From 70978be41c8e1f2785ac23199b1ee7d008c4f365 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Thu, 27 Jun 2024 00:05:52 +0000 Subject: [PATCH] Syncing queries from Templates --- QUERIES.yaml | 447 ++++++++++++++++++++++++++------------------------- 1 file changed, 225 insertions(+), 222 deletions(-) diff --git a/QUERIES.yaml b/QUERIES.yaml index 1f99db3..b089de5 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -56,9 +56,9 @@ engines: - platform: shodan queries: - - http.title:"ad hoc transfer" - ws_ftp port:22 - http.title:"ws_ftp server web transfer" + - http.title:"ad hoc transfer" - platform: fofa queries: - title="ws_ftp server web transfer" @@ -86,17 +86,17 @@ engines: - platform: fofa queries: - - title="rocketmq-console-ng" - - title="rocketmq" - protocol="rocketmq" + - title="rocketmq" + - title="rocketmq-console-ng" - platform: shodan queries: - - http.title:"rocketmq" - http.title:"rocketmq-console-ng" + - http.title:"rocketmq" - platform: google queries: - - intitle:"rocketmq-console-ng" - intitle:"rocketmq" + - intitle:"rocketmq-console-ng" - name: ios vendor: cisco @@ -105,8 +105,8 @@ - platform: shodan queries: - product:"cisco ios http config" - - product:"cisco ios http config" && 200 - cpe:"cpe:2.3:o:cisco:ios" + - product:"cisco ios http config" && 200 - name: airflow vendor: apache @@ -114,8 +114,8 @@ engines: - platform: shodan queries: - - http.title:"sign in - airflow" - http.title:"airflow - dags" || http.html:"apache airflow" + - http.title:"sign in - airflow" - product:"redis" - platform: fofa queries: @@ -201,8 +201,8 @@ engines: - platform: shodan queries: - - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian jira" - http.component:"atlassian confluence" - name: arcgis_server @@ -300,8 +300,8 @@ - http.html:"genieacs" - platform: fofa queries: - - icon_hash=-2098066288 - body="genieacs" + - icon_hash=-2098066288 - name: dg3450 vendor: commscope @@ -334,10 +334,10 @@ engines: - platform: shodan queries: + - vuln:cve-2021-26855 - http.title:"outlook" - - cpe:"cpe:2.3:a:microsoft:exchange_server" - http.favicon.hash:1768726119 - - vuln:cve-2021-26855 + - cpe:"cpe:2.3:a:microsoft:exchange_server" - platform: fofa queries: - title="outlook" @@ -363,8 +363,8 @@ engines: - platform: fofa queries: - - body="thruk" - title=="thruk monitoring webinterface" + - body="thruk" - platform: shodan queries: - http.html:"thruk" @@ -378,8 +378,8 @@ - http.title:"nagios xi" - platform: fofa queries: - - title="nagios xi" - app="nagios-xi" + - title="nagios xi" - platform: google queries: - intitle:"nagios xi" @@ -485,12 +485,12 @@ engines: - platform: shodan queries: - - http.html:"weiphp" - http.html:"weiphp5.0" + - http.html:"weiphp" - platform: fofa queries: - - body="weiphp" - body="weiphp5.0" + - body="weiphp" - name: processwire vendor: processwire @@ -523,8 +523,8 @@ engines: - platform: shodan queries: - - http.html:"serv-u" - product:"rhinosoft serv-u httpd" + - http.html:"serv-u" - platform: fofa queries: - server="serv-u" @@ -604,18 +604,18 @@ engines: - platform: shodan queries: - - http.title:"osticket" - http.title:"osticket installer" + - http.title:"osticket" - http.html:"powered by osticket" - platform: fofa queries: - - title="osticket installer" - - title="osticket" - body="powered by osticket" + - title="osticket" + - title="osticket installer" - platform: google queries: - - intitle:"osticket" - intitle:"osticket installer" + - intitle:"osticket" - name: big-ip_access_policy_manager vendor: f5 @@ -691,8 +691,8 @@ - http.title:"metabase" - platform: fofa queries: - - app="metabase" - title="metabase" + - app="metabase" - platform: google queries: - intitle:"metabase" @@ -743,8 +743,8 @@ - cpe:"cpe:2.3:a:adminer:adminer" - platform: fofa queries: - - app="adminer" && body="4.7.8" - title="login - adminer" + - app="adminer" && body="4.7.8" - platform: hunter queries: - app.name="adminer"&&web.body="4.7.8" @@ -772,13 +772,13 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:gitea:gitea" - http.title:"gitea" - http.html:"powered by gitea version" - - cpe:"cpe:2.3:a:gitea:gitea" - platform: fofa queries: - - title="gitea" - body="powered by gitea version" + - title="gitea" - platform: google queries: - intitle:"gitea" @@ -789,8 +789,8 @@ engines: - platform: shodan queries: - - 'server: labkey' - 'http.title:"sign in: /home"' + - 'server: labkey' - platform: fofa queries: - 'title="sign in: /home"' @@ -838,16 +838,16 @@ - platform: shodan queries: - http.title:"cpanel" - - http.title:"cpanel - api codes" - cpe:"cpe:2.3:a:cpanel:cpanel" + - http.title:"cpanel - api codes" - platform: fofa queries: - title="cpanel - api codes" - title="cpanel" - platform: google queries: - - intitle:"cpanel" - intitle:"cpanel - api codes" + - intitle:"cpanel" - name: cip_92200_firmware vendor: intelbras @@ -855,8 +855,8 @@ engines: - platform: fofa queries: - - app="intelbras" - title="intelbras" + - app="intelbras" - platform: shodan queries: - http.title:"intelbras" @@ -871,12 +871,12 @@ - platform: shodan queries: - http.title:"phpmyadmin" - - http.component:"phpmyadmin" - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + - http.component:"phpmyadmin" - platform: fofa queries: - - body="pma_servername" && body="4.8.4" - title="phpmyadmin" + - body="pma_servername" && body="4.8.4" - platform: google queries: - intitle:"phpmyadmin" @@ -934,8 +934,8 @@ - http.html:"welcome.cgi?p=logo" - platform: fofa queries: - - title="ivanti connect secure" - body="welcome.cgi?p=logo" + - title="ivanti connect secure" - platform: google queries: - intitle:"ivanti connect secure" @@ -994,8 +994,8 @@ engines: - platform: fofa queries: - - icon_hash=540706145 - title="piwigo" + - icon_hash=540706145 - platform: google queries: - powered by piwigo @@ -1077,8 +1077,8 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - title="sophos web appliance" @@ -1217,13 +1217,13 @@ queries: - icon_hash=-74348711 - title="qlik-sense" - - body="qlik" - app="qlik-sense" + - body="qlik" - platform: shodan queries: + - http.favicon.hash:-74348711 - http.html:"qlik" - http.title:"qlik-sense" - - http.favicon.hash:-74348711 - platform: google queries: - intitle:"qlik-sense" @@ -1263,8 +1263,8 @@ engines: - platform: shodan queries: - - http.title:"metasploit - setup and configuration" - http.title:"metasploit" + - http.title:"metasploit - setup and configuration" - platform: zoomeye queries: - title:'metasploit' @@ -1310,8 +1310,8 @@ engines: - platform: shodan queries: - - http.title:"gitlab" - cpe:"cpe:2.3:a:gitlab:gitlab" + - http.title:"gitlab" - platform: fofa queries: - title="gitlab" @@ -1404,8 +1404,8 @@ engines: - platform: google queries: - - intitle:"pega platform" - inurl:"/prweb/prauth/app/default" + - intitle:"pega platform" - platform: shodan queries: - http.title:"pega platform" @@ -1458,17 +1458,17 @@ engines: - platform: google queries: - - intitle:"3cx phone system management console" - intitle:"3cx webclient" + - intitle:"3cx phone system management console" - platform: shodan queries: - - http.title:"3cx phone system management console" - - http.favicon.hash:970132176 - http.title:"3cx webclient" + - http.favicon.hash:970132176 + - http.title:"3cx phone system management console" - platform: fofa queries: - - title="3cx phone system management console" - icon_hash=970132176 + - title="3cx phone system management console" - title="3cx webclient" - name: lansweeper @@ -1491,16 +1491,16 @@ engines: - platform: google queries: - - intitle:"securetransport" || http.favicon.hash:1330269434 - intitle:"st web client" + - intitle:"securetransport" || http.favicon.hash:1330269434 - platform: shodan queries: - http.title:"securetransport" || http.favicon.hash:1330269434 - http.title:"st web client" - platform: fofa queries: - - title="securetransport" || http.favicon.hash:1330269434 - title="st web client" + - title="securetransport" || http.favicon.hash:1330269434 - name: spark vendor: apache @@ -1581,8 +1581,8 @@ - http.html:"amcrest" "ldap user" - platform: fofa queries: - - body="amcrest" - body="amcrest" "ldap user" + - body="amcrest" - name: influxdb vendor: influxdata @@ -1590,8 +1590,8 @@ engines: - platform: shodan queries: - - influxdb - http.title:"influxdb - admin interface" + - influxdb - platform: fofa queries: - title="influxdb - admin interface" @@ -1609,12 +1609,12 @@ - http.title:"openfire admin console" - platform: fofa queries: - - title="openfire admin console" - title="openfire" + - title="openfire admin console" - platform: google queries: - - intitle:"openfire admin console" - intitle:"openfire" + - intitle:"openfire admin console" - name: gogs vendor: gogs @@ -1625,8 +1625,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1665,8 +1665,8 @@ - http.favicon.hash:-82958153 - platform: fofa queries: - - icon_hash=-82958153 - app="screenconnect-remote-support-software" + - icon_hash=-82958153 - platform: hunter queries: - app.name="connectwise screenconnect software" @@ -1760,9 +1760,9 @@ engines: - platform: shodan queries: + - http.title:"pyload" - http.title:"login - pyload" - http.html:"pyload" - - http.title:"pyload" - platform: fofa queries: - body="pyload" @@ -1943,14 +1943,14 @@ engines: - platform: shodan queries: - - http.html:"keycloak" - http.favicon.hash:-1105083093 + - http.html:"keycloak" - http.title:"keycloak" - platform: fofa queries: + - title="keycloak" - body="keycloak" - icon_hash=-1105083093 - - title="keycloak" - platform: google queries: - intitle:"keycloak" @@ -1994,8 +1994,8 @@ - title="kafka consumer offset monitor" - platform: google queries: - - intitle:"kafka consumer offset monitor" - intitle:"kafka center" + - intitle:"kafka consumer offset monitor" - name: open-xchange_appsuite vendor: open-xchange @@ -2074,8 +2074,8 @@ engines: - platform: shodan queries: - - http.html:"esxuiapp" - cpe:"cpe:2.3:o:vmware:esxi" + - http.html:"esxuiapp" - platform: fofa queries: - body="esxuiapp" @@ -2240,18 +2240,18 @@ engines: - platform: fofa queries: - - title="login to cacti" - icon_hash="-1797138069" + - title="login to cacti" - title="cacti" - platform: shodan queries: - http.favicon.hash:"-1797138069" - - http.title:"login to cacti" - http.title:"cacti" + - http.title:"login to cacti" - platform: google queries: - - intitle:"cacti" - intitle:"login to cacti" + - intitle:"cacti" - name: confluence_data_center vendor: atlassian @@ -2358,13 +2358,13 @@ - platform: shodan queries: - http.title:"zabbix-server" - - cpe:"cpe:2.3:a:zabbix:zabbix" - http.favicon.hash:892542951 + - cpe:"cpe:2.3:a:zabbix:zabbix" - platform: fofa queries: + - title="zabbix-server" - icon_hash=892542951 - app="zabbix-监控系统" && body="saml" - - title="zabbix-server" - platform: google queries: - intitle:"zabbix-server" @@ -2375,12 +2375,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1067582922 - http.title:"incapptic" + - http.favicon.hash:-1067582922 - platform: fofa queries: - - title="incapptic" - icon_hash=-1067582922 + - title="incapptic" - platform: google queries: - intitle:"incapptic" @@ -2435,8 +2435,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2023266783 - cpe:"cpe:2.3:a:matomo:matomo" + - http.favicon.hash:-2023266783 - platform: fofa queries: - icon_hash=-2023266783 @@ -2483,12 +2483,12 @@ - intext:"totemomail" inurl:responsiveui - platform: shodan queries: - - http.html:"totemomail" inurl:responsiveui - http.html:responsiveui + - http.html:"totemomail" inurl:responsiveui - platform: fofa queries: - - body=responsiveui - body="totemomail" inurl:responsiveui + - body=responsiveui - name: vibe vendor: microfocus @@ -2692,15 +2692,15 @@ engines: - platform: fofa queries: - - title="openemr" + - icon_hash=1971268439 - body="openemr" - app="openemr" - - icon_hash=1971268439 + - title="openemr" - platform: shodan queries: - - http.html:"openemr" - http.title:"openemr" - http.favicon.hash:1971268439 + - http.html:"openemr" - platform: google queries: - intitle:"openemr" @@ -2725,13 +2725,13 @@ engines: - platform: shodan queries: - - http.html:"router management - server openvpn" - http.title:"openvpn-admin" - cpe:"cpe:2.3:a:openvpn:openvpn" + - http.html:"router management - server openvpn" - platform: fofa queries: - - body="router management - server openvpn" - title="openvpn-admin" + - body="router management - server openvpn" - platform: google queries: - intitle:"openvpn-admin" @@ -2750,8 +2750,8 @@ engines: - platform: shodan queries: - - http.title:"netdata dashboard" - 'server: netdata embedded http server' + - http.title:"netdata dashboard" - platform: fofa queries: - title="netdata dashboard" @@ -2985,8 +2985,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:opencart:opencart" - http.html:"opencart" + - cpe:"cpe:2.3:a:opencart:opencart" - platform: fofa queries: - body="opencart" @@ -3044,12 +3044,12 @@ engines: - platform: shodan queries: - - http.title:"plesk obsidian" - http.html:"plesk obsidian" + - http.title:"plesk obsidian" - platform: fofa queries: - - title="plesk obsidian" - body="plesk obsidian" + - title="plesk obsidian" - platform: google queries: - intitle:"plesk obsidian" @@ -3146,9 +3146,9 @@ engines: - platform: shodan queries: + - http.component:"joomla" - http.html:"joomla! - open source content management" - cpe:"cpe:2.3:a:joomla:joomla\!" - - http.component:"joomla" - platform: fofa queries: - body="joomla! - open source content management" @@ -3236,16 +3236,16 @@ engines: - platform: shodan queries: - - http.title:"icinga" - http.title:"icinga web 2 login" + - http.title:"icinga" - platform: fofa queries: - - title="icinga web 2 login" - title="icinga" + - title="icinga web 2 login" - platform: google queries: - - intitle:"icinga" - intitle:"icinga web 2 login" + - intitle:"icinga" - name: successfactors vendor: sap @@ -3295,8 +3295,8 @@ engines: - platform: shodan queries: - - http.title:"pulsar admin ui" - http.title:"pulsar admin console" + - http.title:"pulsar admin ui" - platform: fofa queries: - title="pulsar admin console" @@ -3393,8 +3393,8 @@ - http.title:"glpi" - platform: fofa queries: - - title="glpi" - icon_hash="-1474875778" + - title="glpi" - platform: google queries: - intitle:"glpi" @@ -3405,8 +3405,8 @@ engines: - platform: shodan queries: - - http.component:"teamcity" - http.title:teamcity + - http.component:"teamcity" - platform: fofa queries: - title=teamcity @@ -3464,8 +3464,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:activemq" - product:"activemq openwire transport" + - cpe:"cpe:2.3:a:apache:activemq" - name: pandora_fms vendor: pandorafms @@ -3567,12 +3567,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:1701804003 - http.title:"servicenow" + - http.favicon.hash:1701804003 - platform: fofa queries: - - icon_hash=1701804003 - title="servicenow" + - icon_hash=1701804003 - platform: google queries: - intitle:"servicenow" @@ -3673,8 +3673,8 @@ engines: - platform: fofa queries: - - title="metersphere" - body="metersphere" + - title="metersphere" - platform: shodan queries: - http.html:"metersphere" @@ -3693,8 +3693,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:129457226 - cpe:"cpe:2.3:a:liferay:liferay_portal" + - http.favicon.hash:129457226 - platform: fofa queries: - icon_hash=129457226 @@ -3782,16 +3782,16 @@ engines: - platform: shodan queries: - - http.title:"tautulli - home" - http.title:"tautulli" + - http.title:"tautulli - home" - platform: fofa queries: - title="tautulli - home" - title="tautulli" - platform: google queries: - - intitle:"tautulli - home" - intitle:"tautulli" + - intitle:"tautulli - home" - name: greenbone_security_assistant vendor: greenbone @@ -3834,8 +3834,8 @@ - app="ektron-cms" - platform: shodan queries: - - http.html:"ektron" - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" + - http.html:"ektron" - name: kubernetes vendor: kubernetes @@ -3858,18 +3858,18 @@ engines: - platform: shodan queries: - - http.title:"setup github enterprise" - http.title:"github enterprise" - micro focus dsd + - http.title:"setup github enterprise" - platform: fofa queries: - - title="setup github enterprise" - - title="github enterprise" - app="github-enterprise" + - title="github enterprise" + - title="setup github enterprise" - platform: google queries: - - intitle:"setup github enterprise" - intitle:"github enterprise" + - intitle:"setup github enterprise" - name: access_rights_manager vendor: solarwinds @@ -3989,18 +3989,18 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:minio:minio" - - http.title:"minio browser" - http.title:"minio console" + - http.title:"minio browser" + - cpe:"cpe:2.3:a:minio:minio" - platform: fofa queries: + - app="minio" - title="minio browser" - title="minio console" - - app="minio" - platform: google queries: - - intitle:"minio console" - intitle:"minio browser" + - intitle:"minio console" - name: umbraco_cms vendor: umbraco @@ -4053,13 +4053,13 @@ - html:'content="papercut' - platform: shodan queries: + - http.html:'content="papercut' - cpe:"cpe:2.3:a:papercut:papercut_ng" - http.html:"content=\"papercut\"" - - http.html:'content="papercut' - platform: fofa queries: - - body="content=\"papercut\"" - body='content="papercut' + - body="content=\"papercut\"" - name: ilias vendor: ilias @@ -4114,8 +4114,8 @@ engines: - platform: shodan queries: - - http.title:"kubeview" - http.favicon.hash:-379154636 + - http.title:"kubeview" - platform: fofa queries: - title="kubeview" @@ -4183,8 +4183,8 @@ engines: - platform: shodan queries: - - http.title:"h2 console" - cpe:"cpe:2.3:a:h2database:h2" + - http.title:"h2 console" - platform: fofa queries: - title="h2 console" @@ -4241,13 +4241,13 @@ - platform: shodan queries: - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" - - http.favicon.hash:"-244067125" - http.html:"solarview compact" + - http.favicon.hash:"-244067125" - platform: fofa queries: - - body="solarview compact" - - body="solarview compact" && title="top" - icon_hash="-244067125" + - body="solarview compact" && title="top" + - body="solarview compact" - name: backup_appliance vendor: exagrid @@ -4304,8 +4304,8 @@ - http.html:"plesk-build" - platform: fofa queries: - - body="plesk onyx" http.html:"plesk-build" - body="plesk-build" + - body="plesk onyx" http.html:"plesk-build" - name: filr vendor: microfocus @@ -4388,8 +4388,8 @@ engines: - platform: fofa queries: - - icon_hash=1090061843 - title="webtitan" + - icon_hash=1090061843 - platform: shodan queries: - http.favicon.hash:1090061843 @@ -4486,8 +4486,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1582430156 - http.html:"apache superset" + - http.favicon.hash:1582430156 - platform: fofa queries: - body="apache superset" @@ -4529,8 +4529,8 @@ - http.title:"check point ssl network extender" - platform: fofa queries: - - title="ssl network extender login" - title="check point ssl network extender" + - title="ssl network extender login" - name: jboss_enterprise_web_platform vendor: redhat @@ -4688,16 +4688,16 @@ engines: - platform: shodan queries: - - http.title:"adselfservice plus" - http.title:"manageengine" + - http.title:"adselfservice plus" - platform: fofa queries: - title="adselfservice plus" - title="manageengine" - platform: google queries: - - intitle:"manageengine" - intitle:"adselfservice plus" + - intitle:"manageengine" - name: routeros vendor: mikrotik @@ -4750,8 +4750,8 @@ - intitle:"qnap turbo nas" inurl:/cgi-bin - platform: shodan queries: - - product:"qnap" - http.title:"qnap turbo nas" inurl:/cgi-bin + - product:"qnap" - platform: fofa queries: - title="qnap turbo nas" inurl:/cgi-bin @@ -4763,16 +4763,16 @@ - platform: shodan queries: - http.title:"qnap" - - http.title:"photo station" - 'content-length: 580 "http server 1.0"' + - http.title:"photo station" - platform: fofa queries: - title="qnap" - title="photo station" - platform: google queries: - - intitle:"photo station" - intitle:"qnap" + - intitle:"photo station" - name: smart_software_manager_on-prem vendor: cisco @@ -4862,12 +4862,12 @@ - http.title:"h-sphere" - platform: fofa queries: - - title="parallels h-sphere" - title="h-sphere" + - title="parallels h-sphere" - platform: google queries: - - intitle:"parallels h-sphere" - intitle:"h-sphere" + - intitle:"parallels h-sphere" - name: maximo_asset_management vendor: ibm @@ -4886,8 +4886,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:ibm:websphere_portal" - http.html:"ibm websphere portal" + - cpe:"cpe:2.3:a:ibm:websphere_portal" - platform: fofa queries: - body="ibm websphere portal" @@ -4909,9 +4909,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:adobe:experience_manager" - http.title:"aem sign in" - http.component:"adobe experience manager" - - cpe:"cpe:2.3:a:adobe:experience_manager" - platform: fofa queries: - title="aem sign in" @@ -4925,16 +4925,16 @@ engines: - platform: shodan queries: - - http.title:"adobe connect" - http.title:"openvpn connect" + - http.title:"adobe connect" - platform: fofa queries: - title="adobe connect" - title="openvpn connect" - platform: google queries: - - intitle:"openvpn connect" - intitle:"adobe connect" + - intitle:"openvpn connect" - name: rg-uac_firmware vendor: ruijie @@ -4978,17 +4978,17 @@ engines: - platform: shodan queries: - - http.title:"install concrete5" - - http.title:"concrete5" - cpe:"cpe:2.3:a:concrete5:concrete5" + - http.title:"concrete5" + - http.title:"install concrete5" - platform: fofa queries: - - title="concrete5" - title="install concrete5" + - title="concrete5" - platform: google queries: - - intitle:"concrete5" - intitle:"install concrete5" + - intitle:"concrete5" - name: apisix vendor: apache @@ -5010,8 +5010,8 @@ engines: - platform: fofa queries: - - app="apache-mesos" - title="mesos" + - app="apache-mesos" - platform: shodan queries: - http.title:"mesos" @@ -5072,8 +5072,8 @@ - http.title:"fortiwlm" - platform: fofa queries: - - body="fortiwlm" - title="fortiwlm" + - body="fortiwlm" - platform: google queries: - intitle:"fortiwlm" @@ -5098,14 +5098,14 @@ engines: - platform: shodan queries: + - http.favicon.hash:945408572 - cpe:"cpe:2.3:o:fortinet:fortios" - - port:10443 http.favicon.hash:945408572 - http.html:"/remote/login" "xxxxxxxx" - - http.favicon.hash:945408572 + - port:10443 http.favicon.hash:945408572 - platform: fofa queries: - - body="/remote/login" "xxxxxxxx" - icon_hash=945408572 + - body="/remote/login" "xxxxxxxx" - name: fortiap vendor: fortinet @@ -5184,14 +5184,14 @@ engines: - platform: shodan queries: - - http.html:"struts problem report" - http.title:"struts2 showcase" - http.html:"apache struts" + - http.html:"struts problem report" - platform: fofa queries: - - body="struts problem report" - title="struts2 showcase" - body="apache struts" + - body="struts problem report" - platform: google queries: - intitle:"struts2 showcase" @@ -5310,8 +5310,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -5388,8 +5388,8 @@ engines: - platform: shodan queries: - - http.html:"microweber" - http.favicon.hash:780351152 + - http.html:"microweber" - platform: fofa queries: - icon_hash=780351152 @@ -5526,8 +5526,8 @@ - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -5582,12 +5582,12 @@ engines: - platform: fofa queries: - - header="think_lang" - title="thinkphp" + - header="think_lang" - platform: shodan queries: - - cpe:"cpe:2.3:a:thinkphp:thinkphp" - http.title:"thinkphp" + - cpe:"cpe:2.3:a:thinkphp:thinkphp" - platform: google queries: - intitle:"thinkphp" @@ -5598,12 +5598,12 @@ engines: - platform: shodan queries: - - http.title:"emerge" - http.title:"linear emerge" + - http.title:"emerge" - platform: fofa queries: - - title="emerge" - title="linear emerge" + - title="emerge" - platform: google queries: - intitle:"linear emerge" @@ -5623,8 +5623,8 @@ engines: - platform: shodan queries: - - http.html:"wn530hg4" - http.title:"wi-fi app login" + - http.html:"wn530hg4" - platform: fofa queries: - body="wn530hg4" @@ -5697,8 +5697,8 @@ - http.favicon.hash:-266008933 - platform: fofa queries: - - 'sap-server:' - icon_hash=-266008933 + - 'sap-server:' - name: 11n_firmware vendor: tenda @@ -5721,12 +5721,12 @@ engines: - platform: shodan queries: - - http.html:"pmb group" - http.favicon.hash:1469328760 + - http.html:"pmb group" - platform: fofa queries: - - icon_hash=1469328760 - body="pmb group" + - icon_hash=1469328760 - name: eshop_-_ecommerce_\/_store_website vendor: wrteam @@ -5901,8 +5901,8 @@ engines: - platform: shodan queries: - - http.html:"atmail" - http.html:"powered by atmail" + - http.html:"atmail" - platform: fofa queries: - body="atmail" @@ -6068,8 +6068,8 @@ - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -6103,12 +6103,12 @@ - platform: fofa queries: - title="openvpn connect" - - icon_hash=217119619 - app="rstudio-connect" + - icon_hash=217119619 - platform: shodan queries: - - http.favicon.hash:217119619 - http.title:"openvpn connect" + - http.favicon.hash:217119619 - platform: google queries: - intitle:"openvpn connect" @@ -6137,8 +6137,8 @@ - body="ofbiz" - platform: shodan queries: - - ofbiz.visitor= - http.html:"ofbiz" + - ofbiz.visitor= - name: flatpress vendor: flatpress @@ -6146,12 +6146,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1189292869 - http.html:"flatpress" + - http.favicon.hash:-1189292869 - platform: fofa queries: - - icon_hash=-1189292869 - body="flatpress" + - icon_hash=-1189292869 - name: masacms vendor: masacms @@ -6290,9 +6290,9 @@ engines: - platform: fofa queries: - - icon_hash="1624375939" - icon_hash="475145467" - app="zimbra-邮件系统" + - icon_hash="1624375939" - platform: shodan queries: - http.favicon.hash:"1624375939" @@ -6605,8 +6605,8 @@ engines: - platform: google queries: - - inurl:"/wp-content/plugins/duplicator" - inurl:/backups-dup-lite/dup-installer/ + - inurl:"/wp-content/plugins/duplicator" - name: dogtagpki vendor: dogtagpki @@ -6709,8 +6709,8 @@ engines: - platform: shodan queries: - - http.component:"bitbucket" - cpe:"cpe:2.3:a:atlassian:bitbucket" + - http.component:"bitbucket" - name: lin-cms-spring-boot vendor: talelin @@ -6762,8 +6762,8 @@ - icon_hash="-631559155" - platform: shodan queries: - - http.favicon.hash:"-631559155" - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + - http.favicon.hash:"-631559155" - name: User Meta vendor: User Meta @@ -6833,8 +6833,8 @@ engines: - platform: fofa queries: - - title="ibm odm" - body="ibm odm" + - title="ibm odm" - platform: shodan queries: - http.html:"ibm odm" @@ -6895,13 +6895,13 @@ engines: - platform: fofa queries: - - app="goanywhere-mft" - - icon_hash=1484947000 - icon_hash=1484947000,1828756398,1170495932 + - icon_hash=1484947000 + - app="goanywhere-mft" - platform: shodan queries: - - http.favicon.hash:1484947000,1828756398,1170495932 - http.favicon.hash:1484947000 + - http.favicon.hash:1484947000,1828756398,1170495932 - platform: zoomeye queries: - app:"fortra goanywhere-mft" @@ -6935,8 +6935,8 @@ engines: - platform: fofa queries: - - title="eyoucms" - icon_hash="-614262549" + - title="eyoucms" - platform: shodan queries: - http.favicon.hash:"-614262549" @@ -6963,18 +6963,18 @@ engines: - platform: fofa queries: - - body=/wp-content/plugins/eventon/ - - wp-content/plugins/eventon/ - body=/wp-content/plugins/eventon-lite/ + - wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon-lite/ - /wp-content/plugins/eventon/ - platform: shodan queries: + - http.html:/wp-content/plugins/eventon-lite/ - http.html:/wp-content/plugins/eventon/ - vuln:cve-2023-2796 - - http.html:/wp-content/plugins/eventon-lite/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7027,8 +7027,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - xwiki - http.html:"data-xwiki-reference" + - xwiki - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7072,8 +7072,8 @@ engines: - platform: shodan queries: - - http.title:"verta ai" - http.favicon.hash:-2097033750 + - http.title:"verta ai" - platform: zoomeye queries: - title:"verta ai" @@ -7129,12 +7129,12 @@ - http.title:"vmware vrealize network insight" - platform: fofa queries: - - title="vmware aria operations" - title="vmware vrealize network insight" + - title="vmware aria operations" - platform: google queries: - - intitle:"vmware vrealize network insight" - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" - name: mlflow vendor: lfprojects @@ -7145,8 +7145,8 @@ - http.title:"mlflow" - platform: fofa queries: - - title="mlflow" - app="mlflow" + - title="mlflow" - platform: google queries: - intitle:"mlflow" @@ -7268,8 +7268,8 @@ engines: - platform: fofa queries: - - body="powerjob" - app="powerjob" + - body="powerjob" - platform: shodan queries: - http.html:"powerjob" @@ -7468,8 +7468,8 @@ engines: - platform: shodan queries: - - http.html:"wago" - http.html:"/wbm/" html:"wago" + - http.html:"wago" - platform: fofa queries: - body="wago" @@ -7592,9 +7592,9 @@ engines: - platform: shodan queries: - - http.html:"papercut" - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_mf" + - http.html:"papercut" - platform: fofa queries: - body="content=\"papercut\"" @@ -7853,9 +7853,9 @@ - craftcms - platform: shodan queries: - - http.favicon.hash:-47932290 - http.html:craftcms - cpe:"cpe:2.3:a:craftcms:craft_cms" + - http.favicon.hash:-47932290 - platform: fofa queries: - body=craftcms @@ -8045,8 +8045,8 @@ - platform: shodan queries: - http.title:"opencms" - - /opencms/ - cpe:"cpe:2.3:a:alkacon:opencms" + - /opencms/ - platform: fofa queries: - title="opencms" @@ -8175,14 +8175,14 @@ - intitle:"powered by vbulletin" - platform: shodan queries: - - cpe:"cpe:2.3:a:vbulletin:vbulletin" - - http.html:"powered by vbulletin" - - http.title:"powered by vbulletin" - http.component:"vbulletin" + - http.title:"powered by vbulletin" + - http.html:"powered by vbulletin" + - cpe:"cpe:2.3:a:vbulletin:vbulletin" - platform: fofa queries: - - body="powered by vbulletin" - title="powered by vbulletin" + - body="powered by vbulletin" - name: webui-aria2 vendor: ziahamza @@ -8299,8 +8299,8 @@ engines: - platform: fofa queries: - - icon_hash="702863115" - moosocial + - icon_hash="702863115" - platform: shodan queries: - http.favicon.hash:"702863115" @@ -8389,8 +8389,8 @@ engines: - platform: fofa queries: - - app="majordomosl" - icon_hash=1903390397 + - app="majordomosl" - platform: shodan queries: - http.favicon.hash:1903390397 @@ -8401,8 +8401,8 @@ engines: - platform: shodan queries: - - http.html:"cockpit" - http.favicon.hash:688609340 + - http.html:"cockpit" - platform: fofa queries: - body="cockpit" @@ -8517,12 +8517,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:463802404 - http.html:"ray dashboard" + - http.favicon.hash:463802404 - platform: fofa queries: - - body="ray dashboard" - icon_hash=463802404 + - body="ray dashboard" - name: magnusbilling vendor: magnussolution @@ -8571,18 +8571,18 @@ engines: - platform: shodan queries: + - http.title:"icewarp" - http.title:"icewarp server administration" - cpe:"cpe:2.3:a:icewarp:mail_server" - - http.title:"icewarp" - platform: fofa queries: - title="icewarp server administration" - title="icewarp" - platform: google queries: - - powered by icewarp 10.4.4 - - intitle:"icewarp" - intitle:"icewarp server administration" + - intitle:"icewarp" + - powered by icewarp 10.4.4 - name: timekeeper vendor: fsmlabs @@ -8659,8 +8659,8 @@ engines: - platform: fofa queries: - - app="kubeoperator" - body="kubeoperator" + - app="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8723,8 +8723,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:home-assistant:home-assistant" - http.title:"home assistant" + - cpe:"cpe:2.3:a:home-assistant:home-assistant" - platform: fofa queries: - title="home assistant" @@ -8776,8 +8776,8 @@ engines: - platform: shodan queries: - - '"microsoft-iis" "2015"' - cpe:"cpe:2.3:o:microsoft:windows_7" + - '"microsoft-iis" "2015"' - name: tivoli_common_reporting vendor: ibm @@ -8812,8 +8812,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:atlassian:confluence" - http.component:"atlassian confluence" + - cpe:"cpe:2.3:a:atlassian:confluence" - name: mypixs vendor: mypixs_project @@ -8979,8 +8979,8 @@ engines: - platform: shodan queries: - - http.title:"phppgadmin" - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + - http.title:"phppgadmin" - platform: fofa queries: - title="phppgadmin" @@ -9107,8 +9107,8 @@ engines: - platform: shodan queries: - - http.title:"jboss" - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" + - http.title:"jboss" - platform: fofa queries: - title="jboss" @@ -9126,12 +9126,12 @@ - http.title:"gotify" - platform: fofa queries: - - title="gotify" - title="icewarp" + - title="gotify" - platform: google queries: - - intitle:"gotify" - intitle:"icewarp" + - intitle:"gotify" - name: twitter_button vendor: bestwebsoft @@ -9220,8 +9220,8 @@ engines: - platform: fofa queries: - - body="dedecms" - app="dedecms" + - body="dedecms" - platform: shodan queries: - http.html:"dedecms" @@ -9303,8 +9303,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:http_server" - apache 2.4.49 + - cpe:"cpe:2.3:a:apache:http_server" - name: laravel vendor: laravel @@ -9315,8 +9315,8 @@ - app="laravel-framework" - platform: shodan queries: - - laravel-framework - cpe:"cpe:2.3:a:laravel:laravel" + - laravel-framework - name: contact_form_multi vendor: bestwebsoft @@ -9492,8 +9492,8 @@ engines: - platform: fofa queries: - - body="amcrest" - amcrest + - body="amcrest" - platform: shodan queries: - http.html:"amcrest" @@ -10005,13 +10005,13 @@ engines: - platform: shodan queries: - - http.html:"fudforum" - http.html:fudforum" + - http.html:"fudforum" - 'http.html:"powered by: fudforum"' - platform: fofa queries: + - body=fudforum" - 'body="powered by: fudforum"' - - body="fudforum" - name: vigorconnect vendor: draytek @@ -10427,8 +10427,8 @@ engines: - platform: shodan queries: - - http.html:"resin" - cpe:"cpe:2.3:a:caucho:resin" + - http.html:"resin" - platform: fofa queries: - body="resin" @@ -10443,9 +10443,9 @@ - http.title:"jellyfin" - platform: fofa queries: - - title="jellyfin" || body="http://jellyfin.media" - - body="jellyfin" - title="jellyfin" + - body="jellyfin" + - title="jellyfin" || body="http://jellyfin.media" - platform: google queries: - intitle:"jellyfin" @@ -10590,8 +10590,8 @@ engines: - platform: fofa queries: - - title="oracle access management" - body="/oam/pages/css/login_page.css" + - title="oracle access management" - platform: shodan queries: - http.title:"oracle access management" @@ -10831,12 +10831,12 @@ engines: - platform: fofa queries: - - body="javax.faces.resource" - body="javax.faces.viewstate" + - body="javax.faces.resource" - platform: shodan queries: - - http.html:"javax.faces.resource" - http.html:"javax.faces.viewstate" + - http.html:"javax.faces.resource" - name: wn575a4_firmware vendor: wavlink @@ -10915,8 +10915,8 @@ - http.favicon.hash:-2032163853 - platform: fofa queries: - - icon_hash=-2032163853 - title="login - jorani" + - icon_hash=-2032163853 - platform: google queries: - intitle:"login - jorani" @@ -11303,8 +11303,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-266008933 - cpe:"cpe:2.3:a:sap:netweaver" + - http.favicon.hash:-266008933 - platform: fofa queries: - icon_hash=-266008933 @@ -11329,8 +11329,8 @@ - icon_hash="-1180440057" - platform: shodan queries: - - http.component:"swagger" - http.favicon.hash:"-1180440057" + - http.component:"swagger" - name: openssh vendor: openbsd @@ -15187,12 +15187,12 @@ - platform: shodan queries: - cpe:"cpe:2.3:h:contec:solarview_compact" - - http.favicon.hash:"-244067125" - http.html:"solarview compact" + - http.favicon.hash:"-244067125" - platform: fofa queries: - - body="solarview compact" - icon_hash="-244067125" + - body="solarview compact" - name: mc3 vendor: crestron @@ -16096,8 +16096,8 @@ engines: - platform: shodan queries: - - http.title:"roteador wireless" - cpe:"cpe:2.3:h:dlink:dir-615" + - http.title:"roteador wireless" - platform: fofa queries: - title="roteador wireless" @@ -18295,8 +18295,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:linux:linux_kernel" - http.html:"aspera faspex" + - cpe:"cpe:2.3:o:linux:linux_kernel" - platform: fofa queries: - body="aspera faspex" @@ -18762,8 +18762,8 @@ engines: - platform: fofa queries: - - icon_hash=1090061843 - title="webtitan" + - icon_hash=1090061843 - platform: shodan queries: - http.title:"webtitan" @@ -19076,18 +19076,18 @@ engines: - platform: fofa queries: - - title="openemr" + - icon_hash=1971268439 - body="openemr" - app="openemr" - - icon_hash=1971268439 + - title="openemr" - platform: google queries: - intitle:"openemr" - platform: shodan queries: - - http.html:"openemr" - http.title:"openemr" - http.favicon.hash:1971268439 + - http.html:"openemr" - name: download_monitor vendor: mikejolley @@ -19211,8 +19211,8 @@ engines: - platform: shodan queries: - - http.html:"__gradio_mode__" - http.title:"gradio" + - http.html:"__gradio_mode__" - platform: fofa queries: - title="gradio" @@ -19320,6 +19320,17 @@ queries: - body=/wp-content/plugins/3dprint-lite/ +- name: jfinalcms + vendor: jfinalcms_project + type: product + engines: + - platform: fofa + queries: + - body="content=\"jrecms" + - platform: shodan + queries: + - http.html:"content=\"jrecms" + - name: sudo vendor: sudo_project type: product @@ -23513,14 +23524,6 @@ type: product engines: [] -- name: jfinalcms - vendor: jfinalcms_project - type: product - engines: - - platform: fofa - queries: - - body="content=\"jrecms" - - name: codekop vendor: codekop type: product