search

0x727 / FingerprintHub

侦查守卫(ObserverWard)的指纹库
https://0x727.github.io/FingerprintHub/
MIT License
1.01k stars 187 forks source link

提交指纹-[jumpserver] #27

Closed xz-zone closed 2 years ago

xz-zone commented 2 years ago

测试目标

http://jump.chuangcache.com/core/auth/login/

指纹的Yaml规则

name: jumpserver
priority: 3
nuclei_tags:
  - []
fingerprint:
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - jumpserver
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword: []
    favicon_hash:
      - 20334371817c7368907b5ea52aab2d9e
github-actions[bot] commented 2 years ago

验证过程:

点击展开查看

```bash Url: http://jump.chuangcache.com/core/auth/login/ Headers: server: nginx date: Mon, 26 Sep 2022 00:30:51 GMT content-type: text/html; charset=utf-8 transfer-encoding: chunked connection: close expires: Mon, 26 Sep 2022 00:30:51 GMT cache-control: max-age=0, no-cache, no-store, must-revalidate, private vary: Cookie, Accept-Language x-frame-options: DENY content-language: zh-hans x-content-type-options: nosniff referrer-policy: same-origin set-cookie: csrftoken=llYu6FIjrDImeoUB4Ivq726obheANp333o9MZp5fGDcQUTdBYxWfN8thMk9JMM4i; expires=Mon, 25 Sep 2023 00:30:51 GMT; Max-Age=31449600; Path=/; SameSite=Lax sessionid=sc0mf8w7p2mtovhi0muqfchyo84lj38a; HttpOnly; Path=/; SameSite=Lax strict-transport-security: max-age=31536000 StatusCode: 200 Text: jumpserver 开源堡垒机

Favicon: { "http://jump.chuangcache.com/static/img/facio.ico": "20334371817c7368907b5ea52aab2d9e", "http://jump.chuangcache.com/favicon.ico": "20334371817c7368907b5ea52aab2d9e", } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/favicon.ico", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "20334371817c7368907b5ea52aab2d9e", ], headers: {}, keyword: [], }, } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: {}, keyword: [ "jumpserver", ], }, } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/favicon.ico", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "20334371817c7368907b5ea52aab2d9e", ], headers: {}, keyword: [], }, } Url: http://jump.chuangcache.com/favicon.ico Headers: server: nginx date: Mon, 26 Sep 2022 00:30:53 GMT content-type: image/x-icon content-length: 3283 connection: close last-modified: Wed, 24 Mar 2021 02:39:56 GMT etag: "605aa67c-cd3" accept-ranges: bytes strict-transport-security: max-age=31536000 StatusCode: 200 Text: 响应内容为图片 Favicon: { "http://jump.chuangcache.com/favicon.ico": "20334371817c7368907b5ea52aab2d9e", } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/favicon.ico", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "20334371817c7368907b5ea52aab2d9e", ], headers: {}, keyword: [], }, } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/favicon.ico", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "20334371817c7368907b5ea52aab2d9e", ], headers: {}, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 2 years ago

验证过程:

点击展开查看

```bash Url: http://jump.chuangcache.com/core/auth/login/ Headers: server: nginx date: Mon, 26 Sep 2022 01:58:53 GMT content-type: text/html; charset=utf-8 transfer-encoding: chunked connection: close expires: Mon, 26 Sep 2022 01:58:53 GMT cache-control: max-age=0, no-cache, no-store, must-revalidate, private vary: Cookie, Accept-Language x-frame-options: DENY content-language: zh-hans x-content-type-options: nosniff referrer-policy: same-origin set-cookie: csrftoken=IqVSXRdYwkOLJnc7JGIm0jawB49oPRy3KB2woMexfilFo0xQwMUwYhaGUUBR3n6i; expires=Mon, 25 Sep 2023 01:58:53 GMT; Max-Age=31449600; Path=/; SameSite=Lax sessionid=6cqx60q0a5g1q2878yqlt92wnonzfswu; HttpOnly; Path=/; SameSite=Lax strict-transport-security: max-age=31536000 StatusCode: 200 Text: jumpserver 开源堡垒机

Favicon: { "http://jump.chuangcache.com/favicon.ico": "20334371817c7368907b5ea52aab2d9e", "http://jump.chuangcache.com/static/img/facio.ico": "20334371817c7368907b5ea52aab2d9e", } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: {}, keyword: [ "jumpserver", ], }, } Matching fingerprintV3WebFingerPrint { name: "jumpserver", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "20334371817c7368907b5ea52aab2d9e", ], headers: {}, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 2 years ago

审核通过: