Merge pull request #16 from puzzlepeaches/master

More PHPMyAdmin paths and NTLM dirs check
patch-1
bauthard 2020-04-07 21:15:47 +05:30 committed by GitHub
commit f121770ecc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 117 additions and 0 deletions

View File

@ -9,6 +9,22 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/phpmyadmin/" - "{{BaseURL}}/phpmyadmin/"
- "{{BaseURL}}/admin//phpmyadmin/"
- "{{BaseURL}}/Admin/phpmyadmin/"
- "{{BaseURL}}/admin/phpMyAdmin/"
- "{{BaseURL}}/Admin/phpMyAdmin/"
- "{{BaseURL}}/_PHPMYADMIN/"
- "{{BaseURL}}/_pHpMyAdMiN/"
- "{{BaseURL}}/_phpMyAdmin/"
- "{{BaseURL}}/administrator/components/com_joommyadmin/phpmyadmin/"
- "{{BaseURL}}/apache-default/phpmyadmin/"
- "{{BaseURL}}/blog/phpmyadmin/"
- "{{BaseURL}}/forum/phpmyadmin/"
- "{{BaseURL}}/php/phpmyadmin/"
- "{{BaseURL}}/typo3/phpmyadmin/"
- "{{BaseURL}}/web/phpmyadmin/"
- "{{BaseURL}}/xampp/phpmyadmin/"
matchers: matchers:
- type: word - type: word
words: words:

View File

@ -0,0 +1,101 @@
id: ntlm-directories
info:
name: Discovering directories w/ NTLM
author: puzzlepeaches
severity: low
requests:
- method: GET
path:
- "{{BaseURL}}/abs/"
- "{{BaseURL}}/adfs/services/trust/2005/windowstransport"
- "{{BaseURL}}/aspnet_client/"
- "{{BaseURL}}/autodiscover/"
- "{{BaseURL}}/autoupdate/"
- "{{BaseURL}}/certenroll/"
- "{{BaseURL}}/certprov/"
- "{{BaseURL}}/certsrv/"
- "{{BaseURL}}/conf/"
- "{{BaseURL}}/deviceupdatefiles_ext/"
- "{{BaseURL}}/deviceupdatefiles_int/"
- "{{BaseURL}}/dialin/"
- "{{BaseURL}}/ecp/"
- "{{BaseURL}}/etc/"
- "{{BaseURL}}/ews/"
- "{{BaseURL}}/exchange/"
- "{{BaseURL}}/exchweb/"
- "{{BaseURL}}/hybridconfig/"
- "{{BaseURL}}/groupexpansion/"
- "{{BaseURL}}/mcx/"
- "{{BaseURL}}/mcx/mcxservice.svc"
- "{{BaseURL}}/meet/"
- "{{BaseURL}}/meeting/"
- "{{BaseURL}}/microsoft-server-activesync/"
- "{{BaseURL}}/oab/"
- "{{BaseURL}}/ocsp/"
- "{{BaseURL}}/owa/"
- "{{BaseURL}}/persistentchat/"
- "{{BaseURL}}/phoneconferencing/"
- "{{BaseURL}}/powershell/"
- "{{BaseURL}}/public/"
- "{{BaseURL}}/reach/sip.svc"
- "{{BaseURL}}/requesthandler/"
- "{{BaseURL}}/requesthandlerext/"
- "{{BaseURL}}/rgs/"
- "{{BaseURL}}/rgsclients/"
- "{{BaseURL}}/rpc/"
- "{{BaseURL}}/rpcwithcert/"
- "{{BaseURL}}/scheduler/"
- "{{BaseURL}}/ucwa/"
- "{{BaseURL}}/unifiedmessaging/"
- "{{BaseURL}}/webticket/"
- "{{BaseURL}}/webticket/webticketservice.svcabs/"
- "{{BaseURL}}/adfs/services/trust/2005/windowstransport"
- "{{BaseURL}}/aspnet_client/"
- "{{BaseURL}}/autodiscover/"
- "{{BaseURL}}/autoupdate/"
- "{{BaseURL}}/certenroll/"
- "{{BaseURL}}/certprov/"
- "{{BaseURL}}/certsrv/"
- "{{BaseURL}}/conf/"
- "{{BaseURL}}/deviceupdatefiles_ext/"
- "{{BaseURL}}/deviceupdatefiles_int/"
- "{{BaseURL}}/dialin/"
- "{{BaseURL}}/ecp/"
- "{{BaseURL}}/etc/"
- "{{BaseURL}}/ews/"
- "{{BaseURL}}/exchange/"
- "{{BaseURL}}/exchweb/"
- "{{BaseURL}}/hybridconfig/"
- "{{BaseURL}}/groupexpansion/"
- "{{BaseURL}}/mcx/"
- "{{BaseURL}}/mcx/mcxservice.svc"
- "{{BaseURL}}/meet/"
- "{{BaseURL}}/meeting/"
- "{{BaseURL}}/microsoft-server-activesync/"
- "{{BaseURL}}/oab/"
- "{{BaseURL}}/ocsp/"
- "{{BaseURL}}/owa/"
- "{{BaseURL}}/persistentchat/"
- "{{BaseURL}}/phoneconferencing/"
- "{{BaseURL}}/powershell/"
- "{{BaseURL}}/public/"
- "{{BaseURL}}/reach/sip.svc"
- "{{BaseURL}}/requesthandler/"
- "{{BaseURL}}/requesthandlerext/"
- "{{BaseURL}}/rgs/"
- "{{BaseURL}}/rgsclients/"
- "{{BaseURL}}/rpc/"
- "{{BaseURL}}/rpcwithcert/"
- "{{BaseURL}}/scheduler/"
- "{{BaseURL}}/ucwa/"
- "{{BaseURL}}/unifiedmessaging/"
- "{{BaseURL}}/webticket/"
- "{{BaseURL}}/webticket/webticketservice.svc"
matchers:
- type: word
words:
- "WWW-Authenticate"
condition: and
part: header