From e0c79e9609ea4cf06919f85977339c540121af3d Mon Sep 17 00:00:00 2001 From: sank Date: Tue, 26 Sep 2023 11:53:59 +0545 Subject: [PATCH 1/7] my template extracts all the keys if the word twilio is present. --- file/keys/twilio-api.yaml | 4 ++-- http/exposures/tokens/twilio/twilio-api-key.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/file/keys/twilio-api.yaml b/file/keys/twilio-api.yaml index 9895746a8ac..34b11d04a53 100644 --- a/file/keys/twilio-api.yaml +++ b/file/keys/twilio-api.yaml @@ -2,7 +2,7 @@ id: twilio-api info: name: Twilio API Key - author: gaurang + author: gaurang, shankar acharya severity: high tags: token,file @@ -13,4 +13,4 @@ file: extractors: - type: regex regex: - - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" \ No newline at end of file + - "(?i)twilio(.{0,20})?[0-9a-f]{32,34}" \ No newline at end of file diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 1817e57b892..9d5fea97667 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -20,4 +20,4 @@ http: - type: regex part: body regex: - - '(?i)twilio.{0,20}\b(sk[a-f0-9]{32})\b' \ No newline at end of file + - '(?i)twilio.{0,20}\b[a-f0-9]{32,34})\b' \ No newline at end of file From d5046b1dae287b2c5cc0d72919970627c2f7a970 Mon Sep 17 00:00:00 2001 From: shankar acharya <34772838+5hank4r@users.noreply.github.com> Date: Tue, 26 Sep 2023 12:30:07 +0545 Subject: [PATCH 2/7] Update twilio-api-key.yaml --- http/exposures/tokens/twilio/twilio-api-key.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 9d5fea97667..1d32c3facdf 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -20,4 +20,4 @@ http: - type: regex part: body regex: - - '(?i)twilio.{0,20}\b[a-f0-9]{32,34})\b' \ No newline at end of file + - '(?i)twilio.{0,20}[a-f0-9]{32,34}' From f06822363f4c228abe306dda4b8596ba9c049dea Mon Sep 17 00:00:00 2001 From: shankar acharya <34772838+5hank4r@users.noreply.github.com> Date: Tue, 26 Sep 2023 12:30:36 +0545 Subject: [PATCH 3/7] Update twilio-api-key.yaml --- http/exposures/tokens/twilio/twilio-api-key.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 1d32c3facdf..6467fb6b201 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -2,7 +2,7 @@ id: twilio-api-key info: name: Twilio API Key - author: DhiyaneshDK + author: DhiyaneshDK, Shankar Acharya severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/twilio.yml From 69c3edb6586e5c2b2924ad68f91d3a66513655ac Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Oct 2023 18:28:59 +0530 Subject: [PATCH 4/7] revert commit --- file/keys/twilio-api.yaml | 4 ++-- http/exposures/tokens/twilio/twilio-api-key.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/file/keys/twilio-api.yaml b/file/keys/twilio-api.yaml index 34b11d04a53..9895746a8ac 100644 --- a/file/keys/twilio-api.yaml +++ b/file/keys/twilio-api.yaml @@ -2,7 +2,7 @@ id: twilio-api info: name: Twilio API Key - author: gaurang, shankar acharya + author: gaurang severity: high tags: token,file @@ -13,4 +13,4 @@ file: extractors: - type: regex regex: - - "(?i)twilio(.{0,20})?[0-9a-f]{32,34}" \ No newline at end of file + - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" \ No newline at end of file diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 6467fb6b201..bd47136fd0d 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -20,4 +20,8 @@ http: - type: regex part: body regex: +<<<<<<< HEAD - '(?i)twilio.{0,20}[a-f0-9]{32,34}' +======= + - '(?i)twilio.{0,20}\b(sk[a-f0-9]{32})\b' +>>>>>>> parent of e0c79e960 (my template extracts all the keys if the word twilio is present.) From a5f50bfcfbd8c2402ffe697e00567d5999927a85 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Oct 2023 18:30:30 +0530 Subject: [PATCH 5/7] revert commit --- http/exposures/tokens/twilio/twilio-api-key.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index bd47136fd0d..32b40385c14 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -20,8 +20,4 @@ http: - type: regex part: body regex: -<<<<<<< HEAD - - '(?i)twilio.{0,20}[a-f0-9]{32,34}' -======= - '(?i)twilio.{0,20}\b(sk[a-f0-9]{32})\b' ->>>>>>> parent of e0c79e960 (my template extracts all the keys if the word twilio is present.) From d289d08865bf8b7bb04e6a9153a967c35e08d9a6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Oct 2023 18:31:07 +0530 Subject: [PATCH 6/7] Update twilio-api-key.yaml --- http/exposures/tokens/twilio/twilio-api-key.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 32b40385c14..c266684e0a8 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -2,7 +2,7 @@ id: twilio-api-key info: name: Twilio API Key - author: DhiyaneshDK, Shankar Acharya + author: DhiyaneshDK severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/twilio.yml From 751ddc980ace86074d2b035e9d9cb6ddd5622153 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Oct 2023 18:33:29 +0530 Subject: [PATCH 7/7] Create CVE-2023-33405.yaml --- http/cves/2023/CVE-2023-33405.yaml | 35 ++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 http/cves/2023/CVE-2023-33405.yaml diff --git a/http/cves/2023/CVE-2023-33405.yaml b/http/cves/2023/CVE-2023-33405.yaml new file mode 100644 index 00000000000..91127abd2a3 --- /dev/null +++ b/http/cves/2023/CVE-2023-33405.yaml @@ -0,0 +1,35 @@ +id: CVE-2023-33405 + +info: + name: BlogEngine CMS - Open Redirect + author: Shankar Acharya + severity: medium + description: | + Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect + reference: + - https://github.com/hacip/CVE-2023-33405 + - https://nvd.nist.gov/vuln/detail/CVE-2023-33405 + remediation: | + Update to the latest version of blogengine.net CMS to fix the open redirect vulnerability. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/Au:N/C:N/I:P/A:N + cvss-score: 6.1 + cve-id: CVE-2023-33405 + cwe-id: CWE-601 + metadata: + max-request: 1 + product: blogengine_cms + vendor: blogengine + verified: true + tags: cve,cve2023,Blogengine,cms,redirect + +http: + - method: GET + path: + - "{{BaseURL}}/default.aspx?years=http://oast.pro" + + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$' + part: header