Pulse Secure Version

ID: pulse-secure-version

Severity: info

Author: dadevel

Tags: pulse,panel,pulsesecure

Description

YAML Source

id: pulse-secure-version

info:
  name: Pulse Secure Version
  author: dadevel
  severity: info
  classification:
    cpe: cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: pulsesecure
    product: pulse_connect_secure
    shodan-query: cpe:"cpe:2.3:a:pulsesecure:pulse_connect_secure"
  tags: pulse,panel,pulsesecure

http:
  - method: GET
    path:
      - "{{BaseURL}}/dana-na/nc/nc_gina_ver.txt" # not present in newer release
      - "{{BaseURL}}/dana-cached/hc/HostCheckerInstaller.osx"

    stop-at-first-match: true

    matchers-condition: or
    matchers:
      - type: word
        part: body
        words:
          - 'NAME="ProductVersion"'
          - "<key>version</key>"
        condition: or
        case-insensitive: true

    extractors:
      - type: regex
        group: 1
        part: body
        regex:
          - '(?i)NAME="ProductVersion"\s+?VALUE="([^"]+)"'

      - type: regex
        group: 1
        part: body
        regex:
          - "(?i)<string>([^<]+)</string>"
# digest: 4b0a00483046022100d89c1dc1b0c95fd003fc8c5618ad7437268b523fa7cf082517376933e09c051d022100db652e1f9349cff3a3f229f597212485ce9455c4d5093ca893c2471eafd67025:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposed-panels/pulse-secure-version.yaml"

View on Github