diff --git a/QUERIES.yaml b/QUERIES.yaml index f7c0e1d..1f99db3 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -56,9 +56,9 @@ engines: - platform: shodan queries: - - http.title:"ws_ftp server web transfer" - - ws_ftp port:22 - http.title:"ad hoc transfer" + - ws_ftp port:22 + - http.title:"ws_ftp server web transfer" - platform: fofa queries: - title="ws_ftp server web transfer" @@ -115,17 +115,17 @@ - platform: shodan queries: - http.title:"sign in - airflow" - - product:"redis" - http.title:"airflow - dags" || http.html:"apache airflow" + - product:"redis" - platform: fofa queries: - - title="sign in - airflow" - title="airflow - dags" || http.html:"apache airflow" - apache airflow + - title="sign in - airflow" - platform: google queries: - - intitle:"sign in - airflow" - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" - name: geode vendor: apache @@ -201,9 +201,9 @@ engines: - platform: shodan queries: - - http.component:"atlassian confluence" - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian confluence" - name: arcgis_server vendor: esri @@ -238,9 +238,9 @@ engines: - platform: shodan queries: + - http.title:"apache tomcat" - http.html:"apache tomcat" - cpe:"cpe:2.3:a:apache:tomcat" - - http.title:"apache tomcat" - platform: fofa queries: - title="apache tomcat" @@ -296,12 +296,12 @@ engines: - platform: shodan queries: - - http.html:"genieacs" - http.favicon.hash:-2098066288 + - http.html:"genieacs" - platform: fofa queries: - - body="genieacs" - icon_hash=-2098066288 + - body="genieacs" - name: dg3450 vendor: commscope @@ -334,14 +334,14 @@ engines: - platform: shodan queries: - - http.favicon.hash:1768726119 + - http.title:"outlook" - cpe:"cpe:2.3:a:microsoft:exchange_server" + - http.favicon.hash:1768726119 - vuln:cve-2021-26855 - - http.title:"outlook" - platform: fofa queries: - - icon_hash=1768726119 - title="outlook" + - icon_hash=1768726119 - platform: google queries: - intitle:"outlook" @@ -363,8 +363,8 @@ engines: - platform: fofa queries: - - title=="thruk monitoring webinterface" - body="thruk" + - title=="thruk monitoring webinterface" - platform: shodan queries: - http.html:"thruk" @@ -378,8 +378,8 @@ - http.title:"nagios xi" - platform: fofa queries: - - app="nagios-xi" - title="nagios xi" + - app="nagios-xi" - platform: google queries: - intitle:"nagios xi" @@ -489,8 +489,8 @@ - http.html:"weiphp5.0" - platform: fofa queries: - - body="weiphp5.0" - body="weiphp" + - body="weiphp5.0" - name: processwire vendor: processwire @@ -527,8 +527,8 @@ - product:"rhinosoft serv-u httpd" - platform: fofa queries: - - body="serv-u" - server="serv-u" + - body="serv-u" - name: api_manager vendor: wso2 @@ -610,8 +610,8 @@ - platform: fofa queries: - title="osticket installer" - - body="powered by osticket" - title="osticket" + - body="powered by osticket" - platform: google queries: - intitle:"osticket" @@ -772,13 +772,13 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gitea:gitea" - - http.html:"powered by gitea version" - http.title:"gitea" + - http.html:"powered by gitea version" + - cpe:"cpe:2.3:a:gitea:gitea" - platform: fofa queries: - - body="powered by gitea version" - title="gitea" + - body="powered by gitea version" - platform: google queries: - intitle:"gitea" @@ -837,13 +837,13 @@ engines: - platform: shodan queries: - - http.title:"cpanel - api codes" - http.title:"cpanel" + - http.title:"cpanel - api codes" - cpe:"cpe:2.3:a:cpanel:cpanel" - platform: fofa queries: - - title="cpanel" - title="cpanel - api codes" + - title="cpanel" - platform: google queries: - intitle:"cpanel" @@ -871,12 +871,12 @@ - platform: shodan queries: - http.title:"phpmyadmin" - - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - http.component:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - platform: fofa queries: - - title="phpmyadmin" - body="pma_servername" && body="4.8.4" + - title="phpmyadmin" - platform: google queries: - intitle:"phpmyadmin" @@ -890,8 +890,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:hashicorp:consul" - http.title:"consul by hashicorp" + - cpe:"cpe:2.3:a:hashicorp:consul" - platform: fofa queries: - title="consul by hashicorp" @@ -930,8 +930,8 @@ engines: - platform: shodan queries: - - http.html:"welcome.cgi?p=logo" - http.title:"ivanti connect secure" + - http.html:"welcome.cgi?p=logo" - platform: fofa queries: - title="ivanti connect secure" @@ -985,8 +985,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:drupal:drupal" - http.component:"drupal" + - cpe:"cpe:2.3:a:drupal:drupal" - name: piwigo vendor: piwigo @@ -994,8 +994,8 @@ engines: - platform: fofa queries: - - title="piwigo" - icon_hash=540706145 + - title="piwigo" - platform: google queries: - powered by piwigo @@ -1034,8 +1034,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - http.title:phppgadmin + - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - platform: fofa queries: - title=phppgadmin @@ -1188,8 +1188,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-633108100 - http.title:"sign in - appwrite" + - http.favicon.hash:-633108100 - platform: fofa queries: - icon_hash=-633108100 @@ -1216,9 +1216,9 @@ - platform: fofa queries: - icon_hash=-74348711 + - title="qlik-sense" - body="qlik" - app="qlik-sense" - - title="qlik-sense" - platform: shodan queries: - http.html:"qlik" @@ -1274,8 +1274,8 @@ - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit" - intitle:"metasploit - setup and configuration" + - intitle:"metasploit" - name: linkerd vendor: linkerd @@ -1462,14 +1462,14 @@ - intitle:"3cx webclient" - platform: shodan queries: - - http.favicon.hash:970132176 - http.title:"3cx phone system management console" + - http.favicon.hash:970132176 - http.title:"3cx webclient" - platform: fofa queries: + - title="3cx phone system management console" - icon_hash=970132176 - title="3cx webclient" - - title="3cx phone system management console" - name: lansweeper vendor: lansweeper @@ -1491,16 +1491,16 @@ engines: - platform: google queries: - - intitle:"st web client" - intitle:"securetransport" || http.favicon.hash:1330269434 + - intitle:"st web client" - platform: shodan queries: - http.title:"securetransport" || http.favicon.hash:1330269434 - http.title:"st web client" - platform: fofa queries: - - title="st web client" - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" - name: spark vendor: apache @@ -1508,8 +1508,8 @@ engines: - platform: shodan queries: - - http.html:"/apps/imt/html/" - http.title:"spark master at" + - http.html:"/apps/imt/html/" - platform: fofa queries: - body="/apps/imt/html/" @@ -1581,8 +1581,8 @@ - http.html:"amcrest" "ldap user" - platform: fofa queries: - - body="amcrest" "ldap user" - body="amcrest" + - body="amcrest" "ldap user" - name: influxdb vendor: influxdata @@ -1590,8 +1590,8 @@ engines: - platform: shodan queries: - - http.title:"influxdb - admin interface" - influxdb + - http.title:"influxdb - admin interface" - platform: fofa queries: - title="influxdb - admin interface" @@ -1625,8 +1625,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - http.title:"sign in - gogs" - cpe:"cpe:2.3:a:gogs:gogs" + - http.title:"sign in - gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1665,8 +1665,8 @@ - http.favicon.hash:-82958153 - platform: fofa queries: - - app="screenconnect-remote-support-software" - icon_hash=-82958153 + - app="screenconnect-remote-support-software" - platform: hunter queries: - app.name="connectwise screenconnect software" @@ -1765,13 +1765,13 @@ - http.title:"pyload" - platform: fofa queries: + - body="pyload" - title="pyload" - title="login - pyload" - - body="pyload" - platform: google queries: - - intitle:"login - pyload" - intitle:"pyload" + - intitle:"login - pyload" - platform: zoomeye queries: - app:"pyload" @@ -1843,12 +1843,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1324930554 - http.favicon.hash:464587962 + - http.favicon.hash:-1324930554 - platform: fofa queries: - - icon_hash=464587962 - icon_hash=-1324930554 + - icon_hash=464587962 - name: sfos vendor: sophos @@ -1943,13 +1943,13 @@ engines: - platform: shodan queries: - - http.title:"keycloak" - http.html:"keycloak" - http.favicon.hash:-1105083093 + - http.title:"keycloak" - platform: fofa queries: - - icon_hash=-1105083093 - body="keycloak" + - icon_hash=-1105083093 - title="keycloak" - platform: google queries: @@ -1986,16 +1986,16 @@ engines: - platform: shodan queries: - - http.title:"kafka center" - http.title:"kafka consumer offset monitor" + - http.title:"kafka center" - platform: fofa queries: - title="kafka center" - title="kafka consumer offset monitor" - platform: google queries: - - intitle:"kafka center" - intitle:"kafka consumer offset monitor" + - intitle:"kafka center" - name: open-xchange_appsuite vendor: open-xchange @@ -2014,8 +2014,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:solr" - http.title:"apache solr" + - cpe:"cpe:2.3:a:apache:solr" - http.title:"solr admin" - platform: fofa queries: @@ -2209,9 +2209,9 @@ engines: - platform: shodan queries: - - http.title:"contao" - - cpe:"cpe:2.3:a:contao:contao" - http.html:"contao open source cms" + - cpe:"cpe:2.3:a:contao:contao" + - http.title:"contao" - platform: fofa queries: - title="contao" @@ -2240,9 +2240,9 @@ engines: - platform: fofa queries: - - title="cacti" - title="login to cacti" - icon_hash="-1797138069" + - title="cacti" - platform: shodan queries: - http.favicon.hash:"-1797138069" @@ -2284,16 +2284,16 @@ engines: - platform: google queries: - - intitle:"jedox web - login" - intitle:"jedox web login" + - intitle:"jedox web - login" - platform: shodan queries: - http.title:"jedox web - login" - http.title:"jedox web login" - platform: fofa queries: - - title="jedox web - login" - title="jedox web login" + - title="jedox web - login" - name: jaspersoft vendor: tibco @@ -2357,13 +2357,13 @@ engines: - platform: shodan queries: + - http.title:"zabbix-server" - cpe:"cpe:2.3:a:zabbix:zabbix" - http.favicon.hash:892542951 - - http.title:"zabbix-server" - platform: fofa queries: - - app="zabbix-监控系统" && body="saml" - icon_hash=892542951 + - app="zabbix-监控系统" && body="saml" - title="zabbix-server" - platform: google queries: @@ -2379,8 +2379,8 @@ - http.title:"incapptic" - platform: fofa queries: - - icon_hash=-1067582922 - title="incapptic" + - icon_hash=-1067582922 - platform: google queries: - intitle:"incapptic" @@ -2405,8 +2405,8 @@ engines: - platform: fofa queries: - - title="cloudpanel" - icon_hash="151132309" + - title="cloudpanel" - platform: shodan queries: - http.title:"cloudpanel" @@ -2435,8 +2435,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:matomo:matomo" - http.favicon.hash:-2023266783 + - cpe:"cpe:2.3:a:matomo:matomo" - platform: fofa queries: - icon_hash=-2023266783 @@ -2487,8 +2487,8 @@ - http.html:responsiveui - platform: fofa queries: - - body="totemomail" inurl:responsiveui - body=responsiveui + - body="totemomail" inurl:responsiveui - name: vibe vendor: microfocus @@ -2652,8 +2652,8 @@ - http.title:"create a pipeline - go" html:"gocd version" - platform: fofa queries: - - title="create a pipeline - go" html:"gocd version" - body="gocd version" + - title="create a pipeline - go" html:"gocd version" - platform: google queries: - intitle:"create a pipeline - go" html:"gocd version" @@ -2692,15 +2692,15 @@ engines: - platform: fofa queries: - - app="openemr" + - title="openemr" - body="openemr" + - app="openemr" - icon_hash=1971268439 - - title="openemr" - platform: shodan queries: - - http.favicon.hash:1971268439 - - http.title:"openemr" - http.html:"openemr" + - http.title:"openemr" + - http.favicon.hash:1971268439 - platform: google queries: - intitle:"openemr" @@ -2832,16 +2832,16 @@ engines: - platform: shodan queries: - - http.title:"zimbra web client sign in" - http.title:"zimbra collaboration suite" + - http.title:"zimbra web client sign in" - platform: fofa queries: - - title="zimbra web client sign in" - title="zimbra collaboration suite" + - title="zimbra web client sign in" - platform: google queries: - - intitle:"zimbra web client sign in" - intitle:"zimbra collaboration suite" + - intitle:"zimbra web client sign in" - name: xxl-job vendor: xuxueli @@ -2985,8 +2985,8 @@ engines: - platform: shodan queries: - - http.html:"opencart" - cpe:"cpe:2.3:a:opencart:opencart" + - http.html:"opencart" - platform: fofa queries: - body="opencart" @@ -3044,8 +3044,8 @@ engines: - platform: shodan queries: - - http.html:"plesk obsidian" - http.title:"plesk obsidian" + - http.html:"plesk obsidian" - platform: fofa queries: - title="plesk obsidian" @@ -3146,8 +3146,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:joomla:joomla\!" - http.html:"joomla! - open source content management" + - cpe:"cpe:2.3:a:joomla:joomla\!" - http.component:"joomla" - platform: fofa queries: @@ -3173,8 +3173,8 @@ engines: - platform: shodan queries: - - http.title:"manager" product:"wowza streaming engine" - cpe:"cpe:2.3:a:wowza:streaming_engine" + - http.title:"manager" product:"wowza streaming engine" - platform: fofa queries: - title="manager" product:"wowza streaming engine" @@ -3188,8 +3188,8 @@ engines: - platform: shodan queries: - - 'x-powered-by: craft cms' - 'x-powered-by: craft cms html:"seomatic"' + - 'x-powered-by: craft cms' - name: opencats vendor: opencats @@ -3236,16 +3236,16 @@ engines: - platform: shodan queries: - - http.title:"icinga web 2 login" - http.title:"icinga" + - http.title:"icinga web 2 login" - platform: fofa queries: - - title="icinga" - title="icinga web 2 login" + - title="icinga" - platform: google queries: - - intitle:"icinga web 2 login" - intitle:"icinga" + - intitle:"icinga web 2 login" - name: successfactors vendor: sap @@ -3295,16 +3295,16 @@ engines: - platform: shodan queries: - - http.title:"pulsar admin console" - http.title:"pulsar admin ui" + - http.title:"pulsar admin console" - platform: fofa queries: - title="pulsar admin console" - title="pulsar admin ui" - platform: google queries: - - intitle:"pulsar admin console" - intitle:"pulsar admin ui" + - intitle:"pulsar admin console" - name: phabricator vendor: phacility @@ -3341,8 +3341,8 @@ - http.favicon.hash:1949005079 - platform: fofa queries: - - icon_hash=1949005079 - body="modoboa" + - icon_hash=1949005079 - name: monstra_cms vendor: monstra @@ -3405,8 +3405,8 @@ engines: - platform: shodan queries: - - http.title:teamcity - http.component:"teamcity" + - http.title:teamcity - platform: fofa queries: - title=teamcity @@ -3434,12 +3434,12 @@ engines: - platform: shodan queries: - - http.title:"grafana" - cpe:"cpe:2.3:a:grafana:grafana" + - http.title:"grafana" - platform: fofa queries: - - app="grafana" - title="grafana" + - app="grafana" - platform: google queries: - intitle:"grafana" @@ -3464,8 +3464,8 @@ engines: - platform: shodan queries: - - product:"activemq openwire transport" - cpe:"cpe:2.3:a:apache:activemq" + - product:"activemq openwire transport" - name: pandora_fms vendor: pandorafms @@ -3567,8 +3567,8 @@ engines: - platform: shodan queries: - - http.title:"servicenow" - http.favicon.hash:1701804003 + - http.title:"servicenow" - platform: fofa queries: - icon_hash=1701804003 @@ -3673,8 +3673,8 @@ engines: - platform: fofa queries: - - body="metersphere" - title="metersphere" + - body="metersphere" - platform: shodan queries: - http.html:"metersphere" @@ -3693,8 +3693,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:liferay:liferay_portal" - http.favicon.hash:129457226 + - cpe:"cpe:2.3:a:liferay:liferay_portal" - platform: fofa queries: - icon_hash=129457226 @@ -3830,12 +3830,12 @@ engines: - platform: fofa queries: - - app="ektron-cms" - body="ektron" + - app="ektron-cms" - platform: shodan queries: - - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" - http.html:"ektron" + - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" - name: kubernetes vendor: kubernetes @@ -3846,8 +3846,8 @@ - http.title:"kubernetes web view" - platform: fofa queries: - - app="kubernetes-enterprise-manager" - title="kubernetes web view" + - app="kubernetes-enterprise-manager" - platform: google queries: - intitle:"kubernetes web view" @@ -3858,14 +3858,14 @@ engines: - platform: shodan queries: - - http.title:"github enterprise" - http.title:"setup github enterprise" + - http.title:"github enterprise" - micro focus dsd - platform: fofa queries: + - title="setup github enterprise" - title="github enterprise" - app="github-enterprise" - - title="setup github enterprise" - platform: google queries: - intitle:"setup github enterprise" @@ -3989,14 +3989,14 @@ engines: - platform: shodan queries: - - http.title:"minio console" - - http.title:"minio browser" - cpe:"cpe:2.3:a:minio:minio" + - http.title:"minio browser" + - http.title:"minio console" - platform: fofa queries: - - app="minio" - title="minio browser" - title="minio console" + - app="minio" - platform: google queries: - intitle:"minio console" @@ -4053,9 +4053,9 @@ - html:'content="papercut' - platform: shodan queries: - - http.html:'content="papercut' - - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_ng" + - http.html:"content=\"papercut\"" + - http.html:'content="papercut' - platform: fofa queries: - body="content=\"papercut\"" @@ -4183,8 +4183,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:h2database:h2" - http.title:"h2 console" + - cpe:"cpe:2.3:a:h2database:h2" - platform: fofa queries: - title="h2 console" @@ -4240,14 +4240,14 @@ engines: - platform: shodan queries: - - http.favicon.hash:"-244067125" - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" + - http.favicon.hash:"-244067125" - http.html:"solarview compact" - platform: fofa queries: - - icon_hash="-244067125" - body="solarview compact" - body="solarview compact" && title="top" + - icon_hash="-244067125" - name: backup_appliance vendor: exagrid @@ -4388,8 +4388,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.favicon.hash:1090061843 @@ -4473,8 +4473,8 @@ - intitle:"ftm manager" - platform: shodan queries: - - http.html:"ftm manager" - http.title:"ftm manager" + - http.html:"ftm manager" - platform: fofa queries: - body="ftm manager" @@ -4521,12 +4521,12 @@ engines: - platform: google queries: - - intitle:"ssl network extender login" - intitle:"check point ssl network extender" + - intitle:"ssl network extender login" - platform: shodan queries: - - http.title:"check point ssl network extender" - http.title:"ssl network extender login" + - http.title:"check point ssl network extender" - platform: fofa queries: - title="ssl network extender login" @@ -4577,8 +4577,8 @@ - http.title:"manageengine desktop central 10" - platform: fofa queries: - - app="zoho-manageengine-desktop" - title="manageengine desktop central 10" + - app="zoho-manageengine-desktop" - platform: google queries: - intitle:"manageengine desktop central 10" @@ -4696,8 +4696,8 @@ - title="manageengine" - platform: google queries: - - intitle:"adselfservice plus" - intitle:"manageengine" + - intitle:"adselfservice plus" - name: routeros vendor: mikrotik @@ -4750,8 +4750,8 @@ - intitle:"qnap turbo nas" inurl:/cgi-bin - platform: shodan queries: - - http.title:"qnap turbo nas" inurl:/cgi-bin - product:"qnap" + - http.title:"qnap turbo nas" inurl:/cgi-bin - platform: fofa queries: - title="qnap turbo nas" inurl:/cgi-bin @@ -4762,8 +4762,8 @@ engines: - platform: shodan queries: - - http.title:"photo station" - http.title:"qnap" + - http.title:"photo station" - 'content-length: 580 "http server 1.0"' - platform: fofa queries: @@ -4771,8 +4771,8 @@ - title="photo station" - platform: google queries: - - intitle:"qnap" - intitle:"photo station" + - intitle:"qnap" - name: smart_software_manager_on-prem vendor: cisco @@ -4858,16 +4858,16 @@ engines: - platform: shodan queries: - - http.title:"h-sphere" - http.title:"parallels h-sphere" + - http.title:"h-sphere" - platform: fofa queries: - title="parallels h-sphere" - title="h-sphere" - platform: google queries: - - intitle:"h-sphere" - intitle:"parallels h-sphere" + - intitle:"h-sphere" - name: maximo_asset_management vendor: ibm @@ -4886,8 +4886,8 @@ engines: - platform: shodan queries: - - http.html:"ibm websphere portal" - cpe:"cpe:2.3:a:ibm:websphere_portal" + - http.html:"ibm websphere portal" - platform: fofa queries: - body="ibm websphere portal" @@ -4909,8 +4909,8 @@ engines: - platform: shodan queries: - - http.component:"adobe experience manager" - http.title:"aem sign in" + - http.component:"adobe experience manager" - cpe:"cpe:2.3:a:adobe:experience_manager" - platform: fofa queries: @@ -4925,16 +4925,16 @@ engines: - platform: shodan queries: - - http.title:"openvpn connect" - http.title:"adobe connect" + - http.title:"openvpn connect" - platform: fofa queries: - - title="openvpn connect" - title="adobe connect" + - title="openvpn connect" - platform: google queries: - - intitle:"adobe connect" - intitle:"openvpn connect" + - intitle:"adobe connect" - name: rg-uac_firmware vendor: ruijie @@ -4979,8 +4979,8 @@ - platform: shodan queries: - http.title:"install concrete5" - - cpe:"cpe:2.3:a:concrete5:concrete5" - http.title:"concrete5" + - cpe:"cpe:2.3:a:concrete5:concrete5" - platform: fofa queries: - title="concrete5" @@ -5098,14 +5098,14 @@ engines: - platform: shodan queries: - - port:10443 http.favicon.hash:945408572 - cpe:"cpe:2.3:o:fortinet:fortios" - - http.favicon.hash:945408572 + - port:10443 http.favicon.hash:945408572 - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 - platform: fofa queries: - - icon_hash=945408572 - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 - name: fortiap vendor: fortinet @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - icon_hash=-1961736892 - title="dzzoffice" + - icon_hash=-1961736892 - platform: shodan queries: - http.favicon.hash:-1961736892 @@ -5164,8 +5164,8 @@ engines: - platform: fofa queries: - - body="kkfileview" - app="kkfileview" + - body="kkfileview" - platform: shodan queries: - http.html:"kkfileview" @@ -5310,8 +5310,8 @@ engines: - platform: shodan queries: - - http.title:"sign in - gogs" - cpe:"cpe:2.3:a:gogs:gogs" + - http.title:"sign in - gogs" - platform: fofa queries: - title="sign in - gogs" @@ -5522,8 +5522,8 @@ engines: - platform: shodan queries: - - http.html:"wavlink" - http.title:"wi-fi app login" + - http.html:"wavlink" - platform: fofa queries: - title="wi-fi app login" @@ -5598,12 +5598,12 @@ engines: - platform: shodan queries: - - http.title:"linear emerge" - http.title:"emerge" + - http.title:"linear emerge" - platform: fofa queries: - - title="linear emerge" - title="emerge" + - title="linear emerge" - platform: google queries: - intitle:"linear emerge" @@ -5706,8 +5706,8 @@ engines: - platform: fofa queries: - - product=="tenda-11n-wireless-ap" - title="tenda 11n" + - product=="tenda-11n-wireless-ap" - platform: shodan queries: - http.title:"tenda 11n" @@ -5721,8 +5721,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1469328760 - http.html:"pmb group" + - http.favicon.hash:1469328760 - platform: fofa queries: - icon_hash=1469328760 @@ -6064,8 +6064,8 @@ engines: - platform: shodan queries: - - http.html:"wavlink" - http.title:"wi-fi app login" + - http.html:"wavlink" - platform: fofa queries: - title="wi-fi app login" @@ -6102,9 +6102,9 @@ engines: - platform: fofa queries: - - app="rstudio-connect" - - icon_hash=217119619 - title="openvpn connect" + - icon_hash=217119619 + - app="rstudio-connect" - platform: shodan queries: - http.favicon.hash:217119619 @@ -6133,8 +6133,8 @@ engines: - platform: fofa queries: - - body="ofbiz" - app="apache_ofbiz" + - body="ofbiz" - platform: shodan queries: - ofbiz.visitor= @@ -6150,8 +6150,8 @@ - http.html:"flatpress" - platform: fofa queries: - - body="flatpress" - icon_hash=-1189292869 + - body="flatpress" - name: masacms vendor: masacms @@ -6206,8 +6206,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:moodle:moodle" - http.title:"moodle" + - cpe:"cpe:2.3:a:moodle:moodle" - platform: fofa queries: - title="moodle" @@ -6290,9 +6290,9 @@ engines: - platform: fofa queries: + - icon_hash="1624375939" - icon_hash="475145467" - app="zimbra-邮件系统" - - icon_hash="1624375939" - platform: shodan queries: - http.favicon.hash:"1624375939" @@ -6452,8 +6452,8 @@ - http.html:"reprise license" - platform: fofa queries: - - body="reprise license" - body="reprise license manager" + - body="reprise license" - platform: google queries: - inurl:"/goforms/menu" @@ -6762,8 +6762,8 @@ - icon_hash="-631559155" - platform: shodan queries: - - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" - http.favicon.hash:"-631559155" + - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" - name: User Meta vendor: User Meta @@ -6833,8 +6833,8 @@ engines: - platform: fofa queries: - - body="ibm odm" - title="ibm odm" + - body="ibm odm" - platform: shodan queries: - http.html:"ibm odm" @@ -6895,9 +6895,9 @@ engines: - platform: fofa queries: - - icon_hash=1484947000,1828756398,1170495932 - app="goanywhere-mft" - icon_hash=1484947000 + - icon_hash=1484947000,1828756398,1170495932 - platform: shodan queries: - http.favicon.hash:1484947000,1828756398,1170495932 @@ -6963,18 +6963,18 @@ engines: - platform: fofa queries: + - body=/wp-content/plugins/eventon/ - wp-content/plugins/eventon/ - body=/wp-content/plugins/eventon-lite/ - - body=/wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon-lite/ - /wp-content/plugins/eventon/ - platform: shodan queries: + - http.html:/wp-content/plugins/eventon/ - vuln:cve-2023-2796 - http.html:/wp-content/plugins/eventon-lite/ - - http.html:/wp-content/plugins/eventon/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7027,8 +7027,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - http.html:"data-xwiki-reference" - xwiki + - http.html:"data-xwiki-reference" - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7133,8 +7133,8 @@ - title="vmware vrealize network insight" - platform: google queries: - - intitle:"vmware aria operations" - intitle:"vmware vrealize network insight" + - intitle:"vmware aria operations" - name: mlflow vendor: lfprojects @@ -7145,8 +7145,8 @@ - http.title:"mlflow" - platform: fofa queries: - - app="mlflow" - title="mlflow" + - app="mlflow" - platform: google queries: - intitle:"mlflow" @@ -7268,8 +7268,8 @@ engines: - platform: fofa queries: - - app="powerjob" - body="powerjob" + - app="powerjob" - platform: shodan queries: - http.html:"powerjob" @@ -7592,9 +7592,9 @@ engines: - platform: shodan queries: + - http.html:"papercut" - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_mf" - - http.html:"papercut" - platform: fofa queries: - body="content=\"papercut\"" @@ -7853,9 +7853,9 @@ - craftcms - platform: shodan queries: - - cpe:"cpe:2.3:a:craftcms:craft_cms" - - http.html:craftcms - http.favicon.hash:-47932290 + - http.html:craftcms + - cpe:"cpe:2.3:a:craftcms:craft_cms" - platform: fofa queries: - body=craftcms @@ -8044,9 +8044,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:alkacon:opencms" - - /opencms/ - http.title:"opencms" + - /opencms/ + - cpe:"cpe:2.3:a:alkacon:opencms" - platform: fofa queries: - title="opencms" @@ -8175,14 +8175,14 @@ - intitle:"powered by vbulletin" - platform: shodan queries: - - http.title:"powered by vbulletin" - - http.html:"powered by vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" + - http.html:"powered by vbulletin" + - http.title:"powered by vbulletin" - http.component:"vbulletin" - platform: fofa queries: - - title="powered by vbulletin" - body="powered by vbulletin" + - title="powered by vbulletin" - name: webui-aria2 vendor: ziahamza @@ -8287,8 +8287,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:spip:spip" - http.html:"spip.php?page=backend" + - cpe:"cpe:2.3:a:spip:spip" - platform: fofa queries: - body="spip.php?page=backend" @@ -8333,8 +8333,8 @@ - app="microsoft-sharepoint" - platform: shodan queries: - - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - http.headers_hash:-1968878704 + - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - name: manageengine_firewall_analyzer vendor: zohocorp @@ -8405,8 +8405,8 @@ - http.favicon.hash:688609340 - platform: fofa queries: - - icon_hash=688609340 - body="cockpit" + - icon_hash=688609340 - name: intercom_broadcast_system vendor: hikvision @@ -8517,8 +8517,8 @@ engines: - platform: shodan queries: - - http.html:"ray dashboard" - http.favicon.hash:463802404 + - http.html:"ray dashboard" - platform: fofa queries: - body="ray dashboard" @@ -8571,17 +8571,17 @@ engines: - platform: shodan queries: - - http.title:"icewarp" - http.title:"icewarp server administration" - cpe:"cpe:2.3:a:icewarp:mail_server" + - http.title:"icewarp" - platform: fofa queries: - title="icewarp server administration" - title="icewarp" - platform: google queries: - - intitle:"icewarp" - powered by icewarp 10.4.4 + - intitle:"icewarp" - intitle:"icewarp server administration" - name: timekeeper @@ -8650,8 +8650,8 @@ - http.html:requires a local sentry administrative user" - platform: fofa queries: - - 'body="note: requires a local sentry administrative user"' - body=requires a local sentry administrative user" + - 'body="note: requires a local sentry administrative user"' - name: kubeoperator vendor: fit2cloud @@ -8659,8 +8659,8 @@ engines: - platform: fofa queries: - - body="kubeoperator" - app="kubeoperator" + - body="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8723,8 +8723,8 @@ engines: - platform: shodan queries: - - http.title:"home assistant" - cpe:"cpe:2.3:a:home-assistant:home-assistant" + - http.title:"home assistant" - platform: fofa queries: - title="home assistant" @@ -8994,8 +8994,8 @@ engines: - platform: fofa queries: - - app="alcatel_lucent-omnipcx-enterprise" - title="omnipcx for enterprise" + - app="alcatel_lucent-omnipcx-enterprise" - platform: shodan queries: - http.title:"omnipcx for enterprise" @@ -9122,16 +9122,16 @@ engines: - platform: shodan queries: - - http.title:"gotify" - http.title:"icewarp" + - http.title:"gotify" - platform: fofa queries: - - title="icewarp" - title="gotify" + - title="icewarp" - platform: google queries: - - intitle:"icewarp" - intitle:"gotify" + - intitle:"icewarp" - name: twitter_button vendor: bestwebsoft @@ -9224,8 +9224,8 @@ - app="dedecms" - platform: shodan queries: - - cpe:"cpe:2.3:a:dedecms:dedecms" - http.html:"dedecms" + - cpe:"cpe:2.3:a:dedecms:dedecms" - name: custom_admin_page vendor: bestwebsoft @@ -9303,8 +9303,8 @@ engines: - platform: shodan queries: - - apache 2.4.49 - cpe:"cpe:2.3:a:apache:http_server" + - apache 2.4.49 - name: laravel vendor: laravel @@ -9557,8 +9557,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - http.title:"dokuwiki" + - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - platform: fofa queries: - title="dokuwiki" @@ -9766,8 +9766,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:106844876 - http.title:"revive adserver" + - http.favicon.hash:106844876 - platform: fofa queries: - title="revive adserver" @@ -10005,13 +10005,13 @@ engines: - platform: shodan queries: + - http.html:"fudforum" - http.html:fudforum" - 'http.html:"powered by: fudforum"' - - http.html:"fudforum" - platform: fofa queries: - - body="fudforum" - 'body="powered by: fudforum"' + - body="fudforum" - name: vigorconnect vendor: draytek @@ -10427,8 +10427,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:caucho:resin" - http.html:"resin" + - cpe:"cpe:2.3:a:caucho:resin" - platform: fofa queries: - body="resin" @@ -10439,13 +10439,13 @@ engines: - platform: shodan queries: - - http.title:"jellyfin" - http.html:"jellyfin" + - http.title:"jellyfin" - platform: fofa queries: + - title="jellyfin" || body="http://jellyfin.media" - body="jellyfin" - title="jellyfin" - - title="jellyfin" || body="http://jellyfin.media" - platform: google queries: - intitle:"jellyfin" @@ -10590,12 +10590,12 @@ engines: - platform: fofa queries: - - body="/oam/pages/css/login_page.css" - title="oracle access management" + - body="/oam/pages/css/login_page.css" - platform: shodan queries: - - http.html:"/oam/pages/css/login_page.css" - http.title:"oracle access management" + - http.html:"/oam/pages/css/login_page.css" - platform: google queries: - intitle:"oracle access management" @@ -10814,8 +10814,8 @@ - http.html:"micollab" - platform: fofa queries: - - body="micollab" - body="mitel" html:"micollab" + - body="micollab" - name: zzcms vendor: zzcms @@ -10831,8 +10831,8 @@ engines: - platform: fofa queries: - - body="javax.faces.viewstate" - body="javax.faces.resource" + - body="javax.faces.viewstate" - platform: shodan queries: - http.html:"javax.faces.resource" @@ -10894,8 +10894,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:acme:mini-httpd" - 'server: mini_httpd && 200' + - cpe:"cpe:2.3:a:acme:mini-httpd" - name: avatar_uploader vendor: drupal @@ -10911,12 +10911,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2032163853 - http.title:"login - jorani" + - http.favicon.hash:-2032163853 - platform: fofa queries: - - title="login - jorani" - icon_hash=-2032163853 + - title="login - jorani" - platform: google queries: - intitle:"login - jorani" @@ -11303,8 +11303,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:sap:netweaver" - http.favicon.hash:-266008933 + - cpe:"cpe:2.3:a:sap:netweaver" - platform: fofa queries: - icon_hash=-266008933 @@ -11338,8 +11338,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:openbsd:openssh" - product:"openssh" + - cpe:"cpe:2.3:a:openbsd:openssh" - name: mysql vendor: oracle @@ -15191,8 +15191,8 @@ - http.html:"solarview compact" - platform: fofa queries: - - icon_hash="-244067125" - body="solarview compact" + - icon_hash="-244067125" - name: mc3 vendor: crestron @@ -16096,8 +16096,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:h:dlink:dir-615" - http.title:"roteador wireless" + - cpe:"cpe:2.3:h:dlink:dir-615" - platform: fofa queries: - title="roteador wireless" @@ -18295,8 +18295,8 @@ engines: - platform: shodan queries: - - http.html:"aspera faspex" - cpe:"cpe:2.3:o:linux:linux_kernel" + - http.html:"aspera faspex" - platform: fofa queries: - body="aspera faspex" @@ -18307,8 +18307,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:microsoft:windows" - http.title:"filemage" + - cpe:"cpe:2.3:o:microsoft:windows" - platform: fofa queries: - title="filemage" @@ -18762,8 +18762,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.title:"webtitan" @@ -19076,18 +19076,18 @@ engines: - platform: fofa queries: - - app="openemr" + - title="openemr" - body="openemr" + - app="openemr" - icon_hash=1971268439 - - title="openemr" - platform: google queries: - intitle:"openemr" - platform: shodan queries: - - http.favicon.hash:1971268439 - - http.title:"openemr" - http.html:"openemr" + - http.title:"openemr" + - http.favicon.hash:1971268439 - name: download_monitor vendor: mikejolley @@ -19215,8 +19215,8 @@ - http.title:"gradio" - platform: fofa queries: - - body="__gradio_mode__" - title="gradio" + - body="__gradio_mode__" - platform: google queries: - intitle:"gradio" @@ -23513,6 +23513,14 @@ type: product engines: [] +- name: jfinalcms + vendor: jfinalcms_project + type: product + engines: + - platform: fofa + queries: + - body="content=\"jrecms" + - name: codekop vendor: codekop type: product