admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-09 04:03:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
ba03e54063a94de8155adf476dc07e5b39bca341
nuclei-templates/file/malware/hash/godzilla-webshell-hash.yaml
Prince Chaddha ea7a5969c8 Revert "chore: update TemplateMan 🤖" 
This reverts commit c31d574176.
2025-05-27 10:39:47 +08:00

20 lines
835 B
YAML
Raw Blame History

id: godzilla-webshell-hash
info:
name: Godzilla Webshell Hash - Detect
author: pussycat0x
severity: info
description: Detects the JSP implementation of the Godzilla Webshell.
reference:
- https://github.com/volexity/threat-intel/blob/main/2022/2022-08-10%20Mass%20exploitation%20of%20(Un)authenticated%20Zimbra%20RCE%20CVE-2022-27925/yara.yar
- https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/
tags: malware,webshells
file:
- extensions:
- all
matchers:
- type: dsl
dsl:
- "sha256(raw) == '2786d2dc738529a34ecde10ffeda69b7f40762bf13e7771451f13a24ab7fc5fe'"
# digest: 4a0a00473045022076837eec80a696dd94820f09606d9c0b898df167062019438d6a524deae170e7022100e04494a4faf434420541568819f6c974b92716787d9a86c27c660eee5bf1ca7e:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink