Bitrix admin panel (#10338)

* Updated bitrix-panel template * Change comparison * removed extra path and extra (weak) matchers --------- Co-authored-by: Yury Sidarenka <yury.sidorenko@solidlab.ru> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
projectdiscovery · Dec 30, 2024 · 33ee775 · 33ee775
1 parent 6cd2fa5
commit 33ee775
Showing 1 changed file with 6 additions and 10 deletions.
diff --git a/http/exposed-panels/bitrix-panel.yaml b/http/exposed-panels/bitrix-panel.yaml
@@ -2,14 +2,16 @@ id: bitrix-login
 
 info:
   name: Bitrix Login Panel
-  author: juicypotato1
+  author: juicypotato1,malwarework
   severity: info
-  description: Bitrix24 is a unified work space that places a complete set of business tools into a single, intuitive interface.
+  description: |
+    Bitrix24 is a unified work space that places a complete set of business tools into a single, intuitive interface.
   classification:
     cwe-id: CWE-200
     cpe: cpe:2.3:a:bitrix:bitrix24:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
+    verified: true
     vendor: bitrix
     product: bitrix24
     shodan-query: http.html:"/bitrix/"
@@ -20,20 +22,14 @@ http:
   - method: GET
     path:
       - "{{BaseURL}}/bitrix/admin/"
+      - "{{BaseURL}}/bitrix/components/bitrix/map.yandex.view/settings/settings.php"
 
     host-redirects: true
     max-redirects: 2
-
-    matchers-condition: and
+    stop-at-first-match: true
     matchers:
       - type: word
         words:
           - "USER_LOGIN"
           - "/bitrix/js/main/"
-        part: body
         condition: and
-
-      - type: status
-        status:
-          - 200
-# digest: 4b0a00483046022100c05ae94bcbbdd08bea5bc5dbf2ee28e209e17a26d61c41185ced46cb7663104f022100e9df508383c264475a642e95dac0b052586b93be1dfdfaeace0be39e7eb3ff94:922c64590222798bb761d5b6d8e72950