-
Notifications
You must be signed in to change notification settings - Fork 0
/
bitrix-panel.yaml
40 lines (35 loc) · 1.38 KB
/
bitrix-panel.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
id: bitrix-admin-panel
info:
name: Bitrix Admin Panel
author: abletsoff
severity: info
description: There are plenty of other routes to access admin panel. Static filtering is not a solution.
tags: panel,bitrix,login
http:
- method: GET
path:
- "{{BaseURL}}/bitrix/admin/"
- "{{BaseURL}}/pewpew/?SEF_APPLICATION_CUR_PAGE_URL=/bitrix/admin/"
- "{{BaseURL}}/pewpew/?SEF%20APPLICATION%20CUR%20PAGE_URL=/bitrix/admin/"
- "{{BaseURL}}/pewpew/?SEF+APPLICATION%20CUR[PAGE[URL=/bitrix/admin/"
- "{{BaseURL}}/bitrix/components/bitrix/desktop/admin_settings.php"
- "{{BaseURL}}/bitrix/components/bitrix/map.yandex.search/settings/settings.php"
- "{{BaseURL}}/bitrix/components/bitrix/player/player_playlist_edit.php"
- "{{BaseURL}}/bitrix/tools/autosave.php"
- "{{BaseURL}}/bitrix/tools/get_catalog_menu.php"
- "{{BaseURL}}/bitrix/tools/upload.php"
- "{{BaseURL}}/bitrix/./%61%64%6d%69%6e/sale_business_value_ptypes.php"
- "{{BaseURL}}/bitrix/./%61%64%6d%69%6e/highloadblock_entity_edit.php"
- "{{BaseURL}}/bitrix/./%61%64%6d%69%6e/fileman_load_comp2_params.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
words:
- "USER_LOGIN"
- "/bitrix/js/main/"
part: body
condition: and
- type: status
status:
- 200