Skip to content
Permalink
Browse files

add jira info disclosure

  • Loading branch information
jcran committed Aug 14, 2019
1 parent e00945a commit 3be0a4d28b1603e467ecdb4a942fb3ff10edc769
Showing with 7 additions and 5 deletions.
  1. +0 −2 core.rb
  2. +7 −3 lib/tasks/uri_brute_focused_content.rb
@@ -2,8 +2,6 @@
require 'logger'
require 'sinatra'
require 'sinatra/contrib'
#require 'json'
#require 'yajl'
require 'yajl/json_gem'
require 'yaml'
require 'rest-client'
@@ -131,9 +131,12 @@ def run
body_regex: /^true$/i, status: "confirmed" } # CVE-2019-7550
]

jira_list = [ # https://x.x.x.x?filterView=popular
{ path: "/secure/ManageFilters.jspa", severity: 3,
body_regex: /<title>Manage Filters/i, status: "confirmed" }
]
#
joomla_list = [
# https://packetstormsecurity.com/files/151619/Joomla-Agora-4.10-Bypass-SQL-Injection.html
joomla_list = [ # https://packetstormsecurity.com/files/151619/Joomla-Agora-4.10-Bypass-SQL-Injection.html
{ path: "/index.php?option=com_agora&task='", severity: 2, status: "potential" }
]

@@ -274,7 +277,8 @@ def run
coldfusion_list.each { |x| work_q.push x } if is_product? "Coldfusion"
globalprotect_list.each { |x| work_q.push x } if is_product? "GlobalProtect"
jenkins_list.each { |x| work_q.push x } if is_product? "Jenkins"
jforum_list.each { |x| work_q.push x } if is_product? "Jforum"
jforum_list.each { |x| work_q.push x } if is_product? "Jforum"
jira_list.each { |x| work_q.push x } if is_product? "Jira"
joomla_list.each { |x| work_q.push x } if is_product? "Joomla!"
lotus_domino_list.each { |x| work_q.push x } if is_product? "Domino"
php_list.each { |x| work_q.push x } if is_product? "PHP"

0 comments on commit 3be0a4d

Please sign in to comment.
You can’t perform that action at this time.