mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 07:43:27 +08:00
50 lines
1.5 KiB
YAML
50 lines
1.5 KiB
YAML
id: clawdbot-gw-exposure
|
|
|
|
info:
|
|
name: Clawdbot Gateway - Detect
|
|
author: rxerium
|
|
severity: info
|
|
description: |
|
|
Clawdbot Gateway service was detected exposing configuration information via mDNS including DNS settings, gateway details, and service configuration.
|
|
classification:
|
|
cwe-id: CWE-200
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: "clawdbot-gw"
|
|
fofa-query: body="ClawdBot"
|
|
tags: network,clawdbot,gateway,exposure,udp,mdns,js,discovery
|
|
|
|
javascript:
|
|
- pre-condition: |
|
|
isUDPPortOpen(Host,Port);
|
|
|
|
code: |
|
|
let c = require("nuclei/net");
|
|
let conn = c.Open('udp', `${Host}:${Port}`);
|
|
// mDNS query for _clawdbot-gw._tcp.local PTR record
|
|
let packet = "0000000000010000000000000c5f636c617764626f742d6777045f746370056c6f63616c00000c0001"
|
|
conn.SendHex(packet);
|
|
let resp = conn.RecvString();
|
|
resp;
|
|
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: 5353
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "success == true"
|
|
- "contains(response, 'clawdbot')"
|
|
- "contains(response, 'role=gateway')"
|
|
condition: and
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: response
|
|
name: server
|
|
group: 1
|
|
regex:
|
|
- 'displayName=([a-zA-Z0-9._-]+)'
|
|
# digest: 4b0a00483046022100bcaa6c3f54c0653fb130315c0bbdf5a1a4bc77663d0b05cf76a8a89692cc3d82022100c0ad46aae125be8eafc46760eeafdde79f8708cd8519b79b9161c7fff1d22780:922c64590222798bb761d5b6d8e72950 |