search

0x727 / FingerprintHub

侦查守卫(ObserverWard)的指纹库
https://0x727.github.io/FingerprintHub/
MIT License
1.02k stars 189 forks source link

提交指纹-[jupyter-notebook] #51

Closed j4vaovo closed 1 year ago

j4vaovo commented 1 year ago

测试目标

http://jupyter.94life.press/

指纹的Yaml规则

name: jupyter-notebook
priority: 3
nuclei_tags:
  - [jupyter]
fingerprint:
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - <div id="ipython-main-app" class="container">
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - <div id="ipython_notebook" class="nav navbar-brand">
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - <title>Jupyter Notebook</title>
    favicon_hash: []
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword: []
    favicon_hash: ["97c6417ed01bdc0ae3ef32ae4894fd03"]
github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: http://jupyter.94life.press/ HEADERS: server: nginx/1.23.2 date: Fri, 31 Mar 2023 23:10:27 GMT content-type: text/html; charset=UTF-8 content-length: 0 connection: keep-alive location: /lab? STATUS_CODE: 302 TEXT: FAVICON: { "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", } NEXT_URL: http://jupyter.94life.press/lab? Matching fingerprintV3WebFingerPrint { name: "jupyter-lab", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } URL: http://jupyter.94life.press/lab HEADERS: server: nginx/1.23.2 date: Fri, 31 Mar 2023 23:10:28 GMT content-type: text/html; charset=UTF-8 content-length: 0 connection: keep-alive x-content-type-options: nosniff content-security-policy: frame-ancestors 'self'; report-uri /api/security/csp-report location: /login?next=%2Flab%3F STATUS_CODE: 302 TEXT: FAVICON: { "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", } NEXT_URL: http://jupyter.94life.press/login?next=%2Flab%3F Matching fingerprintV3WebFingerPrint { name: "jupyter-lab", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } URL: http://jupyter.94life.press/login HEADERS: server: nginx/1.23.2 date: Fri, 31 Mar 2023 23:10:29 GMT content-type: text/html; charset=UTF-8 content-length: 3688 connection: keep-alive x-content-type-options: nosniff content-security-policy: frame-ancestors 'self'; report-uri /api/security/csp-report etag: "b5e284b7f2069d65a879a9fbef5bb35f6aa32770" set-cookie: _xsrf=2|7a428c0f|8c1d85d26c1abc4ff96ac2ffef9ffdb1|1680304229; Path=/ STATUS_CODE: 200 TEXT: jupyter server

jupyter server requires javascript.
please enable it to proceed.
FAVICON: { "http://jupyter.94life.press/static/favicon.ico?v=50afa725b5de8b00030139d09b38620224d4e7dba47c07ef0e86d4643f30c9bfe6bb7e1a4a1c561aa32834480909a4b6fe7cd1e17f7159330b6b5914bf45a880": "97c6417ed01bdc0ae3ef32ae4894fd03", "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", } Matching fingerprintV3WebFingerPrint { name: "jupyter-lab", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: http://jupyter.94life.press/ HEADERS: server: nginx/1.23.2 date: Sat, 01 Apr 2023 01:21:04 GMT content-type: text/html; charset=UTF-8 content-length: 0 connection: keep-alive location: /lab? STATUS_CODE: 302 TEXT: FAVICON: { "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", } NEXT_URL: http://jupyter.94life.press/lab? Matching fingerprintV3WebFingerPrint { name: "jupyter-notebook", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } URL: http://jupyter.94life.press/lab HEADERS: server: nginx/1.23.2 date: Sat, 01 Apr 2023 01:21:06 GMT content-type: text/html; charset=UTF-8 content-length: 0 connection: keep-alive x-content-type-options: nosniff content-security-policy: frame-ancestors 'self'; report-uri /api/security/csp-report location: /login?next=%2Flab%3F STATUS_CODE: 302 TEXT: FAVICON: { "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", } NEXT_URL: http://jupyter.94life.press/login?next=%2Flab%3F Matching fingerprintV3WebFingerPrint { name: "jupyter-notebook", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } URL: http://jupyter.94life.press/login HEADERS: server: nginx/1.23.2 date: Sat, 01 Apr 2023 01:21:07 GMT content-type: text/html; charset=UTF-8 content-length: 3688 connection: keep-alive x-content-type-options: nosniff content-security-policy: frame-ancestors 'self'; report-uri /api/security/csp-report etag: "e892599cae29c85be9ee69c057698ca5b2085f72" set-cookie: _xsrf=2|a6e50579|45be64019ace17107e2c39024a409f53|1680312067; Path=/ STATUS_CODE: 200 TEXT: jupyter server

jupyter server requires javascript.
please enable it to proceed.
FAVICON: { "http://jupyter.94life.press/favicon.ico": "97c6417ed01bdc0ae3ef32ae4894fd03", "http://jupyter.94life.press/static/favicon.ico?v=50afa725b5de8b00030139d09b38620224d4e7dba47c07ef0e86d4643f30c9bfe6bb7e1a4a1c561aa32834480909a4b6fe7cd1e17f7159330b6b5914bf45a880": "97c6417ed01bdc0ae3ef32ae4894fd03", } Matching fingerprintV3WebFingerPrint { name: "jupyter-notebook", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "97c6417ed01bdc0ae3ef32ae4894fd03", ], headers: {}, keyword: [], }, } ```

验证结果:

github-actions[bot] commented 1 year ago

审核通过: