From c815a51e0a551b4f394cf27649ec5f26bd0dc3b1 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Wed, 5 Jun 2024 00:05:29 +0000 Subject: [PATCH] Syncing queries from Templates --- QUERIES.yaml | 380 +++++++++++++++++++++++++-------------------------- 1 file changed, 190 insertions(+), 190 deletions(-) diff --git a/QUERIES.yaml b/QUERIES.yaml index da0a15a..a48cf2b 100644 --- a/QUERIES.yaml +++ b/QUERIES.yaml @@ -28,8 +28,8 @@ engines: - platform: shodan queries: - - redis - redis_version + - redis - name: siemens vendor: conpot @@ -56,13 +56,13 @@ engines: - platform: shodan queries: - - http.title:"ws_ftp server web transfer" - - http.title:"ad hoc transfer" - ws_ftp port:22 + - http.title:"ad hoc transfer" + - http.title:"ws_ftp server web transfer" - platform: fofa queries: - - title="ad hoc transfer" - title="ws_ftp server web transfer" + - title="ad hoc transfer" - platform: google queries: - intitle:"ad hoc transfer" @@ -86,9 +86,9 @@ engines: - platform: fofa queries: - - title="rocketmq" - - title="rocketmq-console-ng" - protocol="rocketmq" + - title="rocketmq-console-ng" + - title="rocketmq" - platform: shodan queries: - http.title:"rocketmq" @@ -104,9 +104,9 @@ engines: - platform: shodan queries: - - product:"cisco ios http config" && 200 - - cpe:"cpe:2.3:o:cisco:ios" - product:"cisco ios http config" + - cpe:"cpe:2.3:o:cisco:ios" + - product:"cisco ios http config" && 200 - name: airflow vendor: apache @@ -114,18 +114,18 @@ engines: - platform: shodan queries: - - http.title:"sign in - airflow" - http.title:"airflow - dags" || http.html:"apache airflow" + - http.title:"sign in - airflow" - product:"redis" - platform: fofa queries: - - apache airflow - title="airflow - dags" || http.html:"apache airflow" - title="sign in - airflow" + - apache airflow - platform: google queries: - - intitle:"airflow - dags" || http.html:"apache airflow" - intitle:"sign in - airflow" + - intitle:"airflow - dags" || http.html:"apache airflow" - name: geode vendor: apache @@ -147,8 +147,8 @@ engines: - platform: shodan queries: - - http.title:"oracle peoplesoft sign-in" - product:"oracle weblogic" + - http.title:"oracle peoplesoft sign-in" - platform: fofa queries: - title="oracle peoplesoft sign-in" @@ -201,9 +201,9 @@ engines: - platform: shodan queries: - - http.component:"atlassian jira" - cpe:"cpe:2.3:a:atlassian:jira" - http.component:"atlassian confluence" + - http.component:"atlassian jira" - name: arcgis_server vendor: esri @@ -238,9 +238,9 @@ engines: - platform: shodan queries: + - http.html:"apache tomcat" - http.title:"apache tomcat" - cpe:"cpe:2.3:a:apache:tomcat" - - http.html:"apache tomcat" - platform: fofa queries: - body="apache tomcat" @@ -296,8 +296,8 @@ engines: - platform: shodan queries: - - http.html:"genieacs" - http.favicon.hash:-2098066288 + - http.html:"genieacs" - platform: fofa queries: - icon_hash=-2098066288 @@ -334,14 +334,14 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:microsoft:exchange_server" - vuln:cve-2021-26855 + - cpe:"cpe:2.3:a:microsoft:exchange_server" - http.title:"outlook" - http.favicon.hash:1768726119 - platform: fofa queries: - - icon_hash=1768726119 - title="outlook" + - icon_hash=1768726119 - platform: google queries: - intitle:"outlook" @@ -489,8 +489,8 @@ - http.html:"weiphp5.0" - platform: fofa queries: - - body="weiphp" - body="weiphp5.0" + - body="weiphp" - name: processwire vendor: processwire @@ -599,9 +599,9 @@ engines: - platform: shodan queries: - - http.title:"osticket installer" - - http.title:"osticket" - http.html:"powered by osticket" + - http.title:"osticket" + - http.title:"osticket installer" - platform: fofa queries: - title="osticket" @@ -609,8 +609,8 @@ - title="osticket installer" - platform: google queries: - - intitle:"osticket installer" - intitle:"osticket" + - intitle:"osticket installer" - name: big-ip_access_policy_manager vendor: f5 @@ -668,8 +668,8 @@ engines: - platform: shodan queries: - - http.title:"mailing lists" - cpe:"cpe:2.3:a:gnu:mailman" + - http.title:"mailing lists" - platform: fofa queries: - title="mailing lists" @@ -768,12 +768,12 @@ - platform: shodan queries: - http.html:"powered by gitea version" - - cpe:"cpe:2.3:a:gitea:gitea" - http.title:"gitea" + - cpe:"cpe:2.3:a:gitea:gitea" - platform: fofa queries: - - title="gitea" - body="powered by gitea version" + - title="gitea" - platform: google queries: - intitle:"gitea" @@ -833,8 +833,8 @@ - platform: shodan queries: - http.title:"cpanel" - - cpe:"cpe:2.3:a:cpanel:cpanel" - http.title:"cpanel - api codes" + - cpe:"cpe:2.3:a:cpanel:cpanel" - platform: fofa queries: - title="cpanel" @@ -850,8 +850,8 @@ engines: - platform: fofa queries: - - title="intelbras" - app="intelbras" + - title="intelbras" - platform: shodan queries: - http.title:"intelbras" @@ -865,13 +865,13 @@ engines: - platform: shodan queries: - - http.title:"phpmyadmin" - http.component:"phpmyadmin" - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + - http.title:"phpmyadmin" - platform: fofa queries: - - title="phpmyadmin" - body="pma_servername" && body="4.8.4" + - title="phpmyadmin" - platform: google queries: - intitle:"phpmyadmin" @@ -925,12 +925,12 @@ engines: - platform: shodan queries: - - http.title:"ivanti connect secure" - http.html:"welcome.cgi?p=logo" + - http.title:"ivanti connect secure" - platform: fofa queries: - - body="welcome.cgi?p=logo" - title="ivanti connect secure" + - body="welcome.cgi?p=logo" - platform: google queries: - intitle:"ivanti connect secure" @@ -980,8 +980,8 @@ engines: - platform: shodan queries: - - http.component:"drupal" - cpe:"cpe:2.3:a:drupal:drupal" + - http.component:"drupal" - name: piwigo vendor: piwigo @@ -989,8 +989,8 @@ engines: - platform: fofa queries: - - icon_hash=540706145 - title="piwigo" + - icon_hash=540706145 - platform: google queries: - powered by piwigo @@ -1029,8 +1029,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - http.title:phppgadmin + - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" - platform: fofa queries: - title=phppgadmin @@ -1072,12 +1072,12 @@ engines: - platform: shodan queries: - - http.title:"sophos web appliance" - http.favicon.hash:-893681401 + - http.title:"sophos web appliance" - platform: fofa queries: - - title="sophos web appliance" - icon_hash=-893681401 + - title="sophos web appliance" - platform: google queries: - intitle:"sophos web appliance" @@ -1210,15 +1210,15 @@ engines: - platform: fofa queries: - - body="qlik" - title="qlik-sense" - app="qlik-sense" + - body="qlik" - icon_hash=-74348711 - platform: shodan queries: - http.html:"qlik" - - http.title:"qlik-sense" - http.favicon.hash:-74348711 + - http.title:"qlik-sense" - platform: google queries: - intitle:"qlik-sense" @@ -1269,8 +1269,8 @@ - title="metasploit - setup and configuration" - platform: google queries: - - intitle:"metasploit" - intitle:"metasploit - setup and configuration" + - intitle:"metasploit" - name: linkerd vendor: linkerd @@ -1293,8 +1293,8 @@ - http.title:"sophos mobile" - platform: fofa queries: - - title="sophos mobile" - icon_hash=-1274798165 + - title="sophos mobile" - platform: google queries: - intitle:"sophos mobile" @@ -1348,8 +1348,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" - http.title:"squirrelmail" + - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" - platform: fofa queries: - title="squirrelmail" @@ -1457,14 +1457,14 @@ - intitle:"3cx phone system management console" - platform: shodan queries: - - http.title:"3cx phone system management console" - http.title:"3cx webclient" + - http.title:"3cx phone system management console" - http.favicon.hash:970132176 - platform: fofa queries: + - icon_hash=970132176 - title="3cx phone system management console" - title="3cx webclient" - - icon_hash=970132176 - name: lansweeper vendor: lansweeper @@ -1576,8 +1576,8 @@ - http.html:"amcrest" "ldap user" - platform: fofa queries: - - body="amcrest" - body="amcrest" "ldap user" + - body="amcrest" - name: influxdb vendor: influxdata @@ -1585,8 +1585,8 @@ engines: - platform: shodan queries: - - http.title:"influxdb - admin interface" - influxdb + - http.title:"influxdb - admin interface" - platform: fofa queries: - title="influxdb - admin interface" @@ -1620,8 +1620,8 @@ - intitle:"sign in - gogs" - platform: shodan queries: - - cpe:"cpe:2.3:a:gogs:gogs" - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" - platform: fofa queries: - title="sign in - gogs" @@ -1660,8 +1660,8 @@ - http.favicon.hash:-82958153 - platform: fofa queries: - - app="screenconnect-remote-support-software" - icon_hash=-82958153 + - app="screenconnect-remote-support-software" - platform: hunter queries: - app.name="connectwise screenconnect software" @@ -1703,8 +1703,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-476299640 - http.title:"hestia control panel" + - http.favicon.hash:-476299640 - platform: fofa queries: - icon_hash=-476299640 @@ -1760,9 +1760,9 @@ - http.title:"pyload" - platform: fofa queries: + - title="login - pyload" - title="pyload" - body="pyload" - - title="login - pyload" - platform: google queries: - intitle:"pyload" @@ -1882,8 +1882,8 @@ - http.title:"coldfusion administrator login" - platform: fofa queries: - - title="coldfusion administrator login" - app="adobe-coldfusion" + - title="coldfusion administrator login" - platform: google queries: - intitle:"coldfusion administrator login" @@ -1936,13 +1936,13 @@ engines: - platform: shodan queries: - - http.html:"keycloak" - http.title:"keycloak" + - http.html:"keycloak" - http.favicon.hash:-1105083093 - platform: fofa queries: - - body="keycloak" - icon_hash=-1105083093 + - body="keycloak" - title="keycloak" - platform: google queries: @@ -1987,8 +1987,8 @@ - title="kafka consumer offset monitor" - platform: google queries: - - intitle:"kafka consumer offset monitor" - intitle:"kafka center" + - intitle:"kafka consumer offset monitor" - name: open-xchange_appsuite vendor: open-xchange @@ -2008,8 +2008,8 @@ - platform: shodan queries: - http.title:"apache solr" - - cpe:"cpe:2.3:a:apache:solr" - http.title:"solr admin" + - cpe:"cpe:2.3:a:apache:solr" - platform: fofa queries: - title="apache solr" @@ -2079,8 +2079,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:odoo:odoo" - http.title:"odoo" + - cpe:"cpe:2.3:a:odoo:odoo" - platform: fofa queries: - title="odoo" @@ -2154,8 +2154,8 @@ - http.favicon.hash:106844876 - platform: fofa queries: - - title="revive adserver" - icon_hash=106844876 + - title="revive adserver" - platform: google queries: - intitle:"revive adserver" @@ -2203,12 +2203,12 @@ - platform: shodan queries: - http.title:"contao" - - http.html:"contao open source cms" - cpe:"cpe:2.3:a:contao:contao" + - http.html:"contao open source cms" - platform: fofa queries: - - title="contao" - body="contao open source cms" + - title="contao" - platform: google queries: - intitle:"contao" @@ -2234,8 +2234,8 @@ - platform: fofa queries: - title="cacti" - - icon_hash="-1797138069" - title="login to cacti" + - icon_hash="-1797138069" - platform: shodan queries: - http.title:"cacti" @@ -2277,16 +2277,16 @@ engines: - platform: google queries: - - intitle:"jedox web login" - intitle:"jedox web - login" + - intitle:"jedox web login" - platform: shodan queries: - http.title:"jedox web - login" - http.title:"jedox web login" - platform: fofa queries: - - title="jedox web login" - title="jedox web - login" + - title="jedox web login" - name: jaspersoft vendor: tibco @@ -2355,8 +2355,8 @@ - http.favicon.hash:892542951 - platform: fofa queries: - - app="zabbix-监控系统" && body="saml" - icon_hash=892542951 + - app="zabbix-监控系统" && body="saml" - title="zabbix-server" - platform: google queries: @@ -2398,8 +2398,8 @@ engines: - platform: fofa queries: - - icon_hash="151132309" - title="cloudpanel" + - icon_hash="151132309" - platform: shodan queries: - http.title:"cloudpanel" @@ -2428,8 +2428,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-2023266783 - cpe:"cpe:2.3:a:matomo:matomo" + - http.favicon.hash:-2023266783 - platform: fofa queries: - icon_hash=-2023266783 @@ -2559,8 +2559,8 @@ engines: - platform: shodan queries: - - http.title:"gitblit" - http.html:"gitblit" + - http.title:"gitblit" - platform: fofa queries: - body="gitblit" @@ -2639,12 +2639,12 @@ engines: - platform: shodan queries: - - http.html:"gocd version" - http.title:"create a pipeline - go" html:"gocd version" + - http.html:"gocd version" - platform: fofa queries: - - title="create a pipeline - go" html:"gocd version" - body="gocd version" + - title="create a pipeline - go" html:"gocd version" - platform: google queries: - intitle:"create a pipeline - go" html:"gocd version" @@ -2683,10 +2683,10 @@ engines: - platform: fofa queries: - - icon_hash=1971268439 - - app="openemr" - body="openemr" - title="openemr" + - icon_hash=1971268439 + - app="openemr" - platform: shodan queries: - http.title:"openemr" @@ -2716,9 +2716,9 @@ engines: - platform: shodan queries: + - cpe:"cpe:2.3:a:openvpn:openvpn" - http.title:"openvpn-admin" - http.html:"router management - server openvpn" - - cpe:"cpe:2.3:a:openvpn:openvpn" - platform: fofa queries: - body="router management - server openvpn" @@ -2823,16 +2823,16 @@ engines: - platform: shodan queries: - - http.title:"zimbra web client sign in" - http.title:"zimbra collaboration suite" + - http.title:"zimbra web client sign in" - platform: fofa queries: - title="zimbra web client sign in" - title="zimbra collaboration suite" - platform: google queries: - - intitle:"zimbra web client sign in" - intitle:"zimbra collaboration suite" + - intitle:"zimbra web client sign in" - name: xxl-job vendor: xuxueli @@ -3035,8 +3035,8 @@ engines: - platform: shodan queries: - - http.html:"plesk obsidian" - http.title:"plesk obsidian" + - http.html:"plesk obsidian" - platform: fofa queries: - title="plesk obsidian" @@ -3137,9 +3137,9 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:joomla:joomla\!" - - http.component:"joomla" - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" - platform: fofa queries: - body="joomla! - open source content management" @@ -3164,8 +3164,8 @@ engines: - platform: shodan queries: - - http.title:"manager" product:"wowza streaming engine" - cpe:"cpe:2.3:a:wowza:streaming_engine" + - http.title:"manager" product:"wowza streaming engine" - platform: fofa queries: - title="manager" product:"wowza streaming engine" @@ -3179,8 +3179,8 @@ engines: - platform: shodan queries: - - 'x-powered-by: craft cms' - 'x-powered-by: craft cms html:"seomatic"' + - 'x-powered-by: craft cms' - name: opencats vendor: opencats @@ -3227,8 +3227,8 @@ engines: - platform: shodan queries: - - http.title:"icinga" - http.title:"icinga web 2 login" + - http.title:"icinga" - platform: fofa queries: - title="icinga" @@ -3290,8 +3290,8 @@ - http.title:"pulsar admin ui" - platform: fofa queries: - - title="pulsar admin console" - title="pulsar admin ui" + - title="pulsar admin console" - platform: google queries: - intitle:"pulsar admin console" @@ -3332,8 +3332,8 @@ - http.favicon.hash:1949005079 - platform: fofa queries: - - body="modoboa" - icon_hash=1949005079 + - body="modoboa" - name: monstra_cms vendor: monstra @@ -3425,8 +3425,8 @@ engines: - platform: shodan queries: - - http.title:"grafana" - cpe:"cpe:2.3:a:grafana:grafana" + - http.title:"grafana" - platform: fofa queries: - title="grafana" @@ -3455,8 +3455,8 @@ engines: - platform: shodan queries: - - product:"activemq openwire transport" - cpe:"cpe:2.3:a:apache:activemq" + - product:"activemq openwire transport" - name: pandora_fms vendor: pandorafms @@ -3562,8 +3562,8 @@ - http.title:"servicenow" - platform: fofa queries: - - icon_hash=1701804003 - title="servicenow" + - icon_hash=1701804003 - platform: google queries: - intitle:"servicenow" @@ -3585,8 +3585,8 @@ engines: - platform: shodan queries: - - http.title:"oracle commerce" - cpe:"cpe:2.3:a:oracle:commerce" + - http.title:"oracle commerce" - platform: fofa queries: - title="oracle commerce" @@ -3773,8 +3773,8 @@ engines: - platform: shodan queries: - - http.title:"tautulli - home" - http.title:"tautulli" + - http.title:"tautulli - home" - platform: fofa queries: - title="tautulli" @@ -3821,8 +3821,8 @@ engines: - platform: fofa queries: - - body="ektron" - app="ektron-cms" + - body="ektron" - platform: shodan queries: - cpe:"cpe:2.3:a:ektron:ektron_content_management_system" @@ -3849,13 +3849,13 @@ engines: - platform: shodan queries: - - http.title:"github enterprise" - http.title:"setup github enterprise" + - http.title:"github enterprise" - platform: fofa queries: - title="github enterprise" - - title="setup github enterprise" - app="github-enterprise" + - title="setup github enterprise" - platform: google queries: - intitle:"github enterprise" @@ -3979,18 +3979,18 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:minio:minio" - - http.title:"minio console" - http.title:"minio browser" + - http.title:"minio console" + - cpe:"cpe:2.3:a:minio:minio" - platform: fofa queries: + - title="minio console" - title="minio browser" - app="minio" - - title="minio console" - platform: google queries: - - intitle:"minio console" - intitle:"minio browser" + - intitle:"minio console" - name: umbraco_cms vendor: umbraco @@ -4043,13 +4043,13 @@ - html:'content="papercut' - platform: shodan queries: + - cpe:"cpe:2.3:a:papercut:papercut_ng" - http.html:"content=\"papercut\"" - http.html:'content="papercut' - - cpe:"cpe:2.3:a:papercut:papercut_ng" - platform: fofa queries: - - body="content=\"papercut\"" - body='content="papercut' + - body="content=\"papercut\"" - name: ilias vendor: ilias @@ -4108,8 +4108,8 @@ - http.favicon.hash:-379154636 - platform: fofa queries: - - icon_hash=-379154636 - title="kubeview" + - icon_hash=-379154636 - platform: google queries: - intitle:"kubeview" @@ -4231,13 +4231,13 @@ - platform: shodan queries: - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" - - http.html:"solarview compact" - http.favicon.hash:"-244067125" + - http.html:"solarview compact" - platform: fofa queries: + - body="solarview compact" - icon_hash="-244067125" - body="solarview compact" && title="top" - - body="solarview compact" - name: backup_appliance vendor: exagrid @@ -4376,8 +4376,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.favicon.hash:1090061843 @@ -4427,8 +4427,8 @@ engines: - platform: shodan queries: - - http.html:"sugarcrm inc. all rights reserved" - http.title:sugarcrm + - http.html:"sugarcrm inc. all rights reserved" - platform: google queries: - intitle:sugarcrm @@ -4461,8 +4461,8 @@ - intitle:"ftm manager" - platform: shodan queries: - - http.html:"ftm manager" - http.title:"ftm manager" + - http.html:"ftm manager" - platform: fofa queries: - body="ftm manager" @@ -4474,8 +4474,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:1582430156 - http.html:"apache superset" + - http.favicon.hash:1582430156 - platform: fofa queries: - icon_hash=1582430156 @@ -4509,16 +4509,16 @@ engines: - platform: google queries: - - intitle:"check point ssl network extender" - intitle:"ssl network extender login" + - intitle:"check point ssl network extender" - platform: shodan queries: - - http.title:"check point ssl network extender" - http.title:"ssl network extender login" + - http.title:"check point ssl network extender" - platform: fofa queries: - - title="check point ssl network extender" - title="ssl network extender login" + - title="check point ssl network extender" - name: jboss_enterprise_web_platform vendor: redhat @@ -4565,8 +4565,8 @@ - http.title:"manageengine desktop central 10" - platform: fofa queries: - - title="manageengine desktop central 10" - app="zoho-manageengine-desktop" + - title="manageengine desktop central 10" - platform: google queries: - intitle:"manageengine desktop central 10" @@ -4676,8 +4676,8 @@ engines: - platform: shodan queries: - - http.title:"adselfservice plus" - http.title:"manageengine" + - http.title:"adselfservice plus" - platform: fofa queries: - title="manageengine" @@ -4751,8 +4751,8 @@ - platform: shodan queries: - http.title:"qnap" - - 'content-length: 580 "http server 1.0"' - http.title:"photo station" + - 'content-length: 580 "http server 1.0"' - platform: fofa queries: - title="qnap" @@ -4846,12 +4846,12 @@ engines: - platform: shodan queries: - - http.title:"h-sphere" - http.title:"parallels h-sphere" + - http.title:"h-sphere" - platform: fofa queries: - - title="h-sphere" - title="parallels h-sphere" + - title="h-sphere" - platform: google queries: - intitle:"parallels h-sphere" @@ -4967,8 +4967,8 @@ - platform: shodan queries: - http.title:"concrete5" - - http.title:"install concrete5" - cpe:"cpe:2.3:a:concrete5:concrete5" + - http.title:"install concrete5" - platform: fofa queries: - title="install concrete5" @@ -5027,8 +5027,8 @@ engines: - platform: fofa queries: - - fortimail && port=443 - title="fortimail" + - fortimail && port=443 - platform: shodan queries: - http.title:"fortimail" @@ -5060,8 +5060,8 @@ - http.html:"fortiwlm" - platform: fofa queries: - - title="fortiwlm" - body="fortiwlm" + - title="fortiwlm" - platform: google queries: - intitle:"fortiwlm" @@ -5086,14 +5086,14 @@ engines: - platform: shodan queries: - - http.favicon.hash:945408572 - cpe:"cpe:2.3:o:fortinet:fortios" - port:10443 http.favicon.hash:945408572 + - http.favicon.hash:945408572 - http.html:"/remote/login" "xxxxxxxx" - platform: fofa queries: - - icon_hash=945408572 - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 - name: fortiap vendor: fortinet @@ -5140,8 +5140,8 @@ engines: - platform: fofa queries: - - icon_hash=-1961736892 - title="dzzoffice" + - icon_hash=-1961736892 - platform: shodan queries: - http.favicon.hash:-1961736892 @@ -5152,8 +5152,8 @@ engines: - platform: fofa queries: - - body="kkfileview" - app="kkfileview" + - body="kkfileview" - platform: shodan queries: - http.html:"kkfileview" @@ -5172,13 +5172,13 @@ engines: - platform: shodan queries: + - http.title:"struts2 showcase" - http.html:"apache struts" - http.html:"struts problem report" - - http.title:"struts2 showcase" - platform: fofa queries: - - body="apache struts" - body="struts problem report" + - body="apache struts" - title="struts2 showcase" - platform: google queries: @@ -5230,12 +5230,12 @@ engines: - platform: shodan queries: - - http.html:"weblogic application server" - http.title:"weblogic" + - http.html:"weblogic application server" - platform: fofa queries: - - title="weblogic" - body="weblogic application server" + - title="weblogic" - platform: google queries: - intitle:"weblogic" @@ -5270,8 +5270,8 @@ engines: - platform: shodan queries: - - http.html:"eleanor" - cpe:"cpe:2.3:a:eleanor-cms:eleanor_cms" + - http.html:"eleanor" - platform: fofa queries: - body="eleanor" @@ -5375,8 +5375,8 @@ engines: - platform: shodan queries: - - http.html:"microweber" - http.favicon.hash:780351152 + - http.html:"microweber" - platform: fofa queries: - body="microweber" @@ -5509,8 +5509,8 @@ engines: - platform: shodan queries: - - http.title:"wi-fi app login" - http.html:"wavlink" + - http.title:"wi-fi app login" - platform: fofa queries: - body="wavlink" @@ -5569,8 +5569,8 @@ engines: - platform: fofa queries: - - header="think_lang" - title="thinkphp" + - header="think_lang" - platform: shodan queries: - http.title:"thinkphp" @@ -5610,8 +5610,8 @@ engines: - platform: shodan queries: - - http.title:"wi-fi app login" - http.html:"wn530hg4" + - http.title:"wi-fi app login" - platform: fofa queries: - body="wn530hg4" @@ -5692,8 +5692,8 @@ engines: - platform: fofa queries: - - product=="tenda-11n-wireless-ap" - title="tenda 11n" + - product=="tenda-11n-wireless-ap" - platform: shodan queries: - http.title:"tenda 11n" @@ -5711,8 +5711,8 @@ - http.favicon.hash:1469328760 - platform: fofa queries: - - body="pmb group" - icon_hash=1469328760 + - body="pmb group" - name: eshop_-_ecommerce_\/_store_website vendor: wrteam @@ -5875,8 +5875,8 @@ - http.favicon.hash:-1521640213 - platform: fofa queries: - - title="hoteldruid" - icon_hash=-1521640213 + - title="hoteldruid" - platform: google queries: - intitle:"hoteldruid" @@ -5891,8 +5891,8 @@ - http.html:"powered by atmail" - platform: fofa queries: - - body="powered by atmail" - body="atmail" + - body="powered by atmail" - name: device_manager_express vendor: audiocodes @@ -6050,8 +6050,8 @@ engines: - platform: shodan queries: - - http.title:"wi-fi app login" - http.html:"wavlink" + - http.title:"wi-fi app login" - platform: fofa queries: - body="wavlink" @@ -6089,12 +6089,12 @@ - platform: fofa queries: - icon_hash=217119619 - - title="openvpn connect" - app="rstudio-connect" + - title="openvpn connect" - platform: shodan queries: - - http.title:"openvpn connect" - http.favicon.hash:217119619 + - http.title:"openvpn connect" - platform: google queries: - intitle:"openvpn connect" @@ -6132,8 +6132,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:-1189292869 - http.html:"flatpress" + - http.favicon.hash:-1189292869 - platform: fofa queries: - icon_hash=-1189292869 @@ -6192,8 +6192,8 @@ engines: - platform: shodan queries: - - http.title:"moodle" - cpe:"cpe:2.3:a:moodle:moodle" + - http.title:"moodle" - platform: fofa queries: - title="moodle" @@ -6277,12 +6277,12 @@ - platform: fofa queries: - icon_hash="475145467" - - icon_hash="1624375939" - app="zimbra-邮件系统" + - icon_hash="1624375939" - platform: shodan queries: - - http.favicon.hash:"1624375939" - http.favicon.hash:"475145467" + - http.favicon.hash:"1624375939" - name: basic_pdu_firmware vendor: powertekpdus @@ -6434,8 +6434,8 @@ engines: - platform: shodan queries: - - http.html:"reprise license manager" - http.html:"reprise license" + - http.html:"reprise license manager" - platform: fofa queries: - body="reprise license manager" @@ -6695,8 +6695,8 @@ engines: - platform: shodan queries: - - http.component:"bitbucket" - cpe:"cpe:2.3:a:atlassian:bitbucket" + - http.component:"bitbucket" - name: lin-cms-spring-boot vendor: talelin @@ -6881,9 +6881,9 @@ engines: - platform: fofa queries: + - app="goanywhere-mft" - icon_hash=1484947000 - icon_hash=1484947000,1828756398,1170495932 - - app="goanywhere-mft" - platform: shodan queries: - http.favicon.hash:1484947000,1828756398,1170495932 @@ -6901,8 +6901,8 @@ - /wp-content/plugins/nextgen-gallery/ - platform: shodan queries: - - http.html:/wp-content/plugins/nextgen-gallery/ - cpe:"cpe:2.3:a:imagely:nextgen_gallery" + - http.html:/wp-content/plugins/nextgen-gallery/ - platform: fofa queries: - body=/wp-content/plugins/nextgen-gallery/ @@ -6945,8 +6945,8 @@ engines: - platform: fofa queries: - - body=/wp-content/plugins/eventon-lite/ - wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon-lite/ - body=/wp-content/plugins/eventon/ - platform: publicwww queries: @@ -6954,9 +6954,9 @@ - /wp-content/plugins/eventon/ - platform: shodan queries: - - http.html:/wp-content/plugins/eventon/ - - http.html:/wp-content/plugins/eventon-lite/ - vuln:cve-2023-2796 + - http.html:/wp-content/plugins/eventon-lite/ + - http.html:/wp-content/plugins/eventon/ - platform: google