daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update php-scanner.yaml 

Add more interesting stuff.
patch-1
Geeknik Labs 2021-08-27 09:15:22 -05:00 committed by GitHub
parent d174cab04c
commit e6bd5cc73a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 122 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
file/php/php-scanner.yaml
View File

@ -9,10 +9,19 @@ info:
file:
- extensions:
- html
- htm
- phtml
- php
- php3
- php4
- php5
- phps
- cgi
- inc
- tpl
- test
- module
- plugin
extractors:
- type: regex
@ -121,3 +130,116 @@ file:
# Avoiding the use of $http_raw_post_data
regex:
- '\\$http_raw_post_data'
- type: regex
# interesting functions for POP/Unserialize
regex:
- "__autoload"
- "__destruct"
- "__wakeup"
- "__toString"
- "__call"
- "__callStatic"
- "__get"
- "__set"
- "__isset"
- "__unset"
- type: regex:
# phpinfo detected
regex:
- "phpinfo"
- type: regex
# registerPHPFunctions() allows code exec in XML
regex:
- "registerPHPFunctions"
- type: regex
regex:
- "session_start"
- type: regex
# dBase DBMS
regex:
- "dbase_open"
- type: regex
# DB++ DBMS
regex:
- "dbplus_open"
- "dbplus_ropen"
- type: regex
# Frontbase DBMS
regex:
- "fbsql_connect"
- type: regex
# Informix DBMS
regex:
- "ifx_connect"
- type: regex
# IBM DB2 DBMS
regex:
- "db2_(p?)connect"
- type: regex
# FTP server
regex:
- "ftp_(ssl_)?connect"
- type: regex
# Ingres DBMS
regex:
- "ingres_(p?)connect"
- type: regex
# LDAP server
regex:
- "ldap_connect"
- type: regex
# msession server
regex:
- "msession_connect"
- type: regex
# mSQL DBMS
regex:
- "msql_(p?)connect"
- type: regex
# MsSQL DBMS
regex:
- "mssql_(p?)connect"
- type: regex
# MySQL DBMS
regex:
- "mysql_(p?)connect"
- type: regex
# MySQLi Extension
regex:
- "mysqli((_real)?_connect)?"
- type: regex
# Oracle OCI8 DBMS
regex:
- "oci|(_new?)|_connect|(n?|p?)logon"
- type: regex
# Oracle DBMS
regex:
- "ora_(p?)connect"
- type: regex
# Ovrimos SQL DBMS
regex:
- "ovrimos_connect"
- type: regex
# PostgreSQL DBMS
regex:
- "pg_(p?)connect"
- type: regex
# SQLite DBMS
regex:
- "sqlite_(p?)open"
- type: regex
# SQLite3 DBMS
regex:
- "SQLite3"
- type: regex
# Sybase DBMS
regex:
- "sybase_(p?)connect"
- type: regex
# TokyoTyrant DBMS
regex:
- "TokyoTyrant"
- type: regex
# XML document
regex:
- "x(ptr|path)_new_context"