漏洞描述
Detects exposed Invicti Enterprise Installation page.
invicti-enterprise-installer: Invicti Enterprise Installation Page - Exposure
PoC代码[已公开]
id: invicti-enterprise-installer
info:
name: Invicti Enterprise Installation Page - Exposure
author: DhiyaneshDK
severity: high
description: |
Detects exposed Invicti Enterprise Installation page.
reference:
- https://www.invicti.com/
metadata:
verified: true
max-request: 1
shodan-query: html:"Invicti Enterprise - Installation Wizard"
tags: misconfig,install,exposure,invicti,vuln
http:
- method: GET
path:
- "{{BaseURL}}/wizard/database/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Invicti Enterprise - Installation Wizard"
- type: status
status:
- 200
# digest: 4a0a0047304502206dbb8b2c2ebe3f063eae301bdfb84c4cc01786c3b18093e0f9ff4500c1d5d25602210084cdf61108a96ec645451e42c037ba4eb8ad9684c831b03a1ef304001eed459a:922c64590222798bb761d5b6d8e72950