queries: - inurl:"/wp-content/plugins/eventon/" @@ -7051,8 +7051,8 @@ engines: - platform: shodan queries: - - http.title:"verta ai" - http.favicon.hash:-2097033750 + - http.title:"verta ai" - platform: zoomeye queries: - title:"verta ai" @@ -7104,16 +7104,16 @@ engines: - platform: shodan queries: - - http.title:"vmware vrealize network insight" - http.title:"vmware aria operations" + - http.title:"vmware vrealize network insight" - platform: fofa queries: - title="vmware vrealize network insight" - title="vmware aria operations" - platform: google queries: - - intitle:"vmware vrealize network insight" - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" - name: mlflow vendor: lfprojects @@ -7247,8 +7247,8 @@ engines: - platform: fofa queries: - - app="powerjob" - body="powerjob" + - app="powerjob" - platform: shodan queries: - http.html:"powerjob" @@ -7572,12 +7572,12 @@ - platform: shodan queries: - http.html:"content=\"papercut\"" - - cpe:"cpe:2.3:a:papercut:papercut_mf" - http.html:"papercut" + - cpe:"cpe:2.3:a:papercut:papercut_mf" - platform: fofa queries: - - body="content=\"papercut\"" - body="papercut" + - body="content=\"papercut\"" - name: import_xml_and_rss_feeds vendor: mooveagency @@ -7711,8 +7711,8 @@ - http.favicon.hash:2144485375 - platform: fofa queries: - - icon_hash=2144485375 - title="icewarp" + - icon_hash=2144485375 - platform: google queries: - intitle:"icewarp" @@ -7833,12 +7833,12 @@ - platform: shodan queries: - http.favicon.hash:-47932290 - - http.html:craftcms - cpe:"cpe:2.3:a:craftcms:craft_cms" + - http.html:craftcms - platform: fofa queries: - - icon_hash=-47932290 - body=craftcms + - icon_hash=-47932290 - name: companion_sitemap_generator vendor: codeermeneer @@ -8023,9 +8023,9 @@ engines: - platform: shodan queries: - - http.title:"opencms" - /opencms/ - cpe:"cpe:2.3:a:alkacon:opencms" + - http.title:"opencms" - platform: fofa queries: - title="opencms" @@ -8155,8 +8155,8 @@ - platform: shodan queries: - http.title:"powered by vbulletin" - - http.component:"vbulletin" - http.html:"powered by vbulletin" + - http.component:"vbulletin" - cpe:"cpe:2.3:a:vbulletin:vbulletin" - platform: fofa queries: @@ -8266,8 +8266,8 @@ engines: - platform: shodan queries: - - http.html:"spip.php?page=backend" - cpe:"cpe:2.3:a:spip:spip" + - http.html:"spip.php?page=backend" - platform: fofa queries: - body="spip.php?page=backend" @@ -8278,8 +8278,8 @@ engines: - platform: fofa queries: - - moosocial - icon_hash="702863115" + - moosocial - platform: shodan queries: - http.favicon.hash:"702863115" @@ -8312,8 +8312,8 @@ - app="microsoft-sharepoint" - platform: shodan queries: - - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - http.headers_hash:-1968878704 + - cpe:"cpe:2.3:a:microsoft:sharepoint_server" - name: manageengine_firewall_analyzer vendor: zohocorp @@ -8368,8 +8368,8 @@ engines: - platform: fofa queries: - - app="majordomosl" - icon_hash=1903390397 + - app="majordomosl" - platform: shodan queries: - http.favicon.hash:1903390397 @@ -8380,8 +8380,8 @@ engines: - platform: shodan queries: - - http.favicon.hash:688609340 - http.html:"cockpit" + - http.favicon.hash:688609340 - platform: fofa queries: - body="cockpit" @@ -8500,8 +8500,8 @@ - http.favicon.hash:463802404 - platform: fofa queries: - - icon_hash=463802404 - body="ray dashboard" + - icon_hash=463802404 - name: magnusbilling vendor: magnussolution @@ -8550,18 +8550,18 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:icewarp:mail_server" - - http.title:"icewarp" - http.title:"icewarp server administration" + - http.title:"icewarp" + - cpe:"cpe:2.3:a:icewarp:mail_server" - platform: fofa queries: - - title="icewarp server administration" - title="icewarp" + - title="icewarp server administration" - platform: google queries: - intitle:"icewarp server administration" - - powered by icewarp 10.4.4 - intitle:"icewarp" + - powered by icewarp 10.4.4 - name: timekeeper vendor: fsmlabs @@ -8629,8 +8629,8 @@ - http.html:requires a local sentry administrative user" - platform: fofa queries: - - 'body="note: requires a local sentry administrative user"' - body=requires a local sentry administrative user" + - 'body="note: requires a local sentry administrative user"' - name: kubeoperator vendor: fit2cloud @@ -8638,8 +8638,8 @@ engines: - platform: fofa queries: - - body="kubeoperator" - app="kubeoperator" + - body="kubeoperator" - platform: shodan queries: - http.html:"kubeoperator" @@ -8702,8 +8702,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:home-assistant:home-assistant" - http.title:"home assistant" + - cpe:"cpe:2.3:a:home-assistant:home-assistant" - platform: fofa queries: - title="home assistant" @@ -8755,8 +8755,8 @@ engines: - platform: shodan queries: - - '"microsoft-iis" "2015"' - cpe:"cpe:2.3:o:microsoft:windows_7" + - '"microsoft-iis" "2015"' - name: tivoli_common_reporting vendor: ibm @@ -8791,8 +8791,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:atlassian:confluence" - http.component:"atlassian confluence" + - cpe:"cpe:2.3:a:atlassian:confluence" - name: mypixs vendor: mypixs_project @@ -9085,8 +9085,8 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - http.title:"jboss" + - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" - platform: fofa queries: - title="jboss" @@ -9100,16 +9100,16 @@ engines: - platform: shodan queries: - - http.title:"icewarp" - http.title:"gotify" + - http.title:"icewarp" - platform: fofa queries: - title="icewarp" - title="gotify" - platform: google queries: - - intitle:"gotify" - intitle:"icewarp" + - intitle:"gotify" - name: twitter_button vendor: bestwebsoft @@ -9202,8 +9202,8 @@ - body="dedecms" - platform: shodan queries: - - cpe:"cpe:2.3:a:dedecms:dedecms" - http.html:"dedecms" + - cpe:"cpe:2.3:a:dedecms:dedecms" - name: custom_admin_page vendor: bestwebsoft @@ -9293,8 +9293,8 @@ - app="laravel-framework" - platform: shodan queries: - - laravel-framework - cpe:"cpe:2.3:a:laravel:laravel" + - laravel-framework - name: contact_form_multi vendor: bestwebsoft @@ -9470,8 +9470,8 @@ engines: - platform: fofa queries: - - body="amcrest" - amcrest + - body="amcrest" - platform: shodan queries: - http.html:"amcrest" @@ -9748,8 +9748,8 @@ - http.favicon.hash:106844876 - platform: fofa queries: - - title="revive adserver" - icon_hash=106844876 + - title="revive adserver" - platform: google queries: - intitle:"revive adserver" @@ -9890,8 +9890,8 @@ engines: - platform: fofa queries: - - title="login to tlr-2855ks6" - product=="telesquare-tlr-2855ks6" + - title="login to tlr-2855ks6" - platform: shodan queries: - http.title:"login to tlr-2855ks6" @@ -9987,7 +9987,7 @@ - 'http.html:"powered by: fudforum"' - platform: fofa queries: - - body="fudforum" + - body=fudforum" - 'body="powered by: fudforum"' - name: vigorconnect @@ -10416,8 +10416,8 @@ engines: - platform: shodan queries: - - http.title:"jellyfin" - http.html:"jellyfin" + - http.title:"jellyfin" - platform: fofa queries: - title="jellyfin" || body="http://jellyfin.media" @@ -10621,8 +10621,8 @@ engines: - platform: fofa queries: - - body="74cms" - app="74cms" + - body="74cms" - platform: shodan queries: - http.html:"74cms" @@ -10787,12 +10787,12 @@ engines: - platform: shodan queries: - - http.html:"micollab" - http.html:"mitel" html:"micollab" + - http.html:"micollab" - platform: fofa queries: - - body="micollab" - body="mitel" html:"micollab" + - body="micollab" - name: zzcms vendor: zzcms @@ -10812,8 +10812,8 @@ - body="javax.faces.viewstate" - platform: shodan queries: - - http.html:"javax.faces.resource" - http.html:"javax.faces.viewstate" + - http.html:"javax.faces.resource" - name: wn575a4_firmware vendor: wavlink @@ -10892,8 +10892,8 @@ - http.favicon.hash:-2032163853 - platform: fofa queries: - - icon_hash=-2032163853 - title="login - jorani" + - icon_hash=-2032163853 - platform: google queries: - intitle:"login - jorani" @@ -11315,8 +11315,8 @@ engines: - platform: shodan queries: - - product:"openssh" - cpe:"cpe:2.3:a:openbsd:openssh" + - product:"openssh" - name: mysql vendor: oracle @@ -15163,13 +15163,13 @@ engines: - platform: shodan queries: - - cpe:"cpe:2.3:h:contec:solarview_compact" - - http.html:"solarview compact" - http.favicon.hash:"-244067125" + - http.html:"solarview compact" + - cpe:"cpe:2.3:h:contec:solarview_compact" - platform: fofa queries: - - icon_hash="-244067125" - body="solarview compact" + - icon_hash="-244067125" - name: mc3 vendor: crestron @@ -18272,8 +18272,8 @@ engines: - platform: shodan queries: - - http.html:"aspera faspex" - cpe:"cpe:2.3:o:linux:linux_kernel" + - http.html:"aspera faspex" - platform: fofa queries: - body="aspera faspex" @@ -18739,8 +18739,8 @@ engines: - platform: fofa queries: - - title="webtitan" - icon_hash=1090061843 + - title="webtitan" - platform: shodan queries: - http.title:"webtitan" @@ -19053,9 +19053,9 @@ engines: - platform: fofa queries: - - icon_hash=1971268439 - body="openemr" - title="openemr" + - icon_hash=1971268439 - platform: google queries: - intitle:"openemr"