id: adminer-panel info: name: Adminer Login Panel author: random_robbie,meme-lord description: An Adminer login panel was detected. severity: info reference: - https://blog.sorcery.ie/posts/adminer/ tags: panel,adminer,login classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cve-id: cwe-id: CWE-200 # <= 4.2.4 can have unauthenticated RCE via SQLite driver # <= 4.6.2 can have LFI via MySQL LOAD DATA LOCAL # Most versions have some kind of SSRF usability # Is generally handy if you find SQL creds requests: - method: GET path: - '{{BaseURL}}/_adminer.php' - '{{BaseURL}}/adminer/' - '{{BaseURL}}/adminer.php' - '{{BaseURL}}/editor.php' - '{{BaseURL}}/mysql.php' - '{{BaseURL}}/sql.php' - '{{BaseURL}}/wp-content/plugins/adminer/adminer.php' headers: Accept-Language: en-US,en;q=0.5 stop-at-first-match: true matchers-condition: and matchers: - type: word words: - "Login - Adminer" - type: status status: - 200 extractors: - type: regex part: body group: 1 regex: - '([0-9.]+)' # Enhanced by mp on 2022/03/20