-
Notifications
You must be signed in to change notification settings - Fork 140
/
Copy pathsignatures_top.yaml
63 lines (55 loc) · 1.64 KB
/
signatures_top.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#This file contains the application signatures - unique application path, version string, application name. The format is specified below:
#AppName: 'JBoss jmx-console'
# - 'unique_app_path_1'
# - 'unique_app_path_2'
# - 'version string'
# - 'exploit_path'
# - 'creds' --> for smart brute-forcing
JBoss jmx-console:
path1: '/jmx-console'
path2: '/jmx-console/'
vstring: ''
exppath: './exploit/multi/http/jboss_deploymentfilerepository'
defcreds: 'admin:admin'
Apache Tomcat:
path1: '/manager/html'
path2: '/manager'
vstring: ''
exppath: './exploits/multi/http/tomcat_mgr_upload.rb'
defcreds: 'tomcat:tomcat'
Testlink:
path1: '/testlink-1.9.3/login.php'
path2: '/testlink/login.php'
vstring: ''
exppath: './exploits/multi/http/testlink_upload_exec.rb'
defcreds: 'admin:admin'
Hudson Jenkins:
path1: '/jenkins/login?from=/jenkins/'
path2: '/jenkins/'
vstring: ''
exppath: './auxiliary/scanner/http/jenkins_enum.rb'
defcreds: 'admin:admin'
Apache Axis2:
path1: '/axis2/axis2-admin'
path2: ''
vstring: ''
exppath: 'blank'
defcreds: 'admin:axis2'
Zabbix:
path1: '/zabbix/'
path2: '/zabbix'
vstring: ''
exppath: './exploits/multi/http/zabbix_script_exec.rb'
defcreds: 'admin:zabbix'
MediaWiki:
path1: '/mediawiki/index.php?title=Special:UserLogin&returnto=Main_Page'
path2: ''
vstring: ''
exppath: './exploits/multi/http/mediawiki_thumb.rb'
defcreds: 'admin:password'
ManageEngine ServiceDesk Plus:
path1: '/WOListView.do'
path2: '/admin/admin/reports.php'
vstring: '/SetUpWizard.do?forwardTo=site'
exppath: './exploit/multi/http/manageengine_auth_upload'
defcreds: 'administrator:administrator'