
|
||||||
- location
|
|
Loading…
Reference in New Issue