bauthard
5488ef6104
adding another matcher
2020-09-30 20:14:12 +05:30
x1m
f273d2e6c5
Added CVE-2020-24312
2020-09-30 16:30:06 +02:00
bauthard
0153333b9b
template update
2020-09-29 22:56:43 +05:30
bauthard
fadb29e379
Merge pull request #503 from joeldeleep/master
...
cve-2020-0618
2020-09-29 01:03:47 +05:30
bauthard
9c592e45fd
Update cve-2020-0618.yaml
2020-09-29 01:02:19 +05:30
joeldeleep
25a04ef0cf
Update cve-2020-0618.yaml
2020-09-28 07:31:06 +05:30
joeldeleep
13a3ee21f2
Delete CVE-2020-13379.yaml
2020-09-28 07:27:02 +05:30
joeldeleep
2f7c40d80d
Create cve-2020-0618.yaml
...
The template only scans for the respective vulnerable url , it has to be manually verified .
2020-09-28 07:22:37 +05:30
bauthard
0aee5a9715
remvoing cve-2017-7529
...
This can be precisely checked only when Nginx version is known, otherwise it will produce false positives results, as such removing this template for the time being.
2020-09-27 15:41:50 +05:30
bauthard
a2d60bbd1e
Removing cve-2020-13379
2020-09-27 13:59:33 +05:30
joeldeleep
e53c03ab60
Update CVE-2020-13379.yaml
2020-09-27 12:49:42 +05:30
joeldeleep
aa50c7370d
Update CVE-2020-13379.yaml
2020-09-27 12:44:17 +05:30
joeldeleep
f83e33f78f
Update CVE-2020-13379.yaml
2020-09-27 12:37:03 +05:30
joeldeleep
3da6c533f0
Update CVE-2020-13379.yaml
...
The old matching using status code 502 returned false positive when the endpoint is already having a bad gateway. Going through the report here
https://hackerone.com/reports/878779 and video https://www.youtube.com/watch?v=NWHOmYbLrZ0 , the path has been rewritten and matched with respective image/jpeg as explained in the poc
2020-09-27 11:58:57 +05:30
Dwi Siswanto
624bb0316a
🔥 Add CVE-2017-11444
2020-09-26 08:05:00 +07:00
bp0lr
0922fb623e
added CVE-2019-15107
2020-09-25 09:30:58 -03:00
bauthard
c89904cc14
Update CVE-2020-14179.yaml
2020-09-24 23:32:55 +05:30
bauthard
23e5970714
Merge pull request #486 from dwisiswant0/add/CVE-2018-17431
...
Add CVE-2018-17431
2020-09-22 21:36:51 +05:30
bauthard
ecc56a5140
matchers updates
2020-09-22 21:33:17 +05:30
x1m
76971fcea7
Added CVE-2020-14179
2020-09-22 17:44:12 +02:00
Dwi Siswanto
3740c58965
🔥 Add CVE-2018-17431
2020-09-22 21:41:13 +07:00
bauthard
faf6b488a5
matcher update
2020-09-18 20:28:38 +05:30
bauthard
cd8699a104
Update CVE-2019-6715.yaml
2020-09-17 22:09:30 +05:30
Robbie
5657004705
Update CVE-2019-6715.yaml
2020-09-17 16:51:35 +01:00
Robbie
296e18768b
Create CVE-2019-6715.yaml
2020-09-17 15:59:14 +01:00
Adam Jordan
5dc45f1fb1
Fix typo in cve-2019-14696.yaml and cve-2020-24223
2020-09-17 17:58:51 +08:00
bauthard
048ab54a98
Update CVE-2020-25540.yaml
2020-09-16 23:54:38 +05:30
Geeknik Labs
9ff599c333
Update CVE-2020-25540.yaml
2020-09-16 18:20:43 +00:00
Geeknik Labs
74a88ab411
Create CVE-2020-25540.yaml
...
This is for testing against a Linux host as per https://www.exploit-db.com/exploits/48812 . If someone else wants to update this to add the check for Windows, that would be swell.
2020-09-16 18:17:57 +00:00
bauthard
beed4568eb
Merge pull request #473 from CasperGN/fix-cve-2020-15920
...
Correcting endpoint to contain /PDC/ajaxreq.php?
2020-09-16 23:03:45 +05:30
Casper Guldbech Nielsen
63c0a78fc8
Correcting endpoint to contain /PDC/ajaxreq.php?
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-16 19:02:49 +02:00
Ice3man543
ffef121561
Normalized id fields to match schema regex
2020-09-16 00:55:55 +05:30
bauthard
e8ef3b5759
Merge pull request #461 from dwisiswant0/add/CVE-2020-15129
...
Add CVE-2020-15129
2020-09-15 19:45:59 +05:30
Dwi Siswanto
fa570b5560
✏️ Add reference
2020-09-15 00:40:03 +07:00
Dwi Siswanto
19f9e5842a
🔨 Update status matcher
2020-09-15 00:39:24 +07:00
Dwi Siswanto
e0f4437cdd
🔥 Add CVE-2020-15129
2020-09-15 00:31:40 +07:00
Dwi Siswanto
f7d2851490
✏️ Add descriptions
2020-09-14 14:26:39 +07:00
Dwi Siswanto
66f1789690
⬇️ Delete payloads
2020-09-14 14:26:11 +07:00
Dwi Siswanto
4c29679877
✏️ Update name
2020-09-14 14:25:01 +07:00
Dwi Siswanto
5fb87d81a2
🔥 Add CVE-2020-15505
2020-09-14 14:23:20 +07:00
PikPikcU
118df25b44
Create CVE-2019-16662.yaml
2020-09-11 13:25:48 +00:00
bauthard
a1d9be6097
Update CVE-2018-16763.yaml
2020-09-11 16:20:03 +05:30
PikPikcU
73572d26de
Update CVE-2020-16139.yaml
2020-09-10 12:45:32 +00:00
PikPikcU
459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥
2020-09-10 07:32:07 +00:00
Dwi Siswanto
1110db2ad4
🔨 Add matchers condition
2020-09-10 01:44:26 +07:00
bauthard
90de2070c4
Merge pull request #434 from CasperGN/master
...
More templates to Lotus Domino + workflow to bind them together
2020-09-09 22:40:33 +05:30
Casper Guldbech Nielsen
ad3bab450d
Based on metasploit regex
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 19:08:23 +02:00
Casper Guldbech Nielsen
e984f1466f
Adding word matcher which mimics public PoC exploits
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 16:53:16 +02:00
Casper Guldbech Nielsen
5f452f2969
And the last file
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:38:32 +02:00
Casper Guldbech Nielsen
7cf712bd49
Inclusion of stage- 1 detection of the old hashdump vuln.
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:11:50 +02:00