daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,616 Commits
12 Branches
0 Tags
148 MiB
Commit Graph

1471 Commits (c83d035fff73060f88420d467b7c2f6241198b60)

Author SHA1 Message Date
Muhammad Daffa c83d035fff
Seperate technology template (#3430) 
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

* Seperate technology template

* Update metabase-panel.yaml

* Update lucee-detect.yaml

* Update oneblog-detect.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update gespage-panel.yaml

* Update gespage-panel.yaml

* Update mautic-crm-panel.yaml

* Update kibana-panel.yaml

* Update metabase-panel.yaml

* Update home-assistant-detect.yaml

* Update jitsi-meet-detect.yaml

* Update lucee-detect.yaml

* Update gotmls-plugin-lfi.yaml

* Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml

* duplicate template - cves/2020/CVE-2020-11738.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
 2021-12-31 17:57:46 +05:30
Exid 80489bce76
Added wordpress-xmlrpc-brute-force.yaml (#3445) 
* wp-xmlrpc-brute-force.yaml file was added

A Nuclei template for bruteforcing username and password through XMLRPC.

* wp-xmlrpc-brute-force.yaml file added

A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php

* wp-xmlrpc-brute-force.yaml file added

A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php

* Revert "wp-xmlrpc-brute-force.yaml file was added"

This reverts commit c0e4ca75a6ddbcf65e9443849a05c7b8f2625af9.

* few fixes

* Added wordpress user and pass list

* improved matcher

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-29 22:04:23 +05:30
Sandeep Singh d6da741663
IBM WebSphere Portal SSRF (#3442) 
* Added IBM WebSphere Portal SSRF Detection

* Added IBM WebSphere Panel detection

* moving templates around
 2021-12-29 17:32:10 +05:30
Prince Chaddha 4ba5e931cc
Update sl-studio-lfi.yaml 2021-12-29 09:20:13 +05:30
Prince Chaddha b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml 2021-12-29 09:16:32 +05:30
Emad Youssef ce7b60d79c
Update open-redirect.yaml (#3404) 
* Update open-redirect.yaml

add new payloads

* minor update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-26 20:53:11 +05:30
Prince Chaddha 0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml 2021-12-24 19:23:04 +05:30
johnk3r fa99cba4b3
Create vmware-horizon-log4j-jndi-rce.yaml (#3403) 
* Create vmware-horizon-log4j-jndi-rce.yaml

* Update vmware-horizon-log4j-jndi-rce.yaml

* Update vmware-horizon-log4j-jndi-rce.yaml

* minor update

* minor update

* Added VMware Horizon detection

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-23 22:30:08 +05:30
niudaii 8289e92291
Fixed h3c-imc-rce.yaml (#3401) 
* Fixed h3c-imc-rce.yaml

* Update h3c-imc-rce.yaml

* Additional payload for windows

Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-23 20:23:42 +05:30
Sandeep Singh c57984b8f8
Added UniFi Network Log4j JNDI RCE (#3402) 
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>

Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
 2021-12-23 08:57:03 +05:30
Melvin 7933cfc470
Removing extra space from raw HTTP request 
Should prevent issues with parsing this request
 2021-12-22 13:33:51 +01:00
Prince Chaddha a511dac237
Merge pull request #3354 from DhiyaneshGeek/master 
Create wordpress-ssrf-oembed.yaml
 2021-12-21 18:48:42 +05:30
Prince Chaddha 6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml 2021-12-21 17:32:19 +05:30
Sandeep Singh 7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure (#3371) 
* Added ServiceNow Helpdesk Credential Exposure

Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>

* matcher update

Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
 2021-12-19 23:42:01 +05:30
Sandeep Singh 4af3a04b3c
Apache OFBiz Log4j JNDI RCE (#3374) 
* Added Apache OFBiz Log4j JNDI RCE

* fixed matcher to match hostname in both cases
 2021-12-18 15:46:49 +05:30
Prince Chaddha dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2 
Create global-domains-xss.yaml
 2021-12-18 15:02:06 +05:30
Prince Chaddha 71027cbc79
Merge pull request #3357 from Akokonunes/patch-90 
Create global-domains-lfi.yaml
 2021-12-18 14:52:35 +05:30
Prince Chaddha 3b067a1aca
Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
Prince Chaddha 0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml 2021-12-18 14:43:28 +05:30
Prince Chaddha 9a4941d995
Merge pull request #3356 from Akokonunes/patch-89 
Create groupoffice-lfi.yaml
 2021-12-18 14:33:42 +05:30
Prince Chaddha 7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80 
Create oliver-library-server-lfi.yaml
 2021-12-18 14:33:23 +05:30
Prince Chaddha d911551318
Merge pull request #3358 from Akokonunes/patch-91 
Create asanhamayesh-cms-lfi.yaml
 2021-12-18 14:32:12 +05:30
Prince Chaddha c6521085b7
Update groupoffice-lfi.yaml 2021-12-18 14:32:09 +05:30
Prince Chaddha 4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml 2021-12-18 14:28:39 +05:30
Prince Chaddha 35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml 2021-12-18 14:26:46 +05:30
Prince Chaddha 8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
GwanYeong Kim 4fdb934da0 Create oliver-library-server-lfi.yaml 
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-18 10:55:28 +09:00
meme-lord 09324d1be7
Added MobileIron log4j template (#3355) 
* Added MobileIron log4j

* misc updates

Co-authored-by: meme-lord <17912559+meme-lord@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-16 22:37:32 +05:30
sandeep fdeb2b8500 Merge branch 'master' of https://github.com/DhiyaneshGeek/nuclei-templates into pr/3354 2021-12-16 14:32:14 +05:30
Dhiyaneshwaran 7670d1d6b8
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:28:12 +05:30
sandeep 1cfc899a27 update: lint fix 2021-12-16 14:25:00 +05:30
Dhiyaneshwaran 77441c0d81
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:24:56 +05:30
Dhiyaneshwaran 0047b611cf
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:21:53 +05:30
Dhiyaneshwaran 499fe055bf
Create wordpress-ssrf-oembed.yaml 2021-12-16 13:48:34 +05:30
sandeep 39a71c641a update: added more reference 2021-12-15 21:20:18 +05:30
Evan Rubinstein 11fe2fdfee
Added apache-solr-log4j RCE (#3336) 
* update: added apache-solr-log4j-rce

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
 2021-12-15 21:15:43 +05:30
Sandeep Singh d9ed21458f
Added VMware VCenter Log4j JNDI RCE (#3340) 
* Added VMware VCenter Log4j JNDI RCE

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

* update: removed static UA

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

Co-authored-by: FQ Hsu <fanqxu@gmail.com>
 2021-12-14 21:27:30 +05:30
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298) 
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
 2021-12-14 02:22:26 +05:30
pudsec 8cac8b5a36
Update open-redirect.yaml (#3333) 2021-12-13 20:42:06 +05:30
S Bani b76dbf91c6
Add Another Redirect Payload and Extend the Regex to Recognize it (#3299) 
* Fix Open Redirect Header Regex

The regex was missing the correct escaping for special char `/`

* Add New General Open Redirect

There's another option for open redirects. I tested it in FF and Chrome.

* Update Location Redirect Regex

* update: mix changes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-13 20:38:21 +05:30
Prince Chaddha 79a95a56d7
Update and rename pieregister-plugin-open-redirect.yaml to vulnerabilities/wordpress/pieregister-open-redirect.yaml 2021-12-12 16:59:16 +05:30
Dwi Siswanto 6a4bbdf93a
Update Grafana Arbitrary File Read (#3321) 
* Add Grafana plugins wordlist

* Using payloads instead

* fix: updated variable name

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-11 11:07:55 +05:30
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307 
added thruk-xss
 2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml 
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-09 16:02:48 +09:00
Sandeep Singh 2521cb62bf
Added CVE-2021-43798 (#3296) 
* Added CVE-2021-43798

* updated with default plugin list

* Update grafana-file-read.yaml
 2021-12-08 16:46:47 +05:30
z0ne d79b085051
add grafana file read (#3286) 
* add grafana file read

* update: more reference

Co-authored-by: dev <z0ne>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-07 15:42:59 +05:30
Prince Chaddha fdcccb5938
Update and rename netsweeper-reflected-xss.yaml to netsweeper-rxss.yaml 2021-12-07 13:56:30 +05:30