Commit Graph

2054 Commits (4c8c34992a96c56ae80685b228800d2201dbb5fa)

Author SHA1 Message Date
ree4pwn 3a7130030e
cve-2019-11581
Jira template injection
2020-12-05 16:51:54 +08:00
GitHub Action 99fc9ceff7 Auto Update README [Sat Dec 5 08:44:59 UTC 2020] 🤖 2020-12-05 08:44:59 +00:00
ree4pwn e302f870bd
Merge pull request #1 from projectdiscovery/master
Update from projectdiscovery/nuclei-templates
2020-12-05 16:44:08 +08:00
bauthard 3177a56ef6 Adding CVE-2020-16139 to avoid possible harm to server 2020-12-03 14:59:36 +05:30
GitHub Action 1bbf8b4c6e Auto Update README [Thu Dec 3 04:43:36 UTC 2020] 🤖 2020-12-03 04:43:36 +00:00
bauthard ed1c402cbd
Merge pull request #663 from nodauf/patch-5
Detect the IdentityGuard Portal
2020-12-03 10:13:12 +05:30
bauthard d547d09bfd moving dirs 2020-12-03 10:12:22 +05:30
bauthard ecb7685514
Merge pull request #664 from geeknik/patch-22
Update shell-history.yaml
2020-12-03 10:08:15 +05:30
Geeknik Labs ebf1a2998a
Update shell-history.yaml 2020-12-02 15:35:28 +00:00
nodauf e8ff86187c
Detect the IdentityGuard Portal 2020-12-02 10:40:14 +01:00
bauthard ab151c3635
Merge pull request #661 from un-fmunozs/fix-cve
Update CVE-2019-15858.yaml
2020-12-02 10:58:24 +05:30
bauthard c32ca9cde7
Merge pull request #662 from projectdiscovery/un-fmunozs-fix-cve
Create CVE-2019-15858.yaml
2020-12-02 10:57:24 +05:30
GitHub Action c9d85eda95 Auto Update README [Wed Dec 2 05:26:30 UTC 2020] 🤖 2020-12-02 05:26:30 +00:00
bauthard 950d3e4f24 Create CVE-2019-15858.yaml 2020-12-02 10:55:57 +05:30
GitHub Action 97a3321346 Auto Update README [Wed Dec 2 05:18:35 UTC 2020] 🤖 2020-12-02 05:18:35 +00:00
bauthard 2ef8cb5c8f
temporary remove 2020-12-02 10:47:07 +05:30
bauthard 5e59ad7ca5 Update CVE-2019-15858.yaml 2020-12-02 10:45:54 +05:30
bauthard 625228bddd Update CVE-2019-15858.yaml 2020-12-02 10:41:37 +05:30
bauthard f8449a41d9 readme update 2020-12-02 10:25:36 +05:30
bauthard 6b5734f25d
Merge pull request #630 from Patralos/master
cve-2019-15858 reversed check
2020-12-02 10:22:45 +05:30
un-fmunozs 13046a8419 Merge branch 'fix-cve' of https://github.com/un-fmunozs/nuclei-templates into fix-cve 2020-12-01 23:46:55 -05:00
un-fmunozs 56b2926fc8 Update CVE-2019-15858.yaml
version number on the description was ok :)
2020-12-01 23:46:41 -05:00
GitHub Action 6917310e7f Auto Update README [Wed Dec 2 04:43:16 UTC 2020] 🤖 2020-12-02 04:43:16 +00:00
un-fmunozs bfe6d099af Update CVE-2019-15858.yaml
This got me a couple of false positive, so I went to review the original exploit

My changes:
- include the text/plain to make sure we are reading the readme file and not a redirect to /
- The check function on the template was  looking for 2.2.5 while the original exploit marks the site as NOT vulnerable if 2.2.5 string is found on the readme.txt file. [1] Changing that as negative check.
2020-12-01 23:42:33 -05:00
GitHub Action f874871060 Auto Update README [Wed Dec 2 04:39:44 UTC 2020] 🤖 2020-12-02 04:39:44 +00:00
bauthard 24257aed1e
Merge pull request #659 from nodauf/patch-4
Detect if trace method is enabled
2020-12-02 10:09:16 +05:30
bauthard 4406f681ff moving dirs 2020-12-02 10:08:03 +05:30
bauthard b286a9839a
Merge pull request #660 from un-fmunozs/text-html
Update basic-xss-prober.yaml
2020-12-02 10:02:36 +05:30
bauthard b2c07e0db6 matcher update 2020-12-02 10:01:03 +05:30
GitHub Action c6b4e62823 Auto Update README [Wed Dec 2 03:12:09 UTC 2020] 🤖 2020-12-02 03:12:09 +00:00
un-fmunozs 35b585fc3a Update basic-xss-prober.yaml
IMHO its better to test for text/html to report a possible XSS, there are a more content types that could cause reflect the content and dont have a XSS. like javascript, css, plaintext files, etc.
2020-12-01 22:11:07 -05:00
nodauf 951c605ab2
Detect if trace method is enabled 2020-12-01 15:45:15 +01:00
GitHub Action 18e4552cab Auto Update README [Tue Dec 1 13:55:45 UTC 2020] 🤖 2020-12-01 13:55:45 +00:00
bauthard f1aa96221e Adding misc 2020-12-01 19:25:11 +05:30
GitHub Action 461617c1c9 Auto Update README [Tue Dec 1 13:51:28 UTC 2020] 🤖 2020-12-01 13:51:28 +00:00
bauthard af477e2825
Merge pull request #653 from geeknik/patch-22
Create htpasswd.yaml
2020-12-01 19:18:15 +05:30
bauthard 7ee05c78e7 name and file rename 2020-12-01 19:16:49 +05:30
bauthard 194aa9d0b9
Merge pull request #657 from nodauf/patch-3
Using regex to detect when a hash is used
2020-12-01 18:57:49 +05:30
bauthard 3bb362c2e7 updating matcher type 2020-12-01 18:56:59 +05:30
GitHub Action 6befd9d601 Auto Update README [Tue Dec 1 13:23:45 UTC 2020] 🤖 2020-12-01 13:23:45 +00:00
bauthard f48d0ce88d
Merge pull request #656 from nodauf/patch-2
Detect One Identity Password Manager
2020-12-01 18:53:19 +05:30
bauthard 18ca239039 Added oipm-detect 2020-12-01 18:50:54 +05:30
GitHub Action 05fd83ebda Auto Update README [Tue Dec 1 13:08:02 UTC 2020] 🤖 2020-12-01 13:08:02 +00:00
bauthard aaae4b259c
Merge pull request #658 from dwisiswant0/add/CVE-2020-23972
Add CVE-2020-23972 [verified]
2020-12-01 18:37:36 +05:30
Dwi Siswanto 06b94ebae3 🔥 Add CVE-2020-23972 2020-12-01 16:25:33 +07:00
nodauf 242bca7592
Using regex to detect when a hash is used
There is some case where the like to the css file contains the hash of the file and looks like:
`/dana-na/css/ds_<hash>.css`

With this modification the case above will be detected
2020-12-01 09:29:47 +01:00
nodauf 5a677bb8a7
Detect One Identity Password Manager 2020-11-30 17:01:13 +01:00
bauthard 66a01665c9
Merge pull request #654 from geeknik/patch-23
Update CVE-2019-11043.yaml
2020-11-29 17:39:19 +05:30
bauthard 7d0d8bdb99 Update CVE-2019-11043.yaml 2020-11-29 17:38:24 +05:30
bauthard c89e241cdd
Merge pull request #652 from geeknik/patch-21
Create pfsense-detect.yaml
2020-11-29 17:35:44 +05:30