diff --git a/QUERIES.yaml b/QUERIES.yaml index a130a15..14a78fc 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -56,17 +56,17 @@ engines: - platform: shodan queries: + - http.title:"ws_ftp server web transfer" - ws_ftp port:22 - http.title:"ad hoc transfer" - - http.title:"ws_ftp server web transfer" - platform: fofa queries: - - title="ws_ftp server web transfer" - title="ad hoc transfer" + - title="ws_ftp server web transfer" - platform: google queries: - - intitle:"ws_ftp server web transfer" - intitle:"ad hoc transfer" + - intitle:"ws_ftp server web transfer" - platform: censys queries: - services.http.request.uri="*/thinclient/wtm/public/index.html" @@ -77,8 +77,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:couchdb" - product:"couchdb" + - cpe:"cpe:2.3:a:apache:couchdb" - name: rocketmq vendor: apache @@ -104,9 +104,9 @@ engines: - platform: shodan queries: - - product:"cisco ios http config" && 200 - cpe:"cpe:2.3:o:cisco:ios" - product:"cisco ios http config" + - product:"cisco ios http config" && 200 - name: airflow vendor: apache @@ -114,9 +114,9 @@ engines: - platform: shodan queries: - - product:"redis" - http.title:"sign in - airflow" - http.title:"airflow - dags" || http.html:"apache airflow" + - product:"redis" - platform: fofa queries: - title="sign in - airflow" @@ -124,8 +124,8 @@ - apache airflow - platform: google queries: - - intitle:"sign in - airflow" - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" - name: geode vendor: apache @@ -184,8 +184,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:wordpress:wordpress" - http.component:"wordpress" + - cpe:"cpe:2.3:a:wordpress:wordpress" - name: confluence_server vendor: atlassian @@ -201,9 +201,9 @@ engines: - platform: shodan queries: - - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" - http.component:"atlassian confluence" + - http.component:"atlassian jira" - name: arcgis_server vendor: esri @@ -226,8 +226,8 @@ - platform: shodan queries: - product:"jenkins" - - cpe:"cpe:2.3:a:jenkins:jenkins" - http.favicon.hash:81586312 + - cpe:"cpe:2.3:a:jenkins:jenkins" - platform: fofa queries: - icon_hash=81586312 @@ -238,9 +238,9 @@ engines: - platform: shodan queries: - - http.title:"apache tomcat" - - http.html:"apache tomcat" - cpe:"cpe:2.3:a:apache:tomcat" + - http.html:"apache tomcat" + - http.title:"apache tomcat" - platform: fofa queries: - title="apache tomcat" @@ -300,8 +300,8 @@ - http.favicon.hash:-2098066288 - platform: fofa queries: - - body="genieacs" - icon_hash=-2098066288 + - body="genieacs" - name: dg3450 vendor: commscope @@ -334,10 +334,10 @@ engines: - platform: shodan queries: - - http.favicon.hash:1768726119 - - http.title:"outlook" - vuln:cve-2021-26855 - cpe:"cpe:2.3:a:microsoft:exchange_server" + - http.favicon.hash:1768726119 + - http.title:"outlook" - platform: fofa queries: - icon_hash=1768726119 @@ -363,8 +363,8 @@ engines: - platform: fofa queries: - - title=="thruk monitoring webinterface" - body="thruk" + - title=="thruk monitoring webinterface" - platform: shodan queries: - http.html:"thruk" @@ -489,8 +489,8 @@ - http.html:"weiphp5.0" - platform: fofa queries: - - body="weiphp" - body="weiphp5.0" + - body="weiphp" - name: processwire vendor: processwire @@ -599,18 +599,18 @@ engines: - platform: shodan queries: - - http.title:"osticket" - http.html:"powered by osticket" - http.title:"osticket installer" + - http.title:"osticket" - platform: fofa queries: - - title="osticket" - body="powered by osticket" + - title="osticket" - title="osticket installer" - platform: google queries: - - intitle:"osticket" - intitle:"osticket installer" + - intitle:"osticket" - name: big-ip_access_policy_manager vendor: f5 @@ -734,12 +734,12 @@ engines: - platform: shodan queries: - - http.title:"login - adminer" - cpe:"cpe:2.3:a:adminer:adminer" + - http.title:"login - adminer" - platform: fofa queries: - - app="adminer" && body="4.7.8" - title="login - adminer" + - app="adminer" && body="4.7.8" - platform: hunter queries: - app.name="adminer"&&web.body="4.7.8" @@ -784,8 +784,8 @@ engines: - platform: shodan queries: - - 'http.title:"sign in: /home"' - 'server: labkey' + - 'http.title:"sign in: /home"' - platform: fofa queries: - 'title="sign in: /home"' @@ -833,16 +833,16 @@ - platform: shodan queries: - cpe:"cpe:2.3:a:cpanel:cpanel" - - http.title:"cpanel" - http.title:"cpanel - api codes" + - http.title:"cpanel" - platform: fofa queries: - title="cpanel" - title="cpanel - api codes" - platform: google queries: - - intitle:"cpanel" - intitle:"cpanel - api codes" + - intitle:"cpanel" - name: cip_92200_firmware vendor: intelbras @@ -865,9 +865,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - http.title:"phpmyadmin" - http.component:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - platform: fofa queries: - body="pma_servername" && body="4.8.4" @@ -885,8 +885,8 @@ engines: - platform: shodan queries: - - http.title:"consul by hashicorp" - cpe:"cpe:2.3:a:hashicorp:consul" + - http.title:"consul by hashicorp" - platform: fofa queries: - title="consul by hashicorp" @@ -980,8 +980,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:drupal:drupal" - http.component:"drupal" + - cpe:"cpe:2.3:a:drupal:drupal" - name: piwigo vendor: piwigo @@ -1029,8 +1029,8 @@ engines: - platform: shodan queries: - - http.title:phppgadmin - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + - http.title:phppgadmin - platform: fofa queries: - title=phppgadmin @@ -1072,12 +1072,12 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - - title="sophos web appliance" - icon_hash=-893681401 + - title="sophos web appliance" - platform: google queries: - intitle:"sophos web appliance" @@ -1183,8 +1183,8 @@ engines: - platform: shodan queries: - - http.title:"sign in - appwrite" - http.favicon.hash:-633108100 + - http.title:"sign in - appwrite" - platform: fofa queries: - icon_hash=-633108100 @@ -1210,15 +1210,15 @@ engines: - platform: fofa queries: - - icon_hash=-74348711 - - body="qlik" - title="qlik-sense" + - body="qlik" - app="qlik-sense" + - icon_hash=-74348711 - platform: shodan queries: - - http.favicon.hash:-74348711 - http.title:"qlik-sense" - http.html:"qlik" + - http.favicon.hash:-74348711 - platform: google queries: - intitle:"qlik-sense" @@ -1265,12 +1265,12 @@ - title:'metasploit' - platform: fofa queries: - - title="metasploit - setup and configuration" - title="metasploit" + - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit - setup and configuration" - intitle:"metasploit" + - intitle:"metasploit - setup and configuration" - name: linkerd vendor: linkerd @@ -1289,8 +1289,8 @@ engines: - platform: shodan queries: - - http.title:"sophos mobile" - http.favicon.hash:-1274798165 + - http.title:"sophos mobile" - platform: fofa queries: - icon_hash=-1274798165 @@ -1348,8 +1348,8 @@ engines: - platform: shodan queries: - - http.title:"squirrelmail" - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" + - http.title:"squirrelmail" - platform: fofa queries: - title="squirrelmail" @@ -1457,14 +1457,14 @@ - intitle:"3cx phone system management console" - platform: shodan queries: - - http.favicon.hash:970132176 - http.title:"3cx webclient" + - http.favicon.hash:970132176 - http.title:"3cx phone system management console" - platform: fofa queries: - - title="3cx webclient" - title="3cx phone system management console" - icon_hash=970132176 + - title="3cx webclient" - name: lansweeper vendor: lansweeper @@ -1503,8 +1503,8 @@ engines: - platform: shodan queries: - - http.html:"/apps/imt/html/" - http.title:"spark master at" + - http.html:"/apps/imt/html/" - platform: fofa queries: - body="/apps/imt/html/" @@ -1604,8 +1604,8 @@ - http.title:"openfire admin console" - platform: fofa queries: - - title="openfire admin console" - title="openfire" + - title="openfire admin console" - platform: google queries: - intitle:"openfire" @@ -1703,8 +1703,8 @@ engines: - platform: shodan queries: - - http.title:"hestia control panel" - http.favicon.hash:-476299640 + - http.title:"hestia control panel" - platform: fofa queries: - title="hestia control panel" @@ -1756,17 +1756,17 @@ - platform: shodan queries: - http.title:"login - pyload" - - http.title:"pyload" - http.html:"pyload" + - http.title:"pyload" - platform: fofa queries: - - body="pyload" - title="login - pyload" + - body="pyload" - title="pyload" - platform: google queries: - - intitle:"login - pyload" - intitle:"pyload" + - intitle:"login - pyload" - platform: zoomeye queries: - app:"pyload" @@ -1879,13 +1879,13 @@ engines: - platform: shodan queries: - - http.title:"coldfusion administrator login" - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" - cpe:"cpe:2.3:a:adobe:coldfusion" - platform: fofa queries: - - title="coldfusion administrator login" - app="adobe-coldfusion" + - title="coldfusion administrator login" - platform: google queries: - intitle:"coldfusion administrator login" @@ -1981,8 +1981,8 @@ engines: - platform: shodan queries: - - http.title:"kafka center" - http.title:"kafka consumer offset monitor" + - http.title:"kafka center" - platform: fofa queries: - title="kafka consumer offset monitor" @@ -2009,13 +2009,13 @@ engines: - platform: shodan queries: - - http.title:"apache solr" - http.title:"solr admin" - cpe:"cpe:2.3:a:apache:solr" + - http.title:"apache solr" - platform: fofa queries: - - title="solr admin" - title="apache solr" + - title="solr admin" - platform: google queries: - intitle:"solr admin" @@ -2152,12 +2152,12 @@ engines: - platform: shodan queries: - - http.title:"revive adserver" - http.favicon.hash:106844876 + - http.title:"revive adserver" - platform: fofa queries: - - title="revive adserver" - icon_hash=106844876 + - title="revive adserver" - platform: google queries: - intitle:"revive adserver" @@ -2204,13 +2204,13 @@ engines: - platform: shodan queries: - - http.title:"contao" - - http.html:"contao open source cms" - cpe:"cpe:2.3:a:contao:contao" + - http.html:"contao open source cms" + - http.title:"contao" - platform: fofa queries: - - body="contao open source cms" - title="contao" + - body="contao open source cms" - platform: google queries: - intitle:"contao" @@ -2236,8 +2236,8 @@ - platform: fofa queries: - title="cacti" - - title="login to cacti" - icon_hash="-1797138069" + - title="login to cacti" - platform: shodan queries: - http.favicon.hash:"-1797138069" @@ -2245,8 +2245,8 @@ - http.title:"login to cacti" - platform: google queries: - - intitle:"cacti" - intitle:"login to cacti" + - intitle:"cacti" - name: confluence_data_center vendor: atlassian @@ -2279,16 +2279,16 @@ engines: - platform: google queries: - - intitle:"jedox web login" - intitle:"jedox web - login" + - intitle:"jedox web login" - platform: shodan queries: - - http.title:"jedox web login" - http.title:"jedox web - login" + - http.title:"jedox web login" - platform: fofa queries: - - title="jedox web - login" - title="jedox web login" + - title="jedox web - login" - name: jaspersoft vendor: tibco @@ -2352,14 +2352,14 @@ engines: - platform: shodan queries: + - http.favicon.hash:892542951 - cpe:"cpe:2.3:a:zabbix:zabbix" - http.title:"zabbix-server" - - http.favicon.hash:892542951 - platform: fofa queries: + - title="zabbix-server" - app="zabbix-监控系统" && body="saml" - icon_hash=892542951 - - title="zabbix-server" - platform: google queries: - intitle:"zabbix-server" @@ -2370,8 +2370,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1067582922 - http.title:"incapptic" + - http.favicon.hash:-1067582922 - platform: fofa queries: - title="incapptic" @@ -2400,8 +2400,8 @@ engines: - platform: fofa queries: - - icon_hash="151132309" - title="cloudpanel" + - icon_hash="151132309" - platform: shodan queries: - http.title:"cloudpanel" @@ -2430,8 +2430,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:matomo:matomo" - http.favicon.hash:-2023266783 + - cpe:"cpe:2.3:a:matomo:matomo" - platform: fofa queries: - icon_hash=-2023266783 @@ -2478,8 +2478,8 @@ - intext:"totemomail" inurl:responsiveui - platform: shodan queries: - - http.html:"totemomail" inurl:responsiveui - http.html:responsiveui + - http.html:"totemomail" inurl:responsiveui - platform: fofa queries: - body="totemomail" inurl:responsiveui @@ -2563,8 +2563,8 @@ engines: - platform: shodan queries: - - http.title:"gitblit" - http.html:"gitblit" + - http.title:"gitblit" - platform: fofa queries: - title="gitblit" @@ -2643,8 +2643,8 @@ engines: - platform: shodan queries: - - http.html:"gocd version" - http.title:"create a pipeline - go" html:"gocd version" + - http.html:"gocd version" - platform: fofa queries: - title="create a pipeline - go" html:"gocd version" @@ -2687,14 +2687,14 @@ engines: - platform: fofa queries: - - title="openemr" - - body="openemr" - app="openemr" - icon_hash=1971268439 + - title="openemr" + - body="openemr" - platform: shodan queries: - - http.title:"openemr" - http.favicon.hash:1971268439 + - http.title:"openemr" - http.html:"openemr" - platform: google queries: @@ -2720,13 +2720,13 @@ engines: - platform: shodan queries: + - http.title:"openvpn-admin" - cpe:"cpe:2.3:a:openvpn:openvpn" - http.html:"router management - server openvpn" - - http.title:"openvpn-admin" - platform: fofa queries: - - body="router management - server openvpn" - title="openvpn-admin" + - body="router management - server openvpn" - platform: google queries: - intitle:"openvpn-admin" @@ -2827,16 +2827,16 @@ engines: - platform: shodan queries: - - http.title:"zimbra collaboration suite" - http.title:"zimbra web client sign in" + - http.title:"zimbra collaboration suite" - platform: fofa queries: - - title="zimbra collaboration suite" - title="zimbra web client sign in" + - title="zimbra collaboration suite" - platform: google queries: - - intitle:"zimbra web client sign in" - intitle:"zimbra collaboration suite" + - intitle:"zimbra web client sign in" - name: xxl-job vendor: xuxueli @@ -3039,8 +3039,8 @@ engines: - platform: shodan queries: - - http.html:"plesk obsidian" - http.title:"plesk obsidian" + - http.html:"plesk obsidian" - platform: fofa queries: - body="plesk obsidian" @@ -3141,9 +3141,9 @@ engines: - platform: shodan queries: + - http.component:"joomla" - cpe:"cpe:2.3:a:joomla:joomla\!" - http.html:"joomla! - open source content management" - - http.component:"joomla" - platform: fofa queries: - body="joomla! - open source content management" @@ -3235,8 +3235,8 @@ - http.title:"icinga web 2 login" - platform: fofa queries: - - title="icinga web 2 login" - title="icinga" + - title="icinga web 2 login" - platform: google queries: - intitle:"icinga" @@ -3294,8 +3294,8 @@ - http.title:"pulsar admin console" - platform: fofa queries: - - title="pulsar admin console" - title="pulsar admin ui" + - title="pulsar admin console" - platform: google queries: - intitle:"pulsar admin console" @@ -3384,8 +3384,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:"-1474875778" - http.title:"glpi" + - http.favicon.hash:"-1474875778" - platform: fofa queries: - title="glpi" @@ -3459,8 +3459,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:apache:activemq" - product:"activemq openwire transport" + - cpe:"cpe:2.3:a:apache:activemq" - name: pandora_fms vendor: pandorafms @@ -3511,8 +3511,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:662709064 - cpe:"cpe:2.3:a:mantisbt:mantisbt" + - http.favicon.hash:662709064 - platform: fofa queries: - icon_hash=662709064 @@ -3562,12 +3562,12 @@ engines: - platform: shodan queries: - - http.title:"servicenow" - http.favicon.hash:1701804003 + - http.title:"servicenow" - platform: fofa queries: - - icon_hash=1701804003 - title="servicenow" + - icon_hash=1701804003 - platform: google queries: - intitle:"servicenow" @@ -3589,8 +3589,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:oracle:commerce" - http.title:"oracle commerce" + - cpe:"cpe:2.3:a:oracle:commerce" - platform: fofa queries: - title="oracle commerce" @@ -3668,8 +3668,8 @@ engines: - platform: fofa queries: - - title="metersphere" - body="metersphere" + - title="metersphere" - platform: shodan queries: - http.html:"metersphere" @@ -3688,8 +3688,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:129457226 - cpe:"cpe:2.3:a:liferay:liferay_portal" + - http.favicon.hash:129457226 - platform: fofa queries: - icon_hash=129457226 @@ -3777,8 +3777,8 @@ engines: - platform: shodan queries: - - http.title:"tautulli - home" - http.title:"tautulli" + - http.title:"tautulli - home" - platform: fofa queries: - title="tautulli - home" @@ -3825,12 +3825,12 @@ engines: - platform: fofa queries: - - app="ektron-cms" - body="ektron" + - app="ektron-cms" - platform: shodan queries: - - http.html:"ektron" - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" + - http.html:"ektron" - name: kubernetes vendor: kubernetes @@ -3853,18 +3853,18 @@ engines: - platform: shodan queries: - - http.title:"github enterprise" - http.title:"setup github enterprise" + - http.title:"github enterprise" - micro focus dsd - platform: fofa queries: + - title="github enterprise" - title="setup github enterprise" - app="github-enterprise" - - title="github enterprise" - platform: google queries: - - intitle:"setup github enterprise" - intitle:"github enterprise" + - intitle:"setup github enterprise" - name: access_rights_manager vendor: solarwinds @@ -3984,9 +3984,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:minio:minio" - http.title:"minio browser" - http.title:"minio console" + - cpe:"cpe:2.3:a:minio:minio" - platform: fofa queries: - title="minio browser" @@ -4048,9 +4048,9 @@ - html:'content="papercut' - platform: shodan queries: - - cpe:"cpe:2.3:a:papercut:papercut_ng" - http.html:"content=\"papercut\"" - http.html:'content="papercut' + - cpe:"cpe:2.3:a:papercut:papercut_ng" - platform: fofa queries: - body='content="papercut' @@ -4235,9 +4235,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" - - http.html:"solarview compact" - http.favicon.hash:"-244067125" + - http.html:"solarview compact" + - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" - platform: fofa queries: - body="solarview compact" && title="top" @@ -4434,8 +4434,8 @@ engines: - platform: shodan queries: - - http.title:sugarcrm - http.html:"sugarcrm inc. all rights reserved" + - http.title:sugarcrm - platform: google queries: - intitle:sugarcrm @@ -4468,8 +4468,8 @@ - intitle:"ftm manager" - platform: shodan queries: - - http.html:"ftm manager" - http.title:"ftm manager" + - http.html:"ftm manager" - platform: fofa queries: - body="ftm manager" @@ -4516,12 +4516,12 @@ engines: - platform: google queries: - - intitle:"check point ssl network extender" - intitle:"ssl network extender login" + - intitle:"check point ssl network extender" - platform: shodan queries: - - http.title:"ssl network extender login" - http.title:"check point ssl network extender" + - http.title:"ssl network extender login" - platform: fofa queries: - title="check point ssl network extender" @@ -4615,8 +4615,8 @@ - http.title:"apex it help desk" - platform: fofa queries: - - app="zoho-流量管理" - title="apex it help desk" + - app="zoho-流量管理" - platform: google queries: - intitle:"apex it help desk" @@ -4762,12 +4762,12 @@ - 'content-length: 580 "http server 1.0"' - platform: fofa queries: - - title="photo station" - title="qnap" + - title="photo station" - platform: google queries: - - intitle:"photo station" - intitle:"qnap" + - intitle:"photo station" - name: smart_software_manager_on-prem vendor: cisco @@ -4857,8 +4857,8 @@ - http.title:"h-sphere" - platform: fofa queries: - - title="parallels h-sphere" - title="h-sphere" + - title="parallels h-sphere" - platform: google queries: - intitle:"parallels h-sphere" @@ -4904,9 +4904,9 @@ engines: - platform: shodan queries: - - http.title:"aem sign in" - cpe:"cpe:2.3:a:adobe:experience_manager" - http.component:"adobe experience manager" + - http.title:"aem sign in" - platform: fofa queries: - title="aem sign in" @@ -4920,12 +4920,12 @@ engines: - platform: shodan queries: - - http.title:"openvpn connect" - http.title:"adobe connect" + - http.title:"openvpn connect" - platform: fofa queries: - - title="adobe connect" - title="openvpn connect" + - title="adobe connect" - platform: google queries: - intitle:"adobe connect" @@ -4978,8 +4978,8 @@ - cpe:"cpe:2.3:a:concrete5:concrete5" - platform: fofa queries: - - title="concrete5" - title="install concrete5" + - title="concrete5" - platform: google queries: - intitle:"concrete5" @@ -5005,8 +5005,8 @@ engines: - platform: fofa queries: - - title="mesos" - app="apache-mesos" + - title="mesos" - platform: shodan queries: - http.title:"mesos" @@ -5034,8 +5034,8 @@ engines: - platform: fofa queries: - - fortimail && port=443 - title="fortimail" + - fortimail && port=443 - platform: shodan queries: - http.title:"fortimail" @@ -5067,8 +5067,8 @@ - http.title:"fortiwlm" - platform: fofa queries: - - body="fortiwlm" - title="fortiwlm" + - body="fortiwlm" - platform: google queries: - intitle:"fortiwlm" @@ -5093,10 +5093,10 @@ engines: - platform: shodan queries: - - http.html:"/remote/login" "xxxxxxxx" + - port:10443 http.favicon.hash:945408572 - http.favicon.hash:945408572 - cpe:"cpe:2.3:o:fortinet:fortios" - - port:10443 http.favicon.hash:945408572 + - http.html:"/remote/login" "xxxxxxxx" - platform: fofa queries: - icon_hash=945408572 @@ -5179,14 +5179,14 @@ engines: - platform: shodan queries: - - http.html:"apache struts" - http.title:"struts2 showcase" - http.html:"struts problem report" + - http.html:"apache struts" - platform: fofa queries: - - body="struts problem report" - - body="apache struts" - title="struts2 showcase" + - body="apache struts" + - body="struts problem report" - platform: google queries: - intitle:"struts2 showcase" @@ -5241,8 +5241,8 @@ - http.html:"weblogic application server" - platform: fofa queries: - - body="weblogic application server" - title="weblogic" + - body="weblogic application server" - platform: google queries: - intitle:"weblogic" @@ -5383,12 +5383,12 @@ engines: - platform: shodan queries: - - http.html:"microweber" - http.favicon.hash:780351152 + - http.html:"microweber" - platform: fofa queries: - - body="microweber" - icon_hash=780351152 + - body="microweber" - name: stock_ticker vendor: urosevic @@ -5581,8 +5581,8 @@ - header="think_lang" - platform: shodan queries: - - http.title:"thinkphp" - cpe:"cpe:2.3:a:thinkphp:thinkphp" + - http.title:"thinkphp" - platform: google queries: - intitle:"thinkphp" @@ -5716,8 +5716,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1469328760 - http.html:"pmb group" + - http.favicon.hash:1469328760 - platform: fofa queries: - icon_hash=1469328760 @@ -5880,12 +5880,12 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1521640213 - http.title:"hoteldruid" + - http.favicon.hash:-1521640213 - platform: fofa queries: - - icon_hash=-1521640213 - title="hoteldruid" + - icon_hash=-1521640213 - platform: google queries: - intitle:"hoteldruid" @@ -5896,8 +5896,8 @@ engines: - platform: shodan queries: - - http.html:"powered by atmail" - http.html:"atmail" + - http.html:"powered by atmail" - platform: fofa queries: - body="powered by atmail" @@ -5923,8 +5923,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-582931176 - cpe:"cpe:2.3:a:nexusphp:nexusphp" + - http.favicon.hash:-582931176 - platform: fofa queries: - icon_hash=-582931176 @@ -6097,9 +6097,9 @@ engines: - platform: fofa queries: + - title="openvpn connect" - app="rstudio-connect" - icon_hash=217119619 - - title="openvpn connect" - platform: shodan queries: - http.title:"openvpn connect" @@ -6132,8 +6132,8 @@ - body="ofbiz" - platform: shodan queries: - - ofbiz.visitor= - http.html:"ofbiz" + - ofbiz.visitor= - name: flatpress vendor: flatpress @@ -6145,8 +6145,8 @@ - http.html:"flatpress" - platform: fofa queries: - - body="flatpress" - icon_hash=-1189292869 + - body="flatpress" - name: masacms vendor: masacms @@ -6201,8 +6201,8 @@ engines: - platform: shodan queries: - - http.title:"moodle" - cpe:"cpe:2.3:a:moodle:moodle" + - http.title:"moodle" - platform: fofa queries: - title="moodle" @@ -6290,8 +6290,8 @@ - icon_hash="475145467" - platform: shodan queries: - - http.favicon.hash:"1624375939" - http.favicon.hash:"475145467" + - http.favicon.hash:"1624375939" - name: basic_pdu_firmware vendor: powertekpdus @@ -6329,8 +6329,8 @@ engines: - platform: fofa queries: - - icon_hash=-1250474341 - app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize" + - icon_hash=-1250474341 - platform: shodan queries: - http.favicon.hash:-1250474341 @@ -6609,8 +6609,8 @@ engines: - platform: fofa queries: - - title="identity management" - title="identity management" html:"freeipa" + - title="identity management" - platform: shodan queries: - http.title:"identity management" html:"freeipa" @@ -6757,8 +6757,8 @@ - icon_hash="-631559155" - platform: shodan queries: - - http.favicon.hash:"-631559155" - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + - http.favicon.hash:"-631559155" - name: User Meta vendor: User Meta @@ -6890,13 +6890,13 @@ engines: - platform: fofa queries: - - icon_hash=1484947000,1828756398,1170495932 - app="goanywhere-mft" - icon_hash=1484947000 + - icon_hash=1484947000,1828756398,1170495932 - platform: shodan queries: - - http.favicon.hash:1484947000 - http.favicon.hash:1484947000,1828756398,1170495932 + - http.favicon.hash:1484947000 - platform: zoomeye queries: - app:"fortra goanywhere-mft" @@ -6910,8 +6910,8 @@ - /wp-content/plugins/nextgen-gallery/ - platform: shodan queries: - - cpe:"cpe:2.3:a:imagely:nextgen_gallery" - http.html:/wp-content/plugins/nextgen-gallery/ + - cpe:"cpe:2.3:a:imagely:nextgen_gallery" - platform: fofa queries: - body=/wp-content/plugins/nextgen-gallery/ @@ -6954,18 +6954,18 @@ engines: - platform: fofa queries: - - wp-content/plugins/eventon/ - body=/wp-content/plugins/eventon-lite/ - body=/wp-content/plugins/eventon/ + - wp-content/plugins/eventon/ - platform: publicwww queries: - /wp-content/plugins/eventon/ - /wp-content/plugins/eventon-lite/ - platform: shodan queries: + - http.html:/wp-content/plugins/eventon-lite/ - vuln:cve-2023-2796 - http.html:/wp-content/plugins/eventon/ - - http.html:/wp-content/plugins/eventon-lite/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7063,8 +7063,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2097033750 - http.title:"verta ai" + - http.favicon.hash:-2097033750 - platform: zoomeye queries: - title:"verta ai" @@ -7107,8 +7107,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:chamilo:chamilo" - http.component:"chamilo" + - cpe:"cpe:2.3:a:chamilo:chamilo" - name: vrealize_network_insight vendor: vmware @@ -7120,12 +7120,12 @@ - http.title:"vmware vrealize network insight" - platform: fofa queries: - - title="vmware aria operations" - title="vmware vrealize network insight" + - title="vmware aria operations" - platform: google queries: - - intitle:"vmware vrealize network insight" - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" - name: mlflow vendor: lfprojects @@ -7136,8 +7136,8 @@ - http.title:"mlflow" - platform: fofa queries: - - app="mlflow" - title="mlflow" + - app="mlflow" - platform: google queries: - intitle:"mlflow" @@ -7459,8 +7459,8 @@ engines: - platform: shodan queries: - - http.html:"wago" - http.html:"/wbm/" html:"wago" + - http.html:"wago" - platform: fofa queries: - body="wago" @@ -7583,9 +7583,9 @@ engines: - platform: shodan queries: - - http.html:"papercut" - http.html:"content=\"papercut\"" - cpe:"cpe:2.3:a:papercut:papercut_mf" + - http.html:"papercut" - platform: fofa queries: - body="papercut" @@ -7723,8 +7723,8 @@ - http.title:"icewarp" - platform: fofa queries: - - icon_hash=2144485375 - title="icewarp" + - icon_hash=2144485375 - platform: google queries: - intitle:"icewarp" @@ -7844,13 +7844,13 @@ - craftcms - platform: shodan queries: + - http.favicon.hash:-47932290 - http.html:craftcms - cpe:"cpe:2.3:a:craftcms:craft_cms" - - http.favicon.hash:-47932290 - platform: fofa queries: - - icon_hash=-47932290 - body=craftcms + - icon_hash=-47932290 - name: companion_sitemap_generator vendor: codeermeneer @@ -8036,8 +8036,8 @@ - platform: shodan queries: - cpe:"cpe:2.3:a:alkacon:opencms" - - http.title:"opencms" - /opencms/ + - http.title:"opencms" - platform: fofa queries: - title="opencms" @@ -8166,10 +8166,10 @@ - intitle:"powered by vbulletin" - platform: shodan queries: - - http.html:"powered by vbulletin" - - http.component:"vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - http.title:"powered by vbulletin" + - http.component:"vbulletin" + - http.html:"powered by vbulletin" - platform: fofa queries: - body="powered by vbulletin" @@ -8278,8 +8278,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:spip:spip" - http.html:"spip.php?page=backend" + - cpe:"cpe:2.3:a:spip:spip" - platform: fofa queries: - body="spip.php?page=backend" @@ -8396,8 +8396,8 @@ - http.favicon.hash:688609340 - platform: fofa queries: - - icon_hash=688609340 - body="cockpit" + - icon_hash=688609340 - name: intercom_broadcast_system vendor: hikvision @@ -8563,8 +8563,8 @@ - platform: shodan queries: - http.title:"icewarp" - - http.title:"icewarp server administration" - cpe:"cpe:2.3:a:icewarp:mail_server" + - http.title:"icewarp server administration" - platform: fofa queries: - title="icewarp" @@ -8572,8 +8572,8 @@ - platform: google queries: - powered by icewarp 10.4.4 - - intitle:"icewarp server administration" - intitle:"icewarp" + - intitle:"icewarp server administration" - name: timekeeper vendor: fsmlabs @@ -8606,8 +8606,8 @@ engines: - platform: fofa queries: - - body="kubepi" - kubepi + - body="kubepi" - platform: shodan queries: - http.html:"kubepi" @@ -8650,8 +8650,8 @@ engines: - platform: fofa queries: - - app="kubeoperator" - body="kubeoperator" + - app="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8803,8 +8803,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:atlassian:confluence" - http.component:"atlassian confluence" + - cpe:"cpe:2.3:a:atlassian:confluence" - name: mypixs vendor: mypixs_project @@ -8970,8 +8970,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - http.title:"phppgadmin" + - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - platform: fofa queries: - title="phppgadmin" @@ -9098,8 +9098,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - http.title:"jboss" + - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - platform: fofa queries: - title="jboss" @@ -9121,8 +9121,8 @@ - title="gotify" - platform: google queries: - - intitle:"icewarp" - intitle:"gotify" + - intitle:"icewarp" - name: twitter_button vendor: bestwebsoft @@ -9211,8 +9211,8 @@ engines: - platform: fofa queries: - - app="dedecms" - body="dedecms" + - app="dedecms" - platform: shodan queries: - http.html:"dedecms" @@ -9306,8 +9306,8 @@ - app="laravel-framework" - platform: shodan queries: - - cpe:"cpe:2.3:a:laravel:laravel" - laravel-framework + - cpe:"cpe:2.3:a:laravel:laravel" - name: contact_form_multi vendor: bestwebsoft @@ -9329,8 +9329,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:zeit:next.js" - http.html:"/_next/static" + - cpe:"cpe:2.3:a:zeit:next.js" - platform: fofa queries: - body="/_next/static" @@ -9483,8 +9483,8 @@ engines: - platform: fofa queries: - - body="amcrest" - amcrest + - body="amcrest" - platform: shodan queries: - http.html:"amcrest" @@ -9761,8 +9761,8 @@ - http.favicon.hash:106844876 - platform: fofa queries: - - title="revive adserver" - icon_hash=106844876 + - title="revive adserver" - platform: google queries: - intitle:"revive adserver" @@ -9903,8 +9903,8 @@ engines: - platform: fofa queries: - - title="login to tlr-2855ks6" - product=="telesquare-tlr-2855ks6" + - title="login to tlr-2855ks6" - platform: shodan queries: - http.title:"login to tlr-2855ks6" @@ -9996,11 +9996,12 @@ engines: - platform: shodan queries: + - http.html:fudforum" - http.html:"fudforum" - 'http.html:"powered by: fudforum"' - platform: fofa queries: - - body="fudforum" + - body=fudforum" - 'body="powered by: fudforum"' - name: vigorconnect @@ -10433,9 +10434,9 @@ - http.title:"jellyfin" - platform: fofa queries: + - title="jellyfin" || body="http://jellyfin.media" - body="jellyfin" - title="jellyfin" - - title="jellyfin" || body="http://jellyfin.media" - platform: google queries: - intitle:"jellyfin" @@ -10580,12 +10581,12 @@ engines: - platform: fofa queries: - - title="oracle access management" - body="/oam/pages/css/login_page.css" + - title="oracle access management" - platform: shodan queries: - - http.html:"/oam/pages/css/login_page.css" - http.title:"oracle access management" + - http.html:"/oam/pages/css/login_page.css" - platform: google queries: - intitle:"oracle access management" @@ -10634,8 +10635,8 @@ engines: - platform: fofa queries: - - body="74cms" - app="74cms" + - body="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10804,8 +10805,8 @@ - http.html:"micollab" - platform: fofa queries: - - body="micollab" - body="mitel" html:"micollab" + - body="micollab" - name: zzcms vendor: zzcms @@ -10821,8 +10822,8 @@ engines: - platform: fofa queries: - - body="javax.faces.viewstate" - body="javax.faces.resource" + - body="javax.faces.viewstate" - platform: shodan queries: - http.html:"javax.faces.viewstate" @@ -10905,8 +10906,8 @@ - http.favicon.hash:-2032163853 - platform: fofa queries: - - title="login - jorani" - icon_hash=-2032163853 + - title="login - jorani" - platform: google queries: - intitle:"login - jorani" @@ -11328,8 +11329,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:openbsd:openssh" - product:"openssh" + - cpe:"cpe:2.3:a:openbsd:openssh" - name: mysql vendor: oracle @@ -15176,8 +15177,8 @@ engines: - platform: shodan queries: - - http.html:"solarview compact" - http.favicon.hash:"-244067125" + - http.html:"solarview compact" - cpe:"cpe:2.3:h:contec:solarview_compact" - platform: fofa queries: @@ -18752,12 +18753,12 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - - http.favicon.hash:1090061843 - http.title:"webtitan" + - http.favicon.hash:1090061843 - platform: google queries: - intitle:"webtitan" @@ -19066,18 +19067,18 @@ engines: - platform: fofa queries: - - title="openemr" - - body="openemr" - app="openemr" - icon_hash=1971268439 + - title="openemr" + - body="openemr" - platform: google queries: - intitle:"openemr" - platform: shodan queries: + - http.favicon.hash:1971268439 - http.title:"openemr" - http.html:"openemr" - - http.favicon.hash:1971268439 - name: download_monitor vendor: mikejolley