nuclei-templates/http/exposed-panels/rdweb-panel.yaml

45 lines
1.2 KiB
YAML

id: rdweb-panel
info:
name: RD Web Access Panel - Detect
author: rxerium,sorrowx3
severity: info
description: |
RD web access panel was discovered.
reference:
- https://rdweb.wvd.microsoft.com/webclient
classification:
cpe: cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:android:*:*:*
metadata:
verified: true
max-request: 1
vendor: microsoft
product: remote_desktop
shodan-query:
- html:"RD Web Access"
- http.html:"rd web access"
fofa-query: body="rd web access"
tags: panel,login,rdp,web-access,Microsoft,detect,microsoft
http:
- method: GET
path:
- '{{BaseURL}}/RDWeb/'
host-redirects: true
max-redirects: 2
matchers-condition: or
matchers:
- type: word
part: header
words:
- "TSWAFeatureCheckCookie=true; path=/RDWeb/"
- type: word
part: response
words:
- "<rdp-client-top-view>"
- "Microsoft Remote Desktop"
condition: and
# digest: 4b0a00483046022100d8d5f14d81fae08877f82099f30744869551a6a2f479d508120a516ab6fb8335022100ff88220b9a98dfb6d2d2a80179efe81c1900430b2e67740c681830d8e98843bc:922c64590222798bb761d5b6d8e72950