From ac4f58f16ea30334b35fd44de028e1be6e5cf8b9 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Mon, 24 Oct 2022 14:03:46 -0300 Subject: [PATCH 1/4] Update liferay-portal-detect.yaml --- technologies/liferay-portal-detect.yaml | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/technologies/liferay-portal-detect.yaml b/technologies/liferay-portal-detect.yaml index 88dfad3794..276b0e5b94 100644 --- a/technologies/liferay-portal-detect.yaml +++ b/technologies/liferay-portal-detect.yaml @@ -2,7 +2,7 @@ id: liferay-portal-detect info: name: Liferay Portal Detection - author: organiccrap,dwisiswant0 + author: organiccrap,dwisiswant0,ricardomaia severity: info reference: - https://github.com/mzer0one/CVE-2020-7961-POC @@ -11,10 +11,18 @@ info: requests: - method: GET path: - - '{{BaseURL}}/api/jsonws' - - '{{BaseURL}}/api/jsonws/invoke' + - "{{BaseURL}}" + - "{{BaseURL}}/api/jsonws" + - "{{BaseURL}}/api/jsonws/invoke" + matchers-condition: or + stop-at-first-match: true matchers: + - type: word + case-insensitive: true + words: + - "Liferay-Portal" + part: header - type: word words: - json-web-services-api @@ -22,3 +30,11 @@ requests: - Unable to deserialize object condition: or part: body + + extractors: + - type: regex + part: header + name: version + group: 2 + regex: + - '(i?)Liferay-Portal:.*?(\d+\.?.*?)\s' From 00c7e51909162f6345762d11fb4f9bf3e44f892e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 25 Oct 2022 17:51:47 +0530 Subject: [PATCH 2/4] Update and rename liferay-portal-detect.yaml to liferay-portal.yaml --- .../{liferay-portal-detect.yaml => liferay-portal.yaml} | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) rename technologies/{liferay-portal-detect.yaml => liferay-portal.yaml} (99%) diff --git a/technologies/liferay-portal-detect.yaml b/technologies/liferay-portal.yaml similarity index 99% rename from technologies/liferay-portal-detect.yaml rename to technologies/liferay-portal.yaml index 276b0e5b94..8b1386fe9b 100644 --- a/technologies/liferay-portal-detect.yaml +++ b/technologies/liferay-portal.yaml @@ -19,17 +19,18 @@ requests: stop-at-first-match: true matchers: - type: word - case-insensitive: true + part: header words: - "Liferay-Portal" - part: header + case-insensitive: true + - type: word + part: body words: - json-web-services-api - There are no services matching that phrase. - Unable to deserialize object condition: or - part: body extractors: - type: regex From 5a4394fff7d9fbd030365d67367172014f244b41 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 25 Oct 2022 17:53:29 +0530 Subject: [PATCH 3/4] Update liferay-portal.yaml --- technologies/liferay-portal.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/technologies/liferay-portal.yaml b/technologies/liferay-portal.yaml index 8b1386fe9b..11ab113d15 100644 --- a/technologies/liferay-portal.yaml +++ b/technologies/liferay-portal.yaml @@ -1,12 +1,16 @@ -id: liferay-portal-detect +id: liferay-portal info: - name: Liferay Portal Detection + name: Liferay Portal Detect author: organiccrap,dwisiswant0,ricardomaia severity: info reference: + - https://www.liferay.com/ - https://github.com/mzer0one/CVE-2020-7961-POC - tags: tech,liferay + metadata: + verified: true + shodan-query: http.favicon.hash:129457226 + tags: tech,liferay,panel,portal requests: - method: GET From 76e5510dc8136911b812d4bb06910c443af19ef9 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 25 Oct 2022 17:55:05 +0530 Subject: [PATCH 4/4] Update and rename technologies/liferay-portal.yaml to exposed-panels/liferay-portal.yaml --- {technologies => exposed-panels}/liferay-portal.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {technologies => exposed-panels}/liferay-portal.yaml (96%) diff --git a/technologies/liferay-portal.yaml b/exposed-panels/liferay-portal.yaml similarity index 96% rename from technologies/liferay-portal.yaml rename to exposed-panels/liferay-portal.yaml index 11ab113d15..6695bd7c6e 100644 --- a/technologies/liferay-portal.yaml +++ b/exposed-panels/liferay-portal.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true shodan-query: http.favicon.hash:129457226 - tags: tech,liferay,panel,portal + tags: panel,liferay,portal requests: - method: GET