OcoMon Login Panel - Detect
ID: ocomon-panel
Severity: info
Author: dogasantos
Tags: panel,ocomon,oss,ocomon_project
Description
Section titled “Description”a tiny helpdesk system written in php
YAML Source
Section titled “YAML Source”id: ocomon-panel
info: name: OcoMon Login Panel - Detect author: dogasantos severity: info description: a tiny helpdesk system written in php reference: - https://sourceforge.net/projects/ocomonphp/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 cpe: cpe:2.3:a:ocomon_project:ocomon:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ocomon_project product: ocomon shodan-query: - http.html:"OcoMon" - http.html:"ocomon" fofa-query: body="ocomon" tags: panel,ocomon,oss,ocomon_project
http: - method: GET path: - "{{BaseURL}}"
host-redirects: true max-redirects: 2
matchers-condition: and matchers: - type: regex regex: - '(?i)(OcoMon)'
- type: word part: body words: - 'open_form/ticket_form_open.php'
extractors: - type: regex group: 1 regex: - 'Versão: ([0-9.]+)' - 'Versão: ([0-9.]+)'# digest: 4a0a0047304502202e1353f9a8b343edc697535206e86cfb08cd99f354da5b038ac1da497973caa7022100cd169c038152a88f64cd094041106bdaaa10c33a552e4aada07ecbd3a156f54a:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/exposed-panels/ocomon-panel.yaml"