Files

 main

/

Config_yaml.yaml

Copy path

Blame

Blame

Latest commit

 

History

History

165 lines (165 loc) · 12.2 KB

 main

/

Config_yaml.yaml

Top

File metadata and controls

• Code
• Blame

165 lines (165 loc) · 12.2 KB

Raw

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

Bypass_List: ['%2f', '%2e']

Load_List:

- {loaded: true, re: springframework|reloadByURL|createJNDIRealm, method: GET, name: Spring

Jolokia|Rce, id: 8, state: '200', type: Spring, url: /actuator/jolokia/list, info: 'Spring

Jolokia|XXE/RCE:reloadByURL|RCE:createJNDIRealm Find!!!'}

- {loaded: true, re: api, method: GET, name: Doc File, id: 9, state: '200', type: ApiDoc,

url: /doc.html, info: Doc File Find!!!}

- {loaded: true, re: swagger, method: GET, name: swagger.json, id: 10, state: '200',

type: Spring, url: /v1/swagger.json, info: swagger.json Find!!!}

- {loaded: true, re: swagger, method: GET, name: swagger.json, id: 11, state: '200',

type: Spring, url: /v2/swagger.json, info: swagger.json Find!!!}

- {loaded: true, re: swaggerVersion|location, method: GET, name: Swagger-resources,

id: 12, state: '200', type: Spring, url: /swagger-resources, info: swagger-resources

Find!!!}

- {loaded: true, re: SOAP|WSDL|ASP.NET|tempuri.org, method: GET, name: Soap, id: 13,

state: '200', type: ApiDoc, url: /services, info: Soap Find!!!}

- {loaded: true, re: Web API|api, method: GET, name: Web API Help, id: 14, state: '200',

type: ApiDoc, url: /Help, info: Web API Help Find!!!}

- {loaded: false, re: password, method: POST, name: Weblogic CVE-2019-2618, id: 16,

state: '401', type: Weblogic, url: /bea_wls_deployment_internal/DeploymentService,

info: Weblogic CVE-2019-2618 Find!!!}

- {loaded: true, re: .git, method: GET, name: .Git, id: 17, state: '200', type: Information

leakage, url: /.git/HEAD, info: .git Find!!!}

- {loaded: true, re: has-props|file|dir, method: GET, name: Svn, id: 18, state: '200',

type: Information leakage, url: /.svn/entries, info: .svn Find!!!}

- {loaded: true, re: ds_store, method: GET, name: DS_Store, id: 19, state: '200',

type: Information leakage, url: /.DS_Store, info: .DS_Store Find!!!}

- {loaded: true, re: README.md, method: GET, name: README.md, id: 20, state: '206',

type: Information leakage, url: /README.md, info: README.md Find!!!}

- {loaded: false, re: crossdomain.xml, method: GET, name: crossdomain, id: 21, state: '200',

type: Information leakage, url: /crossdomain.xml, info: crossdomain.xml Find!!!}

- {loaded: true, re: .idea, method: GET, name: .idea, id: 22, state: '200', type: Information

leakage, url: /.idea/modules.xml, info: .idea Find!!!}

- {loaded: true, re: readme.txt, method: GET, name: readme, id: 23, state: '200',

type: Information leakage, url: /readme.txt, info: readme.txt Find!!!}

- {loaded: true, re: '(Swagger 2\.0)|(\"swagger\"\:)|(Swagger UI)|(\<title\>Swagger

UI)|(swaggerVersion)|(id\=\"swagger\-ui)|swagger|api-docs|openapi|apiVersion',

method: GET, name: api-docs, id: 24, state: '200', type: ApiDoc, url: /v3/api-docs,

info: api-docs Find !!!}

- {loaded: true, re: User-agent, method: GET, name: robots, id: 25, state: '200',

type: Information leakage, url: /robots.txt, info: robots.txt Find !!!}

- {loaded: true, re: '(Swagger 2\.0)|(\"swagger\"\:)|(Swagger UI)|(\<title\>Swagger

UI)|(swaggerVersion)|(id\=\"swagger\-ui)|swagger|api-docs|openapi|apiVersion',

method: GET, name: Swagger-UI, id: 29, state: '200', type: ApiDoc, url: /api/swagger-ui.html,

info: Swagger Find!!!}

- {loaded: false, re: Platform|Components, method: GET, name: Docker Unauthorized,

id: 30, state: '200', type: Unauthorized, url: /version, info: Docker Unauthorized

Find!!!}

- {loaded: false, re: repositories, method: GET, name: Docker Registry, id: 31, state: '200',

type: Unauthorized, url: /v2/_catalog, info: Docker Registry Find!!!}

- {loaded: false, re: kibana, method: GET, name: kibana CVE-2019-7609, id: 32, state: '200',

type: Unauthorized, url: /app/kibana#/, info: kibana CVE-2019-7609 Find!!!}

- {loaded: false, re: httpd_design_handlers, method: GET, name: CouchDB, id: 33, state: '200',

type: Unauthorized, url: /_config, info: CouchDB Find!!!}

- {loaded: false, re: weblogic server, method: GET, name: Weblogic CVE-2020-14882,

id: 34, state: '200', type: Weblogic, url: /console/css/%252e%252e%252fconsole.portal,

info: Weblogic CVE-2020-14883 Find!!!}

- {loaded: false, re: Applications, method: GET, name: HadoopYARN, id: 35, state: '200',

type: Unauthorized, url: /cluster, info: HadoopYARN Find!!!}

- {loaded: false, re: jboss, method: GET, name: Jboss Unauthorized, id: 36, state: '200',

type: Unauthorized, url: /jmx-console/, info: Jboss Unauthorized Find!!!}

- {loaded: false, re: jboss, method: GET, name: Jboss Unauthorized, id: 37, state: '200',

type: Unauthorized, url: /jbossws/, info: Jboss Unauthorized Find!!!}

- {loaded: false, re: Jenkins, method: GET, name: Jenkins, id: 38, state: '200', type: Unauthorized,

url: /manage, info: Jenkins Find!!!}

- {loaded: false, re: ActiveMQ, method: GET, name: ActiveMQ, id: 39, state: '200',

type: Unauthorized, url: /admin/, info: ActiveMQ Find!!!}

- {loaded: false, re: /_cat/, method: GET, name: Elasticsearch, id: 40, state: '200',

type: Unauthorized, url: /_cat, info: Elasticsearch Find!!!}

- {loaded: false, re: Zabbix, method: GET, name: Zabbix, id: 41, state: '200', type: Unauthorized,

url: '/zabbix.php?action=problem.view&ddreset=1', info: Zabbix Find!!!}

- {loaded: false, re: Dashboard|solr|Request-Handler, method: GET, name: Solr, id: 42,

state: '200', type: Unauthorized, url: /solr/admin, info: Solr Find!!!}

- {loaded: true, re: SOAP|WSDL|ASP.NET|tempuri.org, method: GET, name: Soap, id: 44,

state: '200', type: ApiDoc, url: /webservice, info: Soap Find!!!}

- {loaded: true, re: '(Swagger 2\.0)|(\"swagger\"\:)|(Swagger UI)|(\<title\>Swagger

UI)|(swaggerVersion)|(id\=\"swagger\-ui)|swagger|api-docs|openapi|apiVersion',

method: GET, name: api-docs, id: 45, state: '200', type: ApiDoc, url: /api-docs,

info: api-docs Find!!!}

- {loaded: true, re: codemirror\.addone\.fullscreen\.js, method: GET, name: Nacos,

id: 46, state: '200', type: Unauthorized, url: /nacos/index.html, info: Nacos Find!!!}

- {loaded: true, re: (java\.runtime\.version)|(java\.class\.version)|(sping\.config\.location)|(spring\.application\.name)|(applicationConfig)|(activeProfiles)|(server\.port)|(local\.server\.port),

method: GET, name: Spring Env RCE, id: 47, state: '200', type: Spring, url: /env,

info: 'Actuator Env|RCE:spring.cloud.bootstrap.location|XStreamRCE:eureka.client.serviceUrl.defaultZone

Find!!!'}

- {loaded: true, re: (java\.runtime\.version)|(java\.class\.version)|(sping\.config\.location)|(spring\.application\.name)|(applicationConfig)|(activeProfiles)|(server\.port)|(local\.server\.port)|springframework|spring.cloud.bootstrap.location|Spring

Actuator Env RCE, method: GET, name: Spring Env RCE, id: 48, state: '200', type: Spring,

url: /actuator/env, info: 'Actuator Env|RCE:spring.cloud.bootstrap.location|XStreamRCE:eureka.client.serviceUrl.defaultZone

Find!!!'}

- {loaded: true, re: (src=\"\/druid\.js\")|(href\=\"\/druid\.css\")|druid, method: GET,

name: Druid Monitor, id: 49, state: '200', type: Unauthorized, url: /druid/index.html,

info: Druid Monitor Find!!!}

- {loaded: true, re: '(Swagger 2\.0)|(\"swagger\"\:)|(Swagger UI)|(\<title\>Swagger

UI)|(swaggerVersion)|(id\=\"swagger\-ui)|swagger|api-docs|openapi|apiVersion',

method: GET, name: api-docs, id: 50, state: '200', type: ApiDoc, url: /v2/api-docs,

info: api-docs Find!!!}

- {loaded: true, re: '(Swagger 2\.0)|(\"swagger\"\:)|(Swagger UI)|(\<title\>Swagger

UI)|(swaggerVersion)|(id\=\"swagger\-ui)|swagger|api-docs|openapi|apiVersion',

method: GET, name: Swagger-UI, id: 51, state: '200', type: ApiDoc, url: /swagger-ui.html,

info: Swagger-UI Find!!!}

- {loaded: true, re: 'springframework|reloadByURL|createJNDIRealm|(\"type\"\:\"list\")',

method: GET, name: Spring Jolokia|Rce, id: 52, state: '200', type: Spring, url: /jolokia/list,

info: 'Spring Jolokia|XXE/RCE:reloadByURL|RCE:createJNDIRealm Find!!!'}

- {loaded: true, re: 'springframework|reloadByURL|createJNDIRealm|(\"type\"\:\"list\")',

method: GET, name: Spring Jolokia|Rce, id: 53, state: '200', type: Spring, url: /actuator/jolokia/list,

info: 'Spring Jolokia|XXE/RCE:reloadByURL|RCE:createJNDIRealm Find!!!'}

- {loaded: true, re: '\{\"\_links\"\:\{\"self\"\:\{', method: GET, name: actuator,

id: 56, state: '200', type: Spring, url: /actuator/, info: actuator FInd !!!}

- {loaded: false, re: (Welcome to Weblogic Application Server)|(Oracle WebLogic Server)|(\/console\/framework\/skins\/wlsconsole\/images\/login_WebLogic_branding\.png),

method: GET, name: Weblogic Console, id: 57, state: '200', type: Weblogic, url: /console,

info: Weblogic Console Find!!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 58, state: '200', type: Backup,

url: /root.rar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 59, state: '200', type: Backup,

url: /root.zip, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 60, state: '200', type: Backup,

url: /root.tar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 61, state: '200', type: Backup,

url: /root.bak, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 62, state: '200', type: Backup,

url: /admin.rar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 63, state: '200', type: Backup,

url: /admin.tar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 64, state: '200', type: Backup,

url: /admin.zip, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 65, state: '200', type: Backup,

url: /admin.bak, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 66, state: '200', type: Backup,

url: /web.rar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 67, state: '200', type: Backup,

url: /web.tar, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 68, state: '200', type: Backup,

url: /web.zip, info: Backup File Find !!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 69, state: '200', type: Backup,

url: /web.bak, info: Backup File Find !!!}

- {loaded: true, re: ., method: GET, name: ueditor, id: 71, state: '200', type: Editor,

url: /ueditor/index.html, info: ueditor Find!!!}

- {loaded: true, re: ., method: GET, name: jsp ueditor, id: 72, state: '200', type: Editor,

url: /ueditor/jsp/controller.jsp, info: jsp ueditor Find!!!}

- {loaded: true, re: ., method: GET, name: php ueditor, id: 73, state: '200', type: Editor,

url: /ueditor/php/controller.php, info: php ueditor Find!!!}

- {loaded: true, re: ., method: GET, name: net ueditor, id: 74, state: '200', type: Editor,

url: /ueditor/net/controller.ashx, info: net ueditor Find!!!}

- {loaded: true, re: ., method: GET, name: asp ueditor, id: 75, state: '200', type: Editor,

url: /ueditor/asp/controller.asp, info: asp ueditor Find!!!}

- {loaded: true, re: ., method: GET, name: ckfinder, id: 76, state: '200', type: Editor,

url: /ckfinder/ckfinder.html, info: ckfinder Find!!!}

- {loaded: true, re: ., method: GET, name: ueditor, id: 77, state: '200', type: Editor,

url: '/UEditor/Process?action=catchimage', info: ueditor Find!!!}

- {loaded: true, re: swaggerVersion|location, method: GET, name: Swagger-resources,

id: 78, state: '200', type: Spring, url: /api/swagger-resources, info: Swagger-resources

Find!!!}

- {loaded: false, re: ., method: GET, name: Backup file, id: 79, state: '200', type: Backup,

url: /WEB-INF.zip, info: Backup File Find !!!}

- {loaded: true, re: xxl-job-admin, method: GET, name: XXLJOB, id: 80, state: '200',

type: Unauthorized, url: /xxl-job-admin/toLogin, info: XXLJOB Find !!!}

- {loaded: true, re: (src=\"\/druid\.js\")|(href\=\"\/druid\.css\")|druid, method: GET,

name: Druid Monitor Login, id: 81, state: '200', type: Unauthorized, url: /druid/login.html,

info: Druid Login Find!!!}

- {loaded: true, re: ListBucketResult|<Name>, method: GET, name: Bucket, id: 82, state: '200',

type: Unauthorized, url: /pic/, info: Bucket Find !!!}

- {loaded: true, re: jobGroup, method: GET, name: XXLJOB, id: 83, state: '200', type: Unauthorized,

url: /xxl-job-admin/jobinfo, info: XXLJOB Find!!!}

- {loaded: true, re: openapi|version, method: GET, name: api-docs, id: 85, state: '200',

type: ApiDoc, url: /openapi.json, info: api-docs Find!!!}