diff --git a/.yamllint b/.yamllint index 7792649366..243c59312d 100644 --- a/.yamllint +++ b/.yamllint @@ -9,6 +9,7 @@ ignore: | rules: document-start: disable + comments-indentation: disable line-length: disable new-lines: disable new-line-at-end-of-file: disable diff --git a/javascript/cves/2023/CVE-2023-34039.yaml b/javascript/cves/2023/CVE-2023-34039.yaml index fe902933c4..91c6c805fc 100644 --- a/javascript/cves/2023/CVE-2023-34039.yaml +++ b/javascript/cves/2023/CVE-2023-34039.yaml @@ -19,7 +19,7 @@ info: tags: cve,cve2019,vmware,aria,rce variables: - keysDir: "helpers/payloads/CVE-2023-34039-keys" # load all private keys from this directory + keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory javascript: # init field can be used to make any preperations before the actual exploit @@ -38,7 +38,7 @@ javascript: let m = require('nuclei/ssh') let c = m.SSHClient() c.ConnectWithKey(Host,Port,'support@'+Host,key) // returns true if connection is successful - + args: Host: "{{Host}}" Port: "22" @@ -47,12 +47,12 @@ javascript: payloads: # 'keys' will be updated by actual private keys after init is executed - keys: + keys: - dummy1 - dummy2 + threads: 10 stop-at-first-match: true - matchers: - type: dsl dsl: diff --git a/javascript/default-logins/mssql-default-logins.yaml b/javascript/default-logins/mssql-default-logins.yaml index 572f6626c9..40d6b0e456 100644 --- a/javascript/default-logins/mssql-default-logins.yaml +++ b/javascript/default-logins/mssql-default-logins.yaml @@ -1,7 +1,7 @@ -id: mssql-weak-credentials +id: mssql-default-logins info: - name: Microsoft Sql - Weak Credentials + name: Microsoft Sql - Default Logins author: Ice3man543,tarunKoyalwar severity: high description: | @@ -9,7 +9,7 @@ info: metadata: max-request: 7 shodan-query: port:1433 - tags: js,mssql,default-login,network + tags: js,mssql,default-login,network javascript: - pre-condition: | diff --git a/javascript/default-logins/postgres-default-logins.yaml b/javascript/default-logins/postgres-default-logins.yaml index c5d3436ac8..97c5e3453f 100644 --- a/javascript/default-logins/postgres-default-logins.yaml +++ b/javascript/default-logins/postgres-default-logins.yaml @@ -8,7 +8,7 @@ info: metadata: max-request: 9 shodan-query: port:5432 - tags: js,postgres,default-login,network + tags: js,postgres,default-login,network javascript: - pre-condition: | diff --git a/javascript/default-logins/redis-default-logins.yaml b/javascript/default-logins/redis-default-logins.yaml index ef5192d7b6..9ea8669acf 100644 --- a/javascript/default-logins/redis-default-logins.yaml +++ b/javascript/default-logins/redis-default-logins.yaml @@ -8,7 +8,7 @@ info: metadata: max-request: 6 shodan-query: product:"redis" - tags: js,redis,default-login,network + tags: js,redis,default-login,network javascript: - pre-condition: | diff --git a/javascript/default-logins/ssh-default-logins.yaml b/javascript/default-logins/ssh-default-logins.yaml index 8a56a5bc9c..1d8a34166c 100644 --- a/javascript/default-logins/ssh-default-logins.yaml +++ b/javascript/default-logins/ssh-default-logins.yaml @@ -6,7 +6,7 @@ info: severity: critical metadata: shodan-query: port:1433 - tags: js,ssh,default-login,network + tags: js,ssh,default-login,network javascript: - pre-condition: | diff --git a/javascript/detection/mssql-detect.yaml b/javascript/detection/mssql-detect.yaml index 6ce1668df3..137da9de13 100644 --- a/javascript/detection/mssql-detect.yaml +++ b/javascript/detection/mssql-detect.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: port:1433 - tags: js,mssql,detect,network + tags: js,mssql,detect,network javascript: - code: | diff --git a/javascript/enumeration/ssh-password-auth.yaml b/javascript/enumeration/ssh-password-auth.yaml index 43b7ad191f..85cd794169 100644 --- a/javascript/enumeration/ssh-password-auth.yaml +++ b/javascript/enumeration/ssh-password-auth.yaml @@ -23,8 +23,9 @@ javascript: Port: "22" matchers: - - type: dsl - dsl: + - type: word + part: body + words: - '"UserAuth":' - '"password"' condition: and \ No newline at end of file diff --git a/javascript/enumeration/ssh-server-enumeration.yaml b/javascript/enumeration/ssh-server-enumeration.yaml index 8d2d4af3dc..b6d01bb6b4 100644 --- a/javascript/enumeration/ssh-server-enumeration.yaml +++ b/javascript/enumeration/ssh-server-enumeration.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: product:"OpenSSH" - max-request: 1 + max-request: 1 tags: js,ssh,enum,network javascript: