minor updates

2021-05-03 12:52:21 +05:30 · 2021-05-03 12:52:21 +05:30 · c9e62eeed5
parent 15c7472891
commit c9e62eeed5
2 changed files with 8 additions and 8 deletions
--- a/exposures/configs/oracle-ebs-credentials-disclosure.yaml
+++ b/exposures/configs/oracle-ebs-credentials-disclosure.yaml
@ -4,7 +4,7 @@ info:
  name: Oracle EBS Credentials Disclosure
  author: dhiyaneshDk
  severity: medium
-  tags: oracle
+  tags: config,exposure,oracle
  reference:
    - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
    - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf
@ -14,7 +14,7 @@ requests:
  - method: GET
    path:
      - '{{BaseURL}}/OA_HTML/jtfwrepo.xml'
-      - '{{BaseURL}}//OA_HTML/jtfwrepo.xml'
+
    matchers-condition: and
    matchers:
      - type: word
--- a/exposures/logs/oracle-ebs-sqllog-disclosure.yaml
+++ b/exposures/logs/oracle-ebs-sqllog-disclosure.yaml
@ -4,18 +4,16 @@ info:
  name: Oracle EBS SQL Log Disclosure
  author: dhiyaneshDk
  severity: medium
-  tags: oracle
-  reference:
-    - https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/
+  tags: oracle,ebs,log,exposure
+  reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/

 requests:
  - method: GET
    path:
-      - '{{BaseURL}}/html/bin//sqlnet.log'
-      - '{{BaseURL}}//html/bin//sqlnet.log'
-      - '{{BaseURL}}//OA_HTML/bin//sqlnet.log'
+      - '{{BaseURL}}/OA_HTML/bin/sqlnet.log'
    headers:
      User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
+
    matchers-condition: and
    matchers:
      - type: word
@ -23,10 +21,12 @@ requests:
          - "DESCRIPTION="
          - "USER="
        part: body
+
      - type: word
        words:
          - "text/plain"
        part: header
+
      - type: status
        status:
          - 200