From 12620ede8839ba1a0f901c8a98ff6d364c8163d6 Mon Sep 17 00:00:00 2001 From: Dolph Flynn <96876199+DolphFlynn@users.noreply.github.com> Date: Sun, 25 Feb 2024 10:14:02 +0000 Subject: [PATCH] Replace hardcoded User-Agent strings with variable. --- ...2018-1000129 - Jolokia 137 - Cross-Site Scripting.bcheck | 0 .../CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck | 4 ++-- ...2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck | 4 ++-- ... - Microsoft Open Management Infrastructure - RCE.bcheck | 4 ++-- .../CVE-2023-32563 - Ivanti Avalanche - RCE.bcheck | 6 +++--- .../CVE-2023-38035 - Ivanti Sentry - Auth Bypass.bcheck | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) mode change 100755 => 100644 vulnerabilities-CVEd/CVE-2018-1000129 - Jolokia 137 - Cross-Site Scripting.bcheck diff --git a/vulnerabilities-CVEd/CVE-2018-1000129 - Jolokia 137 - Cross-Site Scripting.bcheck b/vulnerabilities-CVEd/CVE-2018-1000129 - Jolokia 137 - Cross-Site Scripting.bcheck old mode 100755 new mode 100644 diff --git a/vulnerabilities-CVEd/CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck b/vulnerabilities-CVEd/CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck index b9f736b..5b72ff9 100644 --- a/vulnerabilities-CVEd/CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck +++ b/vulnerabilities-CVEd/CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck @@ -1,5 +1,5 @@ metadata: - language: v1-beta + language: v2-beta name: "CVE-2019-17662 - ThinVNC 1.0b1 - Auth Bypass" description: "Checks for CVE-2019-17662" author: "Dolph Flynn" @@ -13,7 +13,7 @@ given host then Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en-US;q=0.9,en;q=0.8 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 + User-Agent: {user_agent} Connection: close Cache-Control: max-age=0 diff --git a/vulnerabilities-CVEd/CVE-2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck b/vulnerabilities-CVEd/CVE-2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck index 9d51c82..bcc3181 100644 --- a/vulnerabilities-CVEd/CVE-2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck +++ b/vulnerabilities-CVEd/CVE-2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck @@ -1,5 +1,5 @@ metadata: - language: v1-beta + language: v2-beta name: "CVE-2020-35713 - Belkin Linksys RE6500 <1.0.012.001 - RCE" description: "Checks for CVE-2020-35713" author: "Dolph Flynn" @@ -10,7 +10,7 @@ given host then send request called check: `POST /goform/setSysAdm HTTP/1.1 Host: {base.request.url.host} - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.111 Safari/537.36 + User-Agent: {user_agent} Connection: close Accept-Encoding: gzip, deflate, br Accept: */* diff --git a/vulnerabilities-CVEd/CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE.bcheck b/vulnerabilities-CVEd/CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE.bcheck index 626ca5a..a6a6e6f 100644 --- a/vulnerabilities-CVEd/CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE.bcheck +++ b/vulnerabilities-CVEd/CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE.bcheck @@ -1,5 +1,5 @@ metadata: - language: v1-beta + language: v2-beta name: "CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE" description: "Checks for CVE-2021-38647" author: "Dolph Flynn" @@ -11,7 +11,7 @@ given host then `POST /wsman HTTP/1.1 Host: {base.request.url.host} Content-Type: application/soap+xml;charset=UTF-8 -User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36 +User-Agent: {user_agent} Connection: close