id: aem-misc-admin

info:
  name: Adobe AEM Misc Admin Dashboard Exposure
  author: dhiyaneshDk
  severity: high
  description: Adobe AEM Misc Admin Dashboard is exposed.
  reference:
    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
  metadata:
    verified: true
    max-request: 9
    shodan-query:
      - http.title:"AEM Sign In"
      - http.component:"Adobe Experience Manager"
  tags: misconfig,aem,adobe,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}{{paths}}"
    payloads:
      paths:
        - "/miscadmin"
        - "/mcmadmin#/content/dashboard"
        - "/miscadmin#/etc/mobile"
        - "/miscadmin#/etc/segmentation"
        - "/miscadmin#/etc/blueprints"
        - "/miscadmin#/etc/designs"
        - "/miscadmin#/etc/importers"
        - "/miscadmin#/etc/reports"
        - "/miscadmin#/etc/msm/rolloutconfigs"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<title>AEM Tools</title>'
          - '<title>AEM MCM</title>'
        condition: or

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100b600219da4e812cbcf55a31dc2808badf95659e87ca4c361cf22a07e9e80f77b02200da6f758f3f81afa3240013b272c2703d04af4d187ea6928be1b11809291cb98:922c64590222798bb761d5b6d8e72950