update nuclei-templates 2022-07-14 14:50:1657781408

Author: x51pwn

config/nuclei-templates/51pwn/checkGoDebug.yaml

@@ -0,0 +1,49 @@
+id: check_go_debug_ui
+info:
+  name: check_go_debug_ui
+  author: 51pwn
+  severity: critical
+  reference:
+    - https://github.com/hktalent/nuclei-templates
+    - https://51pwn.com
+  tags: web,go,debug
+
+# nuclei -duc -u http://localhost:9999 -t ./51pwn/checkGoDebug.yaml
+
+requests:
+  - raw:
+      - |+
+        GET /ui/{{mypaths}} HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
+        Accept:*/*
+        Pragma:no-cache
+        Accept-Encoding:gzip, deflate
+        Connection: close
+        Content-Length: 0
+        
+      # end payload
+    payloads:
+      mypaths:
+        - "top"
+        - "source"
+        - "flamegraph"
+
+    attack: pitchfork 
+    unsafe: true
+
+    req-condition: true
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<a[^>]+>(pprof|Top|Peek|Source|Disassemble)<\/a>'
+      - type: word
+        part: body
+        words:
+          - 'Output annotated source for functions matching regexp'
+          - 'Output assembly listings annotated with samples'
+          - 'Display profile as a directed graph'
+        condition: and

config/nuclei-templates/cves/2011/CVE-2011-1669.yaml

@@ -13,6 +13,8 @@ info:
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-1669
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-custom-pages/"
   tags: cve,cve2011,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-4618.yaml

@@ -12,6 +12,8 @@ info:
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4618
+  metadata:
+    google-query: inurl:"/wp-content/plugins/advanced-text-widget"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
@@ -22,9 +24,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "</script><script>alert(document.domain)</script>"
-        part: body
 
       - type: word
         part: header

config/nuclei-templates/cves/2011/CVE-2011-4624.yaml

@@ -12,6 +12,8 @@ info:
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4624
+  metadata:
+    google-query: inurl:"/wp-content/plugins/flash-album-gallery"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-4926.yaml

@@ -12,6 +12,8 @@ info:
     - http://www.openwall.com/lists/oss-security/2012/01/10/9
   classification:
     cve-id: CVE-2011-4926
+  metadata:
+    google-query: inurl:"/wp-content/plugins/adminimize/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
@@ -22,9 +24,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "</script><script>alert(document.domain)</script>"
-        part: body
 
       - type: word
         part: header

config/nuclei-templates/cves/2011/CVE-2011-5106.yaml

@@ -12,6 +12,8 @@ info:
     - http://wordpress.org/extend/plugins/flexible-custom-post-type/changelog/
   classification:
     cve-id: CVE-2011-5106
+  metadata:
+    google-query: inurl:"/wp-content/plugins/flexible-custom-post-type/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-5107.yaml

@@ -12,6 +12,8 @@ info:
     - http://web.archive.org/web/20201208110708/https://www.securityfocus.com/archive/1/520590/100/0/threaded
   classification:
     cve-id: CVE-2011-5107
+  metadata:
+    google-query: inurl:"/wp-content/plugins/alert-before-your-post"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-5179.yaml

@@ -12,6 +12,8 @@ info:
     - http://web.archive.org/web/20210614205347/https://www.securityfocus.com/archive/1/520662/100/0/threaded
   classification:
     cve-id: CVE-2011-5179
+  metadata:
+    google-query: inurl:"/wp-content/plugins/skysa-official/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-5181.yaml

@@ -11,6 +11,8 @@ info:
     - http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
   classification:
     cve-id: CVE-2011-5181
+  metadata:
+    google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2011/CVE-2011-5265.yaml

@@ -11,6 +11,8 @@ info:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/71468
   classification:
     cve-id: CVE-2011-5265
+  metadata:
+    google-query: inurl:"/wp-content/plugins/featurific-for-wordpress"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2012/CVE-2012-0896.yaml

@@ -12,6 +12,8 @@ info:
     - http://plugins.trac.wordpress.org/changeset/488883/count-per-day
   classification:
     cve-id: CVE-2012-0896
+  metadata:
+    google-query: inurl:"/wp-content/plugins/count-per-day"
   tags: cve,cve2012,lfi,wordpress,wp-plugin,traversal
 
 requests:

config/nuclei-templates/cves/2012/CVE-2012-0901.yaml

@@ -11,6 +11,8 @@ info:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/72271
   classification:
     cve-id: CVE-2012-0901
+  metadata:
+    google-query: inurl:"/wp-content/plugins/yousaytoo-auto-publishing-plugin"
   tags: cve,cve2012,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2012/CVE-2012-1835.yaml

@@ -12,6 +12,8 @@ info:
     - https://www.htbridge.com/advisory/HTB23082
   classification:
     cve-id: CVE-2012-1835
+  metadata:
+    google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar"
   tags: cve,cve2012,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2012/CVE-2012-4273.yaml

@@ -12,6 +12,8 @@ info:
     - http://packetstormsecurity.org/files/112615/WordPress-2-Click-Socialmedia-Buttons-Cross-Site-Scripting.html
   classification:
     cve-id: CVE-2012-4273
+  metadata:
+    google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons"
   tags: cve,cve2012,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2013/CVE-2013-2287.yaml

@@ -10,6 +10,8 @@ info:
     - https://www.dognaedis.com/vulns/DGS-SEC-16.html
   classification:
     cve-id: CVE-2013-2287
+  metadata:
+    google-query: inurl:"/wp-content/plugins/uploader"
   tags: cve,cve2013,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2013/CVE-2013-3526.yaml

