id: adminer-panel info: name: Adminer Login Panel - Detect author: random_robbie,meme-lord,ritikchaddha severity: info description: An Adminer login panel was detected. reference: - https://blog.sorcery.ie/posts/adminer/ classification: cwe-id: CWE-200 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: verified: true max-request: 8 vendor: adminer product: adminer shodan-query: - title:"Login - Adminer" - cpe:"cpe:2.3:a:adminer:adminer" - http.title:"login - adminer" fofa-query: - title="login - adminer" - app="adminer" && body="4.7.8" hunter-query: app.name="adminer"&&web.body="4.7.8" google-query: intitle:"login - adminer" tags: panel,adminer http: - method: GET path: - '{{BaseURL}}/adminer.php' - '{{BaseURL}}/_adminer.php' - '{{BaseURL}}/adminer/' - '{{BaseURL}}/editor.php' - '{{BaseURL}}/mysql.php' - '{{BaseURL}}/sql.php' - '{{BaseURL}}/wp-content/plugins/adminer/adminer.php' - '{{BaseURL}}/admin.php' - '{{BaseURL}}/modules/sfkdbmanage/adminer.php' headers: Accept-Language: en-US,en;q=0.5 stop-at-first-match: true matchers-condition: and matchers: - type: word words: - "Adminer" - "Adminer" condition: or - type: status status: - 200 extractors: - type: regex part: body group: 1 regex: - '([0-9.]+)' # digest: 480a00453043021f7dbf35ece199f4eabbf9f03d817088f90abffe04d76592b2bf1c857f252ed60220592baf64b5e144417bd0612b69e7d2c54aa748f6340853af76207bf03c591ed8:922c64590222798bb761d5b6d8e72950