search

0x727 / FingerprintHub

侦查守卫(ObserverWard)的指纹库
https://0x727.github.io/FingerprintHub/
MIT License
1.01k stars 187 forks source link

修改指纹-[apache-tomcat] #126

Closed j4vaovo closed 1 year ago

j4vaovo commented 1 year ago

测试目标

http://aipromoter.com:8080/

指纹的Yaml规则

name: apache-tomcat
priority: 3
nuclei_tags:
  - - tomcat
fingerprint:
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 404
    headers: {}
    keyword:
      - <h3>Apache Tomcat/
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 200
    headers: {}
    keyword:
      - <title>Apache Tomcat/
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - /manager/html
      - /manager/status
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - href="tomcat.css
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - this is the default tomcat home page
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - <h3>apache tomcat
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers:
      x-powered-by: Tomcat
    keyword: []
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers:
      Server: Apache-Coyote/
    keyword: []
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword: []
    favicon_hash:
      - 4644f2d45601037b8423d45e13194c93
github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: http://aipromoter.com:8080/ HEADERS: server: Apache-Coyote/1.1 set-cookie: JSESSIONID=645A75B4E85972C192F4D59AF36399C3; Path=/; HttpOnly location: http://aipromoter.com:8080/login/auth content-length: 0 date: Sun, 04 Jun 2023 13:02:45 GMT STATUS_CODE: 302 TEXT: NEXT_URL: http://aipromoter.com:8080/login/auth Matching fingerprintV3WebFingerPrint { name: "apache-tomcat", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: { "Server": "Apache-Coyote", }, keyword: [], }, } URL: http://aipromoter.com:8080/login/auth HEADERS: server: Apache-Coyote/1.1 x-application-context: application:production content-type: text/html;charset=utf-8 content-language: en-US transfer-encoding: chunked date: Sun, 04 Jun 2023 13:02:45 GMT STATUS_CODE: 200 TEXT: tekosotv

{{'login.title' | translate}}
FAVICON: { "http://aipromoter.com:8080/assets/favicon-e92fe58a70d80b658df93fd58b855c97.ico": "e92fe58a70d80b658df93fd58b855c97", } Matching fingerprintV3WebFingerPrint { name: "apache-tomcat", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: { "Server": "Apache-Coyote", }, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: http://aipromoter.com:8080/ HEADERS: server: Apache-Coyote/1.1 set-cookie: JSESSIONID=795194FD5EE269EAB8FDE34759B9F1F0; Path=/; HttpOnly location: http://aipromoter.com:8080/login/auth content-length: 0 date: Sun, 04 Jun 2023 13:03:43 GMT STATUS_CODE: 302 TEXT: NEXT_URL: http://aipromoter.com:8080/login/auth Matching fingerprintV3WebFingerPrint { name: "apache-tomcat", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: { "Server": "Apache-Coyote/", }, keyword: [], }, } URL: http://aipromoter.com:8080/login/auth HEADERS: server: Apache-Coyote/1.1 x-application-context: application:production content-type: text/html;charset=utf-8 content-language: en-US transfer-encoding: chunked date: Sun, 04 Jun 2023 13:03:43 GMT STATUS_CODE: 200 TEXT: tekosotv

{{'login.title' | translate}}
FAVICON: { "http://aipromoter.com:8080/assets/favicon-e92fe58a70d80b658df93fd58b855c97.ico": "e92fe58a70d80b658df93fd58b855c97", } Matching fingerprintV3WebFingerPrint { name: "apache-tomcat", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: { "Server": "Apache-Coyote/", }, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 1 year ago

审核通过: