updates to the phpmyadmin panel detection script

Added another possible path URL for detection phpmyadmin panel and matching condition along with possile title to be detected for confirmation of the exposed phpmyadmin panel.
patch-1
Evolutionsec 2021-08-23 12:52:33 +05:30 committed by GitHub
parent f4a1de8225
commit d9e859953c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions

View File

@ -20,14 +20,17 @@ requests:
- "{{BaseURL}}/typo3/phpmyadmin/"
- "{{BaseURL}}/web/phpmyadmin/"
- "{{BaseURL}}/xampp/phpmyadmin/"
- "{{BaseURL}}/phpMyAdmin/" #add another possible path for phpmyadmin panel detection
matchers-condition: or #add matching condition
matchers:
- type: word
words:
- "<title>phpMyAdmin</title>"
- "<title>phpMyAdmin </title>" #result pattern with a trailing whitespace.
extractors:
- type: regex
part: body
group: 1
regex:
- 'v=([a-z0-9-._]+)'
- 'v=([a-z0-9-._]+)'