diff --git a/QUERIES.yaml b/QUERIES.yaml index 0cface4..da721cc 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -28,8 +28,8 @@ engines: - platform: shodan queries: - - redis - redis_version + - redis - name: siemens vendor: conpot @@ -56,17 +56,17 @@ engines: - platform: shodan queries: - - ws_ftp port:22 - - http.title:"ad hoc transfer" - http.title:"ws_ftp server web transfer" + - http.title:"ad hoc transfer" + - ws_ftp port:22 - platform: fofa queries: - - title="ws_ftp server web transfer" - title="ad hoc transfer" + - title="ws_ftp server web transfer" - platform: google queries: - - intitle:"ws_ftp server web transfer" - intitle:"ad hoc transfer" + - intitle:"ws_ftp server web transfer" - platform: censys queries: - services.http.request.uri="*/thinclient/wtm/public/index.html" @@ -77,8 +77,8 @@ engines: - platform: shodan queries: - - product:"couchdb" - cpe:"cpe:2.3:a:apache:couchdb" + - product:"couchdb" - name: rocketmq vendor: apache @@ -86,17 +86,17 @@ engines: - platform: fofa queries: - - title="rocketmq" - protocol="rocketmq" - title="rocketmq-console-ng" + - title="rocketmq" - platform: shodan queries: - http.title:"rocketmq" - http.title:"rocketmq-console-ng" - platform: google queries: - - intitle:"rocketmq" - intitle:"rocketmq-console-ng" + - intitle:"rocketmq" - name: ios vendor: cisco @@ -114,18 +114,18 @@ engines: - platform: shodan queries: + - http.title:"sign in - airflow" - http.title:"airflow - dags" || http.html:"apache airflow" - product:"redis" - - http.title:"sign in - airflow" - platform: fofa queries: - - title="airflow - dags" || http.html:"apache airflow" - title="sign in - airflow" + - title="airflow - dags" || http.html:"apache airflow" - apache airflow - platform: google queries: - - intitle:"sign in - airflow" - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" - name: geode vendor: apache @@ -201,8 +201,8 @@ engines: - platform: shodan queries: - - http.component:"atlassian confluence" - cpe:"cpe:2.3:a:atlassian:jira" + - http.component:"atlassian confluence" - http.component:"atlassian jira" - name: arcgis_server @@ -225,9 +225,9 @@ engines: - platform: shodan queries: + - product:"jenkins" - http.favicon.hash:81586312 - cpe:"cpe:2.3:a:jenkins:jenkins" - - product:"jenkins" - platform: fofa queries: - icon_hash=81586312 @@ -238,9 +238,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:tomcat" - http.title:"apache tomcat" - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" - platform: fofa queries: - title="apache tomcat" @@ -296,12 +296,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2098066288 - http.html:"genieacs" + - http.favicon.hash:-2098066288 - platform: fofa queries: - - icon_hash=-2098066288 - body="genieacs" + - icon_hash=-2098066288 - name: dg3450 vendor: commscope @@ -334,14 +334,14 @@ engines: - platform: shodan queries: - - http.favicon.hash:1768726119 - http.title:"outlook" - - cpe:"cpe:2.3:a:microsoft:exchange_server" - vuln:cve-2021-26855 + - http.favicon.hash:1768726119 + - cpe:"cpe:2.3:a:microsoft:exchange_server" - platform: fofa queries: - - icon_hash=1768726119 - title="outlook" + - icon_hash=1768726119 - platform: google queries: - intitle:"outlook" @@ -378,8 +378,8 @@ - http.title:"nagios xi" - platform: fofa queries: - - title="nagios xi" - app="nagios-xi" + - title="nagios xi" - platform: google queries: - intitle:"nagios xi" @@ -485,8 +485,8 @@ engines: - platform: shodan queries: - - http.html:"weiphp5.0" - http.html:"weiphp" + - http.html:"weiphp5.0" - platform: fofa queries: - body="weiphp" @@ -600,17 +600,17 @@ - platform: shodan queries: - http.title:"osticket" - - http.title:"osticket installer" - http.html:"powered by osticket" + - http.title:"osticket installer" - platform: fofa queries: - - body="powered by osticket" - title="osticket installer" + - body="powered by osticket" - title="osticket" - platform: google queries: - - intitle:"osticket installer" - intitle:"osticket" + - intitle:"osticket installer" - name: big-ip_access_policy_manager vendor: f5 @@ -686,8 +686,8 @@ - http.title:"metabase" - platform: fofa queries: - - app="metabase" - title="metabase" + - app="metabase" - platform: google queries: - intitle:"metabase" @@ -738,8 +738,8 @@ - cpe:"cpe:2.3:a:adminer:adminer" - platform: fofa queries: - - title="login - adminer" - app="adminer" && body="4.7.8" + - title="login - adminer" - platform: hunter queries: - app.name="adminer"&&web.body="4.7.8" @@ -784,8 +784,8 @@ engines: - platform: shodan queries: - - 'server: labkey' - 'http.title:"sign in: /home"' + - 'server: labkey' - platform: fofa queries: - 'title="sign in: /home"' @@ -870,8 +870,8 @@ - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - platform: fofa queries: - - title="phpmyadmin" - body="pma_servername" && body="4.8.4" + - title="phpmyadmin" - platform: google queries: - intitle:"phpmyadmin" @@ -929,8 +929,8 @@ - http.title:"ivanti connect secure" - platform: fofa queries: - - title="ivanti connect secure" - body="welcome.cgi?p=logo" + - title="ivanti connect secure" - platform: google queries: - intitle:"ivanti connect secure" @@ -1072,12 +1072,12 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - - title="sophos web appliance" - icon_hash=-893681401 + - title="sophos web appliance" - platform: google queries: - intitle:"sophos web appliance" @@ -1183,8 +1183,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-633108100 - http.title:"sign in - appwrite" + - http.favicon.hash:-633108100 - platform: fofa queries: - icon_hash=-633108100 @@ -1210,15 +1210,15 @@ engines: - platform: fofa queries: - - body="qlik" + - icon_hash=-74348711 - title="qlik-sense" - app="qlik-sense" - - icon_hash=-74348711 + - body="qlik" - platform: shodan queries: - - http.title:"qlik-sense" - http.html:"qlik" - http.favicon.hash:-74348711 + - http.title:"qlik-sense" - platform: google queries: - intitle:"qlik-sense" @@ -1265,8 +1265,8 @@ - title:'metasploit' - platform: fofa queries: - - title="metasploit - setup and configuration" - title="metasploit" + - title="metasploit - setup and configuration" - platform: google queries: - intitle:"metasploit - setup and configuration" @@ -1289,12 +1289,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1274798165 - http.title:"sophos mobile" + - http.favicon.hash:-1274798165 - platform: fofa queries: - - title="sophos mobile" - icon_hash=-1274798165 + - title="sophos mobile" - platform: google queries: - intitle:"sophos mobile" @@ -1348,8 +1348,8 @@ engines: - platform: shodan queries: - - http.title:"squirrelmail" - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" + - http.title:"squirrelmail" - platform: fofa queries: - title="squirrelmail" @@ -1399,8 +1399,8 @@ engines: - platform: google queries: - - inurl:"/prweb/prauth/app/default" - intitle:"pega platform" + - inurl:"/prweb/prauth/app/default" - platform: shodan queries: - http.title:"pega platform" @@ -1457,14 +1457,14 @@ - intitle:"3cx webclient" - platform: shodan queries: + - http.title:"3cx phone system management console" - http.title:"3cx webclient" - http.favicon.hash:970132176 - - http.title:"3cx phone system management console" - platform: fofa queries: - - title="3cx webclient" - icon_hash=970132176 - title="3cx phone system management console" + - title="3cx webclient" - name: lansweeper vendor: lansweeper @@ -1494,8 +1494,8 @@ - http.title:"securetransport" || http.favicon.hash:1330269434 - platform: fofa queries: - - title="st web client" - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" - name: spark vendor: apache @@ -1503,12 +1503,12 @@ engines: - platform: shodan queries: - - http.title:"spark master at" - http.html:"/apps/imt/html/" + - http.title:"spark master at" - platform: fofa queries: - - body="/apps/imt/html/" - title="spark master at" + - body="/apps/imt/html/" - platform: google queries: - intitle:"spark master at" @@ -1600,16 +1600,16 @@ engines: - platform: shodan queries: - - http.title:"openfire admin console" - http.title:"openfire" + - http.title:"openfire admin console" - platform: fofa queries: - - title="openfire" - title="openfire admin console" + - title="openfire" - platform: google queries: - - intitle:"openfire admin console" - intitle:"openfire" + - intitle:"openfire admin console" - name: gogs vendor: gogs @@ -1620,8 +1620,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1660,8 +1660,8 @@ - http.favicon.hash:-82958153 - platform: fofa queries: - - icon_hash=-82958153 - app="screenconnect-remote-support-software" + - icon_hash=-82958153 - platform: hunter queries: - app.name="connectwise screenconnect software" @@ -1707,8 +1707,8 @@ - http.favicon.hash:-476299640 - platform: fofa queries: - - title="hestia control panel" - icon_hash=-476299640 + - title="hestia control panel" - platform: google queries: - intitle:"hestia control panel" @@ -1755,18 +1755,18 @@ engines: - platform: shodan queries: - - http.title:"pyload" - http.html:"pyload" + - http.title:"pyload" - http.title:"login - pyload" - platform: fofa queries: + - title="login - pyload" - body="pyload" - title="pyload" - - title="login - pyload" - platform: google queries: - - intitle:"login - pyload" - intitle:"pyload" + - intitle:"login - pyload" - platform: zoomeye queries: - app:"pyload" @@ -1936,13 +1936,13 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1105083093 - http.html:"keycloak" - http.title:"keycloak" + - http.favicon.hash:-1105083093 - platform: fofa queries: - - title="keycloak" - icon_hash=-1105083093 + - title="keycloak" - body="keycloak" - platform: google queries: @@ -1987,8 +1987,8 @@ - title="kafka center" - platform: google queries: - - intitle:"kafka center" - intitle:"kafka consumer offset monitor" + - intitle:"kafka center" - name: open-xchange_appsuite vendor: open-xchange @@ -2007,17 +2007,17 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:apache:solr" - http.title:"apache solr" - http.title:"solr admin" - - cpe:"cpe:2.3:a:apache:solr" - platform: fofa queries: - title="apache solr" - title="solr admin" - platform: google queries: - - intitle:"solr admin" - intitle:"apache solr" + - intitle:"solr admin" - name: security_onion vendor: securityonionsolutions @@ -2150,8 +2150,8 @@ engines: - platform: shodan queries: - - http.title:"revive adserver" - http.favicon.hash:106844876 + - http.title:"revive adserver" - platform: fofa queries: - title="revive adserver" @@ -2202,9 +2202,9 @@ engines: - platform: shodan queries: - - http.html:"contao open source cms" - http.title:"contao" - cpe:"cpe:2.3:a:contao:contao" + - http.html:"contao open source cms" - platform: fofa queries: - title="contao" @@ -2233,18 +2233,18 @@ engines: - platform: fofa queries: - - icon_hash="-1797138069" - title="login to cacti" - title="cacti" + - icon_hash="-1797138069" - platform: shodan queries: - - http.favicon.hash:"-1797138069" - http.title:"login to cacti" + - http.favicon.hash:"-1797138069" - http.title:"cacti" - platform: google queries: - - intitle:"login to cacti" - intitle:"cacti" + - intitle:"login to cacti" - name: confluence_data_center vendor: atlassian @@ -2277,12 +2277,12 @@ engines: - platform: google queries: - - intitle:"jedox web login" - intitle:"jedox web - login" + - intitle:"jedox web login" - platform: shodan queries: - - http.title:"jedox web - login" - http.title:"jedox web login" + - http.title:"jedox web - login" - platform: fofa queries: - title="jedox web login" @@ -2355,9 +2355,9 @@ - http.title:"zabbix-server" - platform: fofa queries: - - title="zabbix-server" - icon_hash=892542951 - app="zabbix-监控系统" && body="saml" + - title="zabbix-server" - platform: google queries: - intitle:"zabbix-server" @@ -2368,8 +2368,8 @@ engines: - platform: shodan queries: - - http.title:"incapptic" - http.favicon.hash:-1067582922 + - http.title:"incapptic" - platform: fofa queries: - icon_hash=-1067582922 @@ -2402,8 +2402,8 @@ - title="cloudpanel" - platform: shodan queries: - - http.title:"cloudpanel" - http.favicon.hash:"151132309" + - http.title:"cloudpanel" - platform: google queries: - intitle:"cloudpanel" @@ -2428,8 +2428,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2023266783 - cpe:"cpe:2.3:a:matomo:matomo" + - http.favicon.hash:-2023266783 - platform: fofa queries: - icon_hash=-2023266783 @@ -2685,13 +2685,13 @@ queries: - body="openemr" - title="openemr" - - app="openemr" - icon_hash=1971268439 + - app="openemr" - platform: shodan queries: - http.favicon.hash:1971268439 - - http.html:"openemr" - http.title:"openemr" + - http.html:"openemr" - platform: google queries: - intitle:"openemr" @@ -2716,9 +2716,9 @@ engines: - platform: shodan queries: - - http.html:"router management - server openvpn" - - http.title:"openvpn-admin" - cpe:"cpe:2.3:a:openvpn:openvpn" + - http.title:"openvpn-admin" + - http.html:"router management - server openvpn" - platform: fofa queries: - title="openvpn-admin" @@ -2827,8 +2827,8 @@ - http.title:"zimbra collaboration suite" - platform: fofa queries: - - title="zimbra collaboration suite" - title="zimbra web client sign in" + - title="zimbra collaboration suite" - platform: google queries: - intitle:"zimbra collaboration suite" @@ -3035,8 +3035,8 @@ engines: - platform: shodan queries: - - http.title:"plesk obsidian" - http.html:"plesk obsidian" + - http.title:"plesk obsidian" - platform: fofa queries: - body="plesk obsidian" @@ -3137,9 +3137,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:joomla:joomla\!" - http.html:"joomla! - open source content management" - http.component:"joomla" - - cpe:"cpe:2.3:a:joomla:joomla\!" - platform: fofa queries: - body="joomla! - open source content management" @@ -3164,8 +3164,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:wowza:streaming_engine" - http.title:"manager" product:"wowza streaming engine" + - cpe:"cpe:2.3:a:wowza:streaming_engine" - platform: fofa queries: - title="manager" product:"wowza streaming engine" @@ -3227,16 +3227,16 @@ engines: - platform: shodan queries: - - http.title:"icinga web 2 login" - http.title:"icinga" + - http.title:"icinga web 2 login" - platform: fofa queries: - - title="icinga web 2 login" - title="icinga" + - title="icinga web 2 login" - platform: google queries: - - intitle:"icinga" - intitle:"icinga web 2 login" + - intitle:"icinga" - name: successfactors vendor: sap @@ -3290,8 +3290,8 @@ - http.title:"pulsar admin ui" - platform: fofa queries: - - title="pulsar admin console" - title="pulsar admin ui" + - title="pulsar admin console" - platform: google queries: - intitle:"pulsar admin ui" @@ -3384,8 +3384,8 @@ - http.favicon.hash:"-1474875778" - platform: fofa queries: - - title="glpi" - icon_hash="-1474875778" + - title="glpi" - platform: google queries: - intitle:"glpi" @@ -3396,8 +3396,8 @@ engines: - platform: shodan queries: - - http.title:teamcity - http.component:"teamcity" + - http.title:teamcity - platform: fofa queries: - title=teamcity @@ -3562,8 +3562,8 @@ - http.favicon.hash:1701804003 - platform: fofa queries: - - icon_hash=1701804003 - title="servicenow" + - icon_hash=1701804003 - platform: google queries: - intitle:"servicenow" @@ -3585,8 +3585,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:oracle:commerce" - http.title:"oracle commerce" + - cpe:"cpe:2.3:a:oracle:commerce" - platform: fofa queries: - title="oracle commerce" @@ -3684,8 +3684,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:liferay:liferay_portal" - http.favicon.hash:129457226 + - cpe:"cpe:2.3:a:liferay:liferay_portal" - platform: fofa queries: - icon_hash=129457226 @@ -3773,8 +3773,8 @@ engines: - platform: shodan queries: - - http.title:"tautulli" - http.title:"tautulli - home" + - http.title:"tautulli" - platform: fofa queries: - title="tautulli - home" @@ -3821,12 +3821,12 @@ engines: - platform: fofa queries: - - body="ektron" - app="ektron-cms" + - body="ektron" - platform: shodan queries: - - http.html:"ektron" - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" + - http.html:"ektron" - name: kubernetes vendor: kubernetes @@ -3849,17 +3849,17 @@ engines: - platform: shodan queries: - - http.title:"github enterprise" - http.title:"setup github enterprise" + - http.title:"github enterprise" - platform: fofa queries: - app="github-enterprise" - - title="github enterprise" - title="setup github enterprise" + - title="github enterprise" - platform: google queries: - - intitle:"github enterprise" - intitle:"setup github enterprise" + - intitle:"github enterprise" - name: access_rights_manager vendor: solarwinds @@ -3979,14 +3979,14 @@ engines: - platform: shodan queries: - - http.title:"minio browser" - http.title:"minio console" + - http.title:"minio browser" - cpe:"cpe:2.3:a:minio:minio" - platform: fofa queries: - - title="minio console" - app="minio" - title="minio browser" + - title="minio console" - platform: google queries: - intitle:"minio console" @@ -4173,8 +4173,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:h2database:h2" - http.title:"h2 console" + - cpe:"cpe:2.3:a:h2database:h2" - platform: fofa queries: - title="h2 console" @@ -4235,8 +4235,8 @@ - http.favicon.hash:"-244067125" - platform: fofa queries: - - body="solarview compact" - icon_hash="-244067125" + - body="solarview compact" - body="solarview compact" && title="top" - name: backup_appliance @@ -4376,8 +4376,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.favicon.hash:1090061843 @@ -4431,8 +4431,8 @@ - http.title:sugarcrm - platform: google queries: - - intitle:sugarcrm - intext:"sugarcrm inc. all rights reserved" + - intitle:sugarcrm - platform: fofa queries: - title=sugarcrm @@ -4513,8 +4513,8 @@ - intitle:"ssl network extender login" - platform: shodan queries: - - http.title:"ssl network extender login" - http.title:"check point ssl network extender" + - http.title:"ssl network extender login" - platform: fofa queries: - title="ssl network extender login" @@ -4608,8 +4608,8 @@ - http.title:"apex it help desk" - platform: fofa queries: - - app="zoho-流量管理" - title="apex it help desk" + - app="zoho-流量管理" - platform: google queries: - intitle:"apex it help desk" @@ -4680,12 +4680,12 @@ - http.title:"manageengine" - platform: fofa queries: - - title="adselfservice plus" - title="manageengine" + - title="adselfservice plus" - platform: google queries: - - intitle:"manageengine" - intitle:"adselfservice plus" + - intitle:"manageengine" - name: routeros vendor: mikrotik @@ -4738,8 +4738,8 @@ - intitle:"qnap turbo nas" inurl:/cgi-bin - platform: shodan queries: - - product:"qnap" - http.title:"qnap turbo nas" inurl:/cgi-bin + - product:"qnap" - platform: fofa queries: - title="qnap turbo nas" inurl:/cgi-bin @@ -4750,17 +4750,17 @@ engines: - platform: shodan queries: - - http.title:"photo station" - - 'content-length: 580 "http server 1.0"' - http.title:"qnap" + - 'content-length: 580 "http server 1.0"' + - http.title:"photo station" - platform: fofa queries: - title="qnap" - title="photo station" - platform: google queries: - - intitle:"qnap" - intitle:"photo station" + - intitle:"qnap" - name: smart_software_manager_on-prem vendor: cisco @@ -4850,8 +4850,8 @@ - http.title:"h-sphere" - platform: fofa queries: - - title="h-sphere" - title="parallels h-sphere" + - title="h-sphere" - platform: google queries: - intitle:"parallels h-sphere" @@ -4874,8 +4874,8 @@ engines: - platform: shodan queries: - - http.html:"ibm websphere portal" - cpe:"cpe:2.3:a:ibm:websphere_portal" + - http.html:"ibm websphere portal" - platform: fofa queries: - body="ibm websphere portal" @@ -4898,8 +4898,8 @@ - platform: shodan queries: - http.title:"aem sign in" - - http.component:"adobe experience manager" - cpe:"cpe:2.3:a:adobe:experience_manager" + - http.component:"adobe experience manager" - platform: fofa queries: - title="aem sign in" @@ -4917,8 +4917,8 @@ - http.title:"openvpn connect" - platform: fofa queries: - - title="adobe connect" - title="openvpn connect" + - title="adobe connect" - platform: google queries: - intitle:"openvpn connect" @@ -4966,17 +4966,17 @@ engines: - platform: shodan queries: - - http.title:"concrete5" - http.title:"install concrete5" + - http.title:"concrete5" - cpe:"cpe:2.3:a:concrete5:concrete5" - platform: fofa queries: - - title="concrete5" - title="install concrete5" + - title="concrete5" - platform: google queries: - - intitle:"install concrete5" - intitle:"concrete5" + - intitle:"install concrete5" - name: apisix vendor: apache @@ -5060,8 +5060,8 @@ - http.title:"fortiwlm" - platform: fofa queries: - - title="fortiwlm" - body="fortiwlm" + - title="fortiwlm" - platform: google queries: - intitle:"fortiwlm" @@ -5092,8 +5092,8 @@ - port:10443 http.favicon.hash:945408572 - platform: fofa queries: - - body="/remote/login" "xxxxxxxx" - icon_hash=945408572 + - body="/remote/login" "xxxxxxxx" - name: fortiap vendor: fortinet @@ -5140,8 +5140,8 @@ engines: - platform: fofa queries: - - icon_hash=-1961736892 - title="dzzoffice" + - icon_hash=-1961736892 - platform: shodan queries: - http.favicon.hash:-1961736892 @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - app="kkfileview" - body="kkfileview" + - app="kkfileview" - platform: shodan queries: - http.html:"kkfileview" @@ -5172,14 +5172,14 @@ engines: - platform: shodan queries: + - http.html:"struts problem report" - http.title:"struts2 showcase" - http.html:"apache struts" - - http.html:"struts problem report" - platform: fofa queries: + - title="struts2 showcase" - body="struts problem report" - body="apache struts" - - title="struts2 showcase" - platform: google queries: - intitle:"struts2 showcase" @@ -5230,12 +5230,12 @@ engines: - platform: shodan queries: - - http.html:"weblogic application server" - http.title:"weblogic" + - http.html:"weblogic application server" - platform: fofa queries: - - title="weblogic" - body="weblogic application server" + - title="weblogic" - platform: google queries: - intitle:"weblogic" @@ -5379,8 +5379,8 @@ - http.html:"microweber" - platform: fofa queries: - - body="microweber" - icon_hash=780351152 + - body="microweber" - name: stock_ticker vendor: urosevic @@ -5585,16 +5585,16 @@ engines: - platform: shodan queries: - - http.title:"linear emerge" - http.title:"emerge" + - http.title:"linear emerge" - platform: fofa queries: - title="linear emerge" - title="emerge" - platform: google queries: - - intitle:"linear emerge" - intitle:"emerge" + - intitle:"linear emerge" - name: ssl_vpn vendor: h3c @@ -5610,12 +5610,12 @@ engines: - platform: shodan queries: - - http.title:"wi-fi app login" - http.html:"wn530hg4" + - http.title:"wi-fi app login" - platform: fofa queries: - - body="wn530hg4" - title="wi-fi app login" + - body="wn530hg4" - platform: google queries: - intitle:"wi-fi app login" @@ -5711,8 +5711,8 @@ - http.html:"pmb group" - platform: fofa queries: - - icon_hash=1469328760 - body="pmb group" + - icon_hash=1469328760 - name: eshop_-_ecommerce_\/_store_website vendor: wrteam @@ -5871,8 +5871,8 @@ engines: - platform: shodan queries: - - http.title:"hoteldruid" - http.favicon.hash:-1521640213 + - http.title:"hoteldruid" - platform: fofa queries: - title="hoteldruid" @@ -5887,12 +5887,12 @@ engines: - platform: shodan queries: - - http.html:"atmail" - http.html:"powered by atmail" + - http.html:"atmail" - platform: fofa queries: - - body="atmail" - body="powered by atmail" + - body="atmail" - name: device_manager_express vendor: audiocodes @@ -6276,8 +6276,8 @@ engines: - platform: fofa queries: - - icon_hash="1624375939" - icon_hash="475145467" + - icon_hash="1624375939" - app="zimbra-邮件系统" - platform: shodan queries: @@ -6320,8 +6320,8 @@ engines: - platform: fofa queries: - - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - icon_hash=-1250474341 + - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" - platform: shodan queries: - http.favicon.hash:-1250474341 @@ -6591,8 +6591,8 @@ engines: - platform: google queries: - - inurl:"/wp-content/plugins/duplicator" - inurl:/backups-dup-lite/dup-installer/ + - inurl:"/wp-content/plugins/duplicator" - name: dogtagpki vendor: dogtagpki @@ -6695,8 +6695,8 @@ engines: - platform: shodan queries: - - http.component:"bitbucket" - cpe:"cpe:2.3:a:atlassian:bitbucket" + - http.component:"bitbucket" - name: lin-cms-spring-boot vendor: talelin @@ -6779,8 +6779,8 @@ engines: - platform: fofa queries: - - app="ncast-产品" && title=="高清智能录播系统" - title="高清智能录播系统" + - app="ncast-产品" && title=="高清智能录播系统" - platform: zoomeye queries: - title:"高清智能录播系统" @@ -6881,9 +6881,9 @@ engines: - platform: fofa queries: - - icon_hash=1484947000,1828756398,1170495932 - - app="goanywhere-mft" - icon_hash=1484947000 + - app="goanywhere-mft" + - icon_hash=1484947000,1828756398,1170495932 - platform: shodan queries: - http.favicon.hash:1484947000 @@ -6946,8 +6946,8 @@ - platform: fofa queries: - body=/wp-content/plugins/eventon-lite/ - - body=/wp-content/plugins/eventon/ - wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon/ @@ -7009,8 +7009,8 @@ - body="data-xwiki-reference" - platform: shodan queries: - - http.html:"data-xwiki-reference" - xwiki + - http.html:"data-xwiki-reference" - name: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter vendor: idnovate @@ -7095,8 +7095,8 @@ engines: - platform: shodan queries: - - http.component:"chamilo" - cpe:"cpe:2.3:a:chamilo:chamilo" + - http.component:"chamilo" - name: vrealize_network_insight vendor: vmware @@ -7104,16 +7104,16 @@ engines: - platform: shodan queries: - - http.title:"vmware vrealize network insight" - http.title:"vmware aria operations" + - http.title:"vmware vrealize network insight" - platform: fofa queries: - title="vmware vrealize network insight" - title="vmware aria operations" - platform: google queries: - - intitle:"vmware aria operations" - intitle:"vmware vrealize network insight" + - intitle:"vmware aria operations" - name: mlflow vendor: lfprojects @@ -7124,8 +7124,8 @@ - http.title:"mlflow" - platform: fofa queries: - - app="mlflow" - title="mlflow" + - app="mlflow" - platform: google queries: - intitle:"mlflow" @@ -7247,8 +7247,8 @@ engines: - platform: fofa queries: - - app="powerjob" - body="powerjob" + - app="powerjob" - platform: shodan queries: - http.html:"powerjob" @@ -7447,8 +7447,8 @@ engines: - platform: shodan queries: - - http.html:"wago" - http.html:"/wbm/" html:"wago" + - http.html:"wago" - platform: fofa queries: - body="wago" @@ -7832,13 +7832,13 @@ - craftcms - platform: shodan queries: + - cpe:"cpe:2.3:a:craftcms:craft_cms" - http.html:craftcms - http.favicon.hash:-47932290 - - cpe:"cpe:2.3:a:craftcms:craft_cms" - platform: fofa queries: - - body=craftcms - icon_hash=-47932290 + - body=craftcms - name: companion_sitemap_generator vendor: codeermeneer @@ -8023,8 +8023,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:alkacon:opencms" - http.title:"opencms" + - cpe:"cpe:2.3:a:alkacon:opencms" - /opencms/ - platform: fofa queries: @@ -8150,18 +8150,18 @@ engines: - platform: google queries: - - intitle:"powered by vbulletin" - intext:"powered by vbulletin" + - intitle:"powered by vbulletin" - platform: shodan queries: + - http.component:"vbulletin" - http.title:"powered by vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - - http.component:"vbulletin" - http.html:"powered by vbulletin" - platform: fofa queries: - - body="powered by vbulletin" - title="powered by vbulletin" + - body="powered by vbulletin" - name: webui-aria2 vendor: ziahamza @@ -8368,8 +8368,8 @@ engines: - platform: fofa queries: - - app="majordomosl" - icon_hash=1903390397 + - app="majordomosl" - platform: shodan queries: - http.favicon.hash:1903390397 @@ -8496,12 +8496,12 @@ engines: - platform: shodan queries: - - http.html:"ray dashboard" - http.favicon.hash:463802404 + - http.html:"ray dashboard" - platform: fofa queries: - - body="ray dashboard" - icon_hash=463802404 + - body="ray dashboard" - name: magnusbilling vendor: magnussolution @@ -8551,17 +8551,17 @@ - platform: shodan queries: - cpe:"cpe:2.3:a:icewarp:mail_server" - - http.title:"icewarp server administration" - http.title:"icewarp" + - http.title:"icewarp server administration" - platform: fofa queries: - title="icewarp server administration" - title="icewarp" - platform: google queries: - - intitle:"icewarp server administration" - intitle:"icewarp" - powered by icewarp 10.4.4 + - intitle:"icewarp server administration" - name: timekeeper vendor: fsmlabs @@ -8594,8 +8594,8 @@ engines: - platform: fofa queries: - - body="kubepi" - kubepi + - body="kubepi" - platform: shodan queries: - http.html:"kubepi" @@ -8638,8 +8638,8 @@ engines: - platform: fofa queries: - - body="kubeoperator" - app="kubeoperator" + - body="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8702,8 +8702,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:home-assistant:home-assistant" - http.title:"home assistant" + - cpe:"cpe:2.3:a:home-assistant:home-assistant" - platform: fofa queries: - title="home assistant" @@ -8755,8 +8755,8 @@ engines: - platform: shodan queries: - - '"microsoft-iis" "2015"' - cpe:"cpe:2.3:o:microsoft:windows_7" + - '"microsoft-iis" "2015"' - name: tivoli_common_reporting vendor: ibm @@ -9085,8 +9085,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - http.title:"jboss" + - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - platform: fofa queries: - title="jboss" @@ -9108,8 +9108,8 @@ - title="icewarp" - platform: google queries: - - intitle:"gotify" - intitle:"icewarp" + - intitle:"gotify" - name: twitter_button vendor: bestwebsoft @@ -9198,12 +9198,12 @@ engines: - platform: fofa queries: - - body="dedecms" - app="dedecms" + - body="dedecms" - platform: shodan queries: - - http.html:"dedecms" - cpe:"cpe:2.3:a:dedecms:dedecms" + - http.html:"dedecms" - name: custom_admin_page vendor: bestwebsoft @@ -9281,8 +9281,8 @@ engines: - platform: shodan queries: - - apache 2.4.49 - cpe:"cpe:2.3:a:apache:http_server" + - apache 2.4.49 - name: laravel vendor: laravel @@ -9293,8 +9293,8 @@ - app="laravel-framework" - platform: shodan queries: - - cpe:"cpe:2.3:a:laravel:laravel" - laravel-framework + - cpe:"cpe:2.3:a:laravel:laravel" - name: contact_form_multi vendor: bestwebsoft @@ -9316,8 +9316,8 @@ engines: - platform: shodan queries: - - http.html:"/_next/static" - cpe:"cpe:2.3:a:zeit:next.js" + - http.html:"/_next/static" - platform: fofa queries: - body="/_next/static" @@ -9535,8 +9535,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - http.title:"dokuwiki" + - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" - platform: fofa queries: - title="dokuwiki" @@ -9744,8 +9744,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:106844876 - http.title:"revive adserver" + - http.favicon.hash:106844876 - platform: fofa queries: - title="revive adserver" @@ -9983,8 +9983,8 @@ engines: - platform: shodan queries: - - 'http.html:"powered by: fudforum"' - http.html:"fudforum" + - 'http.html:"powered by: fudforum"' - platform: fofa queries: - body="fudforum" @@ -10404,8 +10404,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:caucho:resin" - http.html:"resin" + - cpe:"cpe:2.3:a:caucho:resin" - platform: fofa queries: - body="resin" @@ -10416,13 +10416,13 @@ engines: - platform: shodan queries: - - http.html:"jellyfin" - http.title:"jellyfin" + - http.html:"jellyfin" - platform: fofa queries: - - title="jellyfin" - body="jellyfin" - title="jellyfin" || body="http://jellyfin.media" + - title="jellyfin" - platform: google queries: - intitle:"jellyfin" @@ -10567,8 +10567,8 @@ engines: - platform: fofa queries: - - title="oracle access management" - body="/oam/pages/css/login_page.css" + - title="oracle access management" - platform: shodan queries: - http.title:"oracle access management" @@ -10621,8 +10621,8 @@ engines: - platform: fofa queries: - - app="74cms" - body="74cms" + - app="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10791,8 +10791,8 @@ - http.html:"micollab" - platform: fofa queries: - - body="micollab" - body="mitel" html:"micollab" + - body="micollab" - name: zzcms vendor: zzcms @@ -10808,8 +10808,8 @@ engines: - platform: fofa queries: - - body="javax.faces.resource" - body="javax.faces.viewstate" + - body="javax.faces.resource" - platform: shodan queries: - http.html:"javax.faces.resource" @@ -10871,8 +10871,8 @@ engines: - platform: shodan queries: - - 'server: mini_httpd && 200' - cpe:"cpe:2.3:a:acme:mini-httpd" + - 'server: mini_httpd && 200' - name: avatar_uploader vendor: drupal @@ -10892,8 +10892,8 @@ - http.favicon.hash:-2032163853 - platform: fofa queries: - - icon_hash=-2032163853 - title="login - jorani" + - icon_hash=-2032163853 - platform: google queries: - intitle:"login - jorani" @@ -15168,8 +15168,8 @@ - http.favicon.hash:"-244067125" - platform: fofa queries: - - body="solarview compact" - icon_hash="-244067125" + - body="solarview compact" - name: mc3 vendor: crestron @@ -18284,8 +18284,8 @@ engines: - platform: shodan queries: - - http.title:"filemage" - cpe:"cpe:2.3:o:microsoft:windows" + - http.title:"filemage" - platform: fofa queries: - title="filemage" @@ -18739,8 +18739,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.title:"webtitan" @@ -19061,9 +19061,9 @@ - intitle:"openemr" - platform: shodan queries: - - http.favicon.hash:1971268439 - - http.html:"openemr" - http.title:"openemr" + - http.html:"openemr" + - http.favicon.hash:1971268439 - name: download_monitor vendor: mikejolley