diff --git a/QUERIES.yaml b/QUERIES.yaml index 4a355de..a6ffe39 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -56,9 +56,9 @@ engines: - platform: shodan queries: - - ws_ftp port:22 - http.title:"ws_ftp server web transfer" - http.title:"ad hoc transfer" + - ws_ftp port:22 - platform: fofa queries: - title="ws_ftp server web transfer" @@ -77,8 +77,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:couchdb" - product:"couchdb" + - cpe:"cpe:2.3:a:apache:couchdb" - name: rocketmq vendor: apache @@ -86,8 +86,8 @@ engines: - platform: fofa queries: - - title="rocketmq-console-ng" - protocol="rocketmq" + - title="rocketmq-console-ng" - title="rocketmq" - platform: shodan queries: @@ -104,8 +104,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:cisco:ios" - product:"cisco ios http config" && 200 + - cpe:"cpe:2.3:o:cisco:ios" - product:"cisco ios http config" - name: airflow @@ -114,9 +114,9 @@ engines: - platform: shodan queries: - - product:"redis" - - http.title:"sign in - airflow" - http.title:"airflow - dags" || http.html:"apache airflow" + - http.title:"sign in - airflow" + - product:"redis" - platform: fofa queries: - title="airflow - dags" || http.html:"apache airflow" @@ -124,8 +124,8 @@ - title="sign in - airflow" - platform: google queries: - - intitle:"sign in - airflow" - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" - name: geode vendor: apache @@ -184,8 +184,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:wordpress:wordpress" - http.component:"wordpress" + - cpe:"cpe:2.3:a:wordpress:wordpress" - name: confluence_server vendor: atlassian @@ -201,9 +201,9 @@ engines: - platform: shodan queries: - - http.component:"atlassian confluence" - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian confluence" - name: arcgis_server vendor: esri @@ -238,13 +238,13 @@ engines: - platform: shodan queries: - - http.title:"apache tomcat" - - http.html:"apache tomcat" - cpe:"cpe:2.3:a:apache:tomcat" + - http.html:"apache tomcat" + - http.title:"apache tomcat" - platform: fofa queries: - - title="apache tomcat" - body="apache tomcat" + - title="apache tomcat" - platform: google queries: - intitle:"apache tomcat" @@ -300,8 +300,8 @@ - http.html:"genieacs" - platform: fofa queries: - - body="genieacs" - icon_hash=-2098066288 + - body="genieacs" - name: dg3450 vendor: commscope @@ -334,14 +334,14 @@ engines: - platform: shodan queries: + - http.title:"outlook" + - cpe:"cpe:2.3:a:microsoft:exchange_server" - http.favicon.hash:1768726119 - vuln:cve-2021-26855 - - cpe:"cpe:2.3:a:microsoft:exchange_server" - - http.title:"outlook" - platform: fofa queries: - - icon_hash=1768726119 - title="outlook" + - icon_hash=1768726119 - platform: google queries: - intitle:"outlook" @@ -363,8 +363,8 @@ engines: - platform: fofa queries: - - title=="thruk monitoring webinterface" - body="thruk" + - title=="thruk monitoring webinterface" - platform: shodan queries: - http.html:"thruk" @@ -404,8 +404,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:magento:magento" - http.component:"magento" + - cpe:"cpe:2.3:a:magento:magento" - name: printer_firmware vendor: samsung @@ -550,8 +550,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:sixapart:movable_type" - http.title:"サインイン | movable type pro" + - cpe:"cpe:2.3:a:sixapart:movable_type" - platform: fofa queries: - title="サインイン | movable type pro" @@ -610,8 +610,8 @@ - platform: fofa queries: - title="osticket" - - title="osticket installer" - body="powered by osticket" + - title="osticket installer" - platform: google queries: - intitle:"osticket installer" @@ -673,8 +673,8 @@ engines: - platform: shodan queries: - - http.title:"mailing lists" - cpe:"cpe:2.3:a:gnu:mailman" + - http.title:"mailing lists" - platform: fofa queries: - title="mailing lists" @@ -772,9 +772,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gitea:gitea" - - http.title:"gitea" - http.html:"powered by gitea version" + - http.title:"gitea" + - cpe:"cpe:2.3:a:gitea:gitea" - platform: fofa queries: - title="gitea" @@ -789,8 +789,8 @@ engines: - platform: shodan queries: - - 'http.title:"sign in: /home"' - 'server: labkey' + - 'http.title:"sign in: /home"' - platform: fofa queries: - 'title="sign in: /home"' @@ -846,8 +846,8 @@ - title="cpanel - api codes" - platform: google queries: - - intitle:"cpanel - api codes" - intitle:"cpanel" + - intitle:"cpanel - api codes" - name: cip_92200_firmware vendor: intelbras @@ -870,13 +870,13 @@ engines: - platform: shodan queries: - - http.component:"phpmyadmin" - http.title:"phpmyadmin" - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + - http.component:"phpmyadmin" - platform: fofa queries: - - title="phpmyadmin" - body="pma_servername" && body="4.8.4" + - title="phpmyadmin" - platform: google queries: - intitle:"phpmyadmin" @@ -890,8 +890,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:hashicorp:consul" - http.title:"consul by hashicorp" + - cpe:"cpe:2.3:a:hashicorp:consul" - platform: fofa queries: - title="consul by hashicorp" @@ -930,12 +930,12 @@ engines: - platform: shodan queries: - - http.html:"welcome.cgi?p=logo" - http.title:"ivanti connect secure" + - http.html:"welcome.cgi?p=logo" - platform: fofa queries: - - body="welcome.cgi?p=logo" - title="ivanti connect secure" + - body="welcome.cgi?p=logo" - platform: google queries: - intitle:"ivanti connect secure" @@ -985,8 +985,8 @@ engines: - platform: shodan queries: - - http.component:"drupal" - cpe:"cpe:2.3:a:drupal:drupal" + - http.component:"drupal" - name: piwigo vendor: piwigo @@ -1077,8 +1077,8 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - title="sophos web appliance" @@ -1216,14 +1216,14 @@ - platform: fofa queries: - app="qlik-sense" - - title="qlik-sense" - - body="qlik" - icon_hash=-74348711 + - body="qlik" + - title="qlik-sense" - platform: shodan queries: - http.html:"qlik" - - http.title:"qlik-sense" - http.favicon.hash:-74348711 + - http.title:"qlik-sense" - platform: google queries: - intitle:"qlik-sense" @@ -1274,8 +1274,8 @@ - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit" - intitle:"metasploit - setup and configuration" + - intitle:"metasploit" - name: linkerd vendor: linkerd @@ -1298,8 +1298,8 @@ - http.title:"sophos mobile" - platform: fofa queries: - - icon_hash=-1274798165 - title="sophos mobile" + - icon_hash=-1274798165 - platform: google queries: - intitle:"sophos mobile" @@ -1353,8 +1353,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" - http.title:"squirrelmail" + - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" - platform: fofa queries: - title="squirrelmail" @@ -1462,14 +1462,14 @@ - intitle:"3cx phone system management console" - platform: shodan queries: + - http.title:"3cx webclient" - http.title:"3cx phone system management console" - http.favicon.hash:970132176 - - http.title:"3cx webclient" - platform: fofa queries: - title="3cx webclient" - - icon_hash=970132176 - title="3cx phone system management console" + - icon_hash=970132176 - name: lansweeper vendor: lansweeper @@ -1499,8 +1499,8 @@ - http.title:"st web client" - platform: fofa queries: - - title="st web client" - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" - name: spark vendor: apache @@ -1577,8 +1577,8 @@ - intext:"amcrest" "ldap user" - platform: shodan queries: - - http.html:"amcrest" - http.html:"amcrest" "ldap user" + - http.html:"amcrest" - platform: fofa queries: - body="amcrest" "ldap user" @@ -1605,16 +1605,16 @@ engines: - platform: shodan queries: - - http.title:"openfire admin console" - http.title:"openfire" + - http.title:"openfire admin console" - platform: fofa queries: - - title="openfire" - title="openfire admin console" + - title="openfire" - platform: google queries: - - intitle:"openfire" - intitle:"openfire admin console" + - intitle:"openfire" - name: gogs vendor: gogs @@ -1708,12 +1708,12 @@ engines: - platform: shodan queries: - - http.title:"hestia control panel" - http.favicon.hash:-476299640 + - http.title:"hestia control panel" - platform: fofa queries: - - title="hestia control panel" - icon_hash=-476299640 + - title="hestia control panel" - platform: google queries: - intitle:"hestia control panel" @@ -1760,8 +1760,8 @@ engines: - platform: shodan queries: - - http.html:"pyload" - http.title:"login - pyload" + - http.html:"pyload" - http.title:"pyload" - platform: fofa queries: @@ -1847,8 +1847,8 @@ - http.favicon.hash:-1324930554 - platform: fofa queries: - - icon_hash=-1324930554 - icon_hash=464587962 + - icon_hash=-1324930554 - name: sfos vendor: sophos @@ -1884,9 +1884,9 @@ engines: - platform: shodan queries: - - http.title:"coldfusion administrator login" - http.component:"adobe coldfusion" - cpe:"cpe:2.3:a:adobe:coldfusion" + - http.title:"coldfusion administrator login" - platform: fofa queries: - app="adobe-coldfusion" @@ -1944,13 +1944,13 @@ - platform: shodan queries: - http.html:"keycloak" - - http.favicon.hash:-1105083093 - http.title:"keycloak" + - http.favicon.hash:-1105083093 - platform: fofa queries: - title="keycloak" - - body="keycloak" - icon_hash=-1105083093 + - body="keycloak" - platform: google queries: - intitle:"keycloak" @@ -1986,16 +1986,16 @@ engines: - platform: shodan queries: - - http.title:"kafka consumer offset monitor" - http.title:"kafka center" + - http.title:"kafka consumer offset monitor" - platform: fofa queries: - - title="kafka center" - title="kafka consumer offset monitor" + - title="kafka center" - platform: google queries: - - intitle:"kafka consumer offset monitor" - intitle:"kafka center" + - intitle:"kafka consumer offset monitor" - name: open-xchange_appsuite vendor: open-xchange @@ -2019,12 +2019,12 @@ - cpe:"cpe:2.3:a:apache:solr" - platform: fofa queries: - - title="solr admin" - title="apache solr" + - title="solr admin" - platform: google queries: - - intitle:"apache solr" - intitle:"solr admin" + - intitle:"apache solr" - name: security_onion vendor: securityonionsolutions @@ -2157,8 +2157,8 @@ engines: - platform: shodan queries: - - http.title:"revive adserver" - http.favicon.hash:106844876 + - http.title:"revive adserver" - platform: fofa queries: - icon_hash=106844876 @@ -2209,9 +2209,9 @@ engines: - platform: shodan queries: - - http.title:"contao" - http.html:"contao open source cms" - cpe:"cpe:2.3:a:contao:contao" + - http.title:"contao" - platform: fofa queries: - title="contao" @@ -2241,8 +2241,8 @@ - platform: fofa queries: - title="cacti" - - icon_hash="-1797138069" - title="login to cacti" + - icon_hash="-1797138069" - platform: shodan queries: - http.title:"cacti" @@ -2250,8 +2250,8 @@ - http.favicon.hash:"-1797138069" - platform: google queries: - - intitle:"cacti" - intitle:"login to cacti" + - intitle:"cacti" - name: confluence_data_center vendor: atlassian @@ -2357,13 +2357,13 @@ engines: - platform: shodan queries: - - http.favicon.hash:892542951 - - cpe:"cpe:2.3:a:zabbix:zabbix" - http.title:"zabbix-server" + - cpe:"cpe:2.3:a:zabbix:zabbix" + - http.favicon.hash:892542951 - platform: fofa queries: - - icon_hash=892542951 - title="zabbix-server" + - icon_hash=892542951 - app="zabbix-监控系统" && body="saml" - platform: google queries: @@ -2375,12 +2375,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1067582922 - http.title:"incapptic" + - http.favicon.hash:-1067582922 - platform: fofa queries: - - title="incapptic" - icon_hash=-1067582922 + - title="incapptic" - platform: google queries: - intitle:"incapptic" @@ -2487,8 +2487,8 @@ - http.html:"totemomail" inurl:responsiveui - platform: fofa queries: - - body=responsiveui - body="totemomail" inurl:responsiveui + - body=responsiveui - name: vibe vendor: microfocus @@ -2568,8 +2568,8 @@ engines: - platform: shodan queries: - - http.title:"gitblit" - http.html:"gitblit" + - http.title:"gitblit" - platform: fofa queries: - body="gitblit" @@ -2652,8 +2652,8 @@ - http.html:"gocd version" - platform: fofa queries: - - body="gocd version" - title="create a pipeline - go" html:"gocd version" + - body="gocd version" - platform: google queries: - intitle:"create a pipeline - go" html:"gocd version" @@ -2693,13 +2693,13 @@ - platform: fofa queries: - body="openemr" - - app="openemr" - - title="openemr" - icon_hash=1971268439 + - title="openemr" + - app="openemr" - platform: shodan queries: - - http.html:"openemr" - http.title:"openemr" + - http.html:"openemr" - http.favicon.hash:1971268439 - platform: google queries: @@ -2725,13 +2725,13 @@ engines: - platform: shodan queries: - - http.html:"router management - server openvpn" - http.title:"openvpn-admin" - cpe:"cpe:2.3:a:openvpn:openvpn" + - http.html:"router management - server openvpn" - platform: fofa queries: - - body="router management - server openvpn" - title="openvpn-admin" + - body="router management - server openvpn" - platform: google queries: - intitle:"openvpn-admin" @@ -2832,8 +2832,8 @@ engines: - platform: shodan queries: - - http.title:"zimbra collaboration suite" - http.title:"zimbra web client sign in" + - http.title:"zimbra collaboration suite" - platform: fofa queries: - title="zimbra collaboration suite" @@ -3048,8 +3048,8 @@ - http.html:"plesk obsidian" - platform: fofa queries: - - body="plesk obsidian" - title="plesk obsidian" + - body="plesk obsidian" - platform: google queries: - intitle:"plesk obsidian" @@ -3146,9 +3146,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:joomla:joomla\!" - http.html:"joomla! - open source content management" - http.component:"joomla" - - cpe:"cpe:2.3:a:joomla:joomla\!" - platform: fofa queries: - body="joomla! - open source content management" @@ -3188,8 +3188,8 @@ engines: - platform: shodan queries: - - 'x-powered-by: craft cms html:"seomatic"' - 'x-powered-by: craft cms' + - 'x-powered-by: craft cms html:"seomatic"' - name: opencats vendor: opencats @@ -3244,8 +3244,8 @@ - title="icinga web 2 login" - platform: google queries: - - intitle:"icinga" - intitle:"icinga web 2 login" + - intitle:"icinga" - name: successfactors vendor: sap @@ -3299,12 +3299,12 @@ - http.title:"pulsar admin ui" - platform: fofa queries: - - title="pulsar admin ui" - title="pulsar admin console" + - title="pulsar admin ui" - platform: google queries: - - intitle:"pulsar admin console" - intitle:"pulsar admin ui" + - intitle:"pulsar admin console" - name: phabricator vendor: phacility @@ -3405,8 +3405,8 @@ engines: - platform: shodan queries: - - http.component:"teamcity" - http.title:teamcity + - http.component:"teamcity" - platform: fofa queries: - title=teamcity @@ -3438,8 +3438,8 @@ - cpe:"cpe:2.3:a:grafana:grafana" - platform: fofa queries: - - title="grafana" - app="grafana" + - title="grafana" - platform: google queries: - intitle:"grafana" @@ -3567,12 +3567,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:1701804003 - http.title:"servicenow" + - http.favicon.hash:1701804003 - platform: fofa queries: - - title="servicenow" - icon_hash=1701804003 + - title="servicenow" - platform: google queries: - intitle:"servicenow" @@ -3673,8 +3673,8 @@ engines: - platform: fofa queries: - - body="metersphere" - title="metersphere" + - body="metersphere" - platform: shodan queries: - http.html:"metersphere" @@ -3790,8 +3790,8 @@ - title="tautulli" - platform: google queries: - - intitle:"tautulli" - intitle:"tautulli - home" + - intitle:"tautulli" - name: greenbone_security_assistant vendor: greenbone @@ -3830,12 +3830,12 @@ engines: - platform: fofa queries: - - body="ektron" - app="ektron-cms" + - body="ektron" - platform: shodan queries: - - http.html:"ektron" - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" + - http.html:"ektron" - name: kubernetes vendor: kubernetes @@ -3846,8 +3846,8 @@ - http.title:"kubernetes web view" - platform: fofa queries: - - title="kubernetes web view" - app="kubernetes-enterprise-manager" + - title="kubernetes web view" - platform: google queries: - intitle:"kubernetes web view" @@ -3863,8 +3863,8 @@ - micro focus dsd - platform: fofa queries: - - title="setup github enterprise" - app="github-enterprise" + - title="setup github enterprise" - title="github enterprise" - platform: google queries: @@ -3989,14 +3989,14 @@ engines: - platform: shodan queries: + - http.title:"minio console" - http.title:"minio browser" - cpe:"cpe:2.3:a:minio:minio" - - http.title:"minio console" - platform: fofa queries: - app="minio" - - title="minio browser" - title="minio console" + - title="minio browser" - platform: google queries: - intitle:"minio browser" @@ -4053,13 +4053,13 @@ - html:'content="papercut' - platform: shodan queries: - - http.html:'content="papercut' - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_ng" + - http.html:'content="papercut' - platform: fofa queries: - - body='content="papercut' - body="content=\"papercut\"" + - body='content="papercut' - name: ilias vendor: ilias @@ -4114,8 +4114,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-379154636 - http.title:"kubeview" + - http.favicon.hash:-379154636 - platform: fofa queries: - title="kubeview" @@ -4246,8 +4246,8 @@ - platform: fofa queries: - body="solarview compact" && title="top" - - icon_hash="-244067125" - body="solarview compact" + - icon_hash="-244067125" - name: backup_appliance vendor: exagrid @@ -4300,12 +4300,12 @@ - inurl:login_up.php "plesk onyx" - platform: shodan queries: - - http.html:"plesk onyx" http.html:"plesk-build" - http.html:"plesk-build" + - http.html:"plesk onyx" http.html:"plesk-build" - platform: fofa queries: - - body="plesk onyx" http.html:"plesk-build" - body="plesk-build" + - body="plesk onyx" http.html:"plesk-build" - name: filr vendor: microfocus @@ -4443,8 +4443,8 @@ - http.title:sugarcrm - platform: google queries: - - intitle:sugarcrm - intext:"sugarcrm inc. all rights reserved" + - intitle:sugarcrm - platform: fofa queries: - title=sugarcrm @@ -4473,12 +4473,12 @@ - intitle:"ftm manager" - platform: shodan queries: - - http.title:"ftm manager" - http.html:"ftm manager" + - http.title:"ftm manager" - platform: fofa queries: - - title="ftm manager" - body="ftm manager" + - title="ftm manager" - name: superset vendor: apache @@ -4486,8 +4486,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1582430156 - http.html:"apache superset" + - http.favicon.hash:1582430156 - platform: fofa queries: - body="apache superset" @@ -4521,16 +4521,16 @@ engines: - platform: google queries: - - intitle:"check point ssl network extender" - intitle:"ssl network extender login" + - intitle:"check point ssl network extender" - platform: shodan queries: - - http.title:"check point ssl network extender" - http.title:"ssl network extender login" + - http.title:"check point ssl network extender" - platform: fofa queries: - - title="check point ssl network extender" - title="ssl network extender login" + - title="check point ssl network extender" - name: jboss_enterprise_web_platform vendor: redhat @@ -4688,12 +4688,12 @@ engines: - platform: shodan queries: - - http.title:"adselfservice plus" - http.title:"manageengine" + - http.title:"adselfservice plus" - platform: fofa queries: - - title="adselfservice plus" - title="manageengine" + - title="adselfservice plus" - platform: google queries: - intitle:"adselfservice plus" @@ -4750,8 +4750,8 @@ - intitle:"qnap turbo nas" inurl:/cgi-bin - platform: shodan queries: - - product:"qnap" - http.title:"qnap turbo nas" inurl:/cgi-bin + - product:"qnap" - platform: fofa queries: - title="qnap turbo nas" inurl:/cgi-bin @@ -4763,12 +4763,12 @@ - platform: shodan queries: - http.title:"qnap" - - http.title:"photo station" - 'content-length: 580 "http server 1.0"' + - http.title:"photo station" - platform: fofa queries: - - title="qnap" - title="photo station" + - title="qnap" - platform: google queries: - intitle:"photo station" @@ -4862,12 +4862,12 @@ - http.title:"parallels h-sphere" - platform: fofa queries: - - title="h-sphere" - title="parallels h-sphere" + - title="h-sphere" - platform: google queries: - - intitle:"h-sphere" - intitle:"parallels h-sphere" + - intitle:"h-sphere" - name: maximo_asset_management vendor: ibm @@ -4925,8 +4925,8 @@ engines: - platform: shodan queries: - - http.title:"openvpn connect" - http.title:"adobe connect" + - http.title:"openvpn connect" - platform: fofa queries: - title="adobe connect" @@ -4978,9 +4978,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:concrete5:concrete5" - http.title:"concrete5" - http.title:"install concrete5" - - cpe:"cpe:2.3:a:concrete5:concrete5" - platform: fofa queries: - title="install concrete5" @@ -5068,8 +5068,8 @@ engines: - platform: shodan queries: - - http.title:"fortiwlm" - http.html:"fortiwlm" + - http.title:"fortiwlm" - platform: fofa queries: - body="fortiwlm" @@ -5098,14 +5098,14 @@ engines: - platform: shodan queries: + - port:10443 http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" - http.html:"/remote/login" "xxxxxxxx" - http.favicon.hash:945408572 - - cpe:"cpe:2.3:o:fortinet:fortios" - - port:10443 http.favicon.hash:945408572 - platform: fofa queries: - - body="/remote/login" "xxxxxxxx" - icon_hash=945408572 + - body="/remote/login" "xxxxxxxx" - name: fortiap vendor: fortinet @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - title="dzzoffice" - icon_hash=-1961736892 + - title="dzzoffice" - platform: shodan queries: - http.favicon.hash:-1961736892 @@ -5184,9 +5184,9 @@ engines: - platform: shodan queries: + - http.html:"apache struts" - http.html:"struts problem report" - http.title:"struts2 showcase" - - http.html:"apache struts" - platform: fofa queries: - title="struts2 showcase" @@ -5242,12 +5242,12 @@ engines: - platform: shodan queries: - - http.title:"weblogic" - http.html:"weblogic application server" + - http.title:"weblogic" - platform: fofa queries: - - body="weblogic application server" - title="weblogic" + - body="weblogic application server" - platform: google queries: - intitle:"weblogic" @@ -5388,12 +5388,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:780351152 - http.html:"microweber" + - http.favicon.hash:780351152 - platform: fofa queries: - - body="microweber" - icon_hash=780351152 + - body="microweber" - name: stock_ticker vendor: urosevic @@ -5526,8 +5526,8 @@ - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -5586,8 +5586,8 @@ - title="thinkphp" - platform: shodan queries: - - cpe:"cpe:2.3:a:thinkphp:thinkphp" - http.title:"thinkphp" + - cpe:"cpe:2.3:a:thinkphp:thinkphp" - platform: google queries: - intitle:"thinkphp" @@ -5598,8 +5598,8 @@ engines: - platform: shodan queries: - - http.title:"emerge" - http.title:"linear emerge" + - http.title:"emerge" - platform: fofa queries: - title="linear emerge" @@ -5901,12 +5901,12 @@ engines: - platform: shodan queries: - - http.html:"powered by atmail" - http.html:"atmail" + - http.html:"powered by atmail" - platform: fofa queries: - - body="powered by atmail" - body="atmail" + - body="powered by atmail" - name: device_manager_express vendor: audiocodes @@ -6068,8 +6068,8 @@ - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -6102,8 +6102,8 @@ engines: - platform: fofa queries: - - icon_hash=217119619 - app="rstudio-connect" + - icon_hash=217119619 - title="openvpn connect" - platform: shodan queries: @@ -6146,8 +6146,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1189292869 - http.html:"flatpress" + - http.favicon.hash:-1189292869 - platform: fofa queries: - icon_hash=-1189292869 @@ -6290,8 +6290,8 @@ engines: - platform: fofa queries: - - icon_hash="475145467" - app="zimbra-邮件系统" + - icon_hash="475145467" - icon_hash="1624375939" - platform: shodan queries: @@ -6334,8 +6334,8 @@ engines: - platform: fofa queries: - - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - icon_hash=-1250474341 + - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - platform: shodan queries: - http.favicon.hash:-1250474341 @@ -6709,8 +6709,8 @@ engines: - platform: shodan queries: - - http.component:"bitbucket" - cpe:"cpe:2.3:a:atlassian:bitbucket" + - http.component:"bitbucket" - name: lin-cms-spring-boot vendor: talelin @@ -6833,8 +6833,8 @@ engines: - platform: fofa queries: - - body="ibm odm" - title="ibm odm" + - body="ibm odm" - platform: shodan queries: - http.html:"ibm odm" @@ -6896,8 +6896,8 @@ - platform: fofa queries: - app="goanywhere-mft" - - icon_hash=1484947000 - icon_hash=1484947000,1828756398,1170495932 + - icon_hash=1484947000 - platform: shodan queries: - http.favicon.hash:1484947000 @@ -6915,8 +6915,8 @@ - /wp-content/plugins/nextgen-gallery/ - platform: shodan queries: - - cpe:"cpe:2.3:a:imagely:nextgen_gallery" - http.html:/wp-content/plugins/nextgen-gallery/ + - cpe:"cpe:2.3:a:imagely:nextgen_gallery" - platform: fofa queries: - body=/wp-content/plugins/nextgen-gallery/ @@ -6973,8 +6973,8 @@ - platform: shodan queries: - vuln:cve-2023-2796 - - http.html:/wp-content/plugins/eventon/ - http.html:/wp-content/plugins/eventon-lite/ + - http.html:/wp-content/plugins/eventon/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7027,8 +7027,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - xwiki - http.html:"data-xwiki-reference" + - xwiki - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7116,8 +7116,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:chamilo:chamilo" - http.component:"chamilo" + - cpe:"cpe:2.3:a:chamilo:chamilo" - name: vrealize_network_insight vendor: vmware @@ -7125,12 +7125,12 @@ engines: - platform: shodan queries: - - http.title:"vmware vrealize network insight" - http.title:"vmware aria operations" + - http.title:"vmware vrealize network insight" - platform: fofa queries: - - title="vmware vrealize network insight" - title="vmware aria operations" + - title="vmware vrealize network insight" - platform: google queries: - intitle:"vmware vrealize network insight" @@ -7145,8 +7145,8 @@ - http.title:"mlflow" - platform: fofa queries: - - title="mlflow" - app="mlflow" + - title="mlflow" - platform: google queries: - intitle:"mlflow" @@ -7472,8 +7472,8 @@ - http.html:"wago" - platform: fofa queries: - - body="wago" - body="/wbm/" html:"wago" + - body="wago" - name: wordpress_toolbar vendor: abhinavsingh @@ -7593,12 +7593,12 @@ - platform: shodan queries: - http.html:"content=\"papercut\"" - - http.html:"papercut" - cpe:"cpe:2.3:a:papercut:papercut_mf" + - http.html:"papercut" - platform: fofa queries: - - body="papercut" - body="content=\"papercut\"" + - body="papercut" - name: import_xml_and_rss_feeds vendor: mooveagency @@ -7728,12 +7728,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:2144485375 - http.title:"icewarp" + - http.favicon.hash:2144485375 - platform: fofa queries: - - title="icewarp" - icon_hash=2144485375 + - title="icewarp" - platform: google queries: - intitle:"icewarp" @@ -7853,8 +7853,8 @@ - craftcms - platform: shodan queries: - - http.favicon.hash:-47932290 - http.html:craftcms + - http.favicon.hash:-47932290 - cpe:"cpe:2.3:a:craftcms:craft_cms" - platform: fofa queries: @@ -8044,9 +8044,9 @@ engines: - platform: shodan queries: - - http.title:"opencms" - cpe:"cpe:2.3:a:alkacon:opencms" - /opencms/ + - http.title:"opencms" - platform: fofa queries: - title="opencms" @@ -8175,14 +8175,14 @@ - intitle:"powered by vbulletin" - platform: shodan queries: + - http.html:"powered by vbulletin" - http.title:"powered by vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - - http.html:"powered by vbulletin" - http.component:"vbulletin" - platform: fofa queries: - - title="powered by vbulletin" - body="powered by vbulletin" + - title="powered by vbulletin" - name: webui-aria2 vendor: ziahamza @@ -8287,8 +8287,8 @@ engines: - platform: shodan queries: - - http.html:"spip.php?page=backend" - cpe:"cpe:2.3:a:spip:spip" + - http.html:"spip.php?page=backend" - platform: fofa queries: - body="spip.php?page=backend" @@ -8389,8 +8389,8 @@ engines: - platform: fofa queries: - - icon_hash=1903390397 - app="majordomosl" + - icon_hash=1903390397 - platform: shodan queries: - http.favicon.hash:1903390397 @@ -8521,8 +8521,8 @@ - http.favicon.hash:463802404 - platform: fofa queries: - - body="ray dashboard" - icon_hash=463802404 + - body="ray dashboard" - name: magnusbilling vendor: magnussolution @@ -8571,18 +8571,18 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:icewarp:mail_server" - http.title:"icewarp server administration" - http.title:"icewarp" + - cpe:"cpe:2.3:a:icewarp:mail_server" - platform: fofa queries: - title="icewarp server administration" - title="icewarp" - platform: google queries: - - intitle:"icewarp server administration" - - powered by icewarp 10.4.4 - intitle:"icewarp" + - powered by icewarp 10.4.4 + - intitle:"icewarp server administration" - name: timekeeper vendor: fsmlabs @@ -8615,8 +8615,8 @@ engines: - platform: fofa queries: - - kubepi - body="kubepi" + - kubepi - platform: shodan queries: - http.html:"kubepi" @@ -8650,8 +8650,8 @@ - http.html:requires a local sentry administrative user" - platform: fofa queries: - - 'body="note: requires a local sentry administrative user"' - body=requires a local sentry administrative user" + - 'body="note: requires a local sentry administrative user"' - name: kubeoperator vendor: fit2cloud @@ -8659,8 +8659,8 @@ engines: - platform: fofa queries: - - body="kubeoperator" - app="kubeoperator" + - body="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8723,8 +8723,8 @@ engines: - platform: shodan queries: - - http.title:"home assistant" - cpe:"cpe:2.3:a:home-assistant:home-assistant" + - http.title:"home assistant" - platform: fofa queries: - title="home assistant" @@ -9220,12 +9220,12 @@ engines: - platform: fofa queries: - - body="dedecms" - app="dedecms" + - body="dedecms" - platform: shodan queries: - - cpe:"cpe:2.3:a:dedecms:dedecms" - http.html:"dedecms" + - cpe:"cpe:2.3:a:dedecms:dedecms" - name: custom_admin_page vendor: bestwebsoft @@ -9315,8 +9315,8 @@ - app="laravel-framework" - platform: shodan queries: - - cpe:"cpe:2.3:a:laravel:laravel" - laravel-framework + - cpe:"cpe:2.3:a:laravel:laravel" - name: contact_form_multi vendor: bestwebsoft @@ -9766,8 +9766,8 @@ engines: - platform: shodan queries: - - http.title:"revive adserver" - http.favicon.hash:106844876 + - http.title:"revive adserver" - platform: fofa queries: - icon_hash=106844876 @@ -9900,8 +9900,8 @@ engines: - platform: shodan queries: - - http.html:"impresscms" - cpe:"cpe:2.3:a:impresscms:impresscms" + - http.html:"impresscms" - platform: fofa queries: - body="impresscms" @@ -9912,8 +9912,8 @@ engines: - platform: fofa queries: - - product=="telesquare-tlr-2855ks6" - title="login to tlr-2855ks6" + - product=="telesquare-tlr-2855ks6" - platform: shodan queries: - http.title:"login to tlr-2855ks6" @@ -10005,9 +10005,9 @@ engines: - platform: shodan queries: - - 'http.html:"powered by: fudforum"' - http.html:fudforum" - http.html:"fudforum" + - 'http.html:"powered by: fudforum"' - platform: fofa queries: - body=fudforum" @@ -10443,9 +10443,9 @@ - http.html:"jellyfin" - platform: fofa queries: - - body="jellyfin" - title="jellyfin" || body="http://jellyfin.media" - title="jellyfin" + - body="jellyfin" - platform: google queries: - intitle:"jellyfin" @@ -10492,8 +10492,8 @@ engines: - platform: fofa queries: - - title="jeecgboot 企业级低代码平台" - title="jeecg-boot" + - title="jeecgboot 企业级低代码平台" - platform: shodan queries: - http.title:"jeecg-boot" @@ -10590,8 +10590,8 @@ engines: - platform: fofa queries: - - body="/oam/pages/css/login_page.css" - title="oracle access management" + - body="/oam/pages/css/login_page.css" - platform: shodan queries: - http.html:"/oam/pages/css/login_page.css" @@ -10644,8 +10644,8 @@ engines: - platform: fofa queries: - - app="74cms" - body="74cms" + - app="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10810,8 +10810,8 @@ engines: - platform: shodan queries: - - http.html:"micollab" - http.html:"mitel" html:"micollab" + - http.html:"micollab" - platform: fofa queries: - body="micollab" @@ -10835,8 +10835,8 @@ - body="javax.faces.resource" - platform: shodan queries: - - http.html:"javax.faces.resource" - http.html:"javax.faces.viewstate" + - http.html:"javax.faces.resource" - name: wn575a4_firmware vendor: wavlink @@ -10894,8 +10894,8 @@ engines: - platform: shodan queries: - - 'server: mini_httpd && 200' - cpe:"cpe:2.3:a:acme:mini-httpd" + - 'server: mini_httpd && 200' - name: avatar_uploader vendor: drupal @@ -10911,8 +10911,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2032163853 - http.title:"login - jorani" + - http.favicon.hash:-2032163853 - platform: fofa queries: - icon_hash=-2032163853 @@ -11303,8 +11303,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-266008933 - cpe:"cpe:2.3:a:sap:netweaver" + - http.favicon.hash:-266008933 - platform: fofa queries: - icon_hash=-266008933 @@ -11338,8 +11338,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:openbsd:openssh" - product:"openssh" + - cpe:"cpe:2.3:a:openbsd:openssh" - name: mysql vendor: oracle @@ -15191,8 +15191,8 @@ - http.html:"solarview compact" - platform: fofa queries: - - icon_hash="-244067125" - body="solarview compact" + - icon_hash="-244067125" - name: mc3 vendor: crestron @@ -16096,8 +16096,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:h:dlink:dir-615" - http.title:"roteador wireless" + - cpe:"cpe:2.3:h:dlink:dir-615" - platform: fofa queries: - title="roteador wireless" @@ -18295,8 +18295,8 @@ engines: - platform: shodan queries: - - http.html:"aspera faspex" - cpe:"cpe:2.3:o:linux:linux_kernel" + - http.html:"aspera faspex" - platform: fofa queries: - body="aspera faspex" @@ -19077,17 +19077,17 @@ - platform: fofa queries: - body="openemr" - - app="openemr" - - title="openemr" - icon_hash=1971268439 + - title="openemr" + - app="openemr" - platform: google queries: - intitle:"openemr" - platform: shodan queries: - http.html:"openemr" - - http.title:"openemr" - http.favicon.hash:1971268439 + - http.title:"openemr" - name: download_monitor vendor: mikejolley @@ -19191,8 +19191,8 @@ engines: - platform: fofa queries: - - title="wipro holmes orchestrator" - title="holmes orchestrator" + - title="wipro holmes orchestrator" - name: prime_mover vendor: codexonics @@ -19211,8 +19211,8 @@ engines: - platform: shodan queries: - - http.title:"gradio" - http.html:"__gradio_mode__" + - http.title:"gradio" - platform: fofa queries: - body="__gradio_mode__" @@ -19331,6 +19331,17 @@ queries: - http.html:"content=\"jrecms" +- name: ui + vendor: provectus + type: product + engines: + - platform: fofa + queries: + - icon_hash="-1477045616" + - platform: shodan + queries: + - http.favicon.hash:"-1477045616" + - name: sudo vendor: sudo_project type: product @@ -19461,17 +19472,6 @@ type: product engines: [] -- name: ui - vendor: provectus - type: product - engines: - - platform: fofa - queries: - - icon_hash="-1477045616" - - platform: shodan - queries: - - http.favicon.hash:"-1477045616" - - name: sonarqube vendor: sonarsource type: product @@ -19737,11 +19737,37 @@ type: product engines: [] +- name: next.js + vendor: vercel + type: product + engines: + - platform: fofa + queries: + - body="/_next/static" + - platform: shodan + queries: + - cpe:"cpe:2.3:a:zeit:next.js" + - http.html:"/_next/static" + - name: ftp-deployment vendor: dg type: product engines: [] +- name: neodash + vendor: neo4j + type: product + engines: + - platform: shodan + queries: + - http.title:"neodash" + - platform: fofa + queries: + - title="neodash" + - platform: google + queries: + - intitle:"neodash" + - name: arcgis_engine vendor: esri type: product