diff --git a/QUERIES.yaml b/QUERIES.yaml index 9f7479a..da0a15a 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -61,8 +61,8 @@ - ws_ftp port:22 - platform: fofa queries: - - title="ws_ftp server web transfer" - title="ad hoc transfer" + - title="ws_ftp server web transfer" - platform: google queries: - intitle:"ad hoc transfer" @@ -77,8 +77,8 @@ engines: - platform: shodan queries: - - product:"couchdb" - cpe:"cpe:2.3:a:apache:couchdb" + - product:"couchdb" - name: rocketmq vendor: apache @@ -86,9 +86,9 @@ engines: - platform: fofa queries: - - protocol="rocketmq" - - title="rocketmq-console-ng" - title="rocketmq" + - title="rocketmq-console-ng" + - protocol="rocketmq" - platform: shodan queries: - http.title:"rocketmq" @@ -105,8 +105,8 @@ - platform: shodan queries: - product:"cisco ios http config" && 200 - - product:"cisco ios http config" - cpe:"cpe:2.3:o:cisco:ios" + - product:"cisco ios http config" - name: airflow vendor: apache @@ -115,13 +115,13 @@ - platform: shodan queries: - http.title:"sign in - airflow" - - product:"redis" - http.title:"airflow - dags" || http.html:"apache airflow" + - product:"redis" - platform: fofa queries: - - title="sign in - airflow" - apache airflow - title="airflow - dags" || http.html:"apache airflow" + - title="sign in - airflow" - platform: google queries: - intitle:"airflow - dags" || http.html:"apache airflow" @@ -147,8 +147,8 @@ engines: - platform: shodan queries: - - product:"oracle weblogic" - http.title:"oracle peoplesoft sign-in" + - product:"oracle weblogic" - platform: fofa queries: - title="oracle peoplesoft sign-in" @@ -184,8 +184,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:wordpress:wordpress" - http.component:"wordpress" + - cpe:"cpe:2.3:a:wordpress:wordpress" - name: confluence_server vendor: atlassian @@ -201,9 +201,9 @@ engines: - platform: shodan queries: - - http.component:"atlassian confluence" - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian confluence" - name: arcgis_server vendor: esri @@ -226,8 +226,8 @@ - platform: shodan queries: - http.favicon.hash:81586312 - - cpe:"cpe:2.3:a:jenkins:jenkins" - product:"jenkins" + - cpe:"cpe:2.3:a:jenkins:jenkins" - platform: fofa queries: - icon_hash=81586312 @@ -239,8 +239,8 @@ - platform: shodan queries: - http.title:"apache tomcat" - - http.html:"apache tomcat" - cpe:"cpe:2.3:a:apache:tomcat" + - http.html:"apache tomcat" - platform: fofa queries: - body="apache tomcat" @@ -300,8 +300,8 @@ - http.favicon.hash:-2098066288 - platform: fofa queries: - - body="genieacs" - icon_hash=-2098066288 + - body="genieacs" - name: dg3450 vendor: commscope @@ -334,10 +334,10 @@ engines: - platform: shodan queries: - - http.title:"outlook" + - cpe:"cpe:2.3:a:microsoft:exchange_server" - vuln:cve-2021-26855 + - http.title:"outlook" - http.favicon.hash:1768726119 - - cpe:"cpe:2.3:a:microsoft:exchange_server" - platform: fofa queries: - icon_hash=1768726119 @@ -404,8 +404,8 @@ engines: - platform: shodan queries: - - http.component:"magento" - cpe:"cpe:2.3:a:magento:magento" + - http.component:"magento" - name: printer_firmware vendor: samsung @@ -489,8 +489,8 @@ - http.html:"weiphp5.0" - platform: fofa queries: - - body="weiphp5.0" - body="weiphp" + - body="weiphp5.0" - name: processwire vendor: processwire @@ -599,18 +599,18 @@ engines: - platform: shodan queries: + - http.title:"osticket installer" - http.title:"osticket" - http.html:"powered by osticket" - - http.title:"osticket installer" - platform: fofa queries: - title="osticket" - - title="osticket installer" - body="powered by osticket" + - title="osticket installer" - platform: google queries: - - intitle:"osticket" - intitle:"osticket installer" + - intitle:"osticket" - name: big-ip_access_policy_manager vendor: f5 @@ -734,12 +734,12 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:adminer:adminer" - http.title:"login - adminer" + - cpe:"cpe:2.3:a:adminer:adminer" - platform: fofa queries: - - app="adminer" && body="4.7.8" - title="login - adminer" + - app="adminer" && body="4.7.8" - platform: hunter queries: - app.name="adminer"&&web.body="4.7.8" @@ -767,9 +767,9 @@ engines: - platform: shodan queries: - - http.title:"gitea" - http.html:"powered by gitea version" - cpe:"cpe:2.3:a:gitea:gitea" + - http.title:"gitea" - platform: fofa queries: - title="gitea" @@ -833,12 +833,12 @@ - platform: shodan queries: - http.title:"cpanel" - - http.title:"cpanel - api codes" - cpe:"cpe:2.3:a:cpanel:cpanel" + - http.title:"cpanel - api codes" - platform: fofa queries: - - title="cpanel - api codes" - title="cpanel" + - title="cpanel - api codes" - platform: google queries: - intitle:"cpanel" @@ -850,8 +850,8 @@ engines: - platform: fofa queries: - - app="intelbras" - title="intelbras" + - app="intelbras" - platform: shodan queries: - http.title:"intelbras" @@ -866,8 +866,8 @@ - platform: shodan queries: - http.title:"phpmyadmin" - - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - http.component:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - platform: fofa queries: - title="phpmyadmin" @@ -885,8 +885,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:hashicorp:consul" - http.title:"consul by hashicorp" + - cpe:"cpe:2.3:a:hashicorp:consul" - platform: fofa queries: - title="consul by hashicorp" @@ -929,8 +929,8 @@ - http.html:"welcome.cgi?p=logo" - platform: fofa queries: - - title="ivanti connect secure" - body="welcome.cgi?p=logo" + - title="ivanti connect secure" - platform: google queries: - intitle:"ivanti connect secure" @@ -1029,8 +1029,8 @@ engines: - platform: shodan queries: - - http.title:phppgadmin - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + - http.title:phppgadmin - platform: fofa queries: - title=phppgadmin @@ -1187,8 +1187,8 @@ - http.title:"sign in - appwrite" - platform: fofa queries: - - icon_hash=-633108100 - title="sign in - appwrite" + - icon_hash=-633108100 - platform: google queries: - intitle:"sign in - appwrite" @@ -1212,8 +1212,8 @@ queries: - body="qlik" - title="qlik-sense" - - icon_hash=-74348711 - app="qlik-sense" + - icon_hash=-74348711 - platform: shodan queries: - http.html:"qlik" @@ -1232,8 +1232,8 @@ - http.title:"geoserver" - platform: fofa queries: - - title="geoserver" - app="geoserver" + - title="geoserver" - platform: google queries: - intitle:"geoserver" @@ -1269,8 +1269,8 @@ - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit - setup and configuration" - intitle:"metasploit" + - intitle:"metasploit - setup and configuration" - name: linkerd vendor: linkerd @@ -1293,8 +1293,8 @@ - http.title:"sophos mobile" - platform: fofa queries: - - icon_hash=-1274798165 - title="sophos mobile" + - icon_hash=-1274798165 - platform: google queries: - intitle:"sophos mobile" @@ -1305,8 +1305,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:gitlab:gitlab" - http.title:"gitlab" + - cpe:"cpe:2.3:a:gitlab:gitlab" - platform: fofa queries: - title="gitlab" @@ -1348,8 +1348,8 @@ engines: - platform: shodan queries: - - http.title:"squirrelmail" - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" + - http.title:"squirrelmail" - platform: fofa queries: - title="squirrelmail" @@ -1457,13 +1457,13 @@ - intitle:"3cx phone system management console" - platform: shodan queries: - - http.title:"3cx webclient" - http.title:"3cx phone system management console" + - http.title:"3cx webclient" - http.favicon.hash:970132176 - platform: fofa queries: - - title="3cx webclient" - title="3cx phone system management console" + - title="3cx webclient" - icon_hash=970132176 - name: lansweeper @@ -1494,8 +1494,8 @@ - http.title:"st web client" - platform: fofa queries: - - title="st web client" - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" - name: spark vendor: apache @@ -1503,12 +1503,12 @@ engines: - platform: shodan queries: - - http.title:"spark master at" - http.html:"/apps/imt/html/" + - http.title:"spark master at" - platform: fofa queries: - - title="spark master at" - body="/apps/imt/html/" + - title="spark master at" - platform: google queries: - intitle:"spark master at" @@ -1600,16 +1600,16 @@ engines: - platform: shodan queries: - - http.title:"openfire admin console" - http.title:"openfire" + - http.title:"openfire admin console" - platform: fofa queries: - title="openfire admin console" - title="openfire" - platform: google queries: - - intitle:"openfire" - intitle:"openfire admin