diff --git a/QUERIES.yaml b/QUERIES.yaml index d7fc9f1..937e975 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -28,8 +28,8 @@ engines: - platform: shodan queries: - - redis_version - redis + - redis_version - name: siemens vendor: conpot @@ -57,16 +57,16 @@ - platform: shodan queries: - ws_ftp port:22 - - http.title:"ad hoc transfer" - http.title:"ws_ftp server web transfer" + - http.title:"ad hoc transfer" - platform: fofa queries: - - title="ws_ftp server web transfer" - title="ad hoc transfer" + - title="ws_ftp server web transfer" - platform: google queries: - - intitle:"ad hoc transfer" - intitle:"ws_ftp server web transfer" + - intitle:"ad hoc transfer" - platform: censys queries: - services.http.request.uri="*/thinclient/wtm/public/index.html" @@ -77,8 +77,8 @@ engines: - platform: shodan queries: - - product:"couchdb" - cpe:"cpe:2.3:a:apache:couchdb" + - product:"couchdb" - name: rocketmq vendor: apache @@ -86,17 +86,17 @@ engines: - platform: fofa queries: - - protocol="rocketmq" - title="rocketmq" + - protocol="rocketmq" - title="rocketmq-console-ng" - platform: shodan queries: - - http.title:"rocketmq-console-ng" - http.title:"rocketmq" + - http.title:"rocketmq-console-ng" - platform: google queries: - - intitle:"rocketmq" - intitle:"rocketmq-console-ng" + - intitle:"rocketmq" - name: ios vendor: cisco @@ -104,9 +104,9 @@ engines: - platform: shodan queries: - - product:"cisco ios http config" - cpe:"cpe:2.3:o:cisco:ios" - product:"cisco ios http config" && 200 + - product:"cisco ios http config" - name: airflow vendor: apache @@ -124,8 +124,8 @@ - apache airflow - platform: google queries: - - intitle:"sign in - airflow" - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" - name: geode vendor: apache @@ -147,8 +147,8 @@ engines: - platform: shodan queries: - - http.title:"oracle peoplesoft sign-in" - product:"oracle weblogic" + - http.title:"oracle peoplesoft sign-in" - platform: fofa queries: - title="oracle peoplesoft sign-in" @@ -201,8 +201,8 @@ engines: - platform: shodan queries: - - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian jira" - http.component:"atlassian confluence" - name: arcgis_server @@ -225,9 +225,9 @@ engines: - platform: shodan queries: - - http.favicon.hash:81586312 - - cpe:"cpe:2.3:a:jenkins:jenkins" - product:"jenkins" + - cpe:"cpe:2.3:a:jenkins:jenkins" + - http.favicon.hash:81586312 - platform: fofa queries: - icon_hash=81586312 @@ -238,9 +238,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:tomcat" - - http.html:"apache tomcat" - http.title:"apache tomcat" + - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" - platform: fofa queries: - body="apache tomcat" @@ -296,12 +296,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2098066288 - http.html:"genieacs" + - http.favicon.hash:-2098066288 - platform: fofa queries: - - body="genieacs" - icon_hash=-2098066288 + - body="genieacs" - name: dg3450 vendor: commscope @@ -334,9 +334,9 @@ engines: - platform: shodan queries: - - vuln:cve-2021-26855 - http.title:"outlook" - http.favicon.hash:1768726119 + - vuln:cve-2021-26855 - cpe:"cpe:2.3:a:microsoft:exchange_server" - platform: fofa queries: @@ -527,8 +527,8 @@ - product:"rhinosoft serv-u httpd" - platform: fofa queries: - - server="serv-u" - body="serv-u" + - server="serv-u" - name: api_manager vendor: wso2 @@ -604,13 +604,13 @@ engines: - platform: shodan queries: - - http.title:"osticket installer" - http.html:"powered by osticket" - http.title:"osticket" + - http.title:"osticket installer" - platform: fofa queries: - - title="osticket installer" - body="powered by osticket" + - title="osticket installer" - title="osticket" - platform: google queries: @@ -691,8 +691,8 @@ - http.title:"metabase" - platform: fofa queries: - - app="metabase" - title="metabase" + - app="metabase" - platform: google queries: - intitle:"metabase" @@ -739,8 +739,8 @@ engines: - platform: shodan queries: - - http.title:"login - adminer" - cpe:"cpe:2.3:a:adminer:adminer" + - http.title:"login - adminer" - platform: fofa queries: - app="adminer" && body="4.7.8" @@ -773,12 +773,12 @@ - platform: shodan queries: - http.html:"powered by gitea version" - - cpe:"cpe:2.3:a:gitea:gitea" - http.title:"gitea" + - cpe:"cpe:2.3:a:gitea:gitea" - platform: fofa queries: - - body="powered by gitea version" - title="gitea" + - body="powered by gitea version" - platform: google queries: - intitle:"gitea" @@ -837,8 +837,8 @@ engines: - platform: shodan queries: - - http.title:"cpanel - api codes" - http.title:"cpanel" + - http.title:"cpanel - api codes" - cpe:"cpe:2.3:a:cpanel:cpanel" - platform: fofa queries: @@ -870,9 +870,9 @@ engines: - platform: shodan queries: - - http.component:"phpmyadmin" - - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - http.title:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + - http.component:"phpmyadmin" - platform: fofa queries: - title="phpmyadmin" @@ -930,8 +930,8 @@ engines: - platform: shodan queries: - - http.title:"ivanti connect secure" - http.html:"welcome.cgi?p=logo" + - http.title:"ivanti connect secure" - platform: fofa queries: - title="ivanti connect secure" @@ -985,8 +985,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:drupal:drupal" - http.component:"drupal" + - cpe:"cpe:2.3:a:drupal:drupal" - name: piwigo vendor: piwigo @@ -1034,8 +1034,8 @@ engines: - platform: shodan queries: - - http.title:phppgadmin - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + - http.title:phppgadmin - platform: fofa queries: - title=phppgadmin @@ -1077,12 +1077,12 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - - icon_hash=-893681401 - title="sophos web appliance" + - icon_hash=-893681401 - platform: google queries: - intitle:"sophos web appliance" @@ -1188,8 +1188,8 @@ engines: - platform: shodan queries: - - http.title:"sign in - appwrite" - http.favicon.hash:-633108100 + - http.title:"sign in - appwrite" - platform: fofa queries: - title="sign in - appwrite" @@ -1216,14 +1216,14 @@ - platform: fofa queries: - body="qlik" + - icon_hash=-74348711 - app="qlik-sense" - title="qlik-sense" - - icon_hash=-74348711 - platform: shodan queries: - - http.favicon.hash:-74348711 - http.html:"qlik" - http.title:"qlik-sense" + - http.favicon.hash:-74348711 - platform: google queries: - intitle:"qlik-sense" @@ -1270,12 +1270,12 @@ - title:'metasploit' - platform: fofa queries: - - title="metasploit - setup and configuration" - title="metasploit" + - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit" - intitle:"metasploit - setup and configuration" + - intitle:"metasploit" - name: linkerd vendor: linkerd @@ -1298,8 +1298,8 @@ - http.title:"sophos mobile" - platform: fofa queries: - - icon_hash=-1274798165 - title="sophos mobile" + - icon_hash=-1274798165 - platform: google queries: - intitle:"sophos mobile" @@ -1310,8 +1310,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gitlab:gitlab" - http.title:"gitlab" + - cpe:"cpe:2.3:a:gitlab:gitlab" - platform: fofa queries: - title="gitlab" @@ -1458,13 +1458,13 @@ engines: - platform: google queries: - - intitle:"3cx webclient" - intitle:"3cx phone system management console" + - intitle:"3cx webclient" - platform: shodan queries: + - http.title:"3cx webclient" - http.title:"3cx phone system management console" - http.favicon.hash:970132176 - - http.title:"3cx webclient" - platform: fofa queries: - icon_hash=970132176 @@ -1495,8 +1495,8 @@ - intitle:"securetransport" || http.favicon.hash:1330269434 - platform: shodan queries: - - http.title:"securetransport" || http.favicon.hash:1330269434 - http.title:"st web client" + - http.title:"securetransport" || http.favicon.hash:1330269434 - platform: fofa queries: - title="st web client" @@ -1577,8 +1577,8 @@ - intext:"amcrest" "ldap user" - platform: shodan queries: - - http.html:"amcrest" - http.html:"amcrest" "ldap user" + - http.html:"amcrest" - platform: fofa queries: - body="amcrest" @@ -1625,8 +1625,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1760,14 +1760,14 @@ engines: - platform: shodan queries: + - http.html:"pyload" - http.title:"login - pyload" - http.title:"pyload" - - http.html:"pyload" - platform: fofa queries: - - body="pyload" - - title="login - pyload" - title="pyload" + - title="login - pyload" + - body="pyload" - platform: google queries: - intitle:"pyload" @@ -1884,13 +1884,13 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:adobe:coldfusion" - - http.title:"coldfusion administrator login" - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" - platform: fofa queries: - - title="coldfusion administrator login" - app="adobe-coldfusion" + - title="coldfusion administrator login" - platform: google queries: - intitle:"coldfusion administrator login" @@ -1943,14 +1943,14 @@ engines: - platform: shodan queries: - - http.title:"keycloak" - http.html:"keycloak" + - http.title:"keycloak" - http.favicon.hash:-1105083093 - platform: fofa queries: - icon_hash=-1105083093 - - body="keycloak" - title="keycloak" + - body="keycloak" - platform: google queries: - intitle:"keycloak" @@ -1990,12 +1990,12 @@ - http.title:"kafka consumer offset monitor" - platform: fofa queries: - - title="kafka consumer offset monitor" - title="kafka center" + - title="kafka consumer offset monitor" - platform: google queries: - - intitle:"kafka consumer offset monitor" - intitle:"kafka center" + - intitle:"kafka consumer offset monitor" - name: open-xchange_appsuite vendor: open-xchange @@ -2015,16 +2015,16 @@ - platform: shodan queries: - http.title:"apache solr" - - cpe:"cpe:2.3:a:apache:solr" - http.title:"solr admin" + - cpe:"cpe:2.3:a:apache:solr" - platform: fofa queries: - title="apache solr" - title="solr admin" - platform: google queries: - - intitle:"solr admin" - intitle:"apache solr" + - intitle:"solr admin" - name: security_onion vendor: securityonionsolutions @@ -2209,13 +2209,13 @@ engines: - platform: shodan queries: - - http.html:"contao open source cms" - - cpe:"cpe:2.3:a:contao:contao" - http.title:"contao" + - cpe:"cpe:2.3:a:contao:contao" + - http.html:"contao open source cms" - platform: fofa queries: - - title="contao" - body="contao open source cms" + - title="contao" - platform: google queries: - intitle:"contao" @@ -2240,14 +2240,14 @@ engines: - platform: fofa queries: + - icon_hash="-1797138069" - title="login to cacti" - title="cacti" - - icon_hash="-1797138069" - platform: shodan queries: - - http.title:"cacti" - http.title:"login to cacti" - http.favicon.hash:"-1797138069" + - http.title:"cacti" - platform: google queries: - intitle:"login to cacti" @@ -2284,8 +2284,8 @@ engines: - platform: google queries: - - intitle:"jedox web login" - intitle:"jedox web - login" + - intitle:"jedox web login" - platform: shodan queries: - http.title:"jedox web - login" @@ -2357,14 +2357,14 @@ engines: - platform: shodan queries: + - http.title:"zabbix-server" - http.favicon.hash:892542951 - cpe:"cpe:2.3:a:zabbix:zabbix" - - http.title:"zabbix-server" - platform: fofa queries: - - app="zabbix-监控系统" && body="saml" - icon_hash=892542951 - title="zabbix-server" + - app="zabbix-监控系统" && body="saml" - platform: google queries: - intitle:"zabbix-server" @@ -2379,8 +2379,8 @@ - http.title:"incapptic" - platform: fofa queries: - - title="incapptic" - icon_hash=-1067582922 + - title="incapptic" - platform: google queries: - intitle:"incapptic" @@ -2405,8 +2405,8 @@ engines: - platform: fofa queries: - - icon_hash="151132309" - title="cloudpanel" + - icon_hash="151132309" - platform: shodan queries: - http.favicon.hash:"151132309" @@ -2435,8 +2435,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:matomo:matomo" - http.favicon.hash:-2023266783 + - cpe:"cpe:2.3:a:matomo:matomo" - platform: fofa queries: - icon_hash=-2023266783 @@ -2648,12 +2648,12 @@ engines: - platform: shodan queries: - - http.html:"gocd version" - http.title:"create a pipeline - go" html:"gocd version" + - http.html:"gocd version" - platform: fofa queries: - - body="gocd version" - title="create a pipeline - go" html:"gocd version" + - body="gocd version" - platform: google queries: - intitle:"create a pipeline - go" html:"gocd version" @@ -2692,10 +2692,10 @@ engines: - platform: fofa queries: - - body="openemr" - - title="openemr" - icon_hash=1971268439 - app="openemr" + - title="openemr" + - body="openemr" - platform: shodan queries: - http.title:"openemr" @@ -2832,8 +2832,8 @@ engines: - platform: shodan queries: - - http.title:"zimbra collaboration suite" - http.title:"zimbra web client sign in" + - http.title:"zimbra collaboration suite" - platform: fofa queries: - title="zimbra web client sign in" @@ -2985,8 +2985,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:opencart:opencart" - http.html:"opencart" + - cpe:"cpe:2.3:a:opencart:opencart" - platform: fofa queries: - body="opencart" @@ -3048,8 +3048,8 @@ - http.title:"plesk obsidian" - platform: fofa queries: - - body="plesk obsidian" - title="plesk obsidian" + - body="plesk obsidian" - platform: google queries: - intitle:"plesk obsidian" @@ -3236,8 +3236,8 @@ engines: - platform: shodan queries: - - http.title:"icinga web 2 login" - http.title:"icinga" + - http.title:"icinga web 2 login" - platform: fofa queries: - title="icinga web 2 login" @@ -3299,8 +3299,8 @@ - http.title:"pulsar admin console" - platform: fofa queries: - - title="pulsar admin console" - title="pulsar admin ui" + - title="pulsar admin console" - platform: google queries: - intitle:"pulsar admin ui" @@ -3337,8 +3337,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1949005079 - http.html:"modoboa" + - http.favicon.hash:1949005079 - platform: fofa queries: - body="modoboa" @@ -3389,8 +3389,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:"-1474875778" - http.title:"glpi" + - http.favicon.hash:"-1474875778" - platform: fofa queries: - icon_hash="-1474875778" @@ -3438,8 +3438,8 @@ - cpe:"cpe:2.3:a:grafana:grafana" - platform: fofa queries: - - app="grafana" - title="grafana" + - app="grafana" - platform: google queries: - intitle:"grafana" @@ -3487,8 +3487,8 @@ engines: - platform: shodan queries: - - http.title:"nginx ui" - cpe:"cpe:2.3:a:f5:nginx" + - http.title:"nginx ui" - platform: fofa queries: - title="nginx ui" @@ -3594,8 +3594,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:oracle:commerce" - http.title:"oracle commerce" + - cpe:"cpe:2.3:a:oracle:commerce" - platform: fofa queries: - title="oracle commerce" @@ -3673,8 +3673,8 @@ engines: - platform: fofa queries: - - title="metersphere" - body="metersphere" + - title="metersphere" - platform: shodan queries: - http.html:"metersphere" @@ -3782,16 +3782,16 @@ engines: - platform: shodan queries: - - http.title:"tautulli - home" - http.title:"tautulli" + - http.title:"tautulli - home" - platform: fofa queries: - title="tautulli" - title="tautulli - home" - platform: google queries: - - intitle:"tautulli" - intitle:"tautulli - home" + - intitle:"tautulli" - name: greenbone_security_assistant vendor: greenbone @@ -3834,8 +3834,8 @@ - body="ektron" - platform: shodan queries: - - http.html:"ektron" - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" + - http.html:"ektron" - name: kubernetes vendor: kubernetes @@ -3858,9 +3858,9 @@ engines: - platform: shodan queries: + - micro focus dsd - http.title:"setup github enterprise" - http.title:"github enterprise" - - micro focus dsd - platform: fofa queries: - title="github enterprise" @@ -3989,14 +3989,14 @@ engines: - platform: shodan queries: - - http.title:"minio browser" - cpe:"cpe:2.3:a:minio:minio" - http.title:"minio console" + - http.title:"minio browser" - platform: fofa queries: - - title="minio browser" - app="minio" - title="minio console" + - title="minio browser" - platform: google queries: - intitle:"minio console" @@ -4053,13 +4053,13 @@ - html:'content="papercut' - platform: shodan queries: + - http.html:"content=\"papercut\"" - http.html:'content="papercut' - cpe:"cpe:2.3:a:papercut:papercut_ng" - - http.html:"content=\"papercut\"" - platform: fofa queries: - - body="content=\"papercut\"" - body='content="papercut' + - body="content=\"papercut\"" - name: ilias vendor: ilias @@ -4114,8 +4114,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-379154636 - http.title:"kubeview" + - http.favicon.hash:-379154636 - platform: fofa queries: - icon_hash=-379154636 @@ -4443,12 +4443,12 @@ - http.title:sugarcrm - platform: google queries: - - intitle:sugarcrm - intext:"sugarcrm inc. all rights reserved" + - intitle:sugarcrm - platform: fofa queries: - - title=sugarcrm - body="sugarcrm inc. all rights reserved" + - title=sugarcrm - name: code-server vendor: coder @@ -4473,12 +4473,12 @@ - intitle:"ftm manager" - platform: shodan queries: - - http.title:"ftm manager" - http.html:"ftm manager" + - http.title:"ftm manager" - platform: fofa queries: - - title="ftm manager" - body="ftm manager" + - title="ftm manager" - name: superset vendor: apache @@ -4521,12 +4521,12 @@ engines: - platform: google queries: - - intitle:"check point ssl network extender" - intitle:"ssl network extender login" + - intitle:"check point ssl network extender" - platform: shodan queries: - - http.title:"check point ssl network extender" - http.title:"ssl network extender login" + - http.title:"check point ssl network extender" - platform: fofa queries: - title="ssl network extender login" @@ -4577,8 +4577,8 @@ - http.title:"manageengine desktop central 10" - platform: fofa queries: - - title="manageengine desktop central 10" - app="zoho-manageengine-desktop" + - title="manageengine desktop central 10" - platform: google queries: - intitle:"manageengine desktop central 10" @@ -4688,16 +4688,16 @@ engines: - platform: shodan queries: - - http.title:"manageengine" - http.title:"adselfservice plus" + - http.title:"manageengine" - platform: fofa queries: - - title="adselfservice plus" - title="manageengine" + - title="adselfservice plus" - platform: google queries: - - intitle:"manageengine" - intitle:"adselfservice plus" + - intitle:"manageengine" - name: routeros vendor: mikrotik @@ -4767,8 +4767,8 @@ - http.title:"photo station" - platform: fofa queries: - - title="qnap" - title="photo station" + - title="qnap" - platform: google queries: - intitle:"qnap" @@ -4909,9 +4909,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:adobe:experience_manager" - http.title:"aem sign in" - http.component:"adobe experience manager" - - cpe:"cpe:2.3:a:adobe:experience_manager" - platform: fofa queries: - title="aem sign in" @@ -4978,17 +4978,17 @@ engines: - platform: shodan queries: - - http.title:"concrete5" - cpe:"cpe:2.3:a:concrete5:concrete5" - http.title:"install concrete5" + - http.title:"concrete5" - platform: fofa queries: - - title="install concrete5" - title="concrete5" + - title="install concrete5" - platform: google queries: - - intitle:"install concrete5" - intitle:"concrete5" + - intitle:"install concrete5" - name: apisix vendor: apache @@ -5039,8 +5039,8 @@ engines: - platform: fofa queries: - - title="fortimail" - fortimail && port=443 + - title="fortimail" - platform: shodan queries: - http.title:"fortimail" @@ -5072,8 +5072,8 @@ - http.html:"fortiwlm" - platform: fofa queries: - - body="fortiwlm" - title="fortiwlm" + - body="fortiwlm" - platform: google queries: - intitle:"fortiwlm" @@ -5098,10 +5098,10 @@ engines: - platform: shodan queries: - - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 - port:10443 http.favicon.hash:945408572 - - cpe:"cpe:2.3:o:fortinet:fortios" - platform: fofa queries: - body="/remote/login" "xxxxxxxx" @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - icon_hash=-1961736892 - title="dzzoffice" + - icon_hash=-1961736892 - platform: shodan queries: - http.favicon.hash:-1961736892 @@ -5164,8 +5164,8 @@ engines: - platform: fofa queries: - - body="kkfileview" - app="kkfileview" + - body="kkfileview" - platform: shodan queries: - http.html:"kkfileview" @@ -5184,14 +5184,14 @@ engines: - platform: shodan queries: - - http.title:"struts2 showcase" - http.html:"struts problem report" + - http.title:"struts2 showcase" - http.html:"apache struts" - platform: fofa queries: - - title="struts2 showcase" - - body="struts problem report" - body="apache struts" + - body="struts problem report" + - title="struts2 showcase" - platform: google queries: - intitle:"struts2 showcase" @@ -5242,8 +5242,8 @@ engines: - platform: shodan queries: - - http.html:"weblogic application server" - http.title:"weblogic" + - http.html:"weblogic application server" - platform: fofa queries: - body="weblogic application server" @@ -5310,8 +5310,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -5526,8 +5526,8 @@ - http.title:"wi-fi app login" - platform: fofa queries: - - body="wavlink" - title="wi-fi app login" + - body="wavlink" - platform: google queries: - intitle:"wi-fi app login" @@ -5602,8 +5602,8 @@ - http.title:"linear emerge" - platform: fofa queries: - - title="emerge" - title="linear emerge" + - title="emerge" - platform: google queries: - intitle:"emerge" @@ -5627,8 +5627,8 @@ - http.html:"wn530hg4" - platform: fofa queries: - - title="wi-fi app login" - body="wn530hg4" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -5706,8 +5706,8 @@ engines: - platform: fofa queries: - - product=="tenda-11n-wireless-ap" - title="tenda 11n" + - product=="tenda-11n-wireless-ap" - platform: shodan queries: - http.title:"tenda 11n" @@ -5721,8 +5721,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1469328760 - http.html:"pmb group" + - http.favicon.hash:1469328760 - platform: fofa queries: - body="pmb group" @@ -5885,12 +5885,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1521640213 - http.title:"hoteldruid" + - http.favicon.hash:-1521640213 - platform: fofa queries: - - icon_hash=-1521640213 - title="hoteldruid" + - icon_hash=-1521640213 - platform: google queries: - intitle:"hoteldruid" @@ -5905,8 +5905,8 @@ - http.html:"atmail" - platform: fofa queries: - - body="atmail" - body="powered by atmail" + - body="atmail" - name: device_manager_express vendor: audiocodes @@ -6068,8 +6068,8 @@ - http.title:"wi-fi app login" - platform: fofa queries: - - body="wavlink" - title="wi-fi app login" + - body="wavlink" - platform: google queries: - intitle:"wi-fi app login" @@ -6102,13 +6102,13 @@ engines: - platform: fofa queries: - - icon_hash=217119619 - title="openvpn connect" + - icon_hash=217119619 - app="rstudio-connect" - platform: shodan queries: - - http.title:"openvpn connect" - http.favicon.hash:217119619 + - http.title:"openvpn connect" - platform: google queries: - intitle:"openvpn connect" @@ -6150,8 +6150,8 @@ - http.html:"flatpress" - platform: fofa queries: - - icon_hash=-1189292869 - body="flatpress" + - icon_hash=-1189292869 - name: masacms vendor: masacms @@ -6290,13 +6290,13 @@ engines: - platform: fofa queries: + - icon_hash="475145467" - app="zimbra-邮件系统" - icon_hash="1624375939" - - icon_hash="475145467" - platform: shodan queries: - - http.favicon.hash:"1624375939" - http.favicon.hash:"475145467" + - http.favicon.hash:"1624375939" - name: basic_pdu_firmware vendor: powertekpdus @@ -6334,8 +6334,8 @@ engines: - platform: fofa queries: - - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - icon_hash=-1250474341 + - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - platform: shodan queries: - http.favicon.hash:-1250474341 @@ -6614,8 +6614,8 @@ engines: - platform: fofa queries: - - title="identity management" - title="identity management" html:"freeipa" + - title="identity management" - platform: shodan queries: - http.title:"identity management" html:"freeipa" @@ -6762,8 +6762,8 @@ - icon_hash="-631559155" - platform: shodan queries: - - http.favicon.hash:"-631559155" - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + - http.favicon.hash:"-631559155" - name: User Meta vendor: User Meta @@ -6793,8 +6793,8 @@ engines: - platform: fofa queries: - - title="高清智能录播系统" - app="ncast-产品" && title=="高清智能录播系统" + - title="高清智能录播系统" - platform: zoomeye queries: - title:"高清智能录播系统" @@ -6896,12 +6896,12 @@ - platform: fofa queries: - app="goanywhere-mft" - - icon_hash=1484947000 - icon_hash=1484947000,1828756398,1170495932 + - icon_hash=1484947000 - platform: shodan queries: - - http.favicon.hash:1484947000 - http.favicon.hash:1484947000,1828756398,1170495932 + - http.favicon.hash:1484947000 - platform: zoomeye queries: - app:"fortra goanywhere-mft" @@ -6963,18 +6963,18 @@ engines: - platform: fofa queries: - - wp-content/plugins/eventon/ - - body=/wp-content/plugins/eventon-lite/ - body=/wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon-lite/ + - wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon-lite/ - /wp-content/plugins/eventon/ - platform: shodan queries: - - http.html:/wp-content/plugins/eventon/ - http.html:/wp-content/plugins/eventon-lite/ - vuln:cve-2023-2796 + - http.html:/wp-content/plugins/eventon/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7027,8 +7027,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - xwiki - http.html:"data-xwiki-reference" + - xwiki - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7072,8 +7072,8 @@ engines: - platform: shodan queries: - - http.title:"verta ai" - http.favicon.hash:-2097033750 + - http.title:"verta ai" - platform: zoomeye queries: - title:"verta ai" @@ -7133,8 +7133,8 @@ - title="vmware vrealize network insight" - platform: google queries: - - intitle:"vmware vrealize network insight" - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" - name: mlflow vendor: lfprojects @@ -7268,8 +7268,8 @@ engines: - platform: fofa queries: - - app="powerjob" - body="powerjob" + - app="powerjob" - platform: shodan queries: - http.html:"powerjob" @@ -7468,8 +7468,8 @@ engines: - platform: shodan queries: - - http.html:"/wbm/" html:"wago" - http.html:"wago" + - http.html:"/wbm/" html:"wago" - platform: fofa queries: - body="/wbm/" html:"wago" @@ -7592,9 +7592,9 @@ engines: - platform: shodan queries: + - http.html:"content=\"papercut\"" - http.html:"papercut" - cpe:"cpe:2.3:a:papercut:papercut_mf" - - http.html:"content=\"papercut\"" - platform: fofa queries: - body="papercut" @@ -7728,8 +7728,8 @@ engines: - platform: shodan queries: - - http.title:"icewarp" - http.favicon.hash:2144485375 + - http.title:"icewarp" - platform: fofa queries: - icon_hash=2144485375 @@ -7854,8 +7854,8 @@ - platform: shodan queries: - http.html:craftcms - - cpe:"cpe:2.3:a:craftcms:craft_cms" - http.favicon.hash:-47932290 + - cpe:"cpe:2.3:a:craftcms:craft_cms" - platform: fofa queries: - icon_hash=-47932290 @@ -8044,9 +8044,9 @@ engines: - platform: shodan queries: + - /opencms/ - http.title:"opencms" - cpe:"cpe:2.3:a:alkacon:opencms" - - /opencms/ - platform: fofa queries: - title="opencms" @@ -8175,9 +8175,9 @@ - intext:"powered by vbulletin" - platform: shodan queries: + - http.html:"powered by vbulletin" - http.component:"vbulletin" - http.title:"powered by vbulletin" - - http.html:"powered by vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - platform: fofa queries: @@ -8299,8 +8299,8 @@ engines: - platform: fofa queries: - - moosocial - icon_hash="702863115" + - moosocial - platform: shodan queries: - http.favicon.hash:"702863115" @@ -8333,8 +8333,8 @@ - app="microsoft-sharepoint" - platform: shodan queries: - - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - http.headers_hash:-1968878704 + - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - name: manageengine_firewall_analyzer vendor: zohocorp @@ -8401,12 +8401,12 @@ engines: - platform: shodan queries: - - http.html:"cockpit" - http.favicon.hash:688609340 + - http.html:"cockpit" - platform: fofa queries: - - body="cockpit" - icon_hash=688609340 + - body="cockpit" - name: intercom_broadcast_system vendor: hikvision @@ -8517,8 +8517,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:463802404 - http.html:"ray dashboard" + - http.favicon.hash:463802404 - platform: fofa queries: - icon_hash=463802404 @@ -8580,8 +8580,8 @@ - title="icewarp" - platform: google queries: - - powered by icewarp 10.4.4 - intitle:"icewarp" + - powered by icewarp 10.4.4 - intitle:"icewarp server administration" - name: timekeeper @@ -8615,8 +8615,8 @@ engines: - platform: fofa queries: - - kubepi - body="kubepi" + - kubepi - platform: shodan queries: - http.html:"kubepi" @@ -8723,8 +8723,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:home-assistant:home-assistant" - http.title:"home assistant" + - cpe:"cpe:2.3:a:home-assistant:home-assistant" - platform: fofa queries: - title="home assistant" @@ -8776,8 +8776,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:microsoft:windows_7" - '"microsoft-iis" "2015"' + - cpe:"cpe:2.3:o:microsoft:windows_7" - name: tivoli_common_reporting vendor: ibm @@ -9107,8 +9107,8 @@ engines: - platform: shodan queries: - - http.title:"jboss" - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" + - http.title:"jboss" - platform: fofa queries: - title="jboss" @@ -9122,8 +9122,8 @@ engines: - platform: shodan queries: - - http.title:"icewarp" - http.title:"gotify" + - http.title:"icewarp" - platform: fofa queries: - title="gotify" @@ -9303,8 +9303,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:http_server" - apache 2.4.49 + - cpe:"cpe:2.3:a:apache:http_server" - name: laravel vendor: laravel @@ -9338,8 +9338,8 @@ engines: - platform: shodan queries: - - http.html:"/_next/static" - cpe:"cpe:2.3:a:zeit:next.js" + - http.html:"/_next/static" - platform: fofa queries: - body="/_next/static" @@ -9557,8 +9557,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - http.title:"dokuwiki" + - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - platform: fofa queries: - title="dokuwiki" @@ -10005,13 +10005,12 @@ engines: - platform: shodan queries: - - http.html:fudforum" - - 'http.html:"powered by: fudforum"' - http.html:"fudforum" + - 'http.html:"powered by: fudforum"' - platform: fofa queries: + - body=fudforum" - 'body="powered by: fudforum"' - - body="fudforum" - name: vigorconnect vendor: draytek @@ -10439,13 +10438,13 @@ engines: - platform: shodan queries: - - http.title:"jellyfin" - http.html:"jellyfin" + - http.title:"jellyfin" - platform: fofa queries: - - body="jellyfin" - title="jellyfin" || body="http://jellyfin.media" - title="jellyfin" + - body="jellyfin" - platform: google queries: - intitle:"jellyfin" @@ -10590,8 +10589,8 @@ engines: - platform: fofa queries: - - body="/oam/pages/css/login_page.css" - title="oracle access management" + - body="/oam/pages/css/login_page.css" - platform: shodan queries: - http.title:"oracle access management" @@ -10644,8 +10643,8 @@ engines: - platform: fofa queries: - - body="74cms" - app="74cms" + - body="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10810,8 +10809,8 @@ engines: - platform: shodan queries: - - http.html:"mitel" html:"micollab" - http.html:"micollab" + - http.html:"mitel" html:"micollab" - platform: fofa queries: - body="mitel" html:"micollab" @@ -10894,8 +10893,8 @@ engines: - platform: shodan queries: - - 'server: mini_httpd && 200' - cpe:"cpe:2.3:a:acme:mini-httpd" + - 'server: mini_httpd && 200' - name: avatar_uploader vendor: drupal @@ -11303,8 +11302,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-266008933 - cpe:"cpe:2.3:a:sap:netweaver" + - http.favicon.hash:-266008933 - platform: fofa queries: - icon_hash=-266008933 @@ -18295,8 +18294,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:linux:linux_kernel" - http.html:"aspera faspex" + - cpe:"cpe:2.3:o:linux:linux_kernel" - platform: fofa queries: - body="aspera faspex" @@ -19076,17 +19075,17 @@ engines: - platform: fofa queries: - - body="openemr" - - title="openemr" - icon_hash=1971268439 - app="openemr" + - title="openemr" + - body="openemr" - platform: google queries: - intitle:"openemr" - platform: shodan queries: - - http.title:"openemr" - http.html:"openemr" + - http.title:"openemr" - http.favicon.hash:1971268439 - name: download_monitor @@ -19211,8 +19210,8 @@ engines: - platform: shodan queries: - - http.title:"gradio" - http.html:"__gradio_mode__" + - http.title:"gradio" - platform: fofa queries: - body="__gradio_mode__"