@@ -11,6 +11,8 @@ info:
     - http://web.archive.org/web/20210123051939/https://www.securityfocus.com/bid/58948/
   classification:
     cve-id: CVE-2013-3526
+  metadata:
+    google-query: inurl:"/wp-content/plugins/trafficanalyzer"
   tags: cve,cve2013,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2013/CVE-2013-4117.yaml

@@ -11,6 +11,8 @@ info:
     - http://seclists.org/bugtraq/2013/Jul/17
   classification:
     cve-id: CVE-2013-4117
+  metadata:
+    google-query: inurl:"/wp-content/plugins/category-grid-view-gallery"
   tags: cve,cve2013,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2013/CVE-2013-4625.yaml

@@ -13,6 +13,8 @@ info:
   remediation: Upgrade to Duplicator 0.4.5 or later.
   classification:
     cve-id: CVE-2013-4625
+  metadata:
+    google-query: inurl:"/wp-content/plugins/duplicator"
   tags: cve,cve2013,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2013/CVE-2013-7240.yaml

@@ -15,6 +15,8 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2013-7240
     cwe-id: CWE-22
+  metadata:
+    google-query: inurl:"/wp-content/plugins/advanced-dewplayer/"
   tags: cve,cve2013,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-4513.yaml

@@ -10,6 +10,8 @@ info:
     - http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss
   classification:
     cve-id: CVE-2014-4513
+  metadata:
+    google-query: inurl:"/wp-content/plugins/activehelper-livehelp"
   tags: cve,cve2014,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-4536.yaml

@@ -15,6 +15,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2014-4536
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
   tags: cve,cve2014,wordpress,wp-plugin,xss
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-4550.yaml

@@ -14,6 +14,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2014-4550
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/shortcode-ninja"
   tags: cve,cve2014,wordpress,wp-plugin,xss
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-4592.yaml

@@ -14,6 +14,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2014-4592
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-planet"
   tags: cve,cve2014,wordpress,wp-plugin,xss
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-4940.yaml

@@ -11,6 +11,8 @@ info:
     - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/
   classification:
     cve-id: CVE-2014-4940
+  metadata:
+    google-query: inurl:"/wp-content/plugins/tera-charts"
   tags: cve,cve2014,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-5368.yaml

@@ -12,6 +12,8 @@ info:
     - http://seclists.org/oss-sec/2014/q3/417
   classification:
     cve-id: CVE-2014-5368
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-source-control"
   tags: cve,cve2014,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-8799.yaml

@@ -12,6 +12,8 @@ info:
     - https://wordpress.org/plugins/dukapress/changelog/
   classification:
     cve-id: CVE-2014-8799
+  metadata:
+    google-query: inurl:"/wp-content/plugins/dukapress"
   tags: cve,cve2014,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2014/CVE-2014-9094.yaml

@@ -12,6 +12,8 @@ info:
     - http://web.archive.org/web/20210615134835/https://www.securityfocus.com/bid/68525
   classification:
     cve-id: CVE-2014-9094
+  metadata:
+    google-query: inurl:"/wp-content/plugins/dzs-videogallery"
   tags: cve,cve2014,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-1000012.yaml

@@ -16,6 +16,8 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2015-1000012
     cwe-id: CWE-200
+  metadata:
+    google-query: inurl:"/wp-content/plugins/mypixs"
   tags: cve,cve2015,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-2807.yaml

@@ -12,6 +12,8 @@ info:
     - https://wordpress.org/plugins/navis-documentcloud/changelog/
   classification:
     cve-id: CVE-2015-2807
+  metadata:
+    google-query: inurl:"/wp-content/plugins/navis-documentcloud"
   tags: cve,cve2015,wordpress,wp-plugin,xss
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-4414.yaml

@@ -12,6 +12,8 @@ info:
     - http://packetstormsecurity.com/files/132266/WordPress-SE-HTML5-Album-Audio-Player-1.1.0-Directory-Traversal.html
   classification:
     cve-id: CVE-2015-4414
+  metadata:
+    google-query: inurl:"/wp-content/plugins/se-html5-album-audio-player"
   tags: cve,cve2015,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-4694.yaml

@@ -15,6 +15,8 @@ info:
     cvss-score: 8.6
     cve-id: CVE-2015-4694
     cwe-id: CWE-22
+  metadata:
+    google-query: inurl:"/wp-content/plugins/zip-attachments"
   tags: lfi,wordpress,cve,cve2015,wp-plugin
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-5461.yaml

@@ -12,6 +12,8 @@ info:
     - http://seclists.org/fulldisclosure/2015/Jul/27
   classification:
     cve-id: CVE-2015-5461
+  metadata:
+    google-query: inurl:"/wp-content/plugins/stageshow/"
   tags: redirect,cve,cve2015,wordpress,wp-plugin
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-5471.yaml

@@ -16,6 +16,8 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2015-5471
     cwe-id: CWE-22
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-swimteam"
   tags: cve,cve2015,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-9414.yaml

@@ -15,6 +15,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2015-9414
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-symposium"
   tags: cve,cve2015,wordpress,wp-plugin,xss
 
 requests:

config/nuclei-templates/cves/2015/CVE-2015-9480.yaml

@@ -13,6 +13,8 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2015-9480
     cwe-id: CWE-22
+  metadata:
+    google-query: inurl:"/wp-content/plugins/robotcpa"
   tags: cve,cve2015,wordpress,wp-plugin,lfi
 
 requests:

config/nuclei-templates/cves/2016/CVE-2016-1000126.yaml

@@ -15,6 +15,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2016-1000126
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/admin-font-editor"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:

config/nuclei-templates/cves/2016/CVE-2016-1000128.yaml

@@ -13,6 +13,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2016-1000128
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/anti-plagiarism"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests: