Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace hardcoded User-Agent strings with variable. #183

Merged
merged 1 commit into from
Feb 26, 2024
+11 −11
Merged

Replace hardcoded User-Agent strings with variable. #183

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Empty file modified vulnerabilities-CVEd/CVE-2018-1000129 - Jolokia 137 - Cross-Site Scripting.bcheck
100755 → 100644
View file
Open in desktop
Empty file.
4 changes: 2 additions & 2 deletions vulnerabilities-CVEd/CVE-2019-17662 - ThinVNC 10b1 - Auth Bypass.bcheck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
metadata:
language: v1-beta
language: v2-beta
name: "CVE-2019-17662 - ThinVNC 1.0b1 - Auth Bypass"
description: "Checks for CVE-2019-17662"
author: "Dolph Flynn"
Expand All @@ -13,7 +13,7 @@ given host then
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
User-Agent: {user_agent}
Connection: close
Cache-Control: max-age=0

Expand Down
4 changes: 2 additions & 2 deletions vulnerabilities-CVEd/CVE-2020-35713 - Belkin Linksys RE6500 10012001 - RCE.bcheck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
metadata:
language: v1-beta
language: v2-beta
name: "CVE-2020-35713 - Belkin Linksys RE6500 <1.0.012.001 - RCE"
description: "Checks for CVE-2020-35713"
author: "Dolph Flynn"
Expand All @@ -10,7 +10,7 @@ given host then
send request called check:
`POST /goform/setSysAdm HTTP/1.1
Host: {base.request.url.host}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.111 Safari/537.36
User-Agent: {user_agent}
Connection: close
Accept-Encoding: gzip, deflate, br
Accept: */*
Expand Down
4 changes: 2 additions & 2 deletions vulnerabilities-CVEd/CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE.bcheck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
metadata:
language: v1-beta
language: v2-beta
name: "CVE-2021-38647 - Microsoft Open Management Infrastructure - RCE"
description: "Checks for CVE-2021-38647"
author: "Dolph Flynn"
Expand All @@ -11,7 +11,7 @@ given host then
`POST /wsman HTTP/1.1
Host: {base.request.url.host}
Content-Type: application/soap+xml;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36
User-Agent: {user_agent}
Connection: close

<s:Envelope
Expand Down
6 changes: 3 additions & 3 deletions vulnerabilities-CVEd/CVE-2023-32563 - Ivanti Avalanche - RCE.bcheck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# https://twitter.com/wvuuuuuuuuuuuuu/status/1694956245742923939

metadata:
language: v1-beta
language: v2-beta
name: "CVE-2023-32563 - Ivanti Avalanche - RCE"
description: "Checks for CVE-2023-32563"
author: "Dolph Flynn"
Expand All @@ -20,7 +20,7 @@ given host then
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
User-Agent: {user_agent}
Content-Length: 333
Content-Type: multipart/form-data; boundary=------------------------92afcaa4bcd3c990
Connection: close
Expand All @@ -44,7 +44,7 @@ out.println("{test_nonce}");
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
User-Agent: {user_agent}
Connection: close

`
Expand Down
4 changes: 2 additions & 2 deletions vulnerabilities-CVEd/CVE-2023-38035 - Ivanti Sentry - Auth Bypass.bcheck
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
metadata:
language: v1-beta
language: v2-beta
name: "CVE-2023-38035 - Ivanti Sentry - Auth Bypass"
description: "Checks for CVE-2023-38035"
author: "Dolph Flynn"
Expand All @@ -15,7 +15,7 @@ given host then
send request called check:
`POST /mics/services/MICSLogService HTTP/1.1
Host: {base.request.url.host}
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36
User-Agent: {user_agent}
Connection: close
Content-Length: 133
Content-Type: application/json
Expand Down
Loading