console" + - intitle:"openfire" - name: gogs vendor: gogs @@ -1620,8 +1620,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - http.title:"sign in - gogs" - cpe:"cpe:2.3:a:gogs:gogs" + - http.title:"sign in - gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1660,8 +1660,8 @@ - http.favicon.hash:-82958153 - platform: fofa queries: - - icon_hash=-82958153 - app="screenconnect-remote-support-software" + - icon_hash=-82958153 - platform: hunter queries: - app.name="connectwise screenconnect software" @@ -1755,13 +1755,13 @@ engines: - platform: shodan queries: - - http.title:"pyload" - - http.html:"pyload" - http.title:"login - pyload" + - http.html:"pyload" + - http.title:"pyload" - platform: fofa queries: - - body="pyload" - title="pyload" + - body="pyload" - title="login - pyload" - platform: google queries: @@ -1877,13 +1877,13 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:adobe:coldfusion" - http.component:"adobe coldfusion" + - cpe:"cpe:2.3:a:adobe:coldfusion" - http.title:"coldfusion administrator login" - platform: fofa queries: - - app="adobe-coldfusion" - title="coldfusion administrator login" + - app="adobe-coldfusion" - platform: google queries: - intitle:"coldfusion administrator login" @@ -1979,8 +1979,8 @@ engines: - platform: shodan queries: - - http.title:"kafka center" - http.title:"kafka consumer offset monitor" + - http.title:"kafka center" - platform: fofa queries: - title="kafka center" @@ -2016,8 +2016,8 @@ - title="solr admin" - platform: google queries: - - intitle:"apache solr" - intitle:"solr admin" + - intitle:"apache solr" - name: security_onion vendor: securityonionsolutions @@ -2079,8 +2079,8 @@ engines: - platform: shodan queries: - - http.title:"odoo" - cpe:"cpe:2.3:a:odoo:odoo" + - http.title:"odoo" - platform: fofa queries: - title="odoo" @@ -2150,12 +2150,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:106844876 - http.title:"revive adserver" + - http.favicon.hash:106844876 - platform: fofa queries: - - icon_hash=106844876 - title="revive adserver" + - icon_hash=106844876 - platform: google queries: - intitle:"revive adserver" @@ -2207,8 +2207,8 @@ - cpe:"cpe:2.3:a:contao:contao" - platform: fofa queries: - - body="contao open source cms" - title="contao" + - body="contao open source cms" - platform: google queries: - intitle:"contao" @@ -2238,13 +2238,13 @@ - title="login to cacti" - platform: shodan queries: - - http.title:"login to cacti" - http.title:"cacti" + - http.title:"login to cacti" - http.favicon.hash:"-1797138069" - platform: google queries: - - intitle:"cacti" - intitle:"login to cacti" + - intitle:"cacti" - name: confluence_data_center vendor: atlassian @@ -2350,14 +2350,14 @@ engines: - platform: shodan queries: + - http.title:"zabbix-server" - cpe:"cpe:2.3:a:zabbix:zabbix" - http.favicon.hash:892542951 - - http.title:"zabbix-server" - platform: fofa queries: + - app="zabbix-监控系统" && body="saml" - icon_hash=892542951 - title="zabbix-server" - - app="zabbix-监控系统" && body="saml" - platform: google queries: - intitle:"zabbix-server" @@ -2368,12 +2368,12 @@ engines: - platform: shodan queries: - - http.title:"incapptic" - http.favicon.hash:-1067582922 + - http.title:"incapptic" - platform: fofa queries: - - title="incapptic" - icon_hash=-1067582922 + - title="incapptic" - platform: google queries: - intitle:"incapptic" @@ -2398,12 +2398,12 @@ engines: - platform: fofa queries: - - title="cloudpanel" - icon_hash="151132309" + - title="cloudpanel" - platform: shodan queries: - - http.favicon.hash:"151132309" - http.title:"cloudpanel" + - http.favicon.hash:"151132309" - platform: google queries: - intitle:"cloudpanel" @@ -2559,12 +2559,12 @@ engines: - platform: shodan queries: - - http.html:"gitblit" - http.title:"gitblit" + - http.html:"gitblit" - platform: fofa queries: - - title="gitblit" - body="gitblit" + - title="gitblit" - platform: google queries: - intitle:"gitblit" @@ -2683,15 +2683,15 @@ engines: - platform: fofa queries: + - icon_hash=1971268439 - app="openemr" - - title="openemr" - body="openemr" - - icon_hash=1971268439 + - title="openemr" - platform: shodan queries: - - http.favicon.hash:1971268439 - http.title:"openemr" - http.html:"openemr" + - http.favicon.hash:1971268439 - platform: google queries: - intitle:"openemr" @@ -2717,8 +2717,8 @@ - platform: shodan queries: - http.title:"openvpn-admin" - - cpe:"cpe:2.3:a:openvpn:openvpn" - http.html:"router management - server openvpn" + - cpe:"cpe:2.3:a:openvpn:openvpn" - platform: fofa queries: - body="router management - server openvpn" @@ -3035,12 +3035,12 @@ engines: - platform: shodan queries: - - http.title:"plesk obsidian" - http.html:"plesk obsidian" + - http.title:"plesk obsidian" - platform: fofa queries: - - body="plesk obsidian" - title="plesk obsidian" + - body="plesk obsidian" - platform: google queries: - intitle:"plesk obsidian" @@ -3164,8 +3164,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:wowza:streaming_engine" - http.title:"manager" product:"wowza streaming engine" + - cpe:"cpe:2.3:a:wowza:streaming_engine" - platform: fofa queries: - title="manager" product:"wowza streaming engine" @@ -3179,8 +3179,8 @@ engines: - platform: shodan queries: - - 'x-powered-by: craft cms html:"seomatic"' - 'x-powered-by: craft cms' + - 'x-powered-by: craft cms html:"seomatic"' - name: opencats vendor: opencats @@ -3227,12 +3227,12 @@ engines: - platform: shodan queries: - - http.title:"icinga web 2 login" - http.title:"icinga" + - http.title:"icinga web 2 login" - platform: fofa queries: - - title="icinga web 2 login" - title="icinga" + - title="icinga web 2 login" - platform: google queries: - intitle:"icinga web 2 login" @@ -3294,8 +3294,8 @@ - title="pulsar admin ui" - platform: google queries: - - intitle:"pulsar admin ui" - intitle:"pulsar admin console" + - intitle:"pulsar admin ui" - name: phabricator vendor: phacility @@ -3429,8 +3429,8 @@ - cpe:"cpe:2.3:a:grafana:grafana" - platform: fofa queries: - - app="grafana" - title="grafana" + - app="grafana" - platform: google queries: - intitle:"grafana" @@ -3478,8 +3478,8 @@ engines: - platform: shodan queries: - - http.title:"nginx ui" - cpe:"cpe:2.3:a:f5:nginx" + - http.title:"nginx ui" - platform: fofa queries: - title="nginx ui" @@ -3507,8 +3507,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:662709064 - cpe:"cpe:2.3:a:mantisbt:mantisbt" + - http.favicon.hash:662709064 - platform: fofa queries: - icon_hash=662709064 @@ -3558,8 +3558,8 @@ engines: - platform: shodan queries: - - http.title:"servicenow" - http.favicon.hash:1701804003 + - http.title:"servicenow" - platform: fofa queries: - icon_hash=1701804003 @@ -3585,8 +3585,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:oracle:commerce" - http.title:"oracle commerce" + - cpe:"cpe:2.3:a:oracle:commerce" - platform: fofa queries: - title="oracle commerce" @@ -3684,8 +3684,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:129457226 - cpe:"cpe:2.3:a:liferay:liferay_portal" + - http.favicon.hash:129457226 - platform: fofa queries: - icon_hash=129457226 @@ -3821,8 +3821,8 @@ engines: - platform: fofa queries: - - app="ektron-cms" - body="ektron" + - app="ektron-cms" - platform: shodan queries: - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" @@ -3837,8 +3837,8 @@ - http.title:"kubernetes web view" - platform: fofa queries: - - app="kubernetes-enterprise-manager" - title="kubernetes web view" + - app="kubernetes-enterprise-manager" - platform: google queries: - intitle:"kubernetes web view" @@ -3849,8 +3849,8 @@ engines: - platform: shodan queries: - - http.title:"setup github enterprise" - http.title:"github enterprise" + - http.title:"setup github enterprise" - platform: fofa queries: - title="github enterprise" @@ -3858,8 +3858,8 @@ - app="github-enterprise" - platform: google queries: - - intitle:"setup github enterprise" - intitle:"github enterprise" + - intitle:"setup github enterprise" - name: access_rights_manager vendor: solarwinds @@ -3979,9 +3979,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:minio:minio" - http.title:"minio console" - http.title:"minio browser" - - cpe:"cpe:2.3:a:minio:minio" - platform: fofa queries: - title="minio browser" @@ -4108,8 +4108,8 @@ - http.favicon.hash:-379154636 - platform: fofa queries: - - title="kubeview" - icon_hash=-379154636 + - title="kubeview" - platform: google queries: - intitle:"kubeview" @@ -4376,8 +4376,8 @@ engines: - platform: fofa queries: - - icon_hash=1090061843 - title="webtitan" + - icon_hash=1090061843 - platform: shodan queries: - http.favicon.hash:1090061843 @@ -4427,8 +4427,8 @@ engines: - platform: shodan queries: - - http.title:sugarcrm - http.html:"sugarcrm inc. all rights reserved" + - http.title:sugarcrm - platform: google queries: - intitle:sugarcrm @@ -4465,8 +4465,8 @@ - http.title:"ftm manager" - platform: fofa queries: - - title="ftm manager" - body="ftm manager" + - title="ftm manager" - name: superset vendor: apache @@ -4474,12 +4474,12 @@ engines: - platform: shodan queries: - - http.html:"apache superset" - http.favicon.hash:1582430156 + - http.html:"apache superset" - platform: fofa queries: - - body="apache superset" - icon_hash=1582430156 + - body="apache superset" - name: tew-827dru_firmware vendor: trendnet @@ -4509,16 +4509,16 @@ engines: - platform: google queries: - - intitle:"ssl network extender login" - intitle:"check point ssl network extender" + - intitle:"ssl network extender login" - platform: shodan queries: - http.title:"check point ssl network extender" - http.title:"ssl network extender login" - platform: fofa queries: - - title="ssl network extender login" - title="check point ssl network extender" + - title="ssl network extender login" - name: jboss_enterprise_web_platform vendor: redhat @@ -4565,8 +4565,8 @@ - http.title:"manageengine desktop central 10" - platform: fofa queries: - - app="zoho-manageengine-desktop" - title="manageengine desktop central 10" + - app="zoho-manageengine-desktop" - platform: google queries: - intitle:"manageengine desktop central 10" @@ -4680,8 +4680,8 @@ - http.title:"manageengine" - platform: fofa queries: - - title="adselfservice plus" - title="manageengine" + - title="adselfservice plus" - platform: google queries: - intitle:"manageengine" @@ -4751,16 +4751,16 @@ - platform: shodan queries: - http.title:"qnap" - - http.title:"photo station" - 'content-length: 580 "http server 1.0"' + - http.title:"photo station" - platform: fofa queries: - title="qnap" - title="photo station" - platform: google queries: - - intitle:"qnap" - intitle:"photo station" + - intitle:"qnap" - name: smart_software_manager_on-prem vendor: cisco @@ -4846,12 +4846,12 @@ engines: - platform: shodan queries: - - http.title:"parallels h-sphere" - http.title:"h-sphere" + - http.title:"parallels h-sphere" - platform: fofa queries: - - title="parallels h-sphere" - title="h-sphere" + - title="parallels h-sphere" - platform: google queries: - intitle:"parallels h-sphere" @@ -4897,9 +4897,9 @@ engines: - platform: shodan queries: + - http.title:"aem sign in" - http.component:"adobe experience manager" - cpe:"cpe:2.3:a:adobe:experience_manager" - - http.title:"aem sign in" - platform: fofa queries: - title="aem sign in" @@ -4917,12 +4917,12 @@ - http.title:"openvpn connect" - platform: fofa queries: - - title="openvpn connect" - title="adobe connect" + - title="openvpn connect" - platform: google queries: - - intitle:"adobe connect" - intitle:"openvpn connect" + - intitle:"adobe connect" - name: rg-uac_firmware vendor: ruijie @@ -4975,8 +4975,8 @@ - title="concrete5" - platform: google queries: - - intitle:"concrete5" - intitle:"install concrete5" + - intitle:"concrete5" - name: apisix vendor: apache @@ -4998,8 +4998,8 @@ engines: - platform: fofa queries: - - app="apache-mesos" - title="mesos" + - app="apache-mesos" - platform: shodan queries: - http.title:"mesos" @@ -5027,8 +5027,8 @@ engines: - platform: fofa queries: - - title="fortimail" - fortimail && port=443 + - title="fortimail" - platform: shodan queries: - http.title:"fortimail" @@ -5087,9 +5087,9 @@ - platform: shodan queries: - http.favicon.hash:945408572 - - http.html:"/remote/login" "xxxxxxxx" - cpe:"cpe:2.3:o:fortinet:fortios" - port:10443 http.favicon.hash:945408572 + - http.html:"/remote/login" "xxxxxxxx" - platform: fofa queries: - icon_hash=945408572 @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - app="kkfileview" - body="kkfileview" + - app="kkfileview" - platform: shodan queries: - http.html:"kkfileview" @@ -5172,14 +5172,14 @@ engines: - platform: shodan queries: + - http.html:"apache