id: 3cx-phone-management-panel

info:
  name: 3CX Phone System Management Console - Panel Detect
  author: idealphase
  severity: info
  description: 3CX Phone System Management Console panel was detected.
  reference:
    - https://www.3cx.com/
    - https://www.3cx.com/phone-system/
    - https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
    cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: 3cx
    product: 3cx
    shodan-query:
      - http.title:"3CX Phone System Management Console"
      - http.favicon.hash:970132176
      - http.title:"3cx webclient"
      - http.title:"3cx phone system management console"
    google-query:
      - intitle:"3CX Phone System Management Console"
      - intitle:"3cx phone system management console"
      - intitle:"3cx webclient"
    fofa-query:
      - icon_hash=970132176
      - title="3cx phone system management console"
      - title="3cx webclient"
  tags: panel,3cx

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers:
      - type: word
        words:
          - "3CX Phone System Management Console"
          - "Welcome to the 3CX Management Console"
        condition: or
# digest: 490a0046304402207223b1de24511de428c99eea66db61e5d1f7874fcfb760ab91d02602025df3b60220701914f284614ab2d3e67d208297155a3c9f7ac21c6ca1ba9397152e45c68c63:922c64590222798bb761d5b6d8e72950