提交指纹-[metabase]

j4vaovo commented 1 year ago

测试目标

指纹的Yaml规则

name: metabase
priority: 3
nuclei_tags:
  - - metabase
fingerprint:
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - _metabaseBootstrap
      - _metabaseLocalization
    favicon_hash: []

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: [38;5;10mhttp://loveat.la:3000/[39m HEADERS: date: Thu, 27 Jul 2023 16:17:07 GMT x-frame-options: DENY x-xss-protection: 1; mode=block last-modified: Thu, 27 Jul 2023 16:17:07 GMT strict-transport-security: max-age=31536000 set-cookie: metabase.DEVICE=97067d24-f880-4cb2-a82b-5f6f74df5627;HttpOnly;Path=/;SameSite=Lax;Expires=Fri, 5 Jun 2043 20:15:34 GMT x-permitted-cross-domain-policies: none cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate x-content-type-options: nosniff content-security-policy: default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; content-type: text/html;charset=utf-8 server: Jetty(9.4.43.v20210629) expires: Tue, 03 Jul 2001 06:00:00 GMT transfer-encoding: chunked COOKIES: metabase.DEVICE=97067d24-f880-4cb2-a82b-5f6f74df5627;HttpOnly;Path=/;SameSite=Lax;Expires=Fri, 5 Jun 2043 20:15:34 GMT STATUS_CODE: 200 TEXT: metabase

[38;5;9mFAVICON: { "http://loveat.la:3000/app/assets/img/favicon.ico": "82ad0c6484395907b1de07f095d63b87", }[39m Matching fingerprintV3WebFingerPrint { name: "metabase", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: {}, keyword: [ "_metabaseBootstrap", "_metabaseLocalization", ], }, } ```

验证结果：

是否识别成功： true

github-actions[bot] commented 1 year ago

审核通过:

指纹规则已经合并，感谢提交。

0x727 / FingerprintHub