struts" - http.html:"struts problem report" - http.title:"struts2 showcase" - - http.html:"apache struts" - platform: fofa queries: + - body="apache struts" - body="struts problem report" - title="struts2 showcase" - - body="apache struts" - platform: google queries: - intitle:"struts2 showcase" @@ -5234,8 +5234,8 @@ - http.title:"weblogic" - platform: fofa queries: - - body="weblogic application server" - title="weblogic" + - body="weblogic application server" - platform: google queries: - intitle:"weblogic" @@ -5375,8 +5375,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:780351152 - http.html:"microweber" + - http.favicon.hash:780351152 - platform: fofa queries: - body="microweber" @@ -5509,12 +5509,12 @@ engines: - platform: shodan queries: - - http.html:"wavlink" - http.title:"wi-fi app login" + - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -5573,8 +5573,8 @@ - title="thinkphp" - platform: shodan queries: - - cpe:"cpe:2.3:a:thinkphp:thinkphp" - http.title:"thinkphp" + - cpe:"cpe:2.3:a:thinkphp:thinkphp" - platform: google queries: - intitle:"thinkphp" @@ -5585,16 +5585,16 @@ engines: - platform: shodan queries: - - http.title:"emerge" - http.title:"linear emerge" + - http.title:"emerge" - platform: fofa queries: - title="linear emerge" - title="emerge" - platform: google queries: - - intitle:"linear emerge" - intitle:"emerge" + - intitle:"linear emerge" - name: ssl_vpn vendor: h3c @@ -5610,12 +5610,12 @@ engines: - platform: shodan queries: - - http.html:"wn530hg4" - http.title:"wi-fi app login" + - http.html:"wn530hg4" - platform: fofa queries: - - title="wi-fi app login" - body="wn530hg4" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -5711,8 +5711,8 @@ - http.favicon.hash:1469328760 - platform: fofa queries: - - icon_hash=1469328760 - body="pmb group" + - icon_hash=1469328760 - name: eshop_-_ecommerce_\/_store_website vendor: wrteam @@ -6050,12 +6050,12 @@ engines: - platform: shodan queries: - - http.html:"wavlink" - http.title:"wi-fi app login" + - http.html:"wavlink" - platform: fofa queries: - - title="wi-fi app login" - body="wavlink" + - title="wi-fi app login" - platform: google queries: - intitle:"wi-fi app login" @@ -6088,9 +6088,9 @@ engines: - platform: fofa queries: + - icon_hash=217119619 - title="openvpn connect" - app="rstudio-connect" - - icon_hash=217119619 - platform: shodan queries: - http.title:"openvpn connect" @@ -6123,8 +6123,8 @@ - app="apache_ofbiz" - platform: shodan queries: - - ofbiz.visitor= - http.html:"ofbiz" + - ofbiz.visitor= - name: flatpress vendor: flatpress @@ -6132,8 +6132,8 @@ engines: - platform: shodan queries: - - http.html:"flatpress" - http.favicon.hash:-1189292869 + - http.html:"flatpress" - platform: fofa queries: - icon_hash=-1189292869 @@ -6281,8 +6281,8 @@ - app="zimbra-邮件系统" - platform: shodan queries: - - http.favicon.hash:"475145467" - http.favicon.hash:"1624375939" + - http.favicon.hash:"475145467" - name: basic_pdu_firmware vendor: powertekpdus @@ -6779,8 +6779,8 @@ engines: - platform: fofa queries: - - app="ncast-产品" && title=="高清智能录播系统" - title="高清智能录播系统" + - app="ncast-产品" && title=="高清智能录播系统" - platform: zoomeye queries: - title:"高清智能录播系统" @@ -6881,9 +6881,9 @@ engines: - platform: fofa queries: - - app="goanywhere-mft" - icon_hash=1484947000 - icon_hash=1484947000,1828756398,1170495932 + - app="goanywhere-mft" - platform: shodan queries: - http.favicon.hash:1484947000,1828756398,1170495932 @@ -6946,17 +6946,17 @@ - platform: fofa queries: - body=/wp-content/plugins/eventon-lite/ - - body=/wp-content/plugins/eventon/ - wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon-lite/ - /wp-content/plugins/eventon/ - platform: shodan queries: - - vuln:cve-2023-2796 - http.html:/wp-content/plugins/eventon/ - http.html:/wp-content/plugins/eventon-lite/ + - vuln:cve-2023-2796 - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7009,8 +7009,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - xwiki - http.html:"data-xwiki-reference" + - xwiki - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7058,8 +7058,8 @@ - title:"verta ai" - platform: fofa queries: - - title="verta ai" - icon_hash=-2097033750 + - title="verta ai" - platform: google queries: - intitle:"verta ai" @@ -7095,8 +7095,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:chamilo:chamilo" - http.component:"chamilo" + - cpe:"cpe:2.3:a:chamilo:chamilo" - name: vrealize_network_insight vendor: vmware @@ -7104,16 +7104,16 @@ engines: - platform: shodan queries: - - http.title:"vmware aria operations" - http.title:"vmware vrealize network insight" + - http.title:"vmware aria operations" - platform: fofa queries: - title="vmware vrealize network insight" - title="vmware aria operations" - platform: google queries: - - intitle:"vmware aria operations" - intitle:"vmware vrealize network insight" + - intitle:"vmware aria operations" - name: mlflow vendor: lfprojects @@ -7447,12 +7447,12 @@ engines: - platform: shodan queries: - - http.html:"wago" - http.html:"/wbm/" html:"wago" + - http.html:"wago" - platform: fofa queries: - - body="/wbm/" html:"wago" - body="wago" + - body="/wbm/" html:"wago" - name: wordpress_toolbar vendor: abhinavsingh @@ -7571,9 +7571,9 @@ engines: - platform: shodan queries: + - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_mf" - http.html:"papercut" - - http.html:"content=\"papercut\"" - platform: fofa queries: - body="content=\"papercut\"" @@ -7711,8 +7711,8 @@ - http.favicon.hash:2144485375 - platform: fofa queries: - - title="icewarp" - icon_hash=2144485375 + - title="icewarp" - platform: google queries: - intitle:"icewarp" @@ -7832,9 +7832,9 @@ - craftcms - platform: shodan queries: + - http.favicon.hash:-47932290 - http.html:craftcms - cpe:"cpe:2.3:a:craftcms:craft_cms" - - http.favicon.hash:-47932290 - platform: fofa queries: - icon_hash=-47932290 @@ -8154,14 +8154,14 @@ - intext:"powered by vbulletin" - platform: shodan queries: - - http.component:"vbulletin" - http.title:"powered by vbulletin" + - http.component:"vbulletin" - http.html:"powered by vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - platform: fofa queries: - - title="powered by vbulletin" - body="powered by vbulletin" + - title="powered by vbulletin" - name: webui-aria2 vendor: ziahamza @@ -8266,8 +8266,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:spip:spip" - http.html:"spip.php?page=backend" + - cpe:"cpe:2.3:a:spip:spip" - platform: fofa queries: - body="spip.php?page=backend" @@ -8278,8 +8278,8 @@ engines: - platform: fofa queries: - - icon_hash="702863115" - moosocial + - icon_hash="702863115" - platform: shodan queries: - http.favicon.hash:"702863115" @@ -8384,8 +8384,8 @@ - http.html:"cockpit" - platform: fofa queries: - - icon_hash=688609340 - body="cockpit" + - icon_hash=688609340 - name: intercom_broadcast_system vendor: hikvision @@ -8550,18 +8550,18 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:icewarp:mail_server" - http.title:"icewarp" - http.title:"icewarp server administration" - - cpe:"cpe:2.3:a:icewarp:mail_server" - platform: fofa queries: - - title="icewarp" - title="icewarp server administration" + - title="icewarp" - platform: google queries: + - intitle:"icewarp server administration" - powered by icewarp 10.4.4 - intitle:"icewarp" - - intitle:"icewarp server administration" - name: timekeeper vendor: fsmlabs @@ -8625,12 +8625,12 @@ engines: - platform: shodan queries: - - http.html:requires a local sentry administrative user" - 'http.html:"note: requires a local sentry administrative user"' + - http.html:requires a local sentry administrative user" - platform: fofa queries: - - body=requires a local sentry administrative user" - 'body="note: requires a local sentry administrative user"' + - body=requires a local sentry administrative user" - name: kubeoperator vendor: fit2cloud @@ -8638,8 +8638,8 @@ engines: - platform: fofa queries: - - app="kubeoperator" - body="kubeoperator" + - app="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8702,8 +8702,8 @@ engines: - platform: shodan queries: - - http.title:"home assistant" - cpe:"cpe:2.3:a:home-assistant:home-assistant" + - http.title:"home assistant" - platform: fofa queries: - title="home assistant" @@ -8791,8 +8791,8 @@ engines: - platform: shodan queries: - - http.component:"atlassian confluence" - cpe:"cpe:2.3:a:atlassian:confluence" + - http.component:"atlassian confluence" - name: mypixs vendor: mypixs_project @@ -8865,8 +8865,8 @@ - intitle:"kentico database setup" - platform: shodan queries: - - cpe:"cpe:2.3:a:kentico:kentico_cms" - http.title:"kentico database setup" + - cpe:"cpe:2.3:a:kentico:kentico_cms" - platform: fofa queries: - title="kentico database setup" @@ -9085,8 +9085,8 @@ engines: - platform: shodan queries: - - http.title:"jboss" - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" + - http.title:"jboss" - platform: fofa queries: - title="jboss" @@ -9198,12 +9198,12 @@ engines: - platform: fofa queries: - - body="dedecms" - app="dedecms" + - body="dedecms" - platform: shodan queries: - - http.html:"dedecms" - cpe:"cpe:2.3:a:dedecms:dedecms" + - http.html:"dedecms" - name: custom_admin_page vendor: bestwebsoft @@ -9470,8 +9470,8 @@ engines: - platform: fofa queries: - - amcrest - body="amcrest" + - amcrest - platform: shodan queries: - http.html:"amcrest" @@ -9535,8 +9535,8 @@ engines: - platform: shodan queries: - - http.title:"dokuwiki" - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" + - http.title:"dokuwiki" - platform: fofa queries: - title="dokuwiki" @@ -9744,12 +9744,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:106844876 - http.title:"revive adserver" + - http.favicon.hash:106844876 - platform: fofa queries: - - icon_hash=106844876 - title="revive adserver" + - icon_hash=106844876 - platform: google queries: - intitle:"revive adserver" @@ -9983,12 +9983,11 @@ engines: - platform: shodan queries: - - 'http.html:"powered by: fudforum"' - - http.html:fudforum" - http.html:"fudforum" + - 'http.html:"powered by: fudforum"' - platform: fofa queries: - - body=fudforum" + - body="fudforum" - 'body="powered by: fudforum"' - name: vigorconnect @@ -10405,8 +10404,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:caucho:resin" - http.html:"resin" + - cpe:"cpe:2.3:a:caucho:resin" - platform: fofa queries: - body="resin" @@ -10421,9 +10420,9 @@ - http.html:"jellyfin" - platform: fofa queries: + - title="jellyfin" || body="http://jellyfin.media" - title="jellyfin" - body="jellyfin" - - title="jellyfin" || body="http://jellyfin.media" - platform: google queries: - intitle:"jellyfin" @@ -10568,8 +10567,8 @@ engines: - platform: fofa queries: - - title="oracle access management" - body="/oam/pages/css/login_page.css" + - title="oracle access management" - platform: shodan queries: - http.title:"oracle access management" @@ -10622,8 +10621,8 @@ engines: - platform: fofa queries: - - app="74cms" - body="74cms" + - app="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10792,8 +10791,8 @@ - http.html:"mitel" html:"micollab" - platform: fofa queries: - - body="mitel" html:"micollab" - body="micollab" + - body="mitel" html:"micollab" - name: zzcms vendor: zzcms @@ -10872,8 +10871,8 @@ engines: - platform: shodan queries: - - 'server: mini_httpd && 200' - cpe:"cpe:2.3:a:acme:mini-httpd" + - 'server: mini_httpd && 200' - name: avatar_uploader vendor: drupal @@ -10893,8 +10892,8 @@ - http.favicon.hash:-2032163853 - platform: fofa queries: - - title="login - jorani" - icon_hash=-2032163853 + - title="login - jorani" - platform: google queries: - intitle:"login - jorani" @@ -11281,8 +11280,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-266008933 - cpe:"cpe:2.3:a:sap:netweaver" + - http.favicon.hash:-266008933 - platform: fofa queries: - icon_hash=-266008933 @@ -11316,8 +11315,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:openbsd:openssh" - product:"openssh" + - cpe:"cpe:2.3:a:openbsd:openssh" - name: mysql vendor: oracle @@ -15164,9 +15163,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:h:contec:solarview_compact" - http.html:"solarview compact" - http.favicon.hash:"-244067125" - - cpe:"cpe:2.3:h:contec:solarview_compact" - platform: fofa queries: - icon_hash="-244067125" @@ -18740,8 +18739,8 @@ engines: - platform: fofa queries: - - icon_hash=1090061843 - title="webtitan" + - icon_hash=1090061843 - platform: shodan queries: - http.title:"webtitan" @@ -19054,9 +19053,9 @@ engines: - platform: fofa queries: - - title="openemr" - - body="openemr" - icon_hash=1971268439 + - body="openemr" + - title="openemr" - platform: google queries: - intitle:"openemr"