search

0x727 / FingerprintHub

侦查守卫(ObserverWard)的指纹库
https://0x727.github.io/FingerprintHub/
MIT License
1.01k stars 188 forks source link

提交指纹-[nexpose] #60

Closed j4vaovo closed 1 year ago

j4vaovo commented 1 year ago

测试目标

https://20.185.37.184/

指纹的Yaml规则

name: nexpose
priority: 3
nuclei_tags:
  - - []
fingerprint:
  - path: /
    request_method: get
    request_headers: {}
    request_data: ''
    status_code: 0
    headers: {}
    keyword:
      - '<label for="nexposeccusername">Username</label>'
    favicon_hash: ["f64ce96bbacc76d6db4d4eb0e78881da"]
github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: https://20.185.37.184/ HEADERS: x-frame-options: SAMEORIGIN x-ua-compatible: IE=edge,chrome=1 x-content-type-options: nosniff x-xss-protection: 1; mode=block location: https://20.185.37.184/login.jsp content-length: 0 date: Thu, 13 Apr 2023 08:42:22 GMT server: Security Console STATUS_CODE: 302 TEXT: NEXT_URL: https://20.185.37.184/login.jsp URL: https://20.185.37.184/login.jsp HEADERS: x-frame-options: SAMEORIGIN x-ua-compatible: IE=edge,chrome=1 x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-store, must-revalidate set-cookie: nexposeCCSessionID=29FBC7B7DDAB8914FF18BAFEEA33D296901EC02C; Path=/; Secure; HttpOnly content-type: text/html;charset=UTF-8 content-language: en-US transfer-encoding: chunked server: Security Console vary: Accept-Encoding date: Thu, 13 Apr 2023 08:42:22 GMT STATUS_CODE: 200 TEXT:

insightvm security console :: login FAVICON: { "https://20.185.37.184/style/image/favicon.ico": "f64ce96bbacc76d6db4d4eb0e78881da", } Matching fingerprintV3WebFingerPrint { name: "nexpose", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "f64ce96bbacc76d6db4d4eb0e78881da", ], headers: {}, keyword: [ "", ], }, } ```

验证结果:

github-actions[bot] commented 1 year ago

审